Hi everyone i am really noob so i need you guys.
I'm trying to make power bar always full for virtua tennis 4 pal [SV4P8P].
the search was on 16 bits and i found
the first one is :
801436AC: D03F0004 stfs f1,4(r31)
the second one is :
801B9A58: D0260000 stfs f1,0(r6)
and the value of the Power full bar is 3F80 (16256).
I really don't know what to do.So if someone can help me thanks in advance.
Sometimes, WiiRDGUI will hit "fake breakpoints". Gecko.NET will skip fake breakpoints. Please copy and paste the registers from both breakpoints. We will make sure your breakpoints are real.
---
3F800000 = 1.0 as a "single precision float". This web page can convert float <-> hex for you. http://geckocodes.org/index.php?arsenal=3
stfs = STore Floating point Single precision
---
If 801436AC: D03F0004 stfs f1,4(r31) is not a fake breakpoint, then this code might work.
lis r12,0x3F80 # r12 = 0x3F800000
stw r12,4(r31)
Do you know how to use ASMWiiRD? Or PyiiASMH?
Thanks a lot dcx2 for your rapid and greatfull help. I have not explain very well my problem due to my lacks in English language.
I need the two codes for the power full bar so i use your :
If 801436AC: D03F0004 stfs f1,4(r31) is not a fake breakpoint, then this code might work.
lis r12,0x3F80 # r12 = 0x3F800000
stw r12,4(r31)
Yet i just used ASMWiiRD. I will see PyiiASMH later, i just began asm codes this afternoon.
With ASMWiiRD I get :
C21436AC 00000002
3D803F80 919F0004
60000000 00000000
And i used the same instruction you gave me for 801B9A58: D0260000 stfs f1,0(r6)
lis r12,0x3F80 # r12 = 0x3F800000
stw r12,0(r6)
And i get :
C21B9A58 00000002
3D803F80 91860000
60000000 00000000
So I added the codes on wiird :
Power Jauge always full
C21436AC 00000002
3D803F80 919F0004
60000000 00000000
C21B9A58 00000002
3D803F80 91860000
60000000 00000000
Thanks a lot its working like a charm !!!! Thanks again dcx2.You are awesome.
I have just a little problem the Power bar for the enemy is also affected. I don't know how to fix it.
So i rechecked the 2 breakpoints and i paste all informations i have if it can be usefull.
for 801436AC: D03F0004 stfs f1,4(r31)
[spoiler]CR : 46200882 XER : 20000000 CTR : 80143228 DSIS: 02400000
DAR : 80B4D0BC SRR0: 801436AC SRR1: 0000B032 LR : 80143258
r0 : 80143258 r1 : 8073E1D0 r2 : 806585C0 r3 : 90698840
r4 : 0000000C r5 : 8064C3E3 r6 : 00000003 r7 : 00000004
r8 : 0DE8E399 r9 : 0DE8E398 r10 : 8073E1D0 r11 : 8073E200
r12 : 00239449 r13 : 80653800 r14 : 00000000 r15 : 00000000
r16 : 00000000 r17 : 00000000 r18 : 00000000 r19 : 00000000
r20 : 00000000 r21 : 00000000 r22 : 00000000 r23 : 00000000
r24 : 00000000 r25 : 00000001 r26 : 00000006 r27 : 807957C8
r28 : 80B3F3A0 r29 : 80B3F558 r30 : 80A4D420 r31 : 80B4D0B8
f0 : 00000000 f1 : 3D911BBA f2 : 3F8911BB f3 : 3BE96E2C
f4 : 80000000 f5 : C18F766A f6 : 428604CA f7 : C2432845
f8 : 4717A0AD f9 : 3BA64E9C f10 : 31D95780 f11 : 3D8E5120
f12 : 4717A0AD f13 : 40A00000 f14 : 00000000 f15 : 00000000
f16 : 00000000 f17 : 00000000 f18 : 00000000 f19 : 00000000
f20 : 00000000 f21 : 00000000 f22 : 00000000 f23 : 00000000
f24 : 00000000 f25 : 41200000 f26 : 00000000 f27 : 00000000
f28 : 00000000 f29 : 3D5F97A1 f30 : 3F666666 f31 : 3EDAC647
801436AC: D03F0004 stfs f1,4(r31)
801436B0: 806DBD98 lwz r3,-17000(r13)
801436B4: 2C030000 cmpwi r3,0
801436B8: 41820098 beq- 0x80143750
801436BC: 809F0038 lwz r4,56(r31)
801436C0: 38A00000 li r5,0
801436C4: 48076325 bl 0x801b99e8
801436C8: 48000088 b 0x80143750
801436CC: 2C030000 cmpwi r3,0
801436D0: 40820010 bne- 0x801436e0
801436D4: 801F0048 lwz r0,72(r31)
801436D8: 2C000000 cmpwi r0,0
801436DC: 41810074 bgt- 0x80143750
801436E0: C03F000C lfs f1,12(r31)
801436E4: C002928C lfs f0,-28020(r2)
801436E8: FC010040 fcmpo cr0,f1,f0
[/spoiler]
for 801B9A58: D0260000 stfs f1,0(r6)
[spoiler]CR : 4A200882 XER : 20000000 CTR : 801432DC DSIS: 02400000
DAR : 807969A0 SRR0: 801B9A58 SRR1: 0000B032 LR : 801436C8
r0 : 807969A0 r1 : 8073E190 r2 : 806585C0 r3 : 807463A0
r4 : 00000000 r5 : 00000000 r6 : 807969A0 r7 : 00000004
r8 : 8073E01C r9 : 80CB0D38 r10 : 8073E1B0 r11 : 8073E1E0
r12 : 800F9E78 r13 : 80653800 r14 : 00000000 r15 : 00000000
r16 : 00000000 r17 : 00000000 r18 : 00000000 r19 : 00000000
r20 : 00000000 r21 : 00000000 r22 : 00000000 r23 : 00000000
r24 : 00000000 r25 : 00000001 r26 : 00000007 r27 : 807958E0
r28 : 00000000 r29 : 00000000 r30 : 80A58D6C r31 : 807969F8
f0 : 38D1B717 f1 : 3F46F694 f2 : 3D1AD430 f3 : 3D1AD42C
f4 : 80000000 f5 : BF90EB38 f6 : C2853BC7 f7 : 41B09C09
f8 : 40A00000 f9 : 3D918B80 f10 : 41293F41 f11 : 412A6258
f12 : 41293F41 f13 : 40A00000 f14 : 00000000 f15 : 00000000
f16 : 00000000 f17 : 00000000 f18 : 00000000 f19 : 00000000
f20 : 00000000 f21 : 00000000 f22 : 00000000 f23 : 00000000
f24 : 00000000 f25 : 41200000 f26 : 00000000 f27 : 00000000
f28 : 00000000 f29 : 3E99999A f30 : 42085FEE f31 : 3F4BACF8
801B9A58: D0260000 stfs f1,0(r6)
801B9A5C: 38600001 li r3,1
801B9A60: 2C050000 cmpwi r5,0
801B9A64: 38000000 li r0,0
801B9A68: 98660008 stb r3,8(r6)
801B9A6C: 9006000C stw r0,12(r6)
801B9A70: 41820120 beq- 0x801b9b90
801B9A74: 2C040000 cmpwi r4,0
801B9A78: 4180000C blt- 0x801b9a84
801B9A7C: 2C040004 cmpwi r4,4
801B9A80: 41800024 blt- 0x801b9aa4
801B9A84: 3C608060 lis r3,-32672
801B9A88: 3CA08060 lis r5,-32672
801B9A8C: 7F86E378 mr r6,r28
801B9A90: 388001B0 li r4,432
801B9A94: 38635750 addi r3,r3,22352[/spoiler]
Maybe i can fix it with a button activator with the anticode i saw it on some forums.
Thanks again for your quick answer and you helped me a lot.Greatings to you dcx2 !!!!
ASMWiiRD is good for now. PyiiASMH is mostly the same. Both do C2 codes. But PyiiASMH also does C0, F2, and RAW.
---
Both enemy and player get full power bar. This happens with ASM sometimes.
ASM is pieces called "functions". For the power bar, the same function writes to player bar and enemy bar. We need some way to discriminate.
I need more details to help. Can you use Gecko.NET please? http://wiird.l0nk.org/forum/index.php/topic,4886.new.html#new
Go to Disassembly tab. Go to address 801436AC: D03F0004 stfs f1,4(r31) then right-click, then "Copy Function", then paste here.
---
One more thing. Go to Breakpoint tab. Click "Step Log" - it will ask to save a file. Set Execute Breakpoint on 801436AC. Press Set many times. Sometimes, the game will move forward one frame. Keep pressing Set again and again, until the game has moved forward three frames. Then copy and paste the Step Log here.
So i use Gecko.NET(Gecko dNet 0.64) and did what you told me to do.
In disassembly Tab address 801436AC, update , right click and "Copy Function" :
[spoiler]80142FF0: 9421FFA0 stwu r1,-96(r1)
80142FF4: 7C0802A6 mflr r0
80142FF8: 90010064 stw r0,100(r1)
80142FFC: 39610030 addi r11,r1,48
80143000: DBE10050 stfd f31,80(r1)
80143004: F3E10058 psq_st f31,88(r1),0,0
80143008: DBC10040 stfd f30,64(r1)
8014300C: F3C10048 psq_st f30,72(r1),0,0
80143010: DBA10030 stfd f29,48(r1)
80143014: F3A10038 psq_st f29,56(r1),0,0
80143018: 48210651 bl 0x80353668
8014301C: 880DBCBD lbz r0,-17219(r13)
80143020: 3CE04330 lis r7,17200
80143024: 90E10008 stw r7,8(r1)
80143028: 7C9C2378 mr r28,r4
8014302C: 2C000000 cmpwi r0,0
80143030: 83E30004 lwz r31,4(r3)
80143034: 90E10010 stw r7,16(r1)
80143038: 7CBD2B78 mr r29,r5
8014303C: 7CDE3378 mr r30,r6
80143040: 4182000C beq- 0x8014304c
80143044: C03F0004 lfs f1,4(r31)
80143048: 48000770 b 0x801437b8
8014304C: C0040008 lfs f0,8(r4)
80143050: C3A29280 lfs f29,-28032(r2)
80143054: 801F0034 lwz r0,52(r31)
80143058: FC00E840 fcmpo cr0,f0,f29
8014305C: 900D8BB0 stw r0,-29776(r13)
80143060: C3E50024 lfs f31,36(r5)
80143064: 8865002C lbz r3,44(r5)
80143068: 7C000026 mfcr r0
8014306C: 986DBCBC stb r3,-17220(r13)
80143070: 54000FFE rlwinm r0,r0,1,31,31
80143074: 7C000034 cntlzw r0,r0
80143078: 5400D97E rlwinm r0,r0,27,5,31
8014307C: 900D8BB4 stw r0,-29772(r13)
80143080: 881F0054 lbz r0,84(r31)
80143084: 2C000000 cmpwi r0,0
80143088: 40820714 bne- 0x8014379c
8014308C: C03F0004 lfs f1,4(r31)
80143090: C002928C lfs f0,-28020(r2)
80143094: FC010040 fcmpo cr0,f1,f0
80143098: 4C411382 cror 2,1,2
8014309C: 7C000026 mfcr r0
801430A0: 54001FFF rlwinm. r0,r0,3,31,31
801430A4: 40820628 bne- 0x801436cc
801430A8: 835F0000 lwz r26,0(r31)
801430AC: 48132EA5 bl 0x80275f50
801430B0: 388D8BE4 subi r4,r13,29724
801430B4: 38A00001 li r5,1
801430B8: 4813432D bl 0x802773e4
801430BC: 281A0016 cmplwi r26,22
801430C0: 7C7B1B78 mr r27,r3
801430C4: 41810550 bgt- 0x80143614
801430C8: 3C808060 lis r4,-32672
801430CC: 5740103A rlwinm r0,r26,2,0,29
801430D0: 38842618 addi r4,r4,9752
801430D4: 7C84002E lwzx r4,r4,r0
801430D8: 7C8903A6 mtctr r4
801430DC: 4E800420 bctr
801430E0: C01C0008 lfs f0,8(r28)
801430E4: 38800005 li r4,5
801430E8: FFA00210 fabs f29,f0
801430EC: FFA0E818 frsp f29,f29
801430F0: 48132489 bl 0x80275578
801430F4: FFC00890 fmr f30,f1
801430F8: 7F63DB78 mr r3,r27
801430FC: 38800004 li r4,4
80143100: 48132479 bl 0x80275578
80143104: EC5D0828 fsubs f2,f29,f1
80143108: C0029280 lfs f0,-28032(r2)
8014310C: EC3E0828 fsubs f1,f30,f1
80143110: FC020040 fcmpo cr0,f2,f0
80143114: 40800008 bge- 0x8014311c
80143118: 48000014 b 0x8014312c
8014311C: FC020840 fcmpo cr0,f2,f1
80143120: 40810008 ble- 0x80143128
80143124: FC400890 fmr f2,f1
80143128: FC001090 fmr f0,f2
8014312C: EC010028 fsubs f0,f1,f0
80143130: EFA00824 fdivs f29,f0,f1
80143134: 480004E0 b 0x80143614
80143138: C01C0008 lfs f0,8(r28)
8014313C: 38800007 li r4,7
80143140: FFA00210 fabs f29,f0
80143144: FFA0E818 frsp f29,f29
80143148: 48132431 bl 0x80275578
8014314C: FFC00890 fmr f30,f1
80143150: 7F63DB78 mr r3,r27
80143154: 38800006 li r4,6
80143158: 48132421 bl 0x80275578
8014315C: EC5D0828 fsubs f2,f29,f1
80143160: C0029280 lfs f0,-28032(r2)
80143164: EC3E0828 fsubs f1,f30,f1
80143168: FC020040 fcmpo cr0,f2,f0
8014316C: 40800008 bge- 0x80143174
80143170: 48000014 b 0x80143184
80143174: FC020840 fcmpo cr0,f2,f1
80143178: 40810008 ble- 0x80143180
8014317C: FC400890 fmr f2,f1
80143180: FC001090 fmr f0,f2
80143184: EC010028 fsubs f0,f1,f0
80143188: EFA00824 fdivs f29,f0,f1
8014318C: 48000488 b 0x80143614
80143190: C3BD0004 lfs f29,4(r29)
80143194: 38800009 li r4,9
80143198: 481323E1 bl 0x80275578
8014319C: FFC00890 fmr f30,f1
801431A0: 7F63DB78 mr r3,r27
801431A4: 38800008 li r4,8
801431A8: 481323D1 bl 0x80275578
801431AC: EC7D0828 fsubs f3,f29,f1
801431B0: C0429280 lfs f2,-28032(r2)
801431B4: EC1E0828 fsubs f0,f30,f1
801431B8: FC031040 fcmpo cr0,f3,f2
801431BC: 40800008 bge- 0x801431c4
801431C0: 48000014 b 0x801431d4
801431C4: FC030040 fcmpo cr0,f3,f0
801431C8: 40810008 ble- 0x801431d0
801431CC: FC600090 fmr f3,f0
801431D0: FC401890 fmr f2,f3
801431D4: EFA20024 fdivs f29,f2,f0
801431D8: 4800043C b 0x80143614
801431DC: C3BD0018 lfs f29,24(r29)
801431E0: 3880000B li r4,11
801431E4: 48132395 bl 0x80275578
801431E8: FFC00890 fmr f30,f1
801431EC: 7F63DB78 mr r3,r27
801431F0: 3880000A li r4,10
801431F4: 48132385 bl 0x80275578
801431F8: EC7D0828 fsubs f3,f29,f1
801431FC: C0429280 lfs f2,-28032(r2)
80143200: EC1E0828 fsubs f0,f30,f1
80143204: FC031040 fcmpo cr0,f3,f2
80143208: 40800008 bge- 0x80143210
8014320C: 48000014 b 0x80143220
80143210: FC030040 fcmpo cr0,f3,f0
80143214: 40810008 ble- 0x8014321c
80143218: FC600090 fmr f3,f0
8014321C: FC401890 fmr f2,f3
80143220: EFA20024 fdivs f29,f2,f0
80143224: 480003F0 b 0x80143614
80143228: 801E0000 lwz r0,0(r30)
8014322C: 540007FF rlwinm. r0,r0,0,31,31
80143230: 418203E4 beq- 0x80143614
80143234: 801E0004 lwz r0,4(r30)
80143238: 540007BD rlwinm. r0,r0,0,30,30
8014323C: 408203D8 bne- 0x80143614
80143240: 3880000D li r4,13
80143244: 48132335 bl 0x80275578
80143248: FFC00890 fmr f30,f1
8014324C: 7F63DB78 mr r3,r27
80143250: 3880000C li r4,12
80143254: 48132325 bl 0x80275578
80143258: EC7F0828 fsubs f3,f31,f1
8014325C: C0429280 lfs f2,-28032(r2)
80143260: EC1E0828 fsubs f0,f30,f1
80143264: FC031040 fcmpo cr0,f3,f2
80143268: 40800008 bge- 0x80143270
8014326C: 48000014 b 0x80143280
80143270: FC030040 fcmpo cr0,f3,f0
80143274: 40810008 ble- 0x8014327c
80143278: FC600090 fmr f3,f0
8014327C: FC401890 fmr f2,f3
80143280: EFA20024 fdivs f29,f2,f0
80143284: 48000390 b 0x80143614
80143288: C01D0014 lfs f0,20(r29)
8014328C: 3880000F li r4,15
80143290: FFA00210 fabs f29,f0
80143294: FFA0E818 frsp f29,f29
80143298: 481322E1 bl 0x80275578
8014329C: FFC00890 fmr f30,f1
801432A0: 7F63DB78 mr r3,r27
801432A4: 3880000E li r4,14
801432A8: 481322D1 bl 0x80275578
801432AC: EC7D0828 fsubs f3,f29,f1
801432B0: C0429280 lfs f2,-28032(r2)
801432B4: EC1E0828 fsubs f0,f30,f1
801432B8: FC031040 fcmpo cr0,f3,f2
801432BC: 40800008 bge- 0x801432c4
801432C0: 48000014 b 0x801432d4
801432C4: FC030040 fcmpo cr0,f3,f0
801432C8: 40810008 ble- 0x801432d0
801432CC: FC600090 fmr f3,f0
801432D0: FC401890 fmr f2,f3
801432D4: EFA20024 fdivs f29,f2,f0
801432D8: 4800033C b 0x80143614
801432DC: 809E0000 lwz r4,0(r30)
801432E0: 38600000 li r3,0
801432E4: 54800319 rlwinm. r0,r4,0,12,12
801432E8: 40820010 bne- 0x801432f8
801432EC: 548002D7 rlwinm. r0,r4,0,11,11
801432F0: 40820008 bne- 0x801432f8
801432F4: 38600001 li r3,1
801432F8: 2C030000 cmpwi r3,0
801432FC: C3A29280 lfs f29,-28032(r2)
80143300: 41820040 beq- 0x80143340
80143304: 807F0050 lwz r3,80(r31)
80143308: 38030001 addi r0,r3,1
8014330C: 901F0050 stw r0,80(r31)
80143310: 2C000003 cmpwi r0,3
80143314: 40800024 bge- 0x80143338
80143318: 6C008000 xoris r0,r0,32768
8014331C: 9001000C stw r0,12(r1)
80143320: C8429298 lfd f2,-28008(r2)
80143324: C8210008 lfd f1,8(r1)
80143328: C0029290 lfs f0,-28016(r2)
8014332C: EC211028 fsubs f1,f1,f2
80143330: EFA00072 fmuls f29,f0,f1
80143334: 480002E0 b 0x80143614
80143338: C3A2928C lfs f29,-28020(r2)
8014333C: 480002D8 b 0x80143614
80143340: 38000000 li r0,0
80143344: 901F0050 stw r0,80(r31)
80143348: 480002CC b 0x80143614
8014334C: 801E0000 lwz r0,0(r30)
80143350: C3A29280 lfs f29,-28032(r2)
80143354: 5400035B rlwinm. r0,r0,0,13,13
80143358: 40820040 bne- 0x80143398
8014335C: 807F0050 lwz r3,80(r31)
80143360: 38030001 addi r0,r3,1
80143364: 901F0050 stw r0,80(r31)
80143368: 2C000003 cmpwi r0,3
8014336C: 40800024 bge- 0x80143390
80143370: 6C008000 xoris r0,r0,32768
80143374: 90010014 stw r0,20(r1)
80143378: C8429298 lfd f2,-28008(r2)
8014337C: C8210010 lfd f1,16(r1)
80143380: C0029290 lfs f0,-28016(r2)
80143384: EC211028 fsubs f1,f1,f2
80143388: EFA00072 fmuls f29,f0,f1
8014338C: 48000288 b 0x80143614
80143390: C3A2928C lfs f29,-28020(r2)
80143394: 48000280 b 0x80143614
80143398: 38000000 li r0,0
8014339C: 901F0050 stw r0,80(r31)
801433A0: 48000274 b 0x80143614
801433A4: C01D0014 lfs f0,20(r29)
801433A8: 38800011 li r4,17
801433AC: FFA00210 fabs f29,f0
801433B0: FFA0E818 frsp f29,f29
801433B4: 481321C5 bl 0x80275578
801433B8: FFC00890 fmr f30,f1
801433BC: 7F63DB78 mr r3,r27
801433C0: 38800010 li r4,16
801433C4: 481321B5 bl 0x80275578
801433C8: EC5D0828 fsubs f2,f29,f1
801433CC: C0029280 lfs f0,-28032(r2)
801433D0: EC3E0828 fsubs f1,f30,f1
801433D4: FC020040 fcmpo cr0,f2,f0
801433D8: 40800008 bge- 0x801433e0
801433DC: 48000014 b 0x801433f0
801433E0: FC020840 fcmpo cr0,f2,f1
801433E4: 40810008 ble- 0x801433ec
801433E8: FC400890 fmr f2,f1
801433EC: FC001090 fmr f0,f2
801433F0: EC010028 fsubs f0,f1,f0
801433F4: EFA00824 fdivs f29,f0,f1
801433F8: 4800021C b 0x80143614
801433FC: 801E0000 lwz r0,0(r30)
80143400: 38800000 li r4,0
80143404: 540007BD rlwinm. r0,r0,0,30,30
80143408: 40820018 bne- 0x80143420
8014340C: 807E0004 lwz r3,4(r30)
80143410: 546004E7 rlwinm. r0,r3,0,19,19
80143414: 4082000C bne- 0x80143420
80143418: 5460056B rlwinm. r0,r3,0,21,21
8014341C: 41820008 beq- 0x80143424
80143420: 38800001 li r4,1
80143424: 2C040000 cmpwi r4,0
80143428: C3A29280 lfs f29,-28032(r2)
8014342C: 41820040 beq- 0x8014346c
80143430: 807F0050 lwz r3,80(r31)
80143434: 38030001 addi r0,r3,1
80143438: 901F0050 stw r0,80(r31)
8014343C: 2C000003 cmpwi r0,3
80143440: 40800024 bge- 0x80143464
80143444: 6C008000 xoris r0,r0,32768
80143448: 9001000C stw r0,12(r1)
8014344C: C8429298 lfd f2,-28008(r2)
80143450: C8210008 lfd f1,8(r1)
80143454: C0029290 lfs f0,-28016(r2)
80143458: EC211028 fsubs f1,f1,f2
8014345C: EFA00072 fmuls f29,f0,f1
80143460: 480001B4 b 0x80143614
80143464: C3A2928C lfs f29,-28020(r2)
80143468: 480001AC b 0x80143614
8014346C: 38000000 li r0,0
80143470: 901F0050 stw r0,80(r31)
80143474: 480001A0 b 0x80143614
80143478: C3BD0018 lfs f29,24(r29)
8014347C: 38800013 li r4,19
80143480: 481320F9 bl 0x80275578
80143484: FFC00890 fmr f30,f1
80143488: 7F63DB78 mr r3,r27
8014348C: 38800012 li r4,18
80143490: 481320E9 bl 0x80275578
80143494: EC5D0828 fsubs f2,f29,f1
80143498: C0029280 lfs f0,-28032(r2)
8014349C: EC3E0828 fsubs f1,f30,f1
801434A0: FC020040 fcmpo cr0,f2,f0
801434A4: 40800008 bge- 0x801434ac
801434A8: 48000014 b 0x801434bc
801434AC: FC020840 fcmpo cr0,f2,f1
801434B0: 40810008 ble- 0x801434b8
801434B4: FC400890 fmr f2,f1
801434B8: FC001090 fmr f0,f2
801434BC: EC010028 fsubs f0,f1,f0
801434C0: EFA00824 fdivs f29,f0,f1
801434C4: 48000150 b 0x80143614
801434C8: C3ADBCB8 lfs f29,-17224(r13)
801434CC: 38800015 li r4,21
801434D0: 481320A9 bl 0x80275578
801434D4: FFC00890 fmr f30,f1
801434D8: 7F63DB78 mr r3,r27
801434DC: 38800014 li r4,20
801434E0: 48132099 bl 0x80275578
801434E4: EC7D0828 fsubs f3,f29,f1
801434E8: C0429280 lfs f2,-28032(r2)
801434EC: EC1E0828 fsubs f0,f30,f1
801434F0: FC031040 fcmpo cr0,f3,f2
801434F4: 40800008 bge- 0x801434fc
801434F8: 48000014 b 0x8014350c
801434FC: FC030040 fcmpo cr0,f3,f0
80143500: 40810008 ble- 0x80143508
80143504: FC600090 fmr f3,f0
80143508: FC401890 fmr f2,f3
8014350C: EFA20024 fdivs f29,f2,f0
80143510: 48000104 b 0x80143614
80143514: C01C0008 lfs f0,8(r28)
80143518: 38800017 li r4,23
8014351C: FFA00210 fabs f29,f0
80143520: FFA0E818 frsp f29,f29
80143524: 48132055 bl 0x80275578
80143528: FFC00890 fmr f30,f1
8014352C: 7F63DB78 mr r3,r27
80143530: 38800016 li r4,22
80143534: 48132045 bl 0x80275578
80143538: EC7D0828 fsubs f3,f29,f1
8014353C: C0429280 lfs f2,-28032(r2)
80143540: EC1E0828 fsubs f0,f30,f1
80143544: FC031040 fcmpo cr0,f3,f2
80143548: 40800008 bge- 0x80143550
8014354C: 48000014 b 0x80143560
80143550: FC030040 fcmpo cr0,f3,f0
80143554: 40810008 ble- 0x8014355c
80143558: FC600090 fmr f3,f0
8014355C: FC401890 fmr f2,f3
80143560: EFA20024 fdivs f29,f2,f0
80143564: 480000B0 b 0x80143614
80143568: 800DBCC0 lwz r0,-17216(r13)
8014356C: 38800019 li r4,25
80143570: C8229298 lfd f1,-28008(r2)
80143574: 6C008000 xoris r0,r0,32768
80143578: 90010014 stw r0,20(r1)
8014357C: C8010010 lfd f0,16(r1)
80143580: EFA00828 fsubs f29,f0,f1
80143584: 48131FF5 bl 0x80275578
80143588: FFC00890 fmr f30,f1
8014358C: 7F63DB78 mr r3,r27
80143590: 38800018 li r4,24
80143594: 48131FE5 bl 0x80275578
80143598: EC7D0828 fsubs f3,f29,f1
8014359C: C0429280 lfs f2,-28032(r2)
801435A0: EC1E0828 fsubs f0,f30,f1
801435A4: FC031040 fcmpo cr0,f3,f2
801435A8: 40800008 bge- 0x801435b0
801435AC: 48000014 b 0x801435c0
801435B0: FC030040 fcmpo cr0,f3,f0
801435B4: 40810008 ble- 0x801435bc
801435B8: FC600090 fmr f3,f0
801435BC: FC401890 fmr f2,f3
801435C0: EFA20024 fdivs f29,f2,f0
801435C4: 48000050 b 0x80143614
801435C8: C3BD0004 lfs f29,4(r29)
801435CC: 3880001B li r4,27
801435D0: 48131FA9 bl 0x80275578
801435D4: FFC00890 fmr f30,f1
801435D8: 7F63DB78 mr r3,r27
801435DC: 3880001A li r4,26
801435E0: 48131F99 bl 0x80275578
801435E4: EC5D0828 fsubs f2,f29,f1
801435E8: C0029280 lfs f0,-28032(r2)
801435EC: EC3E0828 fsubs f1,f30,f1
801435F0: FC020040 fcmpo cr0,f2,f0
801435F4: 40800008 bge- 0x801435fc
801435F8: 48000014 b 0x8014360c
801435FC: FC020840 fcmpo cr0,f2,f1
80143600: 40810008 ble- 0x80143608
80143604: FC400890 fmr f2,f1
80143608: FC001090 fmr f0,f2
8014360C: EC010028 fsubs f0,f1,f0
80143610: EFA00824 fdivs f29,f0,f1
80143614: C0029290 lfs f0,-28016(r2)
80143618: C0429280 lfs f2,-28032(r2)
8014361C: EC3D0032 fmuls f1,f29,f0
80143620: C01F0014 lfs f0,20(r31)
80143624: EC60107A fmadds f3,f0,f1,f2
80143628: FC031040 fcmpo cr0,f3,f2
8014362C: 40810008 ble- 0x80143634
80143630: 48000008 b 0x80143638
80143634: FC601090 fmr f3,f2
80143638: C05F0004 lfs f2,4(r31)
8014363C: C002928C lfs f0,-28020(r2)
80143640: EC22182A fadds f1,f2,f3
80143644: FC010040 fcmpo cr0,f1,f0
80143648: 4C401382 cror 2,0,2
8014364C: 40820008 bne- 0x80143654
80143650: 48000008 b 0x80143658
80143654: EC601028 fsubs f3,f0,f2
80143658: C05F0010 lfs f2,16(r31)
8014365C: C002928C lfs f0,-28020(r2)
80143660: EC42182A fadds f2,f2,f3
80143664: FC010040 fcmpo cr0,f1,f0
80143668: D05F0010 stfs f2,16(r31)
8014366C: 4C411382 cror 2,1,2
80143670: 40820020 bne- 0x80143690
80143674: 801F0048 lwz r0,72(r31)
80143678: 2C000000 cmpwi r0,0
8014367C: 4181000C bgt- 0x80143688
80143680: 801F0040 lwz r0,64(r31)
80143684: 901F0048 stw r0,72(r31)
80143688: C022928C lfs f1,-28020(r2)
8014368C: 48000020 b 0x801436ac
80143690: C0029280 lfs f0,-28032(r2)
80143694: FC010040 fcmpo cr0,f1,f0
80143698: 4C401382 cror 2,0,2
8014369C: 40820010 bne- 0x801436ac
801436A0: FC200090 fmr f1,f0
801436A4: 38000000 li r0,0
801436A8: 901F0048 stw r0,72(r31)
801436AC: D03F0004 stfs f1,4(r31)
801436B0: 806DBD98 lwz r3,-17000(r13)
801436B4: 2C030000 cmpwi r3,0
801436B8: 41820098 beq- 0x80143750
801436BC: 809F0038 lwz r4,56(r31)
801436C0: 38A00000 li r5,0
801436C4: 48076325 bl 0x801b99e8
801436C8: 48000088 b 0x80143750
801436CC: 2C030000 cmpwi r3,0
801436D0: 40820010 bne- 0x801436e0
801436D4: 801F0048 lwz r0,72(r31)
801436D8: 2C000000 cmpwi r0,0
801436DC: 41810074 bgt- 0x80143750
801436E0: C03F000C lfs f1,12(r31)
801436E4: C002928C lfs f0,-28020(r2)
801436E8: FC010040 fcmpo cr0,f1,f0
801436EC: 4C411382 cror 2,1,2
801436F0: 40820020 bne- 0x80143710
801436F4: 801F0048 lwz r0,72(r31)
801436F8: 2C000000 cmpwi r0,0
801436FC: 4181000C bgt- 0x80143708
80143700: 801F0040 lwz r0,64(r31)
80143704: 901F0048 stw r0,72(r31)
80143708: C022928C lfs f1,-28020(r2)
8014370C: 48000020 b 0x8014372c
80143710: C0029280 lfs f0,-28032(r2)
80143714: FC010040 fcmpo cr0,f1,f0
80143718: 4C401382 cror 2,0,2
8014371C: 40820010 bne- 0x8014372c
80143720: FC200090 fmr f1,f0
80143724: 38000000 li r0,0
80143728: 901F0048 stw r0,72(r31)
8014372C: D03F0004 stfs f1,4(r31)
80143730: 38000000 li r0,0
80143734: 901F0048 stw r0,72(r31)
80143738: 806DBD98 lwz r3,-17000(r13)
8014373C: 2C030000 cmpwi r3,0
80143740: 41820010 beq- 0x80143750
80143744: 809F0038 lwz r4,56(r31)
80143748: 38A00001 li r5,1
8014374C: 4807629D bl 0x801b99e8
80143750: C01C0000 lfs f0,0(r28)
80143754: D01F001C stfs f0,28(r31)
80143758: C01C0004 lfs f0,4(r28)
8014375C: D01F0020 stfs f0,32(r31)
80143760: C01C0008 lfs f0,8(r28)
80143764: D01F0024 stfs f0,36(r31)
80143768: C01D000C lfs f0,12(r29)
8014376C: D01F0028 stfs f0,40(r31)
80143770: C01D0010 lfs f0,16(r29)
80143774: D01F002C stfs f0,44(r31)
80143778: C01D0014 lfs f0,20(r29)
8014377C: D01F0030 stfs f0,48(r31)
80143780: C01D0018 lfs f0,24(r29)
80143784: D3FF0018 stfs f31,24(r31)
80143788: D3EDBCB4 stfs f31,-17228(r13)
8014378C: D00DBCB8 stfs f0,-17224(r13)
80143790: 807F003C lwz r3,60(r31)
80143794: 38030001 addi r0,r3,1
80143798: 901F003C stw r0,60(r31)
8014379C: 881D002A lbz r0,42(r29)
801437A0: 2C000000 cmpwi r0,0
801437A4: 40820010 bne- 0x801437b4
801437A8: 806DBCC0 lwz r3,-17216(r13)
801437AC: 38030001 addi r0,r3,1
801437B0: 900DBCC0 stw r0,-17216(r13)
801437B4: C03F0004 lfs f1,4(r31)
801437B8: 39610030 addi r11,r1,48
801437BC: E3E10058 psq_l f31,88(r1),0,0
801437C0: CBE10050 lfd f31,80(r1)
801437C4: E3C10048 psq_l f30,72(r1),0,0
801437C8: CBC10040 lfd f30,64(r1)
801437CC: E3A10038 psq_l f29,56(r1),0,0
801437D0: CBA10030 lfd f29,48(r1)
801437D4: 4820FEE1 bl 0x803536b4
801437D8: 80010064 lwz r0,100(r1)
801437DC: 7C0803A6 mtlr r0
801437E0: 38210060 addi r1,r1,96
801437E4: 4E800020 blr
[/spoiler]
MOD EDIT: spoilered to save space
After that i go to Breakpoint tab. click "Step Log" and "execute" breakpoints :
[spoiler]801436AC: D03F0004 stfs f1,4(r31)
801436B0: 806DBD98 lwz r3,-17000(r13)
801436B4: 2C030000 cmpwi r3,0
801436B8: 41820098 beq- 0x80143750
801436BC: 809F0038 lwz r4,56(r31)
801436C0: 38A00000 li r5,0
801436C4: 48076325 bl 0x801b99e8
801436C8: 48000088 b 0x80143750
801436CC: 2C030000 cmpwi r3,0
801436D0: 40820010 bne- 0x801436e0
801436D4: 801F0048 lwz r0,72(r31)
801436D8: 2C000000 cmpwi r0,0
801436DC: 41810074 bgt- 0x80143750
801436E0: C03F000C lfs f1,12(r31)
801436E4: C002928C lfs f0,-28020(r2)
801436E8: FC010040 fcmpo cr0,f1,f0
801436EC: 4C411382 cror 2,1,2
801436F0: 40820020 bne- 0x80143710
801436F4: 801F0048 lwz r0,72(r31)
801436F8: 2C000000 cmpwi r0,0
801436FC: 4181000C bgt- 0x80143708
80143700: 801F0040 lwz r0,64(r31)
80143704: 901F0048 stw r0,72(r31)
80143708: C022928C lfs f1,-28020(r2)
8014370C: 48000020 b 0x8014372c
80143710: C0029280 lfs f0,-28032(r2)
80143714: FC010040 fcmpo cr0,f1,f0
80143718: 4C401382 cror 2,0,2
8014371C: 40820010 bne- 0x8014372c
80143720: FC200090 fmr f1,f0
80143724: 38000000 li r0,0
80143728: 901F0048 stw r0,72(r31)
8014372C: D03F0004 stfs f1,4(r31)
80143730: 38000000 li r0,0
80143734: 901F0048 stw r0,72(r31)
80143738: 806DBD98 lwz r3,-17000(r13)
8014373C: 2C030000 cmpwi r3,0
80143740: 41820010 beq- 0x80143750
80143744: 809F0038 lwz r4,56(r31)
80143748: 38A00001 li r5,1
8014374C: 4807629D bl 0x801b99e8
80143750: C01C0000 lfs f0,0(r28)
80143754: D01F001C stfs f0,28(r31)
80143758: C01C0004 lfs f0,4(r28)
8014375C: D01F0020 stfs f0,32(r31)
80143760: C01C0008 lfs f0,8(r28)
80143764: D01F0024 stfs f0,36(r31)
80143768: C01D000C lfs f0,12(r29)
8014376C: D01F0028 stfs f0,40(r31)
80143770: C01D0010 lfs f0,16(r29)
80143774: D01F002C stfs f0,44(r31)
80143778: C01D0014 lfs f0,20(r29)
8014377C: D01F0030 stfs f0,48(r31)
80143780: C01D0018 lfs f0,24(r29)
80143784: D3FF0018 stfs f31,24(r31)
80143788: D3EDBCB4 stfs f31,-17228(r13)
8014378C: D00DBCB8 stfs f0,-17224(r13)
80143790: 807F003C lwz r3,60(r31)
80143794: 38030001 addi r0,r3,1
80143798: 901F003C stw r0,60(r31)[/spoiler]
And i press "Set" many times but i dont know what is the frame thing (if you can explain it to me) and the three frames too.
I just saw when "pressing set" 2 differents adress in the right screen under Add BP condition.
The first is 46200882 and the second 4A200882. I don t know if its that you asked.
I press set a lot and paste what was in the "log steps" :
[spoiler]801436AC: D03F0004 stfs f1,4(r31) f1 = 0,323851 r31 = 80B425A0 [80B425A4] = 3E45FDEA
801436AC: D03F0004 stfs f1,4(r31) f1 = 0,323851 r31 = 80B425A0 [80B425A4] = 3F22A17F
801436AC: D03F0004 stfs f1,4(r31) f1 = 0,00538208 r31 = 807485E0 [807485E4] = 00000000
801436AC: D03F0004 stfs f1,4(r31) f1 = 0,0376634 r31 = 807485E0 [807485E4] = 3BB05C2F
801436AC: D03F0004 stfs f1,4(r31) f1 = 0,0984315 r31 = 80B09400 [80B09404] = 00000000
801436AC: D03F0004 stfs f1,4(r31) f1 = 0,0552227 r31 = 807485E0 [807485E4] = 3D1A44FC
801436AC: D03F0004 stfs f1,4(r31) f1 = 0,154091 r31 = 80B09400 [80B09404] = 3DC99679
801436AC: D03F0004 stfs f1,4(r31) f1 = 0,0552227 r31 = 807485E0 [807485E4] = 3D62313A
801436AC: D03F0004 stfs f1,4(r31) f1 = 0,284591 r31 = 80B09400 [80B09404] = 3E1DCA18
801436AC: D03F0004 stfs f1,4(r31) f1 = 0,0585741 r31 = 807485E0 [807485E4] = 3D62313A
801436AC: D03F0004 stfs f1,4(r31) f1 = 0,367274 r31 = 80B09400 [80B09404] = 3E91B5F2
801436AC: D03F0004 stfs f1,4(r31) f1 = 0,0790423 r31 = 807485E0 [807485E4] = 3D6FEB6D
801436AC: D03F0004 stfs f1,4(r31) f1 = 0,492456 r31 = 80B09400 [80B09404] = 3EBC0B5E
801436AC: D03F0004 stfs f1,4(r31) f1 = 0,0790423 r31 = 807485E0 [807485E4] = 3DA1E0F0
801436AC: D03F0004 stfs f1,4(r31) f1 = 0,622956 r31 = 80B09400 [80B09404] = 3EFC2326
801436AC: D03F0004 stfs f1,4(r31) f1 = 0,0853061 r31 = 807485E0 [807485E4] = 3DA1E0F0
801436AC: D03F0004 stfs f1,4(r31) f1 = 0,0853061 r31 = 807485E0 [807485E4] = 3DAEB4F2
801436AC: D03F0004 stfs f1,4(r31) f1 = 0,0925473 r31 = 807485E0 [807485E4] = 3DAEB4F2
801436AC: D03F0004 stfs f1,4(r31) f1 = 0,654505 r31 = 80B09400 [80B09404] = 3F1F7A06
801436AC: D03F0004 stfs f1,4(r31) f1 = 0,13963 r31 = 807485E0 [807485E4] = 3DBD8970
801436AC: D03F0004 stfs f1,4(r31) f1 = 0,785005 r31 = 80B09400 [80B09404] = 3F278DA4
801436AC: D03F0004 stfs f1,4(r31) f1 = 0,147531 r31 = 807485E0 [807485E4] = 3E0EFB13
801436AC: D03F0004 stfs f1,4(r31) f1 = 0,785005 r31 = 80B09400 [80B09404] = 3F48F617
801436AC: D03F0004 stfs f1,4(r31) f1 = 0,147531 r31 = 807485E0 [807485E4] = 3E171254
801436AC: D03F0004 stfs f1,4(r31) f1 = 0,901819 r31 = 80B09400 [80B09404] = 3F48F617
[/spoiler]
Very good! ;D Gecko.NET was updated to 0.65 this morning. Please use the update.
---
I looked at the function. This section is interesting.
801430A8: 835F0000
lwz r26,0(r31)801430AC: 48132EA5 bl 0x80275f50
801430B0: 388D8BE4 subi r4,r13,29724
801430B4: 38A00001 li r5,1
801430B8: 4813432D bl 0x802773e4
801430BC: 281A0016 cmplwi r26,22
801430C0: 7C7B1B78 mr r27,r3
801430C4: 41810550 bgt- 0x80143614
801430C8: 3C808060
lis r4,-32672801430CC: 5740103A
rlwinm r0,r26,2,0,29801430D0: 38842618
addi r4,r4,9752801430D4: 7C84002E
lwzx r4,r4,r0801430D8: 7C8903A6 mtctr r4
801430DC: 4E800420 bctr
The game loads 0(r31) into r26 { NOTE: 4(r31) is the power bar!).
801430A8: 835F0000 lwz r26,0(r31)
Then, it loads r4 with a pointer.
80602618801430C8: 3C80
8060 lis r4,-32672
...
801430D0: 3884
2618 addi r4,r4,9752
It then uses r26 to offset from r4.
801430CC: 5740103A rlwinm r0,r26,2,0,29 # r0 = r26 * 4
...
801430D4: 7C84002E lwzx r4,r4,r0 # r4 = [80602618 + r0]
It then branches (mtctr r4/bctr) to somewhere.
This suggests 0(r31) can discriminate between player and enemy.
---
We can check if this is true. Use Step Log and Execute breakpoints again. This time, breakpoint on 801430A8: 835F0000 lwz r26,0(r31) and the log will show us whether 0(r31) can discriminate between player and enemy.
---
Quotei dont know what is the frame thing
A "frame" is a snapshot of the game. You are French? http://fr.wikipedia.org/wiki/Frame_rate
In the bottom left corner of Gecko.NET is "Pause Game". Press "Pause Game" once, it turns into "Next Frame". Every press of "Next Frame" moves the game forward one frame. Try it. Each time you press "Next Frame", everyone moves a little bit.
---
I think I understand why you are confused. Breakpoints can have three behaviors.
1) Press
Set many times to go forward
one frame?
2) Press
Set once to go forward
one frame?
3) Press
Set once, and it goes forward
many frames until some action is performed?
I believe this breakpoint is behavior 3). It only breakpoints when someone gets more power bar.
---
Why Step Log? It records the pointers to the power bars! We can use this to find
everyone's power bars.
801436AC: D03F0004 stfs f1,4(r31) f1 = 0,323851 r31 = 80B425A0 [
80B425A4] = 3F22A17F
801436AC: D03F0004 stfs f1,4(r31) f1 = 0,0376634 r31 = 807485E0 [
807485E4] = 3BB05C2F
801436AC: D03F0004 stfs f1,4(r31) f1 = 0,0984315 r31 = 80B09400 [
80B09404] = 00000000
We can also see power bar being added.
801436AC: D03F0004 stfs f1,4(r31) f1 =
0,00538208 r31 = 807485E0 [807485E4] = 00000000
801436AC: D03F0004 stfs f1,4(r31) f1 =
0,0376634 r31 = 807485E0 [807485E4] = 3BB05C2F
801436AC: D03F0004 stfs f1,4(r31) f1 =
0,0552227 r31 = 807485E0 [807485E4] = 3D1A44FC
801436AC: D03F0004 stfs f1,4(r31) f1 =
0,0552227 r31 = 807485E0 [807485E4] = 3D62313A
801436AC: D03F0004 stfs f1,4(r31) f1 =
0,0585741 r31 = 807485E0 [807485E4] = 3D62313A
801436AC: D03F0004 stfs f1,4(r31) f1 =
0,0790423 r31 = 807485E0 [807485E4] = 3D6FEB6D
801436AC: D03F0004 stfs f1,4(r31) f1 =
0,0790423 r31 = 807485E0 [807485E4] = 3DA1E0F0
801436AC: D03F0004 stfs f1,4(r31) f1 =
0,0853061 r31 = 807485E0 [807485E4] = 3DA1E0F0
801436AC: D03F0004 stfs f1,4(r31) f1 =
0,0853061 r31 = 807485E0 [807485E4] = 3DAEB4F2
801436AC: D03F0004 stfs f1,4(r31) f1 =
0,0925473 r31 = 807485E0 [807485E4] = 3DAEB4F2
801436AC: D03F0004 stfs f1,4(r31) f1 =
0,13963 r31 = 807485E0 [807485E4] = 3DBD8970
801436AC: D03F0004 stfs f1,4(r31) f1 =
0,147531 r31 = 807485E0 [807485E4] = 3E0EFB13
801436AC: D03F0004 stfs f1,4(r31) f1 =
0,147531 r31 = 807485E0 [807485E4] = 3E171254
Thanks a lot dcx2 for taking time to help me.
I use now the update of Gecko.Net (Gecko dNet 0.65).
So i use Step Log and Execute breakpoints on 801430A8: 835F0000 lwz r26,0(r31)
Thanks to you now i understand the utility of Pause Game and also Next Frame.
I appreciate a lot what you are doing and your patience,its not easy to communicate with a noob person.
I understand more things now, thanks to you dcx2.
So in Breakpoint tab. click "Log Steps", "Execute" breakpoints and "Set"
"Pause Game" and "Next frame" Now I get it i push next frame and when the game has moved forward three frames i push "Set"
And i m doing several times.
Finally here are the results for the "Log Steps" :
[spoiler]801430A8: 835F0000 lwz r26,0(r31) r26 = 80655DA8 r31 = 80B1E890 [80B1E890] = 00000006
801430A8: 835F0000 lwz r26,0(r31) r26 = 80655DA8 r31 = 8077F220 [8077F220] = 0000000B
801430A8: 835F0000 lwz r26,0(r31) r26 = 80655DA8 r31 = 80B1E890 [80B1E890] = 00000006
801430A8: 835F0000 lwz r26,0(r31) r26 = 80655DA8 r31 = 80B1E890 [80B1E890] = 00000006
801430A8: 835F0000 lwz r26,0(r31) r26 = 80655DA8 r31 = 8077F220 [8077F220] = 0000000B
801430A8: 835F0000 lwz r26,0(r31) r26 = 80655DA8 r31 = 80B1E890 [80B1E890] = 00000006
801430A8: 835F0000 lwz r26,0(r31) r26 = 80655DA8 r31 = 80B1E890 [80B1E890] = 00000006
801430A8: 835F0000 lwz r26,0(r31) r26 = 80655DA8 r31 = 8077F220 [8077F220] = 0000000B
801430A8: 835F0000 lwz r26,0(r31) r26 = 80655DA8 r31 = 80B1E890 [80B1E890] = 00000006
801430A8: 835F0000 lwz r26,0(r31) r26 = 80655DA8 r31 = 80B1E890 [80B1E890] = 00000006
801430A8: 835F0000 lwz r26,0(r31) r26 = 80655DA8 r31 = 8077F220 [8077F220] = 0000000B
801430A8: 835F0000 lwz r26,0(r31) r26 = 80655DA8 r31 = 80B1E890 [80B1E890] = 00000006
801430A8: 835F0000 lwz r26,0(r31) r26 = 80655DA8 r31 = 80B1E890 [80B1E890] = 00000006
801430A8: 835F0000 lwz r26,0(r31) r26 = 80655DA8 r31 = 80B1E890 [80B1E890] = 00000006
801430A8: 835F0000 lwz r26,0(r31) r26 = 80655DA8 r31 = 8077F220 [8077F220] = 0000000B[/spoiler]
Take your time. Read slowly. We can overcome the language barrier. ;D
---
Quote"Pause Game" and "Next frame" Now I get it i push next frame and when the game has moved forward three frames i push "Set"
That is not right. "Next Frame" is actually a breakpoint. I asked you to try it, so you will understand what "moving one frame" is. You do not need it for the Step Log.
---
When you push "Set", the game will run until the breakpoint is hit. We want to press Set until the game moves one frame (WITHOUT "Next Frame")
"Behavior 1", then you must press "Set" many times before it moves one frame.
"Behavior 2", then each "Set" will move one frame.
"Behavior 3", then each "Set" will move many frames until the breakpoint hits.
If we have "Behavior 1", "Set" may not move a frame. You will press "Set" for each thing that gets computed. After all things get computed, "Set" will move forward one frame. So you must "Set" many times to see all things computed in one frame.
Your breakpoint may have "Behavior 1", "Behavior 2", or "Behavior 3". Which behavior does your breakpoint have?
---
This looks good!
801430A8: 835F0000 lwz r26,0(r31) r26 = 80655DA8 r31 = 80B1E890 [80B1E890] = 00000006
801430A8: 835F0000 lwz r26,0(r31) r26 = 80655DA8 r31 = 8077F220 [8077F220] = 0000000B
80B1E890 = 0x6
8077F220 = 0xB
Which one is the player? Which one is the enemy?
---
In this example, I will use your most recent Step Log. These values may be different now. Every time you change the level or restart the game, the pointers will change. You will need to do Step Log again to make sure you have the right pointers for the current level.
Get the pointers again. For instance, 80B1E890 = 0(r31). Then go to 80B1E89
4 = 4(r31) (add 4 to original pointer). Go to that address in MemView. Poke it. Does the player or enemy power bar change?
If the player changes, then 80B1E890 = 0x6 means it is a player. If the enemy changes, then it means 80B1E890 = 0x6 is an enemy; you will have to try the next pointer.
I push "Set" and the frame are moving and when the power jauge increase the breakpoint is hit.
So if i have understand its the "Behavior 3", then each "Set" will move many frames until the breakpoint hits.
I use the breakpoint tab "Log steps on" and i get this :
801430A8: 835F0000 lwz r26,0(r31) r26 = 80655DA8 r31 = 8079AA40 [8079AA40] = 00000010
801430A8: 835F0000 lwz r26,0(r31) r26 = 80655DA8 r31 = 80B1E528 [80B1E528] = 00000006
Also i add 4 to 8079AA40 i get 8079AA44 = 4(r31) (add 4 to original pointer) im going to Mem View and poke the value.
And its the Enemy jauge who changed ."If the enemy changes, then it means" 8079AA40 = 0x10 "is an enemy".
8079AA40 = 0x10 Enemy
80B1E528 = 0x6 The player
;D
Yes, you have "Behavior 3".
---
Okay. We shall assume [80B1E528] = 00000006 means "this is a player"
How do we prove this?
With Breakpoint Conditions! This is also on the Breakpoint Tab.
Breakpoint Conditions will only breakpoint if the condition is true. It will skip the breakpoint if the condition is false. We will use a breakpoint condition to see if we breakpoint when the player gets power bar.
Assuming the pointers are still the same, set a Breakpoint Condition, r31 == 80B1E528. Then hit "Set".
The game should run. When an enemy gets power bar, it should skip that breakpoint and keep running. When a player gets power bar, it should hit that breakpoint and freeze.
If that is correct, then we know that 0(r31) == 0x6 means we are working on a player.
Waow you are really fast dcx2. Thanks again for helping me.
So i m on Breakpoint Tab
Set a Breakpoint Condition, r31 == 80B1E528, turn on Active conditions, then hit "Set"
The game is runnig. When the enemy shoot and also his power jauge increase, the game keeps running.
When i will hit the ball so my power jauge will increase, it hit that breakpoint and freeze.
So we know that 0(r31) == 0x6 means we are working on a player.
Hooray!
Notice how we are carefully analyzing step by step. We make an assumption, then test the assumption.
It is slow. But it is reliable.
---
Using this knowledge, we should try the following code. Initially you asked for two C2 codes. For now, we will use only one to verify that this works as expected. If it does, we will then complete the second code.
---
HOOK ADDRESS: 801436AC
lwz r12,0(r31) # Load r12 with the player/enemy discriminator
cmpwi r12,6 # compare r12 to 6
beq- _PLAYER # if r12 == 6, branch to _PLAYER
# at this point, we must be processing an enemy
li r12,0 # set enemy power bar to 0.0!
b _END # branch to the end
_PLAYER:
lis r12,0x3F80 # set player bar power to 1.0!
# fall through to _END
_END:
stw r12,4(r31) # store power bar
Thanks a lot i add all the instruction in asmwiird for the adress 801436AC i get
C21436AC 00000004
819F0000 2C0C0006
4182000C 39800000
48000008 3D803F80
919F0004 00000000
The codes is working like a charm and i can have the special without the jauge is full. your awesome dcx2.
And the enemy has not use special shot against me.
Great news!
Do you understand the ASM code? I can explain it better if you want me to.
See if you can make the other C2 code. Tip: the other address uses 0(r6). So the "player/enemy discrimination" will be -4(r6)
So i try to make the second code
801B9A58
lwz r12,-4(r6)
cmpwi r12,6
beq- _PLAYER
li r12,0
b _END
_PLAYER:
lis r12,0x3F80
_END:
stw r12,0(r6)
i get
C21B9A58 00000004
8186FFFC 2C0C0006
4182000C 39800000
48000008 3D803F80
91860000 00000000
The code works i can have special everytime and no the enemy.
I see that the both jauge are always empty maybe i made a mistake but i have a problem the code is working on arcade mode but not in world tour.
just the jauge are empty in world tour but the first code
Power Jauge always full
C21436AC 00000002
3D803F80 919F0004
60000000 00000000
C21B9A58 00000002
3D803F80 91860000
60000000 00000000
Works on arcade and world tour mode but you know that player and enemy has full jauge with this one.
I was afraid of that...
My guess is that 0(r31) is not 6 for the World Tour.
Repeat the Step Log process for World Tour. Breakpoint tab - Step Log - Execute on address 801430A8:835F0000 lwz r26,0(r31) - Set many times
If you watch carefully, you may be able to tell which address is the player, if you notice when the breakpoint hits your power bar.
The Step Log will tell us what values 0(r31) might be.
Also
You may have noticed that you can't turn these cheats off once you turn them on. C2 codes change the game, and it needs to be changed back to normal. I made "GCT Code Undo" to do that.
Original Instruction - 801B9A58: D0260000 stfs f1,0(r6)
##801B9A58 D0260000
C21B9A58 00000004
8186FFFC 2C0C0006
4182000C 39800000
48000008 3D803F80
91860000 00000000
When you click "Send Codes", the ## line is ignored.
When you click "Disable Codes", the ## line will poke the address (801B9A58) with the value (D0260000), which will change the game back to normal. Double check the address (801B9A58) in Disassembly; it should be stfs.
thanks again for everything dcx2
I repeat the "Step Log" for World Tour in the Breakpoint tab on address 801430A8:835F0000 lwz r26,0(r31)
I get this :
801430A8: 835F0000 lwz r26,0(r31) r26 = 80655DA8 r31 = 8079D928 [8079D928] = 00000007 Player
801430A8: 835F0000 lwz r26,0(r31) r26 = 80655DA8 r31 = 8077C0F0 [8077C0F0] = 0000000B Enemy
So for 801436AC
lwz r12,0(r31)
cmpwi r12,7
beq- _PLAYER
li r12,0
b _END
_PLAYER:
lis r12,0x3F80
_END:
lwz r12,0(r31)
i get
C21436AC 00000004
819F0000 2C0C0007
4182000C 39800000
48000008 3D803F80
919F0004 00000000
and for 801B9A58
lwz r12,-4(r6)
cmpwi r12,7
beq- _PLAYER
li r12,0
b _END
_PLAYER:
lis r12,0x3F80
_END:
stw r12,0(r6)
i get
C21B9A58 00000004
8186FFFC 2C0C0007
4182000C 39800000
48000008 3D803F80
91860000 00000000
and i add the original instruction for the two codes
World Tour Mode Power Jauge
801436AC D03F0004
C21436AC 00000004
819F0000 2C0C0007
4182000C 39800000
48000008 3D803F80
919F0004 00000000
801B9A58 D0260000
C21B9A58 00000004
8186FFFC 2C0C0007
4182000C 39800000
48000008 3D803F80
91860000 00000000
So they can be turn off.
And I made the arcade mode code too :
Arcade Mode Power Jauge
801436AC D03F0004
C21436AC 00000004
819F0000 2C0C0006
4182000C 39800000
48000008 3D803F80
919F0004 00000000
801B9A58 D0260000
C21B9A58 00000004
8186FFFC 2C0C0006
4182000C 39800000
48000008 3D803F80
91860000 00000000
I have a question can i add
for 801436AC
lwz r12,0(r31)
cmpwi r12,6
cmpwi r12,7
beq- _PLAYER
li r12,0
b _END
_PLAYER:
lis r12,0x3F80
_END:
lwz r12,0(r31)
for having the code working for the two modes (Arcade and World Tour) ?
Thanks again to you Dcx2 you helped me a lot.
I applaud your effort! You are not a noob.
---
##801436AC D03F0004
C21436AC 00000004
819F0000 2C0C0007
4182000C 39800000
48000008 3D803F80
919F0004 00000000
##801B9A58 D0260000
C21B9A58 00000004
8186FFFC 2C0C0007
4182000C 39800000
48000008 3D803F80
91860000 00000000
Be careful with the
##. Only Gecko.NET recognizes it. Everything else (WiiRDGUI, ASMWiiRD, PyiiASMH, Gecko OS) will be confused. It is only for hackers, and only for the GCT Tab of Gecko.NET; it allows us to turn codes off. When you publish the code for cheaters (on the forum; on GeckoCodes),
do not include the ## line. Cheaters cannot turn codes off with ##.
---
A C2 "hooks" the game. Hook in the sense of fishing. You can only have one "hook" active per address.
World Tour Mode Power Jauge
C21B9A58 00000004
8186FFFC 2C0C0007
4182000C 39800000
48000008 3D803F80
91860000 00000000
Arcade Mode Power Jauge
C21B9A58 00000004
8186FFFC 2C0C0006
4182000C 39800000
48000008 3D803F80
91860000 00000000
Whichever hook is last will work, the other will not. So if the codes are applied in this order, Arcade Mode will work, but World Tour will not.
---
Quotelwz r12,0(r31)
cmpwi r12,6
cmpwi r12,7
beq- _PLAYER
li r12,0
b _END
_PLAYER:
lis r12,0x3F80
_END:
lwz r12,0(r31)
This is a good try! You are very close. This is what you want.
lwz r12,0(r31)
cmpwi r12,6
beq- _PLAYER cmpwi r12,7
beq- _PLAYER
li r12,0
b _END
_PLAYER:
lis r12,0x3F80
_END:
stw r12,4(r31)---
I will try to explain the CPU a bit. This may be difficult to understand.
When a CPU compares one value to another, it sets the Condition Register (CR). The CR records whether the comparison is
less than,
equal, or
greater than. This tells the next ASM the result of the compare.
cmpwi r12,6 # compare r12 to 6. if r12 < 6, make CR
less than. if r12 == 6, CR
equal. if r12 > 6, CR
greater thanbeq- _PLAYER # if the CR is
equal, branch execution to the _PLAYER label, skipping over everything in between
Do you see now why your initial suggestion would not work?
cmpwi r12,6 # if r12 is 6, CR
equalcmpwi r12,7 # if r12 is 6, CR
less thanbeq- _PLAYER # if CR less than, this will not branch!
Therefore, you must do each test one at a time. Each compare will have its own
conditional branch (branch that uses Condition Register CR) [examples of other conditional branches: blt (branch less than), ble (branch less than or equal), bgt (branch greater than), bne (branch not equal), and so on]
---
Here is something to try. After you Send Codes, set an execute breakpoint on the address. For example 801B9A58. You will see "b 0x8000XXXX" instruction. Now click "Step Into". The processor will execute just the b instruction and then stop again. It should take you to the lwz r12,0(r31) of your code!
Press "Step Into" again, and it will go forward one instruction to cmpwi r12,6. Look carefully at the CR. Then press "Step Into" again. It will go to the beq- _PLAYER, and the CR will change a little bit because of the cmpwi. Also, the "Show Mem" button will say "Taken" if the conditional branch is true, or "Not Taken" if it is false.
Keep pressing "Step Into" and you will watch your code work.
Thanks again for everything dcx2.
So i tried for 801436AC
lwz r12,0(r31)
cmpwi r12,6
beq- _PLAYER
cmpwi r12,7
beq- _PLAYER
li r12,0
b _END
_PLAYER:
lis r12,0x3F80
_END:
lwz r12,0(r31)
Like you said it doesnt work and crash the wii when the jauge will increase.
So i have some questions :
- Therefore, you must do each test one at a time. Each compare will have its own conditional branch (branch that uses Condition Register CR) [examples of other conditional branches: blt (branch less than), ble (branch less than or equal), bgt (branch greater than), bne (branch not equal), and so on]
May i test :
[spoiler]C21B9A58 00000004
8186FFFC 2C0C0006
4182000C 39800000
48000008 3D803F80
91860000 00000000
and
C21B9A58 00000004
8186FFFC 2C0C0007
4182000C 39800000
48000008 3D803F80
91860000 00000000
[/spoiler]or [spoiler]
C21436AC 00000004
819F0000 2C0C0006
4182000C 39800000
48000008 3D803F80
919F0004 00000000
C21B9A58 00000004
8186FFFC 2C0C0006
4182000C 39800000
48000008 3D803F80
91860000 00000000
and
C21436AC 00000004
819F0000 2C0C0007
4182000C 39800000
48000008 3D803F80
919F0004 00000000
C21B9A58 00000004
8186FFFC 2C0C0007
4182000C 39800000
48000008 3D803F80
91860000 00000000[/spoiler]
- I send this code[spoiler]C21B9A58 00000004
8186FFFC 2C0C0007
4182000C 39800000
48000008 3D803F80
91860000 00000000[/spoiler]And execute breakpoint on the address.
I click "Step Into"
I look carefully at the CR and i saw 26200882, 46200882 and 8620082.
Sometimes the "Show Mem" says "Not Taken" and "Taken"
So i really dont know what to do. You told me to see the conditional branch (branch that uses Condition Register CR) [examples of other conditional branches: blt (branch less than), ble (branch less than or equal), bgt (branch greater than), bne (branch not equal), and so on.
I m really confused and really dont know what to do.Asm is too complex for me.I hope you understand what i mean.
That code should not crash.
Oh no! I see what you did wrong.
And we have been getting it wrong for a while now. I edited some old posts. Sorry to cause you confusion.
801436AC
lwz r12,0(r31)
cmpwi r12,6
beq- _PLAYER
cmpwi r12,7
beq- _PLAYER
li r12,0
b _END
_PLAYER:
lis r12,0x3F80
_END:
stw r12,4(r31)
C21436AC 00000005
819F0000 2C0C0006
41820014 2C0C0007
4182000C 39800000
48000008 3D803F80
919F0004 00000000
---
The other code
801B9A58
lwz r12,-4(r6)
cmpwi r12,6
beq- _PLAYER
cmpwi r12,7
beq- _PLAYER
li r12,0
b _END
_PLAYER:
lis r12,0x3F80
_END:
stw r12,0(r6)
C21B9A58 00000005
8186FFFC 2C0C0006
41820014 2C0C0007
4182000C 39800000
48000008 3D803F80
91860000 00000000
---
With the "Show Mem", "Taken", "Not Taken", I wanted you to see the ASM code as it happens. It was only a learning experience. So that you understand how branches change which instruction will be executed next.
Thanks again to you dcx2. I changed the stw r12,4(r31) and you r right i was wrong.
So i rechecked the second one
801B9A58
lwz r12,-4(r6)
cmpwi r12,6
beq- _PLAYER
cmpwi r12,7
beq- _PLAYER
li r12,0
b _END
_PLAYER:
lis r12,0x3F80
_END:
stw r12,0(r6)
Power Jauge (with original instruction)
801436AC D03F0004
C21436AC 00000005
819F0000 2C0C0006
41820014 2C0C0007
4182000C 39800000
48000008 3D803F80
919F0004 00000000
801B9A58 D0260000
C21B9A58 00000005
8186FFFC 2C0C0006
41820014 2C0C0007
4182000C 39800000
48000008 3D803F80
91860000 00000000
And yes now the jauge works for arcade and World Tour mode.
Thanks Again for everything you helped me a lot.You are awesome dcx2.
I made other asm codes if you have some time can you see them ?
They are working and no bug yet but if you see something wrong it would be nice to tell me.
[spoiler]
For
8011342C: 900303D4 stw r0,980(r3)
I used Li r0,999
Stw r0,980(3)
I get
Stars x999 (World tour mode)(with original instruction)
8011342C 900303D4
C211342C 00000002
380003E7 900303D4
60000000 00000000
------------------------------------------------------------------------------------------------
For 80230380: 7FE3012E stwx r31,r3,r0
8023091C : 7EE3012E stwx r31,r3,r0
I used lis r12,9999
ori r12,r12,9999
stwx r12,r3,r0
I get
Training Points Max (World Tour mode)(with original instruction)
80230380 7FE3012E
C2230380 00000002
3D80270F 618C270F
7D83012E 00000000
8023091C 7EE3012E
C223091C 00000002
3D80270F 618C270F
7D83012E 00000000
--------------------------------------------------------------------------------------------------------------
For 801134FC: 900303E0 stw r0,992(r3)
I used lis r12,0
ori r12,r12,65535
stw r12,992(r3)
I get
Stamina always full(with original instruction)
801134FC 900303E0
C21134FC 00000002
3D800000 618CFFFF
918303E0 00000000
[/spoiler]
I have a last question if i want to make an asm code with a button activator to switch the code On/Off.
I have to put the activator adress like 28XXXXXX YYYYZZZZ as usual and end ith with the terminator E0000000 80008000.
I suppose i have to add the original instruction as anti code with a CC000000 00000000 codetype too or not ?
No, this is wrong!
You do not need ##, but it helps if you want to turn the code off.
## is only for Gecko.NET GCT tab. Never post the ## lines to the forum or GeckoCodes. It may cause a crash without Gecko.NET
Example: put this in your GCT Tab. If you use ##, you
MUST include the ## at the beginning! ## means "this is
not a code. this is
undo code." When you press "Disable Code" (on GCT Tab), it will use ## lines to turn codes off. So the game goes back to normal without rebooting the Wii.
[spoiler]
##801436AC D03F0004
C21436AC 00000005
819F0000 2C0C0006
41820014 2C0C0007
4182000C 39800000
48000008 3D803F80
919F0004 00000000
##801B9A58 D0260000
C21B9A58 00000005
8186FFFC 2C0C0006
41820014 2C0C0007
4182000C 39800000
48000008 3D803F80
91860000 00000000
[/spoiler]
---
You keep forgetting to delete the rest of the ## line in your ASM codes. The Wii will think that 801436AC D03F0004 is a code! This could cause problems for others.
http://www.geckocodes.org/index.php?arsenal=1#80
Remember, ## is
undo code only for Gecko.NET GCT tab "Disable Codes". When you post the code to the forum, remove the ## lines completely! Cheaters cannot use ## without Gecko.NET GCT Tab.
C21436AC 00000005
819F0000 2C0C0006
41820014 2C0C0007
4182000C 39800000
48000008 3D803F80
919F0004 00000000
C21B9A58 00000005
8186FFFC 2C0C0006
41820014 2C0C0007
4182000C 39800000
48000008 3D803F80
91860000 00000000
---
Quotelwz r12,-4(r6) is that normal that here r12,-4(r6) "the player/enemy discriminator"
Yes. Your original breakpoints were
801436AC: D03F0004 stfs f1,4(r31)
801B9A58: D0260000 stfs f1,0(r6)
If 4(r31) = power bar, and 0(r31) = discriminator
then 0(r6) = power bar, and -4(r6) = discriminator
discriminator is 4 bytes before power bar. 4 -> 0. 0 -> -4.
---
Your ASM codes are good! Only you forget to delete the ## line.
You ask about button activators. Here is how you would button activate one Power Gauge code. Try to do the other. You can combine them with one 28 code.
041436AC D03F0004
28XXXXXX YYYYZZZZ
C21436AC 00000005
819F0000 2C0C0006
41820014 2C0C0007
4182000C 39800000
48000008 3D803F80
919F0004 00000000
E0000000 80008000
Notice! ##801436AC D03F0004 is now
041436AC D03F0004. 041436AC D03F0004 is a real code!
What this does
04 code always writes original instruction back every time
28 code is the button activator
C2 code is the hack; it only happens if the button activator is true
E0 code terminates 28 code
So, if ZZZZ is pressed, 04 code executes, then C2 over-writes it. The hack happens.
And, if ZZZZ is not pressed, 04 code executes, but C2 does not. The hack does not happen.
---
EDIT:
Yes, you can use CC code to make a "toggle switch". Without CC, the code only happens while button is pressed. Release button, code off. Press button, code on. Like "SHIFT" on keyboard.
If you use CC code, press button, code on. Release button, code stays on. Press button again, code off. Release button, code stays off. Press button again, code on again. Like "CAPS LOCK" on keyboard.
041436AC D03F0004
28XXXXXX YYYYZZZZ
CC000000 00000000C21436AC 00000005
819F0000 2C0C0006
41820014 2C0C0007
4182000C 39800000
48000008 3D803F80
919F0004 00000000
E0000000 80008000
Thanks again to you dcx2.
I had understood that ## is only for Gecko.NET GCT tab. I kept them for an eventual button activator.
So i m trying to make the codes with an activator :
Here is the other :
041B9A58 D0260000
C21B9A58 00000005
286CBC1A 00001001
CC000000 00000000
8186FFFC 2C0C0006
41820014 2C0C0007
4182000C 39800000
48000008 3D803F80
91860000 00000000
E0000000 80008000
I have a doubt for codes with 2 adresses :
[spoiler]And the others
Stars x999 (World Tour Mode) (Push - and Up ON/OFF)
0411342C 900303D4
286CBC1A 00001008
CC000000 00000000
C211342C 00000002
380003E7 900303D4
60000000 00000000
E0000000 80008000
Stamina jauge Always Full (World Tour Mode) (Push - and Right ON/OFF)
041134FC 900303E0
286CBC1A 00001002
CC000000 00000000
C21134FC 00000002
3D800000 618CFFFF
918303E0 60000000
E0000000 80008000
I have a doubt for this :
Training Points Max (World Tour Mode) (Push - and Down ON/OFF)
04230380 7FE3012E
0423091C 7EE3012E
286CBC1A 00001004
CC000000 00000000
C2230380 00000002
3D80270F 618C270F
7D83012E 00000000
C223091C 00000002
3D80270F 618C270F
7D83012E 00000000
E0000000 80008000
or
Training Points Max (World Tour Mode) (Push - and Down ON/OFF)
04230380 7FE3012E
286CBC1A 00001004
CC000000 00000000
C2230380 00000002
3D80270F 618C270F
7D83012E 00000000
E0000000 80008000
0423091C 7EE3012E
286CBC1A 00001004
CC000000 00000000
C223091C 00000002
3D80270F 618C270F
7D83012E 00000000
E0000000 80008000
I have a doubt for this :
Power Jauge always Full (Push - and Left On/Off)
041436AC D03F0004
041B9A58 D0260000
286CBC1A 00001001
CC000000 00000000
C21436AC 00000005
819F0000 2C0C0006
41820014 2C0C0007
4182000C 39800000
48000008 3D803F80
919F0004 00000000
C21B9A58 00000005
8186FFFC 2C0C0006
41820014 2C0C0007
4182000C 39800000
48000008 3D803F80
91860000 00000000
E0000000 80008000
or
Power Jauge always Full (Push - and Left On/Off)
041436AC D03F0004
286CBC1A 00001001
CC000000 00000000
C21436AC 00000005
819F0000 2C0C0006
41820014 2C0C0007
4182000C 39800000
48000008 3D803F80
919F0004 00000000
E0000000 80008000
041B9A58 D0260000
C21B9A58 00000005
286CBC1A 00001001
CC000000 00000000
8186FFFC 2C0C0006
41820014 2C0C0007
4182000C 39800000
48000008 3D803F80
91860000 00000000
E0000000 80008000[/spoiler]
Thanks a lot for your patience and your help dcx2.
You are welcome Crapulecorp. I like to help others learn.
All of the codes you posted should work. They are two ways to do the same thing. I would prefer this type of code, because it is shorter.
[spoiler]Training Points Max (World Tour Mode) (Push - and Down ON/OFF)
04230380 7FE3012E
0423091C 7EE3012E
286CBC1A 00001004
CC000000 00000000
C2230380 00000002
3D80270F 618C270F
7D83012E 00000000
C223091C 00000002
3D80270F 618C270F
7D83012E 00000000
E0000000 80008000[/spoiler]