Customized cheat.c

If you are having problems finding or using cheats for an Emulator (particularly MAME/MESS) or have found a trick that you wish to share this is the place to do it. But please read the Cheat FAQ first.
User avatar
Pugsy
Posts: 3638
Joined: Fri Aug 17, 2001 12:59 am
Location: North Wales, UK.
Has thanked: 1 time
Been thanked: 12 times
Contact:

Post by Pugsy »

Long time no see (must be over 6 months) ....welcome back.

Both of them sound very useful additions to the cheat engine, I like the sound of the "Packed Comment" cheat type as you say it will be particularly useful for those damn Mahjong watch lists.

The "Condition Code" cheat type I imagine will make a lot of different types of cheats possible, as well as another method of making simple fixes for end of level corrections. There's a very minor typo in the above:

Code: Select all

101 =   condition
110 =   unused

should be

101 =   direct program space write
110 =   condition
I don't know if the cheat.c file is still on hold via Stephh (he's disappeared again) though so perhaps not?
Pugsy

Servicing your cheating needs since 1985 8)

Grab the latest cheat collection:
MAME 0.259 XML cheat collection (6 OCTOBER 2023) from http://www.mamecheat.co.uk or direct from:-
https://mega.nz/file/q4dHGZ6K#i-EUiqIjH ... KMz7hnbTfw (ZIP Archive 3.76MB)
ShimaPong
Posts: 1063
Joined: Wed May 21, 2003 4:19 pm
Location: Japan

Post by ShimaPong »

Pugsy wrote:There's a very minor typo in the above:
Oops... yes, you are right.

- Added User Defined Memory Region.

You can make user-customized search region via special file.

SEGA System 16/18 and System E doesn't have default search regions for RAM.
In this case, it is the only way to get the search region that you choose "All Memory".
But in System 16/18, the search region is set as $000000 - $FFFFFF and it will cause the freeze when you start searching.

- How to use -
1st, you need to prepare "memory map defined" file, called "cheat.map" and put it the same folder as MAME.exe.
"cheat.map" is plain text file, just like the cheat database.
And you need to write special "code" into this file too. It's very similar to the cheat code.

----- FORMAT -----

Code: Select all

:game:CPU:StartAddress:Length:ON/OFF:Name
Game, CPU, StartAddress and Name is the same as the standard cheat code.
Length is address length.
ON/OFF is default search region setting at loaded memory map file, 0 = "OFF", 1 = "ON".

Sample :

Code: Select all

; [ Fantasy Zone 2 (MC-8123, 317-0057) ]
:fantzn2:00:C000:2000:1:Fantasy Zone II - Work RAM
:fantzn2:00:E000:2000:0:Fantasy Zone II - Mirror

; [ Sonic Boom (FD1094 317-0053) ]
:sonicbom:00:FF0000:10000:1:Sonic Boom Work RAM
:sonicbom:00:FF0000:04000:0:Work RAM (Mirror 1)
:sonicbom:00:FF4000:04000:0:Work RAM (Mirror 2)
:sonicbom:00:FF8000:04000:0:Work RAM (Mirror 3)
:sonicbom:00:FFC000:04000:0:Work RAM (Mirror 4)
NOTE
  • displayed memory range in the menu is "(start address + length) - 1".
  • In case of "invalid address" (eg, $12345678 in 8-bit CPU) or "over-address" (eg, $4000-$12000 in 8-bit CPU) setting, the cheat engine doesn't load this code and writes the message into error.log.
  • If you press "Reload Database" key in this menu, the cheat engine reloads "cheat.map".
2nd, Set the search speed as "User Defined" which is in between "All Memory" and "Fast".
The cheat engine loads "cheat.map" and will get customized regions.
http://www.42ch.net/UploaderSmall/source/1184601631.png
http://www.42ch.net/UploaderSmall/source/1184602097.png

And added new option, called "Pre-load User Region" in the options menu.
This option makes the cheat engine load user defined search region at MAME boot.
If the file or defined region are not found, builds default search regions.
http://www.42ch.net/UploaderSmall/source/1184602268.png
ShimaPong
Posts: 1063
Joined: Wed May 21, 2003 4:19 pm
Location: Japan

Post by ShimaPong »

- Added new menu, called "Label Selection Menu".

If label-selection code has a lot of labels, you will sometimes miss current position.
Because displayed label is always 1 and can't overview whole labels.

Sample :

Code: Select all

:cham24:62000000:00000:00000000:00000000:Select Starting Game:Reset the game to boot up directly
:cham24:39910000:F80D5:0000D473:FFFFFFFF:01 - Star Soldier
:cham24:39A18000:F9484:0000A900:FFFFFFFF:01 - Star Soldier (2/2)
:cham24:39910000:F80D5:0000D473:FFFFFFFF:02 - Goonies
:cham24:39A18000:F9484:0001A900:FFFFFFFF:02 - Goonies (2/2)
:cham24:39910000:F80D5:0000D473:FFFFFFFF:03 - Bros. II
:cham24:39A18000:F9484:0002A900:FFFFFFFF:03 - Bros. II (2/2)
:cham24:39910000:F80D5:0000D473:FFFFFFFF:04 - Grading
:cham24:39A18000:F9484:0003A900:FFFFFFFF:04 - Grading (2/2)
:cham24:39910000:F80D5:0000D473:FFFFFFFF:05 - Legendry
:cham24:39A18000:F9484:0004A900:FFFFFFFF:05 - Legendry (2/2)
:cham24:39910000:F80D5:0000D473:FFFFFFFF:06 - B-Wings
:cham24:39A18000:F9484:0005A900:FFFFFFFF:06 - B-Wings (2/2)
:cham24:39910000:F80D5:0000D473:FFFFFFFF:07 - Exerion
:cham24:39A18000:F9484:0006A900:FFFFFFFF:07 - Exerion (2/2)
:cham24:39910000:F80D5:0000D473:FFFFFFFF:08 - Front Line
:cham24:39A18000:F9484:0007A900:FFFFFFFF:08 - Frong Line (2/2)
:cham24:39910000:F80D5:0000D473:FFFFFFFF:09 - Macross
:cham24:39A18000:F9484:0008A900:FFFFFFFF:09 - Macross (2/2)
:cham24:39910000:F80D5:0000D473:FFFFFFFF:10 - Arkanoid
:cham24:39A18000:F9484:0009A900:FFFFFFFF:10 - Arkanoid (2/2)
:cham24:39910000:F80D5:0000D473:FFFFFFFF:11 - Islander
:cham24:39A18000:F9484:000AA900:FFFFFFFF:11 - Islander (2/2)
:cham24:39910000:F80D5:0000D473:FFFFFFFF:12 - Nuts & Milk
:cham24:39A18000:F9484:000BA900:FFFFFFFF:12 - Nuts & Milk (2/2)
:cham24:39910000:F80D5:0000D473:FFFFFFFF:13 - Pacman
:cham24:39A18000:F9484:000CA900:FFFFFFFF:13 - Pacman (2/2)
:cham24:39910000:F80D5:0000D473:FFFFFFFF:14 - Battle City
:cham24:39A18000:F9484:000DA900:FFFFFFFF:14 - Battle City (2/2)
:cham24:39910000:F80D5:0000D473:FFFFFFFF:15 - Dig Dug
:cham24:39A18000:F9484:000EA900:FFFFFFFF:15 - Dig Dug (2/2)
:cham24:39910000:F80D5:0000D473:FFFFFFFF:16 - Pooyan
:cham24:39A18000:F9484:000FA900:FFFFFFFF:16 - Pooyan (2/2)
:cham24:39910000:F80D5:0000D473:FFFFFFFF:17 - Twinbee
:cham24:39A18000:F9484:0010A900:FFFFFFFF:17 - Twinbee (2/2)
:cham24:39910000:F80D5:0000D473:FFFFFFFF:18 - Donkey Kong
:cham24:39A18000:F9484:0011A900:FFFFFFFF:18 - Donkey Kong (2/2)
:cham24:39910000:F80D5:0000D473:FFFFFFFF:19 - Spartan-X
:cham24:39A18000:F9484:0012A900:FFFFFFFF:19 - Spartan-X (2/2)
:cham24:39910000:F80D5:0000D473:FFFFFFFF:20 - Galaxian
:cham24:39A18000:F9484:0013A900:FFFFFFFF:20 - Galaxian (2/2)
:cham24:39910000:F80D5:0000D473:FFFFFFFF:21 - Star Force
:cham24:39A18000:F9484:0014A900:FFFFFFFF:21 - Star Force (2/2)
:cham24:39910000:F80D5:0000D473:FFFFFFFF:22 - Xevious
:cham24:39A18000:F9484:0015A900:FFFFFFFF:22 - Xevious (2/2)
:cham24:39910000:F80D5:0000D473:FFFFFFFF:23 - Galaga
:cham24:39A18000:F9484:0016A900:FFFFFFFF:23 - Galaga (2/2)
:cham24:39910000:F80D5:0000D473:FFFFFFFF:24 - Pinball
:cham24:39A18000:F9484:0017A900:FFFFFFFF:24 - Pinball (2/2)
The above code gives "Quick Boot without Game Selector".
If you set "Pacman" and reset MAME, Pacman boots up directly without the game selection menu.
But you will sometimes get into a mess due to be unable to confirm the position of "Pacman" in selecting label.

I have added label selector menu.
http://www.42ch.net/UploaderSmall/source/1184604795.png

If you select label-selection code (or press left/right key on this code), the selector is opened.
Current position is displayed as "[ #_Label_# ]".
You can select label with Up/Down key and press UI_Select key, new label is set and return previous menu.

----- FORMAT -----
It requires special option in type field for master (1st) code.

Code: Select all

MSB                             LSB
33222222 22221111 11111100 00000000
10987654 32109876 54321098 76543210
-------- -------- -------- -------x  one-shot (reserved by standard one-shot cheat)
-------- -------- -------- ------x-  label selector
                                            00 = OFF
                                            01 = ON
01100011 -------- -------- --------  location and location parameter (always fixed)
Therefore, "62000002" (without one shot) or "62000003" (with one shot) are the format.
ShimaPong
Posts: 1063
Joined: Wed May 21, 2003 4:19 pm
Location: Japan

Post by ShimaPong »

- Other updates.

1) Changed bit flag in type field for Packed Comment.
Now unrequired "Operation Extend" flag and the cheat engine uses extended comment display automatically when comment code has linked code.

Code: Select all

:game:60000000:0000:00000000:00000000:--------------- Read Me! ---------------
:game:60010000:0000:00000000:00000000: Master code is the main title in the
:game:60010000:0000:00000000:00000000: cheat selection menu only and it isn't
:game:60010000:0000:00000000:00000000: displayed in the comment menu.
:game:60010000:0000:00000000:00000000: All linked codes are treated as packed
:game:60010000:0000:00000000:00000000: comment and displayed only in the
:game:60010000:0000:00000000:00000000: extended comment menu.
2) Added Pre-Enable save.
SaveCheat() function saves Pre-Enable code when pressed "Alt + Save Cheat" key in Enable/Disable, Add/Edit and CodeEdit menu.
  • Save Cheat : save selected code or command code (only in options menu).
  • Shift + Save Cheat : save all codes.
  • Ctrl + Save Cheat : save activation key.
  • Alt + Save Cheat : save pre-enable.
NOTE : "pre-enable code saved" message is displayed but you can't confirm it because current MAME doesn't allow any pop-up message when the menu opened.

3) Supported Pre-Enable for label-selection.
Set label index number into data field on Pre-Enable code.

Sample :

Code: Select all

:game:64004000:0000:0000000F:00000000:Pre-Enable for xxxx
In this case, Pre-Enable sets 16th label code at loading database.
And SaveCheat() saves Pre-Enable code with current label.

NOTE : If selected label is sub-linked code which has "Link Extension" flag, the cheat engine fails to pre-set.
User avatar
RedBeam
Posts: 191
Joined: Tue Oct 24, 2006 10:26 am
Location: Italy (Sardegna)

Post by RedBeam »

Wow, how many fixes!!!

Sorry if I disturb, but it would be great if you adjust sub/add type too?
It takes a second because I already found what to fix (see the topic...)

If already done, sorry but I don't have 0.117 but 0.116...

Greetings.
The CPS2 smasher

Image

My troopers are skilled, but I'm supreme!!!

(Modest, huh? ;) )
ShimaPong
Posts: 1063
Joined: Wed May 21, 2003 4:19 pm
Location: Japan

Post by ShimaPong »

1st of all, 0.117u1 has updated input system drastically. The effects are being felt to the cheat engine.
Now you can't change the index of activation key with left/right arrow key in the code edit menu.
And try to save activation key and see the key index...
RedBeam wrote:Sorry if I disturb, but it would be great if you adjust sub/add type too?
It takes a second because I already found what to fix (see the topic...)
I have planed that update current cheat_periodicEntry() because of some new functions so that sorry, your fix is meaningless.
But Add/Subtract is "Unused" code now and I have not created a code used this function at all.
I want to know why it is added as new cheat format.
And if people will permit me, I want to re-organize these "Unused" and "Incomplete" (eg, IgnoreIfDecrementing) function codes...

=============================================================================================================

- Added new condition, called "Branch".

"Branch" means "If a value is matched on the condition code, jump to linked code you specified".
----- FORMAT -----

Code: Select all

MSB                             LSB
33222222 22221111 11111100 00000000
10987654 32109876 54321098 76543210
                                    [ condition ]
-------- -------- -------- -------x  one-shot (reserved by standard one-shot cheat)
-------- -------- -------- ----xxx-  comparison
                                            000 = equal
                                            001 = not equal
                                            010 = less
                                            011 = greater
                                            100 = less or equal
                                            101 = greater or equal
                                            110 = bit on
                                            111 = bit off
-------- -------- -------- ---x----  linked condition
                                            00 = and
                                            01 = or
-------- -------- -------- --x-----  branch
                                            00 = Off
                                            01 = On
And the value in extend data field is the "jump" index number.

Code: Select all

:sonicwi3:00000000:10E8B0:00000003:FFFFFFFF:Max Power (For Most Characters) PL1
:sonicwi3:00000000:10E8B0:00000002:FFFFFFFF:Max Power (For Mao Mao,Chaika & Pooshka) PL1
:sonicwi3:00000000:10E8B0:00000004:FFFFFFFF:Max Power (For Spanky, Kowful & River) PL1
:sonicwi3:00000000:10E8B0:00000001:FFFFFFFF:Max Power (For Ellen & Cindy) PL1
The above code is 1P Maximum Shot Power for sonicwi3.
Maximum number of fire level is different among the charactes.
If you set incorrect shot level, for example Mao Mao (Max 2) gets Max 3, the game may crash.

The following is rewritten code with Condition Branch.

Code: Select all

:sonicwi3:C0000028:1003AB:00000002:0000000B:1P Maximum Shot Power
:sonicwi3:C0010028:1003AB:00000004:0000000A:1P Maximum Shot Power (02/14):Keaton, Blazers, Hien -> Max 3 / Mao Mao, Chaika & Pooshka -> Max 2
:sonicwi3:C0010020:1003AB:00000005:0000000C:1P Maximum Shot Power (03/14):Spanky -> Max 4
:sonicwi3:C0010020:1003AB:00000006:0000000B:1P Maximum Shot Power (04/14):Malcolm -> Max 3
:sonicwi3:C0010020:1003AB:00000007:0000000C:1P Maximum Shot Power (05/14):Kowful & River -> Max 4
:sonicwi3:C0010020:1003AB:00000008:0000000B:1P Maximum Shot Power (06/14):Alex & Pictus -> Max 3
:sonicwi3:C0010020:1003AB:00000009:00000009:1P Maximum Shot Power (07/14):Ellen & Cindy -> Max 1
:sonicwi3:C0010020:1003AB:0000000A:0000000A:1P Maximum Shot Power (08/14):Kotomi [Secret] -> Max 2
:sonicwi3:C0010020:1003AB:0000000B:0000000D:1P Maximum Shot Power (09/14):? [Secret] -> Max 7
:sonicwi3:00010000:10E8B0:00000001:FFFFFFFF:1P Maximum Shot Power (10/14):Maximum 1
:sonicwi3:00010000:10E8B0:00000002:FFFFFFFF:1P Maximum Shot Power (11/14):Maximum 2
:sonicwi3:00010000:10E8B0:00000003:FFFFFFFF:1P Maximum Shot Power (12/14):Maximum 3
:sonicwi3:00010000:10E8B0:00000004:FFFFFFFF:1P Maximum Shot Power (13/14):Maximum 4
:sonicwi3:00010000:10E8B0:00000007:FFFFFFFF:1P Maximum Shot Power (14/14):Maximum 7
$1003AB is the number of the character you selected.
For example, when you select Mao Mao, the value on $1003AB is 0x03.
The cheat engine starts checking from 1st condition code to the end of one (9th code) when you turn this code "ON".
On 1st code, it means "If the value on $1003AB is <= 0x02, jump to 12th code (Maximum 3) then do this code" so that 0x03 is not matched.
Next, 2nd code means "If the value on $1003AB is <= 0x04, jump to 11th code (Maximum 2) then do this code" and it's matched.
(3rd-9th is "If the value on $1003AB is = xx, jump to xxth code then do this code")

Basic operation is the same as label-selection type.
So it's easily understandable that you replace "jump" by "select".
The main difference is that the cheat engine chooses label automatically by conditions you set.

I have added several condition items in the code edit screen too.
http://www.42ch.net/UploaderSmall/source/1184954950.png

=============================================================================================================

Another sample of condition code.
Deco Casette system loads the program code into RAM.
So if you set a code in loading, Restore Previous Value gets incorrect value and restore it.

Code: Select all

:cbtime:00800000:2725:00000010:FFFFFFFF:Invincibility:Don't set in loading a data from cassette tape to prevent from a problem
In the above "program hack" code, when you set it before finish loading, the cheat engine gets 0x00 as restore value.
But loaded value is 0x04 so that it may causes the game crash when you turn OFF.

Rewritten code with condition is the following.

Code: Select all

:cbtime:C0000000:2725:00000004:00000000:Invincibility
:cbtime:00810000:2725:00000010:FFFFFFFF:Invincibility (2/2):If the value is 0x04 on $2725, store 0x10 into $2725
It means "If the value is 0x04 on $2725, rewrite $2725 with 0x10, otherwise no action".
The cheat engine tries to get restore value when condition is good so that turning OFF restores correct value.

Code: Select all

:grdforce:00100000:060834E2:00000009:FFFFFFFF:Invincibility "ON"
:grdforce:00110000:060834E8:0000E304:FFFFFFFF:Invincibility "ON" (2/2):1st = NOP, 2nd = MOV #$04,R3
:grdforce:00100001:060834E2:00008903:FFFFFFFF:Invincibility "OFF"
:grdforce:00110001:060834E8:000073FF:FFFFFFFF:Invincibility "OFF" (2/2):1st = BT $60834EC, 2nd = ADD #$FF,R3
Also ST-V. In Guardian Force, when boot up, tille or stage finish, stored other value.

Code: Select all

:grdforce:C0100000:060834E2:00008903:00000000:Invincibility
:grdforce:00910000:060834E2:00000009:FFFFFFFF:Invincibility (2/3):If the value is 0x8903 on $60834E2, do 2nd and 3rd codes.
:grdforce:00910000:060834E8:0000E304:FFFFFFFF:Invincibility (3/3):60834E2 - NOP / 60834E8 - MOV #$04,R3
Especially, it will be very useful for CD-ROM type machine, like PSX, Saturn.
These "Limited RAM" machine, different program code is stored even in the same address.

=============================================================================================================

I have succeeded to search "data space" via the cheat engine.
It means that you can find a value in cinemat.c games.

But you need to set User Defined code into cheat.map and changed the format a bit.

Code: Select all

:game:CPU:Space:StartAddress:Length:Status(ON/OFF):Name
New "Space" field has been added between CPU and Start Address.
00 is for normal program space and 01 is for data space.

Code: Select all

:armora:00:01:0000:0100:1:Armora Attack Data Space
Screenshot after find credit code in armora.
http://www.42ch.net/UploaderSmall/source/1184955741.png

But cheat code and watchpoint are still lack of data space accessor right now.
ShimaPong
Posts: 1063
Joined: Wed May 21, 2003 4:19 pm
Location: Japan

Post by ShimaPong »

Oops... I have troubled with CCPU used by cinemat.c address shift problem.
I have found address for credit in armora with user defined "data space" region. (See screenshot in previous (the above) post)
In result viewer, this address is $AC but it's "RAW" address without address shift.
It is located on $5C in the debugger. Therefore I think...

Code: Select all

0x5C = ((0xAC & 0xF0) >> 1) | (0xAC & 0x0F)
Anyway, I have added the following address shift setting for CCPU in BuildCPUInfoList().

Code: Select all

#if HAS_CCPU
				case CPU_CCPU:
					info->addressShift = 1;
					break;
#endif
But I'm bothering how to use it and current address shift operation seems to be bad...

And I have implemented watchpoint and data writing for data space.
http://www.42ch.net/UploaderSmall/source/1185038615.png

========================================================================================================================================

- Another update about User Defined Search Region -
Remember the code format of User Defined Search Region.

Code: Select all

:game:CPU:Space:StartAddress:Length:Status(ON/OFF):Name
I have added "Space = 02" to use another memory search.
The memory location is the same as normal program space.
But how to read a value is different.
It uses "DoMemoryRead()" instead of standard "DoCPURead".
The main effect is that the cheat engine no longer crashes with the fatal error of cpu_spinutil() in starting searching without pausing.
(See testers report, bug ID = cheatsearch0105u4red)
ShimaPong
Posts: 1063
Joined: Wed May 21, 2003 4:19 pm
Location: Japan

Post by ShimaPong »

- Added new code, "Copy Value" -
This code repeats about specified count you set.

---------- Format ----------

Code: Select all

                                   [ operation ]
-------- -------- -------- ---xx---     operation
-------- ----x--- -------- --------     operation extend bit
                                            [extend = 0]
                                                00 =    write with mask
                                                01 =    add/subtract     (+ extend data field as add/subtract value)
                                                10 =    force range      (+ extend data field as minimum/maximum bound)
                                                11 =    set/clear bits   (for relative address)
                                            [extend = 1]
                                                00 =    write if match   (+ extend data field as matching value)
                                                01 =    copy first value (+ extend data field as count/address skip)
                                                10 =    unused
                                                11 =    nothing
-------- -----x-- -------- --------     operation parameter
                                            operation == 001    add/subtract
                                                0 = add
                                                1 = subtract
                                            operation == 011    set/clear
                                                0 = set
                                                1 = clear
                                            operation == 101    skip bytes
                                                0 = off
                                                1 = on
It uses "Operation" and sub-options for it and extend data field.
Basic format is the following.

Code: Select all

:game:00080008:1234:00000056:00000078:Copy Value Basic Code
You need to set the value as count you want to repeat into the extend data field.
It means that "Fill with 0x56 from $1234 until $128A".
1st, the cheat engine writes the value with 0x56 on $1234.
Next, it moves current address to $1235 and writes with the same value.
It repeats about 78 times (to $128A).
This code is very useful when you want to fill the large area with the same value.

Sample:

Code: Select all

:invaders:00000001:2100:00000000:FFFFFFFF:Kill All Invaders Now! PL1
:invaders:00010001:2101:00000000:FFFFFFFF:Kill All Invaders Now! PL1 (2/55):1st Line includes 1/55
:invaders:00010001:2102:00000000:FFFFFFFF:Kill All Invaders Now! PL1 (3/55)
:invaders:00010001:2103:00000000:FFFFFFFF:Kill All Invaders Now! PL1 (4/55)
:invaders:00010001:2104:00000000:FFFFFFFF:Kill All Invaders Now! PL1 (5/55)
:invaders:00010001:2105:00000000:FFFFFFFF:Kill All Invaders Now! PL1 (6/55)
:invaders:00010001:2106:00000000:FFFFFFFF:Kill All Invaders Now! PL1 (7/55)
:invaders:00010001:2107:00000000:FFFFFFFF:Kill All Invaders Now! PL1 (8/55)
:invaders:00010001:2108:00000000:FFFFFFFF:Kill All Invaders Now! PL1 (9/55)
:invaders:00010001:2109:00000000:FFFFFFFF:Kill All Invaders Now! PL1 (10/55)
:invaders:00010001:210A:00000000:FFFFFFFF:Kill All Invaders Now! PL1 (11/55)
:invaders:00010001:210B:00000000:FFFFFFFF:Kill All Invaders Now! PL1 (12/55):2nd Line
:invaders:00010001:210C:00000000:FFFFFFFF:Kill All Invaders Now! PL1 (13/55)
:invaders:00010001:210D:00000000:FFFFFFFF:Kill All Invaders Now! PL1 (14/55)
:invaders:00010001:210E:00000000:FFFFFFFF:Kill All Invaders Now! PL1 (15/55)
:invaders:00010001:210F:00000000:FFFFFFFF:Kill All Invaders Now! PL1 (16/55)
:invaders:00010001:2110:00000000:FFFFFFFF:Kill All Invaders Now! PL1 (17/55)
:invaders:00010001:2111:00000000:FFFFFFFF:Kill All Invaders Now! PL1 (18/55)
:invaders:00010001:2112:00000000:FFFFFFFF:Kill All Invaders Now! PL1 (19/55)
:invaders:00010001:2113:00000000:FFFFFFFF:Kill All Invaders Now! PL1 (20/55)
:invaders:00010001:2114:00000000:FFFFFFFF:Kill All Invaders Now! PL1 (21/55)
:invaders:00010001:2115:00000000:FFFFFFFF:Kill All Invaders Now! PL1 (22/55)
:invaders:00010001:2116:00000000:FFFFFFFF:Kill All Invaders Now! PL1 (23/55):3rd Line
:invaders:00010001:2117:00000000:FFFFFFFF:Kill All Invaders Now! PL1 (24/55)
:invaders:00010001:2118:00000000:FFFFFFFF:Kill All Invaders Now! PL1 (25/55)
:invaders:00010001:2119:00000000:FFFFFFFF:Kill All Invaders Now! PL1 (26/55)
:invaders:00010001:211A:00000000:FFFFFFFF:Kill All Invaders Now! PL1 (27/55)
:invaders:00010001:211B:00000000:FFFFFFFF:Kill All Invaders Now! PL1 (28/55)
:invaders:00010001:211C:00000000:FFFFFFFF:Kill All Invaders Now! PL1 (29/55)
:invaders:00010001:211D:00000000:FFFFFFFF:Kill All Invaders Now! PL1 (30/55)
:invaders:00010001:211E:00000000:FFFFFFFF:Kill All Invaders Now! PL1 (31/55)
:invaders:00010001:211F:00000000:FFFFFFFF:Kill All Invaders Now! PL1 (32/55)
:invaders:00010001:2120:00000000:FFFFFFFF:Kill All Invaders Now! PL1 (33/55)
:invaders:00010001:2121:00000000:FFFFFFFF:Kill All Invaders Now! PL1 (34/55):4th Line
:invaders:00010001:2122:00000000:FFFFFFFF:Kill All Invaders Now! PL1 (35/55)
:invaders:00010001:2123:00000000:FFFFFFFF:Kill All Invaders Now! PL1 (36/55)
:invaders:00010001:2124:00000000:FFFFFFFF:Kill All Invaders Now! PL1 (37/55)
:invaders:00010001:2125:00000000:FFFFFFFF:Kill All Invaders Now! PL1 (38/55)
:invaders:00010001:2126:00000000:FFFFFFFF:Kill All Invaders Now! PL1 (39/55)
:invaders:00010001:2127:00000000:FFFFFFFF:Kill All Invaders Now! PL1 (40/55)
:invaders:00010001:2128:00000000:FFFFFFFF:Kill All Invaders Now! PL1 (41/55)
:invaders:00010001:2129:00000000:FFFFFFFF:Kill All Invaders Now! PL1 (42/55)
:invaders:00010001:212A:00000000:FFFFFFFF:Kill All Invaders Now! PL1 (43/55)
:invaders:00010001:212B:00000000:FFFFFFFF:Kill All Invaders Now! PL1 (44/55)
:invaders:00010001:212C:00000000:FFFFFFFF:Kill All Invaders Now! PL1 (45/55):Top Line
:invaders:00010001:212D:00000000:FFFFFFFF:Kill All Invaders Now! PL1 (46/55)
:invaders:00010001:212E:00000000:FFFFFFFF:Kill All Invaders Now! PL1 (47/55)
:invaders:00010001:212F:00000000:FFFFFFFF:Kill All Invaders Now! PL1 (48/55)
:invaders:00010001:2130:00000000:FFFFFFFF:Kill All Invaders Now! PL1 (49/55)
:invaders:00010001:2131:00000000:FFFFFFFF:Kill All Invaders Now! PL1 (50/55)
:invaders:00010001:2132:00000000:FFFFFFFF:Kill All Invaders Now! PL1 (51/55)
:invaders:00010001:2133:00000000:FFFFFFFF:Kill All Invaders Now! PL1 (52/55)
:invaders:00010001:2134:00000000:FFFFFFFF:Kill All Invaders Now! PL1 (53/55)
:invaders:00010001:2135:00000000:FFFFFFFF:Kill All Invaders Now! PL1 (54/55)
:invaders:00010001:2136:00000000:FFFFFFFF:Kill All Invaders Now! PL1 (55/55)
The above codes fills $2100-$2136 with 0x00 though too long code.
If you rewrite it with Copy Value code...

Code: Select all

:invaders:00080009:2100:00000000:00000037:Kill All Invaders Now! PL1
Only 1 code!

And this code has "Skip Bytes" option.
In this case, upper 6 bytes in extend data field is used by this option.
(So lower 2 byte is for count.)

Code: Select all

Extend Data Field
1 2 3 4 5 6 7 8
- - - - - - X X : count
X X X X X X - - : skip bytes

Code: Select all

:game:000C0008:5678:00000013:00000204:Copy Value with Skip Bytes
"Count" is 0x04 and "Skip Bytes" is 0x02 (separated extend data as "000002 04")
1st, the cheat engine writes with 0x13 to $5678.
Next, it skips 2 bytes so that next address is $567B and repeats writing till $5681 (4 times).
As a result...

Code: Select all

5678 5679 567A 567B 567C 567D 567E 567F 5680 5681
 13   00   00   13   00   00   13   00   00   13
It is useful in RPG or SLG.
For example, 1st character in the party has several parameters with the following sequence in the memory...

Code: Select all

1st, 2nd   : Energy
3rd, 4th   : Maximum Energy
5th, 6th   : EXP
7th, 8th   : Strength
9th, 10th  : Defence
11th, 12th : Fleetness
13th, 14th : Cleverness
15th, 16th : Money
In many cases, the parameters for 2nd character are located after 1st character.
If 1st address for 1st character is $C000, the address of the energy for 2nd character is $C010 (and 3rd = $C020, 4th = $C030).
When you want to make "Infinite Money (for all characters)", you need to poke $C00E (1st), $C01E (2nd), $C02E (3rd) and $C03E (4th).

Code: Select all

:game:00100000:C00E:0000FFFF:FFFFFFFF:Infinite Money
:game:00110000:C01E:0000FFFF:FFFFFFFF:Infinite Money (2/4)
:game:00110000:C02E:0000FFFF:FFFFFFFF:Infinite Money (3/4)
:game:00110000:C03E:0000FFFF:FFFFFFFF:Infinite Money (4/4)
But new code.

Code: Select all

:game:001C0008:C00E:0000FFFF:FFFFFFF:Infinite Money
It's very simple.

Sample:

Code: Select all

:mjgtaste:00000000:06071100:0000001B:FFFFFFFF:Always Have Winning Hand
:mjgtaste:00010000:06071104:0000001B:FFFFFFFF:Always Have Winning Hand (02/15)
:mjgtaste:00010000:06071108:0000001C:FFFFFFFF:Always Have Winning Hand (03/15)
:mjgtaste:00010000:0607110C:0000001C:FFFFFFFF:Always Have Winning Hand (04/15)
:mjgtaste:00010000:06071110:0000001C:FFFFFFFF:Always Have Winning Hand (05/15)
:mjgtaste:00010000:06071114:0000001F:FFFFFFFF:Always Have Winning Hand (06/15)
:mjgtaste:00010000:06071118:0000001F:FFFFFFFF:Always Have Winning Hand (07/15)
:mjgtaste:00010000:0607111C:0000001F:FFFFFFFF:Always Have Winning Hand (08/15)
:mjgtaste:00010000:06071120:00000020:FFFFFFFF:Always Have Winning Hand (09/15)
:mjgtaste:00010000:06071124:00000020:FFFFFFFF:Always Have Winning Hand (10/15)
:mjgtaste:00010000:06071128:00000020:FFFFFFFF:Always Have Winning Hand (11/15)
:mjgtaste:00010000:0607112C:00000021:FFFFFFFF:Always Have Winning Hand (12/15)
:mjgtaste:00010000:06071130:00000021:FFFFFFFF:Always Have Winning Hand (13/15)
:mjgtaste:00010000:06071134:00000021:FFFFFFFF:Always Have Winning Hand (14/15)
:mjgtaste:00010000:06070E50:00000021:FFFFFFFF:Always Have Winning Hand (15/15)
Rewritten code is the following.

Code: Select all

:mjgtaste:000C0008:06071100:0000001B:00000302:Always Have Winning Hand
:mjgtaste:000D0008:06071108:0000001C:00000303:Always Have Winning Hand (2/6)
:mjgtaste:000D0008:06071114:0000001F:00000303:Always Have Winning Hand (3/6)
:mjgtaste:000D0008:06071120:00000020:00000303:Always Have Winning Hand (4/6)
:mjgtaste:000D0008:0607112C:00000021:00000303:Always Have Winning Hand (5/6)
:mjgtaste:00010000:06070E50:00000021:FFFFFFFF:Always Have Winning Hand (6/6)
ShimaPong
Posts: 1063
Joined: Wed May 21, 2003 4:19 pm
Location: Japan

Post by ShimaPong »

I have been able to search a value in smashtv via new "User Defined" region.

In current midyunit.c games, you can't search because the cheat engine doesn't look around the address shift in read data.
It set default RAM region range as $1000000-$10fffff.
It's correct if look around the address shift and the program code read/write a data in this range (Check via the debugger).
But "RAW" address is "1000000 >> 3 = 200000" so that $200000-$21FFFF is required range for the cheat engine.

Code: Select all

:smashtv:00:00:00200000:00020000:1:Work RAM 1
:smashtv:00:00:00300000:00004000:0:Work RAM 2
I have add the above "User Defined" region codes into cheat.map and try to search weapon code.

http://www.42ch.net/UploaderSmall/source/1185214056.png
OK, I have been able to find the address for the weapon with standard search.
But unfortunately, it's incomplete because if the address is "210E(or F)xx", this may be moved in several timings (eg. after reset).
It needs "relative address" code but current data read function doesn't look aroung the address shift.
So I'm going to add the address shift for this code...
stephh
Posts: 601
Joined: Fri Aug 17, 2001 1:00 am
Location: Paris, France

Post by stephh »

Pugsy wrote:... Stephh (he's disappeared again) ...
Well ... I spent almost 3 months in working on exams ... I passed them, so I now shall have a stable definitive job "soon" :D

I'm on holidays in Belgium (in Mevi's house) for one more week, so I shall be "back to business" at the begining of August ... But don't expect me to work on the cheat engine for the moment or even test the new stuff Shimapong wrote ... I'll try to look at your cheat database though to check if some things still need to be fixed and/or added ...

Image Steph from The Ultimate Patchers Image
ShimaPong
Posts: 1063
Joined: Wed May 21, 2003 4:19 pm
Location: Japan

Post by ShimaPong »

- Added "Fake" pop-up menu to display several cheat messages -
In recent MAME, any pop-up menu (and watchpoint) is never displayed when you open the menu.
So I have added "fake" pop-up via ui_draw_text_box().
The cheat engine needs to set "pop-up timer" and it only works when you open the cheat menus.

http://www.42ch.net/UploaderSmall/source/1185394144.png
Several "WARNING" messages are displayed with red color box.
ShimaPong
Posts: 1063
Joined: Wed May 21, 2003 4:19 pm
Location: Japan

Post by ShimaPong »

OK, Invincibility (flicker), Speed-Up and Weapons codes for 1P with relative address work fine!

Code: Select all

:smashtv:83000000:20011C:00000027:0000002C:1P Invincibility [Incomplete]:Disalbled against bosses
:smashtv:83100000:20011C:00000002:00000198:1P Always Have Speed Up
:smashtv:62000000:000000:00000000:00000000:1P Select Weapon
:smashtv:83010000:20011C:00000000:00000033:Normal Shot
:smashtv:83010000:20011C:00000001:00000033:3-way Shot
:smashtv:83010000:20011C:00000002:00000033:Grenades
:smashtv:83010000:20011C:00000003:00000033:Balls
:smashtv:83010000:20011C:00000004:00000033:Missile
Especially, weapons code is very simple than previous ROM type code.
I think User Defined Search Region works on other games used TMS340x0 CPU.
User avatar
Pugsy
Posts: 3638
Joined: Fri Aug 17, 2001 12:59 am
Location: North Wales, UK.
Has thanked: 1 time
Been thanked: 12 times
Contact:

Post by Pugsy »

I'd like to be able to mark RAM cheats that actually change Program Code in a way that I can use the Cheat File Checker to list all 'ROM' cheats. At the moment there are RAM cheats that are infact really ROM cheats I want a way of slightly altering the type so making it invisible to the cheat engine.

I thought of using one of the unused patterns on the BCD cheat type

Code: Select all

-------- -------- ----0010 -------- NOT CURRENTLY USED (Due to BIT cheat type - unlikely to be used?)
so:-

Code: Select all

:cflyball:00800000:1093:00000060:FFFFFFFF:Invincibility:Don't enable during loading from cassette or you will have problems, only enable after the game has loaded.
:cflyball:00810000:1673:00000060:FFFFFFFF:Invincibility (2/2):'ROM' - Program Code Hack, poking RAM though. 1st = Falling Object, 2nd = Block

would become:

:cflyball:00800200:1093:00000060:FFFFFFFF:Invincibility:Don't enable during loading from cassette or you will have problems, only enable after the game has loaded.
:cflyball:00810200:1673:00000060:FFFFFFFF:Invincibility (2/2):'ROM' - Program Code Hack, poking RAM though. 1st = Falling Object, 2nd = Block
This should not effect the cheat engine at all - it's just a way of identifying ROM codes, but I'm wondering if this is the best way to go or is it too much of a 'hack'? It's also not ideal because it is possible to have a ROM code poking RAM memory that also requires to be a select cheat - quite rare though.
Pugsy

Servicing your cheating needs since 1985 8)

Grab the latest cheat collection:
MAME 0.259 XML cheat collection (6 OCTOBER 2023) from http://www.mamecheat.co.uk or direct from:-
https://mega.nz/file/q4dHGZ6K#i-EUiqIjH ... KMz7hnbTfw (ZIP Archive 3.76MB)
User avatar
RedBeam
Posts: 191
Joined: Tue Oct 24, 2006 10:26 am
Location: Italy (Sardegna)

Post by RedBeam »

Shimapong is a genie, but he uses too much flames with no reason (eg eljose)...

Hi all, keep up the great work...
The CPS2 smasher

Image

My troopers are skilled, but I'm supreme!!!

(Modest, huh? ;) )
Post Reply