Let's learn assembly

[Ripple]

disclaimer: I do not have any real experience with making assembly codes for melee, this thread is for people to learn how to make codes or for people to suggest how of find certain things they want to make or even to help others cut down on clunky codes.

If you want to learn from the very beginning then you'll need to watch I.E.'s starter tutorial on searching for things in dolphin memory and then editing that line of code. The video is about 3 hours but no time is really wasted and I suggest watching the entire thing.

you can view it here: http://www.twitch.tv/internetexplorer6/c/1814114
new link: https://www.youtube.com/watch?v=IOyQhK2OCs0&list=PL6GfYYW69Pa2L8ZuT5lGrJoC8wOWvbIQv

once you have watched that you can start messing around with character offsets and other values that have been documented here https://docs.google.com/spreadsheet...DhsTVNhMkdIX1lMSFR0RTA2a1E&usp=sharing#gid=12


as I (and hopefully others) become more experienced with assembly I will update this thread so things are much easier to understand and find

 

[Cyjorg]

I agree with Hylian88, you'll definitely want to watch the whole thing and then take a look at these.

http://wiibrew.org/wiki/Assembler_Tutorial
http://geckocodes.org/index.php?arsenal=1

 

[CeLL]

Perhaps the guides for converting gecko codes to DOL mods should also be linked here, C2XXXXXX Code Guide and 04XXXXXX Code Guide?

 

[SinsOfApathy]

@ Dan Salvato linked this to me on Twitch, and it's probably been the most useful tool thus far.

http://www-01.ibm.com/support/knowledgecenter/ssw_aix_53/com.ibm.aix.aixassem/doc/alangref/rlwinm.htm#iw480ken

Likewise, wParam's notes are like the Book of Shadows in Melee spellcraft. http://wparam.com/ssbm/notes.html

As an aside, I think http://opensecuritytraining.info/ is useful, since frankly Intel ASM is a bit easier to understand and more applicable. It was recommended by my Reverse Engineering professor.

Likewise, my Microprocessors professor has a site with public video lectures on PIC24 assembly, which is definitely helpful in learning ASM overall. https://sites.google.com/site/ece3724/Home The first slides are especially useful, since they go over binary and hex, which might be foreign to some people.

 

[Achilles1515]

@ Dan Salvato linked this to me on Twitch, and it's probably been the most useful tool thus far.

http://www-01.ibm.com/support/knowledgecenter/ssw_aix_53/com.ibm.aix.aixassem/doc/alangref/rlwinm.htm#iw480ken

Likewise, wParam's notes are like the Book of Shadows in Melee spellcraft. http://wparam.com/ssbm/notes.html

As an aside, I think http://opensecuritytraining.info/ is useful, since frankly Intel ASM is a bit easier to understand and more applicable. It was recommended by my Reverse Engineering professor.

Likewise, my Microprocessors professor has a site with public video lectures on PIC24 assembly, which is definitely helpful in learning ASM overall. https://sites.google.com/site/ece3724/Home The first slides are especially useful, since they go over binary and hex, which might be foreign to some people.

You take a class dedicated to reverse engineering....holy ****, my dream...

Since I have found a passion for coding, I do question whether or not I should have majored in CSE rather than ME. But I think it will all work out in the long run. I still love machines and also I love to code. I just need to combine the two and then I'll be able to create something amazing.

Decimal to/from 32-Bit Floating Point Converter
32-Bit Floating Point to 64-bit Floating Point Converter - useful for making sense of values in floating point registers, except you can't go from 64-bit to 32-bit (the reverse conversion) with this specific calculator.
ASCII to Hex

I really plan on doing a lot of code documentation and guides/examples for everyone after the next 20XX release. My goal is to teach everyone in this forum how to code assembly and how to reverse engineer Melee. Having the power to modify the best game in existence is such a fantasic feeling.

 

[Dan Salvato]

@ Ripple Do you mind collecting these informational links into the OP?
I'll add one. Here's a link to the all-important ASMWiird, which is used to convert ASM to C2 Gecko codes and vice versa:
https://code.google.com/p/geckowii/downloads/detail?name=Gecko dNet 0.66.8.zip&can=1&q=

 

[DRGN]

Ahh, we have needed this thread. Great stuff, you guys.


Also, you guys are doing CSE & ME? You guys are awesome. I'm doing EE, and I also love machines and coding. Currently working at Intel doing PC stuff, but I'd actually really like to get into robotics eventually, since it's such a nice amalgam of robotics/electronics/programming.

I love that I'm finding such talented folk here, casually working on Melee!

 

[SinsOfApathy]

Ahh, we have needed this thread. Great stuff, you guys.


Also, you guys are doing CSE & ME? You guys are awesome. I'm doing EE, and I also love machines and coding. Currently working at Intel doing PC stuff, but I'd actually really like to get into robotics eventually, since it's such a nice amalgam of robotics/electronics/programming.

I love that I'm finding such talented folks here, casually working on Melee!

Yup, I'm a CSE major with a focus in Artificial Intelligence, since a lot of my prior work includes things like bots & scripts for online games. I'm actually not much of a fan of the hardware-side, though knowing how to wire up something like the GC3DS or making a GC controller with an microcontroller is always kind of cool.

It's part of why one of my major projects that I've started documentating information on, and scrapped an old code base for, is a Melee bot that uses the entirety of visual and memory-based information to fight.

You take a class dedicated to reverse engineering....holy ****, my dream...

It's required for NSA qualifications, which my school tries to keep. The class itself is malware reverse engineering though, and is probably considered the hardest class on campus.

It's interesting though, since my professor has access to things like the Sony malware. By the end of the semester, you've picked a piece of malware from a collection, documented it, written IDA plugins for it, and then have to give a presentation to faculty, staff, and outside parties on the piece of malware as well as your custom tools.

 

[Ampers]

I'm very interested in seeing where this thread goes. I've been wanting to learn more about assembly for quite some now. Keep it up!

 

[DRGN]

Yup, I'm a CSE major with a focus in Artificial Intelligence, since a lot of my prior work includes things like bots & scripts for online games. I'm actually not much of a fan of the hardware-side, though knowing how to wire up something like the GC3DS or making a GC controller with an microcontroller is always kind of cool.

The class itself is malware reverse engineering though, and is probably considered the hardest class on campus.

It's interesting though, since my professor has access to things like the Sony malware. By the end of the semester, you've picked a piece of malware from a collection, documented it, written IDA plugins for it, and then have to give a presentation to faculty, staff, and outside parties on the piece of malware as well as your custom tools

Oh, very cool.

It's part of why one of my major projects that I've started documentating information on, and scrapped an old code base for, is a Melee bot that uses the entirety of visual and memory-based information to fight.

Ha, amazing! An old friend and I talked at length about doing this a few years ago. He ended up moving away though, and we both moved to other projects. But I've always thought it was a really interesting idea with interesting challenges. Though I don't have any background in AI.

 

[SinsOfApathy]

Ha, amazing! An old friend and I talked at length about doing this a few years ago. He ended up moving away though, and we both moved to other projects. But I've always thought it was a really interesting idea with interesting challenges. Though I don't have any background in AI.

Honestly, a very basic system wouldn't be all that hard. But I'd like to get a write-up of hitbox data made, so that I can parse that. I'd prefer something more complicated than, "If oppenent state == " kind of thing, and more along the lines of:

if(opponent->state() == e_State.SpecialForward && opponent->getDeltaFrames() > hitboxWait()){
   //do reaction
}

Where I'm using an SQLite db of the opponent's hurtbox data and the character I'm using's wavedash movement data.

It's pretty much mapped out in my head how I plan to do it, but it's just a matter of sitting down to actually write it. Plus I need to stick with a single version of Dolphin, so I can have stable pointer data. Otherwise, I could be a complete masochist and use a Wii or GC method similar to GCNRD for viewing system memory and wire up a GC controller emulator using an Arduino. (Fat chance of any of that lol)

 

[DRGN]

Honestly, a very basic system wouldn't be all that hard. But I'd like to get a write-up of hitbox data made, so that I can parse that. I'd prefer something more complicated than, "If oppenent state == " kind of thing, and more along the lines of:

if(opponent->state() == e_State.SpecialForward && opponent->getDeltaFrames() > hitboxWait()){
   //do reaction
}

Where I'm using an SQLite db of the opponent's hurtbox data and the character I'm using's wavedash movement data.

It's pretty much mapped out in my head how I plan to do it, but it's just a matter of sitting down to actually write it. Plus I need to stick with a single version of Dolphin, so I can have stable pointer data. Otherwise, I could be a complete masochist and use a Wii or GC method similar to GCNRD for viewing system memory and wire up a GC controller emulator using an Arduino. (Fat chance of any of that lol)

What did you mean by the 'visual' portion of information that it would use? I don't know if it's the same as what I'm thinking. My friend and I originally talked about splitting and processing the video signal from the console and using that as input to the AI. He was into video recognition at the time and I was playing with some other video processing scripting around that time. I'm still not really sure if we were bold or just crazy (fantasizing maybe? lol). Anyway, we'd then have a controller emulator (using probably an Arduino or Propeller) to output back to the console. Of course the cool advantage of that would be that you could take it to a tournament and easily connect it to any unmodified console. Of course even that is kinda moot now, since you could just get a powerful computer for Dolphin.

As for the data. I also need a database like that for a current project. I already have a set of data files for each character that contains all of their moves and a few movement options, as well as a parser that reads them and builds a JSON object out of it. So you can easily access specifics via 'frameData[character][move][moveAttribute]', e.g. "frameData.Bowser.jab1.Duration". I'm not sure how an SQL database would differ beyond the way information is called. Anyway, it's still incomplete. What datapoints are you looking for for each move? For one thing, I'd imagine you'd want a 'range' of some kind, though I'm not sure how we would even determine/collect information like that.

I don't want to hijack this thread though. If you want to keep talking about this, maybe we should continue in a new thread/PM?

 

[Quillion]

There was an info dump about character data and what each line of code does that I saw.

Where is that, again?

 

[DRGN]

To get back to the topic, I wanted to point out that while the IBM Knowledge Center (linked to by SinsOfApathy) is a great resource for figuring out how to use instructions, not all of those are included in the GC/Wii's instruction set (at least I'm pretty sure; I've tried to use some before that didn't seem to work). To find what's supported, you should be able to cross-reference with the instruction set shown in the YAGCD. I've thought for a while it'd be nice to start with YAGCD's list, organize them by their uses, and write a syntax/example and description for each. So we'd have just one convenient table to go to.

There was an info dump about character data and what each line of code does that I saw.

Where is that, again?

I happen to have some resources open, but aren't sure what you mean. Each line of what code? Do you mean one of these?: SSBM RAM Addresses (v1.02), Character Attributes, achilles' mapped-out player block variables

 

[Cyjorg]

I meant to post this a bit back but the comment syntax for ASMWiiRD is a "#." Comment your codes when you post them!

 

[Achilles1515]

Can someone explain to me why

addi r0,r0,1

is automatically changed to

li r0,1

It bugs the absolute crap out of me. Are there specific limitations on the instruction set for r0?
@ Dan Salvato @standardtoaster

 

[SinsOfApathy]

Can someone explain to me why

addi r0,r0,1

is automatically changed to

li r0,1

It bugs the absolute crap out of me. Are there specific limitations on the instruction set for r0?
@ Dan Salvato @standardtoaster

Because li is a mnemonic. If you're putting 1 into r0 with addi, li just does the same thing.

http://www-01.ibm.com/support/knowl...oc/alangref/fixed_point_load.htm#xlmqh1f0jeff

 

[Achilles1515]

Because li is a mnemonic. If you're putting 1 into r0 with addi, li just does the same thing.

http://www-01.ibm.com/support/knowledgecenter/ssw_aix_53/com.ibm.aix.aixassem/doc/alangref/fixed_point_load.htm#xlmqh1f0jeff

How do I immediately add 1 to register 0 and store that result into register 0?

 

[SinsOfApathy]

How do I add immediately add 1 to register 0 and store that result into register 0?

I'm used to instruction sets having inc rD for rD + 1 scenarios. AFAIK PPC doesn't have that.

Is the debugger actually showing the instruction changed to that, or is it your conversion tool? Only thing I could suggest is loading into another register otherwise.

 

[Dan Salvato]

Achilles is correct. I believe r0 has a couple limitations but I don't know the exact details.

 

[Cyjorg]

How do I immediately add 1 to register 0 and store that result into register 0?

Can't you just do this? (r20 is arbitrary)

li r20, 1
add r0, r20, r0

 

[Achilles1515]

Can't you just do this? (r20 is arbitrary)

li r20, 1
add r0, r20, r0

Yeah. But that's not what I was looking for. I think it's just not possible based on the format of the hex syntax.

 

[Magus420]

addi rD,rA,SIMM

Using r0 as rA on addi (and some other instructions) uses a value of 0 in its place instead of the contents of r0. addi r0,r0,1 is changed to li r0,1 because that's what li r0,1 actually is: 0+1 into r0.

http://pds.twi.tudelft.nl/vakken/in1200/labcourse/instruction-set/

The instructions you can't use r0 for rA have "(rA|0)" in their datasheet describing their operation.

 

[Decipio-Carmen]

In the Intro to Wii Game Modding video, at around 1:50:04, Dan switches the breakpoint from memory address 8045310c to 8045310e, saying that we're technically looking at that address. I don't really understand what he meant. Can anyone explain it to me?

I'm also confused as to why when you open up melee and look at the memory in dolphin debug mode, an address 0x00000000 shows the same thing when you change the most significant hex value to 8 (0x80000000). But it seems that using memory addresses 0x8XXXXXXX as breakpoints work while using addresses with 0x0XXXXXXX don't work.

 

[SinsOfApathy]

In the Intro to Wii Game Modding video, at around 1:50:04, Dan switches the breakpoint from memory address 8045310c to 8045310e, saying that we're technically looking at that address. I don't really understand what he meant. Can anyone explain it to me?

I'm also confused as to why when you open up melee and look at the memory in dolphin debug mode, an address 0x00000000 shows the same thing when you change the most significant hex value to 8 (0x80000000). But it seems that using memory addresses 0x8XXXXXXX as breakpoints work while using addresses with 0x0XXXXXXX don't work.

8045310C is a byte (2 hex values, like 00), while 8045310E is a byte located on the same line, but further away from the left. The reason it didn't stop when Dan set the breakpoint to 8045310C is because the byte actually changed is 8045310E. This is because each line of memory is aligned to 4 bytes, since the Gamecube/Wii has 32-bit memory addresses and instructions. If he'd set it to be the range 8045310C to 8045310E (or 8045310F to encapsulate the whole line), it would've worked.

Additionally, the reason Dolphin shows the same values at 0x0XXXXXXX is because that is the physical address region. The Dolphin CPU itself executes and reads from the 0x8XXXXXXX because that is the logical address. Not really an easy topic to explain, since it requires knowledge of computer architecture. (Reminder, these consoles have an actual operating system in them!)

On the actual console hardware, there's also mirrors of RAM, because the bus masks off the bits for RAM access. Dolphin doesn't implement that, and some games like Rogue Squadron 2 improperly use it.

 

[Decipio-Carmen]

http://www.ds.ewi.tudelft.nl/vakken/in1006/instruction-set/b.html

omg I wasted a lot of time because I thought LI || 0b00 sign extended meant LI OR 0b00000...0, when in fact it means LI << 2 sign extended. How common is the notation to use || 0b00 for shift? I like have NEVER seen it.

 

[ssknight7]

Reversing is the only part of programming that is still fun for me. Everything else has been killed off by the dozens of different software engineering paradigms that render programming a soulless/passionless process.

<3 melee + reversing

 

[SinsOfApathy]

Reversing is the only part of programming that is still fun for me. Everything else has been killed off by the dozens of different software engineering paradigms that render programming a soulless/passionless process.

<3 melee + reversing

**** scrum, tests first, and all that other nonsense. Just program in a way that doesn't make it impossible for you to come back to your code later and know what's going on.

 

[zankyou]

Just program in a way that doesn't make it impossible for you to come back to your code later and know what's going on

Someone should have told me this when I first started. "I dont need notes, I know exactly what this machine code means."

 

[SinsOfApathy]

Someone should have told me this when I first started. "I dont need notes, I know exactly what this machine code means."

It's something I try to avoid at work with my code, since someone will be maintaining it after me.

With ASM, if I'm writing it or really deconstructing a function, I'll have a comment on every other line. I should probably post my IDA database at some point.

 

[anonamon]

is there any way anyone had salvaged dan's original twitch stream? it's been long since twitch removed, and coming from the new hackers thread, it's one main resource to learning assembly down.

 

[Punkline]

is there any way anyone had salvaged dan's original twitch stream? it's been long since twitch removed, and coming from the new hackers thread, it's one main resource to learning assembly down.

You talking about this?

 

[anonamon]

You talking about this?

ain't no man better than you, pal. i guess i'll delve into this and see if i can make anything out of it.