Maybe. The codes work perfecty in noexs but not in sxos.
I'm not sure, I use SX only, the newest version too. (switch os = 10.0.4)
may be reboot and try once again.
If it still does not work, may be the XCI/NSP source is difference from mine.
As I know, this game use a hidden NRO file (not main.elf) to simulation the gcm/dol file.
So, all address are locate in BASE memory other than heap / main / stack etc.
Luckily, beside of the mapping table in NRO for all DOL functions,
there is another mapping data file hold all functions address of NRO, that I can found that in HEAP memory.
finally, I calculated the pointers manually.
===========================
Here is my works
1. find the cheat code of NGC/ISO in Dolphin Debug mode (it is easy since I can set break point on code or memory)
2. Find the corresponding function in NRO. (there is a data table of mapping addresses for all functions, at the last of the nro)
3. Make a Dump of memory. And search the target code by HEX workshop,
e.g. NRO FILE 00809AB4 change from
1F 20 03 D5 to
0B 69 21 B8
Search
1F 20 03 D5 2A 02 F8 37 3C 2D 00 91
with two result, 0x8E8D2C64 (fake) 及
0xC1644C64 (real)
4. I put the dump in my POINTER SEARCHER give out file position
0xC1644C64 = BASE + 74D662EAB4
then, I click << with ctrl, get the closest address that are pointed by other location
it is BASE+74D662DA60 and it is called from: [ HEAP + 861B82F0 (real) ] [ HEAP + 8CCF42D8 (fake)]
by calculation, I get 74D662EAB4 - 74D662DA60 = +
00001054 (this is the last offset in the cheat code)
5. Then I repeat the process 4 but fail.
So, I look on the memory sections (can be found in SXOS memory viewer)
The address
HEAP + 861B82F0 is location in
section #150: 6A8B6E5000 to 6A9A2F5000 (Size: 0EC10000),
HEAP + 7A0E5000 to HEAP + 88CF5000 (perm: Read & Write)
861B82F0 - 7A0E5000 = +
0C0D32F0 (this is the 2nd last offset)
6. Finally I can find how to locate HEAP+7A0E5000 by 2 or more dumps with POINTER SEARCHER
the result is [ MAIN + 001FA428 ] + 18
overall the equation becomes [[[ MAIN + 001FA428 ] + 18] +
0C0D32F0 ] +
00001054
I set it to B821690B (reverse order of the asm code)