search

tpunix / SAROO

SAROO is a SEGA Saturn HDloader
291 stars 37 forks source link

Cheats #122

Open czapa86 opened 1 month ago

czapa86 commented 1 month ago

Hello, is there any chance for adding cheats (action replay) to saroo in future update ?

williamdsw commented 1 month ago

For Pseudo Saturn Kai you would have to ask the developer to add SAROO compatibility as already had for Satiator.

ragingchaos commented 1 month ago

What is the purpose of the "M_xxxxxxxx= " function that's in the Saroo config file?

williamdsw commented 3 weeks ago

What is the purpose of the "M_xxxxxxxx= " function that's in the Saroo config file?

It does overrides memory values, which can be use to cheating. But to discover those memory values you will need a disassemble emulator code.

ragingchaos commented 3 weeks ago

Easily done. I guess people have to create cheats that modify the game's assembly code instead of constantly overwriting values in RAM as AR codes do. Unfortunately, these types of codes are limited because they can be overwritten if the game dynamically loads new values during gameplay like in Panzer Dragoon Saga.

# Legend of Oasis, The (USA)
[MK-81302  V1.002]
#  Debug Mode On
M_06009878=21D0
#  Infinite HP
M_0600F340=0009
#  Infinite MP
M_06018718=0009
williamdsw commented 3 weeks ago

Interesting. Do you have any practical tutorial?

ragingchaos commented 3 weeks ago

Knowing how NES Game Genie cheats are created and limited to only modifying ROM code helps greatly.

I recommend watching this to understand ROM vs RAM codes for the NES and how they are found. https://www.youtube.com/watch?v=_SYalZZ32qM&t=112s

Then I recommend reading this article (there's a typo that says "change the instruction at 0604dee to e401" he meant 0600d4ee). It's what I used to figure out a lot of this. https://32bits.substack.com/p/cracking-the-clockwork-code

You can use Yabause's 'Debug > Master SH2' menu to create the read or write breakpoints.

For the cheats I created, the values '21' means '@ R1', 'D0' means R13, 'E0' means 'R14', and '0009' means no-operation ('noop'). I changed 21E0 to 21D0 so the value that's written to R1 gets loaded from R13 (00000001) instead of R14 (00000000). This results in the debug flag getting set to 1 instead of 0. The 0009 value exits out of the HP and MP routine.

williamdsw commented 3 weeks ago

Thanks a lot