Forum Index | FAQ | New User | Login | Search

Make a New PostPrevious ThreadView All ThreadsNext Thread*Show in Threaded Mode


SubjectNES Emulator: Where does the instruction pointer start in a ROM? new Reply to this message
Posted byklipseracer
Posted on01/26/08 01:44 PM



I have a NES emu project in its beginning stages, I can read the 16byte headeer correctly and find out how many pages of prg and chr rom it has, and I can setup the 2 prg rom banks and all that. But where do I start reading opcodes from? I know its in the PRG-ROM somewhere. I was told FFFEh? But that is outside of the allocated PRG-ROM memory range. I'm just trying to fetch the first opcode, which i'm having trouble doing. If someone could tell me the default Program counter/instruction counter address, it would be greatly appreciated!




SubjectRe: NES Emulator: Where does the instruction pointer start in a ROM? Reply to this message
Posted byBart T.
Posted on01/26/08 05:09 PM



I think you need to distinguish between the ROM file, which is essentially a dump of the ROM chips on the cartridge plus a header tacked on, and the 6502 address space, which is only 64KB total. Obviously, some of that 64KB has to be mapped to RAM and hardware registers and only a fraction to ROM. Therefore, the cartridges often provide a hardware mechanism (so-called "mappers") to change (or "map") the chunk of ROM that is visible to the 6502.

According to the documentation I'm looking at, for a MOS 65CE02, the reset vector is at FFFC. The low 8 bits of the program counter are loaded from there, and the high 8 bits from FFFD. From what I recall, the cartridge ROM space appears somewhere in the upper address space of the 6502, which would cover these vectors. Therefore, you should ensure that you are mapping the cartridge appropriately here.

You'll have to consult more documentation on the NES as well as the mapper that the game(s) in question use.


> I have a NES emu project in its beginning stages, I can read the 16byte headeer
> correctly and find out how many pages of prg and chr rom it has, and I can setup
> the 2 prg rom banks and all that. But where do I start reading opcodes from? I
> know its in the PRG-ROM somewhere. I was told FFFEh? But that is outside of the
> allocated PRG-ROM memory range. I'm just trying to fetch the first opcode, which
> i'm having trouble doing. If someone could tell me the default Program
> counter/instruction counter address, it would be greatly appreciated!
>


----
Bart


SubjectRe: NES Emulator: Where does the instruction pointer start in a ROM? new Reply to this message
Posted byklipseracer
Posted on02/01/08 00:24 AM



Thanks!!!!

Here is the code:

HRESULT ResetNES()
{
// Initialize the registers to their values.
CPU.A = 0;
CPU.X = 0;
CPU.Y = 0;
CPU.S = 0;
CPU.F = 0;
CPU.P = MAKEWORD(GetMemoryByte(0xFFFC), GetMemoryByte(0xFFFD));

// Zero all the memory.
ZeroMemory(CPU.Memory, 0x8000);

// Reset the number of cpu cycles until the next scanline.
CPU.byCycles = NUM_CYCLES_PER_SCANLINE;

// Now display the updated information.
//UpdateDebugInfo();

return S_OK;
} // end ResetNES()

And here is the GetMemoryByte() code:

BYTE __stdcall GetMemoryByte(WORD wAddress)
{
if (wAddress >= 0x8000 && wAddress < 0xC000)
return CPU.pbyPRGROMBank1[wAddress-0x8000];
else if (wAddress >= 0xC000 && wAddress <= 0xFFFF)
return CPU.pbyPRGROMBank2[wAddress-0xC000];
else
return CPU.Memory[wAddress];
} // end GetMemoryByte()

That is the code i'm using, credit goes to the author of Nestreme, but now I understand how it works and why it uses the MAKEWORD macro. the address it starts from is a 16bit address, this suddenly makes more sense. Thanks a lot! Now I just need to understand the mappers a little better which would help me out here. I can load most roms until 0xC000 and read the opcodes correctly, but I think C000 is where the page ends and I need to figure out how to correctly load the rom into memory.

Also, In this scenario, it will return an address in the PRGRomBank2 right?

> I think you need to distinguish between the ROM file, which is essentially a
> dump of the ROM chips on the cartridge plus a header tacked on, and the 6502
> address space, which is only 64KB total. Obviously, some of that 64KB has to be
> mapped to RAM and hardware registers and only a fraction to ROM. Therefore, the
> cartridges often provide a hardware mechanism (so-called "mappers") to change
> (or "map") the chunk of ROM that is visible to the 6502.
>
> According to the documentation I'm looking at, for a MOS 65CE02, the reset
> vector is at FFFC. The low 8 bits of the program counter are loaded from there,
> and the high 8 bits from FFFD. From what I recall, the cartridge ROM space
> appears somewhere in the upper address space of the 6502, which would cover
> these vectors. Therefore, you should ensure that you are mapping the cartridge
> appropriately here.
>
> You'll have to consult more documentation on the NES as well as the mapper that
> the game(s) in question use.
>
>
> > I have a NES emu project in its beginning stages, I can read the 16byte
> headeer
> > correctly and find out how many pages of prg and chr rom it has, and I can
> setup
> > the 2 prg rom banks and all that. But where do I start reading opcodes from? I
> > know its in the PRG-ROM somewhere. I was told FFFEh? But that is outside of
> the
> > allocated PRG-ROM memory range. I'm just trying to fetch the first opcode,
> which
> > i'm having trouble doing. If someone could tell me the default Program
> > counter/instruction counter address, it would be greatly appreciated!
> >
>
>
> ----
> Bart
>





SubjectRe: NES Emulator: Where does the instruction pointer start in a ROM? new Reply to this message
Posted byBart T.
Posted on02/01/08 02:57 AM



>I understand how it works and why it uses the MAKEWORD macro. the address it starts from is a 16bit address,

An address is an address. Whether you're reading bytes (8 bits) or words (16 bits), the address points to the same data, it's just that for 16-bit reads, you're fetching two bytes: one from the current address and another from the next byte. Since this is a little endian architecture, the first byte read from the base address is the least significant byte (LSB, or low byte) and the next one is the most significant byte (MSB), the high byte (bits 16-8.)


>Also, In this scenario, it will return an address in the
>PRGRomBank2 right?

The way you've written the code, yes. When it sees the address C000, it appears that the memory handler accesses it from there.


----
Bart


Previous ThreadView All ThreadsNext Thread*Show in Threaded Mode