-
Notifications
You must be signed in to change notification settings - Fork 1
/
Copy pathbinary.yaml
273 lines (272 loc) · 17.5 KB
/
binary.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
# The data type could be HEX, ASCIIZ, UINT or EVAL
targets:
android:
# Server address
# This address is originally an assert message, it's enough for a server address
- 0x008AD348: EVAL `ASCIIZ ${projectConfig.server}`
- 0x003C5EB8: UINT 32 LE 0x004E7500 # = Address above - PC
# Project name
# This address is originally an assert message, it's enough for a project name
- 0x008ACC70: EVAL `ASCIIZ ${projectConfig.name}`
- 0x0051A72C: UINT 32 LE 0x0039277C # = Address above - PC
# Font fix -- replace references to Chinese font with Japanese font
# And replace Japanese font with full Chinese font
- 0x008A078D: ASCIIZ Fonts/Kazesawa-Regular.ttf
- 0x008A612D: ASCIIZ Fonts/Kazesawa-Light.ttf
- 0x008A614B: ASCIIZ Fonts/Kazesawa-Semibold.ttf
# Force single pack's songs' backgrounds to be normal
- 0x0089BBBF: ASCIIZ img/bg_light.jpg
- 0x0089BBD7: ASCIIZ img/bg_dark.jpg
# Metadata check
- 0x00564EDE: HEX 00 BF # songlist
- 0x00564EEE: HEX 00 BF # packlist
- 0x00564EFE: HEX 00 BF # unlocks
# Highspeed limitation
- 0x0049694A: HEX FF # HighspeedSettingLayer::init(): max speed 65 => 255
- 0x00496FB4: HEX 00 BF 00 BF # UserPreferences::getHighspeedInt(): remove max speed limitation
# Tempestissimo unlock state check
# Without this patch removing the Tempestissimo song causes the game crash
- 0x004B982C: HEX 4F F0 01 04 4F F0 01 04 01 24 # SongSelectScene::init()
# Bundled Beyond difficulty support
- 0x004BC6E1: HEX E0 # SongSelectScene::getRequiredAssetsAndTokenForStartGameScene():
# remove force download check of Beyond charts (remove download prompt before play)
- 0x005352BF: HEX E0 # SongManager::loadSongs()
# remove world-unlock assumption for ALL Beyond charts except Tempestissimo
- 0x00540CA8: HEX 00 BF # Song::getChartFilepathForDifficultyClass()
# remove force find chart file under download directory for Beyond charts
- 0x0057A013: HEX E0 # SongSelectionCell::setSelected()
# remove force download check of Beyond charts (download button to START button)
# Download single song for ALL songs (instead of download full pack for non single/extend songs)
- 0x004BC27A: HEX 05 E0 # SongSelectScene::promptDownload()
- 0x005410AC: HEX 06 E0 # Song::isRemoteDownloadPresent()
# Fix error downloading when charts of some difficulties are empty
- 0x004A3FEA: HEX 00 BF # Check downloaded data on startup: don't consider empty file's MD5 as non-exist
- 0x004A3FFE: HEX 00 BF # Check downloaded data on startup: don't consider file size < 500 bytes as non-exist
- 0x0055DBDE: HEX 14 E0 # lambda[at DownloadFileTask::run](): don't fail file size < 500 bytes
# April Fool's Day's feature for all charts
- 0x00516C72: HEX 00 BF # LogicChart::setupNotesFromParsed(): enable camera
- 0x00516D26: HEX 11 E0 # LogicChart::setupNotesFromParsed(): enable scenecontrol
- 0x00516B38: HEX 4F F0 01 00 # LogicChart::setupNotesFromParsed(): fix green arc() with mirror
- 0x00518458: HEX 05 E0 # LogicChart::colorForId(): enable green arc()
- 0x00518472: HEX 00 BF # LogicChart::colorForId(): fix green arc() with mirror
# Assume everything to be purchased
- 0x00497974: HEX 34 E0 # PurchaseManager::isPurchased(): jump to return
- 0x004979F8: HEX 01 # PurchaseManager::isPurchased(): return 1 on not purchased
# Assume ALL stories to be unlocked
- 0x0048AFE0: HEX 00 BF 00 BF 19 E0 # StoryEntry::isUnlocked(): jump to return
- 0x0048B01A: HEX 01 # StoryEntry::isUnlocked(): return 1
# Assume no unread stories on main menu scene
- 0x00471AB5: HEX E0 # StoryManager::hasUnreadUnlockedStory(): jump to return 0
# Remove limitations limitations for character abilities
- 0x0049A62C: HEX 4F F0 00 00 # CharacterAbility::setLimitations
# Pack dividers
# - Divider positions
# - 00484B8C: MOV R0, 0
# - 00484B90: CMP R1, R0
- 0x00484B8C: HEX 00 20
- 0x00484B90: HEX 81 42
# - 0048572A: B.W 004979B8 (jump to the instruction below)
# - 004979B8: CMP R1, (X = a divider's index)
# - 004979BA: IT EQ
# - 004979BC: B.W 00484B9A (jump to create divider)
# - 004979C0: B.W 00484CC6 (jump to skip create divider, the original jump target of 0048572A)
- 0x0048572A: HEX 12 F0 45 B9
- 0x004979B8: EVAL `UINT 8 LE ${packDivider.index("story")}`
- 0x004979B9: HEX 29
- 0x004979BA: HEX 08 BF
- 0x004979BC: HEX ED F7 ED B8
- 0x004979C0: HEX ED F7 81 B9
# - 00485724: CMP R1, (X = a divider's index)
- 0x00485724: EVAL `UINT 8 LE ${packDivider.index("sidestory")}`
# - 00484B94: CMPNE R1, (X = a divider's index)
- 0x00484B94: EVAL `UINT 8 LE ${packDivider.index("collab")}`
# - Start of "story"
- 0x00484BCC: EVAL `UINT 8 LE ${packDivider.index("story")}`
# - Start of "sidestory"
- 0x00484BEC: EVAL `UINT 8 LE ${packDivider.index("sidestory")}`
# - Start of "collab"
- 0x00484C0C: EVAL `UINT 8 LE ${packDivider.index("collab")}`
# Always trigger anomalies
- 0x0054DEB0: HEX 00 BF 00 BF # <AnomalySongFinished>(): call to UnlockManager::insertOrUpdateChallengeUnlock()
- 0x0054E0F8: HEX 00 BF 00 BF # <AnomalySongFinished>(): call to UnlockManager::insertOrUpdateChallengeUnlock()
- 0x0054DED4: HEX 00 BF 00 BF # <AnomalySongFinished>(): call to UnlockManager::saveUnlockStates()
- 0x0054E020: HEX 00 BF 00 BF # <AnomalySongFinished>(): call to UnlockManager::saveUnlockStates()
# Enable UI of Dynamix pack for all song with "dynamix" background
# - string_includes_charp()
# - 0x004979C4 PUSH {R3, R4, LR}
# - 0x004979C6 MOVS R2, 0
# - 0x004979C8 BL string_find_charp
# - 0x004979CC ADDS R0, 1
# - 0x004979CE CMP R0, 0
# - 0x004979D0 IT NE
# - 0x004979D2 MOVS R0, 1
# - 0x004979D4 POP {R3, R4, PC}
- 0x004979C4: HEX 18 B5 00 22 F1 F7 B4 FE 01 30 00 28 18 BF 01 20 18 BD
# - current_song_bg()
# - 0x00497FCE PUSH {R0, LR}
# - 0x00497FD0 LDR R0, offset: [&CoreManager::singleton ] - [PC at "ADD R0, PC"]
# - 0x00497FD2 LDR R1, offset: [&CoreManager::currentSongId] - [PC at "LDR R0, [R0]"]
# - 0x00497FD4 ADD R0, PC
# - 0x00497FD6 ADD R1, PC
# - 0x00497FD8 LDR R0, [R0] (CoreManager::singleton)
# - 0x00497FDA LDR R0, [R0, 16] (CoreManager::singleton->songManager)
# - 0x00497FDC BLX SongManager::getSongForId()
# - 0x00497FE0 ADD.W R1, R0, 60 (song->bg)
# - 0x00497FE4 POP.W {R0, LR}
# - 0x00497FE8 PUSH {R0, LR}
# - 0x00497FEA BLX string_from_string
# - 0x00497FEE POP.W {R0, PC}
# - 0x00497FF2 .WORD 00 00 (padding for LDR above)
# - 0x00497FF4 .DWORD [&CoreManager::singleton ] - [PC at "ADD R0, PC"]
# - 0x00497FF8 .DWORD [&CoreManager::currentSongId] - [PC at "LDR R0, [R0]"]
- 0x00497FCE: HEX 01 B5 08 48 09 49 78 44 79 44 00 68 00 69 EE F6 B8 EC 00 F1 3C 01 BD E8 01 40 01 B5 ED F6 F4 EB BD E8 01 80 00 00 9C 4F 4F 00 A2 4F 4F 00
- 0x00554032: HEX 3C 30 # TrackBase::init(): var S: song->set to song->bg
- 0x005542AA: HEX 43 F7 8B FB # TrackBase::init(): std::string::find() 1st argument: song->id to S
- 0x004B7630: HEX E0 F7 CD FC # UILayer::init(): CoreManager::getCurrentSetId() to current_song_bg()
- 0x004B763A: HEX E0 F7 C3 F9 # UILayer::init(): string_eq_charp() to string_includes_charp()
- 0x004B7670: HEX E0 F7 AD FC # UILayer::init(): CoreManager::getCurrentSetId() to current_song_bg()
- 0x004B767A: HEX E0 F7 A3 F9 # UILayer::init(): string_eq_charp() to string_includes_charp()
ios:
# Server address
# This address is originally an assert message, it's enough for a server address
- 0x007F363E: EVAL `ASCIIZ ${projectConfig.server}`
- 0x0009E8B0: HEX A1 3A 00 B0 # ADRP X0, page of address above
- 0x0009E8B4: HEX 21 F8 18 91 # ADD X0, X0, page offset of address above
# Project name
# This address is originally an assert message, it's enough for a project name
- 0x007F369E: EVAL `ASCIIZ ${projectConfig.name}`
- 0x00020AA0: HEX 21 78 1A 91 # ADD X0, X0, page offset of address above
# Font fix -- replace references to Chinese font with Japanese font
# And replace Japanese font with full Chinese font
- 0x007F4090: ASCIIZ Fonts/Kazesawa-Regular.ttf
- 0x007FDCED: ASCIIZ Fonts/Kazesawa-Light.ttf
- 0x007FDD0B: ASCIIZ Fonts/Kazesawa-Semibold.ttf
# Force single pack's songs' backgrounds to be normal
- 0x008088AD: ASCIIZ img/bg_light.jpg
- 0x008088C5: ASCIIZ img/bg_dark.jpg
# Metadata check
- 0x0006B970: HEX 1F 20 03 D5 # songlist
- 0x0006B9B8: HEX 1F 20 03 D5 # packlist
- 0x0006BA00: HEX 1F 20 03 D5 # unlocks
# Highspeed limitation
- 0x0006FE50: HEX EB 1F # Inlined UserPreferences::getHighspeedInt() in HighspeedSettingLayer::init()
- 0x0006FE61: HEX FD 03
- 0x00144CAC: HEX EB 1F # Inlined UserPreferences::getHighspeedInt() in SettingsDialog::updateUI()
- 0x00144CBD: HEX FD 03
- 0x001F9BA0: HEX EB 1F # Inlined UserPreferences::getHighspeedInt()
- 0x001F9BB0: HEX FD 03
- 0x0023929C: HEX EB 1F # Inlined UserPreferences::getHighspeedInt() in SongManager::loadLogicChartForSong()
- 0x002392AD: HEX FD 03
- 0x0023CF64: HEX EB 1F # Inlined UserPreferences::getHighspeedInt() in AchievementManager::processAchievementsSongComplete()
- 0x0023CF75: HEX FD 03
# Tempestissimo unlock state check
# Without this patch removing the Tempestissimo song causes the game crash
- 0x0022191C: HEX 1F 20 03 D5 1F 20 03 D5 35 00 80 D2 # SongSelectScene::init()
# Bundled Beyond difficulty support
- 0x00226D78: HEX 05 00 00 14 # SongSelectScene::getRequiredAssetsAndTokenForStartGameScene():
# remove force download check of Beyond charts (remove download prompt before play)
- 0x002353BC: HEX 19 00 00 14 # SongManager::loadSongs()
# remove world-unlock assumption for ALL Beyond charts except Tempestissimo
- 0x000B6120: HEX 44 08 5F 7A # Song::getChartFilepathForDifficultyClass()
# remove force find chart file under download directory for Beyond charts
- 0x001F7220: HEX 05 00 00 14 # SongSelectionCell::setSelected()
# remove force download check of Beyond charts (download button to START button)
# Download single song for ALL songs (instead of download full pack for non single/extend songs)
- 0x00226324: HEX 1F 20 03 D5 # SongSelectScene::promptDownload()
- 0x00226344: HEX 36 00 00 14 # SongSelectScene::promptDownload()
- 0x000B69C0: HEX 1F 20 03 D5 # Song::isRemoteDownloadPresent()
- 0x000B69F4: HEX 19 00 00 14 # Song::isRemoteDownloadPresent()
# Fix error downloading when charts of some difficulties are empty
- 0x000B2D40: HEX 1F 20 03 D5 # Check downloaded data on startup: don't consider empty file's MD5 as non-exist
- 0x000B2D5C: HEX 1F 20 03 D5 # Check downloaded data on startup: don't consider file size < 500 bytes as non-exist
- 0x001C5318: HEX 13 00 00 14 # lambda[at DownloadFileTask::run](): don't fail file size < 500 bytes
# April Fool's Day's feature for all charts
- 0x000DB5B4: HEX 1F 20 03 D5 # LogicChart::setupNotesFromParsed(): enable camera
- 0x000DB654: HEX C0 00 00 14 # LogicChart::setupNotesFromParsed(): enable scenecontrol
- 0x000DB464: HEX 1F 20 03 D5 # LogicChart::setupNotesFromParsed(): fix green arc() with mirror
- 0x000DE044: HEX 05 00 00 14 # LogicChart::colorForId(): enable green arc()
- 0x000DE068: HEX 1F 20 03 D5 # LogicChart::colorForId(): fix green arc() with mirror
# Assume everything to be purchased
- 0x0021C7B0: HEX 20 00 80 52 # PurchaseManager::isPurchased()+0: MOV W0, 1
- 0x0021C7B4: HEX C0 03 5F D6 # PurchaseManager::isPurchased()+4: RET
# Assume ALL stories to be unlocked
- 0x0005C3D8: HEX 1F 20 03 D5 18 00 00 14 # StoryEntry::isUnlocked(): jump to return
- 0x0005C43C: HEX 33 00 80 52 # StoryEntry::isUnlocked(): return 1
# Assume no unread stories on main menu scene
- 0x0000BA9C: HEX 19 00 00 14 # StoryManager::hasUnreadUnlockedStory(): jump to return 0
# Remove limitations limitations for character abilities
- 0x0013F824: HEX 1F 20 03 D5 # CharacterAbility::setLimitations
# Pack dividers
# - Divider positions
# - 0014B9E8: CCMP W26, (X = 0), #4, AL
- 0x0014B9E8: EVAL `UINT 32 LE ${0x7A40EB44 | ((0 & 0b11111) << 16)}`
# - 0014B9EC: CCMP W26, (X = a divider's index), #4, NE
- 0x0014B9EC: EVAL `UINT 32 LE ${0x7A401B44 | ((packDivider.index("story") & 0b11111) << 16)}`
# - 0014B9F4: CCMP W26, (X = a divider's index), #4, NE
- 0x0014B9F4: EVAL `UINT 32 LE ${0x7A401B44 | ((packDivider.index("sidestory") & 0b11111) << 16)}`
# - 0014B9F0: CCMP W26, (X = a divider's index), #4, NE
- 0x0014B9F0: EVAL `UINT 32 LE ${0x7A401B44 | ((packDivider.index("collab") & 0b11111) << 16)}`
# - Start of "story"
# - 0014BA50: CCMP W26, (X = "story" divider's index), #4, AL
- 0x0014BA50: EVAL `UINT 32 LE ${0x7A40EB44 | ((packDivider.index("story") & 0b11111) << 16)}`
# - Start of "sidestory"
# - 0014BA8C: CCMP W26, (X = "sidestory" divider's index), #4, AL
- 0x0014BA8C: EVAL `UINT 32 LE ${0x7A40EB44 | ((packDivider.index("sidestory") & 0b11111) << 16)}`
# - Start of "collab"
# - 0014BAC8: CCMP W26, (X = "collab" divider's index), #4, AL
- 0x0014BAC8: EVAL `UINT 32 LE ${0x7A40EB44 | ((packDivider.index("collab") & 0b11111) << 16)}`
# Always trigger anomalies
- 0x000FA8CC: HEX 1F 20 03 D5 # <AnomalySongFinished>(): call to UnlockManager::insertOrUpdateChallengeUnlock()
- 0x000FAC6C: HEX 1F 20 03 D5 # <AnomalySongFinished>(): call to UnlockManager::insertOrUpdateChallengeUnlock()
- 0x000FA8F8: HEX 1F 20 03 D5 # <AnomalySongFinished>(): call to UnlockManager::saveUnlockStates()
- 0x000FAA1C: HEX 1F 20 03 D5 # <AnomalySongFinished>(): call to UnlockManager::saveUnlockStates()
# Enable UI of Dynamix pack for all song with "dynamix" background
# - string_includes_charp()
# - 0x0021C7B8 LDRB W9, [X0, #23] (short::size)
# - 0x0021C7BC AND W9, W9, #0x80 (short_mask)
# - 0x0021C7C0 LDR X10, [X0] (long::data)
# - 0x0021C7C4 CMP W9, #0
# - 0x0021C7C8 CSEL X0, X10, X0, NE (resolve data pointer with SSO)
# - 0x0021C7CC SUB SP, SP, 16
# - 0x0021C7D0 STR X30, [SP, 8] (save LR)
# - 0x0021C7D4 BL _strstr
# - 0x0021C7D8 MOV W9, #1
# - 0x0021C7DC CMP W0, #0
# - 0x0021C7E0 CSEL X0, X0, X9, EQ (return 1 on strstr() non-zero)
# - 0x0021C7E4 LDR X30, [SP, 8] (restore LR)
# - 0x0021C7E8 ADD SP, SP, 16
# - 0x0021C7EC RET
- 0x0021C7B8: HEX 09 5C 40 39 29 01 19 12 0A 00 40 F9 3F 01 00 71 40 11 80 9A FF 43 00 D1 FE 07 00 F9 CC 82 14 94 29 00 80 52 1F 00 00 71 00 00 89 9A FE 07 40 F9 FF 43 00 91 C0 03 5F D6
# - current_song_bg()
# - 0x0021C7F0 SUB SP, SP, 16
# - 0x0021C7F4 STR X0, [SP, 0] (save arg1 &result)
# - 0x0021C7F8 STR X30, [SP, 8] (save lr)
# - 0x0021C7FC ADRP X0, page start (Load &CoreManager::singleton)
# - 0x0021C800 ADD X0, X0, page offset (Load &CoreManager::singleton)
# - 0x0021C804 ADD X1, X0, 16 (¤tSongId = &singleton + 16)
# - 0x0021C808 LDR X0, [X0] (dereference singleton)
# - 0x0021C80C ADD X0, X0, 32 (&singleton->songManager = singleton + 32)
# - 0x0021C810 LDR X0, [X0] (dereference singleton->songManager)
# - 0x0021C814 BL getSongForId
# - 0x0021C818 ADD X1, X0, 120 (song->bg)
# - 0x0021C81C LDR X0, [SP, 0] (restore &result)
# - 0x0021C820 BL string_from_string
# - 0x0021C824 LDR X30, [SP, 8] (restore LR)
# - 0x0021C828 ADD SP, SP, #0x10
# - 0x0021C82C RET
- 0x0021C7F0: HEX FF 43 00 D1 E0 03 00 F9 FE 07 00 F9 80 49 00 F0 00 00 0F 91 01 40 00 91 00 00 40 F9 00 80 00 91 00 00 40 F9 77 6C 00 94 01 E0 01 91 E0 03 40 F9 AD 7C 14 94 FE 07 40 F9 FF 43 00 91 C0 03 5F D6
- 0x001D54A4: HEX 29 E1 01 91 # TrackBase::init(): song->set to song->bg
- 0x001D5864: HEX 1F 20 03 D5 # TrackBase::init(): NOP strlen(song->bg) != strlen("dynamix")
- 0x001D587C: HEX E1 03 03 AA # TrackBase::init(): "dynamix" on arg4 to arg1
- 0x001D5880: HEX CE 1B 01 94 # TrackBase::init(): string_compare_charp to string_includes_charp
- 0x001D5884: HEX 00 09 00 35 # TrackBase::init(): (string_compare_charp() == 0) to (string_includes_charp() != 0)
- 0x0020ED4C: HEX A9 36 00 94 # UILayer::init(): CoreManager::getCurrentSetId() to current_song_bg()
- 0x0020ED68: HEX 1F 20 03 D5 # UILayer::init(): NOP strlen(bg) != strlen("dynamix")
- 0x0020ED80: HEX E1 03 03 AA # UILayer::init(): "dynamix" on arg4 to arg1
- 0x0020ED84: HEX 8D 36 00 94 # UILayer::init(): string_compare_charp to string_includes_charp
- 0x0020ED88: HEX C0 43 00 35 # UILayer::init(): (string_compare_charp() == 0) to (string_includes_charp() != 0)
- 0x0020EDC8: HEX 8A 36 00 94 # UILayer::init(): CoreManager::getCurrentSetId() to current_song_bg()
- 0x0020EDE4: HEX 1F 20 03 D5 # UILayer::init(): NOP strlen(bg) != strlen("dynamix")
- 0x0020EDFC: HEX E1 03 03 AA # UILayer::init(): "dynamix" on arg4 to arg1
- 0x0020EE00: HEX 6E 36 00 94 # UILayer::init(): string_compare_charp to string_includes_charp
- 0x0020EE04: HEX C0 40 00 35 # UILayer::init(): (string_compare_charp() == 0) to (string_includes_charp() != 0)