Zophar's Message Domain

Go Back   Zophar's Message Domain > Emulation Talk > Rom Hack

Reply
 
Thread Tools Display Modes
Old 10-22-2005, 11:55 PM   #11
phonymike
Senior Member
 
Join Date: Jun 2003
Posts: 278
Default Re: here's how you do it

I might write up some code later, it's real simple. think of it like this. the rom data is like 1 2 3 4 5 6 7 8 so you add them up (in groups of 4mbit or 8mbit I don't remember, sneskart may have it wrong.) so the checksum is 36. now for even sized roms of 8, 16, 32mbits (the value in the header) this works fine like this example of 8 numbers being added. but let's say we have 12 numbers not 8. you'd add them like this.

1 2 3 4 5 6 7 8 | 9 10 11 12 9 10 11 12

you duplicate the part that's less than 8mbit. 8mbit adds fine (don't count the copier header.) 16mbit, 32mbit works fine, but an odd sized rom like 10 or 12mbit, you need to use the remaining data and duplicate it until you reach an even size.

it might be a fun little learning experience to program something like this, but it's been done a million times snes9x, zsnes, smc, nsrt. if you're really curious about it get a hex editor and play around with some rawms.
phonymike is offline   Reply With Quote
Old 10-23-2005, 01:00 AM   #12
JadussD
Senior Member
 
Join Date: Jan 2003
Posts: 2,100
Default What I just figured out.

In order to now have to multiply the result of an unfinished ROM bank, the game's size has to be a power of 2mbit. Well, not QUITE, but effectively for all commerical ROMs, I'll get to that in a second. Ms. Pac-Man is a 2mbit game, and it's checksum is calculated perfectly by just adding the byte.. This is because how many bytes are counted into the checksum is based on the size byte in the embedded ROM data, which works like this, for those who don't know, for common sizes (lazy coding, could have used an algorithm, and will recode it soon):

<tt>
switch (romsize)
{
case 0x08:
printf("2 MBit\n");
break;
case 0x09:
printf("4 MBit\n");
break;
case 0x0A:
printf("8 MBit\n");
break;
case 0x0B:
printf("16 MBit\n");
break;
case 0x0C:
printf("32 MBit\n");
break;
default:
printf("Unknown/Other\n");
break;
}</tt>


Obviously, this size byte is wrong for any game that doesn't fall into one of those sizes. Therefore, "extra" data needs to be counted until it fits that size.

Theoretically, the checksum for ROMs that are below 2mbit (No such commercial ROMs), would be counted as if they were of the size 32kbit, 64kbit, 128kbit, 256kbit, 512kbit, or 1mbit, IMO.

I tested my program, which only counts as is right now, and here's the sizes it's correct and incorrect on:

2mbit=right
4mbit=wrong
8mbit=right
12mbit=wrong
16mbit=right
20mbit=wrong
24mbit=wrong
32mbit=right

That's what made me think it was based on the size byte in the embedded data.

This is just a fun exercise like PhonyMike said. I might use the code I make in the future, if I ever get good enough to make an emulator (also for my amusement) and I'll probably release it after I clean it up and add some more features (automaticly splitting and renaming ROMs so they'll work on Game Doctor 7/Professor SF 2 is one I want) If anyone isn't having fun figuring this out or interested in this, no problem, don't want to waste your time. I'm going to watch the World Series now, I'll get back to this afterward.
JadussD is offline   Reply With Quote
Old 10-23-2005, 03:52 AM   #13
D--
Senior Member
 
D--'s Avatar
 
Join Date: Oct 2001
Location: Chaoyang, Beijing, China
Posts: 826
Default Re: What I just figured out.

I'm getting correct results on 12Mbit games without any mirroring ...

Breath of Fire (U) - 12Mbit - 0b11, 0b11
Dragon Quest I&II (J) - 12Mbit - 2d8a, 2d8a
Gradius III (U) - 4Mbit - 27a2, 27a2
NP Power Lode Runner (J) -12Mbit - 420f, 420f

function checksum($string) {
$crc = "";
for ($x = 0; $x &lt; strlen ($string); $x++) {
$crc += ord($string[$x]);
}
return($crc & 0xffff);
}
__________________
portfolio :: deviantArt :: 微博 :: Twitter
D-- is offline   Reply With Quote
Old 10-23-2005, 05:09 AM   #14
JadussD
Senior Member
 
Join Date: Jan 2003
Posts: 2,100
Default Re: What I just figured out.

> Breath of Fire (U) - 12Mbit - 0b11, 0b11
> Dragon Quest I&II (J) - 12Mbit - 2d8a, 2d8a
> Gradius III (U) - 4Mbit - 27a2, 27a2
> NP Power Lode Runner (J) -12Mbit - 420f, 420f

Breath of Fire (U) - 12mbit - 8511, 0b11
Dragon Quest 1&2 (J) = 12mbit - 3971, 2d8a
Gradius III (U) - 4mbit - 27A2, 27A2
NP Power Lode Runner (J) - 12mbit - 97df, 042f

Excuse the horrible mess. And no, I don't remember why I malloc'ed a one byte buffer (obbuffer) and made a pointer to it. Like I said, I'm a n00b, etc. And yeah it's inefficient as fuck.

rhoffset is 0x200 if there's a header.
endofrom was obtained by doing ftell(f)...it's endofrom - 1 because it doesn't work without that, which was the source of a hard to find bug...

<tt>
for (romoffset=0; (romoffset+rhoffset)<=endofrom-1; romoffset++)
{
fseek(f, romoffset+rhoffset, SEEK_SET);
fread(obbuffer, 1, 1, f);
checksumvalue=(checksumvalue+*obbuffer);
}

free(obbuffer);

checksumvalue=checksumvalue&0x0000FFFF;


printf("Checksum calculated: %x", checksumvalue);

fseek(f,hiromoffset+0x7fde, SEEK_SET);
fread(&hb, 1, 1, f);
fread(&lb, 1, 1, f);
printf("\nROM Checksum=%x%x",lb, hb);

if ((((checksumvalue&0x0000FF00) >> 8)==lb)&&((checksumvalue&0x000000FF)==hb))
{
printf(" (Checksum OK)\n");
}
else printf(" (Checksum does not match)\n");</tt>
JadussD is offline   Reply With Quote
Old 10-23-2005, 06:29 AM   #15
D--
Senior Member
 
D--'s Avatar
 
Join Date: Oct 2001
Location: Chaoyang, Beijing, China
Posts: 826
Default Re: What I just figured out.

> Excuse the horrible mess. And no, I don't remember why I
> malloc'ed a one byte buffer (obbuffer) and made a pointer to
> it. Like I said, I'm a n00b, etc. And yeah it's inefficient
> as fuck.

Jesus fuck C is ugly.

--snip--

Doh, I found the glitch in my code. Now I get the same problems as you.<P ID="edit"><FONT class="small">Edited by D-BOY on 10/23/05 01:54 AM.</FONT></P>
__________________
portfolio :: deviantArt :: 微博 :: Twitter
D-- is offline   Reply With Quote
Old 10-23-2005, 09:20 AM   #16
JadussD
Senior Member
 
Join Date: Jan 2003
Posts: 2,100
Default Re: What I just figured out.

> Doh, I found the glitch in my code. Now I get the same
> problems as you.
>
Aw man, how much longer after you posted that did you edit it? :P

I was going to ask you if you were somehow accidentally assigning the value read from the ROM in the embedded SNES data to the same variable as the calculated or something like that before displaying it, but I figured that kind of question might piss an experienced coder off hahaha...the silver lining is that I went and recoded the checksum calculating thing in a separate program in a much less horrid manner because I was going to post all of my code, and wanted to eliminate any other possibilities except the problem at hand, so it would be easier on anyone who'd look at it. ..well, now I have better code, so I guess that's cool, haha.
JadussD is offline   Reply With Quote
Old 10-23-2005, 10:24 AM   #17
D--
Senior Member
 
D--'s Avatar
 
Join Date: Oct 2001
Location: Chaoyang, Beijing, China
Posts: 826
Default Re: What I just figured out.

Did you find out what to do with 2Mbit games or the 256Kbit BIOS type files yet? That's the last thing I have left to get working. Do you just keep mirroring the whole thing up to 4Mbit?
__________________
portfolio :: deviantArt :: 微博 :: Twitter
D-- is offline   Reply With Quote
Old 10-23-2005, 10:50 AM   #18
JadussD
Senior Member
 
Join Date: Jan 2003
Posts: 2,100
Default Re: What I just figured out.

> Did you find out what to do with 2Mbit games or the 256Kbit
> BIOS type files yet? That's the last thing I have left to
> get working. Do you just keep mirroring the whole thing up
> to 4Mbit?

2Mbit games you just count. You don't mirror them at all. Any game that's actual size matches its size byte isn't mirrored at all...that's the determining factor I do believe. Let me fetch a BIOS file and look at it. I doubt they use checksums...
JadussD is offline   Reply With Quote
Old 10-23-2005, 11:00 AM   #19
JadussD
Senior Member
 
Join Date: Jan 2003
Posts: 2,100
Default Re: What I just figured out.

> 2Mbit games you just count. You don't mirror them at all.
> Any game that's actual size matches its size byte isn't
> mirrored at all...that's the determining factor I do
> believe. Let me fetch a BIOS file and look at it. I doubt
> they use checksums...

Just figured out the Super GameBoy BIOS V1.0 (J).smc

Just add the bytes! No mirroring, nothing. However, it doesn't correspond to its size byte (which would be 0x06), so I was wrong about that.
JadussD is offline   Reply With Quote
Old 11-01-2005, 12:15 PM   #20
JadussD
Senior Member
 
Join Date: Jan 2003
Posts: 2,100
Default Game Genie

Edit: Nevermind. Fixed it. This is becoming a recurring pattern isn't it?

In my eternal quest to re-invent the wheel (God this is fun), I have a question about the SNES's Game Genie. It seems that to convert a code from Pro Action Replay to Game Genie, one would have to use a look-up table to get the values the Game Genie uses for various 4-bit hex digits. I've done this, and I'm 100% certain this part is correct. Then, one must shift around the bits doing a lot of bitwise stuff, according to the document I read, so that they are in a different place. I've coded this, and I've looked it over a dozen times and looked at what's going on in the debugger, and the bits do appear to be shifting to the right place. But the code is not correct.

Well, I've tried doing the look-up first and then switching the bits around, and that doesn't work either. Does anyone know if there's anything "weird" about the Game Genie that I haven't mentioned? Do I need to convert endianness? Does it refer to a physical ROM address rather than an address in the SNES's memory map? Something like this?<P ID="edit"><FONT class="small">Edited by JadussD on 11/01/05 09:56 AM.</FONT></P>
JadussD is offline   Reply With Quote
Reply

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


All times are GMT. The time now is 06:58 PM.

Contact Us - Zophar's Domain - Archive - Top

Powered by vBulletin® Version 3.8.4
Copyright ©2000 - 2019, Jelsoft Enterprises Ltd.