Register - Login
Views: 85625780
Main - Memberlist - Active users - Calendar - Wiki - IRC Chat - Online users
Ranks - Rules/FAQ - JCS - Stats - Latest Posts - Color Chart - Smilies
09-21-17 07:05:05 PM

Jul - Game Research/Hacking/Modding - I offer 50$ to restore GIB routine in Cruis'n USA New poll - New thread - New reply
Pages: 1 2 3Next newer thread | Next older thread
CruisnEma
Member
Level: 19


Posts: 52/79
EXP: 31861
For next: 3916

Since: 02-01-12


Since last post: 33 days
Last activity: 10 days

Posted on 06-02-17 10:40:27 AM Link | Quote
The N64 version is censored, but I prefer than the arcade 'cause can work also in the WII in the VC channel and I don't need of the cabinet to play with it.

I can't do the hack myself, I think you'll need the arcade source code 'cause the ASM put randomly deers and cows in the right side of the road, that can be hit exploding in meat chunks, if someone succeed to restore it I'll pay him 50$ trough PayPal. I want the hack in the E version, but also in the US version included in the US VC title, to share it with the web, obviously the hacker that will restore the gib routine will be present in the credits.
brian151
Banned
The administration (as well as a few users) have decided that you're creepy/weird enough that it's time to activate the sploded clause.
Laters.


Level: NaN


Posts: 163/-249
EXP: NaN
For next: 0

Since: 08-09-16
From: USA

Since last post: 50 days
Last activity: 23 days

Posted on 06-02-17 06:55:15 PM Link | Quote
Originally posted by CruisnEma
I think you'll need the arcade source code


Is this even available to anyone besides an original developer?

Also, probably talking a low-level source language, anyone's guess on the formatting of it, or documentation
CruisnEma
Member
Level: 19


Posts: 53/79
EXP: 31861
For next: 3916

Since: 02-01-12


Since last post: 33 days
Last activity: 10 days

Posted on 06-02-17 08:11:02 PM Link | Quote
I don't know, but however you have to search it, I couldn't recognize it. Otherwise you can see the arcade version and remade the sprites and the 3D model, but I think could be easier with the source code.
brian151
Banned
The administration (as well as a few users) have decided that you're creepy/weird enough that it's time to activate the sploded clause.
Laters.


Level: NaN


Posts: 164/-249
EXP: NaN
For next: 0

Since: 08-09-16
From: USA

Since last post: 50 days
Last activity: 23 days

Posted on 06-02-17 08:35:35 PM Link | Quote
Originally posted by CruisnEma
I don't know, but however you have to search it, I couldn't recognize it. Otherwise you can see the arcade version and remade the sprites and the 3D model, but I think could be easier with the source code.


Almost feels like re-making entire game would be easier if one ripped all the assets and such.

My guess is code-wise, best you could get is disassembling one or both ROMS. You'd then have to painstakingly analyze it all to determine what it's doing. The source code is totally destroyed, though.
Even if it were originally written IN Assembly, all the function and variable names, and all the organization, would be lost when it was assembled. Or, that's what usually happens. There's a lot of unknowns like specifics of how the devs built their filesystems/engines.

That's just my two cents.
CruisnEma
Member
Level: 19


Posts: 54/79
EXP: 31861
For next: 3916

Since: 02-01-12


Since last post: 33 days
Last activity: 10 days

Posted on 06-03-17 07:23:38 AM Link | Quote
Mhh, you couldn't do this?
BoringPerson
Member
Level: 9


Posts: 7/32
EXP: 2779
For next: 383

Since: 01-28-17


Since last post: 27 days
Last activity: 18 hours

Posted on 06-04-17 10:56:11 AM Link | Quote
I'm just starting out at assembly hacking myself, so what I say about this may not be accurate, and I definitely can't speak for everyone.

"Painstaking" sounds about right. Programming a game is like designing a skyscraper with a blueprint you can look at. But ASM hacking is like if you tear down the walls, find a massive tangle of wires, and have to figure out which wires go where without blueprints or labels. Then any time you make a change, you might break something else. And there's hardly any room for new wiring, so you also have to painstakingly clear out more space without accidentally breaking anything. Programming a game is natural, but ASM hacking a game is totally unnatural.

It's also much slower work. I pulled these numbers out of my ass, but I expect it might take 100 times more effort to get only 1/100th as much work done.

I can understand why so many folks underestimate just how much effort it takes. It isn't intuitive until you try and do it yourself. Ever since I started ASM hacking, my appreciation for ASM hackers has gone up a hundredfold-- I really underestimated just how many useless dead ends you can run into when figuring out just how to change something.

If you read nothing else, please read this part:
When you ask something like this, understanding this is important, even though it doesn't come naturally. I can't emphasize this enough. When someone asks assembly hackers to change something in a game, too often there's a big gap in understanding how realistic a hack is. So the asker thinks the job is easier than it actually is, makes comments based on that belief, and the assembly hackers get frustrated because it feels like the asker is being dismissive or implying they aren't good at what they do. That's when the thread falls apart.

When it comes down to it, if work like this was paid by hour, it would come out to a lot more than $50. I don't think money alone is a realistic motivator. But interest is a more powerful currency than money. In the end, though, sometimes the interest just isn't there, and there's nothing you can do but accept it and move on.

(I'm mostly talking about recreating gibbing from scratch, which sounds like a big undertaking. If it turns out the gibbing routines are still there but simply disabled, things get easier. But that would be like finding a really good drop in a MMO-- awesome for sure, but not to be counted on.)
CruisnEma
Member
Level: 19


Posts: 57/79
EXP: 31861
For next: 3916

Since: 02-01-12


Since last post: 33 days
Last activity: 10 days

Posted on 06-04-17 01:05:03 PM Link | Quote
Seriously, I see what you mean. But I bought the game in EU and US version and then for me 50$ are like buy the game for the 3rd time. I know that isn't a big offer, but a lot of users ask similar help for free, then I think this could be a better help request, and I want to share (for free) the finished work with the web, and mention the ASM hacker in the credits.

I know that ASM work is hard and complex, is the reason why in 6 years nobody helped me. And I can see, this is the reason why I want to pay, a little contribution for this.

And finally I think that the GIB routine could still exist in the N64 port, but maybe turned off (in the arcade if you turn off trough the system menu, they disappear like in the N64) also 'cause there is an unused text string in the rom that says "RK SECT NOT VISIBLE" and maybe RK could be for RoadKill (the GIB routine name in the arcade system menu where you can turn it on/off) but not is sure, also 'cause I can't find deer textures in the rom trough Crystal Tile, but only the cow, that is used also in the final cutscene (censored too, however, 'cause the president is missing, but remain his voices in the rom, if you open it with N64 sound list tool) this could mean that if the ASM is still existing the deer could be invisible also if turned on and maybe the cow could be visible but once stricken maybe "disappear" without 3D models for the meat pieces and without existing textures, but maybe this could be solved repointing the texture offset to free space and importing a new texture, I already hacked the textures in this game, for uncensor the trophy girl and Hillary Clinton banknotes, then I should succeed to re-insert them, but maybe the first step to begin could be discover if this routine is only turned off or totally cleared.

From my sources had to be present in the beta or alpha, but removed during nintendo revision, 'cause the release was delayed to censor it, according to the news of that period.
brian151
Banned
The administration (as well as a few users) have decided that you're creepy/weird enough that it's time to activate the sploded clause.
Laters.


Level: NaN


Posts: 167/-249
EXP: NaN
For next: 0

Since: 08-09-16
From: USA

Since last post: 50 days
Last activity: 23 days

Posted on 06-04-17 02:37:06 PM Link | Quote
@BoringPerson
more or less, same... I wanted to find a certain routine (or set thereof) in x86 ASM that loads a proprietary resource file format. I've since stalled said project cuz IDK what I'm doing. I don't have the time or really even the skills, for the foreseeable future.

Your analogy is spot-on. This even can happen in the high-level languages, especially when obfuscation is involved. Oh, let's add-on that besides the code... there's the entire data section of the ROM likely hard-coded within a certain offset! So ASM hacking can even touch on the requirement of understanding the filesystem structure!

I've always had the great appreciation for them, I am truly impressed by what they can do. I'd probably over-estimate the amount of time such a hack would take...lol

bold section i'll generally ignore, but lol... the "MMO rare drop" thing, I can relate to...THAT experience

@CruisinEma
I won't argue with your logic. Believe me when I say re-doing stuff or buying it again is not exactly my favorite thing to do.

Probably why no one helped me, either

Is the game's filesystem structure even known?

Yeah, finding old news sometimes is difficult. What you're saying would sound accurate, especially back then, censorship was a huge deal. With Nintendo, pretty sure it is to this day. I recall a rare dev talking about this in regards to Conker, and he was shocked how much made it through! My same impression, I'm not offended by it at all, but I'm shocked it got past the censors, it's got some heavy stuff!
CruisnEma
Member
Level: 19


Posts: 58/79
EXP: 31861
For next: 3916

Since: 02-01-12


Since last post: 33 days
Last activity: 10 days

Posted on 06-04-17 02:55:02 PM Link | Quote
I have something that Vexiant found for me:

0x8011fbc0,osCreateThread
0x8011fd10,osStartThread
0x8011ffe0,osCreateMesgQueue
0x80120370,osViSetMode
0x801203e0,osViSetSpecialFeatures
0x801205a0,osViSetEvent
0x80120610,osViBlack
0x80120680,alHeapInit
0x801223a0,osEepromProbe
0x80122690,osRecvMesg
0x801227d0,osWritebackDCache
0x80122850,osInvalDCache
0x80122900,osInvalICache
0x80122a90,osSetEventMesg
0x80122b00,osSpTaskYielded
0x80122b80,osViSwapBuffer
0x80122bd0,osViGetCurrentFramebuffer
0x80122bd0,osViGetNextFramebuffer
0x80122c10,osSpTaskYield
0x80122c30,osSendMesg
0x80122d80,osWritebackDCacheAll
0x80122ecc,osSpTaskLoad
0x8012302c,osSpTaskStartGo
0x80123120,osGetTime
0x801231b0,__ull_rshift
0x801231dc,__ull_rem
0x80123218,__ull_div
0x80123254,__ll_lshift
0x80123280,__ll_rem
0x801232bc,__ll_div
0x80123318,__ll_mul
0x80123348,__ull_divremi
0x801233a8,__ll_mod
0x80123444,__ll_rshift
0x80123480,osAiSetFrequency
0x801235e0,alHeapDBAlloc
0x80123640,alUnlink
0x80123670,alLink
0x80123694,alClose
0x801236cc,alInit
0x80123700,osVirtualToPhysical
0x80123780,osAiSetNextBuffer
0x80123830,osAiGetLength
0x80123f10,alSynAddPlayer
0x80123f60,_allocatePVoice
0x80124048,alSynAllocVoice
0x80124190,alSynStartVoiceParams
0x80124280,alSynSetPitch
0x80124310,alSynSetVol
0x801243b0,alSynSetPan
0x80124440,alSynStopVoice
0x801244c0,alSynFreeVoice
0x80124570,alSynSetPriority
0x80124580,osSetTimer
0x80124660,osContStartReadData
0x80124724,osContGetReadData
0x801248c0,osContStartQuery
0x80124944,osContGetQuery
0x80124970,__d_to_ll
0x8012498c,__f_to_ll
0x801249a8,__d_to_ull
0x80124a48,__f_to_ull
0x80124ae4,__ll_to_d
0x80124afc,__ll_to_f
0x80124b14,__ull_to_d
0x80124b48,__ull_to_f
0x80124b80,__osSetSR
0x80124b90,__osGetSR
0x80124ba0,__osSetFpcCsr
0x80124bb0,__osSiRawReadIo
0x80124bb0,__osSpRawReadIo
0x80124c00,__osSiRawWriteIo
0x80124c00,__osSpRawWriteIo
0x801254c0,osMapTLBRdb
0x80125520,osPiRawReadIo
0x801255c0,bzero/_bzero/blkclr/_blkclr
0x80125660,__osDisableInt
0x80125680,__osRestoreInt
0x801256a0,__osDequeueThread
0x801257a0,osGetThreadPri
0x801257c0,osSetThreadPri
0x801258a0,osPiRawStartDma
0x80126040,__osViSwapContext
0x801263a0,osGetCount
0x80126470,__osSiRawStartDma
0x80127e10,__osContRamRead
0x80128390,__osContRamWrite
0x80128740,osEepromWrite
0x801289fc,__osEepStatus
0x80128c20,osEepromRead
0x8012af80,alSynAllocFX
0x8012b020,alMainBusParam
0x8012b050,alMainBusPull
0x8012b170,alLoadParam
0x8012b344,alRaw16Pull
0x8012b81c,alAdpcmPull
0x8012bcc0,alResampleParam
0x8012bdac,alResamplePull
0x8012bfc0,_ldexpf
0x8012bfe8,_frexpf
0x8012c0d4,alEnvmixerParam
0x8012c6cc,alEnvmixerPull
0x8012cc20,alAuxBusParam
0x8012cc50,alAuxBusPull
0x8012cd30,alSaveParam
0x8012cd64,alSavePull
0x8012ce50,__osSiDeviceBusy
0x8012d430,osDestroyThread
0x8012d530,__osSetCompare
0x8012d540,__osContAddressCrc
0x8012d5f0,__osContDataCrc
0x8012e790,alFilterNew
0x8012f3c0,alCopy
0x8012f440,__osGetCause
0x8012f450,__osAtomicDec
0x8012f4b0,lldiv
0x8012f5b0,ldiv
0x8013a580,osViModeNtscLpn1
0x8013a5d0,osViModeNtscLpf1
0x8013a670,osViModeNtscLaf1
0x8013a6c0,osViModeNtscLpn2
0x8013a710,osViModeNtscLpf2
0x8013a760,osViModeNtscLan2
0x8013a7b0,osViModeNtscLaf2
0x8013a800,osViModeNtscHpn1
0x8013a850,osViModeNtscHpf1
0x8013a8a0,osViModeNtscHan1
0x8013a8f0,osViModeNtscHaf1
0x8013a940,osViModeNtscHpn2
0x8013a990,osViModeNtscHpf2
0x8013a9e0,osViModeMpalLpn1
0x8013aa30,osViModeMpalLpf1
0x8013aa80,osViModeMpalLan1
0x8013aad0,osViModeMpalLaf1
0x8013ab20,osViModeMpalLpn2
0x8013ab70,osViModeMpalLpf2
0x8013abc0,osViModeMpalLan2
0x8013ac10,osViModeMpalLaf2
0x8013ac60,osViModeMpalHpn1
0x8013acb0,osViModeMpalHpf1
0x8013ad00,osViModeMpalHan1
0x8013ad50,osViModeMpalHaf1
0x8013ada0,osViModeMpalHpn2
0x8013adf0,osViModeMpalHpf2
0x8013bdb0,__osRcpImTable



But I dont' know the file system structure.


BoringPerson
Member
Level: 9


Posts: 8/32
EXP: 2779
For next: 383

Since: 01-28-17


Since last post: 27 days
Last activity: 18 hours

Posted on 06-04-17 05:45:46 PM (last edited by BoringPerson at 06-04-17 06:05:20 PM) Link | Quote
You wouldn't happen to have one of those for osSyncPrintf, would you?

e: Or anything else with "printf" in it, for that matter (though osSyncPrintf might be the only one). In theory, it could help figure out when certain debug messages are printed and why. (Though in practice, it could be yet another dead end, for example if neither of those is used to print debug messages, or if debug messages have been disabled entirely. And I don't even know for sure whether the rom even contains osSyncPrintf or not.)
CruisnEma
Member
Level: 19


Posts: 59/79
EXP: 31861
For next: 3916

Since: 02-01-12


Since last post: 33 days
Last activity: 10 days

Posted on 06-04-17 06:15:23 PM Link | Quote
I don't know, I don't know ASM.

Should be the N64 disasm or something similar, but I think could be helpful.

However I know that someone use Nemu64 that have a debugger to hack ASM, Cruis'n USA have a boot menu that crash in Nemu64, but I found a cheat code to bypass the crash. Do you have Nemu64 debugging experience?
brian151
Banned
The administration (as well as a few users) have decided that you're creepy/weird enough that it's time to activate the sploded clause.
Laters.


Level: NaN


Posts: 168/-249
EXP: NaN
For next: 0

Since: 08-09-16
From: USA

Since last post: 50 days
Last activity: 23 days

Posted on 06-04-17 10:12:06 PM Link | Quote
@BoringPerson
By my judgement, these probably do or did exist in the ROM at some point. They smell a lot like identifiers, and most of them to functions. If there's any way to link them back to the compiled code is another story.

@CruisinEma
Can you ask this 'Vexiant' for more information/help?
CruisnEma
Member
Level: 19


Posts: 60/79
EXP: 31861
For next: 3916

Since: 02-01-12


Since last post: 33 days
Last activity: 10 days

Posted on 06-05-17 07:54:19 AM Link | Quote
Nope, he is offline since a year.

But he sayed this about the functions pasted before:

"just two simple dumbs to see the OS functions"

and wrote another post:


The file table was found last night by fkualol and Twili (as well as track table in RAM).

0x80132090
0x80132260
//Track Table (RAM)

I'll need to make a program to make a program to do the work for me instead of mapping out the files by hand like a mad man.
Format

Start 0x80590
End 0x98CC4
The file table is 18734 bytes long (including header)

Header: 00 00 30 E6

Example File1:
30 00 02 08 03 01 87 34
XX YY YY YY ZZ AA AA AA

X = Unkown
Y = File size
Z = File type?
01
02
03
04
05
06
07
08
09
0B (only saw twice at the beginning)
0C (only saw once)
A = Offset of the file relative to 0x80590

File offsets

1 0x98CC4 //Mexico?
2 0x98ECC //Mexico?
3 0x994D4
4 0x996DC
5 0x9A2E4
6 0x9A4EC
7 0x9AEF4
8 0x9B0FC
9 0x9BB04
10 0x9C50C
11 0x9CB14
12 0x9D51C
13 0x9df24
14 0x9E52C
15 0x9F134
15 0x9F73C
15 0x9F944
15 0x9FB74
16 0x9FCFC
17 0x
so on so on so on etc etc


However I don't know if could be helpful.
BoringPerson
Member
Level: 9


Posts: 9/32
EXP: 2779
For next: 383

Since: 01-28-17


Since last post: 27 days
Last activity: 18 hours

Posted on 06-05-17 10:21:31 AM (last edited by BoringPerson at 06-11-17 07:04:48 PM) Link | Quote
Oh, you know what would be nice? In some games like Mario Kart 64, they already figured out where osSyncPrintf is. I wonder if that function looks the same between different games*. If so, maybe I can find osSyncPrintf in Cruis'n USA. However, I'm hoping osSyncPrintf will print debug strings, but so far it looks like the debug strings in Cruis'n USA aren't referenced (i.e. used) by any function, at least not in an obvious way that my disassembler** can detect.

If you have a code that lets you boot Cruis'n USA in nemu64 without crashing, please share! Also, if you have any links to forum posts and pages with useful information, go ahead and mention them here.

* Even if the function is "identical" in both places, there will still be some differences because I think all the functions are located in different places.

**I was looking at it with a program called N64 MIPS Disassembler. If anyone feels like using it, be aware (A) You have to create the folder C:\temp before you run it or else it will crash, and (B) It takes a long time to work, and after the progress bar is done it will appear to freeze for a minute or so before it finally finishes. Also, I got it to work on Linux via Wine (but not Mono) after following step (A)...but it stopped working, so I have to use Windows for now.
CruisnEma
Member
Level: 19


Posts: 61/79
EXP: 31861
For next: 3916

Since: 02-01-12


Since last post: 33 days
Last activity: 10 days

Posted on 06-05-17 10:57:11 AM (last edited by CruisnEma at 06-05-17 11:00:08 AM) Link | Quote
I don't know the functions you're talking, I don't know however if they could be similar, 'cause Cruis'n USA was a launch title, Mario Kart instead not, N64 games evolved during console's life cycle and Cruis'n USA was developed by Midway, a 2nd party software house and ported by Williams, instead Mario Kart was developed by Nintendo, I think they are different.

However the cheat codes to bypass Nemu crash are these:


EUROPEAN:
81111B70 2400 bypass rom (E)
81150602 3FFF unlock all tracks

Are from a cheat codes website, not easy to find however, I add also the cheat codes to unlock all the tracks to play the tracks IOWA and INDIANA where the animals should appear, otherwise you'll have to unlock them.
BoringPerson
Member
Level: 9


Posts: 10/32
EXP: 2779
For next: 383

Since: 01-28-17


Since last post: 27 days
Last activity: 18 hours

Posted on 06-11-17 07:52:26 PM (last edited by BoringPerson at 06-12-17 02:12:40 AM) Link | Quote
I didn't expect to make any progress at all, but I made a little progress with that debug message "RK SECT %i NOT VISIBLE".

A shortened summary:
- I don't care about osSyncPrintf anymore, I don't need it.
- The game actually "prints" debug messages in the background. During a normal race, it doesn't print the "RK SECT" message you asked about.
- But it looks like "RK SECT" is related to running into something.

The long version (which is not very well-organized...):

So before, I was loading the Cruis'n USA rom into the N64 MIPS disassembler, and it sucked because the function calls didn't seem to point to actual functions, and nothing seemed to point to the debug messages. I tried some things to fix this, but they didn't work (including getting the official N64 SDK, using it to compile some modified demos, and searching for matching assembly code in the Cruis'n USA rom).

At this point, I start to suspect that I'll need a memory dump from when the game is actually running, because the code in the rom isn't lined up the same way it would be lined up in memory.

The big breakthrough was finding Project64d, a fork of Project64 with a built-in debugger (that, unlike the official Project64's debugger, actually works for me!). I got the latest unstable build on that page (6-5-17 as of today) because it also lets me dump raw memory.

So, one thing I discovered is that the game loads different debug messages into memory depending on where you are in the game. For example, that debug message "RK SECT %i NOT VISIBLE", I think it isn't actually in memory until you enter a race. So I entered a race, dumped the raw memory, and loaded that into the disassembler.

And bingo! Immediately I see a function that is called with "RK SECT %i NOT VISIBLE" as an argument!
- This same function is called in other places with other debug messages, too. In fact, if I use Project64d to set a breakpoint at that function and then play the game, the game will pause every time it would "print" a debug message (though you won't actually see it printed in-game).
- Fun fact, the game "prints" some messages about the Memory Paks when you go to load a save.

So in Project64d, I set a breakpoint at the code that prints "RK SECT %i NOT VISIBLE". And then I play the game, waiting for the breakpoint to go off. But it never does, which means the message never prints.
Like so:

I'm not very surprised; "RK SECT %i NOT VISIBLE" kind of looks like an error message, and a retail game isn't supposed to get errors.

So, we know that the code that should print "RK SECT %i NOT VISIBLE" never actually executes. But the disassembler tells me there's another function that contains a call to this code. Maybe that function will execute? So I set a breakpoint there. Nope, that function doesn't execute. How about the function that calls that function? So I set a breakpoint there....

Nope, none of these functions so far execute during a normal race. But if I go even further...

Yes! We get some useful breakpoints!

(The addresses in all these pictures are from the U.S. version 1.0 rom.)

So, it looks the message "RK SECT %i NOT VISIBLE" may be related to running into something, but I don't know what.



Edit:
Using the debugger, I forced the game to execute the function labeled "parent 2 of parent function" in the picture above. I hoped it would make the game do something different when you crash into a roadblock... but as soon as I hit the roadblock, the game freezes. Maybe the game tries to gib the roadblock and fails because it's not a deer/cow. (Or maybe that function isn't related to gibbing at all. I don't know.)

From this point, I think the assembly hacking would get ridiculously hard (basically I'd have to figure out why the game crashes and make it not crash). In any case, I'm kind of burned out, so unfortunately my involvement ends here.

If anyone else is interested, I think the next course of action isn't assembly hacking... Instead, figure out how to edit the track so you can replace roadblocks with different object types. If you're really lucky, there could be an unused object type for cows or deer.
CruisnEma
Member
Level: 19


Posts: 62/79
EXP: 31861
For next: 3916

Since: 02-01-12


Since last post: 33 days
Last activity: 10 days

Posted on 06-13-17 06:17:45 AM Link | Quote
Mhh, ok, thank you, is very useful, however what you mean about "roadblock"? A wall or a simple obstacle like a road sign? If you tell me how repeat your experiment maybe I'll can try to hit different obstacles, maybe in the specific tracks like Indiana and Iowa, maybe crash with some obejcts but not with other else, as example, GIB routine is ported in Cruis'n World, 2 animals very far that you can only reach with Power level 6 and Speed demon car. When a friend tried to apply the function to the other near animals once stricken the game freezes. Without clear reasons. Could be the same thing, but maybe the game couldn't freeze with other objects.

Last question: You think that an object, like a cow, if inserted in the track could have a default function? Or you have to set it? I ask this 'cause the people at the finish line is without functions, if you use a cheat code to go over the finish line you can go further and pass trough them, but nothing happen. In the arcade once I taken a girl, I don't know how I did it, and her bended and continued with her arms animation. Was very funny, but in the N64 port don't happen. I don't know then if a cow could have a default function of is necessary set it.
BoringPerson
Member
Level: 9


Posts: 11/32
EXP: 2779
For next: 383

Since: 01-28-17


Since last post: 27 days
Last activity: 18 hours

Posted on 06-15-17 04:14:54 AM (last edited by BoringPerson at 06-15-17 04:22:24 AM) Link | Quote
Yea, by "roadblock" I was referring to those striped orange-and-white road signs that go flying when you hit them.

I'm not sure I understand what you want to do (I'm not very familiar with the game), but if you want to try my experiment for yourself, here are the codes:

Rom version: Cruis'n USA (U) (V1.0)

Force unused collision function:
81040D08 0000
81040D0A 0000
In-game results: When you crash into a movable obstacle (like a roadblock sign or barrel), the game will freeze.
Technical details: This changes a certain branch to a NOP. Usually that branch skips over a function, but this code forces the game to execute it every time you crash into a movable obstacle.


And actually, I just found out how make it not freeze!
Prevent freezing with "force unused collision function":
81041A20 0000
81041A22 0000
81041A2C 0000
81041A2E 0000
In-game results: So, when you crash into something, the game doesn't freeze anymore.
- The first movable obstacle you hit (roadblock sign, barrel, etc) will make your car spin out.
- I think the obstacle disappears too, but unfortunately I wasn't paying enough attention to be sure.
- It's kind of buggy: after you recover from spinning out, you'll pass right through movable obstacles instead of hitting them. This could be how the game's function works, or maybe my codes simply broke something.
Technical details: Normally, the game tries to load two floating-point values from an address that is passed to it. In this case, the address is 00000000, which causes an exception and freezes the game. The codes simply stops those two floating-point values from being loaded at all-- it turns both load instructions into NOP instructions.


So, I guess two questions you can answer:
- In Cruis'n games, does your car normally spin out when you hit an animal?
- When you try out the codes above, when you hit a sign/barrel/etc and spin out, does the sign/barrel/etc disappear?
CruisnEma
Member
Level: 19


Posts: 63/79
EXP: 31861
For next: 3916

Since: 02-01-12


Since last post: 33 days
Last activity: 10 days

Posted on 06-15-17 09:25:51 AM (last edited by CruisnEma at 06-15-17 10:49:14 AM) Link | Quote
Usually when you hit a road sign you bend it to the ground.

Almost all objects bend to the ground.

Something, like mail boxes and garbage bins fly away.

And yeah, sometimes when you hit an animal you spin around, I don't know if you mean around or out in a different mode, I try the code now and I'll answer to you, perhaps you have found the ASM but the meat chunks are removed.

EDIT

Is strange, you found certainly something, I don't know if is the GIB, but in Golden Gate the 'lil road signs don't disappear, but the Mailing boxes in S. Francisco yes, and is strange, 'cause normally you can drag them if you hit them slow, maybe some objects are not planned to disappear, but maybe COWS and DEERS yes. And you spin around but faster by normal spin around, can you investigate if after stricken a mail box remains pieces of something in the street? Maybe are invisible (without textures), in the arcade if you hit the pieces you drag them without hear nothing and without lose speed. Then I don't know if the pieces are present or not, can you discover it with the debugger please?

I don't know if you found it, but when you hit the deer it actually disappear instantly! And explodes in meat pieces and few blood drops.
CruisnEma
Member
Level: 19


Posts: 64/79
EXP: 31861
For next: 3916

Since: 02-01-12


Since last post: 33 days
Last activity: 10 days

Posted on 06-15-17 04:59:30 PM (last edited by CruisnEma at 06-15-17 05:04:14 PM) Link | Quote
I was a bit confused with Cruis'n World, when you hit the deer in Cruis'n USA, also if you walk slow, you spin ALWAYS out!

Then could be exactly the gib routine! Still make disappear the stricken object, only the exploding sound and the meat pieces are missing, could be invisible (without textures) or removed.

Also the deer and the cow uses 2 different meat pieces, the animation is the same, but the objects are different.

You made a code to hit an object and force this routine, maybe the game normally freeze with other objects 'cause have to choose the pieces animation? The code for disable the freeze actually disable an object's check to check what object is stricken?
Pages: 1 2 3Next newer thread | Next older thread
Jul - Game Research/Hacking/Modding - I offer 50$ to restore GIB routine in Cruis'n USA New poll - New thread - New reply




Rusted Logic

Acmlmboard - commit 2f1bc75 [2017-08-27]
©2000-2017 Acmlm, Xkeeper, Inuyasha, et al.

27 database queries, 14 query cache hits.
Query execution time: 0.181216 seconds
Script execution time: 0.019654 seconds
Total render time: 0.200870 seconds