News: 11 March 2016 - Forum Rules
Current Moderators - DarkSol, KingMike, MathOnNapkins, Azkadellia, Danke

Author Topic: EVO Search for Eden running routine  (Read 4644 times)

Marcelo_20XX

  • Jr. Member
  • **
  • Posts: 38
    • View Profile
EVO Search for Eden running routine
« on: February 08, 2020, 08:11:02 pm »
Hi community! I am working on this SNES game, coding some custom gameplay tweaks, I had finished an auto scroll dialogue routine for a fast paced action. But I stumbled upon the second of my objectives: implementing a tweak that can assign running to a button input and disable the default double tap direction scheme since is not totally accurate gameplay wise (sometimes I end up running accidentally).

Ideally I want to map the running routine to the L button but I am having difficulties trying to figure out the best method for this, so I appreciate if anyone can help me here, thanks.

I found some addresses of interest:
Code: [Select]
Ram:
000132  player state 88=neutral 89=stopping 8A=running
0005C3  stores if a Dpad key is being held down 00=false 08=true
0005A6  player facing value FF=null 40=right 80=down 00=up 20=left
000672  ?? sometimes stores player facing value
        not updated regularly
00068F  another copy of player facing value
001EB1  input polling i.e. 01=pressing right

Rom:
$00/8D01 29 10       AND #$10  Check If Start Button is being pressed
                               useful routine to hijack and test our code

EDIT1:

I had made a custom routine hijacking the Start Button being pressed routine:

Code: [Select]
$00/8D01 29 10       AND #$10                check only if Start button is being pressed
$00/8D03 F0 32       BEQ $32    [$8D37]      jump to 8D37 if not
I pressed Start so the routine continue:
$00/8D05 AD A6 05    LDA $05A6  [$00:05A6]   load ram address that store char facing value
$00/8D08 C9 FF       CMP #$FF                compare if not null
$00/8D0A D0 02       BNE $02    [$8D0E]      jump 2bytes if not null
$00/8D0C 80 29       BRA $29    [$8D37]      jump to end of default routine if null
$00/8D0E AD C3 05    LDA $05C3  [$00:05C3]   load ram that stores a Dpad key being held
$00/8D11 C9 08       CMP #$08                compare with values 00=false 08=true
$00/8D13 F0 02       BEQ $02    [$8D17]      jump 2bytes if true
$00/8D15 80 20       BRA $20    [$8D37]      jump to end of default routine if false
$00/8D17 A9 8A       LDA #$8A                load value 8A=running value
$00/8D19 8D 32 01    STA $0132  [$00:0132]   store at ram that sets player state out of 3
                                             possible values 88=neutral 89=stopping 8A=run
$00/8D1C 80 19       BRA $19    [$8D37]      jump to end of default routine
$00/8D37 22 93 8D 1E JSL $1E8D93[$1E:8D93]   default end as if Start has not being pressed

Still not perfect, there is some bugs with it, one is that after running on a direction if you press and maintain the opposite direction and then spam the Start button to trigger the routine, you will instead glitch the code and the character will pause for a moment when the button is being pressed, no idea why is that but ram address 068F that store the player facing value is being written with a 00 value that in normal cases shouldn't...

The other bug is that at the beginning of every level if you press and hold a direction and then press the start button it will trigger the bug above, to avoid this you need to at least tap any direction before using the custom routine...
« Last Edit: February 09, 2020, 01:40:51 pm by Marcelo_20XX »

Cyneprepou4uk

  • Hero Member
  • *****
  • Posts: 664
  • I am the baldest romhacker
    • View Profile
Re: EVO Search for Eden running routine
« Reply #1 on: February 09, 2020, 04:15:36 am »
I don't see you are using 068F in your code, so why bother with it having 00?
Why are you comparing 05A6 to FF if 55 is null?
Why at 8D0A and 8D13 are you branching only 2 bytes ahead? And I'm pretty sure these branches conditions should be reversed.
Is there a reason you are not showing us instructions at 8D0C and 8D15?
Why do you think you need to spam start button to execute your code?
Can you show more of original code around 8D01?
« Last Edit: February 09, 2020, 04:27:28 am by Cyneprepou4uk »

Marcelo_20XX

  • Jr. Member
  • **
  • Posts: 38
    • View Profile
Re: EVO Search for Eden running routine
« Reply #2 on: February 09, 2020, 11:49:24 am »
Thank you for taking the time to review my code, I saw you helped another member to get his code right on Mother 3

Q:I don't see you are using 068F in your code, so why bother with it having 00?
A: I am not changing this value I saw that this ram address change to 00 whenever the bug
   is triggered, on its normal state it should only store the player facing value
Q: Why are you comparing 05A6 to FF if 55 is null?
A: Sorry, this ram address null value is FF not 55 I will modify my post
   UPDATED see modified OP post
Q: Why at 8D0A and 8D13 are you branching only 2 bytes ahead? And I'm pretty sure these
   branches conditions should be reversed
A: Because I didn't wrote the full code, only the part that the debugger executed if I
   pressed Start button and the conditions were met, but the full code contains a jump to
   the end of the custom routine in both places if both checks failed
   UPDATED see modified OP post
Q: Is there a reason you are not showing us instructions at 8D0C and 8D15?
A: Not really, I will modify my post to contain those jumps to better illustrate the code,
   I was being lazy, sorry, because it was 2am here
   UPDATED see modified OP post
Q: Why do you think you need to spam start button to execute your code?
A: Its a fail safe check, on ideal circumstances the code shouldn't be executed if the
   running state is set, I guess I need some check somewhere to made the code jump to the
   end if set but I tried CMP for 8A to ram address 0132 but it didn't work
Q: Can you show more of original code around 8D01?
A: Sure:
   
Code: [Select]
...
$00/8B51 95 00       STA $00,x  [$00:0000]   A:0030 X:0000 Y:00FF P:envmxdIzC
$00/8B53 CA          DEX                     A:0030 X:0000 Y:00FF P:envmxdIzC
$00/8B54 CA          DEX                     A:0030 X:FFFF Y:00FF P:eNvmxdIzC
$00/8B55 10 F9       BPL $F9    [$8B50]      A:0030 X:FFFE Y:00FF P:eNvmxdIzC
$00/8B57 C2 30       REP #$30                A:0030 X:FFFE Y:00FF P:eNvmxdIzC
$00/8B59 AB          PLB                     A:0030 X:FFFE Y:00FF P:eNvmxdIzC
$00/8B5A 2B          PLD                     A:0030 X:FFFE Y:00FF P:envmxdIZC
$00/8B5B 7A          PLY                     A:0030 X:FFFE Y:00FF P:envmxdIZC
$00/8B5C FA          PLX                     A:0030 X:FFFE Y:00AC P:envmxdIzC
$00/8B5D 68          PLA                     A:0030 X:00FF Y:00AC P:envmxdIzC
$00/8B5E 28          PLP                     A:0080 X:00FF Y:00AC P:envmxdIzC
$00/8B5F 40          RTI                     A:0080 X:00FF Y:00AC P:eNvMXdIzc
$00/8CF4 30 FC       BMI $FC    [$8CF2]      A:0080 X:00FF Y:00AC P:eNvMXdizc
$00/8CF2 24 5E       BIT $5E    [$00:005E]   A:0080 X:00FF Y:00AC P:eNvMXdizc
$00/8CF4 30 FC       BMI $FC    [$8CF2]      A:0080 X:00FF Y:00AC P:envMXdiZc
$00/8CF6 64 5C       STZ $5C    [$00:005C]   A:0080 X:00FF Y:00AC P:envMXdiZc
$00/8CF8 A5 94       LDA $94    [$00:0094]   A:0080 X:00FF Y:00AC P:envMXdiZc
$00/8CFA 29 08       AND #$08                A:0000 X:00FF Y:00AC P:envMXdiZc
$00/8CFC D0 39       BNE $39    [$8D37]      A:0000 X:00FF Y:00AC P:envMXdiZc
$00/8CFE AD B5 1E    LDA $1EB5  [$00:1EB5]   A:0000 X:00FF Y:00AC P:envMXdiZc
$00/8D01 29 10       AND #$10                A:0000 X:00FF Y:00AC P:envMXdiZc
$00/8D03 F0 32       BEQ $32    [$8D37]      A:0000 X:00FF Y:00AC P:envMXdiZc
--- I NOPed this section and replaced with my custom code, original code contains the routine to show the Pause screen, but in this example this section is skipped because I didn't pressed Start ---
$00/8D37 22 93 8D 1E JSL $1E8D93[$1E:8D93]   A:0000 X:00FF Y:00AC P:envMXdiZc

This is the default routine as if Start hasn't been press
« Last Edit: February 09, 2020, 01:57:52 pm by Marcelo_20XX »

Cyneprepou4uk

  • Hero Member
  • *****
  • Posts: 664
  • I am the baldest romhacker
    • View Profile
Re: EVO Search for Eden running routine
« Reply #3 on: February 09, 2020, 02:27:15 pm »
I don't remember I helped someone to write code for Mother 3, but ok, I'll take credit for it  >:D

Your code looks fine. Well, except for the first 2 BRA, you don't really need them, if you skip code execution right away when conditions are not met. And allowing to run code only when spaming start button is ridiculous, but whatever.

So maybe you've misunderstood the meaning of these addresses, or you are executing code in the wrong time or place, or there is something else you need to change after passing through conditions

Marcelo_20XX

  • Jr. Member
  • **
  • Posts: 38
    • View Profile
Re: EVO Search for Eden running routine
« Reply #4 on: February 09, 2020, 04:55:53 pm »
Following your advice I cleaned up the code:
Code: [Select]
$00/8D01 29 10       AND #$10                check only if Start button is being pressed
$00/8D03 F0 32       BEQ $32    [$8D37]      jump to 8D37 if not
$00/8D05 AD A6 05    LDA $05A6  [$00:05A6]   A:0010 X:00FF Y:00AC P:envMXdizc
$00/8D08 C9 FF       CMP #$FF                A:0040 X:00FF Y:00AC P:envMXdizc
$00/8D0A F0 2B       BEQ $2B    [$8D37]      A:0040 X:00FF Y:00AC P:envMXdizc
$00/8D0C AD C3 05    LDA $05C3  [$00:05C3]   A:0040 X:00FF Y:00AC P:envMXdizc
$00/8D0F C9 08       CMP #$08                A:0008 X:00FF Y:00AC P:envMXdizc
$00/8D11 D0 24       BNE $24    [$8D37]      A:0008 X:00FF Y:00AC P:envMXdiZC
$00/8D13 A9 8A       LDA #$8A                A:0008 X:00FF Y:00AC P:envMXdiZC
$00/8D15 8D 32 01    STA $0132  [$00:0132]   A:008A X:00FF Y:00AC P:eNvMXdizC
$00/8D18 80 1D       BRA $1D    [$8D37]      A:008A X:00FF Y:00AC P:eNvMXdizC
$00/8D37 22 93 8D 1E JSL $1E8D93[$1E:8D93]   A:008A X:00FF Y:00AC P:eNvMXdizC

Unfortunately same bugs as before...

Cyneprepou4uk

  • Hero Member
  • *****
  • Posts: 664
  • I am the baldest romhacker
    • View Profile
Re: EVO Search for Eden running routine
« Reply #5 on: February 09, 2020, 05:33:38 pm »
I never said that it will fix your bug, so no surprises here.

Ok, a piece of advice. Your guess is that writting 8A into 0132 should force player to run. Deactivate your code, and freeze 8A into that address while you walking normally, to see if he actually starts running because of it.

Use pause in the emulator before freezing, and don't release direction button when unpaused.

Marcelo_20XX

  • Jr. Member
  • **
  • Posts: 38
    • View Profile
Re: EVO Search for Eden running routine
« Reply #6 on: February 09, 2020, 06:33:46 pm »
Yes I froze that address using the built in cheat function on the emulator, BTW I am using the special SNES9x 1.51 with debugger version and the result is that the player runs, but if you are not holding any direction the game glitches out on an attempt to run in place...

Raeven0

  • Jr. Member
  • **
  • Posts: 39
    • View Profile
Re: EVO Search for Eden running routine
« Reply #7 on: February 09, 2020, 07:28:38 pm »
What actions normally cause a write to $0132? What code reads from $0132?

Disable the "Squelch" option in your debug console. What is the range of normal values of S?

Cyneprepou4uk

  • Hero Member
  • *****
  • Posts: 664
  • I am the baldest romhacker
    • View Profile
Re: EVO Search for Eden running routine
« Reply #8 on: February 10, 2020, 03:04:16 am »
It probably means that you write 8A a bit early, since there are no glitches when he is aready moving.

Either find a better place to attach your routine, or set up more proper conditions before writting 8A.

Marcelo_20XX

  • Jr. Member
  • **
  • Posts: 38
    • View Profile
Re: EVO Search for Eden running routine
« Reply #9 on: February 10, 2020, 09:49:24 am »
I think this is more complicated than I thought, this is the routine that I believe is called when the game set the flag to a running state:

Code: [Select]
$01/83CD AE 31 01    LDX $0131  [$01:0131]   A:C013 X:0000 Y:0001 D:0000 DB:01 S:1FF3 P:enVMXdizc HC:1294 VC:045 FC:05 I:00
$01/83D0 AD 1B 06    LDA $061B  [$01:061B]   A:C013 X:0000 Y:0001 D:0000 DB:01 S:1FF3 P:enVMXdiZc HC:1334 VC:045 FC:05 I:00
$01/83D3 29 7F       AND #$7F                A:C093 X:0000 Y:0001 D:0000 DB:01 S:1FF3 P:eNVMXdizc HC:0010 VC:046 FC:05 I:00
$01/83D5 C9 11       CMP #$11                A:C013 X:0000 Y:0001 D:0000 DB:01 S:1FF3 P:enVMXdizc HC:0034 VC:046 FC:05 I:00
$01/83D7 F0 07       BEQ $07    [$83E0]      A:C013 X:0000 Y:0001 D:0000 DB:01 S:1FF3 P:enVMXdizC HC:0058 VC:046 FC:05 I:00
$01/83D9 AD 32 01    LDA $0132  [$01:0132]   A:C013 X:0000 Y:0001 D:0000 DB:01 S:1FF3 P:enVMXdizC HC:0082 VC:046 FC:05 I:00
$01/83DC 29 02       AND #$02                A:C088 X:0000 Y:0001 D:0000 DB:01 S:1FF3 P:eNVMXdizC HC:0122 VC:046 FC:05 I:00
$01/83DE F0 03       BEQ $03    [$83E3]      A:C000 X:0000 Y:0001 D:0000 DB:01 S:1FF3 P:enVMXdiZC HC:0146 VC:046 FC:05 I:00
$01/83E3 AD 1B 06    LDA $061B  [$01:061B]   A:C000 X:0000 Y:0001 D:0000 DB:01 S:1FF3 P:enVMXdiZC HC:0176 VC:046 FC:05 I:00
$01/83E6 29 7F       AND #$7F                A:C093 X:0000 Y:0001 D:0000 DB:01 S:1FF3 P:eNVMXdizC HC:0216 VC:046 FC:05 I:00
$01/83E8 C9 12       CMP #$12                A:C013 X:0000 Y:0001 D:0000 DB:01 S:1FF3 P:enVMXdizC HC:0240 VC:046 FC:05 I:00
$01/83EA F0 07       BEQ $07    [$83F3]      A:C013 X:0000 Y:0001 D:0000 DB:01 S:1FF3 P:enVMXdizC HC:0264 VC:046 FC:05 I:00
$01/83EC AD 4F 01    LDA $014F  [$01:014F]   A:C013 X:0000 Y:0001 D:0000 DB:01 S:1FF3 P:enVMXdizC HC:0288 VC:046 FC:05 I:00
$01/83EF 29 81       AND #$81                A:C040 X:0000 Y:0001 D:0000 DB:01 S:1FF3 P:enVMXdizC HC:0328 VC:046 FC:05 I:00
$01/83F1 D0 0F       BNE $0F    [$8402]      A:C000 X:0000 Y:0001 D:0000 DB:01 S:1FF3 P:enVMXdiZC HC:0352 VC:046 FC:05 I:00
$01/83F3 AD B5 1E    LDA $1EB5  [$01:1EB5]   A:C000 X:0000 Y:0001 D:0000 DB:01 S:1FF3 P:enVMXdiZC HC:0376 VC:046 FC:05 I:00
$01/83F6 29 0F       AND #$0F                A:C001 X:0000 Y:0001 D:0000 DB:01 S:1FF3 P:enVMXdizC HC:0416 VC:046 FC:05 I:00
$01/83F8 D0 0A       BNE $0A    [$8404]      A:C001 X:0000 Y:0001 D:0000 DB:01 S:1FF3 P:enVMXdizC HC:0440 VC:046 FC:05 I:00
$01/8404 CD 4B 07    CMP $074B  [$01:074B]   A:C001 X:0000 Y:0001 D:0000 DB:01 S:1FF3 P:enVMXdizC HC:0470 VC:046 FC:05 I:00
$01/8407 8D 4B 07    STA $074B  [$01:074B]   A:C001 X:0000 Y:0001 D:0000 DB:01 S:1FF3 P:enVMXdiZC HC:0510 VC:046 FC:05 I:00
$01/840A D0 4D       BNE $4D    [$8459]      A:C001 X:0000 Y:0001 D:0000 DB:01 S:1FF3 P:enVMXdiZC HC:0590 VC:046 FC:05 I:00
$01/840C C9 01       CMP #$01                A:C001 X:0000 Y:0001 D:0000 DB:01 S:1FF3 P:enVMXdiZC HC:0614 VC:046 FC:05 I:00
$01/840E F0 13       BEQ $13    [$8423]      A:C001 X:0000 Y:0001 D:0000 DB:01 S:1FF3 P:enVMXdiZC HC:0638 VC:046 FC:05 I:00
$01/8423 AD 4A 07    LDA $074A  [$01:074A]   A:C001 X:0000 Y:0001 D:0000 DB:01 S:1FF3 P:enVMXdiZC HC:0668 VC:046 FC:05 I:00
$01/8426 F0 DA       BEQ $DA    [$8402]      A:C009 X:0000 Y:0001 D:0000 DB:01 S:1FF3 P:enVMXdizC HC:0708 VC:046 FC:05 I:00
$01/8428 C9 0C       CMP #$0C                A:C009 X:0000 Y:0001 D:0000 DB:01 S:1FF3 P:enVMXdizC HC:0732 VC:046 FC:05 I:00
$01/842A B0 2D       BCS $2D    [$8459]      A:C009 X:0000 Y:0001 D:0000 DB:01 S:1FF3 P:eNVMXdizc HC:0756 VC:046 FC:05 I:00
$01/842C AD 4F 01    LDA $014F  [$01:014F]   A:C009 X:0000 Y:0001 D:0000 DB:01 S:1FF3 P:eNVMXdizc HC:0780 VC:046 FC:05 I:00
$01/842F 29 C0       AND #$C0                A:C040 X:0000 Y:0001 D:0000 DB:01 S:1FF3 P:enVMXdizc HC:0820 VC:046 FC:05 I:00
$01/8431 F0 13       BEQ $13    [$8446]      A:C040 X:0000 Y:0001 D:0000 DB:01 S:1FF3 P:enVMXdizc HC:0844 VC:046 FC:05 I:00
$01/8433 AD 32 01    LDA $0132  [$01:0132]   A:C040 X:0000 Y:0001 D:0000 DB:01 S:1FF3 P:enVMXdizc HC:0868 VC:046 FC:05 I:00
$01/8436 09 02       ORA #$02                A:C088 X:0000 Y:0001 D:0000 DB:01 S:1FF3 P:eNVMXdizc HC:0908 VC:046 FC:05 I:00
and this is the exact moment the write occurs at 0132 and as expected it triggers when I double tap and the character runs
Code: [Select]
$01/8438 8D 32 01    STA $0132  [$01:0132]   A:C08A X:0000 Y:0001 D:0000 DB:01 S:1FF3 P:eNVMXdizc HC:0932 VC:046 FC:05 I:00
$01/843B A9 12       LDA #$12                A:C08A X:0000 Y:0001 D:0000 DB:01 S:1FF3 P:eNVMXdizc HC:0980 VC:046 FC:05 I:00
$01/843D 2C 4F 01    BIT $014F  [$01:014F]   A:C012 X:0000 Y:0001 D:0000 DB:01 S:1FF3 P:enVMXdizc HC:1012 VC:046 FC:05 I:00
$01/8440 30 02       BMI $02    [$8444]      A:C012 X:0000 Y:0001 D:0000 DB:01 S:1FF3 P:enVMXdiZc HC:1060 VC:046 FC:05 I:00
$01/8442 A9 13       LDA #$13                A:C012 X:0000 Y:0001 D:0000 DB:01 S:1FF3 P:enVMXdiZc HC:1092 VC:046 FC:05 I:00
$01/8444 80 02       BRA $02    [$8448]      A:C013 X:0000 Y:0001 D:0000 DB:01 S:1FF3 P:enVMXdizc HC:1150 VC:046 FC:05 I:00
$01/8448 20 C3 84    JSR $84C3  [$01:84C3]   A:C013 X:0000 Y:0001 D:0000 DB:01 S:1FF3 P:enVMXdizc HC:1188 VC:046 FC:05 I:00
$01/84C3 85 30       STA $30    [$00:0030]   A:C013 X:0000 Y:0001 D:0000 DB:01 S:1FF1 P:enVMXdizc HC:1250 VC:046 FC:05 I:00
$01/84C5 AD 1B 06    LDA $061B  [$01:061B]   A:C013 X:0000 Y:0001 D:0000 DB:01 S:1FF1 P:enVMXdizc HC:1290 VC:046 FC:05 I:00
$01/84C8 29 7F       AND #$7F                A:C093 X:0000 Y:0001 D:0000 DB:01 S:1FF1 P:eNVMXdizc HC:1338 VC:046 FC:05 I:00
$01/84CA C5 30       CMP $30    [$00:0030]   A:C013 X:0000 Y:0001 D:0000 DB:01 S:1FF1 P:enVMXdizc HC:1370 VC:046 FC:05 I:00
$01/84CC F0 07       BEQ $07    [$84D5]      A:C013 X:0000 Y:0001 D:0000 DB:01 S:1FF1 P:enVMXdiZC HC:0046 VC:047 FC:05 I:00
$01/84D5 60          RTS                     A:C013 X:0000 Y:0001 D:0000 DB:01 S:1FF1 P:enVMXdiZC HC:0084 VC:047 FC:05 I:00

Cyneprepou4uk

  • Hero Member
  • *****
  • Posts: 664
  • I am the baldest romhacker
    • View Profile
Re: EVO Search for Eden running routine
« Reply #10 on: February 10, 2020, 01:06:16 pm »
Probably 83F3 is where the game checks your input for double tapping.

Marcelo_20XX

  • Jr. Member
  • **
  • Posts: 38
    • View Profile
Re: EVO Search for Eden running routine
« Reply #11 on: February 10, 2020, 03:30:22 pm »
Yes that's the line that controls the check but I tried changing to:
Code: [Select]
$01/83F3 AD B5 1E    LDA $1EB5  [$01:1EB5]   A:C000 X:0000 Y:0001 D:0000 DB:01 S:1FF3
$01/83F6 29 10       AND #$10                A:C001 X:0000 Y:0001 D:0000 DB:01 S:1FF3
$01/83F8 F0 0A       BEQ $0A    [$8404]      A:C001 X:0000 Y:0001 D:0000 DB:01 S:1FF3


Made that the game check if the Start button is being pressed, but it didn't work, now the character never runs

Cyneprepou4uk

  • Hero Member
  • *****
  • Posts: 664
  • I am the baldest romhacker
    • View Profile
Re: EVO Search for Eden running routine
« Reply #12 on: February 10, 2020, 04:33:38 pm »
Of course you have messed it up. Study the routine and ram addresses. Use snes instructions guide.

February 11, 2020, 07:28:49 pm - (Auto Merged - Double Posts are not allowed before 7 days.)
You can ask if you have any troubles, just use your head as well and try to figure out things on your own.

Can't hold your hand all the time  >:D
« Last Edit: February 11, 2020, 07:28:49 pm by Cyneprepou4uk »

Marcelo_20XX

  • Jr. Member
  • **
  • Posts: 38
    • View Profile
Re: EVO Search for Eden running routine
« Reply #13 on: February 11, 2020, 09:16:28 pm »
Sure no problem, I will post if I need some advice...