Floating Value in ASM C2

Started by Deathwolf, July 18, 2010, 11:45:41 AM

Previous topic - Next topic
Print
Go Down Pages 1 2 3 4
User actions

dcx2

#15
July 18, 2010, 05:47:48 PM
Because that is brkirch's size modifier for the FIRST Super Mario Galaxy.  He did it hard-coded, instead of a roller like mine.

James0x57

#16
July 18, 2010, 05:49:00 PM
that last 36 is because that's what it was when the C2 code hijacked it. It could be changed to 40 or 44 and have the same effect.

Deathwolf

#17
July 18, 2010, 05:55:07 PM Last Edit: July 18, 2010, 06:07:16 PM by Deathwolf
btw the code doesn't work.

a super freez hmm lol.

assembled code:
C23C0D14 00000003
3FA04000 93BE0024
93BE0028 93BE002C
C03E0024 00000000
lolz

dcx2

#18
July 18, 2010, 06:17:23 PM Last Edit: July 18, 2010, 07:14:50 PM by dcx2
Quote from: James0x57 on July 18, 2010, 05:49:00 PM
that last 36 is because that's what it was when the C2 code hijacked it. It could be changed to 40 or 44 and have the same effect.

Actually, the code requires that you hook the first lfs.  If you choose e.g. the third lfs, then f1 and f2 will contain un-hacked values by the time your code executes, and you would have to add complementary lfs to your code so f1 and f2 had hacked values.


...well, okay, in this particular instance, I guess once the game did a second call, the hacked values would be there anyway...but that's only because no one else was writing to that spot afterward.

---

Quote from: Deathwolf on July 18, 2010, 05:55:07 PM
btw the code doesn't work.

a super freez hmm lol

Which code does not work?
1) This code is for SMG1.  It will freeze SMG2 all the time (EDIT: as you can see because it has the wrong hook address).  But it will work great on SMG1, if you can find the address of the hook; brkirch's code is SMG1, and universal, so it's difficult to know the address for a particular region.

2) This code does not use a safe register.  r18 is not safe.  Use r12 instead of r18.

r12 is super-special and safe 99.9%.  All other registers (r0-r11,r13-r31) are sometimes not safe (safe is unrelated to value).  Some registers are NEVER safe (r1,r2,r13).

Deathwolf

#19
July 18, 2010, 06:21:36 PM Last Edit: July 18, 2010, 06:29:17 PM by Deathwolf
DCX2 YOUR CODE DOESN'T WORK!

lis r29,4000
stw r29,36(r30)
stw r29,40(r30)
stw r29,44(r30)
lfs f1,36(r30)

it's register 29

assembled:
C23C0D14 00000003
3FA04000 93BE0024
93BE0028 93BE002C
C03E0024 00000000

it freeeeeeezzzzz like "TÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜ"

SO:
stw r29,36(r30) these registers are in SUPER MARIO GALAXY """""2"""""
stw r29,40(r30)
stw r29,44(r30)

then you said I should use another register and it doesnt work.
lolz

dcx2

#20
July 18, 2010, 07:03:01 PM Last Edit: July 18, 2010, 07:10:59 PM by dcx2
Quote from: Deathwolf on July 18, 2010, 06:21:36 PM
SO:
stw r29,36(r30) these registers are in SUPER MARIO GALAXY """""2"""""
stw r29,40(r30)
stw r29,44(r30)

no.  those offsets (36, 40, 44) are SMG 1.


EDIT:

http://wiird.l0nk.org/forum/index.php/topic,6466.msg54920.html#msg54920

Quote from: Deathwolflis r18,0x4000
stw r18,44(r30)
lfs f1,44(r30)

SMG 2.  But only one of the offsets.  And unsafe register.

http://wiird.l0nk.org/forum/index.php/topic,6466.msg54918.html#msg54918

Quote from: dcx2lis r12,0x8000   # load grA into r12
lwz r12,0x1830(r12)
stw r12,44(r30)    # store to x/y/z size addresses
stw r12,48(r30)
stw r12,52(r30)
lfs f1,44(r30)      # replaced instruction

also SMG2.  Uses safe register.  Writes to all three size offsets.  r30 is the pointer.  The offsets for SMG1 are 36, 40, and 44.

Deathwolf

#21
July 18, 2010, 07:05:58 PM
yes but my question.

how to write it for smg2?
none will work
lolz

dcx2

#22
July 18, 2010, 07:13:53 PM
I was hoping you could figure it out on your own.  But here goes.

Hook = 803C0D14:  C03E002C   lfs   f1,44(r30)

lis r12,0x4000       # 0x40000000 = 2.0
stw r12,44(r30)    # store to x/y/z size addresses
stw r12,48(r30)
stw r12,52(r30)
lfs f1,44(r30)      # replaced instruction

C23C0D14 00000003
3D804000 919E002C
919E0030 919E0034
C03E002C 00000000

Deathwolf

#23
July 18, 2010, 07:18:55 PM Last Edit: July 18, 2010, 08:04:33 PM by Deathwolf
r12 :-\

I have done this by moonump:

801325C8:  C03F00EC   lfs   f1,236(r31)

lis r12,0x4000   
stw r12,236(r31)
lfs f1,236(r31)

C21325C8 00000002
3D804000 919F00EC
C03F00EC 00000000

and it works

the instrucion works on all assembly.
health:

803CE208:  809E06B0   lwz   r4,1712(r30)

li r12,0x0006 
stw r12,1712(r30)
lwz r4,1712(r30)

C23CE208 00000002
39800006 919E06B0
809E06B0 00000000

and it works again
lolz

Deathwolf

#24
July 18, 2010, 09:13:35 PM
quick question.

how to change 32 bit?

code:80159DF0:  800303E8   lwz   r0,1000(r3)

lis r12,0x05F5
ori r12,r12 0xE0FF
stw r12,1000(r3)
lwz r0,1000(r3)

C2159DF0 00000003
3D8005F5 618CE0FF
918303E8 800303E8
60000000 00000000

it change it to 12345678
lolz

dcx2

#25
July 18, 2010, 09:17:46 PM
It looks like you have the right idea.  Use lis/ori.

lis r12,0x1234
ori r12,r12 0x5678
stw r12,1000(r3)
lwz r0,1000(r3)

Deathwolf

#26
July 18, 2010, 09:19:41 PM
yep I want to change it to 99999999.

code:
lis r12,0x05F5
ori r12,r12 0xE0FF
stw r12,1000(r3)
lwz r0,1000(r3)

but in the game it's 12345678 lol
lolz

dcx2

#27
July 18, 2010, 09:35:48 PM
decimal 12345678 = hex 0x00BC614E.  That's weird.  The game might have a maximum.

Try something less than 12345678.

Deathwolf

#28
July 18, 2010, 09:44:01 PM
yes 99999950.

but if I try to change it to 00000000, it doesn't overwrite the original value.
hmm what's wrong...
lolz

dcx2

#29
July 18, 2010, 09:50:18 PM
99999950 is not less than 12345678.
Print
Go Up Pages 1 2 3 4
User actions