Overlay corruption
This article goes into very technical detail. The information is presented with the assumption that the reader has at least basic knowledge of hexadecimal, bitwise operations, SNES memory, and/or SNES assembly. |
Overlay corruption is a specific consequence of corrupting the game mode submodule to 0x03
in the underworld. It most commonly results from somaria jukes and spin YBAs, but it also results from spin mirror doors and recoil spin jukes.
Explanation
Submodule 0x03
of the underworld is used to load overlays that result in holes from star tiles being pressed or certain chests being opened. When applying the overlay, the first thing the module does is check 2 bytes at $BA[0x2]
to check if the current supertile has a determined overlay. Once this address is set (if it wasn't already), the 2 byte address at $B7[0x2]
is used as a pointer for where to begin reading data, with the value that was in $BA
used as an offset from there. Data is read 2 bytes at a time, stopping when the value $FFFF
is read. As new data is being read, it is stored in a large buffer of data beginning at $1102
. Normally, this block doesn't go beyond $17FF
, because the data being read during intended gameplay ends before then. In the case of corrupted game modes, the data that determines what is placed in this buffer comes from inappropriate areas of the ROM, and usually will not be reading actual data; i.e. it will be reading game code as data. There is not much of interest beyond the buffer in terms of game memory, with the most notable addresses being the mirror portal's coordinates on the overworld; however, if the data read is not halted by the time it reaches $1FFF
, it will start writing to hardware registers. When there are writes to these registers, it usually results in either a full-on game crash, or irreversibly corrupted graphics (Heavy VRAM).