Decoding the FPC

From OpenSA: Smash Engine Documentation Wiki
Jump to: navigation, search

Notable Subroutines

strncpy (803fa340)

Copies a sequence of bytes from one memory location to another. The routine ends when it hits the specified number of bytes or when it hits a 00, indicating that the string has ended.


r3	"To" pointer (moved to r6)
r4	"From" pointer
r5	Number of bytes to copy

Note: memcpy works the same way except it doesn't end when it hits a 00.

strncat (803FA3B0)

Concatenates one string onto the end of another.


r3	String 1
r4	String to concat onto String 1.

loadfromSD (8001cbf4)

Loads a file from the SD card into memory.


r3	Points to a pointer that points to a string containing the file location

Code Analysis

Full Code

E0000000 80008000	Full terminator
225664EC 00000000	Execute code if 805664EC != 00000000
0401BFE0 4858BE20	8001BFE0 -- b 0x58BE20 (-->805A7E00)
065A7E00 00000070	Write 0x70 bytes starting at 805A7E00: (Textures, CSPs, HUD Portraits p1)
38A00067 38810020	(ASM Chunk 1)
3CE0805A 60E37C18
4BE52531 38A0007F
3883FFE8 38610020
4BE52521 38A00068
60E47C18 38610020
9421FF80 BC410008
38610088 4BA74DB9
7C7C1B78 2C030000
4082000C 38210080
4800001C B8410008
38210080 4BE524E5
38610008 4BA742E1
7C7C1B78 4BA741E8
040223E0 48585BC0	800223E0 -- b 0x585BC0 (-->805A7FA0)
065A7FA0 00000028	Write 0x28 bytes starting at 805A7FA0:
80010044 3C608001	(ASM Chunk 2)
6063581C 7C001800
4082000C 7FDDC850
3BDEFFE0 93DB0008
4BA7A424 00000000
0401CD0C 4858B1F4	8001CD0C -- b -->805A7F00
065A7F00 00000038	Write 0x38 bytes starting at 805A7F00: (Textures, CSPs, HUD Portraits p2)
2C030000 4182000C	(ASM Chunk 3)
4BA7DD51 4BA74E04
80780008 2C030000
41820014 8118000C
7C634214 7C7B1850
48000008 8078000C
4BA74DE0 00000000
043EE9D8 48000014	803EE9D8 -- b 0x14
043EEBD4 48000014	803EEBD4 -- b 0x14
043D8B9C 48000018	803D8B9C -- b 0x18
043E9B4C 38600000	803E9B4C -- li r3,0
043E9D38 38600000	803E9D38 -- li r3,0
043D8C80 60000000	803D8C80 -- nop
80000000 80406920	Load 80406920 into gr0
80000001 805A7C00	Load 805A7C00 into gr1
8A001001 00000000	Copy 0x10 bytes from gr0 to gr1 (copies '/private/wii/app' to 805A7C00)
045A7C10 2F525342	Appends '/RSB'
045A7C14 452F7066	Appends 'E/pf'
80000001 805A7B00	Load 805A7B00 into gr1
8A001001 00000000	Copy 0x10 bytes from gr0 to gr1 (copies '/private/wii/app' to 805A7B00)
065A7B10 0000000F	Write 0xF bytes starting at 805A7B10:
2F525342 452F7066	/RSB E/pf
2F736F75 6E642F00	/sou nd/
041C6CE0 483E0D20	801C6CE0 -- b -->805A7A00
065A7A00 00000028	Write 0x28 bytes starting at 805A7A00:
9421FF80 BC410008	(ASM Chunk 4)
3C60805A 60637B1F
4BE52931 B8410008
38210080 4BE52995
4BC1F2C4 00000000
065A7900 00000078	Write 0x78 bytes starting at 805A7900:
9421FF80 7C0802A6	(ASM Chunk 5)
9001000C BC810010
9421FF00 7C872378
54B2BA7E 7CD33378
38800000 9081000C
90810010 90610014
90810018 3880FFFF
9081001C 38610020
90610008 7CE43B78
38A00080 4BE529F5
38610008 4BA752A1
60000000 80210000
B8810010 8001000C
7C0803A6 80210000
4E800020 00000000
043E399C 481C3F04	803E399C -- b -->805A78A0
065A78A0 00000010	Write 0x10 bytes starting at 805A78A0:
80BC0020 7CA59214	(ASM Chunk 6)
3A400000 4BE3C0F4
043DBAEC 481CBDE4	803DBAEC -- b -->805A78D0
065A78D0 00000018	Write 0x18 bytes starting at 805A78D0:
800302A4 2C130000	(ASM Chunk 7)
41820008 7E609B78
3A600000 4BE3420C
041CDF7C 483D9884	801CDF7C -- b -->805A7800
065A7800 00000098	Write 0x98 bytes starting at 805A7800:
818C0014 9421FF80	(ASM Chunk 8)
BC410008 3D009034
61089D94 7C034000
4082003C 7C882378
3C60804D 60630000
3C80805A 60847B00
7CC53378 38C04200
80E40080 2C070000
40820014 60000000
480000B9 2C030000
41820010 B8410008
80210000 4BC26724
70A501FF 3868FFFF
3C80804C 6084FFFF
7C842A14 38A04001
38A5FFFF 8C040001
9C030001 2C050000
4082FFF0 B8410008
80210000 4BC2670C
141CCF90 483DA770	801CCF90 -- b -->805A7700 (Why does this use po instead of ba?)
065A7700 00000048	Write 0x48 bytes starting at 805A7700:
9421FF80 BC410008	(ASM Chunk 9)
7FE3FB78 3C80805A
60847B00 38A00000
38C04000 480001E5
90640080 807F0008
907A0014 907A005C
907A0074 B8410008
80210000 807F0000
4BC25854 00000000
E0000000 80008000	Full terminator

ASM Chunk 1

Textures, CSPs, HUD portraits

Part 1: Copy file name from stack pointer to 0x805A7C18 to make '/private/wii/app/RSBE/pf/[filename]'
805A7E00:  38A00067	li	r5,103 	  	 //set r5 to 0x67
805A7E04:  38810020	addi	r4,r1,32 	 //set r4 to sp + 32 (location of filename)
805A7E08:  3CE0805A	lis	r7,0x805A
805A7E0C:  60E37C18	ori	r3,r7,0x7C18 	 //set r3 to 0x805A7C18
805A7E10:  4BE52531	bl	0x803fa340 	 //Initiate strncpy

Part 2: Copy new file name back to stack pointer (with now-appended '/private/wii/app/RSBE/pf')
805A7E14:  38A0007F	li	r5,127 	  	 //set r5 to 0x7F
805A7E18:  3883FFE8	subi	r4,r3,24 	 //set r4 to 0x805A7C00 (beginning of filename string)
805A7E1C:  38610020	addi	r3,r1,32 	 //set r3 to sp + 32 (location of filename)
805A7E20:  4BE52521	bl	0x803fa340 	 //Initiate strncpy

Part 3: Save registers to stack pointer, set r3 to file pointer, initiate loadfromSD
805A7E24:  38A00068	li	r5,104 	  	 //set r5 to 0x68
805A7E28:  60E47C18	ori	r4,r7,31768 	 //set r4 to 0x805A7C18
805A7E2C:  38610020	addi	r3,r1,32 	 //set r3 to sp + 32 (location of filename)
805A7E30:  9421FF80	stwu	r1,-128(r1) 	 //set sp to (sp - 0x80)
805A7E34:  BC410008	stmw	r2,8(r1) 	 //store r2 through r31 starting at (sp + 8)
805A7E38:  38610088	addi	r3,r1,136 	 //set r3 to (r1 + 0x90), or original sp + 0x10
805A7E3C:  4BA74DB9	bl	0x8001cbf4 	 //Initiate loadfromSD

805A7E40:  7C7C1B78	mr	r28,r3 	  	 //save return value to r28

805A7E44:  2C030000	cmpwi	r3,0 	  	 //If the file wasnt there?
805A7E48:  4082000C	bne-	0x805a7e54 	 //Skip to disk load

805A7E4C:  38210080	addi	r1,r1,128 	 //and if it was,adjust sp
805A7E50:  4800001C	b	0x805a7e6c 	 //We are done

805A7E54:  B8410008	lmw	r2,8(r1) 	 //restore original registers
805A7E58:  38210080	addi	r1,r1,128 	 //add 0x80 back to sp, restoring it
805A7E5C:  4BE524E5	bl	0x803fa340
805A7E60:  38610008	addi	r3,r1,8
805A7E64:  4BA742E1	bl	0x8001c144
805A7E68:  7C7C1B78	mr	r28,r3

805A7E6C:  4BA741E8	b	0x8001c054

ASM Chunk 2

805A7FA0:  80010044	lwz	r0,0x44(r1)
805A7FA4:  3C608001	lis	r3,0x8001
805A7FA8:  6063581C	ori	r3,r3,0x581C 	 //Check the stack to see where we're coming from

805A7FAC:  7C001800	cmpw	r0,r3 	  	 //Did we come from 8001581C?
805A7FB0:  4082000C	bne-	0x805a7fbc 	 //If no, run original line
805A7FB4:  7FDDC850	sub	r30,r25,r29
805A7FB8:  3BDEFFE0	subi	r30,r30,32

805A7FBC:  93DB0008	stw	r30,8(r27) 	 //original line
805A7FC0:  4BA7A424	b	0x800223e4

ASM Chunk 3

This chunk is part of the SD load routine.

805A7F00:  2C030000	cmpwi	r3,0
805A7F04:  4182000C	beq-	0x805a7f10

805A7F08:  4BA7DD51	bl	0x80025c58 	 //original line
805A7F0C:  4BA74E04	b	0x8001cd10

805A7F10:  80780008	lwz	r3,8(r24)

805A7F14:  2C030000	cmpwi	r3,0
805A7F18:  41820014	beq-	0x805a7f2c

805A7F1C:  8118000C	lwz	r8,12(r24)
805A7F20:  7C634214	add	r3,r3,r8
805A7F24:  7C7B1850	sub	r3,r3,r27
805A7F28:  48000008	b	0x805a7f30

805A7F2C:  8078000C	lwz	r3,12(r24)

805A7F30:  4BA74DE0	b	0x8001cd10

ASM Chunk 4

805A7A00:  9421FF80	stwu	r1,-128(r1)
805A7A04:  BC410008	stmw	r2,8(r1)
805A7A08:  3C60805A	lis	r3,-32678
805A7A0C:  60637B1F	ori	r3,r3,31519
805A7A10:  4BE52931	bl	0x803FA340	//strncpy
805A7A14:  B8410008	lmw	r2,8(r1)
805A7A18:  38210080	addi	r1,r1,128
805A7A1C:  4BE52995	bl	0x803FA3B0
805A7A20:  4BC1F2C4	b	0x801C6CE4

ASM Chunk 5

Custom SD Load routine

r3: Destination ptr

r4: Directory string ptr

r5: Offset

r6: Size (0 = all)

805A7900:  9421FF80	stwu 	 r1,-128(r1)
805A7904:  7C0802A6	mflr 	 r0
805A7908:  9001000C	stw 	 r0,12(r1)
805A790C:  BC810010	stmw 	 r4,16(r1)
805A7910:  9421FF00	stwu 	 r1,-256(r1)
805A7914:  7C872378	mr 	 r7,r4
805A7918:  54B2BA7E	rlwinm 	 r18,r5,23,9,31
805A791C:  7CD33378	mr 	 r19,r6
805A7920:  38800000	li 	 r4,0
805A7924:  9081000C	stw 	 r4,12(r1)
805A7928:  90810010	stw 	 r4,16(r1)
805A792C:  90610014	stw 	 r3,20(r1)
805A7930:  90810018	stw 	 24(r1)
805A7934:  3880FFFF	li 	 r4,-1
805A7938:  9081001C	stw 	 r4,28(r1)
805A793C:  38610020	addi 	 r3,r1,32
805A7940:  90610008	stw 	 r3,8(r1)
805A7944:  7CE43B78	mr 	 r4,r7
805A7948:  38A00080	li 	 r5,128
805A794C:  4BE529F5	bl 	 0x803FA340 	 //strncpy
805A7950:  38610008	addi 	 r3,r1,8
805A7954:  4BA752A1	bl 	 0x8001CBF4
805A7958:  60000000	nop 	 
805A795C:  80210000	lwz 	 r1,0(r1)
805A7960:  B8810010	lmw 	 r4,16(r1)
805A7964:  8001000C	lwz 	 r0,12(r1)
805A7968:  7C0803A6	mtlr 	 r0
805A796C:  80210000	lwz 	 r1,0(r1)
805A7970:  4E800020	blr 	 

ASM Chunk 6

805A78A0:  80BC0020	lwz	r5,32(r28)
805A78A4:  7CA59214	add	r5,r5,r18
805A78A8:  3A400000	li	r18,0
805A78AC:  4BE3C0F4	b	0x803E39A0