MaddoScientisto
de42fd1ea1
- Introduced new file `vm_mask_ladder.tsv` containing detailed mappings for Crusader USECODE VM masks and their associated descriptors. - Added comprehensive documentation in `scummvm-crusader-reference.md` outlining the structure, findings, and implications for reverse-engineering the Crusader engine within ScummVM. - Created `usecode-roundtrip-ir.md` to document the plan for converting Crusader USECODE bytes into a human-readable format, detailing the container layout, event names, and intrinsic tables. - Implemented a PowerShell script `temp_usecode_sample.ps1` for extracting and analyzing USECODE data from the Crusader FLX files, providing insights into class and event structures.
2.2 KiB
2.2 KiB
| 1 | stage_address | ir_name | opcode_or_lane | payload_shape | evidence |
|---|---|---|---|---|---|
| 2 | 000d:0988 | APPEND_UNIQUE_INLINE | opcode 0x18 (implied sibling) | inline referent-chain payload | 0x19/0x1a/0x1b compares in 000d:0988 imply 0x18 as append-unique inline sibling |
| 3 | 000d:0988 | APPEND_UNIQUE_INDIRECT | opcode 0x19 | indirect/string-like referent-chain payload | [BP-0x32] == 0x19 path in 000d:0988 with indirect-mode flag |
| 4 | 000d:0988 | REMOVE_MATCHING_INDIRECT | opcode 0x1a | indirect/string-like referent-chain payload | [BP-0x32] == 0x1a path in 000d:0988 reaches entity_vm_referent_chain_remove_matching_from |
| 5 | 000d:0988 | REMOVE_MATCHING_INLINE | opcode 0x1b | inline referent-chain payload | [BP-0x32] == 0x1b path in 000d:0988 reaches entity_vm_referent_chain_remove_matching_from without indirect-mode flag |
| 6 | 000d:177c | PUSH_FRAME_WORD_LITERAL | same FUN_000d_ebe3 sequencer family | word scalar pushed to stream stack | 000d:177c subtracts 2 from [context+0xcc] and stores frame-local word before entity_vm_opcode_finish |
| 7 | 000d:1acb | COMPARE_STREAM_DWORD_AND_PUSH_BOOL | same FUN_000d_ebe3 sequencer family | stream dword pair consumed, predicate word emitted | 000d:1acb reads one 32-bit pair from stream, compares against AX:DX, pushes boolean word result |
| 8 | 000d:208b | MATERIALIZE_OR_FORWARD_VALUE | slot-backed context consumer | materialized slot value or forwarded object result | 000d:208b builds one VM context then forwards immediate or object-backed value through shared epilogue |
| 9 | 000d:21ed | PREPEND_INLINE_PAYLOAD | inline payload substage | caller-owned blob copied into context +0x102 buffer | 000d:21ed prepends caller bytes into backward-growing context buffer before metadata-driven follow-on work |
| 10 | 000d:22bc | BUILD_ENTITY_LINK_MATRIX | inline payload follow-on stage | two signed metadata bytes plus streamed entity/link ids | 000d:22bc consumes two signed bytes from +0xd6/+0xd8 and streamed words for repeated entity_link calls |
| 11 | 000d:22bc | EMIT_OR_PUSHBACK_RESULT | inline payload follow-on stage | stream writeback filter | 000d:23da..2421 pushes back only results without 0x0400 list flag before opcode finish |
| 12 | 000d:2104 | FINALIZE_MIXED_VALUE_TO_OUTPTR | same FUN_000d_ebe3 sequencer family | mixed immediate/object scalar return | 000d:2104 writes either frame-local dword or object word with high word cleared to caller out-ptr |