(Parts of this FAQ requires a basic knowledge of Assembly Language.)
Introduction
In the following, T
is the default status, not really used by the cheat code. It must
be 8 or 0. If it is 8, and you select the whole game, that
particular cheat is not activated. For example, in a game we may
have the following:
A
Fighting game
Unlimited energy
80123456 00ff
One hit death
80123456 0001
As you can see, we clearly would never want both of these cheats
on at the same time because the second one will take priority. If
we make our codes look like this:
A
Fighting game
Unlimited energy
80123456 00ff
One hit death
88123456 0001
Then whenever you select the whole fighting game only the first code is automatically switched on. The user must manually select the others. Note that only the first code in a group of codes needs the 8, all others in the group are also switched off. This bit is then masked out and becomes identical to a normal code.
Normal Code Types
NOTE: The Xplorer and GameShark / Action Replay "80", "30", and "D0" code types are interchangeable!! You can also replace the GS / AR "D0" and "D1" prefixes with the Xplorer "70" and "90" prefixes respectively.
00xxxxxx - yyyy - 32 bit code. Writes the 32 bit code in yyyy to address xxxxxx i.e. the upper half word is zeroed out and is the equivalent of:
80xxxxxx-yyyy
80xxxxx(x+2)-0000
The one
(1) code at the beginning of the address only needs to be present
if there is a skip if true or a skip if false code immediately
above the slide code. This is because a skip code only knows to
skip two words (32 bits * 2) which is what a normal code ends up
as. Mega codes and super codes simply have a pointer to flash as
the second word. The one code is not understood by the X-terminator
cheat engine and is therefore ignored. This is the simplest way
at the moment to solve the problem.
10xxxxxx - yyyy - Does nothing. Used by slide code and skip if true and false.
4T000000 - XXXX - A 4 code is a slow motion code. Its success rate is not brilliant at the moment. It is simply a loop executed (XXXX << 12) times.
7TXXXXXX - YYYY - Skip if false code, Opposite of a 9 code. Only does the following code if xxxxxx = yyyy.
9TXXXXXX - YYYY - Skip if true code will not do the following cheat (including mega/supa) if the half word contained in XXXXXX = YYYY. One use is so that we can insert a dead/Super code only once, saves a lot of time if the codes are big!
CTXXXXXX - YYYY - This is the same as a D code again only used for Action Replay compatability.
DTXXXXXX - YYYY - Only for compatability with Datel. Use F or 7 codes instead. (The GS / AR "D0" code IS compatible with the Xplorer.)
FTXXXXXX YYYY - Same as a 7 code but affects ALL cheats. This is our equivalent of a Datel D master code but better defined (Datel combines our F codes and 7 codes into one D code only entered in two separate places which is stupid). If the Xplorer finds any code in a game that starts with an F then it will switch it on any time you select another code and switch it off if it is the last code.
Special Code Types
Mega Code
6T?????0 YYYY
AAAAAAAA CCCC
FFFFFFFF 0011
22334455 6677
8899
?=Don't care
AA= Break address
YY= Count in bytes to insert at location 40
CC= Coprocessor break type (upper half)
FF= Breakpoint mask (usually FFFFFFFF)
00= bytes of code in address order
11
Super Code
5TXXXXXX 0YYY
00112233 4455
6677
XXXXXX = Address to place the code
YYY = Count in bytes of code
00
11 etc. = Actual code. Note, only Byte codes will be placed so
you can place in single byte multiples. For example:
50123456 0001
00112233 4455
Slide Code
Brrraaaa-dddd
10xxxxxx-yyyy
rrr : repeat count
aaaa : increase address
dddd : increase data
xxxxxx : start address
yyyy : start date
Slide
codes are so useful. They can turn a massive great long code into
only two lines. A good example is something like.
Action
Replay
Have all Licences in gran turismo (Euro cheat used as example)
D009E3C4 0000
8009E3C4 0303
D009E3C6 0000
8009E3C6 0303
D009E3C8 0000
8009E3C8 0303
D009E3CA 0000
8009E3CA 0303
D009E3CC 0000
8009E3CC 0303
D009E3CE 0000
8009E3CE 0303
D009E3D0 0000
8009E3D0 0303
D009E3D2 0000
8009E3D2 0303
D009E3D4 0000
8009E3D4 0303
D009E3D6 0000
8009E3D6 0303
D009E3D8 0000
8009E3D8 0303
D009E3DA 0000
8009E3DA 0303
B.
License
7005a4e60100 <<<<<<<<<<
Do if True code.
B00400020000 <<<<<<<<<<
Actual "B0" code.
1009e3c40303 <<<<<<<<<<
Beginning address to modify.
A.
License
7005a4e60100
B00400020000
1009e3cC0303
A.
International License
7005a4e60100
B00400020000
1009e3d40303
Pretty cool huh....there are lots of other examples too!
SLIDE CODE CONVERSION: GS/AR <> XP
(First,
all values are in Hex and addition/subtraction is in Hex!)
GameShark Slide Code:
The
GameShark "50" code has the following parameters:
5000RRJJ ABCD
ZXXXXXXX EFGH
Where,
RR is the number of code addresses to activate / modify.
JJ is the distance between addresses (codes).
ABCD is a Hex value that gets added to EFGH (Optional).
Z is equal to 8 if the value of JJ is even and 3 if odd (EF = 00
in this case).
Suppose that you had a set of codes that looked like this:
801CF458 E03C
801CF508 E03E
801CF5B8 E040
801CF668 E042
801CF718 E044
The corresponding GameShark "50" code would look like
this:
(RR = 05, JJ = B0 or 176 Dec, ABCD = 0002, and Z = 8)
500005B0
0002
801CF458 E03C
Xplorer Slide Code:
The
XPlorer "B0" code has the following parameters:
BRRRJJJJ
ABCD
1XXXXXXX EFGH
So our example above would convert to an XPlorer "B0"
code that looks like this:
(RRR = 005, JJJJ = 00B0 or 176 Dec, ABCD = 0002)
B00500B0
0002
101CF458 E03C
CAUTIONS: There are a few differences
that are not apparent from this example. I have never been able
to use only odd addresses ("30" codes, JJJJ = 1 or is
odd). The smallest value of JJJJ that has worked for me is 0002
and JJJJ must be even. Also, when using the 3.20 ROM, the largest
value of RRR that has worked for me is F (15 Dec). Anything
higher locks the game on the intro. Also, the limit with the 4.52
ROM is 7F (127 Dec). However, this is not a problem with the V1,
V2, and V3 ROMs (Note: I have only personally tested the V2, 3.20,
and 4.52 ROMs. I think the problem is with the 3.20 and 4.52 ROMs.)
Now, lets convert the following XPlorer "B0" code to a
GameShark "50" code:
B0A60002 0001
1007836C 6401
(RR = A6, JJ = 02, ABCD = 1, Z = 8)
5000A602 0001
8007836C 6401
Not too
hard if you don't have to deal with "30" codes.
However, If you would prefer to not have to convert these by
yourself, you can download the B-Code
Converter Program: HERE
Examples:
(UK games)
Here's the code for Rayman (Rayman flies by pressing
the X button). Note how it exactly fits into 64 bytes (Can't be
any more, if it is it will crash the Playstation)
(From
the disassembler)
subu sp,sp,12
sw a0,4(sp)
lui k0,0x8020 ;Get pad value!
lh a0,$ffffab92(k0)
sw a1,8(sp)
srl a0,a0,14 ;Get X button
andi a1,a0,1 ;Just button value]
bne a1,zero,nopress ;If not depressed
ori a0,zero,0xfffc
sh a0,$ffff8e7e(k0)
nopress
mfc0 k0,r14
lw a0,4(sp)
lw a1,8(sp)
addiu k0,k0,4
j k0
addiu sp,sp,12
This is the code itself, I think I did a breakpoint when the
Joypad was being read.
Note the bytes is the exact length in bytes of the machine code.
Rayman
can fly
$60000000 003f
$801fab92 ea80
$FFFFFFFF f4ff
$bd270400 a4af
$20801a3c 92ab
$44870800 a5af
$82230400 0100
$85300200 a014
$fcff0434 7e8e
$44a70070 1a40
$0400a48f 0800
$a58f0400 5a27
$08004003 0c00
$bd270000 0000
Heres a Super code. This
replaces the Text Game Paused (or whatever it was) with FCD. This
could of course be done with 8 codes but it would be much larger.
FCD
Pause
$501e4fdc 0018
$2f667574 7572
$652f636f 6e73
$6f6c652f 6465
$7369676e 2f00
Here's the ultimate. The Super Code for Resident Evil 2.
First
we found a good spot to break out and put our code where several
registers were already
set up.
org $65e78
lui v0,$8000
ori v0,v0,$7690
jr v0
nop
Note we had to write down what code was being replaced so we
would not be causing any problems. Here is the main code. Its
lost some of its readability in compressing it down from well
over 100 lines of cheat code. It allows
you to select any quantity of any weapon in any slot, Try doing THAT with a Game
Shark!
org $7690
NOTE: Download the RE 2 Super Code Text File for the US, UK, JAP, and Deutsch versions which includes codes for both Leon and Claire: >HERE<
;===================================== ;Resident Evil 2 (Leon A) - Super Code ;By P Herbert and Wayne Beckett, ;(C)1998 Future Console Design ;===================================== (Edited by Nachbrenner)
Loop
7690 AFB20018 : sw s2,$18(sp) ;from $80065E78 7694 3C12800C : lui s2,$800c ;from $80065E7C 7698 AFBF001C : sw ra,$1c(sp) ;from $80065E84 769C AC030004 : sw v1,4(zero) ;backup the old register contents 76A0 AC080008 : sw t0,8(zero) sw t1,12(zero) 76A4 AC040010 : sw a0,16(zero) 76A8 AC0A0018 : sw t2,24(zero) lui t0,$800d ;This looks redundant!! 76AC 9204000C : lbu a0,$c(s0) 76B0 3643C638 : ori v1,s2,0xc638 ;$800CC638 = address of slot 1 pointer
Next Bit.. tests for L1 or L2 and inc/decs the (v1)
76B4 90080000 : lbu t0,0(zero) ;Use memory location zero as counter 76B8 00041080 : sll v0,a0,2 ;inventory address modifier offset 76BC 11000003 : beq t0,zero,ok_delay 76C0 2508FFFF : subiu t0,t0,1 ;= addiu t0,t0,0xffffffff 76C4 A0080000 : sb t0,0(zero) 76C8 1000000F : beq zero,zero,finished ;beware of slot after this
OK_Delay
76CC 86485F3C : lh t0,$5f3c(s2) ;$800C5F3C = Pad status (Joker) ;8 = R1, 2 = R2 ;4 = L1, 1 = L2 76D0 00621820 : add v1,v1,v0 ;Address of current slot to modify 76D4 3108000F : andi t0,t0,$f ;use pad as a lookup value lui v0,table16>>16 ;no need as already zero 76D8 34027728 : ori v0,zero,table16&65535 ;this command is non-relocatable 76DC 00481021 : addu v0,v0,t0 76E0 340A0104 : ori t2,zero,$0104 ;the lookup table in bitwise form 76E4 010A5006 : srl t2,t2,t0 ;put the appropriate bit at zero'th 76E8 314A0001 : andi t2,t2,1 ;OK got address increment 76EC 80440000 : lb a0,0(v0) ;lookup increase/decrease 76F0 006A1821 : addu v1,v1,t2 ;add address increment 76F4 80620000 : lb v0,0(v1) 76F8 340A000A : ori t2,zero,10 ;delay until next check 76FC 00442020 : add a0,v0,a0 ;add either 0 1 or ff 7700 A0640000 : sb a0,0(v1) ;store it 7704 A00A0000 : sb t2,0(zero) ;start count again
Finished
7708 8C030004 : lw v1,4(zero) ;restore the old register contents 770C 8C080008 : lw t0,8(zero) lw t1,12(zero) 7710 8C040010 : lw a0,16(zero) 7714 26523E28 : addiu s2,s2,$3e28 ;from $80065E80, moved as used upper half 7718 3C028006 : lui v0,$8006 771C 34425E88 : ori v0,v0,$5e88 7720 00400008 : jr v0 ;go back to $80065E88 7724 8C0A0018 : lw t2,24(zero) ;although it looks weird, it's executed before the JR V0
Table16
7728 00FF0000 : db 00,ff,ff,00, 772C 00000001 : 01,00,00,00, 7730 00000001 : 01 ;rest already zero ! - ,0,0,0,0,0,0,0
This gives us the code
F0065E72 3C10 The master code allows us to activate the cheat only when the weapons selector code is in memory 70065E78 0018 Only do this when the old code is here i.e. once 50065E78 0010 Put the patch part of the code 0080023C 9076 42340800 4000 00000000 DEAD Note some of this line is not used (DEAD) 90007690 0018 9 code as we only want to insert the code once or the game may slow 50007690 00A1 a1 number of bytes 1800B2AF 0C80 The assembly code 123C1C00 BFAF 040003AC 0800 08AC1000 04AC 18000AAC 0C00 049238C6 4336 Slot 1 pointer, least significant word 00000890 8010 04000300 0011 FFFF0825 0000 08A00F00 0010 3C5F4886 2018 Joker, least significant word 62000F00 0831 28770234 2110 48000401 0A34 06500A01 0100 4A310000 4480 21186A00 0000 62800A00 0A34 20204400 0000 64A00000 0AA0 0400038C 0800 088C1000 048C 283E5226 0680 old code from $80065E80 023C885E 4234 JR $80065E88 08004000 1800 0A8C00FF FF00 01000000 0100
At the moment there are no patches for the French and Italian version. If you want to patch these versions, check the green colored code above. Finding joker and slot 1 pointer should be no problem. To find the breakpoint, use a disassembler and search between $80065000 and $80067000 for a sequence like this:
sw s2, 0x0018(sp) lui s2, 0x800c addiu s2, s2, 0x???? sw ra, 0x001c(sp) sltiu v0, v1, 0x0005
or if you are using "N64PSX 0.4" look for:
sw $s2,0x0018($sp) move $s2,0x800c???? sw $ra,0x001c($sp) sltiu $v0,$v1,0x0005
Thats it!. Obviously I don't expect Many people to come up with these type of codes but If anyone is after a challenge then it does not get any more challenging than doing a good Super Code.
Good Luck,
Wayne
Last Modified: May 5, 2000
|