Here is my dissasembly and code.
It keeps crashing and i think its because i cant use the registers, how do i know if I can use them?
CR : 44002088 XER : 20000000 CTR : 00000000 DSIS: 00000000
DAR : 00000000 SRR0: 80004354 SRR1: 00003032 LR : 8002B970
r0 : 00000000 r1 : 805B4BD0 r2 : 805A9320 r3 : 805B4C38
r4 : 805BA491 r5 : 000001F3 r6 : 805B4C44 r7 : 00000001
r8 : 00000000 r9 : 00000000 r10 : 00000000 r11 : 805B4BF0
r12 : 00000001 r13 : 805A4420 r14 : 00000000 r15 : 00000000
r16 : 00000000 r17 : 00000000 r18 : 00000000 r19 : 00000000
r20 : 00000001 r21 : 43300000 r22 : 80000000 r23 : 805B4FD8
r24 : 00000001 r25 : 00000000 r26 : 805BACC0 r27 : 00000000
r28 : 992A1E55 r29 : 805BA480 r30 : 805B4C38 r31 : 00000001
f0 : 00000000 f1 : 00000000 f2 : 00000000 f3 : 00000000
f4 : 44258000 f5 : 43700000 f6 : 43A00000 f7 : 43A00000
f8 : C3700000 f9 : 4B800000 f10 : 3F800000 f11 : BB088889
f12 : 3ACCCCCD f13 : 3B6B6916 f14 : 00000000 f15 : 00000000
f16 : 00000000 f17 : 00000000 f18 : 00000000 f19 : 00000000
f20 : 00000000 f21 : 00000000 f22 : 00000000 f23 : 00000000
f24 : 00000000 f25 : 00000000 f26 : 00000000 f27 : 3F7E74E3
f28 : 59800004 f29 : 59800000 f30 : 3F800000 f31 : 426FC29F
80004354: 9C060001 stbu r0,1(r6)
80004358: 34A5FFFF subic. r5,r5,1
8000435C: 4082FFF4 bne+ 0x80004350
80004360: 4E800020 blr
80004364: 7C842A14 add r4,r4,r5
80004368: 7CC32A14 add r6,r3,r5
8000436C: 38A50001 addi r5,r5,1
80004370: 4800000C b 0x8000437c
80004374: 8C04FFFF lbzu r0,-1(r4)
80004378: 9C06FFFF stbu r0,-1(r6)
8000437C: 34A5FFFF subic. r5,r5,1
80004380: 4082FFF4 bne+ 0x80004374
80004384: 4E800020 blr
80004388: 28050020 cmplwi r5,32
8000438C: 5487063E rlwinm r7,r4,0,24,31
80004390: 38C3FFFF subi r6,r3,1
This is the code i used in the asm converter.
Address 80004354
lis r18, 0x805B
lwz r19, 0x6D94 (r18)
addi r19, r19, 2000
stw r19, 0x6D94 (r18)
It crashes when the IF becomes true
205BA488 00000048
C2004354 00000003
3E40805B 82726D94
3A7307D0 92726D94
60000000 00000000
E0000000 80008000
I'm not too familiar with that code type but you need to atleast restore the opcode you destroy, within your routine [80004354: stbu r0,1(r6)].
I use the volatile r11 and r12 in my routines, never had any troubles with them.
what is an opcode and what does that line do?
The instruction line that you replaced [80004354: 9C060001 stbu r0,1(r6)] stores a byte from r6+1 into r0.
The problem is you can't replace instructions without restoring them upon returning to the routine, the same applies to register contents.
ah, so after the asm runs this opcode returns the asm back to its original state?
Yes, or you'll cause crashes/loops. Unless that code type actually stores and restores the entrypoint itself? I'll have to have a look at the codetype doc.
Just had a look at the doc, the instructions MUST end with a blr (0x4E800020).
What are you try to do with the code, as far as I can see, your trying to place the hex value 7d0h into 0x805B6D94, is that right?
And how would i go about restoring the op code?
Would i just place this at the end of the asm?
stbu r0,1(r6)
?
Read my edit above, yes, place the line you destroy at the end of the routine, you could even use r0 as a free register because you know it'll be overwriten at the end of the sub-routine. Also you need to end the code with a blr.
I'm trying to add 10 to the value in 805B6D94 and then write that new value back to 805B6D94.
This is what marcan gave me, he said it might not work with wiird as he never used it.
Would I use something else to accomplish this?
Actually if you use the C0 codetype you won't need the entry point;
li r0,10
lis r11,-32677
addi r11,r11,28052
stw r0,0(r11)
blr
205BA488 00000048
C0000000 00000003
3800000A 3D60805B
396B6D94 900B0000
4E800020 00000000
how does that code work and where does the 805B6D94 address come in place?
I just used links asm converter to make this code
I used a calculator, (10000 - 805B = 7FA5 [32677 dec]) etc..
The previous code only stores the value 0a at 805B6D94, the code below will add 0a to the existing value,
lis r1,-32677
lwz r2,28052(r1)
addi r2,r2,10
stw r2,28052(r1)
blr
205BA488 00000048 /is this a joker?
C0000000 00000003
3C20805B 80416D94
3842000A 90416D94
4E800020 00000000
oh yea i shouldn't of have included that
205BA488 00000048 = button activator
OK I took your advice and use the C0 code type(worked like a charm)
Now I've run into another block.
The ASM converter gives me an error whenever I try to addi something more than 0x8000(32768).
How do I get around this?
I don't have the ASM convertor, if your trying to form an address I would follow the lis with a subi, ie;
address 805B9000
lis r1,32859 (805B)
subi r1,r1,28672 (10000 - 9000 = 7000 /28672 dec)
Of course that subi affects the lis so you must add 1 to the lis value;
lis r1,32860
subi r1,r1,28672
Quote from: TNTkryzt on November 12, 2008, 01:12:11 AM
I don't have the ASM convertor, if your trying to form an address I would follow the lis with a subi, ie;
address 805B9000
lis r1,32859 (805B)
subi r1,r1,28672 (10000 - 9000 = 7000 /28672 dec)
Of course that subi affects the lis so you must add 1 to the lis value;
lis r1,32860
subi r1,r1,28672
You don't need to use decimal to express the values, the assembler will accept 'lis r1,0x805B'. Not to mention that you don't need to use addi/subi either, in this case it would make more sense to use ori since then you don't have to worry about the value being treated as signed.
So rewritten it looks like this:
lis r1,0x805B
ori r1,r1,0x9000
I would recommend against using r1 though, as it holds the stack pointer and bad things could happen if you overwrite it even if you restore immediately after.
I've never used the asm converter, I just write the asm directly into wird but it only accepts decimal.