Sonic Jam symbol leaks (and the further search for more original S1/CD/2/3/K source code labels)

Motivated by evilhamwizard mentioning that possible Sonic 3 and Sonic & Knuckles symbol and data leftovers exist in Sonic Jam, I dug through all versions of the game to confirm. Surprise, not surprise, SH assembler leftovers. Then there came the symbols, and I was gazing in awe. He was right.

To make this quick: The symbol format seems to be a bit verbose, but this is all what I conclusively needed in end: the first 4 bytes after the name. They are laid out as 00 00 04, then either: 06 for addresses, 00 for constants, and FF for constants in which empty bytes are $FF instead of $00. Which symbol gets included per version seems to sporadically vary, except for JP Satakore and partially US.

Spoiler: Addresses

Spoiler: JP Retail and Satakore

Code (Text):

1. ; Satakore only
2. sc2ahposit -> 0F F7 DC
3. sys_pattim3 -> 0F FE B4
4. extrascore -> 0F FF C0
5.  
6. ; both versions
7. gplap1p -> 0F 78 00
8. stageno_s2 -> 0F FE 4A
9. pl2ring_f2 -> 0F FE BF
10. cartridge -> 0F FF AE
11. mdstatus -> 0F FF D8
12. whoplay1 -> 0F FF EA
13. Stack -> 00 20 00
14. Fram_md -> 00 38 01
15. plefectwk2 -> 0C DD 64
16. hscroll -> 0F F6 1A
17. bitdev_d6 -> 0F F6 F4
18. end_timer -> 0F FA 82
19. limit_flg -> 0F FA AA
20. bxspeed_m -> 0F FA F8
21. level or llevel? -> 0F FF A8
22. Colorbuf -> 0D 7D D0

Spoiler: EU

Code (Text):

1. actwk08 -> 0C C2 60
2. specrevers -> 0F E4 2B
3. specspeedmax -> 0F E4 44
4. ramf1 -> 0F F1 00
5. scr_evta -> 0F EE C0
6. ringbonus -> 0F F7 D4
7. sysdirec1 -> 0F FE 74
8. sysdirspd2 -> 0F FE 7A
9. plresetflag -> 0F FF 97

Spoiler: US

Code (Text):

1. ; also in JP Satakore
2. sc2ahposit -> 0F F7 DC
3. sys_pattim3 -> 0F FE B4
4. extrascore -> 0F FF C0
5.  
6. ; US only
7. ssonicflag -> 0F FE 19
8. dmadivide_a0_3 -> 0F FF 70
9. actwk0a -> 0C C2 F8
10. scr_v_adj -> E0 02 24 (?)
11. i_register -> 00 30 00

Spoiler: JP Trial

Code (Text):

1. ramf8 -> 0F F8 00
2. direc_x -> 0F E4 00
3. cos_z -> 0F E4 10
4. specxposi -> 0F E4 22
5. scrc_v_old -> 0F EE A2
6. scr_work4 -> 0F EE DA
7. scrc3 -> 0F EE E8
8. waterposi -> 0F F6 46
9. automode -> 0F F7 08
10. swbufcnt2 -> 0F F7 32
11. fintimer -> 0F F7 94
12. tobiraposiwk -> 0F F7 B0
13. plring_s -> 0F FE 32
14. scra_v_posit_s -> 0F FE 3E
15. sysdirec8 -> 0F FE 90
16. sysdirspd9 -> 0F FE 96
17. stageno_is2 -> 0F FF 9C
18. emy_wrt_flg -> 0F FA 9A
19. playerwk2 -> 0C C0 4C
20. colibuffer -> 0F E3 80
21. sin_x -> 0F E4 06
22. watermode -> 0F F7 30

Spoiler: Constants

Spoiler: JP Retail and Satakore

Code (Text):

1. ; Satakore only
2. se_d3 -> FF FF D3
3. risu04_vram -> 00 04 2E
4. gole_vram -> 00 05 00
5. z0406sp_vram -> 00 04 02
6. z0415sp_vram -> 00 03 2B
7. z0424sp_vram -> 00 03 39
8. z0703sp_vram -> 00 03 57
9.  
10. ; both versions
11. pg_next -> FF FF F8
12. se_a1 -> FF FF A1
13. se_b0 -> FF FF B0
14. se_aa -> FF FF 91
15. ftrr02_vram -> 00 05 00
16. kumo04_vram -> 00 03 A3
17. nk0700_vram -> 00 05 00
18. wood07_vram -> 00 00 01
19. obox08_vram -> 00 05 36
20. knuckles_vram -> 00 06 A0
21. sboom_vram -> 00 03 D1
22. z0120sp_vram -> 00 03 5C
23. shibuki1_vram -> 00 03 B2
24. z0210sp_vram -> 00 03 5F
25. z0300sp_vram -> 00 03 51
26. cannon03_vram -> 00 03 74
27. z1110sp_vram -> 00 03 00
28. boss00_dev -> 00 00 6B
29. D0B -> 00 00 03
30. pad_b -> 00 01 00
31. handlesub -> 00 00 00
32. D1B -> 00 00 07
33. pad_c -> 00 02 00
34. scrbbase2 -> 00 A0 00
35. footdir -> 00 00 3A
36. plpower_mb -> 00 00 01
37. se_3a -> 00 00 3A
38. ropesp11 -> 00 00 00
39. ropesp20 -> 00 00 00
40. D6B -> 00 00 1B
41. word -> 00 00 02
42. pattimm -> 00 00 25
43. eventflag -> 00 00 37
44. sprhs_m (couldn't be recovered)

Spoiler: EU

Code (Text):

1. D0L -> 00 00 00
2. pad_l -> 00 40 00
3. vs_selectgmd -> 00 00 3C
4. cddat -> 00 00 2A
5. ring_vram -> 00 06 BC
6. specply0_vram -> 00 07 D4
7. dai0020_vram -> 00 04 40
8. zone0b20_vram -> 00 02 92
9. zone0c10_vram -> 00 00 00
10. gole_dev -> 00 00 04
11. D6L -> 00 00 18
12. speeduptimer -> 00 00 36

Spoiler: US

Code (Text):

1. ; also in JP Satakore
2. se_d3 -> FF FF D3
3. risu04_vram -> 00 04 2E
4. gole_vram -> 00 05 00
5. z0406sp_vram -> 00 04 02
6. z0415sp_vram -> 00 03 2B
7. z0424sp_vram -> 00 03 39
8. z0703sp_vram -> 00 03 57
9.  
10. ; US only
11. se_99 -> FF FF 84
12. se_ac -> FF FF AC
13. se_bb -> FF FF BB
14. se_ca -> FF FF CA
15. end_od -> 00 00 20
16. bs00m2_vram -> 00 04 74
17. bs02m0_vram -> 00 05 4F
18. iwa021_vram -> 00 05 70
19. frog06_vram -> 00 05 47
20. bfly07_vram -> 00 05 14
21. mole07_vram -> 00 05 45
22. wave01_vram -> 00 03 7A
23. efect0625_vram -> 00 01 75
24. efect0715_vram -> 00 00 1D
25. efect0913_vram -> 00 03 50
26. efect0922_vram -> 00 03 58
27. efect0931_vram -> 00 01 94
28. efect0940_vram -> 00 02 D0
29. z0a15sp_vram -> 00 03 10
30. z0b05sp_vram -> 00 03 85
31. vsasciib_vram -> 00 06 32
32. z0f10sp_vram -> 00 03 00
33. boss07m_dev -> 00 00 61
34. boss0d_dev -> 00 00 78
35. boss08m_dev -> 00 00 62
36. boss0e_dev -> 00 00 79
37. specsubtbl3 -> 00 00 00
38. specplaycoliwk -> 00 00 44
39. specringsp39 -> 00 00 00
40. specringsp48 -> 00 00 00
41. gamemd -> 00 00 0C
42. cd_ballj -> 00 00 04
43. plpower_ab -> 00 00 03
44. pobj -> 00 00 3F
45. advamd -> 00 00 04
46. logoint_fl -> 00 00 02
47. shot_od -> 00 00 02
48. ko_adr -> 00 00 44
49. saru00_vram -> 00 05 48
50. snkf09_vram -> 00 05 12
51. iwa091_vram -> 00 05 00
52. gkn209_vram -> 00 05 2E
53. bs09m0_vram -> 00 03 FB

Spoiler: JP Trial

Code (Text):

1. se_34 -> FF FF B9
2. se_rockroll -> FF FF 96
3. cd_down -> 00 00 01
4. pri_4 -> 00 02 00
5. sd_08 -> 00 00 08
6. sd_17 -> 00 00 17
7. sd_26 -> 00 00 26
8. se_43 -> 00 00 43
9. se_52 -> 00 00 4E
10. se_61 -> 00 00 58
11. se_70 -> 00 00 62
12. se_dC -> 00 00 32
13. bs02b0_vram (couldn't be recovered)
14. se_44 -> 00 00 44
15. se_53 -> 00 00 4F
16. se_62 -> 00 00 59
17. se_71 -> 00 00 63
18. se_80 -> 00 00 72
19. se_dD -> 00 00 32
20. pause_b -> 00 00 07
21. mvlr_bit -> 00 00 03
22. oya_adr -> 00 00 46
23. bs03b0_vram -> 00 04 30
24. efect0012_vram -> 00 02 FE
25. efect0021_vram -> 00 00 CA
26. efect0111_vram -> 00 02 DC
27. efect0120_vram -> 00 02 5E (?)
28. exp0100_vram -> 00 04 D2
29. bs00bw_vram -> 00 03 52
30. yado01_vram -> 00 05 00
31. bs06b1_vram -> 00 04 25
32. bgm_zone002 -> 00 00 02
33. bgm_zone011 -> 00 00 03
34. efect0124_vram (couldn't be recovered)
35. [bos?]s09_dev -> 00 00 74
36. starsp01 -> 00 00 00
37. scu_spr -> 00 00 4D
38. col_b -> 00 04 00
39. levertimer -> 00 00 39
40. hitcolflagb -> 00 00 0F

Note that for addresses that start with $0C instead of $0F, you will have to add $8000 to get the actual Work RAM high location. Think the same goes with addresses that start with $0E. Figuring this out (the hints should have given it away anyway) also lead me to conclude that the RAM per object for 3 & Knuckles in Jam is 2 bytes bigger, for some reason.