Technical Cheat Code Type Document © Kenobi
Original version by kenobi, modified for http://www.usbgecko.com by Nuke.
Table of contents (please go to the Introduction first!)
All numbers are in hexadecimal. If you don't know hexadecimal, make a search on Google, learn some things about it, and come back.
The Wii has different memory region, yet only 2 seems
to be used by games (and by cheat codes):
MEM1: It goes from 0x80000000
to 0x81800000
MEM2: It goes from 0x90000000
to 0x94000000
However, the top of MEM2 is not accessible (trying to
read/write from it crashes the Wii). That might depends
of the game, but it seems that you can only access freely
the 0x90000000 to 0x93800000 area.
ba : Base Address. Set at 0x80000000 each time the code handler is executed. Each time the ba is added to a code address, the code handler do : address = address + (ba & 0xFE000000). You can modify it, however if you do, don't forget to reset it to its original value after.
po : Pointer. Set at 0x80000000 each time the code handler is executed. Each time the po is added to a code address, the code handler do : address = address + po. You can modify it at will.
grN : "Gecko Register N". It's not a real register, like r0 or r1. It's a 32-bits value, for which the Gecko has reserved a place in memory. N can range from 0x0 to 0xF. You can store/load anything in it, however be careful that other codes could overwrite your value. Don't expect it to be the same each time the code handler is executed. If you want to store a value that must not change, try to use a "real" address ouside of the code handler, or use the 46/4E code types along with a goto code type. Note that grN are stored before the gecko/code handler. That mean they should always be accessible at a static address : 0x80001804. [0x80001804]=gr0, [0x80001808]=gr1,...,[0x80001840]=grF. That way you can access them directly, when inserting an asm routine for example.
bN : "Block N". A block is made of two 32bits value. They are used to store information for the repeat/return/goto/gosub codes. b0 data is stored at 0x80001844, b1 data at 0x8000184C...
CT : Code Type. Range from 0 to 7. It's the 3 first bits of the first number of a code. Because of this, you'll notice that in the codes all the CT are actually multiplied by 2 : CT1 : 2..., CT2 : 4... CT3 : 6...,..., CT7 : E... . The fourth bit is used to tell the code handler to use the pointer instead of the base address. That means that you'll know if the base address is used by looking at the first number of a code. If it's even it's the base address, if it's odd it's the pointer.
CST : Code Sub Type. It's the 3 first bits of the second number of a code. Because of this, you'll notice that in the codes all the CST are actually multiplied by 2 : CST1 : 2..., CST2 : 4... CST3 : 6...,..., CST7 : E... . The fourth bit is actually a part of the address (____).
____ : It's the address that will be used in some code. It ranges from 0x00000000 to 0x01FFFFFF. The "____" actually means the address is not complete. A part of it is also in the numbers that are surround the "____". For example, above 0x00FFFFFF, the address will modify the "look" of the sub code type, making it an odd number.
[] : For example [XXXXXXXX]. The brackets design XXXXXXXX as a ram location, not a value. So [XXXXXXXX] means "the data stored at XXXXXXXX". And whatever happens, the value inside the brackets must actually be a valid address, else the wii will crash.
+= : For example pa += XXXXXXXX. Means pa = pa + XXXXXXXX.
For the conditional (If...) codes, all the comparison
are unsigned. It means the number range from 0x00000000
up to 0xFFFFFFFF. However, games might use signed numbers.
For example your X coodinates might go in-game from
1 to 0 to -1. in hex, that means from 0x00000001 to
0x00000000 to 0xFFFFFFFF. So, as the code handler uses
unsigned numbers, in such case you must first look for
a "lower than" value (from 0x00000001 to 0x00000000),
but then for a "greater than".
You'll find the complete list of the codes types, as much detailled as possible.To help newcomers understand codes types, I've separated the ones using the ba and the ones using the po, when needed.
Some note about making codes first, and especially
about using pointers : Before writing to an address
you loaded from the ram, make sure that address is valid.
The code handler does not check the address range, and
will blindly write (and crash the wii) if the address
is wrong. It seems that, on the Wii, the ram is heavily
used/filled, and a place used to store an address can
be used to store data later on. That means checking
if the address is 00000000 might not
always work.
So, before writing to an address you loaded from RAM, you must ensure it is valid. That can be done with CE/DE If... codes types.
Some examples:
For MEM1 :
CE000000 80008180 : checks that ba is in the [80000000,81800000[
range.
DE000000 80008180 : checks that po is in the [80000000,81800000[ range.
For MEM2 :
CE000000 90009380 : checks that ba is in the [90000000,93800000[
range.
DE000000 90009380 : checks that po is in the [90000000,93800000[ range.
And if you want to check if the ba/po is either in
MEM1 or in MEM2:
CE000000 80008180 : checks that ba is in the [80000000,81800000[
range.
66000001 00000000 : skip next line if the code execution
status is set to true.
CE000001 90009380 : endif, then checks if ba is in the
[90000000,93800000[.
DE000000 80008180 : checks that po is in the [80000000,81800000[.
66000001 00000000 : skip next line if the code execution
status is set to true.
DE000001 90009380 : endif, then checks that po is in
[90000000,93800000[.
That means you first load the data you want, and then
you check with one (or
several) of these CE/DE codes if it's actually an address.
Also, even if pointers might be heavily used by some games, it might sometime be impossible to find a stable pointer. For example, in Super Mario Galaxy, each character has its own data, and all the data is moving around, impossible to reach. In these special cases, you might have no other choices than use some ASM hacks. Still in SMG, each character has his own AI routines. By finding the routines of the character you want, and by hooking it, you gain access to its pointer (usualy stored in the Wii registers). You can then either write the pointer to a known, fixed location, and use it with other codes to modify the character data. Or write an asm routine that will do all the work.
So keep in mind that pointers might be dangerous. They have always been (people thinking they found a valid pointer, which turned to work only for themselves), but it might be worse on the Wii.
Be sure to test all your codes relying on pointers a lot, that means change level, change character, even try it with a new save. If it stops working (when it should continue to, even if no side effects are visible), or crash the game at some point, don't use it anymore (and try to find a new one, or asm hack the game). Just don't post codes that have not been heavily verified/tested.
00______ YYYY00XX : 8bits ram write and fill (ba) writes XX YYYY+1 times at ba+address
10______ YYYY00XX : 8bits ram write and fill (po) writes XX YYYY+1 times at po+address
02______ YYYYXXXX : 16bits ram write and fill (ba) writes XXXX YYYY+1 times at ba+address
12______ YYYYXXXX : 16bits ram write and fill (po) writes XXXX YYYY+1 times at po+address
04______ XXXXXXXX : 32bits ram write (ba) writes XXXXXXXX at ba+address
14______ XXXXXXXX : 32bits ram write (po) writes XXXXXXXX at po+address
06______ YYYYYYYY : Patch code (ba) d1d2d3d4 d5d6d7d8... writes d1d2d3d4 d5d6d7d8... at ba+address. YYYYYYYY is the number of bytes to write
16______ XXXXXXXX : Patch code (po) d1d2d3d4 d5d6d7d8... writes d1d2d3d4 d5d6d7d8... at po+address. YYYYYYYY is the number of bytes to write
CST4: Serial Code
08______ 000000XX : 8bits serial code (ba) 0NNNZZZZ
VVVVVVVV Writes NNN+1 bytes (XX) at ba+address, then
makes XX+=VVVVVVVV, address+=ZZZZ
18______ 000000XX : 8 bits serial code (po) 0NNNZZZZ VVVVVVVV Writes NNN+1 bytes (XX) at po+address, then makes XX+=VVVVVVVV, address+=ZZZZ
08______ 0000XXXX : 16bits serial code (ba) 1NNNZZZZ VVVVVVVV Writes NNN+1 halfwords (XXXX) at ba+address, then makes XXXX+=VVVVVVVV, address+=ZZZZ
18______ 0000XXXX : 16bits serial code (po) 1NNNZZZZ VVVVVVVV Writes NNN+1 halfwords (XXXX) at po+address, then makes XXXX+=VVVVVVVV, address+=ZZZZ
08______ XXXXXXXX : 32bits serial code (ba) 2NNNZZZZ VVVVVVVV Writes NNN+1 words (XXXXXXXX) at ba+address, then makes XXXX+=VVVVVVVV, address+=ZZZZ
18______ XXXXXXXX : 32bits serial code (po) 2NNNZZZZ VVVVVVVV Writes NNN+1 words (XXXXXXXX) at po+address, then makes XXXX+=VVVVVVVV, address+=ZZZZ
CT1 Regular If codes (16/32 bits)
CST0 : 32bits (endif, then) If equal
20______ YYYYYYYY : 32bits If equal (ba) Compares if
32bits at [ba+address]==YYYYYYYY.
If yes, codes are executed (else code execution set
to false).
30______ YYYYYYYY : 32bits If equal (po) Compares if
32bits at [po+address]==YYYYYYYY.
If yes, codes are executed (else code execution set
to false).
20_____1 YYYYYYYY : Endif, then 32bits If equal (ba) Makes one endif, then compares if 32bits at [ba+address]==YYYYYYYY. If yes, codes are executed (else code execution set to false).
30_____1 YYYYYYYY : Endif, then 32bits If equal (po)
Makes one endif, then compares if 32bits at [po+address]==YYYYYYYY.
If yes, codes are executed (else code execution set
to false).
CST1 : 32bits (endif, then) If not equal
22______ YYYYYYYY : 32bits If not equal (ba) Compares if 32bits at [ba+address]!=YYYYYYYY. If yes, codes are executed (else code execution set to false).
32______ YYYYYYYY : 32bits If not equal (po) Compares if 32bits at [po+address]!=YYYYYYYY. If yes, codes are executed (else code execution set to false).
22_____1 YYYYYYYY : Endif, then 32bits If not equal (ba) Makes one endif, then compares if 32bits at [ba+address]!=YYYYYYYY. If yes, codes are executed (else code execution set to false).
32_____1 YYYYYYYY : Endif, then 32bits If not equal
(po) Makes one endif, then compares if 32bits at [po+address]!=YYYYYYYY.
If yes, codes are executed (else code execution set
to false).
CST2 : 32bits (endif, then) If greater
24______ YYYYYYYY : 32bits If greater (ba) (signed) Compares if 32bits at ba+address]>YYYYYYYY. If yes, codes are executed (else code execution set to false).
34______ YYYYYYYY : 32bits If greater (po) (signed) Compares if 32bits at po+address]>YYYYYYYY. If yes, codes are executed (else code execution set to false).
24_____1 YYYYYYYY : Endif, then 32bits If greater (ba) (signed) Makes one endif, then compares if 32bits at [ba+address]>YYYYYYYY. If yes, codes are executed (else code execution set to false).
34_____1 YYYYYYYY : Endif, then 32bits If greater (po)
(signed) Makes one endif, then compares if 32bits at
[po+address]>YYYYYYYY. If yes, codes are executed
(else code execution set to false).
CST3 : 32bits (endif, then) If lower
26______ YYYYYYYY : 32bits If lower (ba) (signed) Compares
if 32bits at [ba+address]<YYYYYYYY.
If yes, codes are executed (else code execution set
to false).
36______ YYYYYYYY : 32bits If lower (ba) (signed) Compares
if 32bits at [po+address]<YYYYYYYY.
If yes, codes are executed (else code execution set
to false).
26_____1 YYYYYYYY : Endif, then 32bits If lower (ba) (signed) Makes one endif, then compares if 32bits at [ba+address]<YYYYYYYY. If yes, codes are executed (else code execution set to false).
36_____1 YYYYYYYY : Endif, then 32bits If lower (ba)
(signed) Makes one endif, then compares if 32bits at
[po+address]<YYYYYYYY. If yes, codes are executed
(else code execution set to false).
CST4 : 16bits (endif, then) If equal
28______ ZZZZYYYY : 16bits If equal (ba) 16bits compares
if ([ba+address] and not(ZZZZ))==YYYY.
If yes, codes are executed (else code execution set
to false).
38______ ZZZZYYYY : 16bits If equal (po) 16bits compares
if ([po+address] and not(ZZZZ))==YYYY.
If yes, codes are executed (else code execution set
to false).
28_____1 ZZZZYYYY : Endif, then 16bits If equal (ba) Makes one endif, then 16bits compares if ([ba+address] and not(ZZZZ))==YYYY. If yes, codes are executed (else code execution set to false).
38_____1 ZZZZYYYY : Endif, then 16bits If equal (po)
Makes one endif, then 16bits compares if ([po+address]
and not(ZZZZ))==YYYY. If yes, codes are executed (else
code execution set to false).
CST5 : 16bits (endif, then) If not equal
2A______ ZZZZYYYY : 16bits If not equal (ba) 16bits compares if ([ba+address] and not(ZZZZ))!=YYYY. If yes, codes are executed (else code execution set to false).
3A______ ZZZZYYYY : 16bits If not equal (po) 16bits compares if ([po+address] and not(ZZZZ))!=YYYY. If yes, codes are executed (else code execution set to false).
2A_____1 ZZZZYYYY : Endif, then 16bits If not equal (ba) Makes one endif, then 16bits compares if ([ba+address] and not(ZZZZ))!=YYYY. If yes, codes are executed (else code execution set to false).
3A_____1 ZZZZYYYY : Endif, then 16bits If not equal
(po) Makes one endif, then 16bits compares if ([po+address]
and not(ZZZZ))!=YYYY. If yes, codes are executed (else
code execution set to false).
CST6 : 16bits (endif, then) If greater
2C______ ZZZZYYYY : 16bits If greater (ba) 16bits compares if ([ba+address] and not(ZZZZ))>YYYY. If yes, codes are executed (else code execution set to false).
3C______ ZZZZYYYY : 16bits If greater (po) 16bits compares if ([po+address] and not(ZZZZ))>YYYY. If yes, codes are executed (else code execution set to false).
2C_____1 ZZZZYYYY : Endif, then 16bits If greater (ba) Makes one endif, then 16bits compares if ([ba+address] and not(ZZZZ))>YYYY. If yes, codes are executed (else code execution set to false).
3C_____1 ZZZZYYYY : Endif, then 16bits If greater (po)
Makes one endif, then 16bits compares if ([po+address]
and not(ZZZZ))>YYYY. If yes, codes are executed (else
code execution set to false).
CST7 : 16bits (endif, then) If lower
2E______ ZZZZYYYY : 16bits If lower (ba) 16bits compares
if ([ba+address] and not(ZZZZ))<YYYY.
If yes, codes are executed (else code execution set
to false).
3E______ ZZZZYYYY : 16bits If lower (po) 16bits compares
if ([po+address] and not(ZZZZ))<YYYY.
If yes, codes are executed (else code execution set
to false).
2E_____1 ZZZZYYYY : Endif, then 16bits If lower (ba) Makes one endif, then 16bits compares if ([ba+address] and not(ZZZZ))<YYYY. If yes, codes are executed (else code execution set to false).
3E_____1 ZZZZYYYY : Endif, then 16bits If lower (po) Makes one endif, then 16bits compares if ([po+address] and not(ZZZZ))<YYYY. If yes, codes are executed (else code execution set to false).
CT2 Base Address/Pointer Operations
40TYZ00N XXXXXXXX :
40000 : ba = [XXXXXXXX
]40010 : ba = [ba+XXXXXXXX]
50010 : ba = [po+XXXXXXXX]
40001 : ba = [grN+XXXXXXXX]
40011 : ba = [ba+grN+XXXXXXXX]
50011 : ba = [po+grN+XXXXXXXX]
40100 : ba += [XXXXXXXX]
40110 : ba += [ba+XXXXXXXX]
50110 : ba += [po+XXXXXXXX]
40101 : ba += [grN+XXXXXXXX]
40111 : ba += [ba+grN+XXXXXXXX]
50111 : ba += [po+grN+XXXXXXXX]
CST1 : Set Base Address to
42TYZ00N XXXXXXXX
42000 : ba = XXXXXXXX
42010 : ba = ba+XXXXXXXX
52010 : ba = po+XXXXXXXX
42001 : ba = grN+XXXXXXXX
42011 : ba = ba+grN+XXXXXXXX
52011 : ba = po+grN+XXXXXXXX
42100 : ba += XXXXXXXX
42110 : ba += ba+XXXXXXXX
52110 : ba += po+XXXXXXXX
42101 : ba += grN+XXXXXXXX
42111 : ba += ba+grN+XXXXXXXX
52111 : ba += po+grN+XXXXXXXX
CST2 : Save Base Address to
440YZ00N XXXXXXXX
44000 : [XXXXXXXX]=ba
44010 : [XXXXXXXX+ba]=ba
54010 : [XXXXXXXX+po]=ba
44001 : [XXXXXXXX+grN]=ba
44011 : [XXXXXXXX+ba+grN]=ba
54011 : [XXXXXXXX+po+grN]=ba
CST3 : Put next line of code location into the
Base Address
4600XXXX 00000000 = ba will hold the address at which
the next line of code is stored + XXXX (XXXX is a signed
16bits value : 0xFFFF=-1).
46000000 00000000 = ba points to next code's first 32bits.
46000004 00000000 = ba points to next code's second
32bits.
CST4 : Load into Pointer
48TYZ00N XXXXXXXX :
48000 : po = [XXXXXXXX]
48010 : po = [ba+XXXXXXXX]
58010 : po = [po+XXXXXXXX]
48001 : po = [grN+XXXXXXXX]
48011 : po = [ba+grN+XXXXXXXX]
58011 : po = [po+grN+XXXXXXXX]
48100 : po += [XXXXXXXX]
48110 : po += [ba+XXXXXXXX]
58110 : po += [po+XXXXXXXX]
48101 : po += [grN+XXXXXXXX]
48111 : po += [ba+grN+XXXXXXXX]
58111 : po += [po+grN+XXXXXXXX]
CST5 : Set Pointer to
4ATYZ00N XXXXXXXX :
4A000 : po = XXXXXXXX
4A010 : po = ba+XXXXXXXX
5A010 : po = po+XXXXXXXX
4A001 : po = grN+XXXXXXXX
4A011 : po = ba+grN+XXXXXXXX
5A011 : po = po+grN+XXXXXXXX
4A100 : po += XXXXXXXX
4A110 : po += ba+XXXXXXXX
5A110 : po += po+XXXXXXXX
4A101 : po += grN+XXXXXXXX
4A111 : po += ba+grN+XXXXXXXX
5A111 : po += po+grN+XXXXXXXX
4C0YZ00N XXXXXXXX
4C000 : [XXXXXXXX]=po
4C010 : [XXXXXXXX+ba]=po
5C010 : [XXXXXXXX+po]=po
44001 : [XXXXXXXX+grN]=po
44011 : [XXXXXXXX+ba+grN]=po
54011 : [XXXXXXXX+po+grN]=po
CST7 : Put grN's location into the Pointer
4E000000 XXXXXXXX = po will hold the address at which
the next line of code is stored
+ XXXX (XXXX is a signed 16bits value : 0xFFFF=-1).
4E000000 00000000 = po points to next code's first 32bits.
4E000004 00000000 = po points to next code's second
32bits.
6000NNNN 0000000P = set repeat Store next code address
and NNNN (number of times to repeat) in bP (block P).
CST1 : Execute Repeat
62000000 0000000P = execute repeat If NNNN stored in bP is >0, it is decreased and the code handler jumps to the next code addres stored in bP.
64000000 0000000P = return if true If the code execution
status is true, the code handler jumps to
the next code address stored in bP (NNNN is not touched).
64100000 0000000P = return if false If the code execution
status is false, the code handler jumps to
the next code address stored in bP (NNNN is not touched).
64200000 0000000P = return The code handler jumps to
the next code address stored in bP
(NNNN is not touched), whatever the code execution status
is.
CST3 : Goto
6600XXXX 00000000 = goto if true If the code execution
status is true, the code handler jumps
to (next line of code + XXXX lines). XXXX is signed.
6610XXXX 00000000 = goto if false If the code execution
status is falsethe code handler jumps
to (next line of code + XXXX lines). XXXX is signed.
6620XXXX 00000000 = goto The code handler jumps to
(next line of code + XXXX lines).
XXXX is signed.
CST4 : Gosub
6800XXXX 0000000P = gosub if true If the code execution
status is true, the code handler stores the
next code address in bP, then it jumps to (next line
of code + XXXX lines). XXXX is signed.
6810XXXX 0000000P = gosub if false If the code execution status is false, the code handler stores the next code address in bP, then it jumps to (next line of code + XXXX lines). XXXX is signed.
6820XXXX 0000000P = gosub The code handler stores the
next code address in bP, then it jumps to
(next line of code + XXXX lines). XXXX is signed.
80SY000N XXXXXXXX :
8000 : grN = XXXXXXXX
8001 : grN = XXXXXXXX+ba
9001 : grN = XXXXXXXX+po
8010 : grN += XXXXXXXX
8011 : grN += XXXXXXXX+ba
9011 : grN += XXXXXXXX+po
CST1 : Load into Gecko Register
82UY000N XXXXXXXX :
8200 : grN = 8bits at [XXXXXXXX]
8201 : grN = 8bits at [XXXXXXXX+ba]
9201 : grN = 8bits at [XXXXXXXX+po]
8210 : grN = 16bits at [XXXXXXXX]
8211 : grN = 16bits at [XXXXXXXX+ba]
9211 : grN = 16bits at [XXXXXXXX+po]
8220 : grN = 32bits at [XXXXXXXX]
8221 : grN = 32bits at [XXXXXXXX+ba]
9221 : grN = 32bits at [XXXXXXXX+po]
CST2 : Save Gecko Register to
84UYZZZN XXXXXXXX:
8400 : writes the 8bits in grN ZZZ times+1 at [XXXXXXXX]
8401 : writes the 8bits in grN ZZZ times+1 at [XXXXXXXX+ba]
9401 : writes the 8bits in grN ZZZ times+1 at [XXXXXXXX+po]
8410 : writes the 16bits in grN ZZZ times+1 at [XXXXXXXX]
8411 : writes the 16bits in grN ZZZ times+1 at [XXXXXXXX+ba]
9411 : writes the 16bits in grN ZZZ times+1 at [XXXXXXXX+po]
8420 : writes the 32bits in grN ZZZ times+1 at [XXXXXXXX]
8421 : writes the 32bits in grN ZZZ times+1 at [XXXXXXXX+ba]
9421 : writes the 32bits in grN ZZZ times+1 at [XXXXXXXX+po]
CST3 : Gecko Register / Direct Value operations
86TY000N XXXXXXXX: Direct value operations
86T0 : grN = (grN ? XXXXXXXX)
86T1 : grN = ([grN] ? XXXXXXXX)
86T2 : grN = (grN ? [XXXXXXXX])
86T3 : grN = ([grN] ? [XXXXXXXX])
? = T :
0 : add (+)
1 : mul (*)
2 : or (|)
3 : and (&)
4 : xor (^)
5 : slw (<<)
6 : srw (>>)
7 : rol (rotate left)
8 : asr (arithmetic shift right)
A : fadds (single float add)
B : fmuls (single float mul)
CST4 : Gecko Registers operations
88TY000N 0000000M : Gecko Register operations
88T0 : grN = (grN ? grM)
88T1 : grN = ([grN] ? grM)
88T2 : grN = (grN ? [grM])
88T3 : grN = ([grN] ? [grM])
? = T :
0 : add (+)
1 : mul (*)
2 : or (|)
3 : and (&)
4 : xor (^)
5 : slw (<<)
6 : srw (>>)
7 : rol (rotate left)
8 : asr (arithmetic shift right)
A : fadds (single float add)
B : fmuls (single float mul)
CST5 : Memory Copy 1
8AYYYYNM XXXXXXXX
copy YYYY bytes from [rN] to [rM]+XXXXXXXX
8AYYYYNF XXXXXXXX
copy YYYY bytes from [rN] to ba+XXXXXXXX
9AYYYYNF XXXXXXXX
copy YYYY bytes from [rN] to po+XXXXXXXX
CST6 : Memory Copy 2
8CYYYYNM XXXXXXXX
copy YYYY bytes from [rN]+XXXXXXXX to [rM]
8CYYYYFM XXXXXXXX
copy YYYY bytes from ba+XXXXXXXX to [rM]
9CYYYYFM XXXXXXXX
copy YYYY bytes from po+XXXXXXXX to [rM]
CT5: Special If codes (16bits)
CT5 Part1 : Unknown values comparison
Note: For the Part1 codes, if N or
M = 0xF, then [address+ba/po] will be used
instead of grF
CST0 : 16bits (endif, then) If equal
A0______ NM00YYYY : 16bits If equal 16bits compares if ([grN] and not(YYYY))==([grM] and not(YYYY)). If yes, codes are executed (else code execution set to false).
A0_____1 NM00YYYY : Endif, then 16bits If equal Makes
one endif, then 16bits compares if ([grN] and not(YYYY))!=([grM]
and not(YYYY)). If yes, codes are executed (else code
execution set to false).
CST1 : 16bits (endif, then) If not equal
A2______ NM00YYYY : 16bits If not equal 16bits compares if ([grN] and not(YYYY))!=([grM] and not(YYYY)). If yes, codes are executed (else code execution set to false).
A2_____1 NM00YYYY : Endif, then 16bits If not equal
Makes one endif, then 16bits compares if ([grN] and
not(YYYY))==([grM] and not(YYYY)). If yes, codes are
executed (else code execution set to false).
CST2 : 16bits (endif, then) If greater
A4______ NM00YYYY : 16bits If greater 16bits compares if ([grN] and not(YYYY))>([grM] and not(YYYY)). If yes, codes are executed (else code execution set to false).
A4_____1 NM00YYYY : Endif, then 16bits If greater Makes
one endif, then 16bits compares if ([grN] and not(YYYY))>([grM]
and not(YYYY)). If yes, codes are executed (else code
execution set to false).
CST3 : 16bits (endif, then) If lower
A6______ NM00YYYY : 16bits If lower 16bits compares if ([grN] and not(YYYY))<([grM] and not(YYYY)). If yes, codes are executed (else code execution set to false).
A6_____1 NM00YYYY : Endif, then 16bits If lower Makes one endif, then 16bits compares if ([grN] and not(YYYY))<([grM] and not(YYYY)). If yes, codes are executed (else code execution set to false).
CT5 Part2 : 16bits Counter check
Note: Each time an If counter code
is encountered, the code handler does
the following:
- It Applies the endif if the counter code has one.
- After it checks the current execution status. If it's
set to true, the counter is increased by one. If it's
set to false, the counter is reset to 0.
- Finaly it executes the If counter like a normal If
code !!!
Also, if the first part of the code ends with 8 (ie.
without endif) or 9 (with endif) , instead of 0 or 1,
the counter will be reset when the If... counter becomes
true !!!
The counter is stored in XXXX
CST4 : 16bits (endif, then) If counter value
equal
A80XXXX0 ZZZZYYYY : 16bits If equal 16bits compares if (XXXX and not(ZZZZ))==YYYY. If yes, codes are executed (else code execution set to false).
A80XXXX1 NM00YYYY : Endif, then 16bits If equal Makes
one endif, then 16bits compares if (XXXX and not(ZZZZ))==YYYY.
If yes, codes are executed (else code execution set
to false).
CST5 : 16bits (endif, then) If counter value
not equal
AA0XXXX0 NM00YYYY : 16bits If not equal 16bits compares if (XXXX and not(ZZZZ))!=YYYY. If yes, codes are executed (else code execution set to false).
AA0XXXX1 NM00YYYY : Endif, then 16bits If not equal
Makes one endif, then 116bits compares if (XXXX and
not(ZZZZ))!=YYYY. If yes, codes are executed (else code
execution set to false).
CST6 : 16bits (endif, then) If counter value
greater
AC0XXXX0 NM00YYYY : 16bits If greater 16bits compares if (XXXX and not(ZZZZ))>YYYY. If yes, codes are executed (else code execution set to false).
AC0XXXX1 NM00YYYY : Endif, then 16bits If greater Makes
one endif, then 16bits compares if (XXXX and not(ZZZZ))>YYYY.
If yes, codes are executed (else code execution set
to false).
CST7 : 16bits (endif, then) If counter value
lower
AE0XXXX0 NM00YYYY : 16bits If lower 16bits compares if (XXXX and not(ZZZZ))<YYYY. If yes, codes are executed (else code execution set to false).
AE0XXXX1 NM00YYYY : Endif, then 16bits If lower Makes one endif, then 16bits compares if (XXXX and not(ZZZZ))<YYYY. If yes, codes are executed (else code execution set to false).
CT6 ASM Codes, On/Off switch and Address Range Check
CST0 : Execute following ASM Code
C0000000 NNNNNNNN : execute ZZZZZZZZ
ZZZZZZZZ ZZZZZZZZ
ZZZZZZZZ ZZZZZZZZ
4E800020 00000000
It executes the NNNNNNNN lines of instruction placed
under the code. The instructions MUST end with a blr
(0x4E800020).
CST1 : Insert ASM code in the game
C2XXXXXX NNNNNNNN = insert instructions at XXXXXXXX+ba
ZZZZZZZZ ZZZZZZZZ
ZZZZZZZZ ZZZZZZZZ
60000000 00000000
This code will replace the instruction at ba+XXXXXXXX
with a branch that will point to ZZZZZZZZ. The replaced
is not saved, the code creator must then put it in his
code manualy (if needed).
Also, the instruction MUST end with ONE 00000000, because
the code handler will add a "b (ba+XXXXXX)"
instruction there. If your asm code fills all the line,
add a 60000000 00000000 under it
(and count this line in NNNNNNNN).
D2XXXXXX NNNNNNNN = insert instructions at XXXXXXXX+po
ZZZZZZZZ ZZZZZZZZ
ZZZZZZZZ ZZZZZZZZ
ZZZZZZZZ 00000000
This code will replace the instruction at po+XXXXXXXX
with a branch that will point to ZZZZZZZZ. The replaced
is not saved, the code creator must then put it in his
code manualy (if needed). Also, the instruction MUST
end with 00000000, because the code handler will add
a "b (po+XXXXXX)" nstruction there. If your
asm code fills all the line, add a 60000000 00000000
under it (and count this line in NNNNNNNN).
CST3 : Create a branch
C6XXXXXX YYYYYYYY : branch from XXXXXX+ba to YYYYYYYY It writes, at XXXXXXXX+ba, a "b YYYYYYYY" instruction.
D6XXXXXX YYYYYYYY : branch from XXXXXX+po to YYYYYYYY
It writes, at XXXXXXXX+po, a "b YYYYYYYY"
instruction.
CST6 : On/Off switch
CC000000 00000000 = on/off switch
This code will only work correctly if an If... code
is placed before it. Each time the code execution status
goes from true to false to true, and the switch code
is reached, the "switch" is moved. The switch
moves from on<->off, and set the code execution
accordingly to its state. The value of the switch is
stored inside the code. It is NOT an If... code. It
only changes the current code executions status.
CST7 : Address range check (If... code)
CE000000 XXXXYYYY = check if ba is in [0xXXXX0000;0xYYYY0000[
CE000001 XXXXYYYY = endif, then check if ba is in [0xXXXX0000;0xYYYY0000[
DE000000 XXXXYYYY = check if po is in [0xXXXX0000;0xYYYY0000[
DE000001 XXXXYYYY = endif, then check if po is in [0xXXXX0000;0xYYYY0000[
If XXXX>=YYYY, then the code will always set the code execution to false.
CT7 End of codes, Endif (Else)
E0000000 XXXXYYYY : full terminator
It clears the code execution status.
If XXXX<>0, ba = 0xXXXX0000
If YYYY<>0, po = 0xYYYY0000
CST1 : Endif (+else)
E20000VV XXXXYYYY = endifs
Applies VV endifs.
If XXXX<>0, ba = 0xXXXX0000
If YYYY<>0, po = 0xYYYY0000
E21000VV XXXXYYYY = endifs + else
Applies VV endifs, and inverse the code execution status
(="else").
If XXXX<>0, ba = 0xXXXX0000
If YYYY<>0, po = 0xYYYY0000
CST7 : End of Code
F0000000 00000000 = end of code handler It tells the code handler that there are no more codes in the code list. The code handler exits.