- Code: Select all
.text:10309D00
.text:10309D00 ; =============== S U B R O U T I N E =======================================
.text:10309D00
.text:10309D00 ; This function updates X/Z/Y location eventually.
.text:10309D00
.text:10309D00 UpdateLocation proc near ; CODE XREF: .text:102FCDBFp
.text:10309D00 ; .text:10314B8Fp
.text:10309D00
.text:10309D00 var_C = dword ptr -0Ch
.text:10309D00 var_8 = dword ptr -8
.text:10309D00 var_4 = dword ptr -4
.text:10309D00 arg_0 = dword ptr 4
.text:10309D00 arg_4 = dword ptr 8
.text:10309D00 arg_8 = byte ptr 0Ch
.text:10309D00
.text:10309D00 sub esp, 0Ch
.text:10309D03 cmp [esp+0Ch+arg_8], 0
.text:10309D08 push ebx
.text:10309D09 mov ebx, [esp+10h+arg_0] ; ebx contains eventual offset to XZY location
.text:10309D0D push ebp
.text:10309D0E mov ebp, [esp+14h+arg_4]
.text:10309D12 push esi
.text:10309D13 jz loc_10309E95 ; Jump to location which sets location X,Z,Y values
<snip>
.text:10309E95 ; ---------------------------------------------------------------------------
.text:10309E95
.text:10309E95 loc_10309E95: ; CODE XREF: UpdateLocation+13j
.text:10309E95 mov eax, [edi]
.text:10309E97 mov edx, [eax+0Ch]
.text:10309E9A push ebp
.text:10309E9B mov ecx, edi
.text:10309E9D call edx
.text:10309E9F test al, al
.text:10309EA1 jz loc_1030A04E
.text:10309EA7 test byte ptr [edi+48h], 1
.text:10309EAB mov [esp+18h+arg_8], 0
.text:10309EB0 mov byte ptr [esp+18h+arg_4], 0
.text:10309EB5 jz loc_10309F53
.text:10309EBB mov eax, [ebx+0Ch] ; eax+14h is offset to eventual XZY
.text:10309EBE movss xmm0, dword_10BBB458 ; 0x37800000h
.text:10309EC6 cvtsi2ss xmm1, dword ptr [eax+14h]
.text:10309ECB lea esi, [eax+14h] ; esi contains pointer to base value used for XZY
.text:10309ECE mulss xmm1, xmm0
.text:10309ED2 movss [esp+18h+var_C], xmm1
.text:10309ED8 cvtsi2ss xmm1, dword ptr [esi+4]
.text:10309EDD mulss xmm1, xmm0
.text:10309EE1 movss [esp+18h+var_8], xmm1
.text:10309EE7 cvtsi2ss xmm1, dword ptr [esi+8]
.text:10309EEC mulss xmm1, xmm0
.text:10309EF0 lea edx, [esp+18h+var_C]
.text:10309EF4 mov ecx, edi
.text:10309EF6 movss [esp+18h+var_4], xmm1
.text:10309EFC call sub_10309940
.text:10309F01 test al, al
.text:10309F03 jz short loc_10309F53
.text:10309F05 cvtsi2ss xmm1, dword ptr [esi] ; Convert signed double word int to single precision float
.text:10309F09 movss xmm0, dword_10BBB458 ; 0x37800000h
.text:10309F11 mulss xmm1, xmm0 ; multiply
.text:10309F15 movss [esp+18h+var_C], xmm1
.text:10309F1B cvtsi2ss xmm1, dword ptr [esi+4]
.text:10309F20 mov eax, [esp+18h+var_C] ; X Axis
.text:10309F24 mulss xmm1, xmm0
.text:10309F28 movss [esp+18h+var_8], xmm1
.text:10309F2E cvtsi2ss xmm1, dword ptr [esi+8]
.text:10309F33 mov ecx, [esp+18h+var_8] ; Z Axis
.text:10309F37 mulss xmm1, xmm0
.text:10309F3B movss [esp+18h+var_4], xmm1
.text:10309F41 mov edx, [esp+18h+var_4]
.text:10309F45 mov [edi+5Ch], eax ; Sets X Axis
.text:10309F48 mov [edi+60h], ecx ; Sets Z Axis
.text:10309F4B mov [esp+18h+arg_8], 1
.text:10309F50 mov [edi+64h], edx ; Sets Y Axis
So the last three lines are what 'writes' to the float's I found for x/y/z in game.
I started working back from there, but I'm unsure at a couple of points. First off, I'm not sure why the 'original' values of the location get multiplied by these type of lines:
- Code: Select all
.text:10309F09 movss xmm0, dword_10BBB458 ; 0x37800000h
.text:10309F11 mulss xmm1, xmm0 ; multiply
I tried to put a break point on thee actual function, in hopes I could see what called it and what set ESP, but it nver seemed to fire.
Anyone notice anything about this code that makes you say "ahh, that's a hash table and you need to figure out blah blah blah to get to a point where it's a static" or something like that?