Chaotix Hacking (formerly Chaotix Level Editing)

Discussion in 'Engineering & Reverse Engineering' started by Andlabs, Jan 29, 2010.

Thread Status:
Not open for further replies.
  1. Andlabs

    Andlabs

    「いっきまーす」 Wiki Sysop
    2,175
    0
    0
    Writing my own MD/Genesis sound driver :D
    <a href="http://idisk.mac.com/pietro10-Public/kciiafter.bin" target="_blank">Here's an edit of the introductory level, right before and immediately after you meet Espio. This is just a random hex edit, so don't expect much =P</a>

    <img src="http://idisk.mac.com/pietro10-Public/kciiafter_000.png" border="0" class="linked-image" />

    <img src="http://idisk.mac.com/pietro10-Public/kciiafter_001.png" border="0" class="linked-image" />
    BE SURE YOU ARE AT THIS SPOT, OTHERWISE KNUCKLES AND ESPIO WILL NEVER "MEET" AND THE GAME WILL TRY FOREVER.

    <img src="http://idisk.mac.com/pietro10-Public/kciiafter_002.png" border="0" class="linked-image" />

    So yeah, I might be looking further into this later.

    (EDIT - I switched to doing asm research. Man we need a RESEARCH thread icon.)
     
  2. Thorn

    Thorn

    Tech Member
    328
    0
    16
    Home
    Sonic 2 Retro Remix
    Oh, I've certainly noticed. I've been checking Recent Changes on the Wiki every hour or so to see what you've done; I'm a bit of a <a href="http://www.soniccenter.org/rankings/knuckles_chaotix" target="_blank">Chaotix nut</a> and the prospect of level design or getting a level rip for Sonic 2 (I know that the level palette uses up more colors, though, so it'd be hard) has my attention. I spent some time yesterday trying to get the data read by SonED2 by uncompressing it and recompressing it the way used in Sonic 2, but had no luck. Anyway, please have my babies, <3, etc.

    Actually, while there's a topic on it, lemme ask a question on Chaotix that maybe somebody knows the answer to... there's a bit of a lead-in to this one, but it's been bugging me for years, so I might as well ask. I remember looking around a few years ago and noticing the code "FFADC1:05 | Enable Grow (Leader) (Only works if Always Have Shield is enabled)" (now available on the <a href="http://info.sonicretro.org/Cheat_Codes:Knuckles'_Chaotix" target="_blank">Wiki</a>). Cut to a few years later, and I gain a greater understanding of the innards of classic Sonic. I understood that there's actually a word at $FFADC0 that says how many frames are left on either a Grow or Shrink item, and that the "Always Have Shield" requirement is a lie... rather, it only triggers on specific levels like World Entrance 2 (Final Boss). I then found that the code for other levels is always on some offset of $40 away from that code, e.g. $FFAE00 is that word's location in Botanic Base 1 Morning. I spent some time compiling a list of where that code moves to for different levels and times of day -- I think I found something like six codes, all multiples of $40 apart, that worked for every level and time of day. The list has been lost to time, unfortunately, but I could always recreate it.

    I'm sure that the effects of the values in RAM after this word move around between levels too, probably as a group of $40 bytes, so that list might have detailed the movements of a large chunk of RAM. Question is, why does it move in there first place, and is there some sort of logic behind where it moves to? Is this due to the game, or is it just a quirk with 32X hardware or 32X PAR codes? $40 was also the size of an SST in Sonic 2, which also held values for power-up time left: is this related? Or is this all nothing and I'm totally overthinking it?
     
  3. Andlabs

    Andlabs

    「いっきまーす」 Wiki Sysop
    2,175
    0
    0
    Writing my own MD/Genesis sound driver :D
    Ha, thanks. And this information proves useful. I keep coming across a function that handles up to $40 blocks of data $40 bytes in side, starting at $FFAD08. However, 8 allocated zones * 7 allocated acts * 4 allocated times of day == $E0 supported blocks, so I may be wrong.

    In any case, one could assume the real offset for enable grow is $39(aN). The following code looks relevant:

    Code (Text):
    1. ROM:0088418C; ---------------------------------------------------------------------------
    2. ROM:0088418C
    3. ROM:0088418C loc_88418C:&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;; CODE XREF: sub_883B32+644j
    4. ROM:0088418C&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; tst.w&nbsp;&nbsp; $26(a6)
    5. ROM:00884190&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; bne.w&nbsp;&nbsp; loc_884074
    6. ROM:00884194&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; moveq&nbsp;&nbsp; #0,d0
    7. ROM:00884196&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; subq.b&nbsp;&nbsp;#1,$39(a6)
    8. ROM:0088419A&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; bne.s&nbsp;&nbsp; loc_8841C0
    9. ROM:0088419C&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; move.b&nbsp;&nbsp;$38(a6),d0
    10. ROM:008841A0&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; addq.b&nbsp;&nbsp;#4,d0
    11. ROM:008841A2&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; cmpi.b&nbsp;&nbsp;#$20,d0; ' '
    12. ROM:008841A6&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; bcs.s&nbsp;&nbsp; loc_8841AA
    13. ROM:008841A8&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; moveq&nbsp;&nbsp; #0,d0
    14. ROM:008841AA
    15. ROM:008841AA loc_8841AA:&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;; CODE XREF: sub_883B32+674j
    16. ROM:008841AA&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; move.b&nbsp;&nbsp;d0,$38(a6)
    17. ROM:008841AE&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; move.b&nbsp;&nbsp;#3,$39(a6)
    18. ROM:008841B4&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; move.w&nbsp;&nbsp;word_8841E6(pc,d0.w),0(a4)
    19. ROM:008841BA&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; move.w&nbsp;&nbsp;word_8841E8(pc,d0.w),$C(a4)
    20. ROM:008841C0
    21. ROM:008841C0 loc_8841C0:&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;; CODE XREF: sub_883B32+668j
    22. ROM:008841C0&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; subq.b&nbsp;&nbsp;#1,$3B(a6)
    23. ROM:008841C4&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; bne.s&nbsp;&nbsp; locret_8841E4
    24. ROM:008841C6&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; move.b&nbsp;&nbsp;$3A(a6),d0
    25. ROM:008841CA&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; addq.b&nbsp;&nbsp;#1,d0
    26. ROM:008841CC&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; cmpi.b&nbsp;&nbsp;#4,d0
    27. ROM:008841D0&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; bcs.s&nbsp;&nbsp; loc_8841D4
    28. ROM:008841D2&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; moveq&nbsp;&nbsp; #0,d0
    29. ROM:008841D4
    30. ROM:008841D4 loc_8841D4:&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;; CODE XREF: sub_883B32+69Ej
    31. ROM:008841D4&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; move.b&nbsp;&nbsp;d0,$3A(a6)
    32. ROM:008841D8&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; move.b&nbsp;&nbsp;#8,$3B(a6)
    33. ROM:008841DE&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; move.b&nbsp;&nbsp;byte_884206(pc,d0.w),4(a4)
    34. ROM:008841E4
    35. ROM:008841E4 locret_8841E4:&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;; CODE XREF: sub_883B32+692j
    36. ROM:008841E4&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; rts
    37. ROM:008841E4; END OF FUNCTION CHUNK FOR sub_883B32
    In this case, a6 is the value of $FFFFE028, which is set to the value of the first entry in the above array. When a level is loaded, the entires are cycled away:

    Code (Text):
    1. ROM:00880D64; =============== S U B R O U T I N E =======================================
    2. ROM:00880D64
    3. ROM:00880D64
    4. ROM:00880D64 sub_880D64:&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;; CODE XREF: DoGameMode+56Ep
    5. ROM:00880D64&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;; DoGameMode+1A28p ...
    6. ROM:00880D64&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; moveq&nbsp;&nbsp; #0,d0
    7. ROM:00880D66&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; lea&nbsp;&nbsp;&nbsp;&nbsp; ($FFFFE026).w,a0
    8. ROM:00880D6A&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; move.w&nbsp;&nbsp;d0,(a0)+
    9. ROM:00880D6C&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; move.w&nbsp;&nbsp;d0,(a0)+
    10. ROM:00880D6E&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; move.w&nbsp;&nbsp;d0,(a0)+
    11. ROM:00880D70&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; move.w&nbsp;&nbsp;d0,(a0)+
    12. ROM:00880D72&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; move.w&nbsp;&nbsp;d0,(a0)+
    13. ROM:00880D74&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; move.w&nbsp;&nbsp;#$7FFF,(a0)+
    14. ROM:00880D78&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; lea&nbsp;&nbsp;&nbsp;&nbsp; ($FFAD08).l,a0
    15. ROM:00880D7E&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; moveq&nbsp;&nbsp; #$3F,d7; '?'
    16. ROM:00880D80&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; move.w&nbsp;&nbsp;a0,($FFFFE026).w
    17. ROM:00880D84
    18. ROM:00880D84 loc_880D84:&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;; CODE XREF: sub_880D64+28j
    19. ROM:00880D84&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; lea&nbsp;&nbsp;&nbsp;&nbsp; $40(a0),a1
    20. ROM:00880D88&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; move.w&nbsp;&nbsp;a1,(a0)
    21. ROM:00880D8A&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; movea.w a1,a0
    22. ROM:00880D8C&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; dbf&nbsp;&nbsp;&nbsp;&nbsp; d7,loc_880D84
    23. ROM:00880D90&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; move.w&nbsp;&nbsp;d0,-$40(a0)
    24. ROM:00880D94&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; move.l&nbsp;&nbsp;d0,($FFFFCA9E).w
    25. ROM:00880D98&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; move.l&nbsp;&nbsp;d0,($FFFFCAA2).w
    26. ROM:00880D9C&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; move.w&nbsp;&nbsp;d0,($FFFFE1A2).w
    27. ROM:00880DA0&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; move.w&nbsp;&nbsp;#$D45E,($FFFFD01E).w
    28. ROM:00880DA6&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; move.w&nbsp;&nbsp;#5,($FFFFE01E).w
    29. ROM:00880DAC&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; move.w&nbsp;&nbsp;#$F,($FFFFE020).w
    30. ROM:00880DB2&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; move.w&nbsp;&nbsp;#$3F,($FFFFE022).w; '?'
    31. ROM:00880DB8&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; move.w&nbsp;&nbsp;#$3F,($FFFFE024).w; '?'
    32. ROM:00880DBE&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; rts
    33. ROM:00880DBE; End of function sub_880D64
    This is called by more than just the level loader, so at this point I'm not entirely sure. And then there's this... thing:

    Code (Text):
    1. ROM:00880DC0; =============== S U B R O U T I N E =======================================
    2. ROM:00880DC0
    3. ROM:00880DC0
    4. ROM:00880DC0 sub_880DC0:&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;; CODE XREF: sub_8AAB9C+2AEp
    5. ROM:00880DC0&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; move.l&nbsp;&nbsp;#$FF0000,d0
    6. ROM:00880DC6&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; move.w&nbsp;&nbsp;($FFFFE032).w,d0
    7. ROM:00880DCA&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; bmi.s&nbsp;&nbsp; loc_880DE2
    8. ROM:00880DCC&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; cmpi.l&nbsp;&nbsp;#$FF0D08,d0
    9. ROM:00880DD2&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; bcc.s&nbsp;&nbsp; loc_880DDC
    10. ROM:00880DD4&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; move.l&nbsp;&nbsp;#$FFAD08,d0
    11. ROM:00880DDA&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; bra.s&nbsp;&nbsp; loc_880DE2
    12. ROM:00880DDC; ---------------------------------------------------------------------------
    13. ROM:00880DDC
    14. ROM:00880DDC loc_880DDC:&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;; CODE XREF: sub_880DC0+12j
    15. ROM:00880DDC&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; move.l&nbsp;&nbsp;#$FF8000,d0
    16. ROM:00880DE2
    17. ROM:00880DE2 loc_880DE2:&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;; CODE XREF: sub_880DC0+Aj
    18. ROM:00880DE2&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;; sub_880DC0+1Aj
    19. ROM:00880DE2&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; movea.w d0,a0
    20. ROM:00880DE4&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; subi.l&nbsp;&nbsp;#$FFAD08,d0
    21. ROM:00880DEA&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; neg.w&nbsp;&nbsp; d0
    22. ROM:00880DEC&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; andi.w&nbsp;&nbsp;#$7FC0,d0
    23. ROM:00880DF0&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; beq.s&nbsp;&nbsp; loc_880E12
    24. ROM:00880DF2&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; lsr.w&nbsp;&nbsp; #6,d0
    25. ROM:00880DF4&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; add.w&nbsp;&nbsp; d0,($FFFFE024).w
    26. ROM:00880DF8&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; move.w&nbsp;&nbsp;($FFFFE026).w,d1
    27. ROM:00880DFC&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; move.w&nbsp;&nbsp;a0,($FFFFE026).w
    28. ROM:00880E00&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; subq.w&nbsp;&nbsp;#1,d0
    29. ROM:00880E02
    30. ROM:00880E02 loc_880E02:&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;; CODE XREF: sub_880DC0+4Aj
    31. ROM:00880E02&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; lea&nbsp;&nbsp;&nbsp;&nbsp; $40(a0),a1
    32. ROM:00880E06&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; move.w&nbsp;&nbsp;a1,(a0)
    33. ROM:00880E08&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; movea.w a1,a0
    34. ROM:00880E0A&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; dbf&nbsp;&nbsp;&nbsp;&nbsp; d0,loc_880E02
    35. ROM:00880E0E&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; move.w&nbsp;&nbsp;d1,-$40(a0)
    36. ROM:00880E12
    37. ROM:00880E12 loc_880E12:&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;; CODE XREF: sub_880DC0+30j
    38. ROM:00880E12&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; clr.w&nbsp;&nbsp; ($FFFFE032).w
    39. ROM:00880E16&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; rts
    40. ROM:00880E16; End of function sub_880DC0
    But in any case there is just no single code to enable grow and shrink, nor a proper series, but rather a code based on the value of another memory address at any given point in time.

    ..................

    EDIT
    Apparently the value of $FFFFE028 depends on... the last address that level mappings are loaded to. Stay tuned.
     
  4. Thorn

    Thorn

    Tech Member
    328
    0
    16
    Home
    Sonic 2 Retro Remix
    Hm, cool that my crazy anecdote actually ties into something. Regarding the 8 *7 * 4 you're pointing out, I know that when I compiled that chart, I found the word that handles frames left on grow or shrink (and again, likely other data in a set of $40 bytes, but I didn't know that before I started Sonic hacking) was always in one of six different locations. While there's other RAM that "moves" too based on the level from some experimenting I did, I don't think you're looking at nearly 8 * 7 * 4 different possibilities, even if that many are plausible.

    Again, that word also seems to be dependent on another flag somewhere... if you activate a PAR code over it after hitting a shrink, even after the original item wears off, it'll stay tied to that item until another Grow box is hit. I never did find the flag. Of course, this isn't just about those two items, but those were the easiest to observe the "moving RAM" phenomenon if only because they were some of the only ones the GSHI had incorrectly listed as a code.

    Here's a bit from a text file I found on my computer, but the chart saying which level everything was tied to is long gone, and you probably have that info available right there in the disassembly. Some of what I found was useless, but I'll put it all in anyway.

    <!--fonto:Courier New--><span style="font-family:Courier New"><!--/fonto-->Beginning of game (Introduction 0): $FFAE00 plus...
    $00: Byte? - horizontal compress - unknown scale
    $01: Byte - horizontal scale (doesn't work properly via PAR code in Kega Fusion)
    * $80 - 2x horizontal
    * $40 - 4x hor
    * $20 - 8x hor
    * etc.
    $02: Byte? - vertical compress
    $03: Byte - vertical scale - see horizontal scale above
    These values remain consecutive in other levels, but are located elsewhere in RAM.

    Introduction - Evening Portion (3): $FFAE00 plus...
    $00: Word - remaining frames of a Grow/Shrink item. Grow item triggers by default if this is set before a Grow/Shrink item is opened, and if either item is opened over the course of the level, the last item used dictates the effects. There must be a flag elsewhere.
    $02: Word? - Unknown; defaults to 0500
    $04: Word? - Unknown; defaults to 0100
    $06: Word? - Unknown; defaults to 0100
    $08: Word - Defaults to AE48. At 0000, partner Espio is gold, and arm disappears, and body disappears in waiting animation. Further experimentation needed.
    These values remain consecutive in other levels, but are located elsewhere in RAM.<!--fontc--></span><!--/fontc-->

    Best of luck from here on out, because that's the end of the little experiments I did way back when and I don't even know what's useful and what's not. If there's any busy work I can help with, like re-charting how some of these values move around, let me know.~
     
  5. DigitalDuck

    DigitalDuck

    Arriving four years late. Member
    4,812
    23
    18
    Lincs, UK
    TurBoa, S1RL
    <!--quoteo(post=402486:date=Jan 29 2010, 06:58 PM:name=Thorn)--><div class='quotetop'>QUOTE (Thorn @ Jan 29 2010, 06:58 PM) <a href="index.php?act=findpost&pid=402486"><img src="public/style_images/retro/snapback.png"></a></div><div class='quotemain'><!--quotec--><!--fonto:Courier New--><span style="font-family:Courier New"><!--/fonto-->Beginning of game (Introduction 0): $FFAE00 plus...
    $00: Byte? - horizontal compress - unknown scale
    $01: Byte - horizontal scale (doesn't work properly via PAR code in Kega Fusion)
    * $80 - 2x horizontal
    * $40 - 4x hor
    * $20 - 8x hor
    * etc.
    <!--fontc--></span><!--/fontc--><!--QuoteEnd--></div><!--QuoteEEnd-->

    It does work properly (sort of). When you input a PAR code into KEGA Fusion in the format "xxxxxx:00yy", it automatically assumes that you only want to change byte xxxxxx to yy, rather than the expected xxxxxx to 00 and xxxxxx+1 to yy. Hope that makes sense.
     
  6. Andlabs

    Andlabs

    「いっきまーす」 Wiki Sysop
    2,175
    0
    0
    Writing my own MD/Genesis sound driver :D
    <!--quoteo(post=402501:date=Jan 29 2010, 02:37 PM:name=DigitalDuck)--><div class='quotetop'>QUOTE (DigitalDuck @ Jan 29 2010, 02:37 PM) <a href="index.php?act=findpost&pid=402501"><img src="public/style_images/retro/snapback.png"></a></div><div class='quotemain'><!--quotec-->It does work properly (sort of). When you input a PAR code into KEGA Fusion in the format "xxxxxx:00yy", it automatically assumes that you only want to change byte xxxxxx to yy, rather than the expected xxxxxx to 00 and xxxxxx+1 to yy. Hope that makes sense.<!--QuoteEnd--></div><!--QuoteEEnd-->
    Wow, that's just dumb. Does it use sscanf() to parse these codes?!

    Anyway I'm still going at it, stay tuned.
     
  7. DigitalDuck

    DigitalDuck

    Arriving four years late. Member
    4,812
    23
    18
    Lincs, UK
    TurBoa, S1RL
    <!--quoteo(post=402535:date=Jan 29 2010, 08:26 PM:name=Andlabs)--><div class='quotetop'>QUOTE (Andlabs @ Jan 29 2010, 08:26 PM) <a href="index.php?act=findpost&pid=402535"><img src="public/style_images/retro/snapback.png"></a></div><div class='quotemain'><!--quotec--><!--quoteo(post=402501:date=Jan 29 2010, 02:37 PM:name=DigitalDuck)--><div class='quotetop'>QUOTE (DigitalDuck @ Jan 29 2010, 02:37 PM) <a href="index.php?act=findpost&pid=402501"><img src="public/style_images/retro/snapback.png"></a></div><div class='quotemain'><!--quotec-->It does work properly (sort of). When you input a PAR code into KEGA Fusion in the format "xxxxxx:00yy", it automatically assumes that you only want to change byte xxxxxx to yy, rather than the expected xxxxxx to 00 and xxxxxx+1 to yy. Hope that makes sense.<!--QuoteEnd--></div><!--QuoteEEnd-->
    Wow, that's just dumb. Does it use sscanf() to parse these codes?!

    Anyway I'm still going at it, stay tuned.
    <!--QuoteEnd--></div><!--QuoteEEnd-->

    It's like that deliberately. It provides a useful way of changing only one byte instead of two, which (I believe) the original Pro Action Replay couldn't do. If you do need to change xxxxxx to 00 and xxxxxx+1 to yy, you can always use "xxxxxx:0000 + xxxxxx+1:00yy".
     
  8. Andlabs

    Andlabs

    「いっきまーす」 Wiki Sysop
    2,175
    0
    0
    Writing my own MD/Genesis sound driver :D
    Meh.

    Also turns out I was wrong:

    Code (Text):
    1. ROM:00883B16 sub_883B16:&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;; CODE XREF: DoGameMode+89Ap
    2. ROM:00883B16&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;; ROM:0088651Cp
    3. ROM:00883B16&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; lea&nbsp;&nbsp;&nbsp;&nbsp; ($FFFFE272).w,a5
    4. ROM:00883B1A&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; lea&nbsp;&nbsp;&nbsp;&nbsp; ($FFFFE028).w,a6
    5. ROM:00883B1E
    6. ROM:00883B1E loc_883B1E:&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;; CODE XREF: sub_883B16+18j
    7. ROM:00883B1E&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; move.w&nbsp;&nbsp;(a6),d0
    8. ROM:00883B20&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; beq.s&nbsp;&nbsp; locret_883B30
    9. ROM:00883B22&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; movea.w d0,a6
    10. ROM:00883B24&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; moveq&nbsp;&nbsp; #0,d0
    11. ROM:00883B26&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; move.b&nbsp;&nbsp;6(a6),d0
    12. ROM:00883B2A&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; jsr&nbsp;&nbsp;&nbsp;&nbsp; sub_883B32(pc,d0.w)
    13. ROM:00883B2E&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; bra.s&nbsp;&nbsp; loc_883B1E
    This looks like an event loop, though I'm not entirely sure. So $FFFFE028 must be the first in a list of pointers to handle events. The problem is that I can't find anything that writes to this address; only reads.

    I'm going to save this for later. But thanks Thorn for the information; it may prove useful soon enough.
     
  9. Andlabs

    Andlabs

    「いっきまーす」 Wiki Sysop
    2,175
    0
    0
    Writing my own MD/Genesis sound driver :D
    I just found code to handle monitors, meaning I now know where grow and shrink come into play. I'll provide details soon.
     
  10. Thorn

    Thorn

    Tech Member
    328
    0
    16
    Home
    Sonic 2 Retro Remix
    ^ Hah, I kept trying to stress that I wasn't trying to change the topic onto those items and that they just happened to show the relocated values in RAM well enough for you to see the phenomenon as a whole, but I think you've already gone into it so deeply that I'll just watch what you find. :P

    @DigitalDuck: You'd think that to just change a byte, you would simply type something like FFADC1:05 (see the PAR codes on the Wiki). The way Fusion does it is completely unintuitive, but at least now I know, thanks.
     
  11. Andlabs

    Andlabs

    「いっきまーす」 Wiki Sysop
    2,175
    0
    0
    Writing my own MD/Genesis sound driver :D
    <!--quoteo(post=402646:date=Jan 29 2010, 06:54 PM:name=Thorn)--><div class='quotetop'>QUOTE (Thorn @ Jan 29 2010, 06:54 PM) <a href="index.php?act=findpost&pid=402646"><img src="public/style_images/retro/snapback.png"></a></div><div class='quotemain'><!--quotec-->^ Hah, I kept trying to stress that I wasn't trying to change the topic onto those items and that they just happened to show the relocated values in RAM well enough for you to see the phenomenon as a whole, but I think you've already gone into it so deeply that I'll just watch what you find. :P<!--QuoteEnd--></div><!--QuoteEEnd-->
    Not really, no, this just happened to have happened. My real focus is the object status table format, which the grow and shrink monitors involve. If I can find where they're stored, I can finally interpret the bulk of this code.

    I can also provide this little tidbit: offset $30 is the flags for the player; bit 0 on indicates the player has a shield.
     
  12. DigitalDuck

    DigitalDuck

    Arriving four years late. Member
    4,812
    23
    18
    Lincs, UK
    TurBoa, S1RL
    <!--quoteo(post=402646:date=Jan 29 2010, 11:54 PM:name=Thorn)--><div class='quotetop'>QUOTE (Thorn @ Jan 29 2010, 11:54 PM) <a href="index.php?act=findpost&pid=402646"><img src="public/style_images/retro/snapback.png"></a></div><div class='quotemain'><!--quotec-->@DigitalDuck: You'd think that to just change a byte, you would simply type something like FFADC1:05 (see the PAR codes on the Wiki). The way Fusion does it is completely unintuitive, but at least now I know, thanks.<!--QuoteEnd--></div><!--QuoteEEnd-->

    You can; Fusion will automatically change FFADC1:05 to FFADC1:0005.
     
  13. Andlabs

    Andlabs

    「いっきまーす」 Wiki Sysop
    2,175
    0
    0
    Writing my own MD/Genesis sound driver :D
    Okay, I think I figured it out. There's a set of object status blocks that the game allocates to a series of slots. You have six slots to work with; to access them you multiply the slot # by 2 and call a function, which places the OST into that slot and returns the pointer to the OST. The slots are words starting at $FFFFE026. So for $FFFFE028, you would pass the number 2.

    I'm still slowly figuring this out, so don't worry :D
     
  14. Mercury

    Mercury

    His Name Is Sonic Tech Member
    Ironically, I was screwing around in gens Kmod the other day, looking at Chaotix's OST. I didn't get very far before life intervened, so I haven't gone back.

    I'm no brilliant hacker or anything, and this is <I>very</I> crude, but it's what I learned, if you can make any sense of it.

    <!--quoteo--><div class='quotetop'>QUOTE </div><div class='quotemain'><!--quotec-->//not the same values when in introduction level. why ram diff when not in normal zones?

    AD50: XX XX XS XS YY YY YS YS //XX,Y: P1.x,y; XS,YS: frac(P1.x,y);YS: frac(P1.y);
    AD58: ?? ?? ?? ?? XO XO YO YO //XO,YO: P1.x,y-cam.x,y;
    AD60:
    AD68: ?? XF WW HH ?? ?? ?? ?? //XF: P1.facing; WW: P1.width; HH: P1.height;
    AD70: AA BB FA ?? ?? ?? ?? ?? //AA,BB: Image & Subimg?; FA: Floor Angle;
    AD78: ?? ?? ?? ?? AA BB ?? ?? //AA, BB: see *1;
    AD80: ?? ?? ?? ?? XS XS YS YS //XS,YS: see *2;
    AD88:
    AD90: XA XA ?? ?? YA YA ?? ?? //XA,YA: P1.armx,y;
    AD98: ?? ?? ?? ?? XO XO YO YO //XO,YO: P1.armx,y-cam.x,y;
    ADA0:
    ADA8:
    ADB0:
    ADB8:
    ADC0:
    ADC8:
    ADD0:
    ADD8:
    ADE0:
    ADE8:
    ADF0:
    ADF8: ?? ?? II II ?? ?? ?? ?? //II: Muteki timer for P1: starts at $04B0, decreases by $0001.
    AE00:
    AE08:

    AE10~AECF: P2's RAM

    ~

    DFE8: CX CX CY CY UX UX UY UY //CX,Y: cam.x,y; UX,Y: unlimited cam.x,y; "unlimited": exceeds zone boundaries

    ~

    FDE0: ?? ?? ?? ?? CX CX CY CY //CX,Y: cam.x,y; why this copy?

    Footnotes:

    *1: These two bytes are used for 3 different things.
    • When holding the other character, they are set to weird values, and AA changes when you turn around.
    • BB is set to $60 when character takes damages. Counts down by $01 until touches ground.
    • After character finishes falling offscreen (see *2), AABB is set $0400. It then counts up by $0002 until it reaches $0800, at which point the character sucks back onto the screen.
    • AABB is also used for something when Calling the other character.

    *2: Scaling factor for character sprite.
    • When XS,YS is $0100, the character is drawn normally.
    • When the character is knocked off the screen, XS and YS start decreasing by $0002 until they reach $0010, at which point the character has "finished falling off the screen" (see *1). When they come back, XS and YS start increasing by $0002 until they reach $0100 again, at which point the character is "back".
    • When the character hits a Grow Monitor, XS and YS decrease by $0002 until they reach $0080, at which point the character is exactly twice their size.<!--QuoteEnd--></div><!--QuoteEEnd-->

    And yes, I'm well aware that I am total bollocks at presenting information.
     
  15. Andlabs

    Andlabs

    「いっきまーす」 Wiki Sysop
    2,175
    0
    0
    Writing my own MD/Genesis sound driver :D
    <!--quoteo(post=402860:date=Jan 30 2010, 04:43 AM:name=Mercury)--><div class='quotetop'>QUOTE (Mercury @ Jan 30 2010, 04:43 AM) <a href="index.php?act=findpost&pid=402860"><img src="public/style_images/retro/snapback.png"></a></div><div class='quotemain'><!--quotec-->:words:<!--QuoteEnd--></div><!--QuoteEEnd-->
    Thanks, this information will be very useful. But this also makes the situation even more confusing than ever. I'm going to go turn the following funtion to C; this is the one that grabs an OST and puts it in a slot, but from what I can tell it will give you a different OST each time? :S

    <!--g1--><div class='geshitop'>Syntax Highlighted Code: ASM</div><div class='geshimain'><!--eg1--><pre class="asm">ROM:<span style="color: #ff0000;">00881702</span> <span style="color: #adadad; font-style: italic;">; =============== S U B R O U T I N E =======================================</span>
    ROM:<span style="color: #ff0000;">00881702</span>
    ROM:<span style="color: #ff0000;">00881702</span>
    ROM:<span style="color: #ff0000;">00881702</span> GetOSTAtSlot: <span style="color: #adadad; font-style: italic;">; CODE XREF: DoGameMode+584p</span>
    ROM:<span style="color: #ff0000;">00881702</span> <span style="color: #adadad; font-style: italic;">; ROM:00884A98p ...</span>
    ROM:<span style="color: #ff0000;">00881702</span> <span style="color: #00bfff;">move</span>.<span style="color: #00bfff;">l</span> <span style="font-weight:bold;">d7</span>,-<span style="">(</span><span style="font-weight:bold;">sp</span><span style="">)</span>
    ROM:<span style="color: #ff0000;">00881704</span> <span style="color: #00bfff;">lea</span> <span style="">(</span><span style="color: #ff0000;">$</span><span style="color: #ff0000;">FFFFE01E</span><span style="">)</span>.<span style="color: #00bfff;">w</span>,<span style="font-weight:bold;">a0</span>
    ROM:<span style="color: #ff0000;">00881708</span> <span style="color: #00bfff;">move</span>.<span style="color: #00bfff;">w</span> <span style="color: #ff0000;">-2</span><span style="">(</span><span style="font-weight:bold;">a0</span>,<span style="font-weight:bold;">d0</span>.<span style="color: #00bfff;">w</span><span style="">)</span>,<span style="font-weight:bold;">d7</span>
    ROM:0088170C <span style="color: #00bfff;">lea</span> <span style="">(</span><span style="color: #ff0000;">$</span><span style="color: #ff0000;">FFFFE026</span><span style="">)</span>.<span style="color: #00bfff;">w</span>,<span style="font-weight:bold;">a0</span>
    ROM:<span style="color: #ff0000;">00881710</span> <span style="color: #00bfff;">adda</span>.<span style="color: #00bfff;">w</span> <span style="font-weight:bold;">d0</span>,<span style="font-weight:bold;">a0</span>
    ROM:<span style="color: #ff0000;">00881712</span> <span style="color: #00bfff;">tst</span>.<span style="color: #00bfff;">w</span> <span style="">(</span><span style="color: #ff0000;">$</span><span style="color: #ff0000;">FFFFE026</span><span style="">)</span>.<span style="color: #00bfff;">w</span>
    ROM:<span style="color: #ff0000;">00881716</span> <span style="color: #00bfff;">beq</span>.<span style="color: #00bfff;">s</span> loc_88172E
    ROM:<span style="color: #ff0000;">00881718</span> <span style="color: #00bfff;">tst</span>.<span style="color: #00bfff;">l</span> <span style="font-weight:bold;">d0</span>
    ROM:0088171A <span style="color: #00bfff;">bpl</span>.<span style="color: #00bfff;">s</span> loc_881724
    ROM:0088171C
    ROM:0088171C loc_88171C: <span style="color: #adadad; font-style: italic;">; CODE XREF: GetOSTAtSlot+20j</span>
    ROM:0088171C <span style="color: #00bfff;">move</span>.<span style="color: #00bfff;">w</span> <span style="">(</span><span style="font-weight:bold;">a0</span><span style="">)</span>,<span style="font-weight:bold;">d7</span>
    ROM:0088171E <span style="color: #00bfff;">beq</span>.<span style="color: #00bfff;">s</span> loc_881736
    ROM:<span style="color: #ff0000;">00881720</span> <span style="color: #00bfff;">movea</span>.<span style="color: #00bfff;">w</span> <span style="font-weight:bold;">d7</span>,<span style="font-weight:bold;">a0</span>
    ROM:<span style="color: #ff0000;">00881722</span> <span style="color: #00bfff;">bra</span>.<span style="color: #00bfff;">s</span> loc_88171C
    ROM:<span style="color: #ff0000;">00881724</span> <span style="color: #adadad; font-style: italic;">; ---------------------------------------------------------------------------</span>
    ROM:<span style="color: #ff0000;">00881724</span>
    ROM:<span style="color: #ff0000;">00881724</span> loc_881724: <span style="color: #adadad; font-style: italic;">; CODE XREF: GetOSTAtSlot+18j</span>
    ROM:<span style="color: #ff0000;">00881724</span> <span style="color: #adadad; font-style: italic;">; GetOSTAtSlot+28j</span>
    ROM:<span style="color: #ff0000;">00881724</span> <span style="color: #00bfff;">tst</span>.<span style="color: #00bfff;">w</span> <span style="">(</span><span style="font-weight:bold;">a0</span><span style="">)</span>
    ROM:<span style="color: #ff0000;">00881726</span> <span style="color: #00bfff;">beq</span>.<span style="color: #00bfff;">s</span> loc_881736
    ROM:<span style="color: #ff0000;">00881728</span> <span style="color: #00bfff;">movea</span>.<span style="color: #00bfff;">w</span> <span style="">(</span><span style="font-weight:bold;">a0</span><span style="">)</span>,<span style="font-weight:bold;">a0</span>
    ROM:0088172A <span style="color: #00bfff;">dbf</span> <span style="font-weight:bold;">d7</span>,loc_881724
    ROM:0088172E
    ROM:0088172E loc_88172E: <span style="color: #adadad; font-style: italic;">; CODE XREF: GetOSTAtSlot+14j</span>
    ROM:0088172E <span style="color: #00bfff;">move</span>.<span style="color: #00bfff;">l</span> <span style="">(</span><span style="font-weight:bold;">sp</span><span style="">)</span>+,<span style="font-weight:bold;">d7</span>
    ROM:<span style="color: #ff0000;">00881730</span> <span style="color: #00bfff;">ori</span> <span style="color: #ff0000;">#</span><span style="color: #ff0000;">8</span>,ccr
    ROM:<span style="color: #ff0000;">00881734</span> <span style="color: #00bfff;">rts</span>
    ROM:<span style="color: #ff0000;">00881736</span> <span style="color: #adadad; font-style: italic;">; ---------------------------------------------------------------------------</span>
    ROM:<span style="color: #ff0000;">00881736</span>
    ROM:<span style="color: #ff0000;">00881736</span> loc_881736: <span style="color: #adadad; font-style: italic;">; CODE XREF: GetOSTAtSlot+1Cj</span>
    ROM:<span style="color: #ff0000;">00881736</span> <span style="color: #adadad; font-style: italic;">; GetOSTAtSlot+24j</span>
    ROM:<span style="color: #ff0000;">00881736</span> <span style="color: #00bfff;">move</span>.<span style="color: #00bfff;">w</span> <span style="">(</span><span style="color: #ff0000;">$</span><span style="color: #ff0000;">FFFFE026</span><span style="">)</span>.<span style="color: #00bfff;">w</span>,<span style="">(</span><span style="font-weight:bold;">a0</span><span style="">)</span>
    ROM:0088173A <span style="color: #00bfff;">move</span>.<span style="color: #00bfff;">w</span> <span style="font-weight:bold;">a0</span>,<span style="font-weight:bold;">d7</span>
    ROM:0088173C <span style="color: #00bfff;">movea</span>.<span style="color: #00bfff;">w</span> <span style="">(</span><span style="font-weight:bold;">a0</span><span style="">)</span>,<span style="font-weight:bold;">a0</span>
    ROM:0088173E <span style="color: #00bfff;">move</span>.<span style="color: #00bfff;">w</span> <span style="">(</span><span style="font-weight:bold;">a0</span><span style="">)</span>,<span style="">(</span><span style="color: #ff0000;">$</span><span style="color: #ff0000;">FFFFE026</span><span style="">)</span>.<span style="color: #00bfff;">w</span>
    ROM:<span style="color: #ff0000;">00881742</span> <span style="color: #00bfff;">clr</span>.<span style="color: #00bfff;">w</span> <span style="">(</span><span style="font-weight:bold;">a0</span><span style="">)</span>
    ROM:<span style="color: #ff0000;">00881744</span> <span style="color: #00bfff;">move</span>.<span style="color: #00bfff;">w</span> <span style="font-weight:bold;">d7</span>,<span style="color: #ff0000;">2</span><span style="">(</span><span style="font-weight:bold;">a0</span><span style="">)</span>
    ROM:<span style="color: #ff0000;">00881748</span> <span style="color: #00bfff;">moveq</span> <span style="color: #ff0000;">#</span><span style="color: #ff0000;">0</span>,<span style="font-weight:bold;">d7</span>
    ROM:0088174A <span style="color: #00bfff;">move</span>.<span style="color: #00bfff;">w</span> <span style="font-weight:bold;">d7</span>,<span style="color: #ff0000;">4</span><span style="">(</span><span style="font-weight:bold;">a0</span><span style="">)</span>
    ROM:0088174E <span style="color: #00bfff;">move</span>.<span style="color: #00bfff;">l</span> <span style="color: #ff0000;">#</span>unk_881768,<span style="color: #ff0000;">$</span><span style="color: #ff0000;"><span style="color: #ff0000;">10</span></span><span style="">(</span><span style="font-weight:bold;">a0</span><span style="">)</span>
    ROM:<span style="color: #ff0000;">00881756</span> <span style="color: #00bfff;">move</span>.<span style="color: #00bfff;">l</span> <span style="font-weight:bold;">d7</span>,<span style="color: #ff0000;">$</span><span style="color: #ff0000;"><span style="color: #ff0000;">20</span></span><span style="">(</span><span style="font-weight:bold;">a0</span><span style="">)</span>
    ROM:0088175A <span style="color: #00bfff;">move</span>.<span style="color: #00bfff;">l</span> <span style="font-weight:bold;">d7</span>,<span style="color: #ff0000;">8</span><span style="">(</span><span style="font-weight:bold;">a0</span><span style="">)</span>
    ROM:0088175E <span style="color: #00bfff;">move</span>.<span style="color: #00bfff;">l</span> <span style="font-weight:bold;">d7</span>,<span style="color: #ff0000;">$</span><span style="color: #ff0000;">C</span><span style="">(</span><span style="font-weight:bold;">a0</span><span style="">)</span>
    ROM:<span style="color: #ff0000;">00881762</span> <span style="color: #00bfff;">movem</span>.<span style="color: #00bfff;">l</span> <span style="">(</span><span style="font-weight:bold;">sp</span><span style="">)</span>+,<span style="font-weight:bold;">d7</span>
    ROM:<span style="color: #ff0000;">00881766</span> <span style="color: #00bfff;">rts</span>
    ROM:<span style="color: #ff0000;">00881766</span> <span style="color: #adadad; font-style: italic;">; End of function GetOSTAtSlot</span>
    ROM:<span style="color: #ff0000;">00881766</span>
    ROM:<span style="color: #ff0000;">00881766</span> <span style="color: #adadad; font-style: italic;">; ---------------------------------------------------------------------------</span>
    ROM:<span style="color: #ff0000;">00881768</span> unk_881768: <span style="color: #00bfff;">dc</span>.<span style="color: #00bfff;">b</span> <span style="color: #ff0000;">0</span> <span style="color: #adadad; font-style: italic;">; DATA XREF: GetOSTAtSlot+4Co</span>
    ROM:<span style="color: #ff0000;">00881769</span> <span style="color: #00bfff;">dc</span>.<span style="color: #00bfff;">b</span> <span style="color: #ff0000;">0</span>
    ROM:0088176A <span style="color: #00bfff;">dc</span>.<span style="color: #00bfff;">b</span> <span style="color: #ff0000;">0</span>
    ROM:0088176B <span style="color: #00bfff;">dc</span>.<span style="color: #00bfff;">b</span> <span style="color: #ff0000;">0</span>
    ROM:0088176C <span style="color: #00bfff;">dc</span>.<span style="color: #00bfff;">b</span> <span style="color: #ff0000;">$</span><span style="color: #ff0000;"><span style="color: #ff0000;">80</span></span> <span style="color: #adadad; font-style: italic;">; Ç</span>
    ROM:0088176D <span style="color: #00bfff;">dc</span>.<span style="color: #00bfff;">b</span> <span style="color: #ff0000;">0</span></pre><!--gc2--><!--Uk9NOjAwODgxNzAyIDsgPT09PT09PT09PT09PT09IFMgVSBCIFIgTyBVIFQgSSBOIEUgPT09PT09PT09
    PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09ClJPTTowMDg4MTcwMgpST006MDA4ODE3MDIKUk9NO
    jAwODgxNzAyIEdldE9TVEF0U2xvdDogICAgICAgICAgICAgICAgICAgICAgICAgICA7IENPREUgWFJFRj
    ogRG9HYW1lTW9kZSs1ODQZcApST006MDA4ODE3MDIgICAgICAgICAgICAgICAgICAgICAgICAgICAgICA
    gICAgICAgICAgIDsgUk9NOjAwODg0QTk4GXAgLi4uClJPTTowMDg4MTcwMiAgICAgICAgICAgICAgICAg
    bW92ZS5sICBkNywtKHNwKQpST006MDA4ODE3MDQgICAgICAgICAgICAgICAgIGxlYSAgICAgKCYjMDM2O
    0ZGRkZFMDFFKS53LGEwClJPTTowMDg4MTcwOCAgICAgICAgICAgICAgICAgbW92ZS53ICAtMihhMCxkMC
    53KSxkNwpST006MDA4ODE3MEMgICAgICAgICAgICAgICAgIGxlYSAgICAgKCYjMDM2O0ZGRkZFMDI2KS5
    3LGEwClJPTTowMDg4MTcxMCAgICAgICAgICAgICAgICAgYWRkYS53ICBkMCxhMApST006MDA4ODE3MTIg
    ICAgICAgICAgICAgICAgIHRzdC53ICAgKCYjMDM2O0ZGRkZFMDI2KS53ClJPTTowMDg4MTcxNiAgICAgI
    CAgICAgICAgICAgYmVxLnMgICBsb2NfODgxNzJFClJPTTowMDg4MTcxOCAgICAgICAgICAgICAgICAgdH
    N0LmwgICBkMApST006MDA4ODE3MUEgICAgICAgICAgICAgICAgIGJwbC5zICAgbG9jXzg4MTcyNApST00
    6MDA4ODE3MUMKUk9NOjAwODgxNzFDIGxvY184ODE3MUM6ICAgICAgICAgICAgICAgICAgICAgICAgICAg
    ICA7IENPREUgWFJFRjogR2V0T1NUQXRTbG90KzIwGWoKUk9NOjAwODgxNzFDICAgICAgICAgICAgICAgI
    CBtb3ZlLncgIChhMCksZDcKUk9NOjAwODgxNzFFICAgICAgICAgICAgICAgICBiZXEucyAgIGxvY184OD
    E3MzYKUk9NOjAwODgxNzIwICAgICAgICAgICAgICAgICBtb3ZlYS53IGQ3LGEwClJPTTowMDg4MTcyMiA
    gICAgICAgICAgICAgICAgYnJhLnMgICBsb2NfODgxNzFDClJPTTowMDg4MTcyNCA7IC0tLS0tLS0tLS0t
    LS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tL
    S0tLQpST006MDA4ODE3MjQKUk9NOjAwODgxNzI0IGxvY184ODE3MjQ6ICAgICAgICAgICAgICAgICAgIC
    AgICAgICAgICA7IENPREUgWFJFRjogR2V0T1NUQXRTbG90KzE4GGoKUk9NOjAwODgxNzI0ICAgICAgICA
    gICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICA7IEdldE9TVEF0U2xvdCsyOBlqClJPTTowMDg4
    MTcyNCAgICAgICAgICAgICAgICAgdHN0LncgICAoYTApClJPTTowMDg4MTcyNiAgICAgICAgICAgICAgI
    CAgYmVxLnMgICBsb2NfODgxNzM2ClJPTTowMDg4MTcyOCAgICAgICAgICAgICAgICAgbW92ZWEudyAoYT
    ApLGEwClJPTTowMDg4MTcyQSAgICAgICAgICAgICAgICAgZGJmICAgICBkNyxsb2NfODgxNzI0ClJPTTo
    wMDg4MTcyRQpST006MDA4ODE3MkUgbG9jXzg4MTcyRTogICAgICAgICAgICAgICAgICAgICAgICAgICAg
    IDsgQ09ERSBYUkVGOiBHZXRPU1RBdFNsb3QrMTQYagpST006MDA4ODE3MkUgICAgICAgICAgICAgICAgI
    G1vdmUubCAgKHNwKSssZDcKUk9NOjAwODgxNzMwICAgICAgICAgICAgICAgICBvcmkgICAgICM4LGNjcg
    pST006MDA4ODE3MzQgICAgICAgICAgICAgICAgIHJ0cwpST006MDA4ODE3MzYgOyAtLS0tLS0tLS0tLS0
    tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0t
    LS0KUk9NOjAwODgxNzM2ClJPTTowMDg4MTczNiBsb2NfODgxNzM2OiAgICAgICAgICAgICAgICAgICAgI
    CAgICAgICAgOyBDT0RFIFhSRUY6IEdldE9TVEF0U2xvdCsxQxhqClJPTTowMDg4MTczNiAgICAgICAgIC
    AgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgOyBHZXRPU1RBdFNsb3QrMjQYagpST006MDA4ODE
    3MzYgICAgICAgICAgICAgICAgIG1vdmUudyAgKCYjMDM2O0ZGRkZFMDI2KS53LChhMCkKUk9NOjAwODgx
    NzNBICAgICAgICAgICAgICAgICBtb3ZlLncgIGEwLGQ3ClJPTTowMDg4MTczQyAgICAgICAgICAgICAgI
    CAgbW92ZWEudyAoYTApLGEwClJPTTowMDg4MTczRSAgICAgICAgICAgICAgICAgbW92ZS53ICAoYTApLC
    gmIzAzNjtGRkZGRTAyNikudwpST006MDA4ODE3NDIgICAgICAgICAgICAgICAgIGNsci53ICAgKGEwKQp
    ST006MDA4ODE3NDQgICAgICAgICAgICAgICAgIG1vdmUudyAgZDcsMihhMCkKUk9NOjAwODgxNzQ4ICAg
    ICAgICAgICAgICAgICBtb3ZlcSAgICMwLGQ3ClJPTTowMDg4MTc0QSAgICAgICAgICAgICAgICAgbW92Z
    S53ICBkNyw0KGEwKQpST006MDA4ODE3NEUgICAgICAgICAgICAgICAgIG1vdmUubCAgI3Vua184ODE3Nj
    gsJiMwMzY7MTAoYTApClJPTTowMDg4MTc1NiAgICAgICAgICAgICAgICAgbW92ZS5sICBkNywmIzAzNjs
    yMChhMCkKUk9NOjAwODgxNzVBICAgICAgICAgICAgICAgICBtb3ZlLmwgIGQ3LDgoYTApClJPTTowMDg4
    MTc1RSAgICAgICAgICAgICAgICAgbW92ZS5sICBkNywmIzAzNjtDKGEwKQpST006MDA4ODE3NjIgICAgI
    CAgICAgICAgICAgIG1vdmVtLmwgKHNwKSssZDcKUk9NOjAwODgxNzY2ICAgICAgICAgICAgICAgICBydH
    MKUk9NOjAwODgxNzY2IDsgRW5kIG9mIGZ1bmN0aW9uIEdldE9TVEF0U2xvdApST006MDA4ODE3NjYKUk9
    NOjAwODgxNzY2IDsgLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0t
    LS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tClJPTTowMDg4MTc2OCB1bmtfODgxNzY4OiAgICAgZGMuY
    iAgIDAgICAgICAgICAgICAgICAgOyBEQVRBIFhSRUY6IEdldE9TVEF0U2xvdCs0QxhvClJPTTowMDg4MT
    c2OSAgICAgICAgICAgICAgICAgZGMuYiAgIDAKUk9NOjAwODgxNzZBICAgICAgICAgICAgICAgICBkYy5
    iICAgMApST006MDA4ODE3NkIgICAgICAgICAgICAgICAgIGRjLmIgICAwClJPTTowMDg4MTc2QyAgICAg
    ICAgICAgICAgICAgZGMuYiAmIzAzNjs4MCA7IMOHClJPTTowMDg4MTc2RCAgICAgICAgICAgICAgICAgZ
    GMuYiAgIDA=--><!--egc2--><!--g2--></div><!--eg2-->

    EDIT
    Code (Text):
    1. void *GetOSTAtSlot(int OSTnum)
    2. {
    3. &nbsp;&nbsp;&nbsp;&nbsp;int d7;
    4. &nbsp;&nbsp;&nbsp;&nbsp;int *a0;
    5.  
    6. &nbsp;&nbsp;&nbsp;&nbsp;d7 = 0xE01C[OSTnum];
    7. &nbsp;&nbsp;&nbsp;&nbsp;a0 = 0xE026 + OSTnum;
    8. &nbsp;&nbsp;&nbsp;&nbsp;if (*0xE026 == 0) // no entries in the list
    9. &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;return a0;
    10. &nbsp;&nbsp;&nbsp;&nbsp;if (OSTnum > 0) {
    11. &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;for (; d7 >= 0; d7--) {
    12. &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;if (*a0 == 0)
    13. &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;break;
    14. &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;a0 = *a0;
    15. &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;}
    16. &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;if (d7 < 0) // not found
    17. &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;return a0;
    18. &nbsp;&nbsp;&nbsp;&nbsp;} else
    19. &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;while ((d7 = *a0) != 0)
    20. &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;a0 = d7;
    21. &nbsp;&nbsp;&nbsp;&nbsp;*a0 = *E026;
    22. &nbsp;&nbsp;&nbsp;&nbsp;d7 = a0;
    23. &nbsp;&nbsp;&nbsp;&nbsp;a0 = *a0;
    24. &nbsp;&nbsp;&nbsp;&nbsp;*E026 = *a0;
    25. &nbsp;&nbsp;&nbsp;&nbsp;*a0 = 0;
    26. &nbsp;&nbsp;&nbsp;&nbsp;(*a0)[2] = d7;
    27. &nbsp;&nbsp;&nbsp;&nbsp;(*a0)[4] = 0;
    28. &nbsp;&nbsp;&nbsp;&nbsp;(*a0)[0x10] = unk_881768;
    29. &nbsp;&nbsp;&nbsp;&nbsp;(*a0)[8] = (*a0)[0xC] = (*a0)[0x20] = 0;
    30. &nbsp;&nbsp;&nbsp;&nbsp;return a0;
    31. }
    Now I'm thinking that these values at $FFFFE026..$FFFFE030 are really a queue or stack of some sort...
     
  16. Andlabs

    Andlabs

    「いっきまーす」 Wiki Sysop
    2,175
    0
    0
    Writing my own MD/Genesis sound driver :D
    Nailed it.

    Code (Text):
    1. void *GetOSTAtSlot(int OSTnum)
    2. {
    3. &nbsp;&nbsp;&nbsp;&nbsp;int d7;
    4. &nbsp;&nbsp;&nbsp;&nbsp;int *a0;
    5.  
    6. &nbsp;&nbsp;&nbsp;&nbsp;d7 = 0xE01C[OSTnum];
    7. &nbsp;&nbsp;&nbsp;&nbsp;a0 = 0xE026 + OSTnum;
    8. &nbsp;&nbsp;&nbsp;&nbsp;if (*0xE026 == 0) // no entries in the list
    9. &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;return a0;
    10. &nbsp;&nbsp;&nbsp;&nbsp;if (OSTnum > 0) {
    11. &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;for (; d7 >= 0; d7--) {
    12. &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;if (*a0 == 0)
    13. &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;break;
    14. &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;a0 = *a0;
    15. &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;}
    16. &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;if (d7 < 0) // not found
    17. &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;return a0;
    18. &nbsp;&nbsp;&nbsp;&nbsp;} else
    19. &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;while ((d7 = *a0) != 0)
    20. &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;a0 = d7;
    21. &nbsp;&nbsp;&nbsp;&nbsp;*a0 = *E026;
    22. &nbsp;&nbsp;&nbsp;&nbsp;d7 = a0;
    23. &nbsp;&nbsp;&nbsp;&nbsp;a0 = *a0;
    24. &nbsp;&nbsp;&nbsp;&nbsp;*E026 = *a0;
    25. &nbsp;&nbsp;&nbsp;&nbsp;*a0 = 0;
    26. &nbsp;&nbsp;&nbsp;&nbsp;(*a0)[2] = d7;
    27. &nbsp;&nbsp;&nbsp;&nbsp;(*a0)[4] = 0;
    28. &nbsp;&nbsp;&nbsp;&nbsp;(*a0)[0x10] = unk_881768;
    29. &nbsp;&nbsp;&nbsp;&nbsp;(*a0)[8] = (*a0)[0xC] = (*a0)[0x20] = 0;
    30. &nbsp;&nbsp;&nbsp;&nbsp;return a0;
    31. }
    32.  
    33. void InitOSTs(void)
    34. {
    35. &nbsp;&nbsp;&nbsp;&nbsp;int *a0, *a1;
    36. &nbsp;&nbsp;&nbsp;&nbsp;int d7;
    37.  
    38. &nbsp;&nbsp;&nbsp;&nbsp;E026 = E028 = E02A = E02C = E02E = 0;
    39. &nbsp;&nbsp;&nbsp;&nbsp;E030 = 0x7FFF;
    40. &nbsp;&nbsp;&nbsp;&nbsp;E026 = a0 = AD08;
    41. &nbsp;&nbsp;&nbsp;&nbsp;for (d7 = 0x3F; d7 >= 0; d7--) {
    42. &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;a1 = a0[40];
    43. &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;*a0 = a1;
    44. &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;a0 = a1;
    45. &nbsp;&nbsp;&nbsp;&nbsp;}
    46. &nbsp;&nbsp;&nbsp;&nbsp;a0[-40] = 0; // close up the last value
    47. &nbsp;&nbsp;&nbsp;&nbsp;CA9E = CAA2 = E1A2 = 0;
    48. &nbsp;&nbsp;&nbsp;&nbsp;D01E = 0xD45E;
    49. &nbsp;&nbsp;&nbsp;&nbsp;E01E = 5;
    50. &nbsp;&nbsp;&nbsp;&nbsp;E020 = 0xF;
    51. &nbsp;&nbsp;&nbsp;&nbsp;E022 = E024 = 0x3F;
    52. }
    53.  
    54. CALLS FOR A LEVEL
    55.  
    56. InitOSTs()
    57. &nbsp;&nbsp;&nbsp;&nbsp;E026 = AD08; all else 0
    58. &nbsp;&nbsp;&nbsp;&nbsp;AD08 = AD48
    59. &nbsp;&nbsp;&nbsp;&nbsp;AD48 = AD88
    60. &nbsp;&nbsp;&nbsp;&nbsp;...
    61. GetOSTAtSlot(6)
    62. &nbsp;&nbsp;&nbsp;&nbsp;E026 = AD48; E02C = AD08; all else 0
    63. &nbsp;&nbsp;&nbsp;&nbsp;AD08 = 0
    64. GetOSTAtSlot(6) (repeated)
    65. &nbsp;&nbsp;&nbsp;&nbsp;E026 = AD88; E02C = AD08; all else 0
    66. &nbsp;&nbsp;&nbsp;&nbsp;AD08 = AD48
    67. &nbsp;&nbsp;&nbsp;&nbsp;AD48 = 0
    68. [some time later]
    69. GetOSTAtSlot(2)
    70. &nbsp;&nbsp;&nbsp;&nbsp;E026 = ADC8; E028 = AD88; E02C = AD08; all else 0
    71. &nbsp;&nbsp;&nbsp;&nbsp;AD08 = AD48
    72. &nbsp;&nbsp;&nbsp;&nbsp;AD48 = AD88
    73. &nbsp;&nbsp;&nbsp;&nbsp;AD88 = 0
    So the OSTs are a linked list. $FFE026 is the address of the first free entry. The proper name of GetOSTAtSlot is AllocOST, since that's what it's doing. The variables $FFE028..$FFE030 are set by AllocOST only when it is told to. So now the only thing left is to determine which of these variables point to player 1, player 2, etc. and we can finally dive deeper into Chaotix.
     
  17. Andlabs

    Andlabs

    「いっきまーす」 Wiki Sysop
    2,175
    0
    0
    Writing my own MD/Genesis sound driver :D
    All right. As far as I can tell:

    $FFFFE028 is initially given to the first player. Since that value needs to be overwritten, it gets copied to $FFFFE034; likewise for Player 2 and $FFFFE036.
     
  18. Andlabs

    Andlabs

    「いっきまーす」 Wiki Sysop
    2,175
    0
    0
    Writing my own MD/Genesis sound driver :D
    Well I give up so I'm asking the board. I think I found the routine to handle button pushes, since it uses the character traits. But I can't disassemble everything because at one point it calls a function loaded from RAM... based on addresses from a list of negative jumps — they jump BACKWARD. No matter what I do, IDA treats them as forward jumps. I've tried different addressing modes, different targets, changing the values to signed; all to no avail. Can someone help me?

    Code (Text):
    1. ROM:008F56A6 word_8F56A6:&nbsp;&nbsp;&nbsp;&nbsp;dc.w $FCDA&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;; DATA XREF: sub_8F565E+Eo
    2. ROM:008F56A6&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;; TODO
    3. ROM:008F56A8&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; dc.w $FCD8
    4. ROM:008F56AA&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; dc.w $FCD6
    5. ROM:008F56AC&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; dc.w $FCD4
    6. ROM:008F56AE&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; dc.w $FCD2
    7. ROM:008F56B0&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; dc.w $FCD0
    8. ROM:008F56B2&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; dc.w $FCCE
    9. ROM:008F56B4&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; dc.w $FCCC
    10. ROM:008F56B6&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; dc.w $FCCA
    11. ROM:008F56B8&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; dc.w $FCC8
    12. ROM:008F56BA&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; dc.w $FCC6
    13. ROM:008F56BC&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; dc.w $FCC4
    14. ROM:008F56BE&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; dc.w $FCC2
    15. ROM:008F56C0&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; dc.w $FCC0
    16. ROM:008F56C2&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; dc.w $FCBE
    17. ROM:008F56C4&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; dc.w $FCBC
    18. ROM:008F56C6&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; dc.w $FCBA
    19. ROM:008F56C8&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; dc.w $FCB8
    20. ROM:008F56CA&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; dc.w $FCB6
    21. ROM:008F56CC&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; dc.w $FCB4
    22. ROM:008F56CE&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; dc.w $FCB2
    23. ROM:008F56D0&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; dc.w $FCB0
    24. ROM:008F56D2&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; dc.w $FCAE
    25. ROM:008F56D4&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; dc.w $FCAC
    26. ROM:008F56D6&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; dc.w $FCAA
    27. ROM:008F56D8&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; dc.w $FCA8
    28. ROM:008F56DA&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; dc.w $FCA6
    29. ROM:008F56DC&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; dc.w $FCA4
    30. ROM:008F56DE&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; dc.w $FCA2
    31. ROM:008F56E0&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; dc.w $FCA0
    32. ROM:008F56E2&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; dc.w $FC9E
    33. ROM:008F56E4&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; dc.w $FC9C
    34. ROM:008F56E6&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; dc.w $FC9A
    35. ROM:008F56E8&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; dc.w $FC98
    36. ROM:008F56EA&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; dc.w $FC96
    37. ROM:008F56EC&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; dc.w $FC94
    38. ROM:008F56EE&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; dc.w $FC92
    39. ROM:008F56F0&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; dc.w $FC90
    40. ROM:008F56F2&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; dc.w $FC8E
    41. ROM:008F56F4&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; dc.w $FC8C
    42. ROM:008F56F6&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; dc.w $FC8A
    43. ROM:008F56F8&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; dc.w $FC88
    44. ROM:008F56FA&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; dc.w $FC86
    45. ROM:008F56FC&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; dc.w $FC84
    46. ROM:008F56FE&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; dc.w $FC82
    47. ROM:008F5700&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; dc.w $FC80
    48. ROM:008F5702&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; dc.w $FC7E
    49. ROM:008F5704&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; dc.w $FC7C
    50. ROM:008F5706&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; dc.w $FC7A
    51. ROM:008F5708&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; dc.w $FC78
    52. ROM:008F570A&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; dc.w $FC76
    53. ROM:008F570C&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; dc.w $FC74
    54. ROM:008F570E&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; dc.w $FC72
    55. ROM:008F5710&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; dc.w $FC70
    56. ROM:008F5712&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; dc.w $FC6E
    57. ROM:008F5714&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; dc.w $FC6C
    58. ROM:008F5716&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; dc.w $FC6A
    59. ROM:008F5718&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; dc.w $FC68
    60. ROM:008F571A&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; dc.w $FC66
    61. ROM:008F571C&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; dc.w $FC64
    62. ROM:008F571E&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; dc.w $FC62
    63. ROM:008F5720&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; dc.w $FC60
    64. ROM:008F5722&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; dc.w $FC5E
    65. ROM:008F5724&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; dc.w $FC5C
    66. ROM:008F5726&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; dc.w $FC5A
    67. ROM:008F5728&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; dc.w $FC58
    68. ROM:008F572A&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; dc.w $FC56
    69. ROM:008F572C&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; dc.w $FC54
    70. ROM:008F572E&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; dc.w $FC52
    71. ROM:008F5730&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; dc.w $FC50
    72. ROM:008F5732&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; dc.w $FC4E
    73. ROM:008F5734&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; dc.w $FC4C
    74. ROM:008F5736&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; dc.w $FC4A
    75. ROM:008F5738&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; dc.w $FC48
    76. ROM:008F573A&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; dc.w $FC46
    77. ROM:008F573C&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; dc.w $FC44
    78. ROM:008F573E&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; dc.w $FC42
    79. ROM:008F5740&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; dc.w $FC40
    80. ROM:008F5742&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; dc.w $FC3E
    81. ROM:008F5744&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; dc.w $FC3C
    I'm using IDA 5.5.
     
  19. Andlabs

    Andlabs

    「いっきまーす」 Wiki Sysop
    2,175
    0
    0
    Writing my own MD/Genesis sound driver :D
    All right, if my question can't be answered, could an IDC script do this, and how? I don't know IDC. Thanks.
     
  20. Andlabs

    Andlabs

    「いっきまーす」 Wiki Sysop
    2,175
    0
    0
    Writing my own MD/Genesis sound driver :D
    Code (Text):
    1. TABLE 1
    2. OFFSET&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;SIZE&nbsp;&nbsp;&nbsp;&nbsp;DESCRIPTION
    3. $0-$1&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;word&nbsp;&nbsp;&nbsp;&nbsp;Pointer to next OST in allocator chain
    4. $2-$39&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;?&nbsp;&nbsp;&nbsp;&nbsp;?
    5. $3A&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;word&nbsp;&nbsp;&nbsp;&nbsp;Pointer to table 2
    6. $3B-$3F&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;?&nbsp;&nbsp;&nbsp;&nbsp;?
    7.  
    8. TABLE 2
    9. OFFSET&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;SIZE&nbsp;&nbsp;&nbsp;&nbsp;DESCRIPTION
    10. $0-$1&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;word&nbsp;&nbsp;&nbsp;&nbsp;Pointer to next OST in allocator chain
    11. $2-$2F&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;?&nbsp;&nbsp;&nbsp;&nbsp;?
    12. $30&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;byte&nbsp;&nbsp;&nbsp;&nbsp;Flags
    13. &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;BIT&nbsp;&nbsp;&nbsp;&nbsp;DESCRIPTION
    14. &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;0&nbsp;&nbsp;&nbsp;&nbsp;has sheild?
    15. &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;1&nbsp;&nbsp;&nbsp;&nbsp;?
    16. &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;2&nbsp;&nbsp;&nbsp;&nbsp;?
    17. &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;3&nbsp;&nbsp;&nbsp;&nbsp;if 1 then shrunken, if 0 then grown
    18. &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;only checked when $38 != 0
    19. $32&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;word&nbsp;&nbsp;&nbsp;&nbsp;Invincibility timer (from $4B0 to $0; $0 == no invincibility; each new box adds $4B0)
    20. $33-$37&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;?&nbsp;&nbsp;&nbsp;&nbsp;?
    21. $38&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;word&nbsp;&nbsp;&nbsp;&nbsp;Grow/shrink timer (from $4B0 to $0; $0 == no size change; each new like box adds $4B0;
    22. &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;each unlike box sets $0 and returns to normal)
    23. $39-$3F&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;?&nbsp;&nbsp;&nbsp;&nbsp;?
    It begins...
     
Thread Status:
Not open for further replies.