#Modding the MGS1 emulator

its interesting how adopting a hooking framework means rewriting some hooks lol

these frameworks tend to easily allow hooking entire functions but not parts of functions

so its a different paradigm in how to design them

for some of them it's probably easier for me now to reimplement the original function

i had a hook on that function pointer call

but since I just have the source to the entire function here

... maybe not worth the hassle of crafting a hook there if the goal is more portable source

just clone the func, replace it in the game and instrument that function call in my clone

trying to get off the intel compiler here

https://github.com/nuggslet/MGSM2Fix/blob/9687f8aa56fe9c9db8e04fae3e9ceb327b7d6f76/src/external/sqrat/include/sqrat/sqratObject.h#L411-L421

to set the native closure name lol

why not i guess

ayy, think ive got the most complicated hooks converted

have to do a bit of musical chairs with the CallNative funcptr but it works seemingly

these are looking so much simpler haha

all the ASM blocks are gone as well, those are C/C++ funcs

Nice

so i got to the point where I can try switching back to the MSVC compiler instead of Intel's

it actually blows up in some of the Squirrel templating stuff I did but in an extremely localised place

WEIRD

oh

you can fix it by prepending "typename"

good language

so unambiguous compiler has to toss a coin

dayum i got it to build with the microsoft compiler

im surprised it even remotely works with all the wacko shit its doing

it also shrunk by 100kb

this whole time m2fix has been using the wrong allocator and somehow getting away with it

but the real one has some custom calling convention it seems

its like fastcall but with caller cleanup

sorting that has made... all the non-MGS1 games more stable lol

cdecl?

nah as it uses ecx/edx for first two args

the func call was working fine with fastcall, except it was returning via the wrong stack slot (ended up trying to jump to stack)

and I can see callers doing cleanup (esp adjustment)

i wonder if some link time optimisation allowed it to relax some aspects of calling convention

anyway, this sort of inline asm is compatible with MSVC compiler and doesn't require Intel extensions so it's fine by me

yuss, think I sorted all the fallout from the move away from intel and got a lot of stability improvements in the process

all the games are rock stable now

hopefully this makes more gfx work feasible because I was dreading all the manual hooking of stuff lol

but in general just easier for people to build it themselves and contribute now

🙂

this sqmalloc thing eventually defers to the usual malloc/realloc/free but does a bunch of extra stuff, somehow MGS1 didn't care but the other games occasionally reported heap corruption so sounds like sqmalloc does extra management of underlying allocations

fortunately it's just one function serving all malloc/realloc/free semantics

now I ported it away from the Intel compiler, got it building as C++23, and pinched the HDFix 2.0 hooking and logging libraries I should really think about some better source structure to make it easier to navigate

Debugged application message: [S_API FAIL] SteamAPI_Init() failed; no appID found.
Either launch the game from Steam, or put the file steam_appid.txt containing the correct appID in your game folder.

lol how polite

lol

so now

castlevania advance only has an issue where it actually crashes when you close the game

how are these games with identical code having subtly different behaviour

i kinda want to get this allocator stuff right, think I just need a couple extra functions to call

why the hell castlevania anniversary is fine, contra is fine, idk, they are basically identical

maybe i don't even need functions

I just need to locate these two values

locating globals requires creativity

i suppose on x86 its not so bad

when the instructions are just like XX AA AA AA AA

CISC moment

weird that they have their own allocator, which ultimately calls into standard library allocator, but only use it conditionally

if (cond) alloc_wrapper() else alloc()

i guess this makes more sense when compiled on console

i figure the wrapper here isn't ultimately doing that much

probably uses an entirely separate heap on console

high value change

ah yeah, a classic

I'm a console.log("fuck") man myself

I think I have to disable a warning for the project on the Microsoft compiler lol

I get the same warning 700 times otherwise

templates bro

I also get a warning for code that is effectively #if 0'd out

in this case under #if _WIN64 while compiling for 32bit

https://store.steampowered.com/app/2369900/Castlevania_Dominus_Collection/ well well well lol

WELL WELL WELL

hey do you still have the updated version available? the link's dead

did you buy it just to find out if it used m2engage

nah i really like castlevania

this was just a discovery i made

good haha

thx for testing now i will buy it

well shit sdlkfjldks

yea i tried a couple different things, couldn't work

maybe they changed the key

wud be funny tbf

i'll have a look

i was gonna send in an issue on github

unless that's something that tech savvy people (you) can do

it only really becomes an MArchiveBatchTool bug if they fundamentally changed the file format

oooooh, this is weird

oh?

it's using m2engage but in a different way to everything ive seen so far

these are unusual

i wonder if the DLLs are like, extra features that run alongside the game

and the other DLL is the integration of that, idk

though, i wonder if AC Dracula is the original version of the arcade game or the remake

yeah the old key/seed thing is gone

key length is now 92, not 64

i assume the seed still needs changing or something tho

oh jesus

well, time to make a github issue

HAHAHAHAHAHAHAH

got it

oh!

well yay!

i wish i weren't in class rn ldskfjlds

the seed is now "Illegal function call", not "25G/xpvTbsb+6"

what the fuck

how... interesting

so can unpack with

MArchiveBatchTool fullunpack alldata.bin zlib "Illegal function call" 92

what memers

i'm in 8-)

what are the roms lookin like?

very different to anything seen previously

e.g.

and then "remake" just looks like... a game, not anything emulated

so the DS games aren't .nds i guess

interesting

there might be nds format stuff somewhere here

dunno

its just packaged completely differently so will take time to unpack

for sure

they've reinvented a filesystem

I assume this points to offsets/sizes in files.bin

and files.bin is just a big blob of everything combined

i assumed as much

it seemed pretty big

wonder what these DLLs look like

OH SHIT

ahghahahahah

the DLLs leak so many symbol names

this will help with MGS1

symbol names? that sounds familiar

yeah names of functions basically

oh riiight

in this case, symbols for the m2engage framework which apply to all games but so far I didn't have them

i think I see what they've done now

the DS core was obviously written by a different team or at a different point in time

emu_integration.dll is basically the emulator core

oooh ok

then each game DLL is like the accelerators from MGS1

but basically contains each game recompiled

same ideas but different packaging for DS

the DLLs are...

the games recompiled?

yeah, they do this a lot

OH it's not new

MGS1 has some bits recompiled

for the NES stuff they obviously didnt bother

is this similar? where it's just bits?

or is there a lot more

looks like a lot more, might actually be all of it

that's crazy...

so its kind of a native port

held together with DS flavoured glue

though the original DS data seems to still be here somewhere?

that's just me asking, since i can't actually see myself

I haven't seen an actual .NDS file yet

very very early assessment but

it looks like they extracted the NDS files and repackaged the assets into a custom format

and then recompiled the code

i suppose something like that would help the games out

no slowdown or graphical bugs, etc

that way the games themselves can just be tweaked and not an emulator

yeah, in MGS1 they did it for performance critical stuff or to allow it to boot without a BIOS

and.. to censor someones arse

and to replace staff ghosts 😔

i wonder if this thread should be renamed ldskjflkds

like, M2 shenanigans

i can't wait to go into the different assets and stuff

see if there's early menu graphics

secret dev notes...

How are the games?

i havent even launched it haha

me neither lsdkfjlksd

image extraction successful

did you get that from the steam release?

mmhmm

noice

freemote's still good here

looks like i'm in the manuals directory

023/image, but it has others too

hell yea, main menu graphics extracted

unfortunately, the "Konami's Best" variant of the cover is not in the files 😔

oh hello?

were sounds replaced...?

ez

these are getting easier to bringup thankfully

no roms here

huh...

i see

y'know, i wonder why the korean version of OoE is included

is it really that different from the other versions?

or did they just want everything here

they've been pretty thorough with all the m2engage stuff tbh

i don't really need this many versions of MGS1 either 😄

hmm... i've been trying to find these video files

i guess once you've got one game in its not much more work to do the rest either

there's videos that play when you hover over a game in the title screen

aren't they outside of the PSB?

windata/system/movie

maybe not but there are videos there

oh you're right! these are it

thanks lsakjfdlks

didn't think to look there

np

lol

it was the first thing i noticed before i even unpacked it xD

bruh what is "remake"

is this literally a game constructed directly inside the m2engage UI

the remake of vampire killer

like there are json files describing level data

crazy

well, i bet this can tell ya something

PNGs of map sprites

in remake/map

its so very weird

the framework itself is a game engine

but they usually use it as a frontend for emulators

this has really changed my perspective on m2engage haha

the title screen graphics

IS THAT A WATERMARK ON THE LIGHTNING

looks like it

what's the logo

i can't read it that well

ends "bes"?

pikbes?

"Pi" at the start maybe

pikbest!

the e matches up

terrible

all the effort that went into the technical aspects here

no FUCKING way i found it

https://pikbest.com/png-images/drawing-lightning-design-elements_1156722.html

if you click the preview the watermark disappears

but, lol

hardly the most complicated graphic to render in-house

im still kinda amused about "Illegal function call" being the goddamn seed

nice meme

i could have done this through an email but https://fixvx.com/OddOttAllen/status/1828531211125620767

this is a bit funnier

hopefully if they keep releasing stuff and i keep porting to it, we'll eventually attract another developer 🥲

i feel like i might be the first to discover this, i feel cool dlkfjlsd

there's a whole two people researching this release in the world rn

and they're both in here

oh!

well that's fun

easy achievements

idk why i called haunted castle "vampire killer" earlier LMAO

like, vampire killer is MSX2 😭

https://tenor.com/view/ea-sports-e-ea-meme-gif-14922519

the "printf" we usually hook is implemented by the emu_integration.dll

not by game.exe

so this is the first hook inside another DLL i guess

thats the only hooking complication this time round, everything that works for MGS BC1 & Ray'z works here

what will be in BC2 tho

i need to get some code checked into git

before it piles up

gonna write something to unpack those castlevania filesystems for shits n giggles

probably a 10 min job

yeeea buddy

https://github.com/nuggslet/MGSM2Fix/commit/79bdb42d907f2bb95c26a41d18fb0ae1bc7cf0fa

interedasting

e.g.
Castlevania Dominus Collection\windata\alldata>python DraculaDominus.py dra01\data dra01\data\files
Castlevania Dominus Collection\windata\alldata>python DraculaDominus.py dra02\data dra02\data\files
Castlevania Dominus Collection\windata\alldata>python DraculaDominus.py dra03\data dra03\data\files

i assume if you extract the NDS games you'll see something comparable

oh i see.....

oh!

yeah these are just. the fully extracted files

oh my god

you're right

the right is the rom contents extracted through DS header tool

it seems to me that we're looking at a full recompilation of these DS games in this collection

yup

now what i'm interested in is what they took out...

"mv" is probably the FMV opening

i'm unsure what dwc is, it contains a utility.bin file

snddat is sound data

sc2 in the collection has a lot more files it looks like, 520 compared to the DS's 184

2 extra files in so in the collection, 420 vs 418

this is all that's in the font folder in the DS rom

i doubt it'd even be possible to recompile the collection's files as a DS rom though

there's probably some crucial things missing for it to even work correctly

or, there's things they tweaked to work on the consoles that will just break everything on DS

I haven't found the original code anywhere yet, and it seems to use a recompiled version so no actual requirement for them to include it really

this is your AMD64 PC using a make-believe DS GPU, cartridge bus and sound chip but otherwise it's just a native port of the game

would you consider something like this similar to that zelda 64 recompiled project that's been around for a couple months?

if you've seen it before

yeah that's basically what they're doing

this is so interesting

MGS1 is like a halfway house

where it is clearly still being conducted / orchestrated by something resembling a full PSX emulator but has certain bits replaced with native code

this is more complete

things like BC1 are pure emulation so there's like a whole spectrum of options with m2engage lol

BC1?

MGS Vol1 Bonus Content

oooooh

Damn, you two are still in here doing great work

The moment I realized the Dominus Collection was M2, I popped right back in here knowing there would be action

Hi @pure radish , I wanted to ask you something. Do you know how I could insert in-game text, but not the normal text (drawtext, prinf, sprintf, etc.) but some that can be inserted in coordinates (like the texts of the items you pick up) I wanted to know how it works or how I can locate it in Guidra, but it is not for MGS, nor for PSX, but for N64, but with an indication in this game I could know how it works.

thank you kindly 😌

nuggs has been doing most of the work tho

they're more like the person looking into all the coding and technical aspects, while i wanted to look into the images and sprites

though we did have a common interest in the DS roms themselves

i can say, as far as i can see there isn't anything that's unused within any main menu graphics

maybe there's something in haunted castle revisited but i'm not an expert with that game

Nuggs is the GOAT

i'm still a little proud of myself for finding the stock lightning image dlskjflksd

Er, that was supposed to be quoting the next message

But yeah, finding that lightning was hilarious

plus!! i could have all the raw images from the gallery

the order of ecclesia box arts are so stunning

Yeah, that's awesome

i really do think it's a missed opportunity from Konami to not include the "Konami's Best" box art for dawn of sorrow though 😭

so somehow i did it but

yeah it doesn't work

the final rom is like 65mb and repacking just the files included in the collection makes it about 26mb

soooo needless to say, there's PLENTY missing to make a playable rom

you mean like text entities rather than debug / menu prints? that sort of stuff is so highly variable and engine-specific it's hard to offer any pointers for it

there's basically any approach to it existing in the wild

i can't really suggest anything without more context

lol

as a result of switching to that separate heap allocator

with the non-standard calling convention

if I use a debug build of M2Fix now, i hit a standard library assert in stack protection

because it runs that check before my manual ESP fixup is applied

F

can fix it with #pragma runtime_checks("", off) in safetyhook.hpp

however it doesn't fix the size of my std::string being different across Release/Debug configurations and expecting interop with the game's instances

i should probably reimplement that string class anyway rather than just depend on luck (interop working out)

it is a bit annoying I can't use debug builds at the moment

C++ ABI considered harmful

https://devblogs.microsoft.com/oldnewthing/20230803-00/?p=108532

template<typename T>
struct basic_string
{
    static constexpr size_t BUFSIZE = 16 / sizeof(T);
    union {
        T* ptr;
        T buf[BUFSIZE];
    } storage;
    size_t size;
    size_t capacity;
};

thanks Raymond!

Look, something like you see here "cardboard box" these texts appear in environments. I wanted to know how it would look in a decompiler, to see how they are created.

yeah that is just going to vary wildly

on a per-game basis

I don't know for MGS as I'm not intimately familiar with the decomp, I only really knew this stuff for DP

could be a font, could be one big texture, could be anything really

tbh I've had more success with decompiling stuff by just seeking to discover anything and seeing where it leads rather than specifically trying to locate X

https://github.com/FoxdieTeam/mgs_reversing/blob/5979a3b6115106cf141994b414c2fb31376c60a4/src/Game/item.c maybe its here? seems to have a "character" role and has a lifecycle and animates etc

which looks like just a backend that is driven by the GCL scripts

so maybe is "specialised" by the scripts which will provide individual item attributes and names, but im speculating

its just so varied - bear in mind static analysis is just one tool and runtime stuff can help inform static analysis enormously

e.g. could try searching for string format functions and cross-referencing, or if you find textures for a font you could try hooking a texture load and waiting for part of the font to come up as a hit and cross-reference from there

you're working at the business end of things here, it's hard, there's no cheat codes

aww ye the debug build works again

been a long time since that worked

"press any button"

press down arrow

no response

I think this is where it is, then I will try to see if it works. Thanks for the info

oh so you are working on MGS1? I thought you were looking at N64 😛

Searching in other games is a bit complicated, I'm not familiar with reading and writing items, I only know a little about pointers in N Switch. Anyway, I'll apply what I learned here.

Yes, yes, for N64. I wanted to see if I could add GamerTags on the characters for a "possible" multiplayer

HAHAHAHAHAHAH

i was trying to debug this last painful heap issue in some of the 32bit titles, castlevania advance & anniversary both have it

and well, i just deleted MGSM2Fix.asi and it still happens

turns out it's actually caused by NVIDIA driver stuff

perhaps the ASI loader itself replacing d3d9.dll

but, hey, thank fuck it's not my problem

hopefully I can proceed now and do some reorganisation of the project and get all the reworked stuff into git

maybe i'll try to find another ASI loader that avoids d3d9.dll and see if that cures it

just so happened that 1. my stuff has to deal with the game's heap and 2. i had a known issue with that in the past, so i apparently took it more seriously than was required

okay, nope

it just crashes when u close it

thats a feature

nothing to do with mods

good game

most people won't notice without a postmortem debugger set up i guess

pretty funny tho

i think im done stabilitymaxxing

doesn't seem to be any issues in my stuff now on any game

Dominus doesn't crash when u close it (^:

yay!

i think my only gripe is that it doesn't start in borderless windowed

but a lot of the konami collections are like that

Can't wait for the complete MGS1 decompile so someone can port it to the N64 with no voice acting, replacing it with text boxes.

https://fixvx.com/Oersted20/status/1829209486151794927

https://tenor.com/view/thats-not-the-truth-ellen-gif-20104452

emulated

no ARM code anywhere to be seen

i'm offering to chat with the guy in DMs about this

not to be like "erm you're wrong" but because it's pretty cool

cool, if he thinks it's emulated he can point me to the file containing the emulated code

he said that "we can't extract the assets from the collection yet"

meanwhile we have uh.... two days ago dslkfjlkds

i haven't asked him yet, but if you're down, would you wanna share the findings in discord

like a group DM

can't wait to see his reaction when he found out it's all discovered in MGS server rather than castlevania server lol

he's still stuck on them being emulations dslkfjhdslk

this would be an interesting conversation

It has been deleted now? Lol

ah yes

lol, lmao even

like its fine to speculate but present your informed guess as a guess, not as fact

i post all manner of hypotheses here

maybe we didn't need a DSVania expert, we needed an m2engage expert (^:

So why didn’t you tell him how the game actually works

did you still wanna chat with the guy about it? he seems pretty curious

he quite literally said it was a skill issue that ARM code wasn't found and that it should be in there somewhere

Oh damn

rather not expose myself unnecessarily to ego drama thanks

Thought he would be more receptive tbh

yeah you're kinda saving yourself there

that was early on tho

i showed him the extracted files and then he was all like "wait what!!!"

and now he believes that there's graphics emulation but not code emulation

well, that's accurate

oh good, i was gonna agree with that

also a screenshot of me is on the castlevania reddit now cuz of him? not that i mind LOL

look ma i'm famous

Nice

What emulators does that collection have?

like a quarter of a DS emulator

but it doesn't have a complete emulator of anything

everything is native code

there's just a translation layer for GPU/etc

they definitely still had the source code, so just recompiled it

umm that doesn't have 2 screens, how do they deal with the touch screen?

I think the left 2/3rds of the screen is the top screen and part of the right 1/3rd is the touch area

and i think they use the spare space for something else

the guy didn't think so, just cuz that wasn't "like konami"

i guess after what happened with silent hill HD collection? idk 😭

but that was over a decade ago

also i'm unsure about this part, because the game accepts touch input from everywhere

you can 'tap' to spell out your name in OoE

on the DS, the games' gameplay was on the bottom screen while the map was on the top iirc

(open traslate)

okay, that's new

unless i'm misinterpreting what was said with the screens?

im just describing how they split up the single PC screen

i wonder if you can actually tap and stuff on the switch version in handheld mode

or the steam deck... that's a touch screen, right

They're going to need a lot of help there, specifically from Digital Eclipse, not M2.

It's a DS game, if it's not emulation and it's a port, then they removed the touch part, right?

no, you can still use touch functions in the collection

you move the right stick and click with the right trigger

you can also change the speed of the cursor by clicking in the stick

oh a virtual mouse, that's weird you know

I'm going to watch a gameplay

from what i see, the touch functions have been changed to not be used too much

the sigil things in Dawn of Sorrow have been changed to be button presses from what i remember

yeah its interesting how m2engage ends up used for multiple different techniques

I'm watching a gameplay, it says that touch screen works in portable mode for Switch.

:0

Could you try to see if there are instructions about this in the luascripts?

YOOO

that's so cool!

and if we open up MGS delta and see this, what then

(that'd never happen dlskjfjldsk)

kek

don't we know it's on unreal tho

I really like how it looks, they improved the visual aspect of the Advance version

yea it is, was just bein silly

unreal with m2engage frontend and menuing system

well

did you port MGS1 to N64

https://tenor.com/view/explosion-gif-21452981

i think im now at the point where i've reworked the fundamentals, but want to large-scale reorganise the project source so it's not a complete fucking mess

probably need to prototype this before i end up somewhere even worse

Well, I still don't know how to use the API (video, audio, controls) to port something, so it's an unknown world for me.

he found the symbols and is freaking out now, says he really wants to talk about it 😭

what symbols

the debug ones

in e.g. dra02.dll?

the screenshot he posted was uh... it looked like an elf file?

any of this look familiar

he's looking at the switch version

interesting...

but otherwise yeah

did they not strip the switch version

that'd be funny

wouldn't be surprised if it's just the same code but different wrappers for each system

i only have symbols for dll imports/exports AFAIK

which are obviously necessary for it to function at all

but that's an improvement over having... nothing at all with MGS1 (because its all in one exe)

yeah, i think the switch version has more symbols than PC then

i don't have those

holy shit

might be valuable for me to dump the switch version lol

as that might reveal even more m2engage stuff that is applicable to all games

i'm assuming that you still wanna keep your distance then?

completely understandable, but the guy's saying that all of this is huge and that modders would really benefit from all this

he says a full scale decomp would probably be possible

a leak of all symbolic information is pretty huge yea

i guess he just wants to know a lot more about your side of all this, the technical stuff

like what lol

here, i'll ask for specifics

i'll admit, i worry that i've just been poorly regurgitating a bunch of the info shared here to them and i just hope i got some things right LOL

seems like he's answered the first two by himself

this was actually a screenshot he got from someone else

oh

"I wanna know how this shit works, and how I can make it work differently." he says

i mean its only partially emulated because the data is structured radically differently and has almost nothing in common with the original release

and as that screenshot shows

it has been compiled for each native host platform

you're looking at switch arm64 code with the symbolic information of a DS game, that should be a pretty big clue lol

how to get the symbols is easy, load the executable in anything that understands the debug structures for the host platform

I don't have many because the PC version has been stripped so that only necessary symbols exist for DLL import/export

but looks like they forgot to do that for switch

which is an easy mistake to make because it's an unfamiliar platform using proprietary tools

a mistake that opens the door wide open for hacking these games

eh

it doesn't immediately grant any capability at all

it's just information

still, valuable information to the people who know what to do with it

it's not going to port itself, but it does completely eliminate any semantic analysis you'd otherwise have to do

when every function has a name, decomp work is just a case of mechanically lifting machine code to a higher level language

you don't have to do any work to understand what you're looking at

as it tells you lmfao

i guess the switch version is the one they'll want to work with in this case, then

yea

im interested in the switch version for different reasons lol

this could be a gift to M2Fix

do you think other games on switch that use this could be helpful as well?

i know i have at least one

the castlevania anniversary collection

it depends, MGS1 on switch was stripped so it wasn't much use

so just case-by-case need to look at them

but if any one of them fucks up, that's a lot of info that applies to all of them because the core is not too different

and it's easy to infer the unknown bits if you have a slightly different example

vs being completely blind

can see how much all of them have in common given I've got the thing fairly easily ported to like 9 titles now

didnt really expect modding the bilinear filter out of MGS1 to turn into all this TBH

nor did i LOL

butterfly effect

are you able to dump games from your switch, by the way?

no

thankfully, i'm here then

i got a day-one switch that i've been dumping games from for a while

...just gotta find my jig

ok i found it LOL

now i'm not really in a position to get another copy of the collection, but i can at least dump whatever games i have that use the same engine

which is at least one sdlkfjklds

i forgot if i bought the advance collection

advance & anniversary are so similar they might as well be the same

so I'd guess if one doesn't, the other won't either

in all my testing they generally behave identically

whereas dominus is the most unusual we've seen so far

yup as i thought, i only have anniversary

I think contra anniversary, castlevania advance & anniversary were all made at the same time

there's also the arcade classics collection

the WUT

is this another game i don't know about

oh yeah, it was the third collection that came out alongside contra and castlevania anniversary

https://store.steampowered.com/app/1018000/Arcade_Classics_Anniversary_Collection/

to steamdb we go

interestingly enough, ALSO includes haunted castle

that doesnt look like m2engage

phew

oh i see :0

https://steamdb.info/depot/1018001/

can see the files list

just too different

doesnt have the usual structure

ok don't ask how, but i was able to get the dominus collection

it's still downloading on my switch

finished

the FUCK

yeah idk how to get this working 😭

No emulator would have quick support for new games, imagine N64 which still has bugs. That's why they closed that Switch emulator from the creator of Citra

this is different

there's some key files missing, or something

sooo, yup

all symbols leaked lol

I guess that's a good thing? lol

did you end up getting a copy of the switch version?

or did somethin else go down

i got the NSOs/NROs

is that another switch game format

nah its the formats of the executables themselves, not the entire ROM

aka specifically the bit im interested in

  strcpy((char *)v39, "*Illegal function call");
  MFile::SetCryptSetting(v39, 92LL);

illegal function call spotted!!!!

OHHH THESE

yes

yeah i finally got a working version

they're the equivalents of the PC version's DLLs...

i see now

yup

insane

i found

https://tenor.com/view/tom-and-jerry-sneaky-key-lock-door-tom-cat-gif-27616110

hows mgsm2?

project has been in for some major surgery to make it easier to extend and work on in general

tbh it was getting difficult for even me to work on it so could hardly expect others to contribute

the symbols leak changes so much lol

now i can finally work out the name of that custom heap allocator

i wonder if there's some tool i can use to transfer the symbols to the PC games

not sure how that can work besides statistical comparison of "decompiler" output

there's a project for this, what was it called

this guy https://github.com/joxeankoret/diaphora

wonder how that copes cross-architecture

oh wow i had no idea how similar the native lua API is to the native squirrel API

I stayed up late last night

doing what

I'm finishing the tests

ah yes that's what M2Fix needs, unit tests

Hideo Standby

I'll show you how it turned out

@pure radish

LOOOL

should be enabled with the konami code

ahahaha

I want to learn more, but there are things I still need to know.

How to get the value of a pointer

cast it?

to obtain the coordinates of the actors

I've seen something like

#define playeroffset ((char *)0x800ae318[0]);

but I get nothing

what do you mean?

It's a line of code I saw in psx-modding-toolchain

so breaking that down

0x800ae318 is an integer literal

(char *) casts it to a pointer to a signed 8bit array

[0] gets the first element

it's an lvalue not an rvalue, so it can be assigned or read

so doing playeroffset = 0 will set the first byte at 0x800ae318 to 0

printing it will, well, print it

if you're not seeing anything then either

the address is wrong

or

perhaps the compiler is choosing to eliminate successive accesses under the assumption that it's unchanged due to lack of visibility over what the game is doing

in that case, (volatile char *) might help

well, there's the integration DLL but uh...

what's this

its just the hooking of the print function, it's in the DLL rather than game.exe so needs special handling to hook the DLL instead

ended up with it looking quite elegant, thats all 😄

C is giving me a syntax beating

pointer arithmetic rules

what sized data are you trying to read? 8bit? 32bit?

"PlayerPointer + 0x8" will be "offset + (0x8 * sizeof(unsigned int))"

jeez, trying to understand all of this is taking me back over a decade 😄

I just accidentally moved Guidra to somewhere using Q-Dir and now I don't know where it is.

I had to put 0x8 because I can't use 0x20 to shift 20 bytes because for some reason that's how C works.

0x20 bytes u mean?

Each axis occupies 2 bytes

ayy

I can't find my Guidra anymore 🥲 , I wanted to see how the operations of combining SVECTOR in X,Y work.

I have to know the coordinates of the object on the screen and then get an exact x & y value at the screen position, so that the letters move there.

Mr. Rodriguez why are you using old psx emu

PCSX-Redux isn't old

Oh I thought it pcsx reloaded

I think that’s what it’s called

first try

SNAKE

i not undestand this (puVar6 is addrs player position), gte matrix???

that maps to

cop2r14 in

cop2r12-15 6xS16 SXY0,SXY1,SXY2,SXYP Screen XY-coordinate FIFO (3 stages)

so gets SXY2

16bit X + 16bit Y i assume

It seems complicated and I can't do much in C for now

my first big boy C project had a pretty steep learning curve too haha

Yes, but this is different, seeing old code, old methods, COP2 stuff. There are no libraries to get familiar with, just the built-in console API.

isnt that the ghidra extension hiding the details

it's probably using a coprocessor instruction there

swc2 or whatever the fuck it is

i guess not really "hiding" but going out of its way to avoid having to emit inline assembly

there isnt much to see for that one, the hardware writes some coordinates into your buffer

unless you want to look at some verilog, best thing to do is look at an emulator for how that command is handled

but do you really want to develop a complete mental model of the GTE implementation details

i don't really know how it all works, i just know that it does

i think that command literally just extracts a GTE register, it does no GTE computation for that one

obviously the other ones probably do, and that is getting the result

based on context sounds like you've found code that updates player position in 3D space, and surprise, 3D space is delegated to the GTE

I guess what you want is more like a GTE user's manual?

https://psx.arthus.net/sdk/Psy-Q/DOCS/

I mean, I can't see what param1 or param2 contains, I've been doing breakpoint exec and nothing happens in that whole instruction and it's the only one that controls the items char, putting Nop return and the text keeps appearing. I assumed that the game would load the second executable in the rom ("mgs/slus...") but it seems that it's using the first executable in the root, which doesn't make sense since that one is to verify something or protection or so I think. So I can't be 100% sure what's going on there, I've just been guided by following pointers and offsets, that's all.

this functions

https://github.com/FoxdieTeam/mgs_reversing/blob/676cff31afe365f236db39945b31d11f831abb18/src/Game/item.c#L255

ah, so in this screenshot you're looking at item_act_helper_80033704?

looks like the key thing there is gte_rtps, which does "perspective transformation"

https://problemkaputt.de/psx-spx.htm#gtecoordinatecalculationcommands

its basically a conversion function

sends coefficients and input coordinates to GTE and gets the scaled coordinates back

i doubt you really need to mess with the internals of that, just work within either the input domain or output domain

3 of those calls seem to just set up inputs, 2 of them collect outputs, gte_rtps is the actual operation

Okay, should I use that instruction or is there another alternative?

i dunno what you're trying to do that requires messing around with this

there is an alternative: implement the GTE semantics in software, but you might slow the game down 😄

the instruction is fine to use

That decompiled function has many changes, in Guidra it looks like this

are you sure thats the same function?

it might have the same rtps pattern in it but that could've just been something that gets inlined all over the place

well basically it makes the text stay in the position of the object I'm looking at (only works in first person)

maybe it's these?
gte_SetRotMatrix(&DG_Chanl(0)->field_10_eye_inv); gte_SetTransMatrix(&DG_Chanl(0)->field_10_eye_inv);

the parameters for those might change

im just guessing based on the context and naming

Yes, it is the same and the only one in the executable, but I already mentioned that during the game, altering that same memory region does not happen anything, so it must be taking the one from the other executable, I'm not sure how it will be seen from SRAM

sounds like you're intentionally trying to change how the game uses 3D space so I guess the GTE is directly relevant to you lol

the GTE bit is basically a "pure" function

b = F(a)

I'm just trying to do the same thing, and make the text follow the character. I'll probably leave it for later, I hope I have better luck ahaha

you're reaching my limits when you get into gamedev 3D / GFX stuff 😄

I like this, but I have a knowledge gap there, why would I call that function and it not return any data?

because it sends data to the GTE

for the upcoming gte_rtps computation

the whole thing is like:

    gte_SetRotMatrix(&DG_Chanl(0)->field_10_eye_inv); // send to GTE
    gte_SetTransMatrix(&DG_Chanl(0)->field_10_eye_inv); // send to GTE

    gte_ldv0(pIn); // send to GTE
    gte_rtps(); // GTE computation
    gte_stsxy(pOut); // receive from GTE
    gte_stsz(&z); // receive from GTE

GTE is its own HW functional block with its own set of registers and state

Ghidra is showing you the R3000 CPU side, not the GTE memory and logic

That's very nice, but how would it affect, let's say, the position of the text? That thing about gte_stsxy and gte_stsz seems interesting.

I would guess that depends on the value(s) at &DG_Chanl(0)->field_10_eye_inv exactly what transformation is done

this is a command/response sequence

https://problemkaputt.de/psx-spx.htm#gtecoordinatecalculationcommands

gte_rtps is doing:

  IR1 = MAC1 = (TRX*1000h + RT11*VX0 + RT12*VY0 + RT13*VZ0) SAR (sf*12)
  IR2 = MAC2 = (TRY*1000h + RT21*VX0 + RT22*VY0 + RT23*VZ0) SAR (sf*12)
  IR3 = MAC3 = (TRZ*1000h + RT31*VX0 + RT32*VY0 + RT33*VZ0) SAR (sf*12)
  SZ3 = MAC3 SAR ((1-sf)*12)                           ;ScreenZ FIFO 0..+FFFFh
  MAC0=(((H*20000h/SZ3)+1)/2)*IR1+OFX, SX2=MAC0/10000h ;ScrX FIFO -400h..+3FFh
  MAC0=(((H*20000h/SZ3)+1)/2)*IR2+OFY, SY2=MAC0/10000h ;ScrY FIFO -400h..+3FFh
  MAC0=(((H*20000h/SZ3)+1)/2)*DQA+DQB, IR0=MAC0/1000h  ;Depth cueing 0..+1000h

where a lot of those things like MAC0 are GTE registers: https://problemkaputt.de/psx-spx.htm#gteoverview

cop2r24 1xS32 MAC0 32bit Maths Accumulators (Value)

https://github.com/stenzek/duckstation/blob/master/src/core/gte.cpp#L670

This is the most basic thing to display text, now I just need to implement the dynamic coordinates

nice one

more than I've done in MGS1 itself 😄

oh, this is for more into the 3D stuff in game?

see this clip

wow lol

learning to use the internal instructions of the game, I want to go deeper

Another thing that is related to 3D is this but it is more reimplementations using GL
https://youtube.com/shorts/JQ-niVclPJw?si=_tuvfXISx5BhHpB8

oh neat, managed to make Sqrat useful for calling Squirrel functions from C++ in an elegant way

now I need to rewrite all the cases where I do that xD

this stuff was so ass, extremely brittle

surely even more I can do here to rice it, but it's heading in the right direction

much prefer 1 line definitions to all that crap in the first screenshot

https://tenor.com/view/psyduck-farfetchd-pokemon-gif-17872492

I'm going to dump the SRAM memory and see where that function is actually located.

reading cd rom and writing to ram?

that function submits a CD patch to the emulator

The dump is worse, only one function calls printf, the decompiler doesn't work well with dumps.

They are probably heap functions?

bear in mind the game has a code overlay system

so it swaps code in-and-out at runtime based on the level

so a dump will have different functions referenced or in memory than loading from PS-X EXE (which won't have any overlays at all)

any dump from a code point-of-view will look different in one area vs another (besides the "core" code that doesn't get unloaded/reloaded)

SystemEtc::IsLogining

IsLoggingIn?

In the beninging

Great, I can see in this psx-redux log where the functions are called. I'll find out where that printf is called.

but it should be used with care, it spams me with cpu tracking logs

https://tenor.com/view/fail-error-notification-box-ok-gif-15436537

I found the function, Guidra was not able to disassemble

that just means it hasn't discovered the function heuristically

you can force it to recognise code there

it's some key-bind (or right click menu might have it)

it's not magic, it tries its best with the information it has but it can't always find all code, nevermind all functions

What option should I activate?

yeah, those are just the heuristics it uses

probably none of them as they might have unintended consequences

"aggressive instruction finder" would probably do it, but it might find code in what is actually data

if you know a function is there, you can manually tell ghidra

can't remember what the key-bind is - is it "D"?

i think at one point I changed keybinds to be more like IDA

usually if you give hints to ghidra it will re-analyse and find even more functions than what you told it about by analysing the call graph

😲

This is definitely the item act_helper function and it looks much more beautiful.

and there are no things related to gte, what a relief

The previous function used the same value for X and Y in Menu_Locate, it didn't make sense

yeah i didn't really know why you were looking at that xD

lol

that looks more like https://github.com/FoxdieTeam/mgs_reversing/blob/676cff31afe365f236db39945b31d11f831abb18/src/Game/item.c#L240-L253

doesn't seem like particularly efficient use of overlays if they have multiple copies of that about

one of them is in the base executable by the sounds of it, just inlined, I'd figure better to not inline it but 🤷

Yes, it is only called when you want to move a text over the item or in general when you are drawing a text like the magnifying scope "binoculars". Item texts flash, when they are not being drawn they are not used.

btw is the work to get higher resolutions working without the serious graphical issues they have still underway?

atm ive been doing some housekeeping to the mod because it was becoming too difficult to work with, the idea of loading even more complexity on top of it in its previous state was kinda unthinkable

fixing that is complex, so requires some more solid foundation

the issue is understood but it'd have been a brutal experience resolving it without taking care of some things

konami is allegedly also looking at it themselves, so it can only really be justified if it becomes simpler to do in the mod

spending a huge effort just to tick the box a bit sooner and end up with something completely incomprehensible and even less maintainable isn't something i care for, personally

it's still on the list but im not trying to bulldoze a path towards it

if anything the mod has done a good job of telling konami what people want to see 😛

but beyond that it needs to provide things they definitely won't do longer-term, mindlessly hacking the game to shreds and making an utter mess of it all isn't a good way to go about that

we kind of lucked into a way of tricking the renderer to do what the mod currently does, but the limit of that was quickly reached

but im not stopping anyone else from trying to solve it quickly if they know more gfx stuff than I do 😄

it concerns even things like the directx shaders used, it's not really something you can just patch a byte here or there, it's a multidimensional problem and needs hooks all over the place and so i've been trying to make it easier to do that

project needs a better structure so im not just sticking code anywhere and everywhere before I'll even go near a problem like that 😛

this stuff will be beneficial even if konami comes out with an official feature, so it's easier to justify doing it

hope that helps

just imagine trying to do this sort of stuff throughout the entire renderer: https://github.com/nuggslet/MGSM2Fix/blob/master/src/patch.cpp#L116-L144

enough to induce psychosis in anybody

trust me, i wanna see it working more than anybody, but https://www.youtube.com/watch?v=0d6yBHDvKUw

real

hell yea bruh

interacting with the M2 squirrel API is now as easy as it would be if I had their source code

it's like, almost solely declarative

i think im happy with this so will move on

these are header-only too

basically rewriting the whole thing at this point

really hoping i can eliminate all this horrific squirrel stack stuff with some sqrat magic that condenses 7 lines into 1

painful

wtf mgs1 master collection modding renaissance out of nowhere?

WELL, most of the talk in here lately is cuz of the new castlevania collection

but nuggs seems to have gotten some valuable info on M2's engine to make things easier for modding and stuff

(from my understanding)

there isnt really a renaissance lol

thats not how any of this works

sometimes i can work on my things less sometimes i can work on my things more its called life

my new font can't display that weird character 😦

wait, this isnt even the correct font

why does VS randomly reset the font

https://tenor.com/view/brick-fish-sponge-bob-brickfish-gif-24756065

https://tenor.com/view/cat-gif-9806356149562843002

hmm

will this work

[2024-09-07 20:33:15.106] [MGSM2Fix] [info] MGS1Collection

yes

C++ is shit

porting the project to Python

alright, nice

SQSystemProf<T>::GetName(); -> returns "MGS1Collection"
SQTitleProf<T>::GetName(); -> returns "MGS1_JP" etc

miles away from the way i used to do things

at this rate, maybe I can tidy up this code by deleting all of it

there's not just refactoring going on here but also finding much simpler ways to do things

god the squirrel scripts are horrible

this entire hook is no longer required lol

2nd thing printed equals 1st thing printed and 2nd thing printed requires no squirrel source-level hook at all

I finally made it

https://tenor.com/view/happy-monkey-dance-happy-monkey-dance-snake-gif-26143276

lovely stuff

rewritten this bullshit

that v->_stack._vals[v->_stackbase + X] has to go, horrible

i rewrite stuff and it keeps working

incredible

shame about all this <Squirk T> stuff though, really wish I could just specify <T> once and be done with it, lots of C++ requires violating DRY if u ask me

no way will this work

https://tenor.com/view/longlongman-gif-15153155

conker is driving me crazy, so many dynamic functions, rom compression, I don't even know how to modify the functions

yeah, rareware stuff was like that

on DP we had tools to fully unpack the ROM

i wrote a tool to convert an ELF to their overlay/DLL format

eventually had my own overlay going

and could talk to the others

got to a point where it was just part of my build system to deconstruct and reconstruct a ROM with my DLL inserted lol

I'd probably recommend that tbh

because yeah it's going to very quickly get out of hand monkey-patching a game like that

you need a build system

im doing all this reworking of M2Fix because it got out of hand

i feel muuuuuuuch better about where it's going though

Ah, ah, so many tasks and I have a limited life cycle of my brain.

The only build method I got from the decomposition repo, but it's 3 years out of date and I also didn't find any info about these functions, so they must be compressed in the data or rodata, I'm not sure...we need 1 extra nuggets to solve this mystery

Now I'll just put return instead of nop to see what happens to break things

Well Konami released their latest Hotline today and sadly there was ZERO mention of the supposed updates they were talking about last time

i.e. for MGS 1 etc

interedasting

did they actually say anything about MC

Nope

Zilch

Not a word or mention of it

Well, aside from tangentially in relation to questions about a Vol. 2

at least we can see that they're actively working on it, so they didn't just silently drop it or anything

Thanks, I was hoping this was the case, I do remember you mentioning these depot updates not long ago, it just seems like the sort of thing they would want to promote, no?

I mean if they had anything substantial in those

Maybe they do, but still, I would've thought if that was the case they'd promote it on Hotline

it's in keeping with my assumption they will want vol1 to boost vol2 and vice versa for them to go quiet at some point

Guess all we can do is wait; either until TGS or until MC 1 year anniversary

lol did they add trading cards?

yup

Yeah, and they look really nice thanks to the Shinkawa art!

Yeah I just came here to ask the same haha

I'm guessing this is a hopefully a good indication that something is coming for TGS or the MC anniversary

(i.e: a damn patch)

i'll be very, very happy if they somehow have magically upscaled or resolution-buffed MGS1

I don't know if it's just me, or if there isn't much attention on this DS emulator anymore, because the people at NSO made a whole topic around GBA.

NSO?

referring to castlevania dominus I assume?

I'd expect not much attention; you need to be more interested in the technical aspects of those castlevania games than general DS emulation

or very interested in m2engage specifically (like me)

there's not much for you unless you're in one of those very specific groups

Nintendo Switch Online - Emulators

ah

Before Gameboy Advance emulation came out on NSO, a very accurate emulator called "Sloop" was leaked. They even had a party with it. If they knew about this DS emulator in Castlevania, they would do the same, although I haven't looked at it personally to make sure if it's 100% emulation.

its not 100% emulation

its like 10% emulation

the game was recompiled from source and talks to hardware shims in the m2engage machine

ah

the switch version leaked all the m2engage symbols though

ahaha the devs wanting to give proof of their work

Some even leave tools in the initial version

in Disney Classic Games Collection: The Jungle Book, Aladdin, and The Lion King (such a long name) this emulator was leaked...a Windows executable in a Switch port

LOOOOOOL

https://store.steampowered.com/sale/konamipublishersale2024

make sure to pick up your copy of metal gear survive

every purchase = vol2 releases 1 month sooner

24€ ._.

I'll get it once it gets to like 5€

Tbf the games individually at £12 is such good value for money

the master collection is $10 cheaper here LOL https://www.greenmangaming.com/games/metal-gear-solid-master-collection-vol-1-pc/

thank u green man gaming

unfortunately not cheaper enough, I can wait, patch is not even out yet anyways

30 bucks for Vol 1 would've actually been a somewhat reasonable price

[HELP] MGSM2Fix v2.2 BUG excessive zoom in the intro and in the water.
I'm using the latest version 2.2 of the mod that fixes the game, but at the same time it's broken when using the "MGS1 only: Enables render resolve scaling" settings leaving the game with a huge Zoom in the intro and when you enter the water. Can anyone tell me if there will be a fix for this? Because this feature is the only one that leaves the game with playable graphics, because Konami did a terrible job in this port.

my settings below in the mod are like this. "MGSM2Fix.ini"
;;;;;;;;;; General ;;;;;;;;;;

[External Resolution]
; Enter your chosen resolution.
; You can leave these at 0 if you want your desktop resolution used instead.
Enabled = true
Width = 0
Height = 0
Windowed = false
Borderless = true

[Internal Resolution]
; MGS1 only: Enables render resolution scaling.
; Width is controlled using the in-game settings. Leave the height at 0 to use the external resolution.
Enabled = true
Height = 0
Widescreen = true

Link: https://github.com/Lyall/MGSHDFix/issues/105

https://tenor.com/view/hog-exploding-exploding-hog-funny-idiot-gif-13702011850125732811

man i feel bad if this meme causes issues to be posted on the wrong project haha

someone should really fix that bug huh

the strat is actually leave it broken so konami has an incentive to do it properly 😉

And will Konami do something like this? Almost 1 year later?

We're all hoping that they have somethnig cooked up already and are waiting to reveal it at TGS tomorrow, or, at the latest, the 1-year anniversary of the MC release (October?)

I definitely have my fingers crossed but I'm also not holding my breath at all

In some ways it's beyond the scope of the project so can't really be expected

Yeah I'm worried about reaching too much into that 😅

We can hope for the best

just uhh... it might not be as good or direct a result as it sounds based on that image

yeah, we'll see what they're up to

my massive tidy-up won't last forever, hopefully we'll know by then

it's just that I know it's an enormous amount of work, basically adding a new feature to the engine, not really fixing a bug, so only want to do it if they make it absolutely necessary

tidying up M2Fix so it's sustainable and maintainable will always be useful no matter what konami does

if they're working on graphics at all then it's worth hearing them out as whatever they do I'll have to work with/around when the update goes live anyway

they could change the whole thing, somehow not please anybody, but render my initial results irrelevant and useless and I'd have to throw it all away

best to wait until the situation is "final"

I've not forgotten what I know about the problem so the work so far isn't a waste

Resolution and control scheme updates just dropped for MGS2 and 3. It'll probably be a while before MGS1 gets an update, they haven't been active on steam for a good long minute

Fuck

Sad news about the big patch today

Nothing on the table for mgs even though 2 and 3 got resolution bumps 😔

Nothing as in nothing or not at the current moment?

The only thing we have in regards to MGS 1 is:

The latest version will remain Ver.1.5.0. Note that this is not a patch for Ver.2.0.0.

well they haven't fixed the bolloxed keyboard bindings yet either

and they were unambiguous about that being fixed in the future

oh nice

so we know something is coming

so there is hope

the keyboard bindings might as well be alphabetised rather than arranged conveniently

when you play on keyboard you're actually playing two games at once

the other one is twister

does that confirm a future 2.0.0?

fingers crossed 🤞

this is so stupid haha

not even trying to play online

wonder if it detects ghidra

https://en.wikipedia.org/w/index.php?title=Bjarne_Stroustrup&diff=1247683260&oldid=1245481990

who vandalised Bjarne's page

vandalism is what they are doing with winamp on github, the issus are hilarious.

imho I heavily doubt they'll touch anything resolution related with mgs1 given PS1 nature, but that's just me

yeah sadly I think you're probably right

I would have expected news about it/an update about it if they were going to; i mean I would've expected it to come with this most recent patch if not

I always thought it was weird the updates were synchronised up to now

I'd guess different teams are working on 2/3 and M2 stuff

Yeah I do think that's odd too

it means they can have things sat in the pipe for ages on one side

i guess the fact they did synch them makes me think they should've had some info to go with it in regards to MGS1

who knows tbh

it's not over IMO until vol2 comes along

they'll be one product then

oh wait, there's another Hotline today

https://youtu.be/Pqj8pONszrQ

Gonna be an hour long too

i reckon it'll be mostly Delta but hopefully they throw us a bone

those patch notes were infuriatingly ambiguous

The latest version will remain Ver.1.5.0. Note that this is not a patch for Ver.2.0.0.

https://tenor.com/view/confused-john-travolta-pulp-fiction-lost-where-gif-5377106