News: 11 March 2016 - Forum Rules
Current Moderators - DarkSol, KingMike, MathOnNapkins, Azkadellia, Danke

Author Topic: FFTA2: Grimoire of the Rift - Assigning Special Jobs  (Read 6435 times)

Edea

  • Jr. Member
  • **
  • Posts: 55
    • View Profile
FFTA2: Grimoire of the Rift - Assigning Special Jobs
« on: August 01, 2011, 12:52:37 pm »
I've managed to find the data for equipment parameters, abilities, commands/command sets, sprite/gender pointers, and jobs (if anyone wants that stuff).  However, neither the job data nor the sprite/gender pointers hold any information on how the game assigns additional 'special' jobs (such as Bard or Heritor, for anyone who's played the game) or removes jobs (such as preventing certain Moogles from becoming Chocobo Knights) from certain characters while still giving them access to a generic 'job wheel' (such as Moogle or Hume, matching the above example).

I do think the code uses character ID to determine who gets what, since when I changed that byte ($0212B125) from $01 to $03 for Luso in the RAM while playing, not only did he suddenly gain access to the Heritor job, he looked like Adelle (yet kept his name/everything else).  IDs of interest are:

$01: Luso
$02: Cid
$03: Adelle
$04: Hurdy
$05: Vaan
$06: Penelo
$07: Al-Cid
$08: Montblanc
$09: Illua
$30: Frimelda

But this is where I'm having trouble: tracing the routine responsible for this.  I tried using DeSmuME but this is so different from what I'm used to (Geiger's debugger/SNES/65c816)...I don't think it can set breakpoints??  I looked but couldn't find an option for that.  I'm assuming the routine is part of the ARM9 architecture (which, to me, is really complete gobbledegook), but I have no confirmation of that. 

This request probably belongs on the newbie board, but has anyone here run some disassembly for this particular game and/or can they clue me in on the basics so I can find these routines myself (such as SETTING BREAKPOINTS, for chrissakes)?  Google turned up a couple hopeful leads, but that sadly ended in 404s.

Spikeman

  • Hero Member
  • *****
  • Posts: 1063
  • *unce unce unce*
    • View Profile
    • None at the moment, check out my Last.fm page instead?
Re: FFTA2: Grimoire of the Rift - Assigning Special Jobs
« Reply #1 on: August 01, 2011, 11:09:02 pm »
This is a NDS game, correct? By far the best debugger is No$GBA. Unfortunately, the debug version isn't free and the author seems to have dropped off the face of the Earth.

It sounds like you're on the right track as to where to start debugging. Hopefully with the right tool you'll be able to find what you're looking for. (Note: No$GBA has pretty great documentation, so figuring out how to do breakpoints and such shouldn't be an issue.)
« Last Edit: August 04, 2011, 07:20:54 pm by Spikeman »
Open Source Hacking Projects: Guru Logic Champ, Telefang 2, (Want more? Check out my GitHub!)

Edea

  • Jr. Member
  • **
  • Posts: 55
    • View Profile
Re: FFTA2: Grimoire of the Rift - Assigning Special Jobs
« Reply #2 on: August 03, 2011, 03:33:17 pm »
This is what I've got so far from starting a trace at the point where the game checks character ID, right before showing you the list of jobs available for the selected unit (I used Luso for this, so his ID is $01).  The breakpoint is met when you select "Change Jobs" in the Unit Menu.

Code: [Select]
020b6154 e5d64005 (ba154) ldrb r4,[r6,#0x5] Loads r4 ($01)  from r6(#0x5) ($0212b125)
020b5110 e92d4010 (b9110) stmfd r13!,(r4,r14) Pre-increment store of r4 ($01) and r14
                                                                               ($020b615c) to r13 (stack)
020b5114 e3a01006 (b9114) mov r1,#0x6 Moves immediate value "#0x6" to r1 ($5d -> $06)
020b5118 e1a04000 (b9118) mov r4,r0 Moves contents of r0 ($0212b120) to r4
020b511c ebffff3d (b911c) bl #0x20b4e18 Branch (with return link) to SRAM address $020b4e18
020b4e18 e3500000 (b8e18) cmp r0,#0x0 Compare r0 ($0212b120) with immediate value "#0x0"
020b4e1c 03a00000 (b8e1c) moveq r0,#0x0 Move immediate value "#0x0" to r0 (equal)//FALSE
020b4e20 012fff1e (b8e20) bxeq r14 Branch to r14 ($20b5120) and switch execution mode
                                                                                                (equal)//FALSE
020b4e24 e3510000 (b8e24) cmp r1,#0x0 Compare r1 ($06) with immediate value "#0x0"
020b4e28 b3a01000 (b8e28) movlt r1,#0x0 Move immediate value "#0x0" to r1 (less than)//FALSE
020b4e2c ba000001 (b8e2c) blt #0x20b4e38 Branch (with return link) to SRAM address #0x20b4e38
                                                                                                (true)//FALSE
020b4e30 e3510029 (b8e30) cmp r1,#0x29 Compare r1 ($06) with immediate value "#0x29"
020b4e34 c3a01029 (b8e34) movgt r1,#0x29 Move immediate value "#0x29" to r1 (greater than)//FALSE


Hopefully that's legible enough, I guess I'll post more of the trace as I summon energy to peruse it XD.  So far it looks like Luso's character ID is sitting in the stack, so there's probably a lot more to go.  Anyone recognize this routine/know more about it?  The values in parentheses are where you'd find this code in the ROM/looking in a hex editor.
« Last Edit: December 22, 2011, 10:26:53 am by Gil Galad »

Spikeman

  • Hero Member
  • *****
  • Posts: 1063
  • *unce unce unce*
    • View Profile
    • None at the moment, check out my Last.fm page instead?
Re: FFTA2: Grimoire of the Rift - Assigning Special Jobs
« Reply #3 on: August 04, 2011, 07:27:02 pm »
It looks like it's just storing the ID value on the stack to be used later, so you'll have to find where it's retrieving the value. Unfortunately, nothing is more of a pain in the ass than setting breakpoints on the stack. If anyone would like to chip in with a better method for following values on the stack please do so. Here's how I do it:

Set a breakpoint on the spot where you know the value is stored to the stack (so 020b5110). After the game breaks on this spot, set a read breakpoint on the value on the stack. Unfortunately, anything that is pushed or popped on the stack will mess with this. Sometimes the only thing you can do is step through the code a bit at a time to see what's going on. I think there is also a stack trace window, that tracks what values are pushed and popped from the stack, but that isn't much use for routines that write directly to the stack or manually change the stack pointer.
Open Source Hacking Projects: Guru Logic Champ, Telefang 2, (Want more? Check out my GitHub!)

Edea

  • Jr. Member
  • **
  • Posts: 55
    • View Profile
Re: FFTA2: Grimoire of the Rift - Assigning Special Jobs
« Reply #4 on: August 15, 2011, 01:52:32 pm »
Geez, I've been distracted -_-

I'll only bump this again once I've actually found something, mainly keeping it afloat to find out if anyone else is interested in this.  Also, I guess I can ask if there's a way to just import excel files onto datacrystal without having to go through a bunch of reformatting; recently located bazaar and recipe data.

itoikenza

  • Jr. Member
  • **
  • Posts: 32
  • https://www.irccloud.com
    • View Profile
    • My Twitter!
Re: FFTA2: Grimoire of the Rift - Assigning Special Jobs
« Reply #5 on: September 11, 2011, 01:21:00 pm »
*sigh* My idiot extremely low level questions... hahaha!
« Last Edit: January 11, 2015, 11:28:23 am by itoikenza »

itoikenza

  • Jr. Member
  • **
  • Posts: 32
  • https://www.irccloud.com
    • View Profile
    • My Twitter!
futile attempt to garner your support...
« Reply #6 on: December 22, 2011, 12:18:32 am »
Idiocy abounds...
« Last Edit: January 11, 2015, 11:26:49 am by itoikenza »

Edea

  • Jr. Member
  • **
  • Posts: 55
    • View Profile
Re: FFTA2: Grimoire of the Rift - Assigning Special Jobs
« Reply #7 on: December 28, 2011, 08:35:58 pm »
O_O

Sorry, I really don't read the board that often...

Here you go, hope it helps

itoikenza

  • Jr. Member
  • **
  • Posts: 32
  • https://www.irccloud.com
    • View Profile
    • My Twitter!
Re: FFTA2: Grimoire of the Rift - Assigning Special Jobs
« Reply #8 on: December 29, 2011, 06:35:09 am »
thanks...
« Last Edit: January 11, 2015, 11:19:07 am by itoikenza »