Changes

Jump to navigation Jump to search

Ring-Con (view source)

Revision as of 16:27, 16 March 2020

192 bytes added ,  16:27, 16 March 2020
no edit summary
Line 8: Line 8:     
The status field is not listed below since all replies have it.
 
The status field is not listed below since all replies have it.
 +
 +
Note that the app saves various PlayReports, this includes various Ring-Con data (which includes field-name strings).
    
= CRC =
 
= CRC =
Line 66: Line 68:  
The two u8s at reply+0x4 are copied to an output struct, with the order swapped in the output struct. This is also used directly by various funcs, without the struct.
 
The two u8s at reply+0x4 are copied to an output struct, with the order swapped in the output struct. This is also used directly by various funcs, without the struct.
   −
This is probably some version field or similar? Funcs using this do: <code>if (u8 reply_x5 >= 0x20) {} else {}</code>
+
Reply u8 +0x4 is "fw_sub_ver", +0x5 is "fw_main_ver".
 +
 
 +
This gets the firmware version. Funcs using this do: <code>if (fw_main_ver >= 0x20) {} else {}</code>
    
== 0x00020100 ==
 
== 0x00020100 ==
Line 107: Line 111:     
== 0x00020504 ==
 
== 0x00020504 ==
Reply+0x4 is a s16. After successfully using this cmd, this calls the func for [[#0x00020A04]]. When that's successful, this does the following with the output from that func and the earlier reply data: <code>s16 tmp = s16_struct_x2 - s16_struct_x0; if (tmp < 0) tmp++; *16bit_outparam = replydata + (tmp>>1);</code> Then this returns 0, regardless of whether [[#0x00020A04]] was successful.
+
Reply+0x4 is a s16. After successfully using this cmd, this calls the func for [[#0x00020A04]]. When that's successful, this does the following with the output from that func and the earlier reply data: <code>s16 tmp = s16 manu_hk_max - s16 manu_os_max; if (tmp < 0) tmp++; *16bit_outparam = replydata + (tmp>>1);</code> Then this returns 0, regardless of whether [[#0x00020A04]] was successful.
    
== 0x00020A04 ==
 
== 0x00020A04 ==
The app uses cmd [[#0x00020000]] first. When u8 reply_x5 from that cmd is >=0x20, it proceeds to use cmd 0x00020A04 then returns. Otherwise, the following cmds are used with the output being copied to the output struct, then returns: [[#0x00020104]] (output_struct+0x0), [[#0x00020204]] (output_struct+0x2), [[#0x00020404]] (output_struct+0x6), [[#0x00020304]] (output_struct+0x4).
+
The app uses cmd [[#0x00020000]] first. When fw_main_ver from that cmd is >=0x20, it proceeds to use cmd 0x00020A04 then returns. Otherwise, the following cmds are used with the output being copied to the output struct, then returns: [[#0x00020104]] (output_struct+0x0), [[#0x00020204]] (output_struct+0x2), [[#0x00020404]] (output_struct+0x6), [[#0x00020304]] (output_struct+0x4).
 
  −
The func for this is only called by the func implementing [[#0x00020504]].
      
Reply:
 
Reply:
Line 120: Line 122:  
! Offset || Size || Description
 
! Offset || Size || Description
 
|-
 
|-
| 0x4 || 0x2 || 16bit value copied to output_struct+0x0.
+
| 0x4 || 0x2 || "manu_os_max". s16 value copied to output_struct+0x0.
 
|-
 
|-
| 0x8 || 0x2 || 16bit value copied to output_struct+0x2.
+
| 0x8 || 0x2 || "manu_hk_max". s16 value copied to output_struct+0x2.
 
|-
 
|-
| 0xC || 0x2 || 16bit value copied to output_struct+0x4.
+
| 0xC || 0x2 || "manu_zero_min". s16 value copied to output_struct+0x4.
 
|-
 
|-
| 0x10 || 0x2 || 16bit value copied to output_struct+0x6.
+
| 0x10 || 0x2 || "manu_zero_max". s16 value copied to output_struct+0x6.
 
|}
 
|}
   Line 152: Line 154:     
== 0x00021A04 ==
 
== 0x00021A04 ==
The app uses cmd [[#0x00020000]] first. When u8 reply_x5 from that cmd is >=0x20, it proceeds to use cmd 0x00021A04. Otherwise, the following cmds are used, with the output being written to the output_struct: [[#0x00021104]] (output_struct+0x0), [[#0x00021204]] (output_struct+0x2), [[#0x00021304]] (output_struct+0x4).
+
The app uses cmd [[#0x00020000]] first. When fw_main_ver from that cmd is >=0x20, it proceeds to use cmd 0x00021A04. Otherwise, the following cmds are used, with the output being written to the output_struct: [[#0x00021104]] (output_struct+0x0), [[#0x00021204]] (output_struct+0x2), [[#0x00021304]] (output_struct+0x4).
   −
Then, if any of the 16bit output fields in output_struct are set to 0xCAFE, a flag is set to 0x2 (same field used for invalid-CRC, which uses value 0x1 for that). Then this returns 0.
+
Then, if any of the 16bit output fields in output_struct are set to 0xCAFE, a flag is set to 0x2 (same field used for invalid-CRC, which uses value 0x1 for that). Then this returns 0. This field is "user_state".
    
This reads the user calibration.
 
This reads the user calibration.
Line 164: Line 166:  
! Offset || Size || Description
 
! Offset || Size || Description
 
|-
 
|-
| 0x4 || 0x2 || "os_max". s16 value copied to output_struct+0x0.
+
| 0x4 || 0x2 || "user_os_max"/"os_max". s16 value copied to output_struct+0x0.
 
|-
 
|-
 
| 0x6 || 0x1 || [[#CRC]] over the previous 0x2-bytes.
 
| 0x6 || 0x1 || [[#CRC]] over the previous 0x2-bytes.
Line 170: Line 172:  
| 0x7 || 0x1 || Padding.
 
| 0x7 || 0x1 || Padding.
 
|-
 
|-
| 0x8 || 0x2 || "hk_max". s16 value copied to output_struct+0x2.
+
| 0x8 || 0x2 || "user_hk_max"/"hk_max". s16 value copied to output_struct+0x2.
 
|-
 
|-
 
| 0xA || 0x1 || [[#CRC]] over the previous 0x2-bytes.
 
| 0xA || 0x1 || [[#CRC]] over the previous 0x2-bytes.
Line 176: Line 178:  
| 0xB || 0x1 || Padding.
 
| 0xB || 0x1 || Padding.
 
|-
 
|-
| 0xC || 0x2 || "zero". s16 value copied to output_struct+0x4.
+
| 0xC || 0x2 || "user_zero"/"zero". s16 value copied to output_struct+0x4.
 
|-
 
|-
 
| 0xE || 0x1 || [[#CRC]] over the previous 0x2-bytes.
 
| 0xE || 0x1 || [[#CRC]] over the previous 0x2-bytes.
Line 184: Line 186:     
== 0x00023104 ==
 
== 0x00023104 ==
The code which calls the func implementing this clamps the output value to range 0-500, then copies it elsewhere. Hence, this is probably the rep-count for Multitask Mode?
+
The code which calls the func implementing this clamps the output value to range 0-500, then copies it elsewhere.
    
Reply:
 
Reply:
Line 198: Line 200:     
== 0x00023204 ==
 
== 0x00023204 ==
The func implementing this in the app is identical to [[#0x00023104]] except for the cmd u32.
+
The func implementing this in the app is identical to [[#0x00023104]] except for the cmd u32. The output field is "total_push_count".
    
The code calling this func copies the output into a global field, when it's valid.
 
The code calling this func copies the output into a global field, when it's valid.
Line 223: Line 225:     
== 0x10011A04 ==
 
== 0x10011A04 ==
The app uses cmd [[#0x00020000]] first. When u8 reply_x5 from that cmd is >=0x20, it proceeds to use cmd 0x10011A04 then returns. Otherwise, the following cmds are used, with the same 4-byte input listed in the below table: [[#0x04011104]] (below cmd+0x4), [[#0x04011204]] (below cmd+0x8), [[#0x04011304]] (below cmd+0xC).
+
The app uses cmd [[#0x00020000]] first. When fw_main_ver from that cmd is >=0x20, it proceeds to use cmd 0x10011A04 then returns. Otherwise, the following cmds are used, with the same 4-byte input listed in the below table: [[#0x04011104]] (below cmd+0x4), [[#0x04011204]] (below cmd+0x8), [[#0x04011304]] (below cmd+0xC).
    
The app doesn't use reply data here besides the status, and the output_size is not checked.
 
The app doesn't use reply data here besides the status, and the output_size is not checked.
Retrieved from "https://switchbrew.org/wiki/Special:MobileDiff/8931"

Navigation menu