Compare with 8 digit values?

[Bully@Wiiplaza]

I found an assembly instruction which executes when I get points (it is also the only one which is doing this for points)
But it also executes all the time when using excecute breakpoint.
So I would need a compare with a 8 digit value to write my value and don´t do anything if the instruction is not writing the points
(otherwise I crash instantly)

[spoiler]8068AD44:  80040000   lwz   r0,0(r4)
8068AD48:  90030000   stw   r0,0(r3)
8068AD4C:  4E800020   blr   [/spoiler]


If r3 is not greater than 93000000
branch _END
lis r0, HHHH
ori r0, r0, TTTT
_END:
stw   r0,0(r3)

is this template right, though?

[Nutmeg]

Well, I don't know what registers are safe, but here is what I would try.  Use cmpw instead of cmpwi:

Hook: 8068AD44

lis r1, 0x9300
ori r1, r1, 0x0000
cmpw r3, r1
ble- END
execute your ASM here
END
stw r0,0(r3)

[Bully@Wiiplaza]

Well, I don't know what registers are safe, but here is what I would try.  Use cmpw instead of cmpwi:

Hook: 8068AD44

lis r1, 0x9300
ori r1, r1, 0x0000
cmpw r3, r1
ble- END
execute your ASM here
END
stw r0,0(r3)

:eek: forgot to post the registers, but I take the right one(s) tomorrow then.
Could work like this, but I am not totally sure.

[Bully@Wiiplaza]

wel it froze, but I noticed that my idea was wrong anyway.
This sucks!

- Adress is moving every time
- Pointer doesn´t find anything
- ASM freezes (and right instructions are executed more times for other things, when altered: crash)

...

[Deathwolf]

you should try something like this:

lis r12,0xXXXX <--- load into address
ori r12,r12,0xXXXX
lhz   r12,0(r12) <--- reading out 16bit values (like codetype 28)
cmpwi r12,0xXXXX <--- if greather than XXXX
ble- THE_END <-- branch
execute your ASM here <--- your ASM instruction

THE_END:

stw r0,0(r3)

[Nutmeg]

Post the DASM and the breakpoint registers and I'll try to find the pointer.

[Bully@Wiiplaza]

Post the DASM and the breakpoint registers and I'll try to find the pointer.

[spoiler]  CR:42000888  XER:00000000  CTR:806876DC DSIS:02400000
DAR:930B5554 SRR0:8068AD48 SRR1:00009032   LR:80687768
 r0:000FF2EE   r1:900D9D28   r2:802459C0   r3:930B5554
 r4:80BC98F0   r5:900D9DA0   r6:00000000   r7:9303E880
 r8:930B5550   r9:00004294  r10:930AA090  r11:900D9D28
r12:00000000  r13:80244680  r14:00000000  r15:00000000
r16:00000000  r17:00000000  r18:00000000  r19:00000000
r20:80BC98F0  r21:930B5550  r22:8089FA70  r23:8092DE38
r24:80BBEA58  r25:80BCEA58  r26:00000000  r27:00006455
r28:00001964  r29:00000632  r30:000076CD  r31:00004294

 f0:00000000   f1:47768559   f2:FFC00000   f3:4F800000
 f4:4F000000   f5:00000000   f6:00000000   f7:00000000
 f8:41800000   f9:00000000  f10:00000000  f11:00000000
f12:C4181292  f13:00000000  f14:00000000  f15:00000000
f16:00000000  f17:00000000  f18:00000000  f19:00000000
f20:00000000  f21:00000000  f22:00000000  f23:00000000
f24:00000000  f25:00000000  f26:00000000  f27:00000000
f28:00000000  f29:BF800000  f30:59800004  f31:3A83126F[/spoiler]

The Function is only 3 instructions long :s
[spoiler]8068AD44:  80040000   lwz   r0,0(r4)
8068AD48:  90030000   stw   r0,0(r3)
8068AD4C:  4E800020   blr   [/spoiler]

[Nutmeg]

Hmm... okay then... You need to find the instruction that loads the address into r4.  I have no clue how to do that....

[Bully@Wiiplaza]

if dcx2 posts some help... that would be awesome... ::)

[Deathwolf]

bully.... go memory viewer, pause the game and search for the r3 value!
example the address of this value is 80356980.

lis r12,0x8035 <--- load into address
ori r12,r12,0x682
lhz   r12,0(r12) <--- reading out 16bit values (93000000)
cmpwi r12,0x0000 <--- if greather than 9300[[0000]]
ble- THE_END <-- branch
execute your ASM here <--- your ASM instruction

THE_END:

stw r0,0(r3)

[Bully@Wiiplaza]

r3 is different every match and there are also sometimes values bigger than 93000000, which aren´t related to the score.

[Deathwolf]

r3 is different every match and there are also sometimes values bigger than 93000000, which aren´t related to the score.

pause the game

[Nutmeg]

Is the instruction before the hook different everytime?

[Bully@Wiiplaza]

Is the instruction before the hook different everytime?

no, the disassembler is always like this.