First post, by llm
the game im reversing contains offset calculation code for the bender range
0x03 0x00 0x?4
this is the assembler code (same as in game, my build checks binary equality of my re-assembled version on every build)
address_byte2 db 0x04
... function getting this value
mov al, value
and al, 0Fh
cmp al, 0Ah
jz short no_dec
dec al
no_dec:
mov cl, 4
shl al, cl
mov cl, al
mov al, address_byte2
and al, 0Fh
or al, cl
mov address_byte2, al
i've converted that to C and check the value for 0-15 and the resulting adress
uint8_t address_byte2 = 0x04;
for( uint8_t value = 0; value < 16; ++value )
{
uint8_t al = value;
if( al != 0x0A )
{
--al;
}
uint8_t cl = 4;
al = al << cl;
cl = al;
al = address_byte2;
al &= 0x0F;
al |= cl;
address_byte2 = al;
assert( ( address_byte2 & 0x0F ) == 0x04 );
}
produces these byte2 offsets - and i think that only input value 1-8 is usefull
value: 0x00, address_byte2: 0xF4 -> VALID???
value: 0x01, address_byte2: 0x04
value: 0x02, address_byte2: 0x14
value: 0x03, address_byte2: 0x24
value: 0x04, address_byte2: 0x34
value: 0x05, address_byte2: 0x44
value: 0x06, address_byte2: 0x54
value: 0x07, address_byte2: 0x64
value: 0x08, address_byte2: 0x74
value: 0x09, address_byte2: 0x84 -> VALID???
value: 0x0A, address_byte2: 0xA4 -> VALID???
value: 0x0B, address_byte2: 0xA4 -> VALID???
value: 0x0C, address_byte2: 0xB4 -> VALID???
value: 0x0D, address_byte2: 0xC4 -> VALID???
value: 0x0E, address_byte2: 0xD4 -> VALID???
value: 0x0F, address_byte2: 0xE4 -> VALID???
it seems that the calculation is just:
if(value != 10)
{
--value;
}
address_byte2 = (value << 4u) + 0x04;
but i did not understand what the meaning of the --value if value is != 10 means when every value except 1-8 produces wrong adresses?
the traced midi from the game did not contain wrong offsets - so i think the != 10 check is someway wrong - i have no clue
F0 41 10 16 12 03 00 04 18 61 F7
F0 41 10 16 12 03 00 14 00 69 F7
F0 41 10 16 12 03 00 14 00 69 F7
F0 41 10 16 12 03 00 14 00 69 F7
F0 41 10 16 12 03 00 14 00 69 F7
F0 41 10 16 12 03 00 24 00 59 F7
F0 41 10 16 12 03 00 44 02 37 F7
F0 41 10 16 12 03 00 44 02 37 F7
F0 41 10 16 12 03 00 44 02 37 F7
F0 41 10 16 12 03 00 54 02 27 F7
F0 41 10 16 12 03 00 54 70 39 F7
F0 41 10 16 12 03 00 74 02 07 F7
F0 41 10 16 12 03 00 74 02 07 F7
and it seems that value is the part-nr but the same value is also the midi-channel in a function that is directly called before - is part == midi-channel???