Poll: Do you like CajeASM?
Yes, it's damn useful!
Exactly what I need.
Nah, not really. But still a good program though.
I fucking hate it.
Note: This is a public poll, other users will be able to see what you voted for.  

CajeASM v7.24 (Stable) - CajeASM is DEAD! « 1 2 3 4
Users browsing this thread: 4 Guest(s)

Thanks for all your help, Those thread have a lot of information Big Grin
I'm starting to understand some things like LW, LH, LB, JAL etc. The syntax seems a bit difficult, but that's because I just have to memorize it Tongue.

I will have to check a bit how a proccesor work, as I don't have experience with programming yet(well just made some simple programming in python like showing a text in a canvas, drawing, etc)

CajeASM v8.0 is possibly coming this weekend. (Finishing the rest on friday) I had a few problems a few days ago with VS2012 studio (I received several VS2012 element not found errors? After reinstalling and setting up everything manually, it seems to work again).

Features:
  • ​ Recoded everything. (Cleaner codebase,
  • ​ A few new pseudo-opcodes requested long ago by Kaze.
  • ​ A lot of fixes like include fixes, branches fixes, etc.
  • ​ Of course, some speed up (approx. 2.013% in comparison to v7.24)
  • ​ Working and better debugger.
  • ​ TLB Instruction Set
(This post was last modified: 07-03-2016, 06:31 PM by Tarek701.)
R.I.P Tarek701. 2005-2016

(07-03-2016, 06:26 PM)Tarek701 Wrote: CajeASM v8.0 is possibly coming this weekend. (Finishing the rest on friday) I had a few problems a few days ago with VS2012 studio (I received several VS2012 element not found errors? After reinstalling and setting up everything manually, it seems to work again).

Features:
  • ​ Recoded everything. (Cleaner codebase,
  • ​A few new pseudo-opcodes requested long ago by Kaze.
  • ​A lot of fixes like include fixes, branches fixes, etc.
  • ​Of course, some speed up (approx. 2.013% in comparison to v7.24)
  • ​Working and better debugger.
  • ​TLB Instruction Set


Hi Tarek,

Thanks for the awesome assembler. I've just been getting into N64 rom hacking over the last half year, so I'm still new, but your tutorials and what not have been invaluble. I do have a question I was hoping you could answer:

I am currently trying to modify some physics in NFL Blitz 2000. I know the subroutine that handles gravity (there is a LUI/ORI MTC1 command that uses a floating point as a "gravity constant). I could simply modify the values being loaded into COP1, but instead, I would like to try and jump out of that subroutine to a new one and modify it there by perhaps adding a modifier or some other arithemetic operations. However, any attempts I've made at trying to jump out of it to somewhere else haven't worked.

I would replace a command that is not vital and JAL to some random place in the rom w/ lots of NOPs, such as 0x00071770. Problem is, even if I just do that and then add a JR RA to jump right back, it gives me an error. I think the problem is I'm not using the JAL opcode correctly... I saw in your simple cajeASM tutorial that you jump to address 802d66c0. How did you find out you can jump to this address? This is a ram, address correct? How would I be able to find a RAM address I could jump to in order to add my new code?

Sorry if this isn't the right place to post - I know you're the MIPS expert so I figured I would ask here. I can add more detail if you need.

(22-03-2016, 03:58 PM)blitzmaster5000 Wrote: I am currently trying to modify some physics in NFL Blitz 2000. I know the subroutine that handles gravity (there is a LUI/ORI MTC1 command that uses a floating point as a "gravity constant). I could simply modify the values being loaded into COP1, but instead, I would like to try and jump out of that subroutine to a new one and modify it there by perhaps adding a modifier or some other arithemetic operations. However, any attempts I've made at trying to jump out of it to somewhere else haven't worked.

I would replace a command that is not vital and JAL to some random place in the rom w/ lots of NOPs, such as 0x00071770. Problem is, even if I just do that and then add a JR RA to jump right back, it gives me an error. I think the problem is I'm not using the JAL opcode correctly... I saw in your simple cajeASM tutorial that you jump to address 802d66c0. How did you find out you can jump to this address? This is a ram, address correct? How would I be able to find a RAM address I could jump to in order to add my new code?


For efficiency reasons, the code in N64 games are first copied from ROM to RAM and then are executed from RAM. The boot code automatically copies 1MB of code starting at ROM offset 0x1000 to the address set at offset 0x8 in the ROM header (in NFL Blitz 2000, this is 0x80000400). Often more code is needed later on while running so this code often copies other code from ROM to RAM and jumps to it at run time. These are almost always done with DMA. The MIPS CPU core uses virtual addresses which are then translated to physical addresses by the hardware. 0x80000000 is the base virtual address of KSEG0 (direct mapped, cached RAM).

I ran a quick test on NFL Blitz 2000 and found the following DMA accesses for code. There may be more as I didn't actually get too far into the game.
RAM Addr.   ROM Offset  LENGTH
0x80000400  0x001000    0x100000 (might be smaller)
0x80248E00  0x02FB00    0x064200


To use this to convert a ROM offset to RAM virtual address (e.g. for a JAL), find the range it falls in the table above and compute:
​ram = rom - (ROM Offset) + (RAM Addr.)
(This post was last modified: 23-03-2016, 11:46 PM by queueRAM. Edit Reason: fixed table headers )

(22-03-2016, 11:32 PM)queueRAM Wrote:
(22-03-2016, 03:58 PM)blitzmaster5000 Wrote:
I am currently trying to modify some physics in NFL Blitz 2000. I know the subroutine that handles gravity (there is a LUI/ORI MTC1 command that uses a floating point as a "gravity constant). I could simply modify the values being loaded into COP1, but instead, I would like to try and jump out of that subroutine to a new one and modify it there by perhaps adding a modifier or some other arithemetic operations. However, any attempts I've made at trying to jump out of it to somewhere else haven't worked.

I would replace a command that is not vital and JAL to some random place in the rom w/ lots of NOPs, such as 0x00071770. Problem is, even if I just do that and then add a JR RA to jump right back, it gives me an error. I think the problem is I'm not using the JAL opcode correctly... I saw in your simple cajeASM tutorial that you jump to address 802d66c0. How did you find out you can jump to this address? This is a ram, address correct? How would I be able to find a RAM address I could jump to in order to add my new code?


For efficiency reasons, the code in N64 games are first copied from ROM to RAM and then are executed from RAM. The boot code automatically copies 1MB of code starting at ROM offset 0x1000 to the address set at offset 0x8 in the ROM header (in NFL Blitz 2000, this is 0x80000400). Often more code is needed later on while running so this code often copies other code from ROM to RAM and jumps to it at run time. These are almost always done with DMA. The MIPS CPU core uses virtual addresses which are then translated to physical addresses by the hardware. 0x80000000 is the base virtual address of KSEG0 (direct mapped, cached RAM).

I ran a quick test on NFL Blitz 2000 and found the following DMA accesses for code. There may be more as I didn't actually get too far into the game.
ROM Offset  RAM Addr.   LENGTH
0x80000400  0x001000    0x100000 (might be smaller)
0x80248E00  0x02FB00    0x064200


To use this to convert a ROM offset to RAM virtual address (e.g. for a JAL), find the range it falls in the table above and compute:
​ram = rom - (ROM Offset) + (RAM Addr.)



I found the address 0x00071800 in the ROM has NOPs, so I think I can stick my code in here, but I'm confused on some of the parts you mentioned. Are your labels backward? in your table, the ROM offset's look like they should be the 0x001000 and 0x02fb00 values, rather than the 0x80000400 and 0x80248e00 values.

(23-03-2016, 11:09 PM)blitzmaster5000 Wrote: I found the address 0x00071800 in the ROM has NOPs, so I think I can stick my code in here, but I'm confused on some of the parts you mentioned. Are your labels backward? in your table, the ROM offset's look like they should be the 0x001000 and 0x02fb00 values, rather than the 0x80000400 and 0x80248e00 values.


Yes, you are correct, I mixed up the table headers when posting. I have corrected this in my post above. Thanks.

Also, you must be looking at a different ROM than I am. ROM offset 0x00071800 looks like some data or a jump table: 0A 00 05 A3 0A 00 03 08 0A 00 06 49 0A 00 04 FE

I got this error and tried everything to fix it from a new rom to redownload CajeASM
   
(This post was last modified: 16-07-2016, 06:33 PM by GunnyDawg.)
Chirpy Shine Bright Like A Diamond  Cool  My Favorite Random Words are Stardust and penguins. 17 is my lucky number.

(16-07-2016, 06:32 PM)GunnyDawg Wrote: I got this error and tried everything to fix it from a new rom to redownload CajeASM


It's possible that the file itself is being opened by an antivirus program upon download. Also, you may need to check the properties of the file and make sure it isn't blocked. If you right click and click on the properties option there will be a button that says "Unblock" and pressing that and hitting "Apply" will unblock the file and allow programs to open it.

This happens because of safety features in Windows 10.

CajeASM is officially dead, because I'm focusing on something bigger now. (It's SM64-related)
Use ARM9's fork of byuu's bass assembler. I found it to be better than my assembler.
R.I.P Tarek701. 2005-2016

CajeASM v7.24 (Stable) - CajeASM is DEAD! « 1 2 3 4
Users browsing this thread: 4 Guest(s)