Ramblings of a Madman

I published a few more codes on smashboards.

http://www.smashboards.com/showthread.php?t=268148

But today I want to focus on a function: 0×8007923C

This function is run to decide between a stages music slots.

Known Registers:

r0: Sometmes its set to 0×00010000 after the routine is run once. When it is, modifying r4 = CRASH or no effect
r4: The stage to look for music from – 0×00 = battlefield, 0×1=FD,0×2A = menu, 0×4 = mushroomy kingdom

What this means:

I can possibly modify PW’s stage expansion code so you can link a extra stage to an existing stages music.

I needed to take a step back, or rather, a step forward.

The goal in this is to be able to view the PSA data that is inside these files. I know its there, but I dont know how to parse the file. So, lets take a step forward and work backwards! Starting on Sandbag.

Now, Sandbag has many animations. In PSA, every subaction is linked to an animation. Heres how the flags of each subaction are stored.

Size 0x8
0x0 - Flags
0x4 - Offset to animation name string.

For educational purposes, I shorted the flags part, but heres the idea. We locate a animation string inside  the file, then try to find this offset by searching for the offset of the string. So, heres what I did.

1. Found the string “CaptureCut” at offset 0×1574 in Sandbags file.
2. Searched for 0×1574 inside the file
3. —-WTF, no results!

Now, if you’re following this, it may seem like I ran into a wall. However, these 3 steps won’t work on a raw PSA file either. The offsets in files are often relative to the end of the header. Theres two ways to solve this.

1. Add 0×20 everytime you want to jump to an offset
2. Delete the header from the file and use the offsets directly.

So, after doing this, the string is now at 0×1554. Lets do the steps again!

1. Found the string “CaptureCut” at offset 0×1554 in Sandbags file.
2. Searched for 0×1554 inside the file
3. One result found.

Now, let me say a few things about this result that makes it interesting.  First off, I decided to use the SECOND string for a reason. If the results are correct, the result should be the second subaction, meaning that there should be another subaction entry on either side of it. Heres a color coded picture showing what I mean.

In this picture, you can see that the 0×1554 is the second entry in a pattern that goes…

4bytes of something, then a string offset, repeat. Sound familiar? These are the raw subaction flags.

Now, we know where the beginning of the subaction flags are. In a PSA file, we would programmically find this position by jumping from…an offset somewhere else. Now that we know the place, we just gotta find what references the beginning of the flags. Lets search again!

1. Found the beginning of the Subaction Flags at at offset 0×1790 in Sandbags file.
2. Searched for 0×1790 inside the file(0×20 bytes of the header is gone from earlier still)
3. One result found.

0×1BF8 is where this result is. At this point I had to stop and think. Where am I in relation to the header now?
Interestingly enough, 0×1BF8 is just 0×58 bytes from Header[1](0×1c50)

So, I did this whole process on another file…and ended up with the EXACT same result, ending up 0×58 bytes before Header[1] when manually finding the offset to the Subaction Flags.

Lets compare those  0×58 bytes in groups of 0×2C

First 0x2C:
SubFlags
00000C8C 00000008 00000CCC 00000008 00000000 00000E0C 00000E04 00000D4C 00000D6C 00000D8C 00000DB4 ItmSmartBomb
00001790 00000026 000018C0 0000000C 00000000 00001BB8 00001BB0 00001980 00001A18 00001AB0 00001B50 ItmSandbag
Second 0x2C:
00000DF4 00000000 00000000 00000000 00000000 00000001 00000000 00000E2C 00000000 00000E30 00000001 ItmSmartBomb
00001BA0 00001BD8 00000000 00001BE4 00000000 00000000 00000000 00001BEC 00000000 00001BF0 00000001 ItmSandbag

So yeah. Pretty good for just under two hours of work(Most of which was spent typing)

Hour one: Dump the data, decode the header

To be able to edit items, we first need to know where to look. All of the items are stored in common3. pac, under a section called ItmCommonParam.
Each child node of ItmCommonParam is for an item, and each one contains one MiscData file that contains the data. Well, lets get to work!

Read the rest of this entry »

So, I have started looking at the main .dol in IDA, to understand more about how Brawl works.

Thus begins a series of posts where I publish my weekly findings. Todays search target?
What triggers music changes!

First off, I found the function that runs for every song change. Its a asm routine at 0×80073DB0. The value in register r4 matches the song ID of the song that is about to play before this routine is called. I have yet to figure out the other params, and if this routine can be called in the middle of gameplay.

This routine is called from serveral other routines.

So far I have ID’d:

Result Screen Character Theme – Dynamic around 0×800E6BF0
Result Screen Theme – Harcoded around 0×800EB158
Menu Music – Dynamic Through Random 0×80078E5C
Music Test – Dynamic 0×811842CC
My Music – Dynamic 0×8117F084
CSS ->RemenuMusic – 0×80078E5C

0×8007923C  seems to be the RANDOM function used to decide between musics. It has hardcoded stuff that I GUESS activates the multisong thing on Obstacle Course.(Obstacle Course is two songs, that switch depending on season. It has hardcoded stuff for song ID 0×2756 (ATHLETIC2 (Unused))

Here is a disassembly of that function.I think I am done for today, but if I do anything else today, ill be sure to post.

So, I haven’t posted on here in a while.
I have been doing lots of Brawl Hacking stuff.

Most noteably is my first ASM ‘engine’, the Alternate Stage loader. It is a beast of a code that allows for you to replace each stage with multiple replacements. These can range from different textures, to different stages all together (SSE stage injections for example). The code allows for people to choose between stages by two methods. They can set up a set of stages/textures to be loaded randomly, and set up button activators to load certain stages at will.

I am proud of myself for learning PPC ASM and making this code. However, just as I worked the bugs out, Phantom Wings released a update to spunits old SSS code that fixed the problems that existed with it, and added in the ability to load new stages from the SSS without replacing others.I got pwnt. But thats cool, his code is better for loading up new stages, but it doesn’t do random loading of alternate textures, which mine can do no problem. They can even be used together!

So, now I have to ask myself, what is there left to do? What do I want to accomplish next? I am still part of the Brawl+ back room, so theres plenty to be done there. Theres some codes that I personally want to make that are easily doable.

1. Per character victory themes
   Each character has a victory theme that plays when they win. But most characters from the same series share the same music. (For example, Mario, Luigi, Bowser, and Peach ALL share the same victory theme. Metaknight, however, has his own theme.) I want to make a code that loads a different brstm for each character, allowing for characters to have their own winning theme.
2. Auto-save replays.
   At a big tournament, its sometimes hard to get people to save replays.

Other than that, I want to start playing vBrawl/Brawl+ more, and helping run tournaments and stuff. I also want to take a break from hacking to work on a gamedev project over the holidays. Blah, blah, dumb rant.