Kuribo64
Views: 6,928,544 Home | Forums | Uploader | Wiki | Object databases | IRC
Rules/FAQ | Memberlist | Calendar | Stats | Online users | Last posts | Search
05-25-17 12:05 PM
Guest:

0 users reading SM64DS Behaviour Documentation | 1 bot

Main - General SM64DS hacking - SM64DS Behaviour Documentation New reply


Sparsite
Posted on 08-11-16 09:08 PM (rev. 16 of 08-22-16 06:38 AM) Link | #76022
So lately, I've been looking into object behaviours, and it's pretty wacky in sm64ds.

Many thanks to Fiachra for all the offsets.

I'll release a .txt file when there are more behaviours documented (presumably by me, lol)

Misc. Info and Offsets:

Structure:
Each object has a class that handles both its behavior and its rendering

SpawnActor = 0x02010E2C
DespawnObject = 0x02043824


const byte BMD_FILE_ID_OFFSET = 0x68
const byte KCL_FILE_ID_OFFSET = 0x6A

const short int OBJ_X_LOC_OFFSET = 0x5C;
const short int OBJ_Y_LOC_OFFSET = 0x60;
const short int OBJ_Z_LOC_OFFSET = 0x64;
const short int OBJ_X_ROT_OFFSET = 0x8C;
const short int OBJ_Y_ROT_OFFSET = 0x8E;
const short int OBJ_Z_ROT_OFFSET = 0x90;
const short int OBJ_X_SPEED_OFFSET = 0xA4;
const short int OBJ_Y_SPEED_OFFSET = 0xA8;
const short int OBJ_Z_SPEED_OFFSET = 0xAC;
const short int OBJ_FORWARD_DIRECTION_OFFSET = 0x94;
const short int OBJ_FORWARD_SPEED_OFFSET = 0x98;
const short int OBJ_DRAW_DISTANCE_OFFSET = 0xBC;
const short int OBJ_PARAMETER_01_OFFSET = 0x08;
const short int OBJ_PARAMETER_02_OFFSET = 0x8C;
const short int OBJ_PARAMETER_03_OFFSET = 0x90;
const short int OBJ_UPDATE_MARIO_POS_OFFSET = 0x13C;

const unsigned int UPDATE_MARIO_POS_METHOD = 0x0203923C
const unsigned int UPDATE_MARIO_POS_ON_ROT_METHOD = 0x0203929C

Add these with an object's address to use (ie. 0xZZZZZZZZ + OBJ_PARAMETER_01_OFFSET = 0x0000)

Finding an object's address:

In no$gba debugger, place a breakpoint on 0x02010E2C, and scroll down from 0x02010E2C and look for a ldmfd op code and break on that too. Go into a level and it should break twice for each object loaded. The first break will tell you the actor ID in R0 (get them from the object database) so you know which object it is, and the second break will have the object's address in r0.

Some Behaviours:

0x247d2c - mecha 11 object in rom // Rotating platform in Tick Tock Clock
+0x14 - draw distance
+0x48 - main behavior (02111934)
021118AC - Move object address into r0
021118B0 - Store X rotation in r1
021118B4 - Store Y rotation in r2
021118B8 - Store Z rotation in r3
021118BC - Move object address plus 0xF0 into r0
021118C0 - Call update object model roation function
------------------------------------------------
ct mecha 10 rotating // Rotating Clock Hand in Tick Tock Clock
02111a50 - bl instruction
021118a8 - stmfd instruction (main behaviour)
021118cc - store rotation at 0x114 from object
+0xb0 - 1a for inactive, 02 for active? (021905a0 in test)
------------------------------------------------
Orange Brick Block
020B35A0 - Main behaviour (When ground pounded/punched)
020B39A0 - how many coins spawn
020B39A4 - how far the coins shoot out
020B39AC - spawns coins
020B415C - Secondary behaviour (if a 1-Up tag, supershroom tag, etc. is placed inside)
------------------------------------------
Ground Pound Post
021335A0 - determine how many coins are spawned
021335A4 - how far the coins shoot out
021335B0 - spawn coins (branchs to some sort of spawn coin function 0x02010714, r2 = # of coins, r3 = launch distance of coins)
------------------------------------------
Coins
020B18D0 - Sets yellow coin value
020B16A4 - Sets blue coin value
020B1810 // 020B19A4 - Spawn 100 coin star?
020B189C - Camera Object Pointer related?
020B1990 - Set actor ID for 100 coin star
020B1994 - Set Paramater 1
020B199C - Set Parameter 2
020B1914 - Related to incrementing 1-up count when certain coin counts are met?
------------------------------------------
Thwomp
02132F04 - Main behaviour
02133038 - Set max height
02133050 - Store Y position in r1, offset by #0x60
02133054 - add 1 to Y position (moves them up and down)
------------------------------------------
Toad
021291AC - Main Behaviour
021291BC - Related to waiting for player input for text box to close [?]
021291E8 - Calls function to rotate Toad toward player
021291EC - Move Toad object address (r7) into r0
021291F0 - Move Player Address into (r5) into r0
021291EC - Calls Unknown Function
02129284 - Load Toads Y Position into r1, Y position for player to look at (for MarioTalkDirection)
02129288 - Load Toads Z Position into r3, Z position for player to look at
0212928C - Load Toads X Position, X position for player to look at
021292B0 - Move Player Address (r5) into r0
021292B4 - Move Toad object address into r1
021292B8 - Store Message ID in r2
021292C0 - Branch to OBJ_TalkToPlayer Function (Talk To Player)
------------------------------------------
Bullet Bill
02126F8C - Main Behaviour
02127020 - Load Y Position into r1
02127024 - Load Z Position into r2
02127028 - Load X Position into r0
02127058 - Set Actor ID for object thats spawned to Bullet Bill (0x00DE in r0)
02127058 - Set Parameter 1 for Bullet Bill Spawned in r1 (0x0000)
0212705C - Spawns A Bullet Bill inside the box launcher
------------------------------------------
LLL Bridge Related
0203BDF4 - Main Behaviour
0203BE14 - call y rotation update (for some reason)


____________________
ASMR:
*quietly whispers*
move r0 r7
push r4 to r14
load register r4 into r0
POP

Hiccup
Posted on 08-13-16 08:46 AM Link | #76077
Good work. Do you think you could find unused object code this way?

Sparsite
Posted on 08-14-16 03:28 PM Link | #76129
Posted by Hiccup
Good work. Do you think you could find unused object code this way?


Probably not, the best way to find behaviour of a moving object is get their address, and then add 0x5C, 0x60, or 0x64 to their object address for their XYZ pos. Its similar for their speeds and rotations, just different offsets to add. It's pretty object specific. For other objects like coins, silver stars, etc. just simple []! breakpoints work to find code.

____________________
ASMR:
*quietly whispers*
move r0 r7
push r4 to r14
load register r4 into r0
POP


Main - General SM64DS hacking - SM64DS Behaviour Documentation New reply

Page rendered in 0.042 seconds. (2048KB of memory used)
MySQL - queries: 25, rows: 103/103, time: 0.028 seconds.
[powered by Acmlm] Acmlmboard 2.064 (2015-10-07)
© 2005-2008 Acmlm, Xkeeper, blackhole89 et al.