Announcement

**Helder** · 05-30-2014, 09:43:27 PM

I doubt you can do that to ram unless you nop every ASM instruction writing to it.

**xxphillips** · 05-30-2014, 11:31:44 PM

Thanks for your reply Helder

**Professor-X** · 06-11-2014, 07:06:26 AM

If this instruction that you found was in a stack function and you want do a nop on the value of that instruction then just nop it and use the jump instruction to write the previous instruction that you nop because I'm guessing their were values being pass in that instruction then jump back into the stack.

**xxphillips** · 06-12-2014, 01:17:49 PM

Thanks for your reply Professor-X but I'm new to 65816 and don't fully understand what you mean could you please explain again with
some ASM code. It doesn't have to be real rom addresses for Secret of Mana. take care

**Professor-X** · 06-19-2014, 07:26:47 PM

I'm not sure what kind of instructions they use for that game but if you can google "mips assembly" which is like ASM then you will know what I'm talking about. I'm sure that most games have similar instructions. I'm going to try to make this as simple as possible.

When I say stack... I mean in mips its a function that calls on another function but in this case we're not going to get in depth with it but most stacks routines allocate data which normally looks something like this...

addiu sp, sp, -20
lui a0, $0880
or a1, $0, a2
andi a3, $0, $0 // the area you want to nop (to nop an address is all zeros) // 0x00000000
lw a1, $4000, (a0)
addiu sp, sp, +20

Let's say that "andi a3, $0, $0" is what you want to "nop" because you found something that interferes with the game or a change in something. To "nop" an address it's all zero's... But to return the flow of the function we use this "jump" command "j"

addiu sp, sp, -20
lui a0, $0880
or a1, $0, a2
nop //this is not the best example but lets pretend that you will nop this address
j $08804008 // use this instruction to jump the new location in memory
lw a1, $4000, (a0)
addiu sp, sp, +20

New Area that "j" is pointing to address $08804008

andi a3, $0, $0
j $back to addiu sp, sp, +20

The jump command will jump to any location you choose it to (memory address) but you will need to pick an area with nops so that you can write your instruction. You will rewrite the same instruction that was "andi a3, $0, $0" into the new area then use the jump instruction in the new location to jump back into the stack to finish the routine because MIPS or ASM works on by reading each instruction at a time. So you will have the jump command to point back to addiu sp, sp, +20 so that it will end the code. If you dont understand I dont mind explaining it in a different way. But I think the biggest help for you will to be to understand the language command instructions for that game. But if its like ASM then you will understand what I'm talking about. Sorry for the late reply. I don't think people read my post on here lol

**nolberto82** · 06-19-2014, 08:23:35 PM

What you are trying to do is freeze the RAM address. This ASM code looks way too long and wrong.

This is what you should have done:

Code:

$00/9403 22 B0 A7 DF JSL $DFA7B0[$DF:A7B0]   A:0000 X:0000 Y:0000 P:envMXdIZc
$DF/A7B0 4A          LSR A                   A:0000 X:0000 Y:0000 P:envMXdIZc
$DF/A7B1 4A          LSR A                   A:0000 X:0000 Y:0000 P:envMXdIZc
$DF/A7B2 4A          LSR A                   A:0000 X:0000 Y:0000 P:envMXdIZc
$DF/A7B3 4A          LSR A                   A:0000 X:0000 Y:0000 P:envMXdIZc
$DF/A7B4 48          PHA                     A:0000 X:0000 Y:0000 P:envMXdIZc
$DF/A7B5 A9 00       LDA #$00                A:0000 X:0000 Y:0000 P:envMXdIZc
$DF/A7B7 8F F1 E1 7E STA $7EE1F1[$7E:E1F1]   A:0000 X:0000 Y:0000 P:envMXdIZc
$DF/A7BB 68          PLA                     A:0000 X:0000 Y:0000 P:envMXdIZc
$DF/A7BC 6B          RTL                     A:0000 X:0000 Y:0000 P:envMXdIZc

In this case there is no need to use REP and SEP. The accumulator is in 8 bit mode because bit 5 is set in the status register aka P:envMXdIZc.

**xxphillips** · 06-20-2014, 05:48:13 PM

Thanks for your reply nolberto82 but this code will Load 00 to ram address 7ee1f1 but not EA / No Operation. take care

**nolberto82** · 06-22-2014, 10:30:20 AM

Originally posted by xxphillips View Post

Thanks for your reply nolberto82 but this code will Load 00 to ram address 7ee1f1 but not EA / No Operation. take care

Yes that's what it does. You can't NOP a RAM address unless the game is executing from RAM. To make the game stop manipulating the address you need a break on write.

**xxphillips** · 06-24-2014, 12:06:56 PM

nolberto82 what do you mean by break on write?

Announcement

How do you EA / No Operation a ram address on snes

How do you EA / No Operation a ram address on snes

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment