Code Help

Started by adam5366, April 29, 2010, 04:29:12 PM

Previous topic - Next topic
Print
Go Down Pages1
User actions

adam5366

April 29, 2010, 04:29:12 PM Last Edit: April 29, 2010, 04:33:54 PM by adam5366
I was looking for a way to freeze the flying mario so he can fly for ever. This is what i found

810C1674 (Checked on Memory viewer and it seems to be a timer of sort starting at 0E100000)
And this Unknown: 810724A0

Any idea in how i could freeze it or if it's even right.

dcx2

#1
April 29, 2010, 05:32:27 PM
0xE10 = 3600 frames.

3600 frames / 30 frames/sec = 120 seconds = 2 minutes

That seems like a reasonable timer.  It's probably 16 bits, too, so it would be read and written with lha and sth instructions.

---

Watch the counter count down in Memory Viewer with auto-update on.  If the counter reaches 0 the same time the flying Mario ends, you might have a winner.

I would get flying Mario again, and then look at the counter, and poke it to a very small value like 2.  If flying Mario ends almost instantly, you probably have a winner.

Without flying Mario, I would then try to poke a largeish non-zero value into that address.  Hopefully you instantly start being flying Mario, although this may not be the case.  Sometimes it will be, sometimes it won't...depends on the game.

---

You could also set a write breakpoint on the address and become flying Mario.  You will probably end up near the code that loads the timer, and you could modify it so it uses a larger value for the timer, like 7FFF instead of 0E10.

Once you are already flying Mario, set a write breakpoint on the address.  You will probably end up on a sth that is near a subi 1 (or an add with some register that is FFFFFFFF).  There are multiple ways to make the infinite timer, some safer than others.

1) Replace the sth with a nop and your timer should stop counting down, but this could backfire if the same sth is used to load the timer in the first place!

2) Replace the subi or add with a nop, but this could backfire if the subi or add was moving the timer from one register to a different register.  i.e. subi r0, r3, 1 can't be replaced with a nop, instead it should be replaced with mr r0, r3.

3) My personal favorite is to replace the subi or add with a li.  It is effectively like an 02 codetype, constantly writing the same value.   It guarantees that the timer's value will always be a non-zero value, whether it's being loaded the first time, or decremented.  Make sure the destination of the li is the same register that will be sth'd.

adam5366

#2
April 29, 2010, 06:29:21 PM
I'll test this out now and post back how the outcome is.

adam5366

#3
April 29, 2010, 06:43:21 PM Last Edit: April 29, 2010, 06:56:41 PM by adam5366
Ok so i found out that 810C1674 is the timer as every time i poke it to 00000002 it instantly goes to 0000000 on memory viewer and i seem to have Flying Mario for ever.

Ive never used breakpoints only pointers so ill struggle but ill try and find what you mean.

This is what i got from the breakpoint:
sth   r4,988(r3)

dcx2

#4
April 29, 2010, 06:47:42 PM
Timer reaching 0 should mean flying Mario ends, not lasts forever...

adam5366

#5
April 29, 2010, 06:57:24 PM
Yh, but ive tryed again with finding it and thats what i got.

adam5366

#6
April 30, 2010, 03:42:02 PM
Are breakpoints used alot because i have no idea how to use them.

wiiztec

#7
April 30, 2010, 04:05:20 PM
If there's any code at all that you want to be button activated, or even able to toggle on & off, and I have the game, just PM me and I'll make it happen

adam5366

#8
April 30, 2010, 05:15:40 PM
Ive seen this video before but i never knew it had sound, i had to turn mine all the way up. Thanks.
Print
Go Up Pages1
User actions