Jason777 Posted March 22, 2012 Share Posted March 22, 2012 So if anyone had read the URA feedback topic a few days ago, they might've seen me give a suggestion for Roc's Feather to be used as an item. Basically, it allows you to jump whenever you want. Well, I decided to try and recreate the "Replace Roll with Jump" GS code in C and modify it a little by making it still possible to Roll and to only be able to jump when the Lens of Truth is equipped. The results can be seen below in the video: At the moment there is only a GS code. It can be seen in either of the two spoilers below. Nemu GS Code (the cheat number probably has to be formatted): CheatName14=Roc's Feather CheatName14Code0=811064B0 0818 CheatName14Code1=811064B2 0000 CheatName14Code2=81600000 27BD CheatName14Code3=81600002 FFE8 CheatName14Code4=81600004 AFBE CheatName14Code5=81600006 0014 CheatName14Code6=81600008 03A0 CheatName14Code7=8160000A F021 CheatName14Code8=8160000C 3C1C CheatName14Code9=8160000E 8060 CheatName14Code10=81600010 279C CheatName14Code11=81600012 00E0 CheatName14Code12=81600014 3C02 CheatName14Code13=81600016 8022 CheatName14Code14=81600018 3442 CheatName14Code15=8160001A 4610 CheatName14Code16=8160001C AFC2 CheatName14Code17=8160001E 0008 CheatName14Code18=81600020 3C02 CheatName14Code19=81600022 8015 CheatName14Code20=81600024 3442 CheatName14Code21=81600026 E6C9 CheatName14Code22=81600028 AFC2 CheatName14Code23=8160002A 0004 CheatName14Code24=8160002C 3C02 CheatName14Code25=8160002E 8016 CheatName14Code26=81600030 3442 CheatName14Code27=81600032 6AF0 CheatName14Code28=81600034 AFC2 CheatName14Code29=81600036 0000 CheatName14Code30=81600038 8FC2 CheatName14Code31=8160003A 0004 CheatName14Code32=8160003C 9043 CheatName14Code33=8160003E 0000 CheatName14Code34=81600040 2402 CheatName14Code35=81600042 000F CheatName14Code36=81600044 1462 CheatName14Code37=81600046 0004 CheatName14Code38=81600048 0000 CheatName14Code39=8160004A 0000 CheatName14Code40=8160004C 2402 CheatName14Code41=8160004E 0200 CheatName14Code42=81600050 0818 CheatName14Code43=81600052 0027 CheatName14Code44=81600054 A782 CheatName14Code45=81600056 0000 CheatName14Code46=81600058 8FC2 CheatName14Code47=8160005A 0004 CheatName14Code48=8160005C 2442 CheatName14Code49=8160005E 0001 CheatName14Code50=81600060 9043 CheatName14Code51=81600062 0000 CheatName14Code52=81600064 2402 CheatName14Code53=81600066 000F CheatName14Code54=81600068 1462 CheatName14Code55=8160006A 0004 CheatName14Code56=8160006C 0000 CheatName14Code57=8160006E 0000 CheatName14Code58=81600070 2402 CheatName14Code59=81600072 0400 CheatName14Code60=81600074 0818 CheatName14Code61=81600076 0027 CheatName14Code62=81600078 A782 CheatName14Code63=8160007A 0000 CheatName14Code64=8160007C 8FC2 CheatName14Code65=8160007E 0004 CheatName14Code66=81600080 2442 CheatName14Code67=81600082 0002 CheatName14Code68=81600084 9043 CheatName14Code69=81600086 0000 CheatName14Code70=81600088 2402 CheatName14Code71=8160008A 000F CheatName14Code72=8160008C 1462 CheatName14Code73=8160008E 000D CheatName14Code74=81600090 0000 CheatName14Code75=81600092 0000 CheatName14Code76=81600094 2402 CheatName14Code77=81600096 0100 CheatName14Code78=81600098 A782 CheatName14Code79=8160009A 0000 CheatName14Code80=8160009C 8FC2 CheatName14Code81=8160009E 0000 CheatName14Code82=816000A0 9443 CheatName14Code83=816000A2 0000 CheatName14Code84=816000A4 9782 CheatName14Code85=816000A6 0000 CheatName14Code86=816000A8 0062 CheatName14Code87=816000AA 1024 CheatName14Code88=816000AC 3042 CheatName14Code89=816000AE FFFF CheatName14Code90=816000B0 1040 CheatName14Code91=816000B2 0004 CheatName14Code92=816000B4 0000 CheatName14Code93=816000B6 0000 CheatName14Code94=816000B8 8FC3 CheatName14Code95=816000BA 0008 CheatName14Code96=816000BC 2402 CheatName14Code97=816000BE 40FF CheatName14Code98=816000C0 A462 CheatName14Code99=816000C2 0000 CheatName14Code100=816000C4 03C0 CheatName14Code101=816000C6 E821 CheatName14Code102=816000C8 8FBE CheatName14Code103=816000CA 0014 CheatName14Code104=816000CC 03E0 CheatName14Code105=816000CE 0008 CheatName14Code106=816000D0 27BD CheatName14Code107=816000D2 0018 CheatName14Code108=816000D4 AAAA CheatName14Code109=816000D6 AAAA CheatName14Code110=816000D8 AAAA CheatName14Code111=816000DA AAAA CheatName14Code112=816000DC AAAA CheatName14Code113=816000DE AAAA CheatName14Count=114 Normal GS Code (not sure if it works with PJ64): 811064B0 0818 811064B2 0000 81600000 27BD 81600002 FFE8 81600004 AFBE 81600006 0014 81600008 03A0 8160000A F021 8160000C 3C1C 8160000E 8060 81600010 279C 81600012 00E0 81600014 3C02 81600016 8022 81600018 3442 8160001A 4610 8160001C AFC2 8160001E 0008 81600020 3C02 81600022 8015 81600024 3442 81600026 E6C9 81600028 AFC2 8160002A 0004 8160002C 3C02 8160002E 8016 81600030 3442 81600032 6AF0 81600034 AFC2 81600036 0000 81600038 8FC2 8160003A 0004 8160003C 9043 8160003E 0000 81600040 2402 81600042 000F 81600044 1462 81600046 0004 81600048 0000 8160004A 0000 8160004C 2402 8160004E 0200 81600050 0818 81600052 0027 81600054 A782 81600056 0000 81600058 8FC2 8160005A 0004 8160005C 2442 8160005E 0001 81600060 9043 81600062 0000 81600064 2402 81600066 000F 81600068 1462 8160006A 0004 8160006C 0000 8160006E 0000 81600070 2402 81600072 0400 81600074 0818 81600076 0027 81600078 A782 8160007A 0000 8160007C 8FC2 8160007E 0004 81600080 2442 81600082 0002 81600084 9043 81600086 0000 81600088 2402 8160008A 000F 8160008C 1462 8160008E 000D 81600090 0000 81600092 0000 81600094 2402 81600096 0100 81600098 A782 8160009A 0000 8160009C 8FC2 8160009E 0000 816000A0 9443 816000A2 0000 816000A4 9782 816000A6 0000 816000A8 0062 816000AA 1024 816000AC 3042 816000AE FFFF 816000B0 1040 816000B2 0004 816000B4 0000 816000B6 0000 816000B8 8FC3 816000BA 0008 816000BC 2402 816000BE 40FF 816000C0 A462 816000C2 0000 816000C4 03C0 816000C6 E821 816000C8 8FBE 816000CA 0014 816000CC 03E0 816000CE 0008 816000D0 27BD 816000D2 0018 816000D4 AAAA 816000D6 AAAA 816000D8 AAAA 816000DA AAAA 816000DC AAAA 816000DE AAAA To use... Equip the Lens of Truth to any C-button. Now just press the D-pad equivalent to whichever C-button the Lens of Truth is equipped to. Wallah, jump whenever you want. Also, for Nemu users. If the code doesn't work for you right away, do this: After getting the code into the Cheats.ini of Nemu - whichever way you choose to do it - boot up Ocarina of Time Debug and get to anywhere in the game where you have control of Link. Then, activate Link and set a PC breakpoint on 0x80600000. The reason we're doing this is just so that Nemu's dynarec can recognize the code change. Now for a few questions... Who here knows how to provide arguments to functions in MIPS assembly? I understand that registers $a0 - $a3 are for function arguments but what about functions that require more than 4 arguments? I understand that to make a function call requires a JAL... Doing that will mess up the return address, which is vital to the hack. Is there a way to save the return address for later use? Perhaps the stack pointer ($sp)? Unfortunately, I don't know how to use a stack pointer. The above questions are concerning a hook I wish to create which would help with patching. Of course, it would be easy to create the hook in C but I wish to get some more practice with assembly and possibly gain some more knowledge, too. I won't be releasing the hack source until I can provide a patch Thanks goes out to spinout for dealing with all of my questions and helping me to understand the basic concepts of creating a hack in C and what it needs to work properly. I also thank messian for helping me correctly compile some of my first hacks. Also, credit goes to ZZT32 for coming up with original "Rolling Is Replaced With Jumping" GS code: D1224780 3FA0 81224610 40FF Link to comment Share on other sites More sharing options...
xdaniel Posted March 22, 2012 Share Posted March 22, 2012 ₪ Jason777'" data-cid="19691" data-time="1332383463"> Who here knows how to provide arguments to functions in MIPS assembly? I understand that registers $a0 - $a3 are for function arguments but what about functions that require more than 4 arguments? I understand that to make a function call requires a JAL... Doing that will mess up the return address, which is vital to the hack. Is there a way to save the return address for later use? Perhaps the stack pointer ($sp)? Unfortunately, I don't know how to use a stack pointer. My MIPS is bad so this is more like theory, based on my general and other assembler knowledge... Give the function a pointer to a struct of values instead of all the values separately. So instead of, say, X, Y, Z, RX, RY, RZ, Name, Something, SomethingElse, give it 0x01234567 and make sure you have X, Y, Z, etc. stored at 0x01234567. Hope that makes sense? There must be a CALL opcode or similar that does push the return address onto the stack, and an equivalent RET opcode to fetch that address from the stack and put it into the PC. Or, well, if CPUs like Z80 and 6502 have that, I'd assume a R4300i (or whatever the exact model was) has, too. Probably not all that helpful, huh... Link to comment Share on other sites More sharing options...
darksoulsisawsome Posted March 22, 2012 Share Posted March 22, 2012 great job dude thats freaking awsome Link to comment Share on other sites More sharing options...
Wooffadog Posted March 22, 2012 Share Posted March 22, 2012 cool beans battman itd be even cooler if he did a frontflip Link to comment Share on other sites More sharing options...
KevinB834 Posted March 22, 2012 Share Posted March 22, 2012 Amazing! Only thing that is missing would be a animation. Link to comment Share on other sites More sharing options...
Guest sakura Posted March 22, 2012 Share Posted March 22, 2012 ₪ Jason777[/color]' timestamp='1332383463' post='19691']# Who here knows how to provide arguments to functions in MIPS assembly? I understand that registers $a0 - $a3 are for function arguments but what about functions that require more than 4 arguments? # I understand that to make a function call requires a JAL... Doing that will mess up the return address, which is vital to the hack. Is there a way to save the return address for later use? Perhaps the stack pointer ($sp)? Unfortunately, I don't know how to use a stack pointer. - Any extra arguments are given using the stack pointer, starting at 0x0010 + $SP. For example, if I wanted to call the actor spawning routine, I'd set A0 and A1 up (they're const pointers), have the actor number in A2, X position in A3, then for the rest of the arguments it would be $SP + 0x0010 - y position $SP + 0x0014 - z position $SP + 0x0018 - x rotation $SP + 0x001C - y rotation $SP + 0x0020 - z rotation $SP + 0x0024 - Variable If you do this, you have to make sure you don't mess up the games stack. You can safely subtract a small amount from the stack pointer as long as you fix it after. I can answer your second question too with this example, say I have a custom routine to call the actor spawning routine when L is pressed (I did this for spawning Arwings randomly as a test a long time ago) In your hook location, you make a jump to empty RAM and make sure you've checked to see what registers the routine are going to use after your hook location. You can safely overwrite any registers that aren't used by the time the routine returns, except S0 - S8 as they're saved across function calls. You add to the stack pointer to give yourself some stack space, then save RA to the stack. You set up your registers / the stack with the values you want to pass to your function call, call the function, then grab RA from the stack again and add to the stack pointer to fix it back to what it was before. Then when you use JR RA, everything's in order. This is only if you're calling a routine in your hack though. If you're making an assembly hack that doesn't require calling an in game function, it's much easier to use a J instead of JAL so you don't have to worry about the stack Link to comment Share on other sites More sharing options...
Jason777 Posted March 22, 2012 Author Share Posted March 22, 2012 Thanks for the help, sakura. After looking through another hack (for Gex 64) which had to save the contents of $ra because of multiple JAL to many functions I've picked up the basic idea of what I would have to do. I also picked up how I would assemble the hook to go along with the C-hack For those of you who are interested in what hack I'm referring to... http://gzrt.googlecode.com/svn/n64prog/trunk/gex64-whitefade/ Of course, I would only be using a "J 0x80600000" to get the hook to run the main hack, but I would have to use a JAL to run a function which DMAs a portion of ROM to RAM (from 0x35CE040 to 0x80600000). Again, thanks for the help. I'll be delivering a patch shortly. Link to comment Share on other sites More sharing options...
john_smith_account Posted March 22, 2012 Share Posted March 22, 2012 I like, very much. Link to comment Share on other sites More sharing options...
spinout Posted March 23, 2012 Share Posted March 23, 2012 I didn't thoroughly read this topic, but you can usually trash $ra after the first few instructions because most functions produced by C compilers put $ra in the stack pretty quickly. When those functions return, so long as you didn't trash the stack pointer, they will successfully recover the return address from the stack. Link to comment Share on other sites More sharing options...
Jason777 Posted March 29, 2012 Author Share Posted March 29, 2012 UPDATE: Patch and Hack Source released--NOTE: Patch does not work with PJ64! I suspect the way the hook is set up is the problem.http://www.mediafire...tlxeymccea6rr57All information about the hack can be find within the download. There is one bug with the hack so if anyone can solve it that would be awesome. Also, there were a few errors with the GS code so I editted that, too--Nemu: CheatName0=Roc's FeatherCheatName0Code0=811064B0 0818CheatName0Code1=811064B2 0000CheatName0Code2=81600000 27BDCheatName0Code3=81600002 FFE0CheatName0Code4=81600004 AFBECheatName0Code5=81600006 001CCheatName0Code6=81600008 03A0CheatName0Code7=8160000A F021CheatName0Code8=8160000C 3C1CCheatName0Code9=8160000E 8060CheatName0Code10=81600010 279CCheatName0Code11=81600012 0170CheatName0Code12=81600014 3C02CheatName0Code13=81600016 8022CheatName0Code14=81600018 3442CheatName0Code15=8160001A 4610CheatName0Code16=8160001C AFC2CheatName0Code17=8160001E 0010CheatName0Code18=81600020 3C02CheatName0Code19=81600022 8015CheatName0Code20=81600024 3442CheatName0Code21=81600026 E6C9CheatName0Code22=81600028 AFC2CheatName0Code23=8160002A 000CCheatName0Code24=8160002C 3C02CheatName0Code25=8160002E 8016CheatName0Code26=81600030 3442CheatName0Code27=81600032 6AF0CheatName0Code28=81600034 AFC2CheatName0Code29=81600036 0008CheatName0Code30=81600038 3C02CheatName0Code31=8160003A 8060CheatName0Code32=8160003C 3442CheatName0Code33=8160003E 0180CheatName0Code34=81600040 AFC2CheatName0Code35=81600042 0000CheatName0Code36=81600044 8FC2CheatName0Code37=81600046 000CCheatName0Code38=81600048 9043CheatName0Code39=8160004A 0000CheatName0Code40=8160004C 2402CheatName0Code41=8160004E 000FCheatName0Code42=81600050 1462CheatName0Code43=81600052 0004CheatName0Code44=81600054 0000CheatName0Code45=81600056 0000CheatName0Code46=81600058 2402CheatName0Code47=8160005A 0200CheatName0Code48=8160005C 0818CheatName0Code49=8160005E 002ACheatName0Code50=81600060 A7C2CheatName0Code51=81600062 0004CheatName0Code52=81600064 8FC2CheatName0Code53=81600066 000CCheatName0Code54=81600068 2442CheatName0Code55=8160006A 0001CheatName0Code56=8160006C 9043CheatName0Code57=8160006E 0000CheatName0Code58=81600070 2402CheatName0Code59=81600072 000FCheatName0Code60=81600074 1462CheatName0Code61=81600076 0004CheatName0Code62=81600078 0000CheatName0Code63=8160007A 0000CheatName0Code64=8160007C 2402CheatName0Code65=8160007E 0400CheatName0Code66=81600080 0818CheatName0Code67=81600082 002ACheatName0Code68=81600084 A7C2CheatName0Code69=81600086 0004CheatName0Code70=81600088 8FC2CheatName0Code71=8160008A 000CCheatName0Code72=8160008C 2442CheatName0Code73=8160008E 0002CheatName0Code74=81600090 9043CheatName0Code75=81600092 0000CheatName0Code76=81600094 2402CheatName0Code77=81600096 000FCheatName0Code78=81600098 1462CheatName0Code79=8160009A 002FCheatName0Code80=8160009C 0000CheatName0Code81=8160009E 0000CheatName0Code82=816000A0 2402CheatName0Code83=816000A2 0100CheatName0Code84=816000A4 A7C2CheatName0Code85=816000A6 0004CheatName0Code86=816000A8 8FC2CheatName0Code87=816000AA 0000CheatName0Code88=816000AC 9042CheatName0Code89=816000AE 0000CheatName0Code90=816000B0 1440CheatName0Code91=816000B2 0012CheatName0Code92=816000B4 0000CheatName0Code93=816000B6 0000CheatName0Code94=816000B8 8FC2CheatName0Code95=816000BA 0008CheatName0Code96=816000BC 9443CheatName0Code97=816000BE 0000CheatName0Code98=816000C0 97C2CheatName0Code99=816000C2 0004CheatName0Code100=816000C4 0062CheatName0Code101=816000C6 1024CheatName0Code102=816000C8 3042CheatName0Code103=816000CA FFFFCheatName0Code104=816000CC 1040CheatName0Code105=816000CE 0022CheatName0Code106=816000D0 0000CheatName0Code107=816000D2 0000CheatName0Code108=816000D4 8FC3CheatName0Code109=816000D6 0010CheatName0Code110=816000D8 2402CheatName0Code111=816000DA 40FFCheatName0Code112=816000DC A462CheatName0Code113=816000DE 0000CheatName0Code114=816000E0 8FC2CheatName0Code115=816000E2 0000CheatName0Code116=816000E4 9042CheatName0Code117=816000E6 0000CheatName0Code118=816000E8 2442CheatName0Code119=816000EA 0001CheatName0Code120=816000EC 3043CheatName0Code121=816000EE 00FFCheatName0Code122=816000F0 8FC2CheatName0Code123=816000F2 0000CheatName0Code124=816000F4 0818CheatName0Code125=816000F6 0056CheatName0Code126=816000F8 A043CheatName0Code127=816000FA 0000CheatName0Code128=816000FC 8FC2CheatName0Code129=816000FE 0000CheatName0Code130=81600100 9043CheatName0Code131=81600102 0000CheatName0Code132=81600104 2402CheatName0Code133=81600106 0015CheatName0Code134=81600108 1462CheatName0Code135=8160010A 0004CheatName0Code136=8160010C 0000CheatName0Code137=8160010E 0000CheatName0Code138=81600110 8FC2CheatName0Code139=81600112 0000CheatName0Code140=81600114 0818CheatName0Code141=81600116 0056CheatName0Code142=81600118 A040CheatName0Code143=8160011A 0000CheatName0Code144=8160011C 8FC2CheatName0Code145=8160011E 0000CheatName0Code146=81600120 9042CheatName0Code147=81600122 0000CheatName0Code148=81600124 1040CheatName0Code149=81600126 000CCheatName0Code150=81600128 0000CheatName0Code151=8160012A 0000CheatName0Code152=8160012C 8FC2CheatName0Code153=8160012E 0000CheatName0Code154=81600130 9042CheatName0Code155=81600132 0000CheatName0Code156=81600134 2C42CheatName0Code157=81600136 0015CheatName0Code158=81600138 1040CheatName0Code159=8160013A 0007CheatName0Code160=8160013C 0000CheatName0Code161=8160013E 0000CheatName0Code162=81600140 8FC2CheatName0Code163=81600142 0000CheatName0Code164=81600144 9042CheatName0Code165=81600146 0000CheatName0Code166=81600148 2442CheatName0Code167=8160014A 0001CheatName0Code168=8160014C 3043CheatName0Code169=8160014E 00FFCheatName0Code170=81600150 8FC2CheatName0Code171=81600152 0000CheatName0Code172=81600154 A043CheatName0Code173=81600156 0000CheatName0Code174=81600158 03C0CheatName0Code175=8160015A E821CheatName0Code176=8160015C 8FBECheatName0Code177=8160015E 001CCheatName0Code178=81600160 03E0CheatName0Code179=81600162 0008CheatName0Code180=81600164 27BDCheatName0Code181=81600166 0020CheatName0Code182=81600168 AAAACheatName0Code183=8160016A AAAACheatName0Code184=8160016C AAAACheatName0Code185=8160016E AAAACheatName0Count=186 Normal GS Code: 811064B0 0818811064B2 000081600000 27BD81600002 FFE081600004 AFBE81600006 001C81600008 03A08160000A F0218160000C 3C1C8160000E 806081600010 279C81600012 017081600014 3C0281600016 802281600018 34428160001A 46108160001C AFC28160001E 001081600020 3C0281600022 801581600024 344281600026 E6C981600028 AFC28160002A 000C8160002C 3C028160002E 801681600030 344281600032 6AF081600034 AFC281600036 000881600038 3C028160003A 80608160003C 34428160003E 018081600040 AFC281600042 000081600044 8FC281600046 000C81600048 90438160004A 00008160004C 24028160004E 000F81600050 146281600052 000481600054 000081600056 000081600058 24028160005A 02008160005C 08188160005E 002A81600060 A7C281600062 000481600064 8FC281600066 000C81600068 24428160006A 00018160006C 90438160006E 000081600070 240281600072 000F81600074 146281600076 000481600078 00008160007A 00008160007C 24028160007E 040081600080 081881600082 002A81600084 A7C281600086 000481600088 8FC28160008A 000C8160008C 24428160008E 000281600090 904381600092 000081600094 240281600096 000F81600098 14628160009A 002F8160009C 00008160009E 0000816000A0 2402816000A2 0100816000A4 A7C2816000A6 0004816000A8 8FC2816000AA 0000816000AC 9042816000AE 0000816000B0 1440816000B2 0012816000B4 0000816000B6 0000816000B8 8FC2816000BA 0008816000BC 9443816000BE 0000816000C0 97C2816000C2 0004816000C4 0062816000C6 1024816000C8 3042816000CA FFFF816000CC 1040816000CE 0022816000D0 0000816000D2 0000816000D4 8FC3816000D6 0010816000D8 2402816000DA 40FF816000DC A462816000DE 0000816000E0 8FC2816000E2 0000816000E4 9042816000E6 0000816000E8 2442816000EA 0001816000EC 3043816000EE 00FF816000F0 8FC2816000F2 0000816000F4 0818816000F6 0056816000F8 A043816000FA 0000816000FC 8FC2816000FE 000081600100 904381600102 000081600104 240281600106 001581600108 14628160010A 00048160010C 00008160010E 000081600110 8FC281600112 000081600114 081881600116 005681600118 A0408160011A 00008160011C 8FC28160011E 000081600120 904281600122 000081600124 104081600126 000C81600128 00008160012A 00008160012C 8FC28160012E 000081600130 904281600132 000081600134 2C4281600136 001581600138 10408160013A 00078160013C 00008160013E 000081600140 8FC281600142 000081600144 904281600146 000081600148 24428160014A 00018160014C 30438160014E 00FF81600150 8FC281600152 000081600154 A04381600156 000081600158 03C08160015A E8218160015C 8FBE8160015E 001C81600160 03E081600162 000881600164 27BD81600166 002081600168 AAAA8160016A AAAA8160016C AAAA8160016E AAAA Enjoy Link to comment Share on other sites More sharing options...
Recommended Posts