Views: 19,853,051 |
Home
| Forums
| Uploader
| Wiki
| Object databases
| IRC
Rules/FAQ | Memberlist | Calendar | Stats | Online users | Last posts | Search |
03-29-24 12:17 AM |
Guest: |
0 users reading The Legend of Zelda: Ocarina of Time - C Simulator Progress Thread | 1 bot |
Main - Misc. ROM hacking - The Legend of Zelda: Ocarina of Time - C Simulator Progress Thread | Hide post layouts | New reply |
Twili |
| ||
Newcomer Normal user Level: 4 Posts: 1/3 EXP: 252 Next: 27 Since: 10-19-17 Last post: 2350 days ago Last view: 1725 days ago |
I registered to make a thread about this here, because it seemed like a good place.
I'm writing an OoT-specific simulator in C, as opposed to a full-fledged Nintendo 64 emulator. This daunting task involves reading lots of disassembled instructions and making sense of it, but I'm confident in my reverse-engineering abilities. You will need to click-and-drag a copy of the familiar OoT debug ROM into the .exe when it's done, as I'll be loading assets and other data from it into simulated N64 memory. I won't abstract the game variables at this point, either. The rewritten functions will still utilize the MIPS registers, but will be easy to read. Source code will be provided. What will be abstracted is annoying hardware-bound things like the protocol for loading ROM data into RAM, as stated above. Graphics, audio, and controller input are the last priority, obviously. Ask questions, offer suggestions, or comment, please! |
HEYimHeroic |
| ||
Lantern Ghost i'm alice Level: 52 Posts: 175/770 EXP: 1053049 Next: 30791 Since: 08-04-17 Last post: 57 days ago Last view: 57 days ago |
Hm... are you doing this for coding practice?
If not, then why use this instead of a normal N64 emulator? Will you be doing this for other games, too? ____________________ yeah |
Twili |
| ||
Newcomer Normal user Level: 4 Posts: 2/3 EXP: 252 Next: 27 Since: 10-19-17 Last post: 2350 days ago Last view: 1725 days ago |
Posted by RealHeroicGamer I was making an N64 emulator to show my brother-in-law, and it got past the bootstrap for Super Mario 64, but not Zelda. My goal in doing my own emulator that I was familiar with the code base of was to print logs that could assist in reversing a whole game engine. I want to reverse OoT's engine, but because my emulator got stuck, the quicker solution is now to reverse everything manually, and I can avoid wasting time learning to program the missing pieces by abstracting them out. What I learned from emulating Mario 64 was enough to devise a plan for this method. The end goal is to write an open-source version of OoT, while keeping it in the legal grey area by requiring the original ROM for the sensitive data. I could do this for other games, too, someday. |
HEYimHeroic |
| ||
Lantern Ghost i'm alice Level: 52 Posts: 176/770 EXP: 1053049 Next: 30791 Since: 08-04-17 Last post: 57 days ago Last view: 57 days ago |
Oh, nice! I wish you luck! ____________________ yeah |
Twili |
| ||
Newcomer Normal user Level: 4 Posts: 3/3 EXP: 252 Next: 27 Since: 10-19-17 Last post: 2350 days ago Last view: 1725 days ago |
Here's what one of the functions looks like rewritten. It's much like output from IDA, I imagine, except this was manual labor.
IS VIEWER 64 is a special RAM-based dev cart for the N64 from Intelligent Systems that supports debug text printing. I'll define some constants later, replace certain hex values with them, and add more comments. void funct_5a0()
{ cpu[sp]-=0x28; write32(cpu[sp]+0x28,cpu[a0]); cpu[a0]=0x8000afd0; funct_2130(); //IS VIEWER 64 funct_183c(); cpu[a0]=0x8000afe0; funct_2130(); //IS VIEWER 64 funct_69e0(); cpu[a1]=0x00a94000; write32(cpu[sp]+0x20,cpu[v0]); write32(cpu[sp]+0x24,cpu[v1]); write32(cpu[sp]+0x10,0xee); cpu[a3]=0x8000affc; cpu[a0]=0x8001ce60; cpu[a2]=0x00bcef30-cpu[a1]; funct_1aa0(); funct_69e0(); cpu[t2]=read32(cpu[sp]+0x20)-cpu[v0]; if(read32(cpu[sp]+0x24)<cpu[v1]) { cpu[t2]-=1; } cpu[t3]=read32(cpu[sp]+0x24)-cpu[v1]; write32(cpu[sp]+0x24,cpu[t3]); write32(cpu[sp]+0x20,cpu[t2]); cpu[a0]=0x8000b008; funct_2130(); //IS VIEWER 64 cpu[a0]=0x8000b028; funct_2130(); //IS VIEWER 64 cpu[a0]=0x80157d90; cpu[a1]=0x801759c0-cpu[a0]; funct_4450(); cpu[a0]=0x8000b038; funct_2130(); //IS VIEWER 64 cpu[a0]=read32(cpu[sp]+0x28); funct_c6e20(); cpu[a0]=0x8000b058; funct_2130(); //IS VIEWER 64 cpu[sp]+=0x28; } And this is the original MIPS: 000005a0 addiu sp, sp, ffd8 000005a4 sw a0, 0028 (sp) 000005a8 sw ra, 001c (sp) 000005ac lui a0, 8001 000005b0 jal 00002130 000005b4 addiu a0, a0, afd0 000005b8 jal 0000183c 000005bc sll r0, r0, 0 000005c0 lui a0, 8001 000005c4 jal 00002130 000005c8 addiu a0, a0, afe0 000005cc jal 000069e0 000005d0 sll r0, r0, 0 000005d4 lui t0, 00a9 000005d8 lui t6, 00bd 000005dc addiu a1, t0, 4000 000005e0 addiu t6, t6, ef30 000005e4 lui a0, 8002 000005e8 lui a3, 8001 000005ec addiu t7, r0, 00ee 000005f0 sw v0, 0020 (sp) 000005f4 sw v1, 0024 (sp) 000005f8 sw t7, 0010 (sp) 000005fc addiu a3, a3, affc 00000600 addiu a0, a0, ce60 00000604 jal 00001aa0 00000608 subu a2, t6, a1 0000060c jal 000069e0 00000610 sll r0, r0, 0 00000614 lw t8, 0020 (sp) 00000618 lw t9, 0024 (sp) 0000061c lui a0, 8001 00000620 subu t2, t8, v0 00000624 sltu at, t9, v1 00000628 subu t2, t2, at 0000062c subu t3, t9, v1 00000630 sw t3, 0024 (sp) 00000634 sw t2, 0020 (sp) 00000638 jal 00002130 0000063c addiu a0, a0, b008 00000640 lui a0, 8001 00000644 jal 00002130 00000648 addiu a0, a0, b028 0000064c lui a0, 8015 00000650 lui t1, 8017 00000654 addiu a0, a0, 7d90 00000658 addiu t1, t1, 59c0 0000065c jal 00004450 00000660 subu a1, t1, a0 00000664 lui a0, 8001 00000668 jal 00002130 0000066c addiu a0, a0, b038 00000670 jal 000c6e20 00000674 lw a0, 0028 (sp) 00000678 lui a0, 8001 0000067c jal 00002130 00000680 addiu a0, a0, b058 00000684 lw ra, 001c (sp) 00000688 addiu sp, sp, 0028 0000068c jr ra 00000690 sll r0, r0, 0 |
Main - Misc. ROM hacking - The Legend of Zelda: Ocarina of Time - C Simulator Progress Thread | Hide post layouts | New reply |
Page rendered in 0.029 seconds. (2048KB of memory used) MySQL - queries: 29, rows: 205/205, time: 0.013 seconds. Acmlmboard 2.064 (2018-07-20) © 2005-2008 Acmlm, Xkeeper, blackhole89 et al. |