1. Do you know a method of emulating GG using its image?
2. For a 8-chars code, docs bring to compare the value when the CPU reads the address. How exactly? For immediate byte addressing mode only?
game genie
Moderator: Moderators
-
- Posts: 323
- Joined: Fri Jun 29, 2007 10:25 pm
- Location: Earth, Milkyway Galaxy, The Universe, M-Theory
- Contact:
I'm curious, why would you want to emulate the image when almost all emulators accept the GG codes themselves?
Code: Select all
*=$0000
loop JMP loop
.eof
For 8-letter codes, the compare value is tested every time the CPU reads from the address. It doesn't matter the reason the CPU is reading from there - only that the read happens. It can be part of an opcode (an "infinite lives" code typically works by changing a DEC instruction into a BIT or LDA), or it can be part of normal data (number of starting lives, etc.). Every time the CPU reads from an address, the GG performs the read as normal, but if the value from the ROM matches the compare value, the read is thrown out and the replacement value in the code is used. For six-letter codes, there is no compare - all reads from that ROM address are replaced.
As for the GG mapper:
At startup, the GG writes to $FFF0 and $FFF1. No idea what these writes do, so don't ask. When the player finishes inserting codes, they are written to $8001-800C, starting at $800C and going down to $8001:
$8001 = high byte of code #1's address (range $00-7F)
$8002 = low byte of code #1's address (range $00-FF)
$8003 = compare value for code #1
$8004 = replacement value for code #1
$8005-8008 = data for code #2 (same format as above)
$8009-800C = data for code #3 (same format as above)
Next, two values are written to $8000. The first takes the following format:
Bit 0 = always set to 1
Bit 1 = set if code #1 is an 8-letter code
Bit 2 = set if code #2 is an 8-letter code
Bit 3 = set if code #3 is an 8-letter code
Bit 4 = set if code #1 is invalid (either no code inserted or bad length)
Bit 5 = set if code #2 is invalid
Bit 6 = set if code #3 is invalid
bit 7 = always set to 0
The second write to $8000 is always zero (all 8 bits). This probably disables the boot ROM (the code is executing from RAM at this point). Once done, the code jumps to ($FFFC) to begin the game.
All 12 bytes from $8001-800C are written regardless of how many codes are inserted. The value written to $8000 is the only clue as to what codes are actually valid and which ones have compare values.
NOTE: This data may not be fully accurate. Obtained by looking at the GG ROM. I have not done any tests to verify any of this.
As for the GG mapper:
At startup, the GG writes to $FFF0 and $FFF1. No idea what these writes do, so don't ask. When the player finishes inserting codes, they are written to $8001-800C, starting at $800C and going down to $8001:
$8001 = high byte of code #1's address (range $00-7F)
$8002 = low byte of code #1's address (range $00-FF)
$8003 = compare value for code #1
$8004 = replacement value for code #1
$8005-8008 = data for code #2 (same format as above)
$8009-800C = data for code #3 (same format as above)
Next, two values are written to $8000. The first takes the following format:
Bit 0 = always set to 1
Bit 1 = set if code #1 is an 8-letter code
Bit 2 = set if code #2 is an 8-letter code
Bit 3 = set if code #3 is an 8-letter code
Bit 4 = set if code #1 is invalid (either no code inserted or bad length)
Bit 5 = set if code #2 is invalid
Bit 6 = set if code #3 is invalid
bit 7 = always set to 0
The second write to $8000 is always zero (all 8 bits). This probably disables the boot ROM (the code is executing from RAM at this point). Once done, the code jumps to ($FFFC) to begin the game.
All 12 bytes from $8001-800C are written regardless of how many codes are inserted. The value written to $8000 is the only clue as to what codes are actually valid and which ones have compare values.
NOTE: This data may not be fully accurate. Obtained by looking at the GG ROM. I have not done any tests to verify any of this.
- jargon
- B&: This is not your blog
- Posts: 208
- Joined: Fri Dec 07, 2007 11:40 pm
- Location: 480/85260
- Contact:
Game Genie is not compatible with TetrisDX, btw. (At-least not the DMG/SGB version.)Fx3 wrote:Awesome.
Well, I suppose the GG ROM is loaded, generates data loaded somewhere (much like trainer data) and the game ROM is loaded. A goal about emulating the GG ROM is to avoid intense CPU read checks for patching.
The Game Genie hardware does those CPU read checks for every CPU cycle.Fx3 wrote:A goal about emulating the GG ROM is to avoid intense CPU read checks for patching.
You bring up an interesting point. I wonder why more games near the end of the NES era didn't have anti-Game Genie routines. It might look like this, running gradually as the game runs:jargon wrote:Game Genie is not compatible with TetrisDX, btw. (At-least not the DMG/SGB version.)
- Set MMC3 to fix $8000 and $E000
- Switch each bank into $A000 and $C000, and compare them
- Set MMC3 to fix $C000 and $E000
- Switch each bank into $8000 and $A000, and compare them
- Switch second to last bank into $8000, and compare it to $C000
- Switch last bank into $8000, and compare it to $E000
- If any comparison fails, wait three minutes and change the player's name to "Cheat" (obviously, this wouldn't work on a H*R game)
- jargon
- B&: This is not your blog
- Posts: 208
- Joined: Fri Dec 07, 2007 11:40 pm
- Location: 480/85260
- Contact:
All TetrisDX does is instantaneously stir-fry your battery backup into scrambled data.tepples wrote:The Game Genie hardware does those CPU read checks for every CPU cycle.Fx3 wrote:A goal about emulating the GG ROM is to avoid intense CPU read checks for patching.You bring up an interesting point. I wonder why more games near the end of the NES era didn't have anti-Game Genie routines.jargon wrote:Game Genie is not compatible with TetrisDX, btw. (At-least not the DMG/SGB version.)
If any comparison fails, wait three minutes and change the player's name to "Cheat" (obviously, this wouldn't work on a H*R game)
The checks could be arranged in ROM so that no three patches could take out all the checks and provide useful cheats.
I could understand Nintendo does something like that in their games, but not anyone else. I don't think they really cared if you used GG to cheat. Though I suppose if you used GG codes in certain japan-only Konami games you might trip their copy protection. That would be amusing, attempting to cheat with GG and the game detects this and instead makes the game even more brutal.tepples wrote: You bring up an interesting point. I wonder why more games near the end of the NES era didn't have anti-Game Genie routines.
So emulating GG to avoid having to decode the codes or make an interface for it is your angle?