ROM Hack ASM codes in GBA VCs

MichiS97

"Leftist snowflake milennial"
OP
Member
Joined
Jun 14, 2011
Messages
1,813
Trophies
2
Age
26
Location
Munich
XP
3,571
Country
Germany
Hi guys,

I've got a question about GBA VC games. Of course, I know that you cannot use NTR in AGB_FIRM and you're pretty much stuck with GBAATM when it comes to cheat codes, but my problem is that you can only use Codebreaker codes with GBAATM. Now, I'd like to be able to use ROM patching codes like those that can be used with Action Replay Max. This wouldn't be much of an issue if I wanted the codes to be permanent , because I could just hex edit the ROM and inject it into the VC and be done with it but I would need to be able to patch the game while it's running. Just to give you some context: there's a timer in the game that I'd like to freeze, I know which offset in the ROM I have to change to which value to accomplish this but I need to let the timer reach zero sometimes (it's related to a minigame and if the timer doesn't reach zero the game wouldn't end, no matter how many points you score). In the past I've solved this with an AR Max code which would change the value in the ROM to the original one when the L button is held. This, sadly, isn't possible with GBAATM, nor can I freeze the timer with regular RAM write codes because I just can't find the correct offset.
What I'm basically asking for is this: I don't have any experience in ROM hacking and just a little bit of experience with ASM, but could somebody explain if and how I can add a routine to the ROM that would let me write a value to the ROM when a specific button is or isn't pressed? The only thing I've ever done concerning ROM hacking is simply patching out instructions that would lower health or whatever, basically just changing a sub instruction to nop or whatever.
I don't want to be spoonfed or anything, if someone could just point me into the right direction I'd be a very happy man.
I get the feeling that I wrote this post in a very confusing fashion, so if there's anything you need me to clarify just tell me :)
 

Coto

-
Member
Joined
Jun 4, 2010
Messages
2,979
Trophies
2
XP
2,564
Country
Chile
well I did something like that a year ago... Veeery experimental IRQ hook:

it was for trying to use RTC in GBA Mode (NDS7), and while it succeded, reads returned open (0xffffffff) from RTC Ports. So it wasn't possible.

http://pastebin.com/43KEJTSS

NDS7_RTC_PROCESS:
is the hook process. I guess there you could rewrite the timer value there. Also this will cause this code to jump to IRQ Handler whenever an IRQ Exception occurs.
I guess you could examine (IF & IE & IRQ_VBLANK) from within NDS7_RTC_PROCESS to run code only while in VBLANK..

Since then, I know you can let the assembler build all this by itself. I did it by hand, might get "fixed" if there's enough interest..

Also you need the GBA Patcher (which is a .NDS binary file using libnds), which injects this to actual GBA file..
 

MichiS97

"Leftist snowflake milennial"
OP
Member
Joined
Jun 14, 2011
Messages
1,813
Trophies
2
Age
26
Location
Munich
XP
3,571
Country
Germany
well I did something like that a year ago... Veeery experimental IRQ hook:

it was for trying to use RTC in GBA Mode (NDS7), and while it succeded, reads returned open (0xffffffff) from RTC Ports. So it wasn't possible.

http://pastebin.com/43KEJTSS

NDS7_RTC_PROCESS:
is the hook process. I guess there you could rewrite the timer value there. Also this will cause this code to jump to IRQ Handler whenever an IRQ Exception occurs.
I guess you could examine (IF & IE & IRQ_VBLANK) from within NDS7_RTC_PROCESS to run code only while in VBLANK..

Since then, I know you can let the assembler build all this by itself. I did it by hand, might get "fixed" if there's enough interest..

Also you need the GBA Patcher (which is a .NDS binary file using libnds), which injects this to actual GBA file..
Well I don't really want to rewrite the timer value. I'd like to nop the instruction that makes the timer go down (no problem until here) and then make the timer go down by pressing L. Basically, I'd need to change the value at a specific offset in the ROM to 0x3801 to 0x460C everytime L is pressed. If L is let go the value would need to be changed back to 0x3801
 

FAST6191

Techromancer
Editorial Team
Joined
Nov 21, 2005
Messages
36,798
Trophies
3
XP
28,284
Country
United Kingdom
Button activators should be possible with GBAATM. I should say you can usually convert CBA to AR codes and vice versa, though ROM codes might pose a problem and in most tools you will want the decrypted versions (CBAcrypt and ARcrypt).

Anyway various ways of hooking code to write a value and check buttons. Usual method for this sort of thing is find the vblank routine (happens 60 times a second and usually has a few spare cycles, is also one of the main interrupts that a debugger will be able to hook into and thus should be fairly easy to find) and add it in there. I will say though that most games do not read the register (as in hardware register, not CPU register) values for the controls and instead use a debounced set (usually one of the first things the vblank routine will pull from the register and stick it in normal memory, that way you don't get one part of the cycle think a button is pressed and a later read does not and strange things start happening). You are not going to be able to do the ROM as it is read only, on the DS you can as the binary is loaded into normal memory but most of the time on the GBA the binary stays in the ROM. All this said if you have a ROM code it should not be too hard to go back from there and figure out what it deals with and thus find something to sort the RAM. By all means learn this, it is very useful to know, but if you are also wanting to learn ASM in more depth then figure out what it does -- if you are sitting there playing with the usual higher/lower cheat finding setups then yeah it is a pain but you have the proverbial keys to the kingdom here.

I assume you have a copy of http://problemkaputt.de/gbatek.htm and http://www.coranac.com/tonc/text/asm.htm is also good reading, to round out the list for any others reasing I might as well stick up http://doc.kodewerx.org/hacking_gba.html . Also it is for the DS but https://web.archive.org/web/20101212094427/http://crackerscrap.com/docs/dshooking.html has some good info.
 
  • Like
Reactions: MichiS97

Coto

-
Member
Joined
Jun 4, 2010
Messages
2,979
Trophies
2
XP
2,564
Country
Chile
Well I don't really want to rewrite the timer value. I'd like to nop the instruction that makes the timer go down (no problem until here) and then make the timer go down by pressing L. Basically, I'd need to change the value at a specific offset in the ROM to 0x3801 to 0x460C everytime L is pressed. If L is let go the value would need to be changed back to 0x3801

You can't "update the ROM" while running from whatever media maps to GBA ROM map. What you could do there my friend, is to find the source value (ROM, static), edit and update (in RAM) so when L is pressed it's written to IO map.
 
  • Like
Reactions: MichiS97

MichiS97

"Leftist snowflake milennial"
OP
Member
Joined
Jun 14, 2011
Messages
1,813
Trophies
2
Age
26
Location
Munich
XP
3,571
Country
Germany
You can't "update the ROM" while running from whatever media maps to GBA ROM map. What you could do there my friend, is to find the source value (ROM, static), edit and update (in RAM) so when L is pressed it's written to IO map.
Thanks to both of you guys, I'll try my best and maybe return to this thread for any follow-up questions that are definitely going to arise :D
 
  • Like
Reactions: Coto

Site & Scene News

Popular threads in this forum

General chit-chat
Help Users
    Psionic Roshambo @ Psionic Roshambo: "Impossible he memorized every book on the planet..." +1