Welcome Guest [Log In] [Register]

Announcements

Welcome to Zelda64.net. Announcements can be found below!

6.26.2018  Make sure you keep your passwords safe. If you use the same password on here as on other sites, it is highly recommended that you change it. If you can't change your password, and want it changed, let me or other active staff know, and we can force a reset or change it for you. ~PwnzLPs
Welcome to Zelda64. We hope you enjoy your visit.


You're currently viewing our forum as a guest. This means you are limited to certain areas of the board and there are some features you can't use. If you join our community, you'll be able to access member-only sections, and use many member-only features such as customizing your profile, sending personal messages, and voting in polls. Registration is simple, fast, and completely free. A valid email address is required. Your email address will NOT be sold as it is only needed to prevent spammers (and admittedly, some still get around this, but this makes it a bit more difficult, plus, if the moderators need to contact you, we have an email on file to do so). Thanks for considering us!


Join our community!


If you're already a member please log in to your account to access all of our features:

Username:   Password:
Add Reply
[OoT MQ U] Need Ram offsets for Age, Controller, Boots
Topic Started: May 26 2016, 12:11 AM (915 Views)
aroenai
Member Avatar
Sentient Hunk of Green Cheese
Hey guys, I'm working on porting some asm that CloudMax wrote a while back for changing boots using the D-Pad on the debug rom to the OOT MQ USA rom. I've gotten most of the addresses changed for the MQ rom, but the offsets for the Age, Controller, and Boots aren't making sense to me when I'm trying to find them in Nemu64. Basically, any of the lines with "(T7)" is what I need help with from what I can tell.

Please excuse any typos, I'm actually using CajeASM to compile but changed the formatting back to the original for clarity. The asm is in the main file table temporarily until I can find a more permanent home for it, I just haven't taken the time to find a rom offset that survives decompression/compression with Zoinkity's tool yet.

Here's what I have so far:

Code:
 
;Hook
.ORG 0x803A01D8
J start ;Jump to Hack
LUI T7, 0x8016 ;Set T7 to 0x80160000, does MQ need this as 0x8012? We'll keep it at this value throughout the ASM hack so that it can be re-used.

;Code
.ORG 0x80010E48
start:
LBU T0, 0xE667(T7) ;Set T0 to current age
BNE T0, R0, end ;If you're child, branch to end
LBU T0, 0x6AF0(T7) ;Load Controller Byte containing D-Pad Buttons Into T0
LBU T4, 0x6AEF(T7) ;Load Previously Pressed Buttons Into T4
SB T0, 0x6AEF(T7) ;Save T0 to 0x80166AEF
NOR T4, R0, T4 ;Reverse T4 to use it as a filter
AND T0, T0, T4 ;Use the filter on T0 to only include buttons that wasn't pressed already.
ANDI T0, T0, 0x03 ;T0 now only contain the D-Pad Right and Left state.
BEQ T0, R0, end ;None of them are pressed, branch to end
SLTI T4, T0, 0x03 ;Set T4 to 0 if both D-Pad buttons are pressed.
BEQ T4, R0, end ;Both of them are pressed, branch to end
LBU T4, 0x014F(A3) ;T4 = Currently Equipped Boots
BEQL T4, T0, have ;If the boots you currently have equipped are the ones you're attempting to equip, perform the command below
ADDIU T0, R0, 0x00 ;T0 = 0x0 (This makes it so that you equip Kokiri Boots instead)
have:
SLL AT, T0, 0x05 ;AT is now 0x00, 0x20 or 0x40, we'll use this to check if you have the boots that you're equipping.
LBU T4, 0xE6FC(T7) ;Load Boots & Tunic to T4
AND T4, T4, AT ;T4 will now be equal to AT if you have the boots
BNE T4, AT, end ;If you do not have the boots you're attempting to equip, branch to end
ADDIU AT, T0, 0x01 ;AT will now be set to 0x1 (Kokiri Boots) if you're unequipping your boots, 0x2 (Iron Boots) if you're equipping D-Pad Right, and 0x3 (Hover Boots) if you're equipping D-Pad Left.
SLL AT, AT, 0x04 ;Shift AT 4 steps to the right so that the values will be either 0x10, 0x20 or 0x30.
SB T0, 0x014F(A3) ;Set currently equipped boots
LBU T3, 0xE6D0(T7) ;Load equipped Boots & Tunic to T3
ANDI T3, T3, 0x0F ;Remove Equipped Boots from T3
OR T3, T3, AT ;Add AT (The new boots value) to T3
JAL 0x80078D20 ;Jump to boots update function
SB T3, 0xE6D0(T7) ;Store the new Boots & Tunic byte
end:
ADDIU AT, R0, 0x02 ;This was overwritten at the hook
J 0x803A01E0 ;Jump back, hook+8
LBU T6, 0x0002(A3) ;This was overwritten at the hook


Original for the Debug rom, source: https://www.the-gcn.com/topic/2718-sanguinettimods-asm-hacks-ram-findings-etc/?p=43265
Spoiler: click to toggle


Edit: Good grief, I thought the point of code tags was to keep the original text formatting including spaces. I think I've fixed all the destroyed spaces now.
Edited by aroenai, May 26 2016, 01:00 AM.
Offline Profile Quote Post Goto Top
 
Three Pendants
Member Avatar

Hmm... LB E667 is strange but works, but that's the Age byte there. 0000 is Adult, 0001 is Child.

The controller bytes are located at 1665C0 in Debug Rom E6FC is perfectly right for the location of the Equipment. It load the current equipment (used in bitfield so if you have the Master Sword and Kokiri Sword it would read 3 (1+2), Hylian Shield (2) 2, Kokiri Tunic 1 (1), and Normal Boots and Iron Boots 3 (1+2) .

That code is isolating the change in equipment to put the proper value in the proper equipment slot, then saving it. I hope that made a little bit of sense...

Here's what I did anyhow...

//D-Pad sets Magic Arrows (if obtained)

//AND can switch between the boots if obtained with Z+Dpad

push 4 t1 t2 t3 t4 t6 t7 t8 t9 a1 a2 a3 at v0 v1 ra

lui t1 0x8016
lw t1 0xE664 (t1) //Load Link's Age
bne t1 r0 label1
nop

li t1 0x802246FF //Load Boots storage for later.
addiu t3 r0 0x2400 //D-Down
beq t3 t5 labelB1 //Normal Boots
addiu t3 r0 0x2200 //D-Left
beq t3 t5 labelB2 //Iron Boots Branch
addiu t3 r0 0x2100 //D-Right
beq t3 t5 labelB3 //Hover Boots Branch
nop
beq r0 r0 labelAr //If none, branch to end.
nop

labelB1: //Normal Boots
addiu a1 r0 0x00 //Load Normal Boots
addiu t2 r0 0x1000 //Load Normal Boots into t2 for Quest Items
beq r0 r0 labelBoots
sb a1 0x0000 (t1) //Store Boots.

labelB2: //Iron Boots
lui t3 0x8016
lh t3 0xE6FC (t3)
addiu t4 r0 0x2000

and t4 t3 t4 //Nullify all but Iron boots
beq r0 t4 label1


addiu a1 r0 0x01 //Load Iron Boots
addiu t2 r0 0x2000 //Load Iron Boots into t2 for Quest Items
beq r0 r0 labelBoots
sb a1 0x0000 (t1) //Store Boots.

labelB3: //Hover Boots
lui t3 0x8016
lh t3 0xE6FC (t3)
addiu t4 r0 0x4000

and t4 t3 t4 //Nullify all but Hover boots
beq r0 t4 label1

addiu a1 r0 0x02 //Load Hover Boots
addiu t2 r0 0x3000 //Load Hover Boots into t2 for Quest Items
beq r0 r0 labelBoots
sb a1 0x0000 (t1) //Store Boots.

labelBoots: //Used for Speed Update and Equipment Update



lui t3 0x8016
lh t1 0xE6D0 (t3)
addiu t4 r0 0x0FFF
and t4 t1 t4 //Nullify boots
add t2 t2 t4 //Add New Boots
sh t2 0xE6D0 (t3) //Store new boots into Equipment.

li a1 0x802245B0 //Required argument
jal 0x8E750 //Movement Speed Update Function
nop
beq r0 r0 label1

labelAr:
li t1 0x8015E660 //Load Save Format
lb t2 0x0069 (t1) // Load C-Right
addiu t3, r0 0x0003 // Is it Bow?
beq t2 t3 labelA // If so, branch.
nop
lb t2 0x006A (t1) // Load C-Down
beq t2 t3 labelB // If so, branch.
nop
lb t2 0x006B (t1) // Load C-Left
beq t2 t3 labelC // If so, branch.
nop

lb t2 0x0069 (t1) // Load C-Right
slti t3 t2 0x0037 //Is it less than magic arrows?
beq r0 t3 labelA // If so, branch.
nop
lb t2 0x006A (t1) // Load C-Down
slti t3 t2 0x0037 //Is it less than magic arrows?
beq r0 t3 labelB // If so, branch.
nop
lb t2 0x006B (t1) // Load C-Left
slti t3 t2 0x0037 //Is it less than magic arrows?
beq r0 t3 labelC // If so, branch.
nop
beq r0 r0 label1 // If none, branch to end.
nop

labelA: //C-Right (Stores item address for later use)

addiu a1 t1 0x69
beq r0 r0 label2
nop

labelB: //C-Down

addiu a1 t1 0x6A
beq r0 r0 label2
nop

labelC: //C-Right

addiu a1 t1 0x6B
beq r0 r0 label2
nop

label2: //T5 holds the button pressed.

addiu t3 r0 0x0800 //D-Up
beq t3 t5 label3 //Light Arrow Branch
addiu t3 r0 0x400 //D-Down
beq t3 t5 label4 //Normal Arrow Branch
addiu t3 r0 0x200 //D-Left
beq t3 t5 label5 //Fire Arrow Branch
addiu t3 r0 0x100 //D-Right
beq t3 t5 label6 //Ice Arrow Branch
nop
beq r0 r0 label1 //If none, branch to end.
nop

label3: //Light Arrow Branch

lb t4 0x9E (t1) //Load unused byte, magic arrows obtained.
addiu t2 r0 0x40
and t2 t2 t4
beq t2 r0 label1 //No Light Arrows
nop
addiu t4 r0 0x3A //Light Arrow
beq r0 r0 labelx
nop

label4: //Normal Arrow Branch

addiu t4 r0 0x03 //Normal Arrow
beq r0 r0 labelx
nop

label5://Fire Arrow Branch

lb t4 0x9E (t1) //Load unused byte, magic arrows obtained.
addiu t2 r0 0x10
and t2 t2 t4
beq t2 r0 label1 //No Fire Arrows
nop
addiu t4 r0 0x038 //Fire Arrow
beq r0 r0 labelx
nop

label6://Ice Arrow Branch

lb t4 0x9E (t1) //Load unused byte, magic arrows obtained.
addiu t2 0x20
and t2 t2 t4
beq t2 r0 label1 //No Ice Arrows
nop
addiu t4 r0 0x039 //Ice Arrow
beq r0 r0 labelx
nop

labelx:
sb t4 0x0000 (a1) //Store new item in assigned slot.

label1:

pop 4 t1 t2 t3 t4 t6 t7 t8 t9 a1 a2 a3 at v0 v1 ra

SH T5, 0x0000(V1)
LH T6, 0x1032(V0)

jr



Offline Profile Quote Post Goto Top
 
aroenai
Member Avatar
Sentient Hunk of Green Cheese
Oh, I'm trying to port this to the MQ USA Rom, I've already got it working for the debug rom (CloudMax's is in the spoiler tag).
Offline Profile Quote Post Goto Top
 
Three Pendants
Member Avatar

Ah, sorry. Whenever I see "OOT MQ" I instinctively think Debug. My mistake. I'm afraid I'm not much help here.
Offline Profile Quote Post Goto Top
 
mzxrules

Should warn you first that I think there's at least 2 different versions of Master Quest: US, and PAL. There might also be a Japanese one, not sure.

Anyway, the "save context" as I call it is located at 80118938 for Master Quest PAL, and 8015E660 for the Debug Rom. Thus, to convert a "save context" address from the Debug Rom to Master Quest PAL, you just need to subtract by 0x45D28.

In other words, lui T7, 0x8012, then any time the T7 is referenced, subtract the old offset by 0x5D28
Offline Profile Quote Post Goto Top
 
aroenai
Member Avatar
Sentient Hunk of Green Cheese
In that case it looks like the "save context" is located at 8011B128 for MQ USA, but subtracting 0x43538 still does not work.
Offline Profile Quote Post Goto Top
 
1 user reading this topic (1 Guest and 0 Anonymous)
« Previous Topic · Questions · Next Topic »
Add Reply