The DOL mod topic

[FlamingForce]

I'm trying to get into the debug menu with AR codes but Dolphin either tells me the codes are bad or something or it just doesn't work..

EDIT: Nvm found it.

 

[Achilles1515]

Is the code working for you now?

Edit: and to answer your question, a modded ISO can have a variety of different MD5 hash codes. I have two different modded ones and they have different MD5's. Just depends on what you put on there.

 

[FlamingForce]

Yeah I got it all to work, thanks!

 

[moogle]

Normal C-Stick Functionality in Develop Mode [Updated]
1.02 ────── 0x067A70 ──── 800D9368 -> 38000000 ────
1.02 ────── 0x2CC84 ──── 38000008 -> 38000000 ────

I'm new to all of this. Is it possible to make an AR code or Gecko code out of this? As I understand, some of these DOL mods can be converted to AR codes, and some can't.

If it's not possible, is it possible to use this code without modifying the Melee ISO?

If that's not possible either, then this is what I would try:
1. Extract the ISO somehow (7zip won't work... what should I use?)
2. Replace the resultant DOL file with the DOL file found here: http://www.reddit.com/r/smashbros/c..._hitbox_visibility_code_on_smashbords/cfy99x1
3. Recompress all the Melee files back into an ISO.
4. Run that ISO in Dolphin.

Thanks for your help!

EDIT: I neglected to read the rest of the reddit post that I linked. GC-Tool seems to be the way to go for editing the DOL file inside the ISO. I guess my other questions still stand: can the codes be applied without modding the ISO?

the link I found: http://wiki.gbatemp.net/wiki/GC-Tool

 

[Achilles1515]

I posted the AR code in the "Gecko Codes..." thread.

http://smashboards.com/threads/melee-gecko-codes-guide-and-discussion.327311/page-15

Also, editing the DOL file is not as complicated as what you stated. All you need is the program GC-Tool and a hex editor.

1) Run GC-Tool and use it to open up your ISO
2) At the top menu of the program go to "Tools". You will see options for "Extract DOL" and "Replace DOL".
3) Extract DOL
4) Open DOL in hex editor and make changes
5) Repeat step 2 but choose "Replace DOL"
6) profit

 

[moogle]

Awesome... thank you, achilles!

 

[Sempai]

Did we get any farther on porting "make shield white during hit stun" to a DoL for 1.2??

I personally think that this along with lcancel that we did finish what help our skill improve tremendously

 

[Sempai]

Always skip the result screen + stock count = placement
-game skips the result screen after a match and changes
the amount of stocks taken to the placement of the player in the last match
[Sham Rock]
Version -- DOL Offset ------ Hex to Replace -------

1.00 ------ 0x19FFf4 ---- 3803FFFF -> 4BE6100C ----

@ 0x1420 onward

3803FFFF 2C000004
40820060 2C0B0020
41820058 3A400000
3E808047 62947D90
3EA0804D 62B545AF
8E1400A8 8A340001
2C10004E 4080000C
9E350001 4800000C
3A310001 9E350001
3A520001 2C120004
41A0FFD8 3A000000
3A200000 3A800000
3AA00000 38000000
60000000 4819EF8C

1.02 ------ 0x1a0d3c ---- 3803ffff -> 4BE602C4 ----

@ 0x1420 onward

3803FFFF 2C000004
40820060 2C0B0020
41820058 3A400000
3E808047 62949D58
3EA0804D 62B5672F
8E1400A8 8A340001
2C10004E 4080000C
9E350001 4800000C
3A310001 9E350001
3A520001 2C120004
41A0FFD8 3A000000
3A200000 3A800000
3AA00000 38000000
60000000 4819FCD4

PAL ------- 0x1A18C0 ---- 3803FFFF -> 4BE5F740 ----

@ 0x1420 onward

3803FFFF 2C000004
40820060 2C0B0020
41820058 3A400000
3E808046 6294AB60
3EA0804C 62B579EF
8E1400A8 8A340001
2C10004E 4080000C
9E350001 4800000C
3A310001 9E350001
3A520001 2C120004
41A0FFD8 3A000000
3A200000 3A800000
3AA00000 38000000
60000000 481A0858




Don´t know if that is what you´ve meant Kou, but this is something i´ve made for my smash crew the other day.

Edit: There´s a small glitch in this code that only appears when using it on a console (NOT dolphin). For the first match, only player 1s placement will be shown in the stock count, but after the second rep everythings acting the way it should. I have NO IDEA why that only happens on console at the moment. I´m going to test this one further tomorrow.

2nd edit: Registers don´t get set to 0 when you boot up the console -.-
Fixed that, everything works now right from the beginning.

3rd edit: will no longer affect the debug menu

I have 1.02 and 0x1a0d3c works fine but all the others are 00 00 00 00 (1420 onward) is this ok?

Or am I in the wrong place? Or is this space empty and ok to be written on?

 

[Achilles1515]

I have 1.02 and 0x1a0d3c works fine but all the others are 00 00 00 00 (1420 onward) is this ok?

Or am I in the wrong place? Or is this space empty and ok to be written on?

That's the right place. The logic behind it is that first hex modification tells the game to branch to 0x1420 and execute the code there. And then the end of the code you insert in that location will instruct it to branch back to where it was.

 

[SuperUltraDX]

I'm trying to make a 1.02 DOL mod for Achilles' 20XX training codes, along with some other codes. I started learning about all this stuff yesterday, and have managed to get some older basic codes to work (Default Tournament Settings, Boot to Character Select Screen, the two C-stick codes, and Debug Mode). These were easy because they're all simple 32-bit write codes. I now want to tackle codes that use Insert ASM (C2 prefix).

These look like code caves to me, but I'm having trouble understanding how they work. Where does the code jump to? How is the jump offset determined? What the hell does this mean "If your asm code fills all the line, add a 60000000 00000000 under it (and count this line in NNNNNNNN)". ASM code fills all the line? All of what lines? I also don't understand what the role of NNNNNNNN is (some kind of line count?). Can code caves be used in the free space inside a DOL? Is there free space in the DOL?

I want to know if it's possible to use such codes in a DOL mod. Here's the mod I'm trying to make:

Spoiler

Completed (working)
Attempted (not working)
Not yet started

• Unlock All Characters and Stages (1.02) [Datel]
• Unlock All 293 Trophies (1.02) [Datel] (assumed to have same issue as the other one)
• Default Tournament Settings (1.02) [Magus, et all]
• Boot to Character Select Screen (1.02) [InternetExplorer]
• C-Stick in 1Player Modes (1.02) [Zauron]
• Normal C-Stick Functionality in Develop Mode (1.02) [Magus, Achilles]
• Debug Menu Replaces Tournament Mode (1.02) [Magus, donny2112]
• Turn White During Shield Stun (1.02) [InternetExplorer]
• Flash on Successful L-Cancel (1.02) [InternetExplorer]
• Skip Result Screen & Normal KO Counter (1.02) [Sham Rock, Achilles]
• D-Pad Up Starts vs. Match (1.02) [Achilles]
• Stock Dependency Revival Platform Colors (1.02) [Achilles]
• D-Pad Right (P1 Only) Toggles Fixed Camera (1.02) [InternetExplorer, Achilles]
• D-Pad Left (P1 Only) Triggers Infinite Shield (All Players) (1.02) [Achilles]
• D-Pad Down (P1 only) Toggles Bomb Rain, All Players Invinc, 2x Shield Deplete (1.02) [Achilles]
• L+D-Pad Left (P1 Only) Triggers P2 CPU to Hold Shield (1.02) [Achilles]
• L+D-Pad Up (P1 Only) Triggers P2 CPU to Hold Shield + Jump/Grab (if applicable) (1.02) [Achilles]
• L+D-Pad Right (P1 only) Triggers All CPUs to Shoot Projectiles and Guard Edge (1.02) [Achilles]
• L+D-Pad Down (P1 only) Triggers All Players Stamina Mode, 999% Hp (1.02) [Achilles]
• R+D-Pad Right Toggles Overlayed Yellow Collision Bubbles, Player Port Specific (1.02) [Achilles]
• R+D-Pad Up Toggles Yellow Collision Bubbles, Player Port Specific (1.02) [Achilles]
• Mushroom Kingdom is Pokemon Stadium - No Transformations (1.02) [Achilles]

 

[Achilles1515]

I'm trying to make a 1.02 DOL mod for Achilles' 20XX training codes, along with some other codes. I started learning about all this stuff yesterday, and have managed to get some older basic codes to work (Default Tournament Settings, Boot to Character Select Screen, the two C-stick codes, and Debug Mode). These were easy because they're all simple 32-bit write codes. I now want to tackle codes that use Insert ASM (C2 prefix).

These look like code caves to me, but I'm having trouble understanding how they work. Where does the code jump to? How is the jump offset determined? What the hell does this mean "If your asm code fills all the line, add a 60000000 00000000 under it (and count this line in NNNNNNNN)". ASM code fills all the line? All of what lines? I also don't understand what the role of NNNNNNNN is (some kind of line count?). Can code caves be used in the free space inside a DOL? Is there free space in the DOL?

I want to know if it's possible to use such codes in a DOL mod. Here's the mod I'm trying to make:

Spoiler

Completed (working)
Attempted (not working)
Not yet started

• Unlock All Characters and Stages (1.02) [Datel]
• Unlock All 293 Trophies (1.02) [Datel] (assumed to have same issue as the other one)
• Default Tournament Settings (1.02) [Magus, et all]
• Boot to Character Select Screen (1.02) [InternetExplorer]
• C-Stick in 1Player Modes (1.02) [Zauron]
• Normal C-Stick Functionality in Develop Mode (1.02) [Magus, Achilles]
• Debug Menu Replaces Tournament Mode (1.02) [Magus, donny2112]
• Turn White During Shield Stun (1.02) [InternetExplorer]
• Flash on Successful L-Cancel (1.02) [InternetExplorer]
• Skip Result Screen & Normal KO Counter (1.02) [Sham Rock, Achilles]
• D-Pad Up Starts vs. Match (1.02) [Achilles]
• Stock Dependency Revival Platform Colors (1.02) [Achilles]
• D-Pad Right (P1 Only) Toggles Fixed Camera (1.02) [InternetExplorer, Achilles]
• D-Pad Left (P1 Only) Triggers Infinite Shield (All Players) (1.02) [Achilles]
• D-Pad Down (P1 only) Toggles Bomb Rain, All Players Invinc, 2x Shield Deplete (1.02) [Achilles]
• L+D-Pad Left (P1 Only) Triggers P2 CPU to Hold Shield (1.02) [Achilles]
• L+D-Pad Up (P1 Only) Triggers P2 CPU to Hold Shield + Jump/Grab (if applicable) (1.02) [Achilles]
• L+D-Pad Right (P1 only) Triggers All CPUs to Shoot Projectiles and Guard Edge (1.02) [Achilles]
• L+D-Pad Down (P1 only) Triggers All Players Stamina Mode, 999% Hp (1.02) [Achilles]
• R+D-Pad Right Toggles Overlayed Yellow Collision Bubbles, Player Port Specific (1.02) [Achilles]
• R+D-Pad Up Toggles Yellow Collision Bubbles, Player Port Specific (1.02) [Achilles]
• Mushroom Kingdom is Pokemon Stadium - No Transformations (1.02) [Achilles]

I would talk to either Sham Rock or Geuse about putting ASM codes into the DOL, as they've both done it before (at least I know Sham Rock has).

And as for adding my codes to the DOL, I believe you would need to first make them into ASM codes. They all use IF statements to activate lines of code and I don't think this would be just a simple DOL mod because it's equivalent to adding new lines of code to the game (which the Gecko codehandler just runs separately for you). I really don't know a whole lot about ASM though. Maybe those guys can point you in a better direction.

 

[SuperUltraDX]

I see. Well I'm certainly willing to try to come up with an ASM solution. I've done some amateur x86 ASM hacks for an old Star Wars game (shameless plug in case anyone is a JO fan ). I'm much more comfortable and familiar with x86. However, if I can find a good instruction set reference for the PPC processor the GC uses, it shouldn't be too hard to pick up.

 

[Sham Rock]

Yeah, what achilles said (btw, love what you have done so far so quickly achilles). his codes aren´t directly injectable cause they normaly don´t even inject.
If you´re able to translate them to actual asm codes you can inject them all as far as there is space on the disc left.

As soon as i´ve finished my next code im gonna write a little tutorial for beginners to inject custom code into the .dol .
Might take a few days though, have to fight with "pointer at pointer at pointer......"-logic at the moment

 

[SuperUltraDX]

It looks like there's not enough free space for all of these hacks. Can the size of the DOL be increased?

 

[TerryJ]

It looks like there's not enough free space for all of these hacks. Can the size of the DOL be increased?

I was thinking about this a few days ago and since we can recompile the ISO with GC-Rebuilder I don't see why it wouldn't be possible. You'd probably have to get rid of something to make space though like replacing the intro video with a smaller one like Falcon's and then adding a bunch of 0's to the end of the .dol file.

I really don't know if that will work but it's just a guess.

 

[Sham Rock]

Change rumble settings from CSS + visual representation
-dpad up/down turns rumble for your slot on/off
slots with rumble on will have a white background color, slots without grey
http://imgur.com/Ds8mxZB
[Sham Rock]
Version -- DOL Offset ------ Hex to Replace -------

1.00 ------ 0x25e920 ---- 8803000E -> 4BDA29C0 ----

@ 0x1700 onward
8803000E 3DC08045
61CEA3B8 3DE08046
61EF9134 3A800000
860F000C 56110319
41820010 3A200001
9A2E0000 48000014
5611035B 4182000C
3A200000 9A2E0000
3A940001 39CE0001
2C140004 41A0FFCC
39CEFFFB 3E401919
62521900 3E00804C
2C140004 40820008
62100390 2C140005
40820008 621002FC
2C140006 40820008
621003FC 2C140007
40820008 62100368
2C140005 41810008
82100000 82100000
82100000 82100008
82100018 82100008
8210001C 82100004
82100008 8E2E0001
2C110001 40820010
3E20EEEE 6231EE00
4800000C 3E205555
62315500 92300000
92500004 3A940001
2C140008 41A0FF70
60000000 4825D550

1.02 ------ 0x25fc2c ---- 8803000E -> 4BDA16B4 ----

@ 0x1700 onward
8803000E 3DC08045
61CEC380 3DE08046
61EFB0FC 3A800000
860F000C 56110319
41820010 3A200001
9A2E0000 48000014
5611035B 4182000C
3A200000 9A2E0000
3A940001 39CE0001
2C140004 41A0FFCC
39CEFFFB 3E401919
62521900 3E00804C
2C140004 40820008
621024EC 2C140005
40820008 62102458
2C140006 40820008
62102558 2C140007
40820008 621024C4
2C140005 41810008
82100000 82100000
82100000 82100008
82100018 82100008
8210001C 82100004
82100008 8E2E0001
2C110001 40820010
3E20EEEE 6231EE00
4800000C 3E205555
62315500 92300000
92500004 3A940001
2C140008 41A0FF70
60000000 4825E85C

PAL ------- 0x2603d8 ---- 8803000E ->4BDA0F08 ----

@ 0x1700 onward
8803000E 3DC08044
61CED188 3DE08045
61EFBF04 3A800000
860F000C 56110319
41820010 3A200001
9A2E0000 48000014
5611035B 4182000C
3A200000 9A2E0000
3A940001 39CE0001
2C140004 41A0FFCC
39CEFFFB 3E401919
62521900 3E00804B
2C140004 40820008
6210354C 2C140005
40820008 621034B8
2C140006 40820008
621035B8 2C140007
40820008 62103524
82100000 82100000
82100000 82100008
82100018 82100008
8210001C 82100004
82100008 8E2E0001
2C110001 40820010
3E20EEEE 6231EE00
4800000C 3E205555
62315500 92300000
92500004 3A940001
2C140008 41A0FF78
60000000 4825F010

 

[DRGN]

Cool. Would the hex and offsets be the same for v1.01 as it is for 1.00?

 

[Goatlink]

Hey Sham Rock, the DOL mod for your Change rumble settings from CSS + visual representation code works, but it crashes the game when the language is set to japanese (at least on 1.0)

 

[Sham Rock]

yeah, it crashes when the language is set to japanese. didn´t test for that, sorry. Maybe I´m gonna fix that in the future

@ DRGN
NO, using the offsets and hex from 1.00 in a 1.01 version would NOT work

 

[SuperUltraDX]

Sham Rock, are you still planning on making a guide for injecting custom ASM into a DOL?

 

[Sham Rock]

There isn´t really much to say on that topic. If you can code normal ASM code, you can inject into a dol. Learned it in 5 minutes by looking at geuse´s work with the salty runback inject.
If I wrote something it would just be a long and elaborate explanation of how I do it personally rather than an actual guide, meaning you would have to know about ASM in general anyway.

 

[Kou]

Below is "Turn Yellow during shield stun (v1.00)" of dol mod.
Does anyone know this dol mod for v1.02? or could anyone port this to v1.02?
I know this of cheat code, but I need this of dol mod.

---

Turn Yellow during shield stun (v1.00)
0x1700 -
7F03C378 81C30070 2C0E00B5 40820038
3DC0C200 91C30518 91C3051C 91C30520
91C30524 39E00000 91E30528 91E3052C
91E30530 91E30534 91E30520 39E00091
99E30564 8001007C 48066F70

0x68294 -
8001007C -> 4BF9904C

 

[Achilles1515]

Okay, so today I learned how to integrate ASM codes into the DOL. This is good...

Question:
The location where we have been inserting these ASM DOL mods is towards the beginning of the DOL file - in between sections of other code.
It looks like 0x3A0 - 0x2190 has similar structure throughout those lines of code. Is ALL the "00" space (highlighted yellow, shoddily) in there "free space" for inserting DOL mods? Or does anyone know if some of this space gets written to at some point in the game.

 

[Sham Rock]

Apparently, this is more of an issue than i thought it should be........


How to inject ASM codes (C2xx xxxx) directly into the iso
(the way I do it)


Quick shoutout to Guese, I´ve learned how to do this by looking at his inject of the "Salty Runback" code

0.preperation:
you will need:

• a working ASM code for your version of smash
  
• an iso (preferably vanilla)
  
• a debug version of Dolphin that can execute memory break points
• some tool to extract/replace the dol (google "gc-rebuilder" or "gc-tool")
  
• a hex editor ( pretty much all work, I use HxD because that was already installed on my computer for work reasons)
• some basic knowledge about how ASM and dolphin work generally
• ASM <> WiiRd converter

0.1 quick recap (what are we actually trying to do?)
for this tutorial I am going to use the shortened code from achilles

Always Skip Results Screen & KO Stars Function Normally
(Gecko, 1.02) [Sham Rock, Achilles]
C21A415C 0000000E
3803FFFF 2C0B0020
41820064 2C000004
4082005C 3AC00000
3E608045 6273226F
3E40804D 6252672F
8E320001 8E930E84
7E31A214 8E930004
7E31A214 8E930004
7E31A214 8E930004
7E31A214 2C1100FF
41800008 3A2000FF
9A320000 3AD60001
2C160004 41A0FFC4
38000000 00000000

To reiterate IE´s beginners Tutorial, here´s in what it does in pictures:

normally (without the code)

http://imgur.com/MgQw6Gv

with the the code active

http://imgur.com/tSDKo5C

In a nutshell, this is what we have to "hard" code into the dol.

1.Finding free space in the dol
-Extract the dol, then load it up in your hex editor and look for some free space (a lot of 00´s)
In this case i took 0x1420 since it´s where the other "skip result screen" would be injected ( the one where your placement was shown in form of the stars) because you could only have one of those two active anyway.

http://imgur.com/GBAwLJp

-Insert the code and add a little something to make it easy to find it later on.
I add FEDCBA98 at the end since it´s normally not found in the game´s memory, ever, so I can find it easily with a single memory search.

http://imgur.com/8WTksL5

-Save and insert the dol into the iso

2.Checking if the memory space is safe to inject
-load up the iso in dolphin and search for FEDCBA98, it will only give you 1 result, from there you can find where you inserted the code into the game permanently

here you can see it @80004420

http://imgur.com/4zW0GvJ

-to check if it´s safe to use that space load up the develop version of dolphin and simply put 1 big memory-breakpoint for all the memory addresses we just modified (80004420 - 8000448c) and just play a bit. If the game never breaks, it never uses those memory addresses and it´s safe to use them.

3.Adding the branches to and from the code
-now that we know the memory is not used by the game, we can add 2 simple branches to and from the custom code

lazy method with ASM<>WiiRd converter that doesn´t require any thought:

branching backwards
b 0x (FFFF FFFF - (start memory address - end memory address) )+1
in this case
(FFFF FFFF - (801a415c - 80004420) )+ 1 = FFE602C4
--> enter "b 0xFFE602C4" into converter
--> 4BE602C4 assembler instruction that has to be inserted into the dol where the code would normally be injected

branching forward
b 0x end address - start address
801a4160 - 8000448c = 19FCD4
--> enter "b 0x19FCD4" into converter
--> 4819FCD4 assembler instruction that has to be inserted where we wrote "FEDCBA98"

3.1.Finding the injection point (801A415C) in the dol
Just like in the previous post I made on injection you can find it with a simple hex search by looking at the surrounding instructions

address code line hex instructions
801a415c subi r0, r3, 1 3803ffff
801a4160 stb r0, 0x0003 (r31) 981f0003
801a4164 li r0, 0 38000000
801a4168 stb r0, 0x0005 (r31) 981f0005

search for "3803ffff981f000338000000981f0005" in the dol
1 result @1A0D3C, meaning that´s the point the branch backwards has to be inserted

4. Testing
-insert everything now properly and give it a test run

@1A0D3C replace "3803ffff" with "4BE602C4" and replace "FEDCBA98" from the beginning with "4819FCD4"

works--> done

http://imgur.com/OFjbonf

Always skip the result screen + normal kill counters
-game skips the result screen after a match
[achilles]
Version -- DOL Offset ------ Hex to Replace -------

1.02 ------ 0x1A0D3C ---- 3803FFFF -> 4BE602C4 ----

@ 0x1420 onward

3803FFFF 2C0B0020
41820064 2C000004
4082005C 3AC00000
3E608045 6273226F
3E40804D 6252672F
8E320001 8E930E84
7E31A214 8E930004
7E31A214 8E930004
7E31A214 8E930004
7E31A214 2C1100FF
41800008 3A2000FF
9A320000 3AD60001
2C160004 41A0FFC4
38000000 4819FCD4


that´s pretty much all there is to it.

 

[Achilles1515]

Apparently, this is more of an issue than i thought it should be........


How to inject ASM codes (C2xx xxxx) directly into the iso
(the way I do it)


Quick shoutout to Guese, I´ve learned how to do this by looking at his inject of the "Salty Runback" code

0.preperation:
you will need:

• a working ASM code for your version of smash
  
• an iso (preferably vanilla)
  
• a debug version of Dolphin that can execute memory break points
• some tool to extract/replace the dol (google "gc-rebuilder" or "gc-tool")
  
• a hex editor ( pretty much all work, I use HxD because that was already installed on my computer for work reasons)
• some basic knowledge about how ASM and dolphin work generally
• ASM <> WiiRd converter

0.1 quick recap (what are we actually trying to do?)
for this tutorial I am going to use the shortened code from achilles

Always Skip Results Screen & KO Stars Function Normally
(Gecko, 1.02) [Sham Rock, Achilles]
C21A415C 0000000E
3803FFFF 2C0B0020
41820064 2C000004
4082005C 3AC00000
3E608045 6273226F
3E40804D 6252672F
8E320001 8E930E84
7E31A214 8E930004
7E31A214 8E930004
7E31A214 8E930004
7E31A214 2C1100FF
41800008 3A2000FF
9A320000 3AD60001
2C160004 41A0FFC4
38000000 00000000

To reiterate IE´s beginners Tutorial, here´s in what it does in pictures:

normally (without the code)

http://imgur.com/MgQw6Gv

with the the code active

http://imgur.com/tSDKo5C

In a nutshell, this is what we have to "hard" code into the dol.

1.Finding free space in the dol
-Extract the dol, then load it up in your hex editor and look for some free space (a lot of 00´s)
In this case i took 0x1420 since it´s where the other "skip result screen" would be injected ( the one where your placement was shown in form of the stars) because you could only have one of those two active anyway.

http://imgur.com/GBAwLJp

-Insert the code and add a little something to make it easy to find it later on.
I add FEDCBA98 at the end since it´s normally not found in the game´s memory, ever, so I can find it easily with a single memory search.

http://imgur.com/8WTksL5

-Save and insert the dol into the iso

2.Checking if the memory space is safe to inject
-load up the iso in dolphin and search for FEDCBA98, it will only give you 1 result, from there you can find where you inserted the code into the game permanently

here you can see it @80004420

http://imgur.com/4zW0GvJ

-to check if it´s safe to use that space load up the develop version of dolphin and simply put 1 big memory-breakpoint for all the memory addresses we just modified (80004420 - 8000448c) and just play a bit. If the game never breaks, it never uses those memory addresses and it´s safe to use them.

3.Adding the branches to and from the code
-now that we know the memory is not used by the game, we can add 2 simple branches to and from the custom code

lazy method with ASM<>WiiRd converter that doesn´t require any thought:

branching backwards
b 0x (FFFF FFFF - (end memory address - start memory address) )+1
in this case
(FFFF FFFF - (801a415c - 80004420) )+ 1 = FFE602C4
--> enter "b 0xFFE602C4" into converter
--> 4BE602C4 assembler instruction that has to be inserted into the dol where the code would normally be injected

branching forward
b 0x end address - start address
801a4160 - 8000448c = 19FCD4
--> enter "b 0x19FCD4" into converter
--> 4819FCD4 assembler instruction that has to be inserted where we wrote "FEDCBA98"

3.1.Finding the injection point (801A415C) in the dol
Just like in the previous post I made on injection you can find it with a simple hex search by looking at the surrounding instructions

address code line hex instructions
801a415c subi r0, r3, 1 3803ffff
801a4160 stb r0, 0x0003 (r31) 981f0003
801a4164 li r0, 0 38000000
801a4168 stb r0, 0x0005 (r31) 981f0005

search for "3803ffff981f000338000000981f0005" in the dol
1 result @1A0D3C, meaning that´s the point the branch backwards has to be inserted

4. Testing
-insert everything now properly and give it a test run

@1A0D3C replace "3803ffff" with "4BE602C4" and replace "FEDCBA98" from the beginning with "4819FCD4"

works--> done

http://imgur.com/OFjbonf

Always skip the result screen + normal kill counters
-game skips the result screen after a match
[achilles]
Version -- DOL Offset ------ Hex to Replace -------

1.02 ------ 0x1A0D3C ---- 3803FFFF -> 4BE602C4 ----

@ 0x1420 onward

3803FFFF 2C0B0020
41820064 2C000004
4082005C 3AC00000
3E608045 6273226F
3E40804D 6252672F
8E320001 8E930E84
7E31A214 8E930004
7E31A214 8E930004
7E31A214 8E930004
7E31A214 2C1100FF
41800008 3A2000FF
9A320000 3AD60001
2C160004 41A0FFC4
38000000 4819FCD4


that´s pretty much all there is to it.

Boss. Great guide. Thanks so much for doing this.

When you say "load up the develop version of dolphin" for checking if DOL space is safe, do you mean the develop dblevel in melee? If so, why develop and not master?

 

[DRGN]

No, he means the Dolphin emulator. You can start Dolphin in Debug mode from command line by running the program with -d or /d. Or you can create a shortcut to the .exe, edit the shortcut, and add the switch there. E.g. "C:\Program Files\Dolphin\Dolphin.exe" -d

 

[Achilles1515]

No, he means the Dolphin emulator. You can start Dolphin in Debug mode from command line by running the program with -d or /d. Or you can create a shortcut to the .exe, edit the shortcut, and add the switch there. E.g. "C:\Program Files\Dolphin\Dolphin.exe" -d

Oh....duh. For some reason, develop was not bringing up the word debug in my mind. I should get some sleep....

 

[DRGN]

oh lol. Np. It happens.

 

[Sham Rock]

For all you lovers of custom music, here´s something I came up with last week.

Random background music (multiplayer)[Sham Rock]
Version -- DOL Offset ------ Hex to Replace -------
1.02 ------ 0x3882bc ---- 934dc0c4 -> 4BC78F04 ----

@ 0x15e0 onward
3E40804D 62526CF7
8A920000 2C140002
41800038 3A600000
9A720000 3E80804D
62945F91 8A940000
3E608000 62734560
2C140006 41800010
3A94FFFA 3A730001
4BFFFFF0 8B530000
934DC0C4 483870B4

@ 0x1560 onward
0506070a 0e112d2e
3336383d 3e404142
4344494d 505c5d65
6667696a 70717476
78797b7d 7f80c3cf
d1d2696A

1.00 ------ 0x386400 ---- 936dc0bc -> 4BC7ADC0 ----
@1560 onward
0506070a 0e112d2e
3336383d 3e404142
4344494d 505c5d65
6667696a 70717476
78797b7d 7f80c3cf
d1d2696A

@15e0 onward
3E40804D 62524B77
8A920000 2C140002
41800038 3A600000
9A720000 3E80804D
62943E08 8A940000
3E608000 62734560
2C140006 41800010
3A94FFFA 3A730001
4BFFFFF0 8B730000
936DC0BC 483851F8


PAL ------ 0x3881d0 ---- 934dc374 -> 4BC7903C ----
@15D0 onward
00050006 0007000a
000e0011 002d002e
006c00a8 00aa00af
00b000b2 00b300b4
00b500b6 00f400f8
00fb0107 01080110
01110112 01140115
011b011c 011f0121
01230124 01260161
01630164 01e001ec
01ee01ef

@1630 onward
3E40804C 6252800F
8A920000 2C140002
41800038 3A600000
9A720000 3E80804C
629471B8 8A940000
3E608000 627345D0
2C140006 41800010
3A94FFFA 3A730002
4BFFFFF0 A3530000
934DC374 48386F7C


every time a multiplayer battle is loaded (and only multiplayer), the game chooses a background music at random.
This however only applies to stage music, meaning the game will choose one of the following tracks:
Fire Emblem, Balloon Fight, Big Blue, Princess Peach´s Castle, Corneria, Dr.Mario, Flat Zone, EarthBound, Kongo Jungle, Great Bay, Green Greens, Multi-Man Melee 1,
Multi-Man Melee 2, Icicle Mountain, Mushroom Kingdom, Mushroom Kingdom(Finale), Mushroom KingdomII, Mushroom Kingdom(Finale), Fountain of Dreams, Jungle Japes,
Brinstar Depths, Mach Rider, Mute City, Kongo Jungle N64, Dream Land N64, Yoshi´s Island N64, Mother, Mother 2, Battle Theme, Pokemon Stadium, Poke Floats, Rainbow Cruise,
Saria´s Theme, Temple, Super Mario Bros.3, Final Destination, Metal Battle, Battlefield, Venom, Yoshi´s Island, Yoshi´s Story, Brinstar.

Now you can enjoy a 42 track custom soundtrack even if you play FD only.

Could someone with the knowledge please make a mp3 converter with the option of setting loop points? That would be swell....

 

[Achilles1515]

For all you lovers of custom music, here´s something I came up with last week.

Random background music (multiplayer)[Sham Rock]
Version -- DOL Offset ------ Hex to Replace -------
1.02 ------ 0x3882bc ---- 934dc0c4 -> 4BC78F04 ----

@ 0x15e0 onward
3E40804D 62526CF7
8A920000 2C140002
41800038 3A600000
9A720000 3E80804D
62945F91 8A940000
3E608000 62734560
2C140006 41800010
3A94FFFA 3A730001
4BFFFFF0 8B530000
934DC0C4 483870B4

@ 0x1560 onward
0506070a 0e112d2e
3336383d 3e404142
4344494d 505c5d65
6667696a 70717476
78797b7d 7f80c3cf
d1d2696A



every time a multiplayer battle is loaded (and only multiplayer), the game chooses a background music at random.
This however only applies to stage music, meaning the game will choose one of the following tracks:
Fire Emblem, Balloon Fight, Big Blue, Princess Peach´s Castle, Corneria, Dr.Mario, Flat Zone, EarthBound, Kongo Jungle, Great Bay, Green Greens, Multi-Man Melee 1,
Multi-Man Melee 2, Icicle Mountain, Mushroom Kingdom, Mushroom Kingdom(Finale), Mushroom KingdomII, Mushroom Kingdom(Finale), Fountain of Dreams, Jungle Japes,
Brinstar Depths, Mach Rider, Mute City, Kongo Jungle N64, Dream Land N64, Yoshi´s Island N64, Mother, Mother 2, Battle Theme, Pokemon Stadium, Poke Floats, Rainbow Cruise,
Saria´s Theme, Temple, Super Mario Bros.3, Final Destination, Metal Battle, Battlefield, Venom, Yoshi´s Island, Yoshi´s Story, Brinstar.

Now you can enjoy a 42 track custom soundtrack even if you play FD only.

Could someone with the knowledge please make a mp3 converter with the option of setting loop points? That would be swell....



Ports to other versions are coming once I´m sure this works 100% (only tested it for an hour).

This is cool. Thanks Sham Rock.

 

[Sham Rock]

Added ports to 1.00 and Pal.

 

[Achilles1515]

Disable Name Tag Reset After Closing Character Port [Ato]

• All I did for this was port the code from 1.00 to every other version

(name tag would normally switch back to the default "Fox" after closing and reopening, KO stars would also disappear)

Version ── DOL Offset ────── Hex to Replace ────────── ASM Code
1.00 ────── 0x25D3F0 ──── 98A4007A -> 60000000 ──── stb r5,0x007A(r4) -> nop
1.00 ────── 0x25D404 ──── 98A4001B -> 60000000 ──── stb r5,0x001B(r4) -> nop

1.01 ────── 0x25DF60 ──── 98A4007A -> 60000000 ────
1.01 ────── 0x25DF74 ──── 98A4001B -> 60000000 ────

1.02 ────── 0x25E6FC ──── 98A4007A -> 60000000 ────
1.02 ────── 0x25E710 ──── 98A4001B -> 60000000 ────

PAL ────── 0x25EEA8 ──── 98A4007A -> 60000000 ────
PAL ────── 0x25EEBC ──── 98A4001B -> 60000000 ────

 

[TechMage299]

I have a question: There are three NTSC files, is 100(v100), 101(v.101), and 102(v.1.02)?

 

[Achilles1515]

I have a question: There are three NTSC files, is 100(v100), 101(v.101), and 102(v.1.02)?

Idk specifically what files you are referencing, but yes, most likely.

 

[TechMage299]

there files like: "NTSC100.dol",
that's what I meant

 

[ShockSlayer]

I've been out of this scene for a bit, looks like some nice things have come up whilst I was gone.

Am I correct in understanding I can use this guide to inject IE's newest "16:9 Widescreen Support" code into a dol?

My life would be complete, I swear.

 

[Doq]

For all you lovers of custom music, here´s something I came up with last week.

Random background music (multiplayer)[Sham Rock]
Version -- DOL Offset ------ Hex to Replace -------
1.02 ------ 0x3882bc ---- 934dc0c4 -> 4BC78F04 ----

@ 0x15e0 onward
3E40804D 62526CF7
8A920000 2C140002
41800038 3A600000
9A720000 3E80804D
62945F91 8A940000
3E608000 62734560
2C140006 41800010
3A94FFFA 3A730001
4BFFFFF0 8B530000
934DC0C4 483870B4

@ 0x1560 onward
0506070a 0e112d2e
3336383d 3e404142
4344494d 505c5d65
6667696a 70717476
78797b7d 7f80c3cf
d1d2696A

1.00 ------ 0x386400 ---- 936dc0bc -> 4BC7ADC0 ----
@1560 onward
0506070a 0e112d2e
3336383d 3e404142
4344494d 505c5d65
6667696a 70717476
78797b7d 7f80c3cf
d1d2696A

@15e0 onward
3E40804D 62524B77
8A920000 2C140002
41800038 3A600000
9A720000 3E80804D
62943E08 8A940000
3E608000 62734560
2C140006 41800010
3A94FFFA 3A730001
4BFFFFF0 8B730000
936DC0BC 483851F8


PAL ------ 0x3881d0 ---- 934dc374 -> 4BC7903C ----
@15D0 onward
00050006 0007000a
000e0011 002d002e
006c00a8 00aa00af
00b000b2 00b300b4
00b500b6 00f400f8
00fb0107 01080110
01110112 01140115
011b011c 011f0121
01230124 01260161
01630164 01e001ec
01ee01ef

@1630 onward
3E40804C 6252800F
8A920000 2C140002
41800038 3A600000
9A720000 3E80804C
629471B8 8A940000
3E608000 627345D0
2C140006 41800010
3A94FFFA 3A730002
4BFFFFF0 A3530000
934DC374 48386F7C


every time a multiplayer battle is loaded (and only multiplayer), the game chooses a background music at random.
This however only applies to stage music, meaning the game will choose one of the following tracks:
Fire Emblem, Balloon Fight, Big Blue, Princess Peach´s Castle, Corneria, Dr.Mario, Flat Zone, EarthBound, Kongo Jungle, Great Bay, Green Greens, Multi-Man Melee 1,
Multi-Man Melee 2, Icicle Mountain, Mushroom Kingdom, Mushroom Kingdom(Finale), Mushroom KingdomII, Mushroom Kingdom(Finale), Fountain of Dreams, Jungle Japes,
Brinstar Depths, Mach Rider, Mute City, Kongo Jungle N64, Dream Land N64, Yoshi´s Island N64, Mother, Mother 2, Battle Theme, Pokemon Stadium, Poke Floats, Rainbow Cruise,
Saria´s Theme, Temple, Super Mario Bros.3, Final Destination, Metal Battle, Battlefield, Venom, Yoshi´s Island, Yoshi´s Story, Brinstar.

Now you can enjoy a 42 track custom soundtrack even if you play FD only.

Could someone with the knowledge please make a mp3 converter with the option of setting loop points? That would be swell....

How would I go about converting this back into a code? (I'm anti-DOL-mods )

 

[Sham Rock]

How would I go about converting this back into a code? (I'm anti-DOL-mods )

This one doesn´t work as a gecko code, sorry.

 

[ShockSlayer]

So I've tried following the guide attempting to inject the widescreen code. I can't seem to get it to work. Melee will start up and then crash upon trying to start a match, and nothing's actually widescreen. Not entirely sure if the code's compatible or or if I took a misstep somewhere or what. Any help would be appreciated.

Here's the obligatory HxD screenshot:

(I just used the same blank space as the guide)

And here's my notes I wrote down whilst trying to find the branches:

BACKWARDS
80021ABC (found at the top of the converter)
(FFFF FFFF - (start memory address - end memory address) )+1
(FFFF FFFF - (80021ABC - 80004420) )+ 1
fffe2964
b 0xfffe2964
4BFE2964 - where the code would normally be injected

38600006 4bffee2d 48000159 3c608002

FORWARDS
80021ac0 (????? +4???)
end address - start address
80021ac0 - 80004478
1d648
b 0x1d648
4801D648 - where we wrote "FEDCBA98"

I can upload the start.dol if that'd help. Again any help would be appreciated.

SS

 

[Achilles1515]

So I've tried following the guide attempting to inject the widescreen code. I can't seem to get it to work. Melee will start up and then crash upon trying to start a match, and nothing's actually widescreen. Not entirely sure if the code's compatible or or if I took a misstep somewhere or what. Any help would be appreciated.

Here's the obligatory HxD screenshot:

(I just used the same blank space as the guide)

And here's my notes I wrote down whilst trying to find the branches:

BACKWARDS
80021ABC (found at the top of the converter)
(FFFF FFFF - (start memory address - end memory address) )+1
(FFFF FFFF - (80021ABC - 80004420) )+ 1
fffe2964
b 0xfffe2964
4BFE2964 - where the code would normally be injected

38600006 4bffee2d 48000159 3c608002

FORWARDS
80021ac0 (????? +4???)
end address - start address
80021ac0 - 80004478
1d648
b 0x1d648
4801D648 - where we wrote "FEDCBA98"

I can upload the start.dol if that'd help. Again any help would be appreciated.

SS

Start your line with the 39C00001 and onward. The C2 and following 00 line are just meant for the Gecko codehandler. You also don't need that word of 00's towards the end right before your branch back (that's also just for the gecko codehandler to tell it the function is done and to automatically branch back to the default code line)

and I'm assuming your branches are okay. If you need to check them, just run it in Dolphin, pause the game. Go to the code line where you inserted the code and follows its branch to the very end of your code. And the last line where it branches back to inserted_code_line+0x4 will be explicitly shown in Dolphin which makes it easy to tell if it's is branching back to the right line of code or not. And if it isn't (such as branching to a code line before where you need to be), just add [(hex of line that you need to go to) - (hex of line that it is currently branching to)] to the "branch back" hex in the DOL that you added.