Conversation Between knizz and sonic1
Showing Visitor Messages 1 to 15 of 35
  1. knizz
    August 12th, 2012 10:22 AM
    That's correct. I don't know the names by heart. But I think their names start with "copy_" or "write_". There are X and Y fields in "uns", change those. A loop then converts the data from the "uns" into OAM format but not at the final location. A second loop writes the prepared data to the real Object Attribute Memory.
  2. sonic1
    August 7th, 2012 8:50 AM
    Hey knizz, 's been a long time, no? I need your help now. I know you have much experience in OAM fields, and i need to know something. As the OAM memory is refreshed every frame, i can't "runtime" edit it to create an OAM. What i need to know (firered) is: Is there any routine like "Create OAM" or something? And if not, how could i go edit the OAM position? Is there a routine that changes its coordinates or something?
    Also, if it helps, i know that this is all related to the "unknown_structure" you documented in your DB!

    Best regards, Sonic1!
  3. knizz
    April 18th, 2012 11:30 AM
    What I did is create an enumeration with the numbers you need to put in R1 to select the property of the pokemon you want to get or set. When you have
    mov R0, blabla
    mov R1, #45
    mov R2, fubar
    bl set_pokemon_data
    You can right click #45 and choose the correct property from one of the submenus.

    Use Ctrl+Z (or was it alt+q?) to force zero offsets [R1, 0] to be interpreted as structure [R01, #npc_state.field1]
  4. sonic1
    April 7th, 2012 12:13 PM
    Yeah, i just arrived from my finalist-trip and downloaded your db. But i checked the routines get/set_pokemon_data... What exactly did you do? Srry xD

    Also: As i've told you before, i'm making a emerald ida database. When i was checking somethings, i've come across a problem. You see, when there is, for example, ldrb r0, [r0, #1], i can successfully convert it in LDRB R0, [R1,#npc_state.field1]. Now, in this case, LDRB R0, [R1], instead of appearing LDRB R0, [R1,#npc_state.bitfield_DX], it just appears LDRB R0, [R1,#npc_state] in my IDA database. This is very annoying, as i can't figure out what is the first field of some structures just by sheer looking. Could you help me on this issue, please?
  5. knizz
    April 6th, 2012 12:23 AM
    I've improved the last version of the db so "set_pokemon_data", etc. are much easier to understand. (just contact me later about it.)
  6. knizz
    March 24th, 2012 6:20 PM
    Seems correct.
  7. sonic1
    March 24th, 2012 5:42 PM
    Wow, so i would just do
    ldr r3, number
    mov r4, #15
    ldr r0, #16
    lsr r1, r3, #4
    and r4, r3

    Sorry if this isn't what you're talkin about, but i don't know C#. My 'system' is actually a group of routines that decode letters in usable codes in a rom, and i only have 0x49 usable letters.

    And sorry if i misunderstood anything, my formula is a*b+c = z
    Multiply first two and add the third. (lets say 0x196. 1st byte 0x28, 2nd byte 0xA, 3rd byte 0x6. 0x196 = 0x28 * 0xA + 0x6.)

    If it isn't this one, you can always explain me that one.
  8. knizz
    March 24th, 2012 2:55 AM
    I just realized something.


    lol, that was easy
  9. knizz
    March 24th, 2012 2:47 AM
    What you want to do is HARD:

    But your domain is small. Only 1280 cases!
    And only the end result has to be in less than 0x49. Right?
    You can just pre-calculate all situations and put the table into your software
    uint a = table1[bignum];
    uint b = bignum/a;
    int c = bignum-a*b;
  10. sonic1
    March 21st, 2012 3:28 PM
    Hey knizz! Today i'm here to ask for help (again, you must be like this -.-').

    But its rather more maths than ASM this time.

    My problem is the following: I have a system where a byte max value can only be 0x49.
    I want to get values in a range of 0-0x500 (HEX). To do it, i must use 3 bytes: Multiply first two and add the third. (lets say 0x196. 1st byte 0x28, 2nd byte 0xA, 3rd byte 0x6. 0x196 = 0x28 * 0xA + 0x6.)

    Now what i want is a routine that given a value of that range, automatically finds the 1, 2 and 3 bytes needed for the final result using the formula above.
    I'm not asking you to make the routine, but help me with the conditions/logic (like, i know that if the value i want is 0, then i just need one of the 2 bytes be 0 and the 3rd be 0 too, becaus X*0 = 0 + 0 = 0)
    My problem is that there are thousands of ways to do it, and thats what is confusing me.

    Many thanks!
  11. knizz
    March 10th, 2012 5:40 AM
    Whooooah. Cool find.
  12. sonic1
    March 10th, 2012 5:08 AM
    Hey knizz! Hope you're doing good! Today i'm here just to tell you that i found a function that might interest you (or not). Its a debug function, probably leftovers.
    Try putting 08009640 + 1 in one of the callbacks 1,2 or 3 while in the FireRed intro (the nidorino fight, the titlescreen or something). Its a function thats probably for the AGB print or something.

  13. knizz
    February 22nd, 2012 5:46 AM
    What this function recieves:
    First argument: R0
    Second argument: R1
    Third argument: R2
    Fourth argument: R3
    Fifth argument: arg_0 = [R13 aka SP][0x0]
    Sixth argument: arg_4 = [R13 aka SP][0x4]
    Seventh argument: arg_8 = [R13 aka SP][0x8]
    Eight argument: arg_C = [R13 aka SP][0xC]

    What the function passes to sub-functions is in var_* (because the addresses are lower). The var_* of this function will become the arg_* of the called one.

    B [var_*] [backups: (R8) (R4 R5 R6 R7 LR)] A [arg_0] [arg_4]
    A is where SP was at the beginning of the function.
    B is where SP is after the beginning of the function.
  14. sonic1
    February 22nd, 2012 4:56 AM
    First, thanks for the explanation! What i didn't know was the part of growing from higher to lower! Must be because of LIFO system, or something like that!

    But you know, IDA makes a stack analysis, right? But in the larger functions, there are things like arg_X and var_XX. Whats really the difference between those? Because as you said, they are all arguments right? E.g:
    0803DA54 @ =============== S U B R O U T I N E =======================================
    0803DA54 make_pokemon: @ CODE XREF: sub_080112E0+16Ap
    0803DA54 @ sub_080112E0+1F4p ...
    0803DA54 var_34 = -0x34
    0803DA54 var_30 = -0x30
    0803DA54 var_2C = -0x2C
    0803DA54 var_28 = -0x28
    0803DA54 var_24 = -0x24
    0803DA54 var_20 = -0x20
    0803DA54 var_1C = -0x1C
    0803DA54 arg_0 = 0
    0803DA54 arg_4 = 4
    0803DA54 arg_8 = 8
    0803DA54 arg_C = 0xC
    0803DA54 PUSH {R4-R7,LR}
    0803DA56 MOV R7, R8
    0803DA58 PUSH {R7}
    0803DA5A SUB SP, SP, #0x1C
    0803DA5C MOV R8, R0
    0803DA5E MOVS R6, R1
    0803DA60 LDR R4, [SP,#0x34+arg_0]
    0803DA62 LDR R7, [SP,#0x34+arg_4]
    0803DA64 LDR R5, [SP,#0x34+arg_8]
    0803DA66 LSLS R6, R6, #0x10
    0803DA68 LSRS R6, R6, #0x10
    0803DA6A ADD R0, SP, #0x34+var_24
    0803DA6C STRB R2, [R0].......

    Also, what emulator do you use to keep track of the stack? I use no$gba debug, because of this thing right on the down-right side of the window:

  15. knizz
    February 22nd, 2012 3:47 AM
    Well, there isn't much to learn about the stack. It grows from a high address to a lower address, it is used for backuping the return address and other registers at the beginning of functions.
    However, when they are used within a function it's hard for me too. Not because it's complicated in general, but because you need to keep track of where in the stack you are at the moment, and what values are stored in it. I use the emulator if I'm too lazy to find it out.
    There is only one stack.

All times are GMT -8. The time now is 7:19 AM.