[lsrquiz] & [lsrquiz2] for pugsy

This FORUM is ONLY for posting requests for M.A.M.E. arcade cheats. The actual cheats should be posted in the M.A.M.E. "Arcade" Cheats forum. For cheat requests a 'please' would do no harm...
Locked
asper
Posts: 132
Joined: Thu Oct 18, 2007 11:44 am

[lsrquiz] & [lsrquiz2] for pugsy

Post by asper »

I tryed to find an "infinite answer time" cheat, I found the correct location, freezed it but... the time still runs... any "rom" help man ? :)
User avatar
Pugsy
Posts: 3682
Joined: Fri Aug 17, 2001 12:59 am
Location: North Wales, UK.
Has thanked: 1 time
Been thanked: 19 times
Contact:

Re: [lsrquiz] & [lsrquiz2] for pugsy

Post by Pugsy »

I've added a rom time cheat for lsrquiz, what's the correct ram location for lsrquiz2 time then?
Pugsy

Servicing your cheating needs since 1985 8)

Grab the latest cheat collection:
MAME 0.264 XML cheat collection (3 APRIL 2024) from http://www.mamecheat.co.uk or direct from:-
https://mega.nz/file/SxsQUJoT#jBdz6GLm_ ... QzFGSMms2c (ZIP Archive 3.8 MB)
asper
Posts: 132
Joined: Thu Oct 18, 2007 11:44 am

Re: [lsrquiz] & [lsrquiz2] for pugsy

Post by asper »

Can you please tell me how to obtain a rom cheat knowing the ram address ? What have I to look in mame debugger screen ? A little "how to" will be very interesting !!!

I deleted the ram address for lsrquiz2, but it is very easy to find it again; I will tell you it as soon as I come back home !

Thank you for the lsrquiz rom cheat !!!
User avatar
Pugsy
Posts: 3682
Joined: Fri Aug 17, 2001 12:59 am
Location: North Wales, UK.
Has thanked: 1 time
Been thanked: 19 times
Contact:

Re: [lsrquiz] & [lsrquiz2] for pugsy

Post by Pugsy »

You use a write watchpoint on the address you are interested in.

so for instance in lsrquiz2 to find the code that decrements the lives counter you would type in this during play :-

wp 52419,1,w


So when you lose a life , the debugger will pop up with the PC (Program Counter) on the instruction AFTER it's been changed.

So in that example, it would dump you at PC=72182 you will then see that 72180 move.b d0,(a2) is the instruction that writes to 52419 (as if you look at the side you will see that a2=52419).
Pugsy

Servicing your cheating needs since 1985 8)

Grab the latest cheat collection:
MAME 0.264 XML cheat collection (3 APRIL 2024) from http://www.mamecheat.co.uk or direct from:-
https://mega.nz/file/SxsQUJoT#jBdz6GLm_ ... QzFGSMms2c (ZIP Archive 3.8 MB)
asper
Posts: 132
Joined: Thu Oct 18, 2007 11:44 am

Re: [lsrquiz] & [lsrquiz2] for pugsy

Post by asper »

Ok man.

I got your help for rom cheats but now I am stuck...

The lsrquiz2 ram address for infinite answer time is: 94CB

now I write:

wp 94CB,1,w

and it answer me:

Stopped at watchpoint 1 writing dword to 000094C8 (PC=FC247A) (data=2F667)

(so now there is a strange thing: why 94C8 and not 94CB ? Maybe it is using 4 bytes ?)

I look into the code and just above I found:

FC2472 addi.l #10000, (44$, A1) with A1 = 9484

so now I think " I would like to trace down what happen in FC2472 but... i don't know how to set a watchpoint to that rom address"

This is a screenshot where I can arrive with my knowledge...

Image

I was able to reproduce and find the lives example you gave me but with this (and with the other lsrquiz rom cheat you already found) it seems to be more complicated... can you please give me other hints to discrover the rom time address location ?

PLEASE DO NOT GIVE ME THE SOLUTION, I WOULD LIKE TO FIND IT MYSELF !!!

For now please try to answer to the red sentences i wrote !

After found the correct address you should also explain me how to WRITE a rom cheat in xml format :P Thank you man !!! I am learning a lot !!!
User avatar
Pugsy
Posts: 3682
Joined: Fri Aug 17, 2001 12:59 am
Location: North Wales, UK.
Has thanked: 1 time
Been thanked: 19 times
Contact:

Re: [lsrquiz] & [lsrquiz2] for pugsy

Post by Pugsy »

asper wrote:Ok man.

I got your help for rom cheats but now I am stuck...

The lsrquiz2 ram address for infinite answer time is: 94CB

now I write:

wp 94CB,1,w

and it answer me:

Stopped at watchpoint 1 writing dword to 000094C8 (PC=FC247A) (data=2F667)


(so now there is a strange thing: why 94C8 and not 94CB ? Maybe it is using 4 bytes ?)
Yes it is using four bytes, as you can see as a dword is 4 bytes.

byte .b
word .w (2 bytes)
double word .d (2*words = 4 bytes) which in the 680xx series is also known as a long word .l (that's what the .l means in addi.l)


I look into the code and just above I found:

FC2472 addi.l #10000, (44$, A1) with A1 = 9484

so now I think " I would like to trace down what happen in FC2472 but... i don't know how to set a watchpoint to that rom address"

This is a screenshot where I can arrive with my knowledge...

Image
You really need to have an understanding of 68000 to be honest, addi.l #10000, ($44, A1) basically does this:-
adds 0x10000 to a address, this address is determined by the value of Register A1 + 0x44 so 0x9484 + 0x44 = 0x0x94C8
I was able to reproduce and find the lives example you gave me but with this (and with the other lsrquiz rom cheat you already found) it seems to be more complicated... can you please give me other hints to discrover the rom time address location ?

PLEASE DO NOT GIVE ME THE SOLUTION, I WOULD LIKE TO FIND IT MYSELF !!!

For now please try to answer to the red sentences i wrote !
To fully answer your question without giving the solution is not really feasible. I'm not looking at it again on purpose so not to give you the solution...but there's always going to be a chance that you are going up a blind alley as ROM infinite time cheats may not work properly if they are directly linked to system timers. If you are hitting the same code with wp 94c8,1,w even when the time bar is not on-screen then you have a system timer that's generally not suitable for making a cheat with. To be honest when I said "what's the correct ram location for lsrquiz2 time then?" I had already had a quick look for a RAM lsrquiz2 time address and had no luck finding anything suitable so if it was an easy cheat to find I'd already have posted it.
After found the correct address you should also explain me how to WRITE a rom cheat in xml format :P Thank you man !!! I am learning a lot !!!
For lsrquiz2 you can use normal RAM writes as the program code is not in ROM, but you should ensure that any code you change is reset back to what is was originally by use of temp variables see my lsrquiz time cheat as an example. For other games with program code in ROM you only have to look at existing ROM cheats as examples.
Pugsy

Servicing your cheating needs since 1985 8)

Grab the latest cheat collection:
MAME 0.264 XML cheat collection (3 APRIL 2024) from http://www.mamecheat.co.uk or direct from:-
https://mega.nz/file/SxsQUJoT#jBdz6GLm_ ... QzFGSMms2c (ZIP Archive 3.8 MB)
User avatar
Pugsy
Posts: 3682
Joined: Fri Aug 17, 2001 12:59 am
Location: North Wales, UK.
Has thanked: 1 time
Been thanked: 19 times
Contact:

Re: [lsrquiz] & [lsrquiz2] for pugsy

Post by Pugsy »

I've just had proper look, using the proper RAM address (NOT the one you posted, though it is used for other things...it is not even close to the one you posted) I've made a ROM cheat out of it.

I will NOT post the cheat or the RAM address, though I have added it to the cheat file for the next release....good luck.
Pugsy

Servicing your cheating needs since 1985 8)

Grab the latest cheat collection:
MAME 0.264 XML cheat collection (3 APRIL 2024) from http://www.mamecheat.co.uk or direct from:-
https://mega.nz/file/SxsQUJoT#jBdz6GLm_ ... QzFGSMms2c (ZIP Archive 3.8 MB)
asper
Posts: 132
Joined: Thu Oct 18, 2007 11:44 am

Re: [lsrquiz] & [lsrquiz2] for pugsy

Post by asper »

Thank you very much ! I do not know asm at all man... as you can see :P
I am trying to obtain a basic knowledge just to find some basic rom cheat when ram doesn't work.

Can you explain me better what PC hex value (program counter) represents ? If this is not a rom address what is it ?

..... I will try to do a better search in ram... I will post the solution... if I ever find one ! :)

One last question... why you set 60 as value for "infinite time rom cheat" in lsrquiz ? What is 60 ?
User avatar
Pugsy
Posts: 3682
Joined: Fri Aug 17, 2001 12:59 am
Location: North Wales, UK.
Has thanked: 1 time
Been thanked: 19 times
Contact:

Re: [lsrquiz] & [lsrquiz2] for pugsy

Post by Pugsy »

asper wrote:Thank you very much ! I do not know asm at all man... as you can see :P
I am trying to obtain a basic knowledge just to find some basic rom cheat when ram doesn't work.
Well judging by the last comment of 'what is 60' you really should learn some assembly if you are to stand a chance.
asper wrote:Can you explain me better what PC hex value (program counter) represents ? If this is not a rom address what is it ?
The Program Counter exists for all CPUs it basically like a bookmark and that's the address it holds is where it will resume execution from when you press F12. You need to learn the basics...and this is one of the real basics.
..... I will try to do a better search in ram... I will post the solution... if I ever find one ! :)
Well I have the solution, to be honest I think you will be wasting your time as you will need more knowledge to stand a chance of making a ROM cheat...the RAM cheat alone is not enough as the address gets used elsewhere and will crash the game if you poke it at the wrong time.
One last question... why you set 60 as value for "infinite time rom cheat" in lsrquiz ? What is 60 ?
60 will change a branch if condition met instruction into a branch always instruction. It has no relevance to the time value...it basically stops the timer decrementing by always branching past the code that decrements the timer so that it never decrements.

branch==jump==goto
Pugsy

Servicing your cheating needs since 1985 8)

Grab the latest cheat collection:
MAME 0.264 XML cheat collection (3 APRIL 2024) from http://www.mamecheat.co.uk or direct from:-
https://mega.nz/file/SxsQUJoT#jBdz6GLm_ ... QzFGSMms2c (ZIP Archive 3.8 MB)
asper
Posts: 132
Joined: Thu Oct 18, 2007 11:44 am

Re: [lsrquiz] & [lsrquiz2] for pugsy

Post by asper »

Is the good ram value 051CBB and the PC = 071798 ?

If not I give up......... but please, tell me how you find the right ram address !
User avatar
Pugsy
Posts: 3682
Joined: Fri Aug 17, 2001 12:59 am
Location: North Wales, UK.
Has thanked: 1 time
Been thanked: 19 times
Contact:

Re: [lsrquiz] & [lsrquiz2] for pugsy

Post by Pugsy »

Right RAM address, not correct PC but you are not too far away.
Pugsy

Servicing your cheating needs since 1985 8)

Grab the latest cheat collection:
MAME 0.264 XML cheat collection (3 APRIL 2024) from http://www.mamecheat.co.uk or direct from:-
https://mega.nz/file/SxsQUJoT#jBdz6GLm_ ... QzFGSMms2c (ZIP Archive 3.8 MB)
asper
Posts: 132
Joined: Thu Oct 18, 2007 11:44 am

Re: [lsrquiz] & [lsrquiz2] for pugsy

Post by asper »

.....mmmmmmmh...... now I analyze what is JUST BEFORE the break I made at 00051CBA:

071992 ori.b #$41, D1
071996 ext.l D0
071998 move.w D0, (-$2,A4) <-- (EXCLUDED BY YOU)

what I find interesting is that (assuming = to 0 my asm knowledge):

for what can i see added or subtracted values have always $ in front of them (I miss the # mean though...) and that should be HEX value if I well remember...
So I have a $41 there... analyzing the D1 (which I suppose to be a register that contains a value) I can see 00010001 that is interesting because the new ram address I found popped out searching for an INCREASING timer insted of a decreasing one... and the increase is of 1... may this be the key ?

What I also noticed is that the D0 register contains the exact value found at 00051CBA so grounding and freezing it to 0 or to, for example, 1A should stop the timer running... maybe ext.l is the key ?

I was looking for an asm command list but I was not able to find a complete one... do you have a link ?

----------- UPDATE --------------

Tracing up the code I found:

071990 move.w #$1, D1 (D0 still old value)
071994 add.w D1, D0 (D0 still old value)
071996 ext.l D0 (HERE D0 +1 !!!)

I put a break at 071990 stepping in with F11 and discovered the following:

the value of D1 is increased of 1 in 071990 and then in 071994 the value is passed to D0 ! I should stop this I suppose, adding 0 insted of 1 for example !

One strange thing... after putting the break ar 071990 the " 071992 ori.b #$41, D1 " disappeared from the list... why ?
User avatar
Pugsy
Posts: 3682
Joined: Fri Aug 17, 2001 12:59 am
Location: North Wales, UK.
Has thanked: 1 time
Been thanked: 19 times
Contact:

Re: [lsrquiz] & [lsrquiz2] for pugsy

Post by Pugsy »

First of all I did NOT exclude "071998", I excluded "071798" which is what you stated! (READ YOUR POST!)


071992 ori.b #$41, D1 is not an instruction that it uses, with assembler it's VERY important you have the correct address to start the disassembly at. Otherwise, you get rogue instructions like that as the disassembler tries to make sense of what you have got - it's another basic knowledge thing. Normally you can see the correct instructions if you open a disassembly window and start the disassembly back 20 bytes or so...by the time it gets to the code you are interested in the start offset shouldn't matter.

Code: Select all

07198C: move.w  (-$2,A4), D0
071990: move.w  #$1, D1
071994: add.w   D1, D0
071996: ext.l   D0
071998: move.w  D0, (-$2,A4)
07199C: move.w  (-$2,A4), D0

And yes all you have to in this instance is change 071990: move.w #$1, D1 to 071990: move.w #$0, D1, luckily as it's not a quick instruction you only have to change the 1 at 71993 to 0 and the job is done.

As for a list of 68000 instructions you can see the list I made a few years back that's still on gshi here:-

http://gshi.org/?s=faqs#section21

You should be able to find some more information on that page, that should be useful.
Pugsy

Servicing your cheating needs since 1985 8)

Grab the latest cheat collection:
MAME 0.264 XML cheat collection (3 APRIL 2024) from http://www.mamecheat.co.uk or direct from:-
https://mega.nz/file/SxsQUJoT#jBdz6GLm_ ... QzFGSMms2c (ZIP Archive 3.8 MB)
asper
Posts: 132
Joined: Thu Oct 18, 2007 11:44 am

Re: [lsrquiz] & [lsrquiz2] for pugsy

Post by asper »

You are right man, I made a typo in the 6.37 post !
So I got it !

The cheat code should be:

<cheat desc="Infinite Time">
<script state="run">
<action>maincpu.pb@71993=0</action>
</script>
</cheat>

or

<cheat desc="Infinite Time">
<script state="on">
<action>temp0 =maincpu.pb@71993</action>
</script>
<script state="run">
<action>maincpu.pb@71993=0</action>
</script>
<script state="off">
<action>maincpu.pb@71993=temp0 </action>
</script>
</cheat>

?

For what you say probably the 1st one is the quickest, without need to set it back again.

About the code you wrote for lsrquiz2: <action>temp0 =maincpu.pb@CBAAC</action>

the space between temp0 and = is it necessary ?

(thank you for the link !)
User avatar
Pugsy
Posts: 3682
Joined: Fri Aug 17, 2001 12:59 am
Location: North Wales, UK.
Has thanked: 1 time
Been thanked: 19 times
Contact:

Re: [lsrquiz] & [lsrquiz2] for pugsy

Post by Pugsy »

The second one with the temp0 variable is the one that should be used to allow the cheat to be turned off.

The space is not necessary, it's what happens with my util when it converts from old-type to new type cheats to ensure that cheats with more than 10 temp variables align.

BTW, when ever you post cheats you should highlight the XML cheat text and hit the code button to ensure they display correctly.

So instead of this:-

<cheat desc="Infinite Time">
<script state="on">
<action>temp0 =maincpu.pb@71993</action>
</script>
<script state="run">
<action>maincpu.pb@71993=0</action>
</script>
<script state="off">
<action>maincpu.pb@71993=temp0 </action>
</script>
</cheat>

you get this:

Code: Select all

  <cheat desc="Infinite Time">
    <script state="on">
      <action>temp0 =maincpu.pb@71993</action>
    </script>
    <script state="run">
      <action>maincpu.pb@71993=0</action>
    </script>
    <script state="off">
      <action>maincpu.pb@71993=temp0 </action>
    </script>
  </cheat>
Pugsy

Servicing your cheating needs since 1985 8)

Grab the latest cheat collection:
MAME 0.264 XML cheat collection (3 APRIL 2024) from http://www.mamecheat.co.uk or direct from:-
https://mega.nz/file/SxsQUJoT#jBdz6GLm_ ... QzFGSMms2c (ZIP Archive 3.8 MB)
asper
Posts: 132
Joined: Thu Oct 18, 2007 11:44 am

Re: [lsrquiz] & [lsrquiz2] for pugsy

Post by asper »

Well so I managed to find it out !

I think I deserve a "good boy" or something like this :P

Just a joke, thank you for your patience ! I will try to learn as much asm as I can.
User avatar
Pugsy
Posts: 3682
Joined: Fri Aug 17, 2001 12:59 am
Location: North Wales, UK.
Has thanked: 1 time
Been thanked: 19 times
Contact:

Re: [lsrquiz] & [lsrquiz2] for pugsy

Post by Pugsy »

asper wrote:Well so I managed to find it out !

I think I deserve a "good boy" or something like this :P

Just a joke, thank you for your patience ! I will try to learn as much asm as I can.
Finding the RAM location was the most work, you will quickly find that making a ROM Infinite type cheat out of a RAM Infinite type cheat is so easy it's no challenge...it is after all just a matter of typing "wp,ramlocation,1,w" into the debugger and it's all but done. ROM cheats for things like Invincibility are the most work but also the most fun + rewarding. The problem is we've virtually run out of them to find in MAME, but MESS is another matter....

Everybody has to start somewhere so well done all the same. Now, you need to learn assembly and you'll be on the road to wasting ages making games crash in weird and wonderful ways :wink:
Pugsy

Servicing your cheating needs since 1985 8)

Grab the latest cheat collection:
MAME 0.264 XML cheat collection (3 APRIL 2024) from http://www.mamecheat.co.uk or direct from:-
https://mega.nz/file/SxsQUJoT#jBdz6GLm_ ... QzFGSMms2c (ZIP Archive 3.8 MB)
asper
Posts: 132
Joined: Thu Oct 18, 2007 11:44 am

Re: [lsrquiz] & [lsrquiz2] for pugsy

Post by asper »

Ahahaahahahah very very funny man !!!

I like crashing games ! ^_^

Thank you a lot for your support man !!!
Locked