view clojure/com/aurellem/exp/item_bridge.clj @ 403:ea37e98e188e

removed one opcode
author Robert McIntyre <rlm@mit.edu>
date Fri, 13 Apr 2012 09:59:32 -0500
parents 1f14c1b8af7e
children
line wrap: on
line source
1 (ns com.aurellem.exp.item-bridge
2 (:use (com.aurellem.gb saves util constants gb-driver vbm items assembly))
3 (:use (com.aurellem.run util title save-corruption))
4 ;;(:use (com.aurellem.exp pokemon))
5 (:import [com.aurellem.gb.gb_driver SaveState]))
7 (defn corrupt-item-state []
8 (second (destroy-item-end-of-list-marker)))
10 (defn corrupt-item-state []
11 (read-state "corrupt-items"))
13 (defn view-memory-range
14 ([start end]
15 (view-memory-range
16 @current-state start end))
17 ([state start end]
18 (dorun
19 (map (fn [loc val]
20 (println (format "%04X : %02X" loc val)))
21 (range start end) (subvec (vec (memory state)) start end)))
22 state))
24 (defn almost-broken
25 "if one more memory location is turned into 0x03, the game crashes."
26 [n]
27 (view-memory-range
28 (set-inv-mem (mid-game)
29 (concat [0xFF] (repeat 64 0x03)
30 (subvec (vec (memory (mid-game)))
31 (+ item-list-start 65)
32 (+ item-list-start 65 n))
33 (repeat (- 255 65 n) 0x03)))
34 item-list-start (+ item-list-start 255)))
36 (defn actually-broken
37 "if this memory location is turned into 0x03, the game crashes."
38 []
39 (set-memory (mid-game) 0xD35D 0x03))
42 ;; (almost-broken 20) more or less works
45 (defn loop-program []
46 [0x00 ;0xD31D ;; disable-interrupts
48 0xC3 ;; loop forever
49 0x1D
50 0xD3])
52 (def map-function-address-start 0xD36D)
54 (defn test-loop []
55 (continue!
56 (-> (mid-game)
57 (set-memory-range 0xD31D (loop-program))
58 (set-memory-range
59 map-function-address-start
60 [0xD3 0x1D]))))
62 (defn-memo corrupt-moves []
63 (concat
64 (first
65 (->>
66 [[] (mid-game)]
67 (first-difference [:b] [:b :start] AF)
68 (first-difference [] [:d] AF)
69 (play-moves [[] [] [] [:d] [] [] [] [:d] [] [] [:a]])
70 (do-nothing 200)
71 (play-moves [[:a]])
72 (play-moves
73 ;; this section is copied from speedrun-2942
74 ;; and corrupts the save so that the end-of-list marker
75 ;; for the pokemon roster is destroyed, but the save is still
76 ;; playable.
77 [[] [] [] [] [] [] [] [] [] [] [] [] [] [] [] [] [] [] [] []
78 [] [] [] [] [] [] [] [] [] [] [:select] [:restart]])
79 (title)
80 (first-difference [] [:start] AF)
81 (first-difference [] [:a] AF)
82 (first-difference [:a] [:a :start] AF)))
83 [[]]))
85 (defn corrupt
86 "enter the codes to destroy the
87 pokemon list using save corruption"
88 ([^SaveState state]
89 (run-moves
90 state
91 (corrupt-moves)))
92 ([] (corrupt @current-state)))
94 (defn mid-game-corrupt []
95 (read-state "corrupt-mid-game"))
97 (defn gen-start-game-corrupt []
98 (->> (second (intro))
99 (first-difference [:b] [:a :b :start] AF)
100 (play-moves (corrupt-moves))))
102 (defn start-game-corrupt []
103 (read-state "corrupt-start-game"))
105 (defn test-memory-fun [n]
106 (capture-program-counter
107 (set-memory-range
108 (tick (mid-game))
109 0xD36D
110 [0 0])
111 n))
113 ;;(def good (test-memory-fun 17000))
115 ;;(def bad (test-memory-fun 18000))
119 (defn menu-open-state []
120 (read-state "menu-open"))
122 (defn prepare-memory
123 ([^SaveState state]
124 (-> state
125 (set-memory-range 0xD31D (loop-program))
126 (set-memory-range 0xD36D [0x1D 0xD3])))
127 ([] (prepare-memory @current-state)))
129 (def memory-function-address-start 0xD36D)
131 (defn read-map-function-address
132 ([^SaveState state]
133 (let [mem (memory state)]
134 [(aget mem memory-function-address-start)
135 (aget mem (inc memory-function-address-start))]))
136 ([] (read-map-function-address @current-state)))
138 (defn succesful-PC-capture
139 "This function demonstrates successful PC capturing by
140 setting 0xD36D to the value of the start location of
141 a specially prepared program.
143 You must run the function and then exit the open menu
144 to see the effect."
145 []
146 (dorun
147 (map #(println (Integer/toHexString %))
148 (capture-program-counter
149 (prepare-memory (menu-open-state))
150 9000000))))
152 (defn trampoline-assembly [^SaveState state]
153 (flatten
154 [0x3E ;;
155 0x3E ;; load lemonade into A
157 0xEA
158 0x1D
159 0xD3 ;; set first item to lemonade
161 0xC3 ;; return control to the game via absolute jump.
162 (read-map-function-address state)
163 ]))
165 (defn test-trampoline
166 "Demonstrates item-program execution via the map-function that
167 returns control to the main pokemon game after one loop."
168 [assembly-fn state]
169 (let [insertion-address 0xD33D
170 insertion-address-bits [0x3D 0xD3]]
171 (->
172 state
173 (set-memory-range
174 insertion-address
175 (assembly-fn state))
176 (set-memory-range
177 memory-function-address-start
178 insertion-address-bits))))
180 (def lemonade-trampoline
181 (partial test-trampoline
182 trampoline-assembly
183 (menu-open-state)))
185 (defn trampoline-assembly-burn-heal [^SaveState state]
186 (flatten
187 [0x3E ;;
188 0x3E ;; load lemonade into A
190 0xEA
191 0x1D
192 0xD3 ;; set first item to lemonade
194 0xC3 ;; return control to the game via absolute jump
195 0x0C ;; to Route 3's map-function
196 0x55
197 ]))
199 (def corrupted-items-width 512)
201 (defn items-record
202 ([^SaveState state]
203 (subvec (vec (memory state))
204 item-list-start
205 (+ item-list-start corrupted-items-width)))
206 ([] (items-record @current-state)))
208 (defn pc-items-record
209 ([^SaveState state]
210 (subvec (vec (memory state))
211 pc-item-list-start
212 (+ pc-item-list-width pc-item-list-start)))
213 ([] (pc-items-record @current-state)))
215 (defn print-listing-items
216 ([^SaveState state]
217 (print-listing state item-list-start
218 (+ item-list-start corrupted-items-width))
219 state)
220 ([] (print-listing-items @current-state)))
222 (defn print-listing-pc-items
223 ([^SaveState state]
224 (print-listing
225 state
226 pc-item-list-start
227 (+ pc-item-list-width pc-item-list-start))
228 state)
229 ([] (print-listing-pc-items @current-state)))