annotate clojure/com/aurellem/exp/item_bridge.clj @ 187:426fce7e609d

successfully captured program counter!
author Robert McIntyre <rlm@mit.edu>
date Thu, 22 Mar 2012 07:36:54 -0500
parents d63886d63b2f
children 8523faa122b0
rev   line source
rlm@170 1 (ns com.aurellem.exp.item-bridge
rlm@179 2 (:use (com.aurellem.gb saves util constants gb-driver vbm items assembly))
rlm@170 3 (:use (com.aurellem.run title save-corruption))
rlm@179 4 ;;(:use (com.aurellem.exp pokemon))
rlm@154 5 (:import [com.aurellem.gb.gb_driver SaveState]))
rlm@130 6
rlm@131 7 (defn corrupt-item-state []
rlm@131 8 (second (destroy-item-end-of-list-marker)))
rlm@131 9
rlm@131 10 (defn corrupt-item-state []
rlm@131 11 (read-state "corrupt-items"))
rlm@131 12
rlm@133 13 (defn view-memory-range [state start end]
rlm@133 14 (dorun
rlm@133 15 (map (fn [loc val]
rlm@133 16 (println (format "%04X : %02X" loc val)))
rlm@133 17 (range start end) (subvec (vec (memory state)) start end)))
rlm@133 18 state)
rlm@131 19
rlm@133 20 (defn almost-broken
rlm@133 21 "if one more memory location is turned into 0x03, the game crashes."
rlm@133 22 [n]
rlm@133 23 (view-memory-range
rlm@133 24 (set-inv-mem (mid-game)
rlm@133 25 (concat [0xFF] (repeat 64 0x03)
rlm@133 26 (subvec (vec (memory (mid-game)))
rlm@133 27 (+ item-list-start 65)
rlm@133 28 (+ item-list-start 65 n))
rlm@170 29 (repeat (- 255 65 n) 0x03)))
rlm@133 30 item-list-start (+ item-list-start 255)))
rlm@131 31
rlm@133 32 (defn actually-broken
rlm@170 33 "if this memory location is turned into 0x03, the game crashes."
rlm@133 34 []
rlm@133 35 (set-memory (mid-game) 0xD35D 0x03))
rlm@131 36
rlm@131 37
rlm@133 38 ;; (almost-broken 20) more or less works
rlm@133 39
rlm@133 40 (defn capture-program-counter
rlm@133 41 "records the program counter for each tick"
rlm@133 42 [^SaveState state ticks]
rlm@133 43 (let [i (atom 0)]
rlm@133 44 (reduce (fn [[program-counters state] _]
rlm@133 45 (println (swap! i inc))
rlm@133 46 [(conj program-counters (PC state))
rlm@133 47 (tick state)])
rlm@133 48 [[] state]
rlm@133 49 (range ticks))))
rlm@133 50
rlm@133 51
rlm@133 52 (defn capture-program-counter
rlm@133 53 [^SaveState state ticks]
rlm@176 54 (tick state)
rlm@176 55
rlm@133 56 (loop [i 0
rlm@133 57 pcs []]
rlm@133 58 (if (= i ticks)
rlm@179 59 (filter (partial < 0x2000)(sort (set pcs)))
rlm@133 60 (do
rlm@133 61 (com.aurellem.gb.Gb/tick)
rlm@133 62 (recur (inc i)
rlm@133 63 (conj pcs (first (registers))))))))
rlm@170 64
rlm@170 65 (defn loop-program []
rlm@174 66 [0x00 ;0xD31D ;; disable-interrupts
rlm@170 67
rlm@170 68 0xC3 ;; loop forever
rlm@170 69 0x1D
rlm@170 70 0xD3])
rlm@170 71
rlm@170 72 (def map-function-address-start 0xD36D)
rlm@170 73
rlm@170 74 (defn test-loop []
rlm@174 75 (continue!
rlm@170 76 (-> (mid-game)
rlm@170 77 (set-memory-range 0xD31D (loop-program))
rlm@170 78 (set-memory-range
rlm@170 79 map-function-address-start
rlm@174 80 [0xD3 0x1D]))))
rlm@174 81
rlm@174 82
rlm@170 83
rlm@170 84
rlm@170 85 (defn-memo corrupt-moves []
rlm@170 86 (concat
rlm@170 87 (first
rlm@170 88 (->>
rlm@170 89 [[] (mid-game)]
rlm@170 90 (advance [:b] [:b :start])
rlm@170 91 (advance [] [:d])
rlm@170 92 (play-moves [[] [] [] [:d] [] [] [] [:d] [] [] [:a]])
rlm@170 93 scroll-text
rlm@170 94 (play-moves
rlm@170 95 ;; this section is copied from speedrun-2942
rlm@170 96 ;; and corrupts the save so that the end-of-list marker
rlm@170 97 ;; for the pokemon roster is destroyed, but the save is still
rlm@170 98 ;; playable.
rlm@170 99 [[] [] [] [] [] [] [] [] [] [] [] [] [] [] [] [] [] [] [] []
rlm@170 100 [] [] [] [] [] [] [] [] [] [] [:select] [:restart]])
rlm@170 101 (play-moves
rlm@170 102 (first (title)))
rlm@170 103 (advance [] [:start])
rlm@170 104 (advance [] [:a])
rlm@170 105 (advance [:a] [:a :start])))
rlm@170 106 [[]]))
rlm@170 107
rlm@170 108
rlm@170 109
rlm@170 110 (defn corrupt
rlm@170 111 "enter the codes to destroy the
rlm@170 112 pokemon list using save corruption"
rlm@170 113 ([^SaveState state]
rlm@170 114 (run-moves
rlm@170 115 state
rlm@170 116 (corrupt-moves)))
rlm@171 117 ([] (corrupt @current-state)))
rlm@173 118
rlm@173 119 (defn mid-game-corrupt []
rlm@173 120 (read-state "corrupt-mid-game"))
rlm@170 121
rlm@187 122 (defn prepare-memory
rlm@187 123 ([^SaveState state]
rlm@187 124 (-> state
rlm@187 125 (set-memory-range 0xD31D (loop-program))
rlm@187 126 (set-memory-range 0xD336 [0x1D 0xD3])))
rlm@187 127 ([] (prepare-memory @current-state)))
rlm@187 128
rlm@170 129
rlm@170 130
rlm@187 131 (defn test-memory-fun [n]
rlm@187 132 (capture-program-counter
rlm@187 133 (set-memory-range
rlm@187 134 (tick (mid-game))
rlm@187 135 0xD36D
rlm@187 136 [0 0])
rlm@187 137 n))
rlm@170 138
rlm@187 139 ;;(def good (test-memory-fun 17000))
rlm@187 140
rlm@187 141 ;;(def bad (test-memory-fun 18000))
rlm@187 142
rlm@187 143