make client functions parameterizable by version

2025-06-01 20:50:48 -07:00
parent 1a6b26e56b
commit bee4c55446
453 changed files with 3636 additions and 21378 deletions
@@ -11,7 +11,7 @@ start:
  mov.l     r5, [arg1]
  mov.l     r6, [arg2]
  mov.l     r7, [arg3]
-  calls     r0
+  calls     [r0]
  nop
  lds.l     pr, [r15]+
  rets
@@ -19,12 +19,12 @@ start:

  .align 4
 call_addr:
-  .zero
+  .data     0
 arg0:
-  .zero
+  .data     0
 arg1:
-  .zero
+  .data     0
 arg2:
-  .zero
+  .data     0
 arg3:
-  .zero
+  .data     0
@@ -0,0 +1,44 @@
+# (uint16_t entity_id @ eax) -> TObjectV00b441c0* @ eax
+# Preserves all registers except eax
+get_enemy_entity:
+  push      esi
+  push      edi
+  push      edx
+  push      ecx
+  xor       edx, edx
+  xchg      edx, eax
+  cmp       edx, 0x1000
+  jl        done
+  cmp       edx, 0x4000
+  jge       done
+
+  mov       esi, [0x00AAE168]  # bs_low = next_player_entity_index
+  mov       edi, [0x00AAE164]
+  lea       edi, [edi + esi - 1]  # bs_high = next_player_entity_index + next_enemy_entity_index - 1
+bs_again:
+  cmp       esi, edi
+  jge       bs_done
+  lea       ecx, [esi + edi]
+  shr       ecx, 1
+  mov       eax, [ecx * 4 + 0x00AAD720]  # all_entities[ecx]
+  cmp       [eax + 0x1C], dx
+  jge       bs_not_less
+  lea       esi, [ecx + 1]
+  jmp       bs_again
+bs_not_less:
+  mov       edi, ecx
+  jmp       bs_again
+bs_done:
+
+  mov       eax, [esi * 4 + 0x00AAD720]  # all_entities[bs_low]
+  test      eax, eax
+  je        done
+  xor       ecx, ecx
+  cmp       [eax + 0x1C], dx
+  cmovne    eax, ecx
+
+done:
+  pop       ecx
+  pop       edx
+  pop       edi
+  pop       esi
@@ -1,8 +1,6 @@
 # This function is required for loading DOLs. If it's not present, newserv can't
 # serve DOL files to GameCube clients.

-.meta index=E0
-
 entry_ptr:
 reloc0:
  .offsetof start
@@ -1,5 +1,3 @@
-.meta index=E5
-
 entry_ptr:
 reloc0:
  .offsetof start
@@ -1,8 +1,6 @@
 # This function is required for loading DOLs. If it's not present, newserv can't
 # serve DOL files to GameCube clients.

-.meta index=E2
-
 entry_ptr:
 reloc0:
  .offsetof start
@@ -0,0 +1,42 @@
+# This file defines the following function:
+#   write_address_of_code(
+#     const void* patch_code,
+#     size_t patch_code_size,
+#     void** ptr_addr);
+# This function allocates memory for patch_code, copies patch_code to that
+# memory, then writes the address of the allocated code at the specified
+# pointer. The allocated memory is never freed.
+# This function pops its arguments off the stack before returning.
+
+write_call_to_code:
+  # [esp + 0x04] = code ptr
+  # [esp + 0x08] = code size
+  # [esp + 0x0C] = ptr addr
+
+  # Allocate memory for the copied code
+  mov       ecx, [0x00AAB404]
+  push      dword [esp + 0x08]
+  mov       eax, 0x007A8A38
+  call      eax  # malloc7
+  test      eax, eax
+  je        done
+
+  # Copy the code to the newly-allocated memory
+  # eax = dest pointer (from malloc7 call above)
+  mov       edx, [esp + 0x04]  # edx = source pointer
+  mov       ecx, [esp + 0x08]  # ecx = source size
+  push      ebx
+memcpy_again:
+  dec       ecx
+  mov       bl, [edx + ecx]  # Copy one byte from source to dest
+  mov       [eax + ecx], bl
+  test      ecx, ecx
+  jne       memcpy_again
+  pop       ebx
+
+  # Write the address
+  mov       ecx, [esp + 0x0C]
+  mov       [ecx], eax
+
+done:
+  ret       0x0C
@@ -49,7 +49,7 @@ memcpy_again:
  setl      al
  or        al, 0xE8
  mov       [edx], al  # Write E8 (call), or E9 (jmp) if size was negative
-  mov       [edx + 1], ecx  # Write E8 (call) followed by delta
+  mov       [edx + 1], ecx  # Write delta

  # Write as many nops after the call opcode as necessary
  mov       ecx, 5
@@ -0,0 +1,83 @@
+# This file defines the following function:
+#   write_call_to_code(
+#     const void* patch_code,
+#     size_t patch_code_size,
+#     size_t call_count,
+#     void* call_opcode_address,
+#     ssize_t call_opcode_bytes,
+#     ...);
+# This function allocates memory for patch_code, copies patch_code to that
+# memory, then writes a call or jmp opcode to call_opcode_address that calls
+# the code in the allocated memory region. The allocated memory is never freed.
+# call_opcode_bytes specifies how many bytes at the callsite should be
+# overwritten. This value must be at least 5; the first 5 bytes are overwritten
+# with the call/jmp opcode itself; the rest are overwritten with nop opcodes.
+# This function pops its arguments off the stack before returning (including
+# all the varargs).
+
+write_call_to_code:
+  # [esp + 0x04] = code ptr
+  # [esp + 0x08] = code size
+  # [esp + 0x0C] = callsite count
+  # [esp + 0x10] = callsite address
+  # [esp + 0x14] = callsite size
+  # ... (further callsite address/size pairs)
+
+  # Allocate memory for the copied code
+  mov       ecx, [0x00AAB404]
+  push      dword [esp + 0x08]
+  mov       eax, 0x007A8A38
+  call      eax  # malloc7
+  test      eax, eax
+  je        done
+
+  # Copy the code to the newly-allocated memory
+  # eax = dest pointer (from malloc7 call above)
+  mov       edx, [esp + 0x04]  # edx = source pointer
+  mov       ecx, [esp + 0x08]  # ecx = source size
+  push      ebx
+memcpy_again:
+  dec       ecx
+  mov       bl, [edx + ecx]  # Copy one byte from source to dest
+  mov       [eax + ecx], bl
+  test      ecx, ecx
+  jne       memcpy_again
+  pop       ebx
+
+  # Write the call opcodes
+  xchg      ebx, [esp + 0x0C]  # Save ebx; get callsite count
+  mov       [esp - 0x08], esi
+  mov       [esp - 0x0C], eax
+  mov       esi, 0x10  # Stack offset of first callsite pair
+
+next_callsite:
+  mov       edx, [esp + esi]  # edx = jump callsite
+  lea       ecx, [eax - 5]
+  sub       ecx, edx  # ecx = (dest code addr) - (jump callsite) - 5
+  mov       byte [edx], 0xE8
+  mov       [edx + 1], ecx  # Write E8 (call) followed by delta
+
+  # Write as many nops after the call opcode as necessary
+  mov       ecx, 5
+  mov       eax, [esp + esi + 4]
+write_nop_again:
+  cmp       ecx, eax
+  jge       this_callsite_done
+  mov       byte [edx + ecx], 0x90
+  inc       ecx
+  jmp       write_nop_again
+
+this_callsite_done:
+  mov       eax, [esp - 0x0C]
+  add       esi, 8
+  dec       ebx
+  jnz       next_callsite
+
+  mov       ecx, esi
+  mov       ebx, [esp + 0x0C]
+  mov       esi, [esp - 0x08]
+
+done:
+  mov       eax, [esp]
+  add       esp, ecx
+  jmp       eax
@@ -5,22 +5,22 @@
 # functions subsystem. There are three kinds of functions: includes, patches,
 # and general functions.

-# General functions are not version-specific (usually) but are architecture-
-# specific. This file, WriteMemoryGC, is a general function for all PowerPC
-# versions of PSO, which means all GameCube versions. General functions are
-# named like NAME.ARCH.s, where ARCH is sh4, ppc, or x86.
+# - General functions are not version-specific (usually) but are architecture-
+#   specific. This file, WriteMemoryGC, is a general function for all PowerPC
+#   versions of PSO, which means all GameCube versions. General functions are
+#   named like NAME.ARCH.s, where ARCH is sh4, ppc, or x86.

-# Includes are snippets of code that are intended to be used as part of other
-# general functions and patches. Includes are named like NAME.ARCH.inc.s, where
-# ARCH has the same meaning as above. These can be used with the .include
-# directive; there is an example of this in the code below.
+# - Includes are snippets of code that are intended to be used as part of other
+#   general functions and patches. Includes are named like NAME.ARCH.inc.s,
+#   where ARCH has the same meaning as above. These can be used with the
+#   .include directive; there is an example of this in the code below.

-# Patches are functions that are available to run upon client request. They can
-# be made available in the Patches menu or via the $patch command. Patches
-# should be named like PATCHNAME.VERS.patch.s, where VERS denotes which
-# specific game version the patch is for. These version codes are listed in
-# README.md, and directly correspond to values returned by the VersionDetect
-# functions, also in this directory.
+# - Patches are functions that are available to run upon client request. They
+#   can be made available in the Patches menu or via the $patch command.
+#   Patches should be named like PATCHNAME.VERS.patch.s, where VERS denotes
+#   which specific game version the patch is for. These version codes are
+#   listed in README.md, and directly correspond to values returned by the
+#   VersionDetect functions, also in this directory.

 # For example, to use this function to write the bytes 38 00 00 05 to the
 # address 8010521C, send_function_call could be called like this:
@@ -38,20 +38,20 @@
 # requested by the client, so those features should only be used in general
 # functions.

+# The .versions directive may be used in patches (but not in includes or
+# general functions) and enables parameterization. If .version is used, then
+# the patch may later use expressions like <VERS value1 value2 ...> to generate
+# the same patch with different values for different game versions. In each
+# <VERS> expression, the number of values must match the number of versions
+# given in the .versions directive.
+# .versions VRS1 VRS2 VRS3 ...
+
 # These directives tell newserv what to show to the player in the Patches menu.
 # Neither of them is required; if the name is omitted, the filename is used
 # instead.
 .meta name="Write memory"
 .meta description="Writes data to any location in memory"

-# The .meta index directive tells newserv what value to use in the flag field
-# when sending the B2 command. This is needed if the server needs to do
-# something when the B3 response is received. If specified, the index must be in
-# the range 01-FF. The DOL loading functionality, which this function is a part
-# of, uses indexes E0, E1, and E2, but the WriteMemoryGC function can also be
-# used for other purposes.
-.meta index=E1
-
 # To hide a patch from the Patches menu (so it can only be used with the $patch
 # command), this directive can be used. This has no effect if used in includes
 # or general functions.