Usually games will use the CTR register to store the branch destination and then call bctrl.
Also in order for this to work the area the asm cheat code is in must be marked executable. On the PS2 that would be anywhere in the EE. On the PS3 it's a bit more particular. I'm not sure how the Wii U handles it. Something to look into if it fails to work.

Without recalling too much about PPC's operations and standards off the top of my head, I'd say if you want it to be robust/idiot-proof, you'll probably want to encapsulate the supplied instructions in some boilerplate code, and copy it elsewhere in memory for execution. As a for instance, if there's nothing stopping the cheat's instructions from overwriting r31 or r6, your cheat engine would be hosed, even though the cheat would be doing nothing illegal. Given the limitations of this code type—can't rely on game state, etc.—you could just declare certain registers off-limits unless they're saved somewhere, I suppose.

I don't know how Nintendo does it, but that's risky looking right there depending on how it's done. At the very least you should preserve the contents of the linking register on the stack for safety, or a place of your choice.
Assuming Nintendo is using r1 as the stack like the PS3, I'd have it like this:

addi r1,r1,0xFFF8 <---assuming the stack goes that direction unless it's 0x8.
mflr r0 <---assuming r0 gets the special register treatment of being used as the temporary one everywhere.
std r0,0x0(r1)
addi r7, r6, 0x04
mtlr r7
blr


back at the codehandler
ld r0,0x0(r1)
mtlr r0
addi r1,r1,0x8
blr



Preserve it on the stack unless you have your own place you want to preserve it, unless you are very confident nothing will overwrite your register. But if you're having something special where anybody can put any ASM code, they might just overwrite r6 and r31.

Also like dnawrkshp said, make sure you have access to places. The PS2 gave you read/write access to the entire EE memory region, but on the PS3 with PPC it gets picky on where it will let you write, where you can read, where code can be executed from, and what is doing the reading/writing.
If I insert code into my eboot that makes it write to somewhere in that eboot range, my PS3 game will instantly stop and throw an error. If I instead use dnawrkshp's NetCheat or the PS3 debugger or anything else to write to the same exact place, it doesn't throw errors.

Like Pyriel said, make sure to put something in place to either preserve the contents of the registers or keep those exact registers off limits for others.

The PS3 would also have used the counter register instead like this:
mtctr r7
bctrl

If you didn't want expect any further code to be written that would alter the linking register you'd be fine, but if you're letting other people write whatever they want or whatever you're doing they just might overwrite it causing what looks like a game freeze when either the code is looping in circles fine by luck or crashed in the process of looping in circles.

But what is it that's letting people write their own code or whatever???
I know I can do fine modifying the eboot on the PS3 with whatever space, and I remember the PS2 Codebreaker and likely other devices had a limit of lines of cheat code to execute. Are you trying to add some one time code write thing that doesn't need constant write? If you have no limit of lines they could always just use constant write code types, but there has to be a limit or you're going to get lag or run out of space somewhere.

The new release of the codehandler will store all cheats in the executable memory range. (Someone managed to unlock write permissions to any area).

This was my plan (except for the copying part). When the codehandler reads C0 as first byte of a code it will jump to the boilerplate code of the actual codetype. The address of the first assembly instruction will then be the value of r6 + 0x08.

For testing purposes I don't care about backing up r31 and r6 before everything works as I imagine. This will be the last part of creating this code type

Yes, r1 is the stack, but I can't use ld/std since the Wii U's processor is a 32bit unit. However, your ideas appear helpful, I will give it a shot soon
And there is a limit of cheat codes. It's actually somewhere at 2000 lines. The next release will allow even more to be on at a time. And I already have created a codetype which allows you to determine the time of execution of the following codes. 0x78 corresponds to 1 second. You can find the codetype documentation here: http://cosmocortney.ddns.net/enzy/ca...es_en.php#time

Once the branching stuff works as it should I will implement a few instructions for backing up r0, r6 and r31.

On the Wii and GCN it was only possible to execute ASM of a function that is always active or executed at a certain point of time. Not all register were available without backing the up.
This codetype would allow the user to create any cheat code or modification that won't be possible with one of the codetypes. This way the assembly cheat coud also be deactivated without freezing the system.

After that I will create a codetype that injects any assembly code like the Wii's C2 codetype does

It works now, thanks again

The new codehandler will be made public once JGecko U has been updated