MMC1 32k PRG mode

This is an archive of a topic from NESdev BBS, taken in mid-October 2019 before a server upgrade.
View original topic
MMC1 32k PRG mode
by on (#130458)
Hello,

This is my first time posting on here so not sure if I'm posting to the right place.

I have recently embarked on writing a NES emulator and have found the information on NesDev invaluable but I'm having a few problems emulating Zelda II: The Adventure of Link and I'd like to ask about one of those problems.

I get through the title screen and up to the point of registering a name and seeing it on the menu, however once I attempt to start the actual game my emulator crashes as it appears to be trying to execute an op code of $D2 (one of the KIL codes I believe). I have traced this through and it appears that it crashes right after the MMC1 mapper switches to 32K mode. I'm guessing that I have misunderstood the intended workings of 32k mode and as a result an incorrect byte from the PRGROM is being accessed. Could somebody please explain the details of 32k mode.

The way I have interpreted it is:

If the the PRGBANK register is set to 0 I would expect the 32K to be held like this:
$8000 - $BFFF to be held in PRGBANK[0] and
$C000 - $FFFF to be held in PRGBANK[1]

And if the the PRGBANK register is set to 5 I would expect the 32K to be held like this: (assuming the lowest bit is ignored, we need to drop it giving us a value of 2)
$8000 - $BFFF to be held in PRGBANK[2] and
$C000 - $FFFF to be held in PRGBANK[3]

Also to clarify I have loaded the PRG data from the INES rom file into the PRG banks sequentially (i.e. 16k at a time)

I hope this question makes sense.
Re: MMC1 32k PRG mode
by on (#130460)
Here's how MMC1's 32K mode works, assuming a "bank" is a 16K iNES bank:
  • If the value of the PRG bank register is 0 or 1, switch PRG ROM bank 0 into $8000-$BFFF and bank 1 into $C000-$FFFF.
  • If the value of the PRG bank register is 2 or 3, switch PRG ROM bank 2 into $8000-$BFFF and bank 3 into $C000-$FFFF.
  • If the value of the PRG bank register is 4 or 5, switch PRG ROM bank 4 into $8000-$BFFF and bank 5 into $C000-$FFFF.
  • ...
  • If the value of the PRG bank register is 14 or 15, switch PRG ROM bank 14 into $8000-$BFFF and bank 15 into $C000-$FFFF.
Re: MMC1 32k PRG mode
by on (#130462)
matthewtatum wrote:
And if the the PRGBANK register is set to 5 I would expect the 32K to be held like this: (assuming the lowest bit is ignored, we need to drop it giving us a value of 2)
$8000 - $BFFF to be held in PRGBANK[2] and
$C000 - $FFFF to be held in PRGBANK[3]


There's your problem - when you ignore the bottom bit (and divide the number by 2), you end up with a 32KB bank number, so if you're mapping 16KB banks, then you need to double it again afterwards (to get 4, then add one to get 5).
Re: MMC1 32k PRG mode
by on (#130474)
Thanks for your replies on this, I get the 32k thing now but after fixing my mapper I'm still getting the same problem. Guess there's something else wrong...
Re: MMC1 32k PRG mode
by on (#130481)
MMC1 can be confusing to deal with at first. You may need to recheck your work, or write a test ROM to be sure things are operating correctly. You also didn't mention, did you have a trace log of what happens leading up to the crash? Only knowing the last opcode and address attempted to be executed can make it hard to identify where things crashed.

If you have an execution log that will help, or even if you maintained a moving log of the last 50 instructions executed and the addresses of those instructions could be helpful in figuring out where things went wrong.

You may still be mapping memory wrong when it comes to the 32KB mode, or maybe it's a problem when things switch between 16KB and 32KB modes.

If you update PRG pointers on MMC1 writes, you may have forgotten to update those pointers when the mode changes or when the MMC1 gets reset. If the mode changes you need to take the value that was last written to the PRG register and figure out what banks need to be mapped.
Re: MMC1 32k PRG mode
by on (#130483)
Here is a trace of what is going on just before the crash:

CEAB A5 LDA A:6E X:00 Y:00 P:24 SP:F9 CYC:0 SL:127
CEAD 69 ADC A:A7 X:00 Y:00 P:A4 SP:F9 CYC:9 SL:128
CEAF 85 STA A:A7 X:00 Y:00 P:A4 SP:F9 CYC:15 SL:128
CEB1 A5 LDA A:A7 X:00 Y:00 P:A4 SP:F9 CYC:24 SL:128
CEB3 18 CLC A:6D X:00 Y:00 P:24 SP:F9 CYC:33 SL:128
CEB4 69 ADC A:6D X:00 Y:00 P:24 SP:F9 CYC:39 SL:128
CEB6 85 STA A:6E X:00 Y:00 P:24 SP:F9 CYC:45 SL:128
CEB8 A5 LDA A:6E X:00 Y:00 P:24 SP:F9 CYC:54 SL:128
CEBA 69 ADC A:80 X:00 Y:00 P:A4 SP:F9 CYC:63 SL:128
CEBC 85 STA A:80 X:00 Y:00 P:A4 SP:F9 CYC:69 SL:128
CEBE A5 LDA A:80 X:00 Y:00 P:A4 SP:F9 CYC:78 SL:128
CEC0 38 SEC A:34 X:00 Y:00 P:24 SP:F9 CYC:87 SL:128
CEC1 E9 SBC A:34 X:00 Y:00 P:25 SP:F9 CYC:93 SL:128
CEC3 85 STA A:33 X:00 Y:00 P:25 SP:F9 CYC:99 SL:128
CEC5 A5 LDA A:33 X:00 Y:00 P:25 SP:F9 CYC:108 SL:128
CEC7 E9 SBC A:61 X:00 Y:00 P:25 SP:F9 CYC:117 SL:128
CEC9 85 STA A:61 X:00 Y:00 P:25 SP:F9 CYC:123 SL:128
CECB 05 ORA A:61 X:00 Y:00 P:25 SP:F9 CYC:132 SL:128
CECD D0 BNE A:73 X:00 Y:00 P:25 SP:F9 CYC:141 SL:128
CEA0 B1 LDA A:73 X:00 Y:00 P:25 SP:F9 CYC:150 SL:128
CEA2 91 STA A:19 X:00 Y:00 P:25 SP:F9 CYC:168 SL:128
CEA4 A5 LDA A:19 X:00 Y:00 P:25 SP:F9 CYC:186 SL:128
CEA6 18 CLC A:6E X:00 Y:00 P:25 SP:F9 CYC:195 SL:128
CEA7 69 ADC A:6E X:00 Y:00 P:24 SP:F9 CYC:201 SL:128
CEA9 85 STA A:6F X:00 Y:00 P:24 SP:F9 CYC:207 SL:128
CEAB A5 LDA A:6F X:00 Y:00 P:24 SP:F9 CYC:216 SL:128
CEAD 69 ADC A:A7 X:00 Y:00 P:A4 SP:F9 CYC:225 SL:128
CEAF 85 STA A:A7 X:00 Y:00 P:A4 SP:F9 CYC:231 SL:128
CEB1 A5 LDA A:A7 X:00 Y:00 P:A4 SP:F9 CYC:240 SL:128
CEB3 18 CLC A:6E X:00 Y:00 P:24 SP:F9 CYC:249 SL:128
CEB4 69 ADC A:6E X:00 Y:00 P:24 SP:F9 CYC:255 SL:128
CEB6 85 STA A:6F X:00 Y:00 P:24 SP:F9 CYC:261 SL:128
CEB8 A5 LDA A:6F X:00 Y:00 P:24 SP:F9 CYC:270 SL:128
CEBA 69 ADC A:80 X:00 Y:00 P:A4 SP:F9 CYC:279 SL:128
CEBC 85 STA A:80 X:00 Y:00 P:A4 SP:F9 CYC:285 SL:128
CEBE A5 LDA A:80 X:00 Y:00 P:A4 SP:F9 CYC:294 SL:128
CEC0 38 SEC A:33 X:00 Y:00 P:24 SP:F9 CYC:303 SL:128
CEC1 E9 SBC A:33 X:00 Y:00 P:25 SP:F9 CYC:309 SL:128
CEC3 85 STA A:32 X:00 Y:00 P:25 SP:F9 CYC:315 SL:128
CEC5 A5 LDA A:32 X:00 Y:00 P:25 SP:F9 CYC:324 SL:128
CEC7 E9 SBC A:61 X:00 Y:00 P:25 SP:F9 CYC:333 SL:128
CEC9 85 STA A:61 X:00 Y:00 P:25 SP:F9 CYC:339 SL:128
CECB 05 ORA A:61 X:00 Y:00 P:25 SP:F9 CYC:7 SL:129
CECD D0 BNE A:73 X:00 Y:00 P:25 SP:F9 CYC:16 SL:129
CEA0 B1 LDA A:73 X:00 Y:00 P:25 SP:F9 CYC:25 SL:129
CEA2 91 STA A:AC X:00 Y:00 P:A5 SP:F9 CYC:43 SL:129
CEA4 D2 Unknown A:AC X:00 Y:00 P:A5 SP:F9 CYC:61 SL:129

The STA at CEA2 is the last of 5 writes to memory that causes $10 to be loaded into the control register. Through some debugging I can see that at that point the PRG Bank register has a value of 1 (00001).

Based on what I know about MMC1 and the help given to me about 32K mode I believe this address should therefore map to the second 16k bank in the mapper (values 0 or 1 = banks 0 and 1 and this address is > $BFFF so bank 1 is selected)

Looking at the zelda 2 rom through a hex editor it would appear that the value at the address in question is indeed $D2 so I'm guessing that something has gone wrong before this point.
Re: MMC1 32k PRG mode
by on (#130485)
In my emulator at this point, bank 0 is pointing to 0x4000 and bank 1 is pointing to 0x1C000 and the read return 0xA5
Re: MMC1 32k PRG mode
by on (#130497)
If possible you should add to your log the full opcode. It would make debugging much easier since you wouldn't need the ROM and a different debugger to see what is really going on.

At the point your emulator crashes, it suggests you are bankswitching when you shouldn't be. There is no bankswitch that should occur at that time. The game is writing the PRG-RAM at that time. Check your MMC1 register writing code.

Anytime $8000-$FFFF is written it affects the LOAD register. Once the load register is full with 5 bits written to it, then you check where the last write occurred ($8000-$9FFF,$A000-$BFFF,$C000-$DFFF,$E000-$FFFF) to see which register gets updated. Be sure that if at any time the LOAD register has the reset bit set that you reset the LOAD Counter and it should also return to 16K/16K mode.

You could always post your MMC1 code to see if anyone can spot anything that might be wrong.
Re: MMC1 32k PRG mode
by on (#130501)
I've enhanced the logging slightly to include a bit more info and then I've filtered the results to include only the STA operations that are for $8000 and above.

There seems to be some kind of loop in the program that starts from address $6D00 and continues like this:

CEA2 91 STA $6d00 A:39 X:00 Y:00 P:24 SP:F9 CYC:0 SL:177 Control:01111 Prg:00001 Chr0:00000 Chr1:00000 Shift:10000
CEA2 91 STA $6d01 A:96 X:00 Y:00 P:A5 SP:F9 CYC:0 SL:177 Control:01111 Prg:00001 Chr0:00000 Chr1:00000 Shift:10000
CEA2 91 STA $6d02 A:47 X:00 Y:00 P:25 SP:F9 CYC:0 SL:178 Control:01111 Prg:00001 Chr0:00000 Chr1:00000 Shift:10000
.
.
.
.
.
.
CEA2 91 STA $7fff A:09 X:00 Y:00 P:24 SP:F9 CYC:0 SL:65 Control:01111 Prg:00001 Chr0:00000 Chr1:00000 Shift:10000
CEA2 91 STA $8000 A:5B X:00 Y:00 P:24 SP:F9 CYC:0 SL:65 Control:01111 Prg:00001 Chr0:00000 Chr1:00000 Shift:11000
CEA2 91 STA $8001 A:3C X:00 Y:00 P:24 SP:F9 CYC:0 SL:66 Control:01111 Prg:00001 Chr0:00000 Chr1:00000 Shift:01100
CEA2 91 STA $8002 A:4B X:00 Y:00 P:24 SP:F9 CYC:0 SL:66 Control:01111 Prg:00001 Chr0:00000 Chr1:00000 Shift:10110
CEA2 91 STA $8003 A:01 X:00 Y:00 P:65 SP:F9 CYC:0 SL:67 Control:01111 Prg:00001 Chr0:00000 Chr1:00000 Shift:11011
CEA2 91 STA $8004 A:29 X:00 Y:00 P:25 SP:F9 CYC:0 SL:68 Control:11101 Prg:00001 Chr0:00000 Chr1:00000 Shift:10000
CEA2 91 STA $8005 A:01 X:00 Y:00 P:25 SP:F9 CYC:0 SL:69 Control:11101 Prg:00001 Chr0:00000 Chr1:00000 Shift:11000
CEA2 91 STA $8006 A:3B X:00 Y:00 P:25 SP:F9 CYC:0 SL:69 Control:11101 Prg:00001 Chr0:00000 Chr1:00000 Shift:11100
CEA2 91 STA $8007 A:01 X:00 Y:00 P:25 SP:F9 CYC:0 SL:70 Control:11101 Prg:00001 Chr0:00000 Chr1:00000 Shift:11110
CEA2 91 STA $8008 A:1B X:00 Y:00 P:25 SP:F9 CYC:0 SL:71 Control:11101 Prg:00001 Chr0:00000 Chr1:00000 Shift:11111
CEA2 91 STA $8009 A:29 X:00 Y:00 P:25 SP:F9 CYC:0 SL:71 Control:11111 Prg:00001 Chr0:00000 Chr1:00000 Shift:10000
CEA2 91 STA $800a A:1B X:00 Y:00 P:25 SP:F9 CYC:0 SL:72 Control:11111 Prg:00001 Chr0:00000 Chr1:00000 Shift:11000
CEA2 91 STA $800b A:09 X:00 Y:00 P:25 SP:F9 CYC:0 SL:73 Control:11111 Prg:00001 Chr0:00000 Chr1:00000 Shift:11100
CEA2 91 STA $800c A:EC X:00 Y:00 P:A5 SP:F9 CYC:0 SL:73 Control:11111 Prg:00001 Chr0:00000 Chr1:00000 Shift:10000
CEA2 91 STA $800d A:2B X:00 Y:00 P:25 SP:F9 CYC:0 SL:74 Control:11111 Prg:00001 Chr0:00000 Chr1:00000 Shift:11000
CEA2 91 STA $800e A:09 X:00 Y:00 P:25 SP:F9 CYC:0 SL:75 Control:11111 Prg:00001 Chr0:00000 Chr1:00000 Shift:11100
CEA2 91 STA $800f A:2B X:00 Y:00 P:25 SP:F9 CYC:0 SL:75 Control:11111 Prg:00001 Chr0:00000 Chr1:00000 Shift:11110
CEA2 91 STA $8010 A:09 X:00 Y:00 P:25 SP:F9 CYC:0 SL:76 Control:11111 Prg:00001 Chr0:00000 Chr1:00000 Shift:11111
CEA2 91 STA $8011 A:0B X:00 Y:00 P:25 SP:F9 CYC:0 SL:77 Control:11111 Prg:00001 Chr0:00000 Chr1:00000 Shift:10000
CEA2 91 STA $8012 A:09 X:00 Y:00 P:25 SP:F9 CYC:0 SL:78 Control:11111 Prg:00001 Chr0:00000 Chr1:00000 Shift:11000
CEA2 91 STA $8013 A:2B X:00 Y:00 P:25 SP:F9 CYC:0 SL:78 Control:11111 Prg:00001 Chr0:00000 Chr1:00000 Shift:11100
CEA2 91 STA $8014 A:09 X:00 Y:00 P:25 SP:F9 CYC:0 SL:79 Control:11111 Prg:00001 Chr0:00000 Chr1:00000 Shift:11110
CEA2 91 STA $8015 A:0B X:00 Y:00 P:25 SP:F9 CYC:0 SL:80 Control:11111 Prg:00001 Chr0:00000 Chr1:00000 Shift:11111
CEA2 91 STA $8016 A:09 X:00 Y:00 P:25 SP:F9 CYC:0 SL:80 Control:11111 Prg:00001 Chr0:00000 Chr1:00000 Shift:10000
CEA2 91 STA $8017 A:5B X:00 Y:00 P:25 SP:F9 CYC:0 SL:81 Control:11111 Prg:00001 Chr0:00000 Chr1:00000 Shift:11000
CEA2 91 STA $8018 A:3C X:00 Y:00 P:25 SP:F9 CYC:0 SL:82 Control:11111 Prg:00001 Chr0:00000 Chr1:00000 Shift:01100
CEA2 91 STA $8019 A:2B X:00 Y:00 P:25 SP:F9 CYC:0 SL:82 Control:11111 Prg:00001 Chr0:00000 Chr1:00000 Shift:10110
CEA2 91 STA $801a A:01 X:00 Y:00 P:25 SP:F9 CYC:0 SL:83 Control:11111 Prg:00001 Chr0:00000 Chr1:00000 Shift:11011
CEA2 91 STA $801b A:1B X:00 Y:00 P:25 SP:F9 CYC:0 SL:84 Control:11101 Prg:00001 Chr0:00000 Chr1:00000 Shift:10000
CEA2 91 STA $801c A:29 X:00 Y:00 P:25 SP:F9 CYC:0 SL:84 Control:11101 Prg:00001 Chr0:00000 Chr1:00000 Shift:11000
CEA2 91 STA $801d A:1B X:00 Y:00 P:25 SP:F9 CYC:0 SL:85 Control:11101 Prg:00001 Chr0:00000 Chr1:00000 Shift:11100
CEA2 91 STA $801e A:01 X:00 Y:00 P:25 SP:F9 CYC:0 SL:86 Control:11101 Prg:00001 Chr0:00000 Chr1:00000 Shift:11110
CEA2 91 STA $801f A:29 X:00 Y:00 P:25 SP:F9 CYC:0 SL:86 Control:11101 Prg:00001 Chr0:00000 Chr1:00000 Shift:11111
CEA2 91 STA $8020 A:0B X:00 Y:00 P:25 SP:F9 CYC:0 SL:87 Control:11111 Prg:00001 Chr0:00000 Chr1:00000 Shift:10000
CEA2 91 STA $8021 A:01 X:00 Y:00 P:25 SP:F9 CYC:0 SL:88 Control:11111 Prg:00001 Chr0:00000 Chr1:00000 Shift:11000
CEA2 91 STA $8022 A:29 X:00 Y:00 P:25 SP:F9 CYC:0 SL:88 Control:11111 Prg:00001 Chr0:00000 Chr1:00000 Shift:11100
CEA2 91 STA $8023 A:01 X:00 Y:00 P:25 SP:F9 CYC:0 SL:89 Control:11111 Prg:00001 Chr0:00000 Chr1:00000 Shift:11110
CEA2 91 STA $8024 A:0B X:00 Y:00 P:25 SP:F9 CYC:0 SL:90 Control:11111 Prg:00001 Chr0:00000 Chr1:00000 Shift:11111
CEA2 91 STA $8025 A:19 X:00 Y:00 P:25 SP:F9 CYC:0 SL:90 Control:11111 Prg:00001 Chr0:00000 Chr1:00000 Shift:10000
CEA2 91 STA $8026 A:DC X:00 Y:00 P:A5 SP:F9 CYC:0 SL:91 Control:11111 Prg:00001 Chr0:00000 Chr1:00000 Shift:10000
CEA2 91 STA $8027 A:2B X:00 Y:00 P:25 SP:F9 CYC:0 SL:92 Control:11111 Prg:00001 Chr0:00000 Chr1:00000 Shift:11000
CEA2 91 STA $8028 A:49 X:00 Y:00 P:25 SP:F9 CYC:0 SL:93 Control:11111 Prg:00001 Chr0:00000 Chr1:00000 Shift:11100
CEA2 91 STA $8029 A:0B X:00 Y:00 P:25 SP:F9 CYC:0 SL:93 Control:11111 Prg:00001 Chr0:00000 Chr1:00000 Shift:11110
CEA2 91 STA $802a A:29 X:00 Y:00 P:25 SP:F9 CYC:0 SL:94 Control:11111 Prg:00001 Chr0:00000 Chr1:00000 Shift:11111
CEA2 91 STA $802b A:0B X:00 Y:00 P:25 SP:F9 CYC:0 SL:95 Control:11111 Prg:00001 Chr0:00000 Chr1:00000 Shift:10000
CEA2 91 STA $802c A:09 X:00 Y:00 P:25 SP:F9 CYC:0 SL:95 Control:11111 Prg:00001 Chr0:00000 Chr1:00000 Shift:11000
CEA2 91 STA $802d A:0B X:00 Y:00 P:25 SP:F9 CYC:0 SL:96 Control:11111 Prg:00001 Chr0:00000 Chr1:00000 Shift:11100
CEA2 91 STA $802e A:09 X:00 Y:00 P:25 SP:F9 CYC:0 SL:97 Control:11111 Prg:00001 Chr0:00000 Chr1:00000 Shift:11110
CEA2 91 STA $802f A:6B X:00 Y:00 P:25 SP:F9 CYC:0 SL:97 Control:11111 Prg:00001 Chr0:00000 Chr1:00000 Shift:11111
CEA2 91 STA $8030 A:2C X:00 Y:00 P:25 SP:F9 CYC:0 SL:98 Control:01111 Prg:00001 Chr0:00000 Chr1:00000 Shift:10000
CEA2 91 STA $8031 A:1B X:00 Y:00 P:25 SP:F9 CYC:0 SL:99 Control:01111 Prg:00001 Chr0:00000 Chr1:00000 Shift:11000
CEA2 91 STA $8032 A:19 X:00 Y:00 P:25 SP:F9 CYC:0 SL:99 Control:01111 Prg:00001 Chr0:00000 Chr1:00000 Shift:11100
CEA2 91 STA $8033 A:7B X:00 Y:00 P:25 SP:F9 CYC:0 SL:100 Control:01111 Prg:00001 Chr0:00000 Chr1:00000 Shift:11110
CEA2 91 STA $8034 A:29 X:00 Y:00 P:25 SP:F9 CYC:0 SL:101 Control:01111 Prg:00001 Chr0:00000 Chr1:00000 Shift:11111
CEA2 91 STA $8035 A:1B X:00 Y:00 P:25 SP:F9 CYC:0 SL:102 Control:11111 Prg:00001 Chr0:00000 Chr1:00000 Shift:10000
CEA2 91 STA $8036 A:19 X:00 Y:00 P:25 SP:F9 CYC:0 SL:102 Control:11111 Prg:00001 Chr0:00000 Chr1:00000 Shift:11000
CEA2 91 STA $8037 A:3B X:00 Y:00 P:25 SP:F9 CYC:0 SL:103 Control:11111 Prg:00001 Chr0:00000 Chr1:00000 Shift:11100
CEA2 91 STA $8038 A:19 X:00 Y:00 P:25 SP:F9 CYC:0 SL:103 Control:11111 Prg:00001 Chr0:00000 Chr1:00000 Shift:11110
CEA2 91 STA $8039 A:CC X:00 Y:00 P:A5 SP:F9 CYC:0 SL:104 Control:11111 Prg:00001 Chr0:00000 Chr1:00000 Shift:10000
CEA2 91 STA $803a A:AB X:00 Y:00 P:A5 SP:F9 CYC:0 SL:105 Control:11111 Prg:00001 Chr0:00000 Chr1:00000 Shift:10000
CEA2 91 STA $803b A:09 X:00 Y:00 P:25 SP:F9 CYC:0 SL:105 Control:11111 Prg:00001 Chr0:00000 Chr1:00000 Shift:11000
CEA2 91 STA $803c A:0B X:00 Y:00 P:25 SP:F9 CYC:0 SL:106 Control:11111 Prg:00001 Chr0:00000 Chr1:00000 Shift:11100
CEA2 91 STA $803d A:09 X:00 Y:00 P:25 SP:F9 CYC:0 SL:107 Control:11111 Prg:00001 Chr0:00000 Chr1:00000 Shift:11110
CEA2 91 STA $803e A:0B X:00 Y:00 P:25 SP:F9 CYC:0 SL:108 Control:11111 Prg:00001 Chr0:00000 Chr1:00000 Shift:11111
CEA2 91 STA $803f A:09 X:00 Y:00 P:25 SP:F9 CYC:0 SL:108 Control:11111 Prg:00001 Chr0:00000 Chr1:00000 Shift:10000
CEA2 91 STA $8040 A:7B X:00 Y:00 P:25 SP:F9 CYC:0 SL:109 Control:11111 Prg:00001 Chr0:00000 Chr1:00000 Shift:11000
CEA2 91 STA $8041 A:1C X:00 Y:00 P:25 SP:F9 CYC:0 SL:110 Control:11111 Prg:00001 Chr0:00000 Chr1:00000 Shift:01100
CEA2 91 STA $8042 A:0B X:00 Y:00 P:25 SP:F9 CYC:0 SL:110 Control:11111 Prg:00001 Chr0:00000 Chr1:00000 Shift:10110
CEA2 91 STA $8043 A:29 X:00 Y:00 P:25 SP:F9 CYC:0 SL:111 Control:11111 Prg:00001 Chr0:00000 Chr1:00000 Shift:11011
CEA2 91 STA $8044 A:6B X:00 Y:00 P:25 SP:F9 CYC:0 SL:112 Control:11101 Prg:00001 Chr0:00000 Chr1:00000 Shift:10000
CEA2 91 STA $8045 A:29 X:00 Y:00 P:25 SP:F9 CYC:0 SL:112 Control:11101 Prg:00001 Chr0:00000 Chr1:00000 Shift:11000
CEA2 91 STA $8046 A:5B X:00 Y:00 P:25 SP:F9 CYC:0 SL:113 Control:11101 Prg:00001 Chr0:00000 Chr1:00000 Shift:11100
CEA2 91 STA $8047 A:01 X:00 Y:00 P:25 SP:F9 CYC:0 SL:114 Control:11101 Prg:00001 Chr0:00000 Chr1:00000 Shift:11110
CEA2 91 STA $8048 A:2B X:00 Y:00 P:25 SP:F9 CYC:0 SL:114 Control:11101 Prg:00001 Chr0:00000 Chr1:00000 Shift:11111
CEA2 91 STA $8049 A:19 X:00 Y:00 P:25 SP:F9 CYC:0 SL:115 Control:11111 Prg:00001 Chr0:00000 Chr1:00000 Shift:10000
CEA2 91 STA $804a A:BC X:00 Y:00 P:A5 SP:F9 CYC:0 SL:116 Control:11111 Prg:00001 Chr0:00000 Chr1:00000 Shift:10000
CEA2 91 STA $804b A:2B X:00 Y:00 P:25 SP:F9 CYC:0 SL:116 Control:11111 Prg:00001 Chr0:00000 Chr1:00000 Shift:11000
CEA2 91 STA $804c A:89 X:00 Y:00 P:A5 SP:F9 CYC:0 SL:117 Control:11111 Prg:00001 Chr0:00000 Chr1:00000 Shift:10000
CEA2 91 STA $804d A:0B X:00 Y:00 P:25 SP:F9 CYC:0 SL:118 Control:11111 Prg:00001 Chr0:00000 Chr1:00000 Shift:11000
CEA2 91 STA $804e A:09 X:00 Y:00 P:25 SP:F9 CYC:0 SL:118 Control:11111 Prg:00001 Chr0:00000 Chr1:00000 Shift:11100
CEA2 91 STA $804f A:0B X:00 Y:00 P:25 SP:F9 CYC:0 SL:119 Control:11111 Prg:00001 Chr0:00000 Chr1:00000 Shift:11110
CEA2 91 STA $8050 A:09 X:00 Y:00 P:25 SP:F9 CYC:0 SL:120 Control:11111 Prg:00001 Chr0:00000 Chr1:00000 Shift:11111
CEA2 91 STA $8051 A:7B X:00 Y:00 P:25 SP:F9 CYC:0 SL:120 Control:11111 Prg:00001 Chr0:00000 Chr1:00000 Shift:10000
CEA2 91 STA $8052 A:1C X:00 Y:00 P:25 SP:F9 CYC:0 SL:121 Control:11111 Prg:00001 Chr0:00000 Chr1:00000 Shift:01000
CEA2 91 STA $8053 A:39 X:00 Y:00 P:25 SP:F9 CYC:0 SL:122 Control:11111 Prg:00001 Chr0:00000 Chr1:00000 Shift:10100
CEA2 91 STA $8054 A:01 X:00 Y:00 P:25 SP:F9 CYC:0 SL:122 Control:11111 Prg:00001 Chr0:00000 Chr1:00000 Shift:11010
CEA2 91 STA $8055 A:4B X:00 Y:00 P:25 SP:F9 CYC:0 SL:123 Control:11111 Prg:00001 Chr0:00000 Chr1:00000 Shift:11101
CEA2 91 STA $8056 A:01 X:00 Y:00 P:25 SP:F9 CYC:0 SL:124 Control:11110 Prg:00001 Chr0:00000 Chr1:00000 Shift:10000
CEA2 91 STA $8057 A:29 X:00 Y:00 P:25 SP:F9 CYC:0 SL:125 Control:11110 Prg:00001 Chr0:00000 Chr1:00000 Shift:11000
CEA2 91 STA $8058 A:5B X:00 Y:00 P:25 SP:F9 CYC:0 SL:125 Control:11110 Prg:00001 Chr0:00000 Chr1:00000 Shift:11100
CEA2 91 STA $8059 A:19 X:00 Y:00 P:25 SP:F9 CYC:0 SL:126 Control:11110 Prg:00001 Chr0:00000 Chr1:00000 Shift:11110
CEA2 91 STA $805a A:2B X:00 Y:00 P:25 SP:F9 CYC:0 SL:127 Control:11110 Prg:00001 Chr0:00000 Chr1:00000 Shift:11111
CEA2 91 STA $805b A:09 X:00 Y:00 P:25 SP:F9 CYC:0 SL:127 Control:11111 Prg:00001 Chr0:00000 Chr1:00000 Shift:10000
CEA2 91 STA $805c A:BC X:00 Y:00 P:A5 SP:F9 CYC:0 SL:128 Control:11111 Prg:00001 Chr0:00000 Chr1:00000 Shift:10000
CEA2 91 STA $805d A:2B X:00 Y:00 P:25 SP:F9 CYC:0 SL:129 Control:11111 Prg:00001 Chr0:00000 Chr1:00000 Shift:11000
CEA2 91 STA $805e A:09 X:00 Y:00 P:25 SP:F9 CYC:0 SL:129 Control:11111 Prg:00001 Chr0:00000 Chr1:00000 Shift:11100
CEA2 91 STA $805f A:6B X:00 Y:00 P:25 SP:F9 CYC:0 SL:130 Control:11111 Prg:00001 Chr0:00000 Chr1:00000 Shift:11110
CEA2 91 STA $8060 A:09 X:00 Y:00 P:25 SP:F9 CYC:0 SL:131 Control:11111 Prg:00001 Chr0:00000 Chr1:00000 Shift:11111
CEA2 91 STA $8061 A:0B X:00 Y:00 P:25 SP:F9 CYC:0 SL:132 Control:11111 Prg:00001 Chr0:00000 Chr1:00000 Shift:10000
CEA2 91 STA $8062 A:09 X:00 Y:00 P:25 SP:F9 CYC:0 SL:132 Control:11111 Prg:00001 Chr0:00000 Chr1:00000 Shift:11000
CEA2 91 STA $8063 A:0B X:00 Y:00 P:25 SP:F9 CYC:0 SL:133 Control:11111 Prg:00001 Chr0:00000 Chr1:00000 Shift:11100
CEA2 91 STA $8064 A:09 X:00 Y:00 P:25 SP:F9 CYC:0 SL:134 Control:11111 Prg:00001 Chr0:00000 Chr1:00000 Shift:11110
CEA2 91 STA $8065 A:7B X:00 Y:00 P:25 SP:F9 CYC:0 SL:134 Control:11111 Prg:00001 Chr0:00000 Chr1:00000 Shift:11111
CEA2 91 STA $8066 A:1C X:00 Y:00 P:25 SP:F9 CYC:0 SL:135 Control:01111 Prg:00001 Chr0:00000 Chr1:00000 Shift:10000
CEA2 91 STA $8067 A:29 X:00 Y:00 P:25 SP:F9 CYC:0 SL:136 Control:01111 Prg:00001 Chr0:00000 Chr1:00000 Shift:11000
CEA2 91 STA $8068 A:4B X:00 Y:00 P:25 SP:F9 CYC:0 SL:136 Control:01111 Prg:00001 Chr0:00000 Chr1:00000 Shift:11100
CEA2 91 STA $8069 A:01 X:00 Y:00 P:25 SP:F9 CYC:0 SL:137 Control:01111 Prg:00001 Chr0:00000 Chr1:00000 Shift:11110
CEA2 91 STA $806a A:AB X:00 Y:00 P:A5 SP:F9 CYC:0 SL:138 Control:01111 Prg:00001 Chr0:00000 Chr1:00000 Shift:10000
CEA2 91 STA $806b A:19 X:00 Y:00 P:25 SP:F9 CYC:0 SL:138 Control:01111 Prg:00001 Chr0:00000 Chr1:00000 Shift:11000
CEA2 91 STA $806c A:01 X:00 Y:00 P:25 SP:F9 CYC:0 SL:139 Control:01111 Prg:00001 Chr0:00000 Chr1:00000 Shift:11100
CEA2 91 STA $806d A:1B X:00 Y:00 P:25 SP:F9 CYC:0 SL:140 Control:01111 Prg:00001 Chr0:00000 Chr1:00000 Shift:11110
CEA2 91 STA $806e A:19 X:00 Y:00 P:25 SP:F9 CYC:0 SL:140 Control:01111 Prg:00001 Chr0:00000 Chr1:00000 Shift:11111
CEA2 91 STA $806f A:AC X:00 Y:00 P:A5 SP:F9 CYC:0 SL:141 Control:01111 Prg:00001 Chr0:00000 Chr1:00000 Shift:10000
CEA2 91 STA $8070 A:2B X:00 Y:00 P:25 SP:F9 CYC:0 SL:142 Control:01111 Prg:00001 Chr0:00000 Chr1:00000 Shift:11000
CEA2 91 STA $8071 A:69 X:00 Y:00 P:25 SP:F9 CYC:0 SL:142 Control:01111 Prg:00001 Chr0:00000 Chr1:00000 Shift:11100
CEA2 91 STA $8072 A:0B X:00 Y:00 P:25 SP:F9 CYC:0 SL:143 Control:01111 Prg:00001 Chr0:00000 Chr1:00000 Shift:11110
CEA2 91 STA $8073 A:09 X:00 Y:00 P:25 SP:F9 CYC:0 SL:144 Control:01111 Prg:00001 Chr0:00000 Chr1:00000 Shift:11111
CEA2 91 STA $8074 A:0B X:00 Y:00 P:25 SP:F9 CYC:0 SL:144 Control:11111 Prg:00001 Chr0:00000 Chr1:00000 Shift:10000
CEA2 91 STA $8075 A:69 X:00 Y:00 P:25 SP:F9 CYC:0 SL:145 Control:11111 Prg:00001 Chr0:00000 Chr1:00000 Shift:11000
CEA2 91 STA $8076 A:2B X:00 Y:00 P:25 SP:F9 CYC:0 SL:146 Control:11111 Prg:00001 Chr0:00000 Chr1:00000 Shift:11100
CEA2 91 STA $8077 A:2C X:00 Y:00 P:25 SP:F9 CYC:0 SL:146 Control:11111 Prg:00001 Chr0:00000 Chr1:00000 Shift:01110
CEA2 91 STA $8078 A:29 X:00 Y:00 P:25 SP:F9 CYC:0 SL:147 Control:11111 Prg:00001 Chr0:00000 Chr1:00000 Shift:10111
CEA2 91 STA $8079 A:2B X:00 Y:00 P:25 SP:F9 CYC:0 SL:148 Control:11011 Prg:00001 Chr0:00000 Chr1:00000 Shift:10000

Once the address gets above $8000 it starts having an effect on the control register and eventually things go wrong. I'm not sure whether this loop is the correct behaviour of the program or not.

I'm guessing this is supposed to be setting up some values in the $6000-$7FFF range (the battery backed section) - I would imagine that it's not supposed to "spill over" into the PRG Rom address space above $7FFF
Re: MMC1 32k PRG mode
by on (#130513)
I think what MottZilla was asking for was to report the actual instruction and addressing mode - that is, those particular instructions should look something more like "STA ($00),Y" (or, if you want to include all of the details of the addressing going on, "STA ($00),Y = 0700 @ 07F6 = 00").
Re: MMC1 32k PRG mode
by on (#130518)
You may have a CPU bug if the game is looping and writing into the $8000 and up area. It would not be unusual for a game to copy something into the $6000-$7FFF range. But it shouldn't be reaching the upper area as that will be writing the various mapper registers and eventually is probably what causes your crash. So maybe you need to examine your execution or test your CPU.

Quietust is correct about what I meant about CPU logging. You should be able to see your CPU log and see exactly what the CPU is doing. It helps anyone reading it figure out what is going on and perhaps what is going wrong.
Re: MMC1 32k PRG mode
by on (#130524)
OK thanks I will improve my execution logging as you suggest. My CPU passes all the nestest.nes tests, could anyone recommend a test rom that might show up the problem?
Re: MMC1 32k PRG mode
by on (#130526)
Here are the last few iterations of the loop before the crash with (what I hope is) the execution log info you asked for:
Code:
CEA0  B1 00        LDA ($00, X) = $A775 @ A775 = 69  A:6D X:00 Y:00 P:25 SP:F9 CYC:0 SL:141
CEA2  91 02        STA ($02, X) = $8075 @ 8075 = 0F  A:69 X:00 Y:00 P:25 SP:F9 CYC:0 SL:141
CEA4  A5 00        LDA $00                           A:69 X:00 Y:00 P:25 SP:F9 CYC:0 SL:141
CEA6  18           CLC                               A:75 X:00 Y:00 P:25 SP:F9 CYC:0 SL:141
CEA7  69 01        ADC #01                           A:75 X:00 Y:00 P:24 SP:F9 CYC:0 SL:141
CEA9  85 00        STA $00                           A:76 X:00 Y:00 P:24 SP:F9 CYC:0 SL:142
CEAB  A5 01        LDA $01                           A:76 X:00 Y:00 P:24 SP:F9 CYC:0 SL:142
CEAD  69 00        ADC #00                           A:A7 X:00 Y:00 P:A4 SP:F9 CYC:0 SL:142
CEAF  85 01        STA $01                           A:A7 X:00 Y:00 P:A4 SP:F9 CYC:0 SL:142
CEB1  A5 02        LDA $02                           A:A7 X:00 Y:00 P:A4 SP:F9 CYC:0 SL:142
CEB3  18           CLC                               A:75 X:00 Y:00 P:24 SP:F9 CYC:0 SL:142
CEB4  69 01        ADC #01                           A:75 X:00 Y:00 P:24 SP:F9 CYC:0 SL:142
CEB6  85 02        STA $02                           A:76 X:00 Y:00 P:24 SP:F9 CYC:0 SL:142
CEB8  A5 03        LDA $03                           A:76 X:00 Y:00 P:24 SP:F9 CYC:0 SL:142
CEBA  69 00        ADC #00                           A:80 X:00 Y:00 P:A4 SP:F9 CYC:0 SL:142
CEBC  85 03        STA $03                           A:80 X:00 Y:00 P:A4 SP:F9 CYC:0 SL:142
CEBE  A5 04        LDA $04                           A:80 X:00 Y:00 P:A4 SP:F9 CYC:0 SL:142
CEC0  38           SEC                               A:2C X:00 Y:00 P:24 SP:F9 CYC:0 SL:142
CEC1  E9 01        SBC #01                           A:2C X:00 Y:00 P:25 SP:F9 CYC:0 SL:142
CEC3  85 04        STA $04                           A:2B X:00 Y:00 P:25 SP:F9 CYC:0 SL:142
CEC5  A5 05        LDA $05                           A:2B X:00 Y:00 P:25 SP:F9 CYC:0 SL:142
CEC7  E9 00        SBC #00                           A:61 X:00 Y:00 P:25 SP:F9 CYC:0 SL:142
CEC9  85 05        STA $05                           A:61 X:00 Y:00 P:25 SP:F9 CYC:0 SL:142
CECB  05 04        ORA $04                           A:61 X:00 Y:00 P:25 SP:F9 CYC:0 SL:142
CECD  D0 D1        BNE #D1                           A:6B X:00 Y:00 P:25 SP:F9 CYC:0 SL:142
CEA0  B1 00        LDA ($00, X) = $A776 @ A776 = 2B  A:6B X:00 Y:00 P:25 SP:F9 CYC:0 SL:142
CEA2  91 02        STA ($02, X) = $8076 @ 8076 = 03  A:2B X:00 Y:00 P:25 SP:F9 CYC:0 SL:142
CEA4  A5 00        LDA $00                           A:2B X:00 Y:00 P:25 SP:F9 CYC:0 SL:142
CEA6  18           CLC                               A:76 X:00 Y:00 P:25 SP:F9 CYC:0 SL:142
CEA7  69 01        ADC #01                           A:76 X:00 Y:00 P:24 SP:F9 CYC:0 SL:142
CEA9  85 00        STA $00                           A:77 X:00 Y:00 P:24 SP:F9 CYC:0 SL:142
CEAB  A5 01        LDA $01                           A:77 X:00 Y:00 P:24 SP:F9 CYC:0 SL:142
CEAD  69 00        ADC #00                           A:A7 X:00 Y:00 P:A4 SP:F9 CYC:0 SL:142
CEAF  85 01        STA $01                           A:A7 X:00 Y:00 P:A4 SP:F9 CYC:0 SL:142
CEB1  A5 02        LDA $02                           A:A7 X:00 Y:00 P:A4 SP:F9 CYC:0 SL:142
CEB3  18           CLC                               A:76 X:00 Y:00 P:24 SP:F9 CYC:0 SL:142
CEB4  69 01        ADC #01                           A:76 X:00 Y:00 P:24 SP:F9 CYC:0 SL:142
CEB6  85 02        STA $02                           A:77 X:00 Y:00 P:24 SP:F9 CYC:0 SL:142
CEB8  A5 03        LDA $03                           A:77 X:00 Y:00 P:24 SP:F9 CYC:0 SL:142
CEBA  69 00        ADC #00                           A:80 X:00 Y:00 P:A4 SP:F9 CYC:0 SL:142
CEBC  85 03        STA $03                           A:80 X:00 Y:00 P:A4 SP:F9 CYC:0 SL:142
CEBE  A5 04        LDA $04                           A:80 X:00 Y:00 P:A4 SP:F9 CYC:0 SL:142
CEC0  38           SEC                               A:2B X:00 Y:00 P:24 SP:F9 CYC:0 SL:142
CEC1  E9 01        SBC #01                           A:2B X:00 Y:00 P:25 SP:F9 CYC:0 SL:142
CEC3  85 04        STA $04                           A:2A X:00 Y:00 P:25 SP:F9 CYC:0 SL:142
CEC5  A5 05        LDA $05                           A:2A X:00 Y:00 P:25 SP:F9 CYC:0 SL:142
CEC7  E9 00        SBC #00                           A:61 X:00 Y:00 P:25 SP:F9 CYC:0 SL:143
CEC9  85 05        STA $05                           A:61 X:00 Y:00 P:25 SP:F9 CYC:0 SL:143
CECB  05 04        ORA $04                           A:61 X:00 Y:00 P:25 SP:F9 CYC:0 SL:143
CECD  D0 D1        BNE #D1                           A:6B X:00 Y:00 P:25 SP:F9 CYC:0 SL:143
CEA0  B1 00        LDA ($00, X) = $A777 @ A777 = 2C  A:6B X:00 Y:00 P:25 SP:F9 CYC:0 SL:143
CEA2  91 02        STA ($02, X) = $8077 @ 8077 = 27  A:2C X:00 Y:00 P:25 SP:F9 CYC:0 SL:143
CEA4  A5 00        LDA $00                           A:2C X:00 Y:00 P:25 SP:F9 CYC:0 SL:143
CEA6  18           CLC                               A:77 X:00 Y:00 P:25 SP:F9 CYC:0 SL:143
CEA7  69 01        ADC #01                           A:77 X:00 Y:00 P:24 SP:F9 CYC:0 SL:143
CEA9  85 00        STA $00                           A:78 X:00 Y:00 P:24 SP:F9 CYC:0 SL:143
CEAB  A5 01        LDA $01                           A:78 X:00 Y:00 P:24 SP:F9 CYC:0 SL:143
CEAD  69 00        ADC #00                           A:A7 X:00 Y:00 P:A4 SP:F9 CYC:0 SL:143
CEAF  85 01        STA $01                           A:A7 X:00 Y:00 P:A4 SP:F9 CYC:0 SL:143
CEB1  A5 02        LDA $02                           A:A7 X:00 Y:00 P:A4 SP:F9 CYC:0 SL:143
CEB3  18           CLC                               A:77 X:00 Y:00 P:24 SP:F9 CYC:0 SL:143
CEB4  69 01        ADC #01                           A:77 X:00 Y:00 P:24 SP:F9 CYC:0 SL:143
CEB6  85 02        STA $02                           A:78 X:00 Y:00 P:24 SP:F9 CYC:0 SL:143
CEB8  A5 03        LDA $03                           A:78 X:00 Y:00 P:24 SP:F9 CYC:0 SL:143
CEBA  69 00        ADC #00                           A:80 X:00 Y:00 P:A4 SP:F9 CYC:0 SL:143
CEBC  85 03        STA $03                           A:80 X:00 Y:00 P:A4 SP:F9 CYC:0 SL:143
CEBE  A5 04        LDA $04                           A:80 X:00 Y:00 P:A4 SP:F9 CYC:0 SL:143
CEC0  38           SEC                               A:2A X:00 Y:00 P:24 SP:F9 CYC:0 SL:143
CEC1  E9 01        SBC #01                           A:2A X:00 Y:00 P:25 SP:F9 CYC:0 SL:143
CEC3  85 04        STA $04                           A:29 X:00 Y:00 P:25 SP:F9 CYC:0 SL:143
CEC5  A5 05        LDA $05                           A:29 X:00 Y:00 P:25 SP:F9 CYC:0 SL:143
CEC7  E9 00        SBC #00                           A:61 X:00 Y:00 P:25 SP:F9 CYC:0 SL:143
CEC9  85 05        STA $05                           A:61 X:00 Y:00 P:25 SP:F9 CYC:0 SL:143
CECB  05 04        ORA $04                           A:61 X:00 Y:00 P:25 SP:F9 CYC:0 SL:143
CECD  D0 D1        BNE #D1                           A:69 X:00 Y:00 P:25 SP:F9 CYC:0 SL:143
CEA0  B1 00        LDA ($00, X) = $A778 @ A778 = 29  A:69 X:00 Y:00 P:25 SP:F9 CYC:0 SL:143
CEA2  91 02        STA ($02, X) = $8078 @ 8078 = 16  A:29 X:00 Y:00 P:25 SP:F9 CYC:0 SL:143
CEA4  A5 00        LDA $00                           A:29 X:00 Y:00 P:25 SP:F9 CYC:0 SL:143
CEA6  18           CLC                               A:78 X:00 Y:00 P:25 SP:F9 CYC:0 SL:143
CEA7  69 01        ADC #01                           A:78 X:00 Y:00 P:24 SP:F9 CYC:0 SL:143
CEA9  85 00        STA $00                           A:79 X:00 Y:00 P:24 SP:F9 CYC:0 SL:143
CEAB  A5 01        LDA $01                           A:79 X:00 Y:00 P:24 SP:F9 CYC:0 SL:143
CEAD  69 00        ADC #00                           A:A7 X:00 Y:00 P:A4 SP:F9 CYC:0 SL:143
CEAF  85 01        STA $01                           A:A7 X:00 Y:00 P:A4 SP:F9 CYC:0 SL:143
CEB1  A5 02        LDA $02                           A:A7 X:00 Y:00 P:A4 SP:F9 CYC:0 SL:144
CEB3  18           CLC                               A:78 X:00 Y:00 P:24 SP:F9 CYC:0 SL:144
CEB4  69 01        ADC #01                           A:78 X:00 Y:00 P:24 SP:F9 CYC:0 SL:144
CEB6  85 02        STA $02                           A:79 X:00 Y:00 P:24 SP:F9 CYC:0 SL:144
CEB8  A5 03        LDA $03                           A:79 X:00 Y:00 P:24 SP:F9 CYC:0 SL:144
CEBA  69 00        ADC #00                           A:80 X:00 Y:00 P:A4 SP:F9 CYC:0 SL:144
CEBC  85 03        STA $03                           A:80 X:00 Y:00 P:A4 SP:F9 CYC:0 SL:144
CEBE  A5 04        LDA $04                           A:80 X:00 Y:00 P:A4 SP:F9 CYC:0 SL:144
CEC0  38           SEC                               A:29 X:00 Y:00 P:24 SP:F9 CYC:0 SL:144
CEC1  E9 01        SBC #01                           A:29 X:00 Y:00 P:25 SP:F9 CYC:0 SL:144
CEC3  85 04        STA $04                           A:28 X:00 Y:00 P:25 SP:F9 CYC:0 SL:144
CEC5  A5 05        LDA $05                           A:28 X:00 Y:00 P:25 SP:F9 CYC:0 SL:144
CEC7  E9 00        SBC #00                           A:61 X:00 Y:00 P:25 SP:F9 CYC:0 SL:144
CEC9  85 05        STA $05                           A:61 X:00 Y:00 P:25 SP:F9 CYC:0 SL:144
CECB  05 04        ORA $04                           A:61 X:00 Y:00 P:25 SP:F9 CYC:0 SL:144
CECD  D0 D1        BNE #D1                           A:69 X:00 Y:00 P:25 SP:F9 CYC:0 SL:144
CEA0  B1 00        LDA ($00, X) = $A779 @ A779 = 2B  A:69 X:00 Y:00 P:25 SP:F9 CYC:0 SL:144
CEA2  91 02        STA ($02, X) = $8079 @ 8079 = 0F  A:2B X:00 Y:00 P:25 SP:F9 CYC:0 SL:144
Re: MMC1 32k PRG mode
by on (#130532)
For the record, that particular block of code is only supposed to copy $9400-$96A0 to $6D00-$6FA0, so something went wrong a long time before your crash happened.

Also, you're displaying some of those instructions incorrectly - the instructions at $CEA0 and $CEA2 are "LDA ($00),Y" and "STA ($02),Y", not "LDA ($00,X)" and "STA ($02,X)".
Re: MMC1 32k PRG mode
by on (#130534)
Thanks for your help, you're right those instructions should have shown indirect Y addressing mode - just a typo in my logging code.

I have noticed that when I register a new save account on the game the count shown under the name on the select screen is set to 256 instead of 000. I think that this points to something going wrong at or before the point of registering a new save file. I will keep investigating and report back if I solve the problem.

Once again thanks to all who replied.
Re: MMC1 32k PRG mode
by on (#130568)
Code:
CEC5  A5 05        LDA $05                           A:2B X:00 Y:00 P:25 SP:F9 CYC:0 SL:142
CEC7  E9 00        SBC #00                           A:61 X:00 Y:00 P:25 SP:F9 CYC:0 SL:142
CEC9  85 05        STA $05                           A:61 X:00 Y:00 P:25 SP:F9 CYC:0 SL:142
CECB  05 04        ORA $04                           A:61 X:00 Y:00 P:25 SP:F9 CYC:0 SL:142
CECD  D0 D1        BNE #D1                           A:6B X:00 Y:00 P:25 SP:F9 CYC:0 SL:142


Somewhere in here might be your problem. Basically there are just a couple pointers and a counter for a memory copy as Quietust mentioned. For some reason, your CPU is not exiting this loop when it should and so it proceeds on forever, eventually crashing itself when it writes to the MMC1 registers.

Since it exits based on the Zero Status flag, you should make sure that it's being set appropriately. Are you setting the Z flag properly when the ORA operation happens? That would be the last operation to affect the flag. If it isn't the Zero Flag, then it might be related to your ADC or SBC opcodes not behaving properly. I just thought I'd give you some ideas of where to look for the problem.
Re: MMC1 32k PRG mode
by on (#130584)
The content of reg A starts with 0xA2 writing to 0x6D00 and decrements every loop until it reaches 0x00.
Re: MMC1 32k PRG mode
by on (#130590)
I took a look at this in FCEUX version 2.2.3-interim svn3071, since the debugger there provides enough insights into what PRG page/offset is used and what memory contents are that I figured it'd be helpful.

The ROM I'm using is Zelda II - The Adventure of Link (U).nes, MD5 checksum 764d36fa8a2450834da5e8194281035a. All this matters.

I set a breakpoint on execute for address CECD -- this is the bne, because I wanted to see the code that lead up to that point -- and also added a breakpoint conditional for A==#6B (don't ask about the syntax; that's how FCEUX does it), since that value was taken from your own code log dump. I then powered off the emulator, then powered it on. I was able to get past the title screen + registered a new save game entry + chose it. Upon pressing Start (to select a character/save game), the breakpoint hit. I'm going to assume that's the situation/condition where this happens for you -- if not, please state so. I did this multiple times to ensure the register values, code, etc. were always consistent.

The code leading up to the first time that bne was about to be executed:

Code:
 07:CEA9:85 00     STA $0000 = #$36
 07:CEAB:A5 01     LDA $0001 = #$94
 07:CEAD:69 00     ADC #$00
 07:CEAF:85 01     STA $0001 = #$94
 07:CEB1:A5 02     LDA $0002 = #$36
 07:CEB3:18        CLC
 07:CEB4:69 01     ADC #$01
 07:CEB6:85 02     STA $0002 = #$36
 07:CEB8:A5 03     LDA $0003 = #$6D
 07:CEBA:69 00     ADC #$00
 07:CEBC:85 03     STA $0003 = #$6D
 07:CEBE:A5 04     LDA $0004 = #$6B
 07:CEC0:38        SEC
 07:CEC1:E9 01     SBC #$01
 07:CEC3:85 04     STA $0004 = #$6B
 07:CEC5:A5 05     LDA $0005 = #$02
 07:CEC7:E9 00     SBC #$00
 07:CEC9:85 05     STA $0005 = #$02
 07:CECB:05 04     ORA $0004 = #$6B
>07:CECD:D0 D1     BNE $CEA0

The "07" shown on the left indicates that the code being executed is in PRG bank/page $07. I believe this refers to the actual PRG bank offset according to static 16KB bank sizes (per .NES header definition).

Register contents at this point were as follows (these are what the values are BEFORE the bne happened):

A=$6B X=$00 Y=$00 S=$01F9 P={unused, B, I, and C set; all others unset}

Stack contents: $A7 C1 00 A4 17 C0

I also dumped the values of ZP locations $00 through $05 (keep reading for why). FCEUX shows this to you (see the code log I pasted), but I wanted to know what they were right before the moment the bne was to be run. Here are the contents:

$00 = $36
$01 = $94
$02 = $36
$03 = $6D
$04 = $6B
$05 = $02

I then stepped through the code ("Step Into"), which let the bne execute (as it should since Z is unset) and then looked at what happened:

Code:
>07:CEA0:B1 00     LDA ($00),Y @ $9436 = #$0C
 07:CEA2:91 02     STA ($02),Y @ $6D36 = #$0C

After the lda/sta executed, these were the relevant registers:

A=$0C X=$00 Y=$00 S=$01F9 P={unused, B, I, and C set; all others unset}

The PRG bank did not change (it remained $07), which is correct behaviour because the sta is not touching MMC1 register space. This routine looks like it's just screwing with the PRG-RAM (SRAM) contents within the $6000-7FFF region. There should not be any bank switching happening at this time. The sta is not changing anything within the MMC1 register space to cause a bankswitch.

If the sta ($02),y in your emulator is actually touching MMC1 bankswitching registers, then what that indicates to me is the values in ZP locations $02 and $03 are incorrect. This would go along with what Quietust said about something happening earlier that may be causing this problem. Rephrased: the sta ($02),y may be writing to MMC1 register space when on a good/proper emulator it doesn't appear to (at least not through the first loop iteration / when A == $6B like in the code you posted).

The loop all of this is in, for your information, is constantly tinkering with ZP locations $00 through $05, so that said: my gut feeling is that you may have some mathematical/twos-complement problems with your adc/sbc instructions, as those are the absolute top #1-incorrectly-implemented opcodes when it comes to people doing their own 6502 emulators. I mention this because in the above code, I see adc being used without a preceding clc (which is perfectly fine, but you need to understand how adc works for it to be emulated correctly), and I see sbc being used without a preceding sec (also perfectly fine). If you need reference material for the adc/sbc implementation (the topic has come up many times on the forums over the years and example code given many times), here you go; the implementation/code from blargg is correct (the rest of the thread is educational material, so if you read that, read the entire thing and don't be hasty).

Second-most-common that I see are people getting the addressing modes wrong, specifically incorrectly implementing ($xx,x) vs. ($xx),y (the former is pre-indexed, the latter is post-indexed). The pre/post-indexed addressing modes should be very easy to implement (and don't forget about page wrapping, i.e. ldx #$02 / lda ($ff,x) would read from $01 and $02 to get the effective 16-bit address, not from $0101 and $0102. Same goes for things like lda ($ff),y which would read the effective 16-bit address from $ff and $00, not $ff and $0100).
Re: MMC1 32k PRG mode
by on (#130620)
It would appear that it was a problem with my SBC implementation, it looks like it wasn't setting the carry flag correctly. Using blargg's explanation on the thread that was linked on the previous post I took my ADC code and copied that into SBC, I then added a line in front of that to invert the bits in the operand. This seems to have fixed my problem and I can now get into the game.

Thanks again!