Nestopia Update

This is an archive of a topic from NESdev BBS, taken in mid-October 2019 before a server upgrade.
View original topic
Nestopia Update
by on (#5214)
Sorry for shamelessly plugging my emulator here. Figured it would be all right though since this is the first time in almost two years Nestopia has another update.

Windows version
Mac version

by on (#5217)
Nestopia is so much faster now on my P3-450 then it used to be. I do have one concern though. FCE Ultra and Nestopia seem to run Super Mario Bros. differently from other emulators. The demo is fine but when you actually run the game, you only get one level that does not exist in the game and is all underwater. Any explanations?

by on (#5218)
That's a bad ROM dump. Your copy of SMB is bad.

There's a good copy of SMB that plays fine in said emulators.

by on (#5219)
I've downloaded so many copies of the ROM but they all do the same. On WedNESday it runs fine, just like on most other emulators. But how do FCE Ultra and Nestopia manage to make it run differently? (What do they know that we don't...)

by on (#5221)
They probably flush RAM with mostly 0xFF on hard reset/powerup... whereas your emu might flush with 0x00?

I remember hearing about this bug before, and I'm 100% positive it's a problem with the ROM and not the emus.

by on (#5222)
The real NES fills most of the 2 KB RAM at CPU$0000 with $FF on system startup. Many emulators fill it with $00. One of the widely distributed versions of Super Mario Bros. is probably from a pirate multicart whose menu program fills RAM with $00 except for the byte that allows for world selection.

What does GoodNES say about your ROM?

by on (#5238)
I have the pirated SMB dump. It's pretty weird. I noticed a while back how certain emulators (like Nestopia) started the game at world 0-1 instead of 1-1. I examined the dump with a hex editor and found that the startup code (after you press Start) was obviously manipulated. The weird part was that it had a different action for pressing A and Start simultaneously (as opposed to just pressing Start). I tested it, and evidently if you hold A and press Start, the game starts at world 1-1 even in those emulators that would otherwise start at 0-1. Someday I'll fully disassemble that section of code and see exactly what it's doing.

Sadly, I can't find the true SMB version anywhere. If I ever do get it, the first thing I'll do is make an IPS patch (hopefully only a small section needs to be changed) and put it out so that others who have the problem can fix it.
Re: Nestopia Update
by on (#5243)
Rawr, your emulator is quite nice, and you should feel proud of what you've accomplished.

Marty wrote:
Sorry for shamelessly plugging my emulator here. Figured it would be all right though since this is the first time in almost two years Nestopia has another update.

Windows version
Mac version

by on (#5248)
Anonymous wrote:
Sadly, I can't find the true SMB version anywhere.

Have you tried one those sites on the edge of legality?

Do you have the SMB1 + Duck Hunt ROM, and could you rip SMB1's PRG and CHR out of that?

by on (#5250)
tepples wrote:
Do you have the SMB1 + Duck Hunt ROM, and could you rip SMB1's PRG and CHR out of that?


I tried it, and it's not possible - the SMB1 PRG code was rearranged slightly to fit a short stub in the very beginning of the ROM for loading the menu.

by on (#5251)
Then Nintendo didn't use the most efficient method that I expected. Couldn't Duck Hunt have been more easily rearranged given that it was already a 16 KB PRG? Or was it about handling the reset button?

And what about the version from the triple cart with World Class Track Meet?

And can you make your emulator run CNROM, GNROM, and Color Dreams (upside down GNROM), which aren't much tougher than NROM? SMB/DH uses an epoxy version of GNROM designed for cheap mass production. Get GNROM to work, and then you can use SMB/Duck Hunt for testing.

by on (#5254)
tepples wrote:
Then Nintendo didn't use the most efficient method that I expected.


The problem is that SMB+DH just used a 74161 for its mapper, and a 74161 has an undefined powerup state - as such, BOTH PRG banks needed to have their reset code modified to load the menu.

tepples wrote:
SMB/DH uses an epoxy version of GNROM designed for cheap mass production.


Actually, there DO exist Super Mario Bros + Duck Hunt cartridges which use ordinary ICs rather than glop tops. Said cartridges bear the board name "NES-MHROM", as opposed to the glop top boards which are simply "NES-MH".

by on (#5264)
If I could make one suggestion. Nestopia doesn't recognize button 0 on gamepads. I can't use my SNES controller optimally without that button.

by on (#5267)
OK I'm back.

Last night I got the SMB/Duck Hunt image. Yes it is modified at the beginning, but only the first nine bytes were changed (for a bankswitch). Except for those nine bytes, the SMB bank appears to have been unmodified. I used a feature of my hex editor to find all differences between the SMB half of the SMB/Duck Hunt game and the SMB image I have (pirated).

Except for the first nine bytes, I instructed my hex editor to change all other bytes within the PRG image to reflect what was in the SMB/Duck Hunt image. That did the trick - I now have a fully functional SMB ROM. Now I'm looking through what was changed to see if I can understand what was done to the code.

It appears the pirates changed the RAM clearing subroutine so that the stack page was cleared only from $0100-012F instead of $0100-015F (which the normal version does). Address $0130 is assumed to have been preset with some value. A section of code responding to Start button presses was changed to read this byte, and a subroutine inserted at the end of the ROM image (overriding data used by the sound engine, I believe for the noise channel) checked to see if the byte was set to $5A. If it was, then a value of zero was substituted; otherwise, the byte was untouched and allowed to pass as what I suspect to be the world number. Thus, I suspect that if an emulator were to clear all RAM to $FF except for $0130 (setting that address to $00), that hack would fix the pirate ROM.

The pirates made a couple other changes as well, but as of now I don't know what those changes do. The behavior I noticed earlier with A+Start acting different from normal Start was actually part of the normal game behavior. Whatever its original purpose, it did bypass the critical portion of the pirate code, which was why pressing A+Start allowed the game to begin properly.

I did not compare CHR banks, so I don't know if there were any changes there.

by on (#5279)
In the authentic Super Mario Bros. game, A+Start takes you to the beginning of the WORLD where you last got a GAME OVER. A lot of Nintendo's games from that era had the same code, which was almost as well known as UUDDLRLRBA for Konami games.

Changes to the CHR bank in pirated versions of SMB1 usually involve changes to the title screen data that's stored around PPU$1F00.