 |
|
Main
| FAQ
| Uploader
| IRC chat
| Radio
| Memberlist
| Active users
| Latest posts
| Calendar
| Stats
| Online users
| Search
| |||
| Views: 88,472,871 |
Main
| FAQ
| Uploader
| IRC chat
| Radio
| Memberlist
| Active users
| Latest posts
| Calendar
| Stats
| Online users
| Search
|
04-23-24 09:06 PM |
|
| Guest: Register | Login | |||
| 0 users currently in ROM Hacking | 2 guests |
| Main - ROM Hacking - RSP Segment Pointers | New thread | New reply |
| HyperHacker |
| ||
|
... Level: 73 Posts: 807/1220 EXP: 3366091 Next: 119777 Since: 03-25-07 From: no Last post: 6089 days Last view: 6072 days |
Anyone know how to find the N64's RSP segment pointers? A plain RAM search isn't finding them. |
| Cellar Dweller |
| ||
 Snifit Level: 39 Posts: 33/287 EXP: 385108 Next: 19663 Since: 02-19-07 From: Arkansas Last post: 4049 days Last view: 3217 days |
I found the segment table in SM64 by disassembling functions. I started with the location of the MIO0 uncompress function. I found the functions that called it, those functions called the function that sets segment table entries. At the time, I wasn't looking for the segment table in particular. This may not the best approach if the immediate goal is to find the segment table and a decent RAM search is available.
The format of the GBI command for setting the segment bases of the RSP is: BC [xx xx] [06] [yy yy yy yy] [xx xx] the segment number times 4 [yy yy yy yy] the physical address of the segment SM64 has a function that creates 16 of these commands at the start of each frame's root display list. I think MK64 might as well. You might want to start searching for the first half of the command. Then look around and see if it looks like a bunch of those commands in a row. Then search for the values in the second half of the commands to locate the game program's copy of the table. Note that the addresses could be KSEG0 or physical RAM addresses. |
| HyperHacker |
| ||
|
... Level: 73 Posts: 811/1220 EXP: 3366091 Next: 119777 Since: 03-25-07 From: no Last post: 6089 days Last view: 6072 days |
A decent RAM search is available (Renegade64 ftw), but I'm not getting any results. I'll look for those BC commands, thanks. Do you know if/why the 4th byte is always 06? |
| Cellar Dweller |
| ||
|
Snifit Level: 39 Posts: 34/287 EXP: 385108 Next: 19663 Since: 02-19-07 From: Arkansas Last post: 4049 days Last view: 3217 days |
The BC command (G_MOVEWORD) is a generic GBI command for setting various variables in the RSP's RAM (DMEM). The microcode has a table of pointers that point to those various variables. 6 happens to be the index of the pointer to the RSP's internal segment table. The 16 bits between the command and the index are an offset that is added to the table entry.
Details are in gbi.h . |
| Main - ROM Hacking - RSP Segment Pointers | New thread | New reply |
© 2005-2023 Acmlm, blackhole89, Xkeeper et al. |
|
MySQL - queries: 42, rows: 65/66, time: 0.015 seconds. |