[FF8] .x battle fields

[dheen]

Hum ..... I failed -_-

[Maki]

Hum ..... I failed -_-

At least you tried and that's what matters most.

I uploaded the ASCII RIP. Be warned, it's 30k lines per one link.

http://pastebin.com/aPE6LnSJ - #1 = most interesting, contains parameters, functions and .cpp leftovers.
http://pastebin.com/DTqEn9sc - #2 = See the ABCDEFGH... things? They're models with texture refference (after these patterns there's a ABC.tim refference)
http://pastebin.com/EW5fnT2S - #3 = See at the end of file. I've seen things like this in rail.obj, what could it be? Also, FF8.EXE contains quote of Buddha:

Code: [Select]

"What is evil? Killing is evil, lying is evil, slandering is evil, abuse is evil, gossip is evil, envy is evil, hatred is evil, to cling to false doctrine is evil; all these things are evil. And what is the root of evil? Desire is the root of evil, illusion is the root of evil."Also I wonder if it's just a contingency, or it's some sort of encoded thing:

Code: [Select]

:Yqcq _ qumpb a_jjcb
 
Wncag_j qigjj gq
Vclxmisicl< sqgle
 
Wgjclr< _lb _ `gr
 
Pmtcq rfc fmr bmeq
qmjb gl rfc K_pbcl
a_dcrcpg_;
Yqcq ajmqc amk`_r
dgefrgle qigjjq rm
bcdc_r clckgcq ugrf
nslafcq _lb igaiq;
El cvncpr k_piq2
k_l;  G_l sqc
qncag_jgxcb `sjjcrq
rm _rr_ai clckgcq;
HmcqlCr ncpdmpk
tcpw ucjj slbcp
npcqqspc;
Yqcq _ ufgn;
[fcl gl b_lecp<
sqcq kmlqrcp qigjjq
qfc f_q jc_plcb;
Lcp _bkgpcpq gl rfc
K_pbcl f_tc
dmpkcb _ d_l ajs`;
`cp md rfc
`cp pcqgqr_lac

[Softtm17]

Hm... I have an idea. Please, could you find a mag file that's responsible for some magic/GF that has objects in it? I could then real-time memory edit this to find out what will happen. OR, someone tell me if he/she recognise a spell/magic/anything that this texture may apply.

Try to search on Mag190 a/c.....in Mag190b you can find the doomtrain model...and i think anything else...meanwhile in mag190c i think there are 3 models and 1 texture.....in mag 190a there is something....maybe the "space structure" and the flames animation (i think)...but really i don't know....i can "See and recognize" something but i have to find some book or forum where i can study this "hex structure of a file" (i'm really curious)
If you have something like a pdf file or a book or a forum or anything where I can begin, I would appreciate it very much! (So i can give you a help literally >_>)
Let me know if i'm right.

(Here a video about doomtrain https://www.youtube.com/watch?v=Z4VjvBaMHJg so you can check the extra model and the "stage" (space))

[Softtm17]

http://pastebin.com/aPE6LnSJ - #1 = most interesting, contains parameters, functions and .cpp leftovers.
http://pastebin.com/DTqEn9sc - #2 = See the ABCDEFGH... things? They're models with texture refference (after these patterns there's a ABC.tim refference)
http://pastebin.com/EW5fnT2S - #3 = See at the end of file. I've seen things like this in rail.obj, what could it be? Also, FF8.EXE

1) In the first one there is the structure of the game, functions, a complete list of all file inside the battle.fs etc.
2) Well i don't understand almost anything xD but yeah, there are some references of models and textures.
3)Rail.obj and the others one, just open deling and extract the content of World.fs -> c:\ff8\data\ita\world\dat\.... over there there are all. And you can find and see directly, with deling, some textures of the worldmap and gardens itselfs over the file -> textl.obj & wmsetXX  (XX -> IT/ US / DE / FR / ES ETC) i have for example the wmsetit (i'm italian )

[Maki]

I real-time debugged process, and found some entries testing on Shiva.

At first, when you summoning G.F. nothing happen to data in memory, it's 00 00... or the state of previous G.F.
After the G.F. gauge runs out, the memory is written by some small data, and after the character animation of summoning passes (You know, that one when for example Squall puts hand from his face to enemy and disappears after) the data is written by .TIM texture. After 1-2 second of Shiva animation, right before she appears in the crystal a data is again written to .TIM texture place and data from mag184_e.dat appears. This is memory dump of this region:
https://www.dropbox.com/s/g2vrrradn7muj8s/MemDump.7z?dl=0

The first texture is broken. Don't know why.

After textures, there's at least 3MB of free space. The models have to be before, but all I can see are still NULL's. At the moment, where there's ice over enemies, and shiva is no more able to be seen, the data is again overwritten. That's the real problem. I can't help myself with real-time memory edit/debugging if the values and addresses are changing by the situation.

[Softtm17]

That's can be a problem...you can't "pause" the game in that moment?  Have you tried to stop it "brutally" with an emulator like epsxe?

Anyway Shiva's model is on Mag184_E.dat, if you need (to compare) here the file raw (only shiva & unviewable with any software) and the elaborated one (viewable) : https://www.dropbox.com/s/bc35pa2ss6416cw/Mag184_e.rar?dl=0

You can view the model & the animation with Noesis -> https://www.dropbox.com/s/9boo262hyj3kucv/noesis.rar?dl=0

[Maki]

Month ago I posted japanese interview with every development team at: http://forums.qhimm.com/index.php?topic=15894.25
One coder from battle team said that they made a camera editor in-game (Yes, not external program). Some days ago I came up with some extreme idea:
"What if the unknown and unused battle stage section is in fact a CODE?"
So... I tried with intel and came up with nothing. That's not intel, of course it's written for PlayStation. So... I tried with MIPS big-endian and nope, a lot of unrecognizable assembly. But the file is little-endian, so I tried MIPSL (MIPS little-endian) instead and... I got full code with refferences inside (relative jumps in code), repeative memory copy, jumps to 0x800F07C0 and related (The same address range is when you disassembly the real FF8 PSX code file). I have totally no knowledge about MIPS, but maybe someone could prove it's only my fantasy and it's not a code:
*Fun fact is the disassembly fails to convert to code just as the unknown data section ends (so the camera starts)

Code: [Select]

ROM:00000000                 addiu   $sp, -0x18       # Add Immediate Unsigned
ROM:00000004                 li      $v0, 1           # Load Immediate
ROM:00000008                 sw      $ra, 0x14($sp)   # Store Word
ROM:0000000C                 beq     $a0, $v0, loc_54  # Branch on Equal
ROM:00000010                 sw      $s0, 0x10($sp)   # Store Word
ROM:00000014                 slti    $v0, $a0, 2      # Set on Less Than Immediate
ROM:00000018                 beqz    $v0, loc_30      # Branch on Zero
ROM:0000001C                 nop
ROM:00000020
ROM:00000020 loc_20:                                  # DATA XREF: ROM:00004264o
ROM:00000020                                          # ROM:00004654o ...
ROM:00000020                 beqz    $a0, loc_44      # Branch on Zero
ROM:00000024
ROM:00000024 loc_24:                                  # DATA XREF: ROM:00029E80o
ROM:00000024                                          # ROM:000364B8o
ROM:00000024                 lui     $a0, 0x8014      # Load Upper Immediate
ROM:00000028
ROM:00000028 loc_28:                                  # DATA XREF: ROM:00002130o
ROM:00000028                                          # ROM:000027A0o ...
ROM:00000028                 j       0x13E0A8         # Jump
ROM:0000002C                 nop                      # DATA XREF: ROM:000235A4o
ROM:0000002C                                          # ROM:00023894o ...
ROM:00000030  # ---------------------------------------------------------------------------
ROM:00000030
ROM:00000030 loc_30:                                  # CODE XREF: ROM:00000018j
ROM:00000030                                          # DATA XREF: ROM:0002F8A4o
ROM:00000030                 li      $v0, 2           # Load Immediate
ROM:00000034
ROM:00000034 loc_34:                                  # DATA XREF: ROM:00022370o
ROM:00000034                                          # ROM:0002A794o ...
ROM:00000034                 beq     $a0, $v0, loc_68  # Branch on Equal
ROM:00000038                 lui     $s0, 0x8014      # DATA XREF: ROM:00024D94o
ROM:00000038                                          # ROM:00029594o
ROM:00000038                                          # Load Upper Immediate
ROM:0000003C                 j       0x13E0A8         # DATA XREF: ROM:00006B30o
ROM:0000003C                                          # Jump
ROM:00000040                 nop                      # DATA XREF: ROM:000367ACo
ROM:00000044  # ---------------------------------------------------------------------------
ROM:00000044
ROM:00000044 loc_44:                                  # CODE XREF: ROM:loc_20j
ROM:00000044                                          # DATA XREF: ROM:000353CCo
ROM:00000044                 jal     0x13E0BC         # Jump And Link
ROM:00000048
ROM:00000048 loc_48:                                  # DATA XREF: ROM:00022F94o
ROM:00000048                                          # ROM:00023294o ...
ROM:00000048                 addiu   $a0, -0xEEC      # Add Immediate Unsigned
ROM:0000004C                 j       0x13E0A8         # DATA XREF: ROM:00028F94o
ROM:0000004C                                          # ROM:00029E94o
ROM:0000004C                                          # Jump
ROM:00000050                 move    $v0, $zero
ROM:00000054  # ---------------------------------------------------------------------------
ROM:00000054
ROM:00000054 loc_54:                                  # CODE XREF: ROM:0000000Cj
ROM:00000054                                          # DATA XREF: ROM:00022C94o ...
ROM:00000054                 lui     $a0, 0x8014      # Load Upper Immediate
ROM:00000058                 jal     0x13E2B8         # Jump And Link
ROM:0000005C
ROM:0000005C loc_5C:                                  # DATA XREF: ROM:00022994o
ROM:0000005C                 addiu   $a0, -0xEEC      # Add Immediate Unsigned
ROM:00000060                 j       0x13E0A8         # Jump
ROM:00000064
ROM:00000064 loc_64:                                  # DATA XREF: ROM:00022094o
ROM:00000064                 move    $v0, $zero
ROM:00000068  # ---------------------------------------------------------------------------
ROM:00000068
ROM:00000068 loc_68:                                  # CODE XREF: ROM:loc_34j
ROM:00000068                                          # DATA XREF: ROM:000253C8o
ROM:00000068                 addiu   $s0, -0x1A3C     # Add Immediate Unsigned
ROM:0000006C                 move    $a0, $s0         # DATA XREF: ROM:00035FCCo
ROM:00000070
ROM:00000070 loc_70:                                  # DATA XREF: ROM:000362CCo
ROM:00000070                                          # ROM:00036170o
ROM:00000070                 li      $a1, 0x8013E5B4  # Load Immediate
ROM:00000078                 li      $a2, 0x10        # DATA XREF: ROM:00024D8Co
ROM:00000078                                          # ROM:00033D64o
ROM:00000078                                          # Load Immediate
ROM:0000007C                 jal     0xB5078          # DATA XREF: ROM:000223B8o
ROM:0000007C                                          # Jump And Link
ROM:00000080                 li      $a3, 1           # Load Immediate
ROM:00000084
ROM:00000084 loc_84:                                  # DATA XREF: ROM:00022980o
ROM:00000084                 move    $a0, $s0
ROM:00000088                 lui     $a1, 0x8014      # Load Upper Immediate
ROM:0000008C                 jal     0xB50FC          # Jump And Link
ROM:00000090                 li      $a1, 0x8013E53C  # Load Immediate
ROM:00000094                 sh      $zero, 0xC($v0)  # DATA XREF: ROM:00019AB0o
ROM:00000094                                          # Store Halfword
ROM:00000098                 lui     $a0, 0x8014      # Load Upper Immediate
ROM:0000009C                 jal     0x13E26C         # Jump And Link
ROM:000000A0                 li      $a0, 0x8013E5D4  # Load Immediate
ROM:000000A4                 move    $v0, $s0
ROM:000000A8                 lw      $ra, 0x14($sp)   # Load Word
ROM:000000AC                 lw      $s0, 0x10($sp)   # Load Word
ROM:000000B0                 addiu   $sp, 0x18        # Add Immediate Unsigned
ROM:000000B4                 jr      $ra              # Jump Register
ROM:000000B8                 nop
ROM:000000BC  # ---------------------------------------------------------------------------
ROM:000000BC
ROM:000000BC loc_BC:                                  # DATA XREF: ROM:00005000o
ROM:000000BC                 addiu   $sp, -0x30       # Add Immediate Unsigned
ROM:000000C0                 sw      $s4, 0x20($sp)   # Store Word
ROM:000000C4                 move    $s4, $a0
ROM:000000C8                 sw      $s5, 0x24($sp)   # Store Word
ROM:000000CC                 move    $s5, $zero
ROM:000000D0                 lui     $v0, 0x800F      # Load Upper Immediate
ROM:000000D4                 sw      $s6, 0x28($sp)   # Store Word
ROM:000000D8                 addiu   $s6, $v0, 0x708  # Add Immediate Unsigned
ROM:000000DC                 sw      $s0, 0x10($sp)   # Store Word
ROM:000000E0                 move    $s0, $s6
ROM:000000E4                 sw      $s3, 0x1C($sp)   # Store Word
ROM:000000E8                 move    $s3, $s5
ROM:000000EC                 sw      $s2, 0x18($sp)   # Store Word
ROM:000000F0                 addiu   $s2, $s6, 0x20   # Add Immediate Unsigned
ROM:000000F4                 sw      $s1, 0x14($sp)   # Store Word
ROM:000000F8                 move    $s1, $s4
ROM:000000FC                 sw      $ra, 0x2C($sp)   # Store Word
ROM:00000100
ROM:00000100 loc_100:                                 # CODE XREF: ROM:000001A8j
ROM:00000100                                          # DATA XREF: ROM:0003055Co ...
ROM:00000100                 lw      $v0, 8($s1)      # Load Word
ROM:00000104                 lw      $v1, 4($s1)      # Load Word
ROM:00000108                 addu    $v0, $s4, $v0    # Add Unsigned
ROM:0000010C                 addu    $v1, $s4, $v1    # Add Unsigned
ROM:00000110                 beq     $v0, $v1, loc_174  # Branch on Equal
ROM:00000114                 nop
ROM:00000118                 lw      $v0, 4($v1)      # Load Word
ROM:0000011C                 nop
ROM:00000120                 addu    $v0, $v1, $v0    # Add Unsigned
ROM:00000124                 sw      $v0, 4($s0)      # Store Word
ROM:00000128                 lw      $v0, 8($v1)      # Load Word
ROM:0000012C                 nop
ROM:00000130                 addu    $v0, $v1, $v0    # Add Unsigned
ROM:00000134                 sw      $v0, 8($s0)      # Store Word
ROM:00000138                 lw      $a0, 0xC($v1)    # Load Word
ROM:0000013C                 nop
ROM:00000140                 addu    $a0, $v1, $a0    # Add Unsigned
ROM:00000144                 jal     0xBBB20          # Jump And Link
ROM:00000148                 sw      $a0, 0xC($s0)    # Store Word
ROM:0000014C                 addiu   $a0, $s6, 0x14   # Add Immediate Unsigned
ROM:00000150                 addu    $a0, $s3, $a0    # Add Unsigned
ROM:00000154                 move    $a1, $s2
ROM:00000158                 lw      $v0, 0($s0)      # Load Word
ROM:0000015C                 move    $a2, $zero
ROM:00000160                 ori     $v0, 0x700       # OR Immediate
ROM:00000164                 jal     0xBFBA0          # Jump And Link
ROM:00000168                 sw      $v0, 0($s0)      # Store Word
ROM:0000016C                 j       0x13E198         # Jump
ROM:00000170                 addiu   $s0, 0x2C  # ','  # Add Immediate Unsigned
ROM:00000174  # ---------------------------------------------------------------------------
ROM:00000174
ROM:00000174 loc_174:                                 # CODE XREF: ROM:00000110j
ROM:00000174                 lw      $v0, 0($s0)      # Load Word
ROM:00000178                 li      $v1, 0xFFFFFEFF  # Load Immediate
ROM:0000017C                 and     $v0, $v1         # AND
ROM:00000180                 li      $v1, 0xFFFFFDFF  # Load Immediate
ROM:00000184                 and     $v0, $v1         # AND
ROM:00000188                 li      $v1, 0xFFFFFBFF  # Load Immediate
ROM:0000018C                 and     $v0, $v1         # AND
ROM:00000190                 sw      $v0, 0($s0)      # Store Word
ROM:00000194                 addiu   $s0, 0x2C  # ','  # Add Immediate Unsigned
ROM:00000198                 addiu   $s3, 0x2C  # ','  # Add Immediate Unsigned
ROM:0000019C                 addiu   $s2, 0x2C  # ','  # Add Immediate Unsigned
ROM:000001A0                 addiu   $s5, 1           # Add Immediate Unsigned
ROM:000001A4                 slti    $v0, $s5, 4      # Set on Less Than Immediate
ROM:000001A8                 bnez    $v0, loc_100     # Branch on Not Zero
ROM:000001AC                 addiu   $s1, 4           # Add Immediate Unsigned
ROM:000001B0                 lui     $v0, 0x800F      # Load Upper Immediate
ROM:000001B4                 lui     $a0, 0x800F      # Load Upper Immediate
ROM:000001B8                 sh      $zero, 0x800F07C0  # Store Halfword
ROM:000001BC                 lw      $v0, 0x14($s4)   # Load Word
ROM:000001C0                 lw      $v1, 0x18($s4)   # Load Word
ROM:000001C4                 addu    $v0, $s4, $v0    # Add Unsigned
ROM:000001C8                 sw      $v0, 0x800F07BC  # Store Word
ROM:000001CC                 lw      $v0, 0x14($s4)   # Load Word
ROM:000001D0                 addu    $v1, $s4, $v1    # Add Unsigned
ROM:000001D4                 addu    $v0, $s4, $v0    # Add Unsigned
ROM:000001D8                 bne     $v1, $v0, loc_1E4  # Branch on Not Equal
ROM:000001DC                 lui     $v1, 0x800E      # Load Upper Immediate
ROM:000001E0                 sw      $zero, 0x800F07BC  # Store Word
ROM:000001E4
ROM:000001E4 loc_1E4:                                 # CODE XREF: ROM:000001D8j
ROM:000001E4                 lui     $v0, 0x8014      # Load Upper Immediate
ROM:000001E8                 addiu   $a3, $v0, -0x1A78  # Add Immediate Unsigned
ROM:000001EC                 addiu   $a2, $v1, 0x4CA4  # Add Immediate Unsigned
ROM:000001F0                 lwl     $a0, 3($a3)      # Load Word Left
ROM:000001F4                 lwr     $a0, 0($a3)      # Load Word Right
ROM:000001F8                 nop
ROM:000001FC                 swl     $a0, 3($a2)      # Store Word Left
ROM:00000200                 swr     $a0, 0($a2)      # DATA XREF: ROM:000347C4o
ROM:00000200                                          # ROM:00037DC8o
ROM:00000200                                          # Store Word Right
ROM:00000204                 lui     $v0, 0x800E      # Load Upper Immediate
ROM:00000208                 lui     $v1, 0x8014      # Load Upper Immediate
ROM:0000020C                 addiu   $a3, $v1, -0x1A74  # Add Immediate Unsigned
ROM:00000210                 addiu   $a2, $v0, 0x4E14  # Add Immediate Unsigned
ROM:00000214                 lwl     $a0, 3($a3)      # Load Word Left
ROM:00000218                 lwr     $a0, 0($a3)      # Load Word Right
ROM:0000021C                 nop
ROM:00000220                 swl     $a0, 3($a2)      # Store Word Left
ROM:00000224                 swr     $a0, 0($a2)      # Store Word Right
ROM:00000228                 li      $v0, 0x800E4E14  # Load Immediate
ROM:0000022C                 li      $v1, 0x32  # '2'  # Load Immediate
ROM:00000230                 sb      $v1, 3($v0)      # Store Byte
ROM:00000234                 lw      $a0, 0x18($s4)   # Load Word
ROM:00000238                 jal     0xBBB60          # Jump And Link
ROM:0000023C                 addu    $a0, $s4, $a0    # Add Unsigned
ROM:00000240                 lw      $ra, 0x2C($sp)   # Load Word
ROM:00000244                 lw      $s6, 0x28($sp)   # Load Word
ROM:00000248                 lw      $s5, 0x24($sp)   # Load Word
ROM:0000024C                 lw      $s4, 0x20($sp)   # Load Word
ROM:00000250                 lw      $s3, 0x1C($sp)   # Load Word
ROM:00000254                 lw      $s2, 0x18($sp)   # Load Word
ROM:00000258                 lw      $s1, 0x14($sp)   # Load Word
ROM:0000025C                 lw      $s0, 0x10($sp)   # Load Word
ROM:00000260                 addiu   $sp, 0x30        # Add Immediate Unsigned
ROM:00000264                 jr      $ra              # Jump Register
ROM:00000268                 nop
ROM:0000026C  # ---------------------------------------------------------------------------
ROM:0000026C                 addiu   $sp, -0x18       # Add Immediate Unsigned
ROM:00000270                 sw      $s0, 0x10($sp)   # Store Word
ROM:00000274                 sw      $ra, 0x14($sp)   # Store Word
ROM:00000278                 jal     dword_30C54+0x50  # Jump And Link
ROM:0000027C                 move    $s0, $a0
ROM:00000280                 li      $v1, 0x800EE0E8  # Load Immediate
ROM:00000288                 andi    $v0, 1           # AND Immediate
ROM:0000028C                 addu    $v0, $v1         # Add Unsigned
ROM:00000290                 lbu     $v1, 0xCDE($v0)  # Load Byte Unsigned
ROM:00000294                 lui     $v0, 0x800F      # Load Upper Immediate
ROM:00000298                 move    $a0, $s0
ROM:0000029C                 jal     0xC69C4          # Jump And Link
ROM:000002A0                 sh      $v1, 0x800F1260  # Store Halfword
ROM:000002A4                 lw      $ra, 0x14($sp)   # Load Word
ROM:000002A8                 lw      $s0, 0x10($sp)   # Load Word
ROM:000002AC                 addiu   $sp, 0x18        # Add Immediate Unsigned
ROM:000002B0                 jr      $ra              # Jump Register
ROM:000002B4                 nop
ROM:000002B8  # ---------------------------------------------------------------------------
ROM:000002B8                 addiu   $sp, -0x18       # Add Immediate Unsigned
ROM:000002BC                 sw      $ra, 0x10($sp)   # Store Word
ROM:000002C0                 lw      $v0, 0x18($a0)   # Load Word
ROM:000002C4                 jal     0xBDB8C          # Jump And Link
ROM:000002C8                 addu    $a0, $v0         # Add Unsigned
ROM:000002CC                 lw      $ra, 0x10($sp)   # Load Word
ROM:000002D0                 addiu   $sp, 0x18        # Add Immediate Unsigned
ROM:000002D4                 jr      $ra              # Jump Register
ROM:000002D8                 nop
ROM:000002DC  # ---------------------------------------------------------------------------
ROM:000002DC                 addiu   $sp, -0x40       # Add Immediate Unsigned
ROM:000002E0                 li      $a0, 0x54  # 'T'  # Load Immediate
ROM:000002E4                 sw      $ra, 0x3C($sp)   # Store Word
ROM:000002E8                 sw      $fp, 0x38($sp)   # Store Word
ROM:000002EC                 sw      $s7, 0x34($sp)   # Store Word
ROM:000002F0                 sw      $s6, 0x30($sp)   # Store Word
ROM:000002F4                 sw      $s5, 0x2C($sp)   # Store Word
ROM:000002F8                 sw      $s4, 0x28($sp)   # Store Word
ROM:000002FC                 sw      $s3, 0x24($sp)   # Store Word
ROM:00000300                 sw      $s2, 0x20($sp)   # DATA XREF: ROM:000356BCo
ROM:00000300                                          # ROM:000380C8o ...
ROM:00000300                                          # Store Word
ROM:00000304                 sw      $s1, 0x1C($sp)   # Store Word
ROM:00000308                 jal     0xB5D10          # Jump And Link
ROM:0000030C                 sw      $s0, 0x18($sp)   # Store Word
ROM:00000310                 move    $s4, $zero
ROM:00000314                 move    $s1, $v0
ROM:00000318                 addiu   $s7, $s1, 8      # Add Immediate Unsigned
ROM:0000031C                 lui     $t1, 0x800F      # Load Upper Immediate
ROM:00000320                 addiu   $fp, $t1, 0x1298  # Add Immediate Unsigned
ROM:00000324                 li      $t1, 0x800F071C  # Load Immediate
ROM:0000032C                 addiu   $v0, $t1, -0x14  # Add Immediate Unsigned
ROM:00000330                 addiu   $s6, $v0, 4      # Add Immediate Unsigned
ROM:00000334                 move    $s3, $v0
ROM:00000338                 li      $s2, 0x800F071C  # Load Immediate
ROM:00000340                 addiu   $s5, $s2, 0xC    # Add Immediate Unsigned
ROM:00000344                 li      $v0, 0x140       # Load Immediate
ROM:00000348                 sh      $v0, 0x40($s1)   # Store Halfword
ROM:0000034C                 li      $v0, 0xD8  # 'ě'  # Load Immediate
ROM:00000350                 sh      $v0, 0x42($s1)   # Store Halfword
ROM:00000354                 lui     $v0, 0x800F      # Load Upper Immediate
ROM:00000358                 lui     $v1, 0x8010      # Load Upper Immediate
ROM:0000035C                 lw      $a0, 0x800F182C  # Load Word
ROM:00000360                 lw      $v1, 0x800FB518  # Load Word
ROM:00000364                 li      $v0, 0xFFFFFFFF  # Load Immediate
ROM:00000368                 sh      $zero, 0x3C($s1)  # Store Halfword
ROM:0000036C                 sh      $zero, 0x3E($s1)  # Store Halfword
ROM:00000370                 sw      $v0, 0x48($s1)   # Store Word
ROM:00000374                 sw      $a0, 0x2C($s1)   # Store Word
ROM:00000378                 sw      $v1, 0x38($s1)   # Store Word
ROM:0000037C
ROM:0000037C loc_37C:                                 # CODE XREF: ROM:000004F8j
ROM:0000037C                 lw      $v0, 0x800F0704  # Load Word
ROM:00000384                 nop
ROM:00000388                 andi    $v0, 4           # AND Immediate
ROM:0000038C                 bnez    $v0, loc_3B8     # Branch on Not Zero
ROM:00000390                 li      $v0, 3           # Load Immediate
ROM:00000394                 move    $a0, $s2
ROM:00000398                 jal     0xBF670          # Jump And Link
ROM:0000039C                 move    $a1, $s5
ROM:000003A0                 beqz    $v0, loc_3B4     # Branch on Zero
ROM:000003A4                 move    $a0, $s2
ROM:000003A8                 move    $a1, $s5
ROM:000003AC                 jal     0xBFBA0          # Jump And Link
ROM:000003B0                 move    $a2, $zero
ROM:000003B4
ROM:000003B4 loc_3B4:                                 # CODE XREF: ROM:000003A0j
ROM:000003B4                 li      $v0, 3           # Load Immediate
ROM:000003B8
ROM:000003B8 loc_3B8:                                 # CODE XREF: ROM:0000038Cj
ROM:000003B8                 beq     $s4, $v0, loc_3D4  # Branch on Equal
ROM:000003BC                 move    $a0, $s2
ROM:000003C0                 lui     $t1, 0x800F      # Load Upper Immediate
ROM:000003C4                 jal     0xBFDE8          # Jump And Link
ROM:000003C8                 addiu   $a1, $t1, 0x1298  # Add Immediate Unsigned
ROM:000003CC                 j       0x13E460         # Jump
ROM:000003D0                 nop
ROM:000003D4  # ---------------------------------------------------------------------------
ROM:000003D4
ROM:000003D4 loc_3D4:                                 # CODE XREF: ROM:loc_3B8j
ROM:000003D4                 move    $a0, $s1
ROM:000003D8                 lui     $t1, 0x8014      # Load Upper Immediate
ROM:000003DC                 lw      $v0, 0x8013E5B0  # Load Word
ROM:000003E0                 move    $a1, $s7
ROM:000003E4                 sh      $zero, 4($s1)    # Store Halfword
ROM:000003E8                 sh      $zero, 0($s1)    # Store Halfword
ROM:000003EC                 sra     $v0, 3           # Shift Right Arithmetic
ROM:000003F0                 jal     dword_2E554+0x104  # Jump And Link
ROM:000003F4                 sh      $v0, 2($s1)      # Store Halfword
ROM:000003F8                 move    $a0, $fp
ROM:000003FC                 jal     dword_30654+0xBC  # Jump And Link
ROM:00000400                 move    $a1, $s7
ROM:00000404                 lui     $t1, 0x800F      # Load Upper Immediate
ROM:00000408                 lw      $v0, 0x14($fp)   # Load Word
ROM:0000040C                 li      $t1, 0x800F071C  # Load Immediate
ROM:00000410                 sw      $v0, 0x1C($s1)   # Store Word
ROM:00000414                 lw      $v0, 0x18($fp)   # Load Word
ROM:00000418
ROM:00000418 loc_418:                                 # DATA XREF: ROM:00002D10o
ROM:00000418                 addiu   $a0, $t1, 0x84   # Add Immediate Unsigned
ROM:0000041C                 sw      $v0, 0x20($s1)   # Store Word
ROM:00000420                 lw      $v0, 0x1C($fp)   # Load Word
ROM:00000424                 move    $a1, $s7
ROM:00000428                 jal     0xBFDE8          # Jump And Link
ROM:0000042C                 sw      $v0, 0x24($s1)   # Store Word
ROM:00000430                 lw      $v0, 0x800F0704  # Load Word
ROM:00000438                 nop
ROM:0000043C                 andi    $v0, 1           # AND Immediate
ROM:00000440                 bnez    $v0, loc_460     # Branch on Not Zero
ROM:00000444                 lui     $v0, 0x800F      # Load Upper Immediate
ROM:00000448                 lui     $t1, 0x8014      # Load Upper Immediate
ROM:0000044C                 lh      $v1, 0x800F07C0  # Load Halfword
ROM:00000450                 lw      $v0, 0x8013E5B0  # Load Word
ROM:00000454                 nop
ROM:00000458                 addu    $v0, $v1         # Add Unsigned
ROM:0000045C                 sw      $v0, 0x8013E5B0  # Store Word
ROM:00000460
ROM:00000460 loc_460:                                 # CODE XREF: ROM:00000440j
ROM:00000460                 lw      $v1, 0($s3)      # Load Word
ROM:00000464                 nop
ROM:00000468                 srl     $v0, $v1, 8      # Shift Right Logical
ROM:0000046C                 andi    $v0, 1           # AND Immediate
ROM:00000470                 beqz    $v0, loc_4E4     # Branch on Zero
ROM:00000474                 srl     $v0, $v1, 9      # Shift Right Logical
ROM:00000478                 andi    $v0, 1           # AND Immediate
ROM:0000047C                 beqz    $v0, loc_4E4     # Branch on Zero
ROM:00000480                 lui     $s0, 0x8010      # Load Upper Immediate
ROM:00000484                 lwl     $v0, 0x2B($s3)   # Load Word Left
ROM:00000488                 lwr     $v0, 0x28($s3)   # Load Word Right
ROM:0000048C                 nop
ROM:00000490                 swl     $v0, 0x47($s1)   # Store Word Left
ROM:00000494                 swr     $v0, 0x44($s1)   # Store Word Right
ROM:00000498                 move    $a0, $s6
ROM:0000049C                 sll     $v1, $s4, 3      # Shift Left Logical
ROM:000004A0                 lhu     $v0, 2($s3)      # Load Halfword Unsigned
ROM:000004A4                 nop
ROM:000004A8                 sh      $v0, 0x4C($s1)   # Store Halfword
ROM:000004AC                 li      $v0, 0x8013E590  # Load Immediate
ROM:000004B4                 addu    $v1, $v0         # Add Unsigned
ROM:000004B8                 lw      $t0, 0($v1)      # Load Word
ROM:000004BC                 lw      $v0, 0x800FB610  # Load Word
ROM:000004C0                 addiu   $a1, $s1, 0x28   # Add Immediate Unsigned
ROM:000004C4                 sw      $v0, 0x10($sp)   # Store Word
ROM:000004C8                 lui     $v0, 0x8010      # Load Upper Immediate
ROM:000004CC                 sll     $t0, 2           # Shift Left Logical
ROM:000004D0                 lw      $a2, 0x800FB608  # Load Word
ROM:000004D4                 lw      $a3, 4($v1)      # Load Word
ROM:000004D8                 jal     0xBDDA4          # Jump And Link
ROM:000004DC                 addu    $a2, $t0         # Add Unsigned
ROM:000004E0                 sw      $v0, -0x49F0($s0)  # Store Word
ROM:000004E4
ROM:000004E4 loc_4E4:                                 # CODE XREF: ROM:00000470j
ROM:000004E4                                          # ROM:0000047Cj
ROM:000004E4                 addiu   $s6, 0x2C  # ','  # Add Immediate Unsigned
ROM:000004E8                 addiu   $s3, 0x2C  # ','  # Add Immediate Unsigned
ROM:000004EC                 addiu   $s2, 0x2C  # ','  # Add Immediate Unsigned
ROM:000004F0                 addiu   $s4, 1           # Add Immediate Unsigned
ROM:000004F4                 slti    $v0, $s4, 4      # Set on Less Than Immediate
ROM:000004F8                 bnez    $v0, loc_37C     # Branch on Not Zero
ROM:000004FC                 addiu   $s5, 0x2C  # ','  # Add Immediate Unsigned
ROM:00000500                 jal     0xB5D6C          # Jump And Link
ROM:00000504                 li      $a0, 0x54  # 'T'  # Load Immediate
ROM:00000508                 lw      $ra, 0x3C($sp)   # Load Word
ROM:0000050C                 lw      $fp, 0x38($sp)   # Load Word
ROM:00000510                 lw      $s7, 0x34($sp)   # Load Word
ROM:00000514                 lw      $s6, 0x30($sp)   # Load Word
ROM:00000518                 lw      $s5, 0x2C($sp)   # Load Word
ROM:0000051C                 lw      $s4, 0x28($sp)   # Load Word
ROM:00000520                 lw      $s3, 0x24($sp)   # Load Word
ROM:00000524                 lw      $s2, 0x20($sp)   # Load Word
ROM:00000528                 lw      $s1, 0x1C($sp)   # Load Word
ROM:0000052C                 lw      $s0, 0x18($sp)   # Load Word
ROM:00000530                 addiu   $sp, 0x40        # Add Immediate Unsigned
ROM:00000534                 jr      $ra              # Jump Register
ROM:00000538                 nop
ROM:0000053C  # ---------------------------------------------------------------------------
ROM:0000053C                 addiu   $sp, -0x18       # Add Immediate Unsigned
ROM:00000540                 sw      $ra, 0x10($sp)   # Store Word
ROM:00000544                 lh      $v1, 0xC($a0)    # Load Halfword
ROM:00000548                 lhu     $v0, 0xC($a0)    # Load Halfword Unsigned
ROM:0000054C                 beqz    $v1, loc_568     # Branch on Zero
ROM:00000550                 addiu   $v0, 1           # Add Immediate Unsigned
ROM:00000554                 li      $v0, 1           # Load Immediate
ROM:00000558                 beq     $v1, $v0, loc_570  # Branch on Equal
ROM:0000055C                 nop
ROM:00000560                 j       0x13E578         # Jump
ROM:00000564                 nop
ROM:00000568  # ---------------------------------------------------------------------------
ROM:00000568
ROM:00000568 loc_568:                                 # CODE XREF: ROM:0000054Cj
ROM:00000568                 j       0x13E578         # Jump
ROM:0000056C                 sh      $v0, 0xC($a0)    # Store Halfword
ROM:00000570  # ---------------------------------------------------------------------------
ROM:00000570
ROM:00000570 loc_570:                                 # CODE XREF: ROM:00000558j
ROM:00000570                 jal     0x13E2DC         # Jump And Link
ROM:00000574                 nop
ROM:00000578                 lw      $ra, 0x10($sp)   # Load Word
ROM:0000057C                 move    $v0, $zero
ROM:00000580                 jr      $ra              # Jump Register
ROM:00000584                 addiu   $sp, 0x18        # Add Immediate Unsigned

Just look at this:

It doesn't look random. It does look like a real code.

UPDATE:
Basing on FF8.exe (PSOne version) file, the sections LI (load immediate - I see it is some sort of Intel's MOV) takes values from .TEXT section which is constants and memory.. example: TEXT:8013E590                 .byte    0

[Maki]

Again back at MIPS:
Ran some tests on files, and the differences in MIPSL diassembly are as follow:
a0stg000:

Code: [Select]

addiu   $a0, -0x1020
jal     0x13E2BC
a0stg001:

Code: [Select]

addiu   $a0, -0x16FC
jal     0x13E2BC

a0stg012:

Code: [Select]

addiu   $a0, -0xEEC
jal     0x13E2B8
As you can see only the add or jump adresses are changed.
The code is 1416 bytes for a0stg000.x
IDA manages to find at least three complete functions. Anyway I found the online disassembler based on Little-endian MIPS that can produce pseudocode. This is a0stg000.x code section pseudocode:

Code: [Select]

//
// This file was generated by the Retargetable Decompiler
// Website: https://retdec.com
// Copyright (c) 2016 Retargetable Decompiler <[email protected]>
//

#include <stdbool.h>
#include <stdint.h>

// ------------------- Function Prototypes --------------------

int32_t function_2a4(int32_t a1);
int32_t function_2f0(int32_t a1);
int32_t function_314(void);
int32_t function_34(int32_t a1);
int32_t function_574(int32_t a1);
int32_t function_f0(int32_t a1);
int32_t unknown_13e0a8(void);
int32_t unknown_13e0bc(void);
int32_t unknown_13e198(void);
int32_t unknown_13e270(void);
int32_t unknown_13e2bc(void);
int32_t unknown_13e2e0(void);
int32_t unknown_13e464(void);
int32_t unknown_13e57c(void);
int32_t unknown_2e658(void);
int32_t unknown_30710(void);
int32_t unknown_30ca4(void);
int32_t unknown_b5078(void);
int32_t unknown_b50fc(void);
int32_t unknown_b5d10(void);
int32_t unknown_b5d6c(void);
int32_t unknown_bbb20(void);
int32_t unknown_bbb60(void);
int32_t unknown_bdb8c(void);
int32_t unknown_bdda4(void);
int32_t unknown_bf670(void);
int32_t unknown_bfba0(void);
int32_t unknown_bfde8(void);
int32_t unknown_c69c4(void);

// ------------------------ Functions -------------------------

// Address range: 0x34 - 0xef
int32_t function_34(int32_t a1) {
    // 0x34
    if (a1 == 1) {
        // 0x88
        unknown_13e2bc();
        return unknown_13e0a8();
    }
    // 0x44
    if (a1 < 2) {
        // 0x50
        if (a1 != 0) {
            // 0x58
            return unknown_13e0a8();
        }
        // 0x78
        unknown_13e0bc();
        return unknown_13e0a8();
    }
    // 0x64
    if (a1 != 2) {
        // 0x6c
        return unknown_13e0a8();
    }
    // 0x9c
    unknown_b5078();
    *(int16_t *)(unknown_b50fc() + 12) = 0;
    unknown_13e270();
    return -0x7fec1a38;
}

// Address range: 0xf0 - 0x2a3
int32_t function_f0(int32_t a1) {
    int32_t v1 = 0; // $s4
    int32_t v2 = -0x7ff0f8f8; // $s0
    int32_t v3 = 0; // $s3
    int32_t v4 = -0x7ff0f8d8; // $s2
    int32_t v5 = a1; // $s1
    int32_t v6 = *(int32_t *)(a1 + 4) + a1; // 0x14015
    int32_t v7 = v6; // $v1
    int32_t v8 = v6;
    int32_t * v9 = (int32_t *)-0x7ff0f8f4;
    if (*(int32_t *)(a1 + 8) + a1 == v6) {
        int32_t v10 = -0x7ff0f8f8; // 0x1c417
        int32_t v11; // bp+140
        int32_t v12;
        while (true) {
            int32_t * v13 = (int32_t *)v10;
            *v13 = *v13 & -1793;
            v12 = v2;
            int32_t v14 = v12 + 44;
            v2 = v14;
            v3 += 44;
            v4 += 44;
            int32_t v15 = v1 + 1;
            v1 = v15;
            int32_t v16 = v5;
            v5 = v16 + 4;
            if (v15 >= 4) {
                int32_t v17 = -0x7ff10000; // $a0
                *(int16_t *)-0x7ff0f840 = 4;
                *(int32_t *)(v17 + 1980) = *(int32_t *)(a1 + 20) + a1;
                if (*(int32_t *)(a1 + 24) + a1 != *(int32_t *)(a1 + 20) + a1) {
                    // 0x21c
                    *(char *)-0x7ff1b1e9 = 50;
                    return unknown_bbb60();
                }
                // 0x214
                *(int32_t *)(v17 + 1980) = 0;
                // branch -> 0x21c
                // 0x21c
                *(char *)-0x7ff1b1e9 = 50;
                return unknown_bbb60();
            }
            // 0x1a8
            v11 = *(int32_t *)(v16 + 8) + a1;
            v7 = v11;
            if (*(int32_t *)(v16 + 12) + a1 != v11) {
                // break -> 0x134
                break;
            }
            v10 = v14;
            // continue -> 0x1a8
        }
        // 0x134
        v8 = v11;
        v9 = (int32_t *)(v12 + 48);
        // branch -> 0x148
    }
    // 0x148
    *v9 = *(int32_t *)(v8 + 4) + v8;
    int32_t v18 = *(int32_t *)(v7 + 8);
    *(int32_t *)(v2 + 8) = v18 + v7;
    int32_t v19 = *(int32_t *)(v7 + 12);
    *(int32_t *)(v2 + 12) = v19 + v7;
    unknown_bbb20();
    int32_t * v20 = (int32_t *)v2;
    *v20 = *v20 | 1792;
    unknown_bfba0();
    return unknown_13e198();
}

// Address range: 0x2a4 - 0x2ef
int32_t function_2a4(int32_t a1) {
    unsigned char v1 = *(char *)((unknown_30ca4() % 2 | -0x7ff11f18) + 3294);
    *(int16_t *)-0x7ff0eda0 = (int16_t)v1;
    return unknown_c69c4();
}

// Address range: 0x2f0 - 0x313
int32_t function_2f0(int32_t a1) {
    // 0x2f0
    return unknown_bdb8c();
}

// Address range: 0x314 - 0x573
int32_t function_314(void) {
    int32_t v1 = unknown_b5d10(); // bp+340
    int32_t v2 = 0; // $s4
    bool v3 = true; // $fp
    int32_t v4 = -0x7ff0f8f4; // $s6
    int32_t v5 = -0x7ff0f8f8; // $s3
    int32_t v6 = -0x7ff0f8e4; // $s2
    int32_t v7 = -0x7ff0f8d8; // $s5
    *(int16_t *)(v1 + 64) = 320;
    *(int16_t *)(v1 + 66) = 216;
    *(int16_t *)(v1 + 60) = 0;
    *(int16_t *)(v1 + 62) = 0;
    *(int32_t *)(v1 + 72) = -1;
    *(int32_t *)(v1 + 44) = *(int32_t *)-0x7ff0e7d4;
    *(int32_t *)(v1 + 56) = *(int32_t *)-0x7ff04ae8;
    // branch -> 0x3b4
    while (true) {
        // 0x3b4
        if ((*(int32_t *)-0x7ff0f8fc & 4) == 0) {
            // 0x3c8
            if (unknown_bf670() != 0) {
                // 0x3dc
                unknown_bfba0();
                // branch -> 0x3ec
            }
            // 0x3ec
            // branch -> 0x3f0
        }
        // 0x3f0
        if (v2 != 3) {
            // 0x3f4
            unknown_bfde8();
            return unknown_13e464();
        }
        // 0x40c
        *(int16_t *)(v1 + 4) = 0;
        *(int16_t *)v1 = 0;
        *(int16_t *)(v1 + 2) = (int16_t)(*(int32_t *)-0x7fec1a4c / 8);
        unknown_2e658();
        unknown_30710();
        int32_t * v8 = v3 ? (int32_t *)-0x7ff0ed54 : (int32_t *)20;
        *(int32_t *)(v1 + 28) = *v8;
        int32_t * v9 = v3 ? (int32_t *)-0x7ff0ed50 : (int32_t *)24;
        *(int32_t *)(v1 + 32) = *v9;
        int32_t * v10 = v3 ? (int32_t *)-0x7ff0ed4c : (int32_t *)28;
        *(int32_t *)(v1 + 36) = *v10;
        unknown_bfde8();
        if (*(int32_t *)-0x7ff0f8fc % 2 == 0) {
            int32_t v11 = *(int32_t *)-0x7fec1a4c; // bp+488
            *(int32_t *)-0x7fec1a4c = v11 + (int32_t)*(int16_t *)-0x7ff0f840;
            // branch -> 0x498
        }
        int32_t v12 = v5; // bp+498
        uint32_t v13 = *(int32_t *)v12; // bp+498
        uint32_t v14 = v13 / 512;
        int32_t v15 = v12; // bp+520
        int32_t v16; // bp+528
        if ((v13 & 256) != 0) {
            // 0x4ac
            if (v14 % 2 != 0) {
                // 0x4b8
                *(int16_t *)(v1 + 76) = *(int16_t *)(v12 + 2);
                *(int32_t *)-0x7ff049f0 = unknown_bdda4();
                v15 = v5;
                // branch -> 0x51c
            } else {
                v15 = v12;
            }
            // 0x51c
            v4 += 44;
            v5 = v15 + 44;
            v6 += 44;
            v16 = v2 + 1;
            v2 = v16;
            v7 += 44;
            if (v16 >= 4) {
                // break -> 0x534
                break;
            }
            // continue -> 0x3b4
            continue;
        }
        // 0x51c
        v4 += 44;
        v5 = v15 + 44;
        v6 += 44;
        v16 = v2 + 1;
        v2 = v16;
        v7 += 44;
        if (v16 >= 4) {
            // break -> 0x534
            break;
        }
        // continue -> 0x3b4
    }
    // 0x534
    return unknown_b5d6c();
}

// Address range: 0x574 - 0x5bb
int32_t function_574(int32_t a1) {
    int16_t * v1 = (int16_t *)(a1 + 12);
    int16_t v2 = *v1;
    if (v2 == 0) {
        // 0x5a0
        *v1 = (int16_t)((int32_t)*v1 + 1);
        return unknown_13e57c();
    }
    // 0x588
    if (v2 != 1) {
        // 0x594
        return unknown_13e57c();
    }
    // 0x5a8
    unknown_13e2e0();
    return 0;
}

// --------------------- Meta-Information ---------------------

// Detected compiler/packer: gcc
// Detected functions: 6
// Decompiler release: v2.1.2 (2016-01-27)
// Decompilation date: 2016-07-05 18:14:25
You can of course see some totally wrong this like:
int32_t * v8 = v3 ? (int32_t *)-0x7ff0ed54 : (int32_t *)20;
^I do not understand why there are negative values. This looks like address, so 20 is also wrong.
Although the first function seems to be correct with the IDA disassembly.

Graphs:

[Maki]

Battle camera:

00B8B7D8 int  _battleCamera_worldXZ:
 This & FFFF0000 : Camera world location on X axis
 This & 0000FFFF : Camera world location on Z axis (up-down)

00B8B7DC int? _battleCamera_worldY: Camera world location on Y axis

00B8B7E0 int _battleCamera_LookAtX: Camera look-at target location on X axis in world. Maybe the other sint16 is Z axis, but I can't prove this

00B8B7E4 int _battleCamera_LookAtY: Camera look-at target location on Y axis in world. Changing the other sint16 doesn't seem to do anything?

Camera is always looking at look-at target.

[paul]

Maybe its more:

int32_t * v8 = v3 ? (int32_t *)-0x7ff0ed54 : (int32_t *)20;
*(int32_t *)(v1 + 28) = *v8;

Is

*(int32_t *)(v1 + 28) = v3 ? -(int32_t *)0x7ff0ed54 : 20;

And v1 is clearly some structure so it would actually be:

int32_t* g7ff0ed54; // some unknown global
v1->Field_28 = v3 ? -*g7ff0ed54 : 20;

[Maki]

Gold shovel for me!

After ten hours of extensive work I finally made it to produce my own battle stage from scratch and create working tool to convert OBJ meshes to FF8 battle stage. It's still mess as it's hard as hell (The UVs are messed up, there's also MOD jump that needs extreme amount of testing and also unknown GPU byte that sometimes needs to be 0x24 and sometimes 0x2C or sometimes all it show is just black screen)
Anyway, I'm tired, this is proof:

It crashes after finishing camera animation in un-reversed function so I don't know what's messed up. I never had such problems earlier with test geometries before.
As it's now it doesn't require any manual tweaking


I made some further tests and...
actually FF8 supports triangles, quads and two unknown (in wiki I noted it as padding as it's always 00, but in code it's actually get parsed just like triangles and quads, touching that produces glitches)
FF8 doesn't support 24BPP textures
FF8 doesn't support second TIM texture, it's just a binary leftover, the engine never touches this
That might be all

Fast 5k triangle test (It's much more than the most complicated battle stage):

No problems at export, everything is fine. FF8 loads it without problems but there are a lot of graphical bugs, maybe I should split the meshes like in original FF8?
Anyway that's how it looks before it vanishes at the end of camera animation and soon after crashes(I think I know why, but I need to prove it)

[paul]

Have a look at psx gpu prims, the other types probably match onto that, POLY_FT4 etc. Perhaps the other types are g/flat/untextured shaded tri and quad?

[Maki]

I managed to somewhat break the camera structure. I updated http://wiki.ffrtt.ru/index.php/FF8/FileFormat_X#Camera_data

Case study:
a0stg101.x - balamb plains:

0x5D8 - camera start [via code]
02 00 is skipped
08 00 is pointer to camera settings
20 00 is pointer to camera animation

Let's jump to camera animation as it's the most important part here.

We will end up at 0x32. This is sub-section. We will work with pointers relatively to this position.
You'll get a ushort for number of camera animations - in this example it's 7. [a0stg101.x have 7 sets, therefore 7*8 animations, but a0stg000 or a0stg001 don't remember but they have only one!, so 1*8 animations!]

Now, when the game starts and encounter is loaded it magically resolves which animation to use to show the enemy well. You can of course break at getting camera anim index code and change the register so the camera will present the enemy like it's T-rex showing only one mosquitoe (I don't remember that fly name on Balamb's plain).

So, we are at pointers indicator, the engine now:
EAX + ECX*2 + 02, where:
-EAX - absolute memory pointer to 07 00 or 08 00 as said above;
-ECX - the camera index that it got from from static memory (pointer to pointer to some packed binary values)
02 - size of numberOfAnimations

Let's jump to last animation now:
considering 07 00 in our file is now offset 0x00:
(7-1)*2+2 = 0xE //because 00 means first index, so 7th index is in fact 6*2

Now get ushort pointer at 0xE= 0x1F10;
We will get to 0x1F10. Engine now reads 8 pointers, like in this case first pointer is 08 00 and next is 48 00. Now it calculates it by pointer*2. So first pointer actually starts at 0x16, second at 0x48*2=0x90.

UPDATE3:
grab the useful breakpoint:
0x5035AB (Newest steam english).

UPDATE4:
Engine camera animation parsing at: sub_503C8F
checking for FFFF: 00503C7B:
cmp ax, 0xFFFF, where ax is *(019399E2) (cameraSet 1+ anim 5)

Operands are bit operated...

There:

[Maki]

New updates!

I wrote a python script to dump the pointers to cameras:
https://gist.github.com/MaKiPL/e0f2e36b5edb560ff047e12a33aba9be

Use it like shown here:


It requires python 2.7
also I updated the wiki page and uploaded the video:
https://www.youtube.com/watch?v=R9Y9PEhlMhs&t=2s

[JWP]

The structure that the camera animation is loaded into looks like:

Code: [Select]

struct CameraStruct {
BYTE unkbyte000; //000
BYTE unkbyte001; //001 keyframe count?
WORD control_word; //002
WORD unkword004; //004
WORD unkword006; //006
WORD unkword008; //008
WORD unkword00A; //00A
WORD unkword00C; //00C
WORD unkword00E; //00E total frame count/time?
BYTE unk[20] //010
short unkword024[32]; //024 - start frames for each key frame?
short unkword064[32]; //064
short unkword0A4[32]; //0A4
short unkword0E4[32]; //0E4
BYTE unkbyte124[32]; //124
short unkword144[32]; //144
short unkword184[32]; //184
short unkword1C4[32]; //1C4
BYTE unkbyte204[32]; //204
BYTE unkbyte224[128]; //224
BYTE unkbyte2A4[128]; //2A4
BYTE unkbyte324[128]; //324
BYTE unkbyte3A4[128]; //3A4
BYTE unkbyte424[128]; //424
BYTE unkbyte4A4[128]; //4A4
};
and the function that parses the animation into it looks something like:

Code: [Select]

short* parse_camera(short* camera_data, CameraStruct* cam) {
short* local2C;
BYTE keyframecount;
WORD totalframecount;
short* local1C;
short* local18;
short* local14;
short* local10;

short* current_position = camera_data;
if (*current_position == 0xFFFF) {
return NULL;
}

cam->control_word = *current_position;

current_position++;
totalframecount = 0;
keyframecount = 0;
switch ((cam->control_word >> 6) & 3) {
case 1:
cam->unkword004 = 0x200;
cam->unkword006 = 0x200;
break;
case 2:
cam->unkword004 = *current_position;
cam->unkword006 = *current_position;
current_position++;
break;
case 3:
cam->unkword004 = *current_position++;
cam->unkword006 = *current_position++;
break;
}

switch ((cam->control_word >> 8) & 3) {
case 0:
cam->unkword008 = ff8vars.unkword1D977A2;
cam->unkword00A = ff8vars.unkword1D977A2;
break;
case 1:
cam->unkword008 = 0;
cam->unkword00A = 0;
break;
case 2:
cam->unkword008 = *current_position;
cam->unkword00A = *current_position;
current_position++;
break;
case 3:
cam->unkword008 = *current_position++;
cam->unkword00A = *current_position++;
break;
}

switch (cam->control_word & 1) {
case 0:
if (*current_position >= 0) {
do {
cam->unkword024[keyframecount] = totalframecount;
totalframecount += *current_position++ * 16;
cam->unkbyte124[keyframecount] = *current_position++;
cam->unkword064[keyframecount] = *current_position++;
cam->unkword0A4[keyframecount] = *current_position++;
cam->unkword0E4[keyframecount] = *current_position++;
cam->unkbyte204[keyframecount] = *current_position++;
cam->unkword144[keyframecount] = *current_position++;
cam->unkword184[keyframecount] = *current_position++;
cam->unkword1C4[keyframecount] = *current_position++;
keyframecount++;
} while (*current_position >= 0);

if (keyframecount > 2) {
ff8funcs.Sub50D010(cam->unkword024, cam->unkword064, cam->unkword0A4, cam->unkword0E4, keyframecount, cam->unkbyte224, cam->unkbyte2A4, cam->unkbyte324);
ff8funcs.Sub50D010(cam->unkword024, cam->unkword144, cam->unkword184, cam->unkword1C4, keyframecount, cam->unkbyte3A4, cam->unkbyte424, cam->unkbyte4A4);
}
}
break;
case 1:
if (*current_position >= 0) {
local14 = current_position + 5;
local10 = current_position + 6;
local2C = current_position + 7;
local18 = current_position + 1;
local1C = current_position + 2;
short* ebx = current_position + 3;
do {
cam->unkword024[keyframecount] = totalframecount;
totalframecount += *current_position++ * 16;
ff8funcs.Sub503AE0(++local18, ++local1C, ++ebx, *(BYTE*)current_position, &cam->unkword064[keyframecount], &cam->unkword0A4[keyframecount], &cam->unkword0E4[keyframecount]);
ff8funcs.Sub503AE0(++local14, ++local10, ++local2C, *(BYTE*)(current_position + 4), &cam->unkword144[keyframecount], &cam->unkword184[keyframecount], &cam->unkword1C4[keyframecount]);
cam->unkbyte204[keyframecount] = 0xFB;
cam->unkbyte124[keyframecount] = 0xFB;
local1C += 8;
local18 += 8;
current_position += 8;
local2C += 8;
ebx += 8;
local10 += 8;
local14 += 8;
keyframecount++;
} while (*current_position >= 0);

if (keyframecount > 2) {
ff8funcs.Sub50D010(cam->unkword024, cam->unkword064, cam->unkword0A4, cam->unkword0E4, keyframecount, cam->unkbyte224, cam->unkbyte2A4, cam->unkbyte324);
ff8funcs.Sub50D010(cam->unkword024, cam->unkword144, cam->unkword184, cam->unkword1C4, keyframecount, cam->unkbyte3A4, cam->unkbyte424, cam->unkbyte4A4);
}
}
break;
}

if ((cam->control_word & 0x3E) == 0x1E) {
ff8funcs.Sub503300();
}

cam->unkbyte001 = keyframecount;
cam->unkword00E = totalframecount;
cam->unkword00C = 0;
return current_position + 1;
}

note: adding to a word pointer adds 2 to the value.
The size of the animation depends a lot on the control word and the amount of keyframes.
I haven't verified the code completely but it should be roughly correct with some possible minor errors.