User Tools

Site Tools


mission_impossible

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision
Previous revision
mission_impossible [2019/06/17 01:10]
shygoo link rom map & sool engine pages
mission_impossible [2019/07/01 05:23]
shygoo
Line 1: Line 1:
 ====== Mission Impossible Hacking ====== ====== Mission Impossible Hacking ======
 +~~NOTOC~~
 **June 2019 [[rom_of_the_month]]** **June 2019 [[rom_of_the_month]]**
- 
-This page is under construction! Feel free to add notes and links in whatever way you see fit - we'll polish everything towards the end of the month. 
 ---- ----
 +<WRAP group>
 +<WRAP half column>
 ===== Tools ===== ===== Tools =====
-  * [[https://​github.com/​hack64-net/​rotm/​releases/​tag/​miextract|miextract]] - Basic command-line ​ROM decompressor +  ​* [[https://​github.com/​hack64-net/​rotm/​tree/​master/​mission_impossible/​miviewer|miviewer]] - Model viewer & exporter 
- +  ​* [[https://​github.com/​hack64-net/​rotm/​releases/​tag/​miextract|miextract]] - ROM decompressor 
-----+  * [[https://​github.com/​hack64-net/​rotm/​tree/​master/​mission_impossible/​soold|soold]] ​SOOL disassembler 
 +===== Memory Maps ===== 
 +  * [[mission_impossible:​rom_map|ROM Map]] 
 +  * [[mission_impossible:​functions|Function List]] 
 +</​WRAP>​ 
 +<WRAP half column>​ 
 +===== Notes ===== 
 +  * [[mission_impossible:​sool_engine]] 
 +  * [[mission_impossible:​structs|Structs]]
 ===== See Also ===== ===== See Also =====
-  * [[mission_impossible:​rom_map]] 
-  * [[mission_impossible:​sool_engine]] 
   * [[https://​hack64.net/​Thread-RotM-June-2019-Mission-Impossible|Mission Impossible discussion thread]]   * [[https://​hack64.net/​Thread-RotM-June-2019-Mission-Impossible|Mission Impossible discussion thread]]
   * [[https://​hackmd.io/​-WVc2PjoSkS06XMpV55bsw?​edit|n64split config]]   * [[https://​hackmd.io/​-WVc2PjoSkS06XMpV55bsw?​edit|n64split config]]
 +  * [[https://​hackmd.io/​@shygoo/​Byq2TYWkr|SOOL Interpreter partial decomp]]
 +</​WRAP>​
 +</​WRAP>​
  
----- 
-===== SDK Functions ===== 
-<​code>​ 
-80072CA0 alHeapInit 
-80072CE0 alHeapDBAlloc 
-80072D30 alSynNew 
-80072FFC alAudioFrame 
-800731AC __allocParam 
-800731D8 __freeParam 
-800731F0 _collectPVoices 
-80073244 _freePVoice 
-800732CC _timeToSamples 
-800733C0 alSynDelete 
-800733D0 alSynAddPlayer 
-80073420 alSynAllocVoice 
-80073548 _allocatePVoice 
-80073600 alSynStopVoice 
-80073680 alSynStartVoice 
-80073720 alSynSetPitch 
-800737B0 alSynSetVol 
-80073900 alSynSetPan 
-80073990 alSynAllocFX 
-80073A30 _nsqrtf 
-80073A40 __cosf 
-80073B90 coss 
-80073BC0 guLookAtF 
-80073F40 guLookAt 
-8007462C guMtxXFMF 
-80074790 guPerspectiveF 
-80074940 guPerspective 
-80074BF0 __sinf 
-80074D90 sins 
-80074EC0 guRandom 
-80074EF0 osAiGetLength 
-80074F00 osAiSetFrequency 
-800750D0 osViSetSpecialFeatures 
-80075240 osViBlack 
-800752A0 osContSetCh 
-80075300 osEepromProbe 
-80075680 osPfsInitPak 
-80075F70 osCreatePiManager 
-80075F78 __Dom2SpeedParam 
-80075F8C __osPiTable 
-80075F90 __osCurrentHandle 
-80076100 __osEPiRawStartDma 
-800762D0 __osDevMgrMain 
-80076690 __osSiCreateAccessQueue 
-80076692 __osBbFatBlock 
-80076694 __osSiAccessQueue 
-80076698 __osPiAccessQueue 
-800766E4 __osSiGetAccess 
-80076750 __osPiRelAccess 
-80076780 osPiStartDma 
-80076830 strchr 
-80076870 strlen 
-80076894 memcpy 
-800768C0 sprintf 
-80076A00 __osDisableInt 
-80076A20 __osRestoreInt 
-80076AA0 osSetIntMask 
-80076BC0 osWritebackDCacheAll 
-80076BF0 osCreateMesgQueue 
-80076C20 osCreateThread 
-80076CF0 osGetThreadPri 
-80076D10 osGetTime 
-80076DA0 osJamMesg 
-80076EE0 osRecvMesg 
-80077010 __osResetGlobalIntMask 
-80077060 osSendMesg 
-80077190 fbPixel 
-800771F0 __osSetGlobalIntMask 
-80077230 osSetThreadPri 
-800773A0 osStartThread 
-800774C0 __osDequeueThread 
-800774C8 __osRunQueue 
-800774CC __osActiveQueue 
-800774D0 __osRunningThread 
-800774D4 __osFaultedThread 
-80077500 __osTimerServicesInit 
-80077504 __osProfileOverflowBin 
-80077508 __osCurrentTime 
-80077554 __osTimerInterrupt 
-80077800 osVirtualToPhysical 
-80077860 osYieldThread 
-800778C0 osCreateScheduler 
-80077A08 osScAddClient 
-80077A60 osScRemoveClient 
-80077AF0 osScGetCmdQ 
-800791E0 osContStartReadData 
-80079268 osContGetReadData 
-800793C0 osContInit 
-800793C1 __osContLastCmd 
-800793C4 __osEepromTimerMsg 
-800793C8 __osEepromTimer 
-800793D0 __osContPifRam 
-800798F0 osPfsIsPlug 
-80079900 __osPfsPifRam 
-80079A6C __osPfsRequestData 
-80079B10 __osPfsGetInitData 
-8007A910 _init_lpfilter 
-8007A9B4 alFxNew 
-8007B140 alAdpcmPull 
-8007B584 alRaw16Pull 
-8007B920 alLoadParam 
-8007BC50 alAuxBusPull 
-8007BD2C alAuxBusParam 
-8007CA90 alFilterNew 
-8007CAB0 alMainBusPull 
-8007CBF0 alMainBusParam 
-8007CC20 alResamplePull 
-8007CE0C alResampleParam 
-8007DBD0 __udiv_w_sdiv 
-8007DBE0 alCopy 
-8007DC20 __osAiDeviceBusy 
-8007DC40 osDpSetNextBuffer 
-8007DCE0 osSpTaskLoad 
-8007DEEC osSpTaskStartGo 
-8007DF20 osSpTaskYield 
-8007DF40 osSpTaskYielded 
-8007DF90 __osViInit 
-8007DFF0 __osViCurr 
-8007DFF4 __osViNext 
-8007E0A0 osViGetNextFramebuffer 
-8007E120 osCreateViManager 
-8007E13C __additional_scanline 
-8007E450 osViSetEvent 
-8007E4B0 osViSetMode 
-8007E500 osViSwapBuffer 
-8007E840 __osSpRawWriteIo 
-8007E8D0 __osSpRawReadIo 
-8007FD74 __osPiRawWriteIo 
-8007FDE0 __osPiRawStartDma 
-8007FEB0 osPiGetCmdQueue 
-8007FEC0 __osGetActiveQueue 
-80080650 _bcopy 
-80080970 _bzero 
-80080A10 _Printf 
-80081460 osGetCount 
-80081470 __osGetSR 
-80081500 __osProbeTLB 
-800815C0 __osSetCompare 
-800815D0 __osSetFpcCsr 
-800815E0 __osSetSR 
-800815F0 osMapTLBRdb 
-80081650 osDestroyThread 
-80081720 __osDpDeviceBusy 
-80081740 __osSpDeviceBusy 
-80081760 __osSpGetStatus 
-80081770 __osSpSetStatus 
-80081780 __osSpSetPc 
-800817B0 __osSpRawStartDma 
-800818B0 __osGetCurrFaultedThread 
-800818C0 __osSiDeviceBusy 
-800818E0 _Litob 
-80081B30 _Ldtob 
-800825C0 ldiv 
-80082644 lldiv 
-</​code>​ 
- 
----- 
-===== "​Burp"​ Headers ===== 
-Burp headers describe a series of compressed or uncompressed data blocks in ROM. 
-<​code>​ 
-struct BurpBlock 
-{ 
-    u32 dstSize; 
-    u32 srcSize; 
-    u32 unk08; 
-    u32 offset; // relative to start of BurpHeader 
-    u8 unk10[4]; ​ // 00000000 when dst and src are the same size, otherwise 04000000 
-}; 
- 
-struct BurpHeader 
-{ 
-    char   ​signature[4]; ​ // "​Burp"​ 
-    u32    numBlocks; 
-    struct BurpBlock blocks[]; 
-}; 
-</​code>​ 
- 
-Map of all burp headers: https://​pastebin.com/​raw/​QT8gVWun 
- 
----- 
-===== Level Objects ===== 
-<​code>​ 
-struct Object { 
-    /*0x00*/ void *unk00; 
-    /*0x04*/ void *unk04; 
-    /*0x08*/ u32   ​unk08;​ 
-    /*0x0C*/ u32   ​unk0C;​ 
-    /*0x10*/ u8    unk10[2]; 
-    /*0x12*/ u16   ​unk12;​ // unioned with two u8's 
-    /*0x14*/ u16   ​unk14;​ 
-    /*0x16*/ u16   ​unk16;​ 
-    /*0x18*/ vec3f position; 
-    /*0x24*/ u8    unk24[0x0E];​ 
-    /*0x32*/ u16   ​unk16;​ 
-    /*0x34*/ u8    unk34[0x0C];​ 
-    /*0x40*/ vec3f rotation; 
-    /*0x4C*/ s32   ​timer; ​   // copied from gFrameCount 
-    /*0x50*/ u8    unk50[2]; // player: FFFF 
-    /*0x52*/ u16   ​unk52; ​   // some flags? unsetting bit 5 makes object invisible 
-    /*0x54*/ s32   ​unk54; ​   // maybe an animation counter, but locking it seems to have no effect 
-    /*0x58*/ u8    unk58[4]; // 003d0900 for player object 
-    /*0x5C*/ s32   ​unk5C;​ 
-    /*0x60*/ struct Object *unk60; 
-    /*0x64*/ u8    unk64[4]; 
-    /*0x68*/ s16   ​unk68;​ // 0x0004 for player object 
-    /*0x68*/ s16   ​unk6A;​ // 0x0005 for player object ​ 
-    /*0x6C*/ s32   ​unk6C;​ 
-    /*0x70*/ u8    unk70[8]; 
-    /*0x78*/ u16   ​unk78;​ 
-    /*0x7A*/ u16   ​unk7A;​ 
-    /*0x7C*/ u8    unk7C[4]; // 00058800 for player object 
-}; 
-</​code>​ 
- 
-<​code>​ 
-/​*80086190*/​ struct Object *gLevelObjects;​ 
-/​*80093840*/​ s16 gNumLevelObjects;​ 
-</​code>​ 
- 
-Below is the header struct for level object placement data. When a level is loaded, one of these structs is decompressed from ROM along with ObjectPosRot and ObjectPosArray structs that follow. All pointer members of this struct are initially offsets relative to the beginning of the struct, but the game converts them to virtual addresses in-place. 
-<​code>​ 
-struct ObjectPlacements 
-{ 
-    /*0x00*/ s32    numPlacements0;​ 
-    /*0x04*/ struct ObjectPosRot *placements0;​ 
-    /*0x08*/ s32    numPlacements1;​ 
-    /*0x0C*/ struct ObjectPosRot *placements1;​ 
-    /*0x10*/ s32    numPlacements2;​ 
-    /*0x14*/ struct ObjectPosRot *placements2;​ // unconfirmed type 
-    /*0x18*/ s32    numPlacements3;​ 
-    /*0x1C*/ struct ObjectPosArray *placements3[];​ 
-}; 
-</​code>​ 
- 
-<​code>​ 
-struct ObjectPosRot 
-{ 
-    /*0x00*/ u8    unk00[2]; 
-    /*0x02*/ vec3s position; 
-    /*0x08*/ vec3s rotation; 
-}; 
-</​code>​ 
- 
-<​code>​ 
-struct ObjectPosArray 
-{ 
-    /*0x00*/ s32   ​numPositions;​ 
-    /*0x04*/ vec3s positions[];​ 
-}; 
-</​code>​ 
- 
-<​code>​ 
-/​*0x800A98CC*/​ struct ObjectPlacements *gObjectPlacements;​ 
-</​code>​ 
- 
-Breakdown of object placement data for the first mission: https://​pastebin.com/​raw/​657rL7jD 
mission_impossible.txt · Last modified: 2019/07/01 05:23 by shygoo