View Single Post
  #1    
Old May 31st, 2013, 12:43 PM
Jambo51's Avatar
Jambo51
Glory To Arstotzka
 
Join Date: Jun 2009
Gender: Male
Nature: Quiet
Hi there, and as you may have come to notice, the number of truly safe variables and flags available in the vanilla Fire Red game is extremely limiting.

If you don't know this, then read this great thread by karatekid552 which explains why flags and variables after/before a certain number are unsafe to use.

So, is there any good way to solve this problem? Well, yes, we can repoint a block of the variables and flags to use free memory!

It should be noted that, after including this repoint in your hack, any PLAYERS will be forced to restart their save games! There is no way around this.

PREREQUISITES
Spoiler:
A Fire Red ROM
This Patch OR An already installed JPAN Memory extension
A Brain


So, to the main part of this post.

Making Flags 0x900-0x18FF safe to use:
Spoiler:
Flag Routine:
Code:
.text
.align 2
.thumb
.thumb_func
.global flaggethack
main:
	mov r0, #0x9
	lsl r0, r0, #0x8
	cmp r4, r0
	blt normal
	mov r0, #0x19
	lsl r0, r0, #0x8
	cmp r4, r0
	bge noget
	mov r0, #0x9
	lsl r0, r0, #0x8
	sub r4, r4, r0
	add r6, r4, #0x0
	str r4, [sp, #0x0]
	ldr r0, memoryblock
	lsr r1, r6, #0x3
	add r0, r0, r1
exit:	pop {r4-r6}
	pop {r1}
	bx r1
normal:	ldr r0, normalmemoryblock
	ldr r0, [r0, #0x0]
there:	lsr r1, r6, #0x3
	mov r3, #0xEE
	lsl r3, r3, #0x4
	add r1, r1, r3
	add r0, r0, r1
	b exit
noget:	add r0, r4, #0x0
	b there
.align
memoryblock:	.word 0x0203C000
normalmemoryblock:	.word 0x03005008
Assemble this routine and insert it into your ROM in an aligned location. That is, the address ends with a 0, 4, 8 or a C. Then navigate to 0x6E5D6 and change the code there to:

Code:
01 48 00 47 00 00 XX XX XX 08
Where the XX's stand for the location of your routine + 1 in little endian format (aka reverse hex).

And that's that. Once this routine is inserted, you can use any of the flags between 0x900 and 0x18FF (inclusive) safely without any problems!
NOTE: This routine CUTS OFF ACCESS to flags outside the usable range of 0x0 - 0x18FF. That is to say, they simply stop working. I designed it like this to try to ensure that bad memory accessed would be less likely to happen.


And secondly, the variables!

Making Vars 0x5000-0x51FF safe to use:
Spoiler:
Variable Routine:
Code:
.text
.align 2
.thumb
.thumb_func
.global varflaghackone

main:
	mov r2, #0x40
	lsl r2, r2, #0x8
	cmp r4, r2
	blt exit
        mov r2, #0x41
	lsl r2, r2, #0x8
	cmp r4, r2
	blt normal
	mov r2, #0x50
	lsl r2, r2, #0x8
	cmp r4, r2
	blt exit
        lsl r2, r4, #0x10
        cmp r2, #0x0
        blt alt
	mov r2, #0x52
	lsl r2, r2, #0x8
	cmp r4, r2
	bge exit
	ldr r0, memoryblock
	mov r2, #0x50
	lsl r2, r2, #0x8
	sub r4, r4, r2
	lsl r4, r4, #0x1
	add r0, r0, r4
exit2:	pop {r4-r6}
	pop {r1}
	bx r1
exit:	mov r0, #0x0
	b exit2
normal:	ldr r0, return
	bx r0
alt:	ldr r0, return2
	bx r0
.align
memoryblock:	.word 0x0203C200
return:	.word 0x0806E473
return2:	.word 0x0806E50D
Assemble this routine and insert it into your ROM in an aligned location. That is, the address ends with a 0, 4, 8 or a C. Then navigate to 0x6E45C and change the code there to:

Code:
00 48 00 47 XX XX XX 08
Where the XX's stand for the location of your routine + 1 in little endian format (aka reverse hex).

And that's that. Once this routine is inserted, you can use any of the variables between 0x5000 and 0x51FF (inclusive) safely without any problems!
NOTE: This routine CUTS OFF ACCESS to variables outside the usable ranges. That is to say, they simply stop working. I designed it like this to try to ensure that bad memory accessed would be less likely to happen.

The usable ranges are:
0x4000 - 0x40FF
0x5000 - 0x51FF
0x8000 - 0x8016


It should be noted that these routines are not mutually exclusive. You can have both or you can have one or the other. You do NOT need both for only the flag hack, or both for the var hack. Obviously, if you want both the flags and vars hack, you need both.

Since people seem to not understand how to assemble and insert ASM (understandable, it is awkward compared to scripting et al), I'm gonna quote this very useful mini-guide from further down this page.

Quote:
Originally Posted by PJBottomz View Post
Spoiler:
Step 1: Click here. Extract those files to your desktop.

Step 2: MAKE SURE you apply the patch in the first post to your ROM (this should be a clean, unmodified ROM) before doing this.

Step 3: Open Notepad and paste down whichever ASM code you're using (aka if you're expanding flags, using the flag-expanding ASM code)

Step 4: Click File -> Save As. On the Box labelled "File Name" type "[whatevernameyouwant].asm". Under "Save as type", change to All Files. Navigate to the Desktop and save it there.

Step 5: Open Command Prompt. Type "cd Desktop". You're now on your desktop. Type the following into Command Prompt:

Code:
thumb [whatevernameyouchose].asm [samename].bin
You should see "Assembled Successfully" right below it in the Command Prompt. You can close it now.

Step 6: Open the .bin file in a hex editor and copy ALL the data.

Step 7: Open Free Space Finder and find an offset that ends in a 0, 4, 8, or C (as stated above).

Step 8: Open a new sheet in Notepad. Write down your offset, and then write it in little endian + 1. Ex: If my offset was 0x800000, the correct format for this would be 01 00 80.

Step 9: Open your ROM in a hex editor and go to the offset that you chose. Click Edit -> Paste write.

Step 10: Open your ROM in the hex editor and go to the offset 0x6E5D6. Change it to:

Code:
01 48 00 47 00 00 XX XX XX 08
Where the XX's = the endian version of your offset that you were supposed to write down earlier. Hit save, and you're done.
Anyway, that's everything for this tutorial!
__________________
Hey guys, please check out my recreations of the gen 1 and 2 music on my custom engine at my SoundCloud! - Here!

Last edited by Jambo51; July 5th, 2013 at 08:39 AM. Reason: Updated with correct routine
Reply With Quote