Coding Questions and other Quandaries Hackwiz Coder / Dev Posts: 95 Threads: 2 Joined: Dec 2021 Reputation: 2 12-13-2021, 12:02 PM I have come across this command a few times and it plays a part in a code for a GCN game I'm revisiting. Perhaps you can shed some light on parts of it I don't understand. Would be nice if they actually put an example in the programming guide. rlwinm rlwinm. Rotate Left Word Immediate then AND with Mask rA,rS,SH,MB,ME The contents of register rS are rotated left by the number of bits specified by operand SH (this much I understand). A mask is generated having 1 bits from the bit specified by operand MB + 32 through the bit specified by operand ME + 32 and 0 bits elsewhere. The rotated data is ANDed with the generated mask and the result is placed into register rA. rlwinm Rotate Left Word Immediate then AND with Mask rlwinm. Rotate Left Word Immediate then AND with Mask with CR Update. The dot suffix enables the update of the CR. Here's actual code from the game I'm working on with value specified in pertinent register: lhz r3, 0x28 (r31) #ASM Loads 0xD08 into r3 li r0, 1 ori r3,r3, 0x4 #ASM r3= 0xD0C sth r3, 0x28 (r31) lhz r3, 0x28 (r31) #ASM Not sure why they did this. Seems like unneeded code. rlwinm r3, r3, 0, 16, 30 (0000FFFE) #ASM r3 = 0xD0C. What was the point? How is (0000FFFE) generated with 16, 30? That's where the lose me. sth r3, 0x28 (r31) Thanks for your help!!!! Unnamed Coder / Dev Posts: 134 Threads: 25 Joined: Jan 2020 Reputation: 12 12-13-2021, 12:33 PM There is a Thread that deals with this kind of instructions: https://mariokartwii.com/showthread.php?tid=1262 I think most of your questions to the rlwinm instruction can be answered with this Thread. Hackwiz Coder / Dev Posts: 95 Threads: 2 Joined: Dec 2021 Reputation: 2 12-13-2021, 01:51 PM Thanks!! Makes sense now. Seeky Cat Posts: 204 Threads: 12 Joined: Dec 2019 Reputation: 15 12-13-2021, 02:44 PM The version with the . automatically compares the result to 0 (rlwinm. rD, rA, shift, start, end is equivalent to rlwinm rD, rA, shift, start, end followed by cmpwi rD, 0) Hackwiz Coder / Dev Posts: 95 Threads: 2 Joined: Dec 2021 Reputation: 2 12-15-2021, 11:50 AM (This post was last modified: 12-15-2021, 11:51 AM by Hackwiz.) I'm revisiting a game that has proven troublesome. Spirits & Spells (USA) GCN The \$100,000 question I have is, is it possible to step "backwards" through the code while performing instruction/memory BP's? I read through the guide on using BP's but saw no mention of it. Hackwiz Coder / Dev Posts: 95 Threads: 2 Joined: Dec 2021 Reputation: 2 12-15-2021, 01:09 PM (This post was last modified: 12-15-2021, 01:34 PM by Hackwiz.) This is why I ask: I'm hacking a jump in mid-air code for the above mentioned game. I found that while the game code is static, the memory address for the half-word being monitored changes with each stage, 13 in all. So some simple ASM should do the trick... Maybe? The half-word bobbles back and forth between 0xD0C & 0xD0E: When sitting idle: 8017951C sth r0, 0x28 (r3) #ASM r0 = 0xD0C 80179F60 sth r0, 0x28 (r3) #ASM r0 = 0xD0E When you jump, this value goes to 0xD0F, and you can't jump again until it goes back to 0xD0E: 1st part of jump (Change code here): 80179F90 lhz r4, 0x28 (r30) #ASM r4 = 0xD0E 80179FA0 ori, r4, r4, 0x1 #ASM r4 = 0xD0F. (for my code, changed to 0x0, r4 = 0xD0E) 80179FA8 sth r4, 0x28 (r30) 2nd part of jump (Doesn’t need code change): 80179FE4 lhz r0, 0x28 (r30) #ASM r4 = 0xD0F 80179FF4 rlwinm r0, r0, 0, 16, 30 (0000FFFE) #ASM r4 = 0xD0E 80179FFC sth r0, 0x28 (r30) #ASM r6 = 0xD0E then it goes back to the: When sitting idle routine: 8017951C sth r0, 0x28 (r3) #ASM r0 = 0xD0C 80179F60 sth r0, 0x28 (r3) #ASM r0 = 0xD0E So changing the ASM to: 80179FA0 ori, r4, r4, 0x1 #ASM changed to ori r4, r4, 0 which successfully gave me JMA capabilities. But.......................... That same half-word is being monitored for a second function, the attack. When you use the attack, the half-word changes to 0xD08, then is changed to 0xD0C and back to the: sitting idle routine: 8017951C sth r0, 0x28 (r3) #ASM r0 = 0xD0C 80179F60 sth r0, 0x28 (r3) #ASM r0 = 0xD0E Here is the sequence of stores during a normal attack routine (JMA code NOT activated): 1st part of attack: 80179A0C lhz r0, 0x28 (r6) #ASM r6 = 0xD0C 80179A10 andi. r0, r0, 0xFFFB#ASM r0 = 0xD08 80179A14 sth r0, 0x28 (r6) #ASM r6 = 0xD08 2nd part of attack: 80179B60 lhz r3, 0x28 (r31) #ASM r3 = 0xD08 80179B68 ori r3, r3, 0x4 #ASM r3 = 0xD0C 80179B6C sth r3, 0x28 (r31) #ASM r3 = 0xD0C 3rd part of attack: 80179B70 lhz r3, 0x28 (r31) #ASM r3 = 0xD0C 80179B74 rlwinm r3, r3, 0, 16, 30 (0000FFFE) #ASM r3 = 0xD0C 80179B78 sth r3, 0x28 (r31) #ASM r3 = 0xD0C then goes back to: sitting idle (bobbles back and forth): 8017951C sth r0, 0x28 (r3) #ASM r0 = 0xD0C 80179F60 sth r0, 0x28 (r3) #ASM r0 = 0xD0E However, with my JMA code activated, when I use the attack, the character throws the weapon, and freezes in place with 0xD08 in the memory address, stuck on this line of code, which of course is boogering up the game: sitting idle routine line 8017951C sth r0, 0x28 (r3) #ASM r0 = 0xD08 (the program is expecting there to be 0xD0C) This is the sequence of stores during the attack routine (with JMA code activated): 1st part of attack: 80179A0C lhz r0, 0x28 (r6) #ASM r6 = 0xD0C 80179A10 andi. r0, r0, 0xFFFB#ASM r0 = 0xD08 80179A14 sth r0, 0x28 (r6) #ASM r6 = 0xD08 immediately goes to: 8017951C sth r0, 0x28 (r3) #ASM r0 = 0xD08 (the program is expecting there to be 0xD0C) So the reason I wanted to know if you can step backwards, is so I could trace back from the first line of the 2nd part of the attack sequence (without the code activated), and see what values are wrong (with the code activated), and not allowing it to branch to that section. There is a rather lengthy routine going on between the 1st and 2nd part of the attack routine 'sth' Hope that was clear. Thanks!!!!!! Vega bl the_admin Posts: 3,535 Threads: 860 Joined: Feb 2018 Reputation: 84 12-15-2021, 02:56 PM Step-In = Step one instruction executing it normally Skip = Nop Step-Over = Skip any function calls (bl's, bctrl's, etc) Step-Out = Appears to jump back in a way to some previous function calls but not exactly??, can't really tell tbh. Afaik there's no literal step back function. There is an option for "Set PC" and you can set the next address that will execute, that could help for some things. There's also the call stack (top left of code view), that can help. It shows the recent addresses that are responsible for calling the previous 'parent' functions. The most recent functions are listed from top to bottom. Thread on function calls - https://mariokartwii.com/showthread.php?tid=1052 Current Bit map from what I gathered from reading your post: Bits 0 thru 15 = Unused Bits 16 thru 28 = ?? Bit 29 = Flips low then gets flipped high for Attack Bit 30 = Finished Jump or Finished Attack. Flips off and on while idle Bit 31 = Flips high then gets flipped low when a Jump is preformed  Dumb question, apologies if you have already tried this, but have you simply tried adding a second code (C2 ASM) at "8017951C sth r0, 0x28 (r3) #ASM r0 = 0xD08 (the program is expecting there to be 0xD0C)" Like this.. Code:```li r0, 0xD0C #Force Bit 29 high sth r0, 0x28 (r3) #Default Instruction``` If that doesn't work, nopping the "andi." at "80179A10 andi. r0, r0, 0xFFFB#ASM r0 = 0xD08" might. Hackwiz Coder / Dev Posts: 95 Threads: 2 Joined: Dec 2021 Reputation: 2 12-15-2021, 04:12 PM (This post was last modified: 12-15-2021, 04:39 PM by Vega. Edit Reason: Fixed quotation structure ) (12-15-2021, 02:56 PM)Vega Wrote: Step-In = Step one instruction executing it normally Skip = Nop Step-Over = Skip any function calls (bl's, bctrl's, etc) Step-Out = Appears to jump back in a way to some previous function calls but not exactly??, can't really tell tbh. Afaik there's no literal step back function. There is an option for "Set PC" and you can set the next address that will execute, that could help for some things. There's also the call stack (top left of code view), that can help. It shows the recent addresses that are responsible for calling the previous 'parent' functions. The most recent functions are listed from top to bottom. Thread on function calls - https://mariokartwii.com/showthread.php?tid=1052 Current Bit map from what I gathered from reading your post: Bits 0 thru 15 = Unused Bits 16 thru 28 = ?? Bit 29 = Flips low then gets flipped high for Attack Bit 30 = Finished Jump or Finished Attack. Flips off and on while idle Bit 31 = Flips high then gets flipped low when a Jump is preformed  Dumb question, apologies if you have already tried this, but have you simply tried adding a second code (C2 ASM) at "8017951C sth r0, 0x28 (r3) #ASM r0 = 0xD08 (the program is expecting there to be 0xD0C)" Like this.. Code:```li r0, 0xD0C #Force Bit 29 high sth r0, 0x28 (r3) #Default Instruction``` Yes, I tried this and it didn't work. (12-15-2021, 02:56 PM)Vega Wrote: If that doesn't work, nopping the "andi." at "80179A10 andi. r0, r0, 0xFFFB#ASM r0 = 0xD08" might. I'll try this tonight. Vega bl the_admin Posts: 3,535 Threads: 860 Joined: Feb 2018 Reputation: 84 12-15-2021, 04:41 PM Is the character alone freezing or is the game as a whole freezing (crashing)? Hackwiz Coder / Dev Posts: 95 Threads: 2 Joined: Dec 2021 Reputation: 2 12-15-2021, 07:11 PM Just the character. I was thinking of it at lunch. Maybe I'm making it harder than it should be. I have all the addresses for all the levels in the Japanese version. The addresses are static, so no playing the try to find the moving address game I'm going to port them to the US version and try simple Gecko compare/write to all the addresses in one code. « Next Oldest | Next Newest »

Forum Jump:

Users browsing this thread: 2 Guest(s)