So, can anyone help me out on making this nicer.
Item cycler code
[spoiler]0410C1B8 A8840000
203CB80A 00000010
C210C1B8 00000003
AA040000 3A200001
7E508A14 B2440000
A8840000 00000000
E0000000 80008000[/spoiler]
ASM
[spoiler]lha r16,0(r4)
li r17,1
add r18,r16,r17
sth r18,0(r4)
lha r4,0(r4)
[/spoiler]
Registers
[spoiler] CR:40200042 XER:20000000 CTR:802D8848 DSIS:00400000
DAR:804FAFEA SRR0:8010C1B4 SRR1:0000B032 LR:800FB928
r0:00000005 r1:8062AF40 r2:8061FA20 r3:804F9110
r4:804FAFE8 r5:00000000 r6:804F9110 r7:804F9110
r8:00000000 r9:00000001 r10:00000030 r11:8062AEF0
r12:802D8848 r13:8061D200 r14:00000000 r15:00000000
r16:00000000 r17:00000000 r18:00000000 r19:00000000
r20:00000000 r21:00000000 r22:00000000 r23:00000000
r24:00000000 r25:803C0000 r26:00000001 r27:909CA300
r28:909BA300 r29:909BA300 r30:804FAFD8 r31:00000001
f0:00000000 f1:C2EA0000 f2:42000000 f3:59800004
f4:C30F0000 f5:00000000 f6:42AC0000 f7:43810000
f8:410AAAAB f9:41F00000 f10:59800004 f11:00000000
f12:00000000 f13:BF7FFFFF f14:00000000 f15:00000000
f16:00000000 f17:00000000 f18:00000000 f19:00000000
f20:00000000 f21:00000000 f22:00000000 f23:00000000
f24:00000000 f25:00000000 f26:00000000 f27:00000000
f28:00000000 f29:00000000 f30:00000000 f31:00000000[/spoiler]
Function
[spoiler]8010C0F0: 3CC08050 lis r6,-32688
8010C0F4: 38E00000 li r7,0
8010C0F8: 38C69110 subi r6,r6,28400
8010C0FC: 8806730D lbz r0,29453(r6)
8010C100: 2C000000 cmpwi r0,0
8010C104: 41820008 beq- 0x8010c10c
8010C108: 7CC73378 mr r7,r6
8010C10C: 2C050000 cmpwi r5,0
8010C110: 4182002C beq- 0x8010c13c
8010C114: 2C030001 cmpwi r3,1
8010C118: 40820024 bne- 0x8010c13c
8010C11C: 3CC08050 lis r6,-32688
8010C120: 38E00000 li r7,0
8010C124: 38C69110 subi r6,r6,28400
8010C128: 38A6730D addi r5,r6,29453
8010C12C: 88057310 lbz r0,29456(r5)
8010C130: 2C000000 cmpwi r0,0
8010C134: 41820008 beq- 0x8010c13c
8010C138: 38E67310 addi r7,r6,29456
8010C13C: 2C030002 cmpwi r3,2
8010C140: 41820044 beq- 0x8010c184
8010C144: 40800014 bge- 0x8010c158
8010C148: 2C030000 cmpwi r3,0
8010C14C: 41820018 beq- 0x8010c164
8010C150: 40800024 bge- 0x8010c174
8010C154: 48000054 b 0x8010c1a8
8010C158: 2C030004 cmpwi r3,4
8010C15C: 4080004C bge- 0x8010c1a8
8010C160: 4800003C b 0x8010c19c
8010C164: 1C04011C mulli r0,r4,284
8010C168: 7C670214 add r3,r7,r0
8010C16C: 38831ED8 addi r4,r3,7896
8010C170: 48000038 b 0x8010c1a8
8010C174: 1C04011C mulli r0,r4,284
8010C178: 7C670214 add r3,r7,r0
8010C17C: 38836168 addi r4,r3,24936
8010C180: 48000028 b 0x8010c1a8
8010C184: 1C04011C mulli r0,r4,284
8010C188: 3C608051 lis r3,-32687
8010C18C: 38632EC0 addi r3,r3,11968
8010C190: 7C630214 add r3,r3,r0
8010C194: 38830008 addi r4,r3,8
8010C198: 48000010 b 0x8010c1a8
8010C19C: 1C04011C mulli r0,r4,284
8010C1A0: 7C670214 add r3,r7,r0
8010C1A4: 38834020 addi r4,r3,16416
8010C1A8: A8040004 lha r0,4(r4)
8010C1AC: 2C000000 cmpwi r0,0
8010C1B0: 41820010 beq- 0x8010c1c0
8010C1B4: A0640002 lhz r3,2(r4)
8010C1B8: A8840000 lha r4,0(r4)
8010C1BC: 4800000C b 0x8010c1c8
8010C1C0: 38600000 li r3,0
8010C1C4: 4E800020 blr
[/spoiler]
This what I'd like to do, then I would make another one to subtract as well as this one with button condition -.
[spoiler]lha r16,0(r4) ---> load the half word algebricly of r4 to r16
li r17, 0x0001 ----> load immediately 0001 ( because the value of the address is 000x000y where x is the
item and y is the class)
add r18, r16, r17 ----> add to r18 the sum of r17 and the item "name/value" which is the first 16 bytes of
r4
li r19, 0x0050 ----> load immediately r19 with 0050
ori r19, r19, 0x0002 ----> or immediately 00500002 for r19
cmpwi r18, r19 ----> so compare now the new item with 50 because that's the last item possible in the
game
beq -0x8 ----> will then branch to the lha r4,0(r4) step instead of the sth r18, 0(r4)
sth r18, 0(r4) ---> store the next item into r4's first 16 bytes
lha r4,0(r4) ---> the addresses original code. Load r4's first 16 bytes value
[/spoiler]
But it'll stop the game eventually (usually at 11... why?)
so I've got to
1. get a pause option so that'll only move it from one if press the the button ( 1 hold = only 1 addition to r4)
2. stop it from freezing when I roam for the items...
Problem 2
Item cycler viewer
I was trying to make a assembly to see where exactly the items would be.
for example if item 1 = 000a then my money would display 1 too
here's the code but it freezes the game
money address is 80500368
[spoiler]
lha r16,0(r4)
li r17,1
add r18,r16,r17
sth r18,0(r4)
sth r19,5380(r4) ----> = money address and half word of r4 = item
lha r19,5380(r4)
lha r4,0(r4)
[/spoiler]
1) Why are you using r16,r17,r18,r19? Those are volatile registers. I don't see you using any stack frame (stwu/stmw/[ASM]/lmw/addi). This could be why your code is crashing. Do not EVER use volatile registers without a stack frame
2) You don't need to li r17,1 and then use add. Just use addi.
3) lha = load halfword algebraic; this means that the half-word will be sign-extended to fill the upper 16 bits of rD. This is how you would load a value that could potentially be interpreted as negative, so that the 16-bit negative value still looks the same as the 32-bit negative value. If you know the value can't be negative, then use lhz instead, which zeroes the upper 16-bits out. If you're not sure what any of that means, use lhz.
EDIT: since the original game code is using lha, we should probably stick with lha in this instance. Although I wouldn't imagine that an item value could be negative...except maybe as a flag (item = -1 means no item)
4) When pasting disassembly, please bold the instruction that's at the current breakpoint. Sure, we can look at SRR0 in the register dump...but it just makes life easier. Thanks.
5) Your code at the end...you li r19,0x50, but I think you mean lis. The s means that it's done on the upper 16 bits instead of the lower 16 bits of rD.
6) Four and eight bytes after the "typical" button activator are usually more button activators. They momentarily contain the value 1 during the frame that a button has transitioned from down to up, or vice versa. That will achieve your "pause after pressing the button once" effect. Depending on the hook that Gecko OS started the game with, some games may occasionally run the code handler more than once per "frame" so sometimes you may get "two" presses instead of just one. There are other tricks to get around this in some post around on the forum somewhere...
Try this
lha r12,0(r4) # load item
cmpwi r12,0x50 # is it the last item?
beq- NO_ADDI # if yes, skip the addi/sth
addi r12,r12,1 # increment the item
sth r12,0(r4) # store the item
NO_ADDI:
lha r4,0(r4) # original instruction
Hey dcx2,
even if you won´t help me again, I can still read your help for other members and learn something. ???
@Patedj:
For substracting an item, you should use this:
lha r12,0(r4) # load item
cmpwi r12,0x0 # are we down to 0? (is the last item 0, or another value?)
beq- NO_SUBI # if yes, skip the subi/sth
subi r12,r12,1 # decrement the item
sth r12,0(r4) # store the item
NO_SUBI: # branch will take you here
lha r4,0(r4) # original instruction
C210C1B8 00000004
A9840000 2C0C0000
4182000C 398CFFFF
B1840000 A8840000
60000000 00000000
I should reread your teachings again. dcx2... Could you create an exam for me? Then I'll understand exactly where I stand. I can also grow faster!
I was using r16 to r19 because I was scared to use anything else. The address break was also at the end of the function and therefore, figured that the registers would have stopped changing ( volatile ). I initially used r12. Because r12 tends to be safe like I remember you explaining, and it crashed. Something else might have happened but I blamed it on r12. I then used crt, but couldn't get my head around using it properly.
The lha, lhz is explained well, thank you. I understand that this item cycler should zero out (0000) and shouldn't negative (FFFF) but the code function states that so the programmers said to do it ( weird ). I thought this address is safe to use. I simply reload the data like they did just in case. ha that's what you wrote too! excellent!
That's funny I just asked someone to do something similar for the function :)
That's great for the button activator. So my button address is A)803CB80A = xxxxyyyy
and the next address is B)803CB80E 0000yyyy
A) button activated
B)?? the amount that it's pushed?
y=my button pressed
I'll go search for the posts. Thanks! I would love to hear the other ways of doing that. I'll search the posts for them. Crossing my fingers O0
so what's the cleanest way to send it to the game?
[spoiler]1.anti-code
2.button condition B
3. ASM
4. reset 8000 to 8000[/spoiler]
or
something else?
btw. Is it possible to have a variant asm code on the same address break?
So the codes are working! I did a little tampering, and voila!
[spoiler]
lha r12,0(r4)
cmpwi r12,0x50
beq- 0x08
addi r12,r12,1
sth r12,0(r4)
lha r4,0(r4)
[/spoiler]
and in case the asm crashes when there's two asm on the same address
[spoiler]0410C1B4 A0640002
203CB80A 00001000
C210C1B4 00000004
A1840000 2C0C0000
41820008 398CFFFF
B1840000 A0640002
60000000 00000000
E0000000 80008000
[/spoiler]
the only thing I don't understand is why beq- 0x0c bully?
I've done it thanks to you two! and thomas83lin's post on special button activator [spoiler]http://wiird.l0nk.org/forum/index.php/topic,7514.0.html[/spoiler]
Here's the code
Add 1 to item
[spoiler]0410C1B8 A8840000
283CB80E 00000010
22001550 00000001
04001550 00000001
C210C1B8 00000004
A9840000 2C0C0050
41820008 398C0001
B1840000 A8840000
60000000 00000000
E0000000 80008000
2A3CB80E 00000010
04001550 00000000
E0000000 80008000
[/spoiler]
-1 to item
[spoiler]0410C1B4 A0640002
283CB80E 00001000
22001550 00000001
04001550 00000001
C210C1B4 00000004
A1840000 2C0C0000
41820008 398CFFFF
B1840000 A0640002
60000000 00000000
E0000000 80008000
2A3CB80E 00001000
04001550 00000000
E0000000 80008000
[/spoiler]
Quote from: Patedj on February 01, 2011, 04:06:50 AM
the only thing I don't understand is why beq- 0x0c bully?
The only thing, you need to know in this case is, that beq means "if equal".
Note that b stands for branch and eq for equal.
For instance, ble- would mean branch if less than.
ASM WiiRd is calculating the offset for you (here it´s 0x0C)
If you put this assembly into ASM WiiRd
[spoiler]lha r12,0(r4)
cmpwi r12,0
beq- _NO_SUBI
subi r12,r12,1
sth r12,0(r4)
_NO_SUBI:
lha r4,0(r4)
[/spoiler]
it will give you a code, which re-converted gives you:
[spoiler]
lha r12,0(r4)
cmpwi r12,0
beq- 0x0C
subi r12,r12,1
sth r12,0(r4)
lha r4,0(r4)
nop
[/spoiler]
These two ASM coding are exactly the same, just with the difference that the second one already has the offset in it (0x0C) to know how many instructions to skip, if branch is taken. If you use branch labels (like NO_SUBI, you will show the program, where to keep going after the branch and it calculates the distance for you)
-------------------------------
If you want to use +1 and -1 items at the same time, just put the coding together under 1 hook adress...
You know how?
Hey, you found the epic post I was thinking about, Patedj. That's the one that goes over the multiple ways to make one-shot activators.
Because of the way you wrote this code, it unhooks itself every time it is run. You could in theory hook the same address, then, because you don't need both hooks to execute during the same frame. The button activators will ensure only one hook at a time is run.
You said you used r16 etc because you were scared to use anything else. If you are ever unsure, just create a stack frame and you can use r14-r31 without fear.
Also, if you wish to see the "second" and "third" button activators, the ones that only pop up for a single frame...
1) make sure BPNext is checked on the About tab
2) Go to the button activator address in Memory Viewer
3) Click pause
4) Press a button on the Wiimote
5) Click next frame
You should see the "second" button activator appear after the "first" button activator
6) Keep holding the button on the Wiimote
7) Click next frame again
The "first" activator will show the button is still down, but the second does not anymore!
8 ) Release Wiimote button
9) Click next frame again
The typical activator will show the button is released, but now you'll see the button in a third activator
Oh wow guys!
I didn't know asm converter did that like that.
For the fear factor, stacking sounds like it's the way to do things.
For hooking at the same address, both of you are making perfect sense. I'm glad I asked, I wasn't too sure.
I'm having a great time working out things with you guys backing me up!! O0
Make sure that you feel comfortable asking me for help too!