Jambo51
Glory To Arstotzka
- 736
- Posts
- 15
- Years
- Seen Jan 28, 2018
Hi there, and as you may have come to notice, the number of truly safe variables and flags available in the vanilla Fire Red game is extremely limiting.
If you don't know this, then read this great thread by karatekid552 which explains why flags and variables after/before a certain number are unsafe to use.
So, is there any good way to solve this problem? Well, yes, we can repoint a block of the variables and flags to use free memory!
It should be noted that, after including this repoint in your hack, any PLAYERS will be forced to restart their save games! There is no way around this.
PREREQUISITES
So, to the main part of this post.
Making Flags 0x900-0x18FF safe to use:
And secondly, the variables!
Making Vars 0x5000-0x51FF safe to use:
It should be noted that these routines are not mutually exclusive. You can have both or you can have one or the other. You do NOT need both for only the flag hack, or both for the var hack. Obviously, if you want both the flags and vars hack, you need both.
Since people seem to not understand how to assemble and insert ASM (understandable, it is awkward compared to scripting et al), I'm gonna quote this very useful mini-guide from further down this page.
Anyway, that's everything for this tutorial!
If you don't know this, then read this great thread by karatekid552 which explains why flags and variables after/before a certain number are unsafe to use.
So, is there any good way to solve this problem? Well, yes, we can repoint a block of the variables and flags to use free memory!
It should be noted that, after including this repoint in your hack, any PLAYERS will be forced to restart their save games! There is no way around this.
PREREQUISITES
Spoiler:
So, to the main part of this post.
Making Flags 0x900-0x18FF safe to use:
Spoiler:
Flag Routine:
Assemble this routine and insert it into your ROM in an aligned location. That is, the address ends with a 0, 4, 8 or a C. Then navigate to 0x6E5D6 and change the code there to:
Where the XX's stand for the location of your routine + 1 in little endian format (aka reverse hex).
And that's that. Once this routine is inserted, you can use any of the flags between 0x900 and 0x18FF (inclusive) safely without any problems!
NOTE: This routine CUTS OFF ACCESS to flags outside the usable range of 0x0 - 0x18FF. That is to say, they simply stop working. I designed it like this to try to ensure that bad memory accessed would be less likely to happen.
Code:
.text
.align 2
.thumb
.thumb_func
.global flaggethack
main:
mov r0, #0x9
lsl r0, r0, #0x8
cmp r4, r0
blt normal
mov r0, #0x19
lsl r0, r0, #0x8
cmp r4, r0
bge noget
mov r0, #0x9
lsl r0, r0, #0x8
sub r4, r4, r0
add r6, r4, #0x0
str r4, [sp, #0x0]
ldr r0, memoryblock
lsr r1, r6, #0x3
add r0, r0, r1
exit: pop {r4-r6}
pop {r1}
bx r1
normal: ldr r0, normalmemoryblock
ldr r0, [r0, #0x0]
there: lsr r1, r6, #0x3
mov r3, #0xEE
lsl r3, r3, #0x4
add r1, r1, r3
add r0, r0, r1
b exit
noget: add r0, r4, #0x0
b there
.align
memoryblock: .word 0x0203C000
normalmemoryblock: .word 0x03005008
Assemble this routine and insert it into your ROM in an aligned location. That is, the address ends with a 0, 4, 8 or a C. Then navigate to 0x6E5D6 and change the code there to:
Code:
01 48 00 47 00 00 XX XX XX 08
Where the XX's stand for the location of your routine + 1 in little endian format (aka reverse hex).
And that's that. Once this routine is inserted, you can use any of the flags between 0x900 and 0x18FF (inclusive) safely without any problems!
NOTE: This routine CUTS OFF ACCESS to flags outside the usable range of 0x0 - 0x18FF. That is to say, they simply stop working. I designed it like this to try to ensure that bad memory accessed would be less likely to happen.
And secondly, the variables!
Making Vars 0x5000-0x51FF safe to use:
Spoiler:
Variable Routine:
Assemble this routine and insert it into your ROM in an aligned location. That is, the address ends with a 0, 4, 8 or a C. Then navigate to 0x6E45C and change the code there to:
Where the XX's stand for the location of your routine + 1 in little endian format (aka reverse hex).
And that's that. Once this routine is inserted, you can use any of the variables between 0x5000 and 0x51FF (inclusive) safely without any problems!
NOTE: This routine CUTS OFF ACCESS to variables outside the usable ranges. That is to say, they simply stop working. I designed it like this to try to ensure that bad memory accessed would be less likely to happen.
The usable ranges are:
0x4000 - 0x40FF
0x5000 - 0x51FF
0x8000 - 0x8016
Code:
.text
.align 2
.thumb
.thumb_func
.global varflaghackone
main:
mov r2, #0x40
lsl r2, r2, #0x8
cmp r4, r2
blt exit
mov r2, #0x41
lsl r2, r2, #0x8
cmp r4, r2
blt normal
mov r2, #0x50
lsl r2, r2, #0x8
cmp r4, r2
blt exit
lsl r2, r4, #0x10
cmp r2, #0x0
blt alt
mov r2, #0x52
lsl r2, r2, #0x8
cmp r4, r2
bge exit
ldr r0, memoryblock
mov r2, #0x50
lsl r2, r2, #0x8
sub r4, r4, r2
lsl r4, r4, #0x1
add r0, r0, r4
exit2: pop {r4-r6}
pop {r1}
bx r1
exit: mov r0, #0x0
b exit2
normal: ldr r0, return
bx r0
alt: ldr r0, return2
bx r0
.align
memoryblock: .word 0x0203C200
return: .word 0x0806E473
return2: .word 0x0806E50D
Assemble this routine and insert it into your ROM in an aligned location. That is, the address ends with a 0, 4, 8 or a C. Then navigate to 0x6E45C and change the code there to:
Code:
00 48 00 47 XX XX XX 08
Where the XX's stand for the location of your routine + 1 in little endian format (aka reverse hex).
And that's that. Once this routine is inserted, you can use any of the variables between 0x5000 and 0x51FF (inclusive) safely without any problems!
NOTE: This routine CUTS OFF ACCESS to variables outside the usable ranges. That is to say, they simply stop working. I designed it like this to try to ensure that bad memory accessed would be less likely to happen.
The usable ranges are:
0x4000 - 0x40FF
0x5000 - 0x51FF
0x8000 - 0x8016
It should be noted that these routines are not mutually exclusive. You can have both or you can have one or the other. You do NOT need both for only the flag hack, or both for the var hack. Obviously, if you want both the flags and vars hack, you need both.
Since people seem to not understand how to assemble and insert ASM (understandable, it is awkward compared to scripting et al), I'm gonna quote this very useful mini-guide from further down this page.
Spoiler:Step 1: Click here. Extract those files to your desktop.
Step 2: MAKE SURE you apply the patch in the first post to your ROM (this should be a clean, unmodified ROM) before doing this.
Step 3: Open Notepad and paste down whichever ASM code you're using (aka if you're expanding flags, using the flag-expanding ASM code)
Step 4: Click File -> Save As. On the Box labelled "File Name" type "[whatevernameyouwant].asm". Under "Save as type", change to All Files. Navigate to the Desktop and save it there.
Step 5: Open Command Prompt. Type "cd Desktop". You're now on your desktop. Type the following into Command Prompt:
Code:thumb [whatevernameyouchose].asm [samename].bin
You should see "Assembled Successfully" right below it in the Command Prompt. You can close it now.
Step 6: Open the .bin file in a hex editor and copy ALL the data.
Step 7: Open Free Space Finder and find an offset that ends in a 0, 4, 8, or C (as stated above).
Step 8: Open a new sheet in Notepad. Write down your offset, and then write it in little endian + 1. Ex: If my offset was 0x800000, the correct format for this would be 01 00 80.
Step 9: Open your ROM in a hex editor and go to the offset that you chose. Click Edit -> Paste write.
Step 10: Open your ROM in the hex editor and go to the offset 0x6E5D6. Change it to:
Code:01 48 00 47 00 00 XX XX XX 08
Where the XX's = the endian version of your offset that you were supposed to write down earlier. Hit save, and you're done.
Anyway, that's everything for this tutorial!
Last edited by a moderator: