So after adding VRC4 support in my emu I noticed that Kid Dracula has a problem. On level 2, the level is missing all its enemies and moving platforms. Strangely enough this same problem showed up when I was making a mapper hack of the game.
Anyone have any clue as to what this could be? Clever copy protection?
- There's no copy protection. I would have to play it on my emu to check it out level 2...
Anyway, have you tried to disable IRQs? Good dump? CRC32?
Edit: No surprise, the problem is with the translated ROM, yet it seems the untranslated ROM works fine on my emu. But strangely the translated rom seems to work on Nintendulator.
I would think so too, but I can't think of what the translator would have changed that would cause the game to break like this in my emulator. Guess I'll just have to experiment.
You're probably having a problem about masking the address written. Try to use my tip.
Fx3 wrote:
- There's no copy protection.
Maybe not "copy protection" per se, but it most certainly can tell if it's been hacked. The game deliberately removes the sprites in level 2 if you modify the ROM, according to Kitsune Sniper (the guy that translated it). He's also dealt with one other Konami game (Yume Penguin Monogatari) that has oddball protection, except in that case, it makes the game brutally difficult.
Did he go into detail or am I going to have to try to contact him myself?
It think it is copy protection when you consider they were protecting against pirates making the game run on their own mapper and manufacturing illegal copied carts.
Well, no progress on finding out the cause, but I did notice, I can start the unpatched ROM, make a save state, load it on the translated rom, and then the translated ROM runs with no apparent problems, even when you reach level 2.
Edit:
I have figured out why the translated ROM was not working. Not to be mean, but the person that "cracked" the copy protection for the translation did it in a really crude way. However this way managed to bring a bug in my CPU core to my attention. My BRK instruction was messed up. Anyway, now the translated ROM works and I'm happy.
MottZilla wrote:
I have figured out why the translated ROM was not working. Not to be mean, but the person that "cracked" the copy protection for the translation did it in a really crude way. However this way managed to bring a bug in my CPU core to my attention. My BRK instruction was messed up. Anyway, now the translated ROM works and I'm happy.
Care to explain how the protection works/was cracked, exactly? I've always been curious myself, since Kitsune never went into detail about it.
In short, the game writes a non-zero to $0021. This is done during a check at bootup. You could NOP the branches to the instruction that is INC $21 (E6 21) or probably just NOP the instruction INC $21. In the translation patch, instead he wrote BRK #$00 over it. The translation fails to pass the check, but obviously the flag is never set so it doesn't matter. From what I saw of the routine, it seems to just check some CHR-ROM to make sure it hasn't been modified.
I just played from beginning to end on my emulator and everything went just fine.
One last thing, there's a CMP #$0E followed by a branch, and then a CPY #$BC followed by a branch. They both goto $FFA5 I think it was, and this is just INC $21, RTS. It would make the most sense to NOP the branches.
From what I heard, the protection seems to make sure pirates don't alter the title screen or something.
MottZilla wrote:
From what I heard, the protection seems to make sure pirates don't alter the title screen or something.
Huh. You'd think they would check the PRG as well, since a lot of pirates hack out the copyright info there, and leave the CHR untouched (or modify the code to work with their own mapper, as you suggested).
Bucky O Hare is another game to do that trick. if it detects tampering with the title screen, it makes you die in one hit. Normally, you have a life bar!
Well that's fun. Gradius II makes you instantly dies if SRAM is disabled.
Um, hi.
KingMike just told me about this thread. Sorry for the late reply. According to the readme...
Quote:
Special thanks to King Mike for telling me about the ASM routine that was messing up the game when I hacked the title.
That hack is KingMike's fault, but I can't find the email he sent me ages ago... It's not in my main Parodius email archive, or my Hotmail / Yahoo archives. So I can't prove he helped me, heh.
... I'm a complete moron when it comes to assembly, or programming in general. I'm an English / Spanish translator, not a programmer.
Sorry for all the problems that this caused.
P.S.
So um, what do I have to do to get things to work right?
To stop the protection I believe you should search for a JSR $FFA5 which I previously said in this thread contains a INC $0021, RTS. If you search in HEX it would be "20 A5 FF". There should only be one instance of that I would guess. Replace it with "EA EA EA". Then you should be free to modify stuff without tripping the protection. But it's been awhile since I looked at it so I'm just trying to clarify what I said above for you.