Users browsing this thread: 3 Guest(s)
FF4 SNES SRM Checksum
02-13-2017, 04:00 AM
The disassembly I posted before was made by me. I posted the full notes I have but if anyone has any FFIV disassembly I would be happy to get a copy.
I use bsnes+ for breakpoints, geiger's disassembler is also awesome but I'm using Mac Os X. I have a home made disassembler for auto generating the assembly code.
I took a look at $41, it is reset in two places at least:
I don't know what it does but I'm suspecting it's a high byte of $40, $40 is being reset all the time in the entry routine. I think it serves as some sort of deep game timer.
I think $41 (and maybe $40 aswell) is stored in the SRAM somewhere since the value is variable. Maybe next to the game timer?
This is all a lot of guesswork at the moment for me, I'll try to look into this later on.
Rough disassembly of the entry point for FFIV:
@assasin: Sounds right, different way to compute the same checksum. Your math impresses me.
I use bsnes+ for breakpoints, geiger's disassembler is also awesome but I'm using Mac Os X. I have a home made disassembler for auto generating the assembly code.
I took a look at $41, it is reset in two places at least:
Code:
$15c9ce when the game starts, I think this is where the RAM is cleared.
$018cb8 when a menu is opened (when loading opens and when main menu is opened)
I don't know what it does but I'm suspecting it's a high byte of $40, $40 is being reset all the time in the entry routine. I think it serves as some sort of deep game timer.
I think $41 (and maybe $40 aswell) is stored in the SRAM somewhere since the value is variable. Maybe next to the game timer?
This is all a lot of guesswork at the moment for me, I'll try to look into this later on.
Rough disassembly of the entry point for FFIV:
Code:
008000 20 2C 80 JSR $802C
008003 6B RTL
008004 20 1A BA JSR $BA1A
008007 6B RTL
008008 20 BF C2 JSR $C2BF
00800B 6B RTL
00800C 20 92 95 JSR $9592
00800F 6B RTL
008010 20 5E 80 JSR $805E
008013 6B RTL
008014 20 95 CC JSR $CC95
008017 6B RTL
008018 20 1A BA JSR $BA1A
00801B 6B RTL
00801C 20 BB 82 JSR $82BB
00801F 6B RTL
008020 20 92 D7 JSR $D792
008023 6B RTL
008024 20 95 CC JSR $CC95
008027 6B RTL
008028 20 6E 80 JSR $806E
00802B 6B RTL
00802C 8B PHB
00802D 0B PHD
00802E 7B TDC
00802F 8F 00 41 00 STA $004100.l
008033 A9 7E LDA #$7E
008035 48 PHA
008036 AB PLB
008037 20 45 80 JSR $8045
00803A A9 80 LDA #$80
00803C 8F 00 21 00 STA $002100.l
008040 7B TDC
008041 EB XBA
008042 2B PLD
008043 AB PLB
008044 60 RTS
008045 20 3A 87 JSR $873A
008048 20 7D 8C JSR $8C7D
00804B BA TSX
00804C CA DEX
00804D CA DEX
00804E 8E 65 1A STX $1A65.w
008051 20 FB 87 JSR $87FB
008054 20 7E 94 JSR $947E
008057 4C 3F 87 JMP $873F
00805A 5C 00 80 03 JML $038000
00805E 48 PHA
00805F A9 00 LDA #$00
008061 8F 40 01 00 STA $000140.l
008065 22 03 FD 14 JSL $14FD03
008069 A9 00 LDA #$00
00806B EB XBA
00806C 68 PLA
00806D 60 RTS
@assasin: Sounds right, different way to compute the same checksum. Your math impresses me.
« Next Oldest | Next Newest »
|
||||
Users browsing this thread: 3 Guest(s)