Sunday, October 14, 2012

Moving to cartridge modding

As I can see no other option at the moment to adapt games to SF3-2I cartridge than analysing the code in SH2 Assembler line by line, I decided to take a mind break and retake the cartridge conversion idea.

I had the idea that the last 256 bytes of the BIOS were somehow including the keys to make it work, but apparently that wasn't the case. I filled up the BIOS from 20000 to 7ffff on the battery free cartridge and still works, so I'm inclined to believe (and that's bad news) that in order to reprogram a cartridge with other keys, we need to connect the cartridge to the special device that communicates with the SH2 in a way that we don't know.

This also implies that even if we know how to reprogramm the cartridges, they would still need a battery, as the keys are not stored in the BIOS.

Luckily we know that all cartridges when having the battery removed, work as a SF3-2I with battery. That means that anyone, with a dead cartridge could just remove the battery, use the new version of the tool and play all 6 games.

I'll keep on thinking how to obtain 99% accurate tables. The only option I see at the moment is using some kind of bot that runs through the code, following some rules and determining what's code and what not.

That's not an easy task in the SH2 as you have many weird PC based JUMPs like

MOV.L @($20,PC),R14

which can be somehow controlled.

However things like
MOV.L @(R0,SP),R14

is a different story.

Any ideas are welcome. Just post them down here.

1 comment:

  1. I don't know anything about hardware-oriented software development, but as a webdeveloper I know php and serverside languages.
    If the solution can be achieved by analysing the code and use things like regular expressions, macros etc, I'm in!