I want to learn how to create 60FPS patches for PSP games that run at 30FPS correctly

[juanjose123422]

before you answer me, yes, I already Read/Practice with the post from this link.
https://forums.ppsspp.org/showthread.php...#pid104375

However, this information is very incomplete, that is to say, if you share something on the net you usually try to be more detailed about the subject, isn't it? but it is a subject that doesn't show how complex it really is.

I really thank LunaMoo, Kabuto_Kun, VIRGIN KLM for explaining the subject but I think it is necessary to complement it.

I mean this kind of cheat helps but it does not work in all cases,and it lacks necessary information.

_S ULUS-10213
_G The Warriors
_C0 60 fps
_L 0xE001FFF6 0x003B517C
_L 0x203B517C 0x00000000
_C0 60 fps[Disable]
_L 0x203B517C 0x1440FFF6

If it's possible I want to know the way to create 60 FPS Cwcheats correctly.
and by correctly I mean something like this

_S ULES-00703
_G Burnout Dominator [EU]
_C0 30 FPS v2 [Default]
_L 0xE0040000 0x0002574C
_L 0x2002574C 0x14A0001A
_L 0x201A0360 0x089A0360
_L 0x204F08BC 0x3D088888
_L 0x2019AE98 0x3C043F80
_C0 60 FPS v2
_L 0xE004001A 0x0002574C
_L 0x2002574C 0x00000000
_L 0x201A0360 0x00000000
_L 0x204F08BC 0x3C888888
_L 0x2019AE98 0x3C043F00

Since the following doubts arise and the info in your post is old and does not talk about it.

1) how do you get the pointer addresses in case the game is DMA?

2) how did the person who created this cheat get to this address 0002574C, what method did he/she use?

3) how did he/she get the other addresses, I mean these ones 1A0360
4F08BC 19AE98 , and why those?

4) What is the function of these addresses?

Question:
Even if it wasn't specifically about creating 60FPS cheats, my main question is, how do you get the pointer addresses? That is, I realize that despite restarting, saving, loading, the addresses that you use in the cwcheats you create. Are static. How do you/they find them? the only method I know to find static addresses on ppsspp is to dump the address that you find and do that same process several times in different locations in the game, so that the address that stores a specific value changes location, and then you use a program called Vita TempAr 5.31 with those dumps and it gives you something like this

_C0 Generated code
_L 0x60XXXXXX 0x00000000 (pointeraddress - value u want)
_L 0xXXXX2XXX 0x00000000 (type of address 8/16/32/inverse - offset)

but that type of direction is not what I am looking for nor is it the correct way since that type of pointers generates bad reads/writes and causes crashes and they do not always work. since despite being pointers they only work during certain areas of the game and if the memory region changes when restarting, loading or saving directly, it stops working and crashes, which does not happen with the addresses that you/them create, besides the ones you/them use, do not need that type of format.

Example to clarify

Let's say I'm in a DMA game in which I want to cheat and make a cheat that modifies/freeze the value of money on 99999. Assuming I find the value in the cheat engine, how do I find the pointer of that address?

I only ask if possible for a method/guide or video that resolves the doubts that I and others may have regarding the creation of cwcheats.

[LunaMoo]

If you just need a quick answer about our "pointers" you asked in the end, skip to the bold text, spoiler - it's not really pointers.

You'll never be able to find a guide that holds your hand and allows you to create any game patch from just following it, that's because every game works differently and while some of them share similarities, especially when running on same engine what you really need is an open mind, curiosity to figure out how the game works, experience in low level programming(MIPS) and tools.

For tools, you really don't need anything else but PPSSPP, but you also need a functional debugger, so even with remote debugger android is pretty bad choice, but any PC platform is probably fine with best probably being windows, but the rest is all on you.

The code for Burnout Dominator isn't any more correct than the code for The Warriors. Some games requires patching just one opcode, others need to patch more functions or variables that correct some logic or physics if they are tied to FPS.
In some cases there's just too much to patch other than the FPS for the game to work correctly and it might not be worth the effort especially since most PSP games aren't fast paced nor competitive and at that point in time if a game doesn't have a functional FPS patch it's probably the latter, unless it's really rare and nobody even tried.


I can't tell how other people's work, but I can easily guess that if a cheat code changes some game code, the person most likely used PPSSPP disassembly and even through it also patches some variables, their addresses could also be found by following the game's code, althrough it's also an option to blindly search for it based on experience of commonly used values.

As for pointers... when creating cheats or patches it's really important to stop thinking about pointers. You need pointers like those nasty 0x6 cwcheat code types which nobody should ever care about to cover your ass when patching temporary variables stored in memory, nobody does that nowadays since it's inefficient and wasteful, I mean sure, some cheating tutorials online can teach it, but just look around, it's only used by newbies. Everyone else just patch the game code which sets those variables in the first place or the code that uses them to make things happen. Not only your cheat will look nicer, it'll also work better since it will never have to race against the game to do anything and pray no external factors like savestates or differences between emulator versions exist, patching the game to do all the work is always better. So instead of searching for pointers for temporary variables or even instead of being happy that some value is always stored at address X, you use disassembly and set a breakpoint at the memory that stores the value you found and find out which game function writes or reads that variable, then just modify it to do what you want to achieve instead. Pretty much the same thing applies to modern cheating in PC games althrough you then you're needing AMD64 instead of MIPS knowledge and for pc games you typically have to use a pattern scan even for game code, in PSP games it's much simpler as it loads in one place on boot and stays there so we only use a test code type to check for compatible game version and then simple 32 bit writes. There are some games that might load or unload modules, but it's not that interesting for neither cheats nor fps patches.

There are some other techniques like disabling JIT(due to it's tricks and optimizations) if you want to look through the game code through external tools, but that's just in the land of personal preference.


Either way if you're serious about learning, you should start by learning MIPS and afterwards observe and try to understand how games work as those are the basics. You can patch things quickly by luck and guessing, but unless you understand how something works, you can't change how it works properly and without some experience gained first hand you will not really do any guesswork either or at least spend much more time on it than needed.
As for resources for better guides, PC cheating scene surrounding Cheat Engine might be ideal as while the language differs (x86 or AMD64 in PC vs MIPS in PSP) the principals are the same, cheating PC games is often more complex as anti-cheat and anti-tamper code is common on PC, but it shares a lot of similarities which makes PSP cheating very easy afterwards.

[juanjose123422]

spoiler alert (wall of text)
hello nice to meet you LunaMoo thank you very much for your answer, you will see... a part of what you answered I learned with practice and experimentation, as you know on youtube there is only one video on how to create cwcheats and is very basic (https://www.youtube.com/watch?v=twD8AM8l...lvbg%3D%3D came out 3 years ago), apart from that video there is none, I have taken the task of searching and there really is nothing, the most I found were the posts that you and others created quite some time ago.

But even with these posts I have come across a lot of walls.

Let me explain:

In the case of last time I talked about creating 60 fps cheats for the game Burnout Dominator [EU], to be specific these ones here.

ULES-00703
G Burnout Dominator [EU]
C0 30 FPS v2 [Default].
_L 0xE0040000 0x0002574C
_L 0x2002574C 0x14A0001A
_L 0x201A0360 0x089A0360
_L 0x204F08BC 0x3D088888
_L 0x2019AE98 0x3C043F80
_C0 60 FPS v2
_L 0xE004001A 0x0002574C
_L 0x2002574C 0x00000000
_L 0x201A0360 0x00000000
_L 0x204F08BC 0x3C888888
_L 0x2019AE98 0x3C043F00

the problem is that I have not been able to find the way to find the 60fps address in the cheat engine, either I look for values with value 2 in float or 4 bytes and the same with the value 1 I can not find it, and the second thing is in case of finding the address, how to use the disassembler correctly to find these addresses, I know that they are the ones that are responsible for the cheat to work.

I have come across a lot of games that have this problem when trying to create a 60 fps cheat for those games and as incredible as it may seem in the cheat.db, they currently still do not have a 60 fps cheat in these and if they do, it does not work and If it works, it goes at double the speed, that's what seems to happen in the majority, an example of this would be the following games.

_G Dragon Ball Z: Tenkaichi Tag Team [EU] _S ULES-01456
_G Legends Of War: Patton's Campaign (PlayStation Store) [US] _S NPUH-10106
_G God Eater 2 [JP]_S NPJH-50832
There is more but my day would go away.

Especially the last game. That is why I am asking for a guide or tutorial if possible where this topic is covered in detail. Since I have realized that apart from you and the people who develop the posts on this website, there is practically no one left who knows about this theme, that is. The cwcheats community is dying precisely due to the lack of information, the day the person who updates the cheat.db database is missing, or one of you is missing, either you or the others, then this community would officially be dead, since It is thanks to you and the others that it is still active.

I entered the official ppsspp discord to resolve my doubts and as incredible as it may seem, no one knows about the topic to the point that I am one of the very few who are there for this topic in particular, I want to revive this community, in fact the majority know about it. textures or translation, but more is unknown, especially the creation of Cwcheats.

The thing is that there is very little information about creating cheats, only one or another in forums but it is very basic and does not reach the depth of the topic. It can be said that there are very few people who know about the creation of cheats and the majority who knew, no longer have activity on the internet and it is impossible to contact them, an example is Saramagrean, creator of cheat.db, simply updates the database and it disappears again, so it is impossible for me to contact them, and they really know a lot about this subject, and as such it can be said that the creation of cheats has stagnated, since the majority of games are dynamic memory ( DMA) and it is really difficult to find pointers for the games since they can work in various areas and then they simply no longer work, which means that it was not the correct pointer, only those who developed those cheats know how to find the correct ones, they are tryhards on this topic, and on YouTube not to mention there is only one video in all of YT and it is the basics because if the game is DMA it is not a tutorial that works for you, creating a cheat for an emulator or PSP as such is almost impossible to the point that it seems like an art.
[19:51]https://www.youtube.com/watch?v=twD8AM8lpDI&t=262s&pp=ygUQY3djaGF0cyBjcmVhdGlvbg%3D%3D
that is it, if you create a cheat it is mandatory to work under certain conditions, if you make a mistake with the value you want to assign, crash your console/emulator, if you restart, the address changes so you need a pointer, If you find a pointer and when changing the value it crashes, it is not the pointer or direction you are looking for the cheat, basically you have to learn to find an address that when modified 1.does not crash the game when assigning a new value 2.is a "pointer" that works throughout the game 3.is undetectable, I mean if you find a pointer and it is in an area of memory where it is not detected, that is what you are looking for, since it does not cause bad memory accesses therefore it does not crash, and therefore you do not need to activate the option to ignore reads, and this has the great advantage that it becomes a cheat that can be used on PSP without fear of a crash 4. Thanks to the above, it does not corrupt the memory, nor your game, that is, it is a very good cheat...and I want to reach that level.. create cheats and share them since most of them that are in the cheat.db cause crashes or are unstable and corrupt your game, there are cheats that don't even exist, think of any game and a cheat that that game doesn't have yet In my case I think about the no clip since I like to see hidden parts of the games, thanks to the fact that the no clip already existed in the Tomb Raider Anniversary game I was able to find an easter egg in that game under midas seat

And that's only half of the equation.

Example:

to be exact almost anybody knows how to reverse engineer a cheat, (including me) by this I mean I want to find out how that person came to find that cheat.

The question is the following:

whether we are in the EUR or USA version of god of war chains of olympus psp... there is a cheat called one hit kill with the following address.....

365CC8 (CWCHEAT format)
8B65CC8 (Disassembler format)
1FB65CC8 (Cheat Engine format) with base memory 0000000017000000

in cheat engine has as default value 2 in float that is to say in hex 40000000 but when activating the cheat it becomes worth 99999 that is to say 461C3C00

How did the person who created it get to that address?

The person who created that cheat is very good at it, since from what I understand (I'm not entirely sure) that direction is the damage that Kratos does, generally if you see tutorials on YT on how to create cheats in particular for the one hit kill people usually makes scripts where they compare the life with the life of the enemies but that on PSP is a bad idea since the enemies can also kill you with one hit, but in this case the person who created this cheat managed to find the direction of damage that Kratos inflicts on the enemies so the enemies cannot kill you with one hit but you can, and this is achieved with only one line of text and it works throughout the game, which is this

_C0 One Hit Kill
_L 0x20365CC8 0x461C3C00

I'm sorry to bother you with the wall of text, but I wanted to emphasize how important this is for me and maybe for others, LunaMoo please join the official ppsspp community on discord, if you don't want to, no problem, it's your decision, I mentioned that medium Because communication is easier and there are people who need help, again I included myself, and if not, at least a guide/tutorial if possible.

Thank You!

[LunaMoo]

Personally I found 60 fps patches an interesting project at the start, but the further it went the more time consuming it become with less and less satisfaction from being a part of it.


CWCheat scene isn't dying. To create cheats you can just use tools to search through memory that can store and compare the results, that way you search for the variables and then can modify and/or freeze them to create some basic cheats like giving a player lots of money or setting his HP to max value. To create better cheats you need someone that understands low level programming and instead of forcing the money or hp value, that person can just change game shops to not use money at all or change the game to disable any incoming damage, or be less cheaty and just add collected money multiplier and hp regeneration over time or something alike.

Most people coming from the PSP times that created cheats didn't had tools nor knowledge to do the latter so "CWCheat scene" was just a bunch of people posting really basic and boring cheats without understanding much about how games works and how to modify that, that scene had people calling themselves pros and legends for the sole sake of using lame code types that tried to replace programming and the end results were always awful to the point of having to refresh the cheat faster than the game could to even make it work(which is just wasteful). If that scene died, it deserved it's fate, but CWCheat is just a popular format for memory patches and as long as it exists in PPSSPP it'll continue to be alive.

PSP games through emulation gained and still gain new people ocassionally doing better cheats and mods for them, it's no longer about simple HP freeze, but about patching fps, adding ultra widescreen support, adding right analog stick support or just analog range to games never using it before, adding variable width latin fonts and fan translating games, there's a lot of stuff happening along with much better working cheats than it was with the past, some of those people do a lot of stuff around the net for free either to learn stuff, as their hobby for fun or even because they feel anxiety and have problems with normal human interactions while still wanting to be part of some group, but all of those things aren't static, lives change, people change and you can't expect to see people just doing one thing forever. PPSSPP forums became mostly dead at some point due to spam bots taking over, even now when stuff get's verificated by humans, I'd say over half of the new posts around here are just AI generated texts or bots that use parts or whole copies of old posts, but just because forums are dead, it doesn't mean people died with it, github still has same faces from all around the world.
About PPSSPP's discord, I was invited there at some point or maybe a bunch of times, but I like to sit when I have time and feel like it then read or write something, used discord only a few times to play online to me it feels more like a chat which in my mind requiring much more attention which I can't offer if I want to have any time for myself and not feel like having a secondary job/fiancée, one of each is enough for me.

Anyway PSP cheating/modding will not die nor it is on a way to die, it's much simpler than doing the same thing for PC games and this just grows, there's probably a lot more people with enough knowledge to bypass anti tamper techniques(things like denuvo for example) in the PC cheating scene than it is in the PC cracking scene right now and looking at PSP games tends to be like getting back in time where everything was simpler.

Does it mean all the PSP games will get some cool patches and cheats? Nah, it's an old handheld, most of games in it's library are easier, slower, way uglier and don't offer anything which you wouldn't have XXXX different more modern versions of. MH games from PSP are way worse than for example MHW, same can be said about pretty much any franchise, God Eater 2? It's not even emulated properly with nobody yet figuring out the whole problem it has while definitive versions of the game GE2RB is often sold on steam bundled with GER at a price of a fastfood. Some turn based niche war game with a name that old player like me had to google up is between not needing to most people not caring, DBZ as a franchise just has soo many games with every single one of them hugely lacking in some regards that it also isn't something that people tend to play forever and get back to it's old iterations.
The point I'm trying to make here is that you need a hardcore fan to do whatever people care to do with those games, hardcore to the point of learning programming for the sake of enhancing his experience. You have all the content online, just search for it like everyone before you, learning to find knowledge is as commonly teached in higher education much more important than learning the knowledge as the latter changes and you need to find new knowledge and adapt as you live.






Why do you think almost nobody can reverse engineer a cheat, pretty much anyone can... but the word reverse engineering includes learning and not just following step by step guides and saying there's not enough resource out there to learn from which is not true. CWCheat formatting of some more complex cheats make things hard to debug and understand, but only bad cheats made by noobs back in the PSP era are using those so might as well just not bother, but even if you want to understand it just look for CWCheat code types online(for example look for "0xY code type cwc" where Y will be the number you find in the code line you're trying to understand) or read the code inside PPSSPP's cheat parser and you will understand the syntax.

What you need to look up is "MIPS opcodes", "low level programming", "assembly", "debugging", "algorithms" those are keywords you want to google for, it really isn't art, just math and programming.

I explained tons of times how to search through PSP memory in PPSSPP and how to calculate the address for cwcheat to the point of getting bored and writing a cwcheat table with simple scripts that does it automatically, it's in the link from my signature. Might be outdated when used with latest versions of PPSSPP as I didn't really tested it for a while and pattern scan probably needs an update, but you can always download older PPSSPP version to use it with until I find time and will to do it. Here's some older posts about creating CWCheats and calculating things from before PPSSPP was even telling you it's base address 1, 2, but you'll easily find much more of lenghty posts and topics around here explaining same things over and over at different stage of PPSSPP developement at least before I created that cheat table from my signature.



The fps cheat.db is something I never supported due to it sharing a lot of early and broken work, might even include outdated versions of some patches that were improved afterwards. I'm overally not a fan of such collective cheat databases of any kind as they don't grow by having a huge team of testers playing the game from start to finish with a cheat ensuring they only get something that works well, but instead one or few people who copy paste anything they find online with little to no testing and call it a day.

There are generally two kinds of games when it comes to FPS patches. Those that are either using variable refresh rate or are tied to 60 fps, but afterwards get internal frameskipping for performance reasons(PSP is battery operated and game that you can play for 2-4 hours is way more playable than a game you can play for 1 hour) and games where timing of everything is tied to actual framerate. In the first type all you need to do is remove that internal frameskipping, in the latter you also have to do that, but in addition you have to correct all the timings. Those are often taking some common floating point value in equation that feels like just waiting to be patched, however one thing many people are forgetting or not know is that compilers optimize things and if a constant value is shared between what you want to patch and what you don't want to touch, this might require much more effort or will break stuff, so majority of FPS patches are unfinished and tend to break games or change things not immediately seen in a way that ultimately provides inferior experience. Saying that, those FPS patches outside of a few simpler, perfectly working cases are really just not worth using or creating new ones and definitely not something to start learning from.