Finding gear determination thresholds for 2017 BRZ ZA1JK00G

Compelica · **Joined:** Mon Mar 11, 2024 11:18 pm **Posts:** 3

Hi all, long time reader in this forum.

I am trying to define the Gear Determination Thresholds in the ZA1JK00G definition for a 2017 BRZ, which is not available except to closed-source. The ZA1JA01G definition has these two tables already defined, and as a learning step I am trying to define them myself in K00G.

I first started looking at the ROM address listed in the A01G def and found they were stored as two 2D tables in float with values saved consecutively, so I tried looking for the same in K00G given that the structure is said to be similar - no such luck.

Installed Scoobyrom (thanks @alesv) and opened up both A01G and K00G. Was surprised Scoobyrom could not find the 2D table for A01G at the address in the definition, and eyeballing K00G there were no similar table structures either.

My next step is to find a logger for K00G which stores the current gear value in RAM, then trace that back to the ROM in Ghidra. Note that am not speaking with more technicality as I need to figure out what actually needs to be done.

As I go along - are there any steps that I can take to make finding these particular tables easier?

Thanks to everyone who contributed help and guides; they have been very useful!

td-d · **Posted:** Fri Oct 18, 2024 3:59 pm

Code:

ROM:00104548 Gear_Determination_Thresholds_A:.float 10.77
ROM:0010454C                 .float 16.25
ROM:00104550                 .float 21.65
ROM:00104554                 .float 26.809999
ROM:00104558                 .float 33.860001
ROM:0010455C Gear_Determination_Thresholds_B:.float 10.2
ROM:00104560                 .float 15.4
ROM:00104564                 .float 20.51
ROM:00104568                 .float 25.4
ROM:0010456C                 .float 32.07

Or - it could be these:


ROM:00104578 flt_104578:     .float 10.77            ; DATA XREF: sub_4FF80+2E↑o
ROM:00104578                                         ; sub_4FF80:off_50198↑o
ROM:0010457C flt_10457C:     .float 10.77            ; DATA XREF: ROM:0004FF32↑o
ROM:0010457C                                         ; sub_4FF80:loc_4FFDC↑o ...
ROM:00104580 flt_104580:     .float 16.25            ; DATA XREF: sub_4FF80+38↑o
ROM:00104580                                         ; sub_4FF80:off_501A0↑o
ROM:00104584 flt_104584:     .float 16.25            ; DATA XREF: ROM:0004FF3C↑o
ROM:00104584                                         ; sub_4FF80+66↑o ...
ROM:00104588 flt_104588:     .float 21.65            ; DATA XREF: sub_4FF80+40↑o
ROM:00104588                                         ; sub_4FF80:off_501A4↑o
ROM:0010458C flt_10458C:     .float 21.65            ; DATA XREF: ROM:0004FF44↑o
ROM:0010458C                                         ; sub_4FF80+6E↑o ...
ROM:00104590 flt_104590:     .float 26.809999        ; DATA XREF: sub_4FF80+48↑o
ROM:00104590                                         ; sub_4FF80:off_501A8↑o
ROM:00104594 flt_104594:     .float 26.809999        ; DATA XREF: ROM:0004FF4C↑o
ROM:00104594                                         ; sub_4FF80+76↑o ...
ROM:00104598 flt_104598:     .float 33.860001        ; DATA XREF: sub_4FF80+50↑o
ROM:00104598                                         ; sub_4FF80:off_501AC↑o
ROM:0010459C flt_10459C:     .float 33.860001        ; DATA XREF: ROM:0004FF54↑o


ROM:001045A0 flt_1045A0:     .float 10.2             ; DATA XREF: sub_4FF80+90↑o
ROM:001045A0                                         ; sub_4FF80:off_501B4↑o
ROM:001045A4 flt_1045A4:     .float 10.2             ; DATA XREF: sub_4FF80:loc_5003E↑o
ROM:001045A4                                         ; sub_4FF80:off_501C8↑o
ROM:001045A8 flt_1045A8:     .float 15.4             ; DATA XREF: sub_4FF80+9A↑o
ROM:001045A8                                         ; sub_4FF80:off_501B8↑o
ROM:001045AC flt_1045AC:     .float 15.4             ; DATA XREF: sub_4FF80+C8↑o
ROM:001045AC                                         ; sub_4FF80:off_501CC↑o
ROM:001045B0 flt_1045B0:     .float 20.51            ; DATA XREF: sub_4FF80+A2↑o
ROM:001045B0                                         ; sub_4FF80:off_501BC↑o
ROM:001045B4 flt_1045B4:     .float 20.51            ; DATA XREF: sub_4FF80+D0↑o
ROM:001045B4                                         ; sub_4FF80:off_501D0↑o
ROM:001045B8 flt_1045B8:     .float 25.4             ; DATA XREF: sub_4FF80+AA↑o
ROM:001045B8                                         ; sub_4FF80:off_501C0↑o
ROM:001045BC flt_1045BC:     .float 25.4             ; DATA XREF: sub_4FF80+D8↑o
ROM:001045BC                                         ; sub_4FF80:off_501D4↑o
ROM:001045C0 flt_1045C0:     .float 32.07            ; DATA XREF: sub_4FF80+B2↑o
ROM:001045C0                                         ; sub_4FF80:off_501C4↑o
ROM:001045C4 flt_1045C4:     .float 32.07            ; DATA XREF: sub_4FF80+E0↑o
ROM:001045C4                                         ; sub_4FF80:off_501D8↑o

td-d · **Posted:** Fri Oct 18, 2024 4:05 pm

Try logging 0XFFF89B02 and FFF89891 for gear. One byte, raw value.

Compelica · **Joined:** Mon Mar 11, 2024 11:18 pm **Posts:** 3

td-d wrote:

Try logging 0XFFF89B02 and FFF89891 for gear. One byte, raw value.

Thank you td-d, your contributions in FT86Club (I started off there) have helped me tremendously.

I found the 2nd set in your list but I missed the first one as Ghidra assumed the data type to a character. Figured out since the models with K00G still used the 4.1 final gear ratio, hence the values in the thresholds table in A01G should be the same as the one in K00G.

However in the first set (from 0x00104548) Ghidra does not show any cross referencing; does that imply that those values aren't used? I had changed the data types and re-analysed it in case Ghidra picks up something new but yet there are no new xrefs.

In the function referenced for the second group of values (0x00104578), it reads off a RAM value 0xFFF88FFC to determine if the first set or the second set is used... will dig further to understand it.

Code:

uint ?GearDetermination(void)

{
  char cVar2;
  uint uVar1;
  undefined4 uVar3;
  undefined4 uVar4;
  float fVar5;
  float fVar6;
  
  uVar4 = DAT_fff88f7c;
  fVar6 = DAT_fff89750;
  cVar2 = FUN_00056ad0();
  if (DAT_fff88ffc == '\x01') {
    DAT_fff8997c = 33.86;
    DAT_fff89978 = 26.81;
    DAT_fff89974 = 21.65;
    DAT_fff89970 = 16.25;
    DAT_fff8996c = 10.77;
  }
  else {
    DAT_fff8997c = 32.07;
    DAT_fff89978 = 25.4;
    DAT_fff89974 = 20.51;
    DAT_fff89970 = 15.4;
    DAT_fff8996c = 10.2;
  }
  fVar5 = 1.0;
  if (DAT_fff896f4 == '\0') {
    uVar1 = (uint)DAT_fff88e96;
    if (uVar1 == 0) {
      DAT_fff89962 = 6;
      DAT_fff89963 = 0;
      return 0;
    }
    if (uVar1 == 0xd) {
      DAT_fff89962 = 6;
      DAT_fff89963 = 0;
      return 0;
    }
    if (uVar1 == 0xe) {
      DAT_fff89962 = 1;
      DAT_fff89963 = 1;
      return 1;
    }
    if (uVar1 < 7) {
      if (uVar1 == 6) {
        DAT_fff89962 = 5;
        DAT_fff89963 = 6;
        return 6;
      }
      DAT_fff89962 = DAT_fff88e96;
      DAT_fff89963 = DAT_fff88e96;
      return (int)(char)DAT_fff88e96;
    }
    return uVar1;
  }
  if (0.1953125 <= fVar6) {
    uVar3 = FUN_00010b30(fVar6,0x447a0000);
    uVar4 = FUN_00010b30(uVar4,uVar3);
    DAT_fff89958 = (float)FUN_00010b30(uVar4,fVar5);
    DAT_fff8995c = (float)FUN_000112b0(DAT_fff89958,DAT_fff8995c,0x3e99999a);
    if (DAT_fff8996c < DAT_fff89958) {
      if (DAT_fff89970 < DAT_fff89958) {
        if (DAT_fff89974 < DAT_fff89958) {
          if (DAT_fff89978 < DAT_fff89958) {
            if (DAT_fff8997c < DAT_fff89958) {
              DAT_fff89960 = '\x06';
            }
            else {
              DAT_fff89960 = '\x05';
            }
          }
          else {
            DAT_fff89960 = '\x04';
          }
        }
        else {
          DAT_fff89960 = '\x03';
        }
      }
      else {
        DAT_fff89960 = '\x02';
      }
    }
    else {
      DAT_fff89960 = '\x01';
    }
    if (DAT_fff8995c <= DAT_fff8996c) {
      DAT_fff89961 = 1;
      goto LAB_00050236;
    }
    if (DAT_fff8995c <= DAT_fff89970) {
      DAT_fff89961 = 2;
      goto LAB_00050236;
    }
    if (DAT_fff8995c <= DAT_fff89974) {
      DAT_fff89961 = 3;
      goto LAB_00050236;
    }
    if (DAT_fff8995c <= DAT_fff89978) {
      DAT_fff89961 = 4;
      goto LAB_00050236;
    }
    if (DAT_fff8995c <= DAT_fff8997c) {
      DAT_fff89961 = 5;
      goto LAB_00050236;
    }
  }
  else {
    DAT_fff8995c = DAT_fff89958;
    DAT_fff89960 = '\x06';
  }
  DAT_fff89961 = 6;
LAB_00050236:
  if ((DAT_fff896ed != '\x01') && (cVar2 != '\x04')) {
    if (DAT_fff89960 == '\x06') {
      DAT_fff89962 = 5;
      DAT_fff89963 = 6;
      return 6;
    }
    DAT_fff89962 = DAT_fff89960;
    DAT_fff89963 = DAT_fff89960;
    return (int)DAT_fff89960;
  }
  DAT_fff89963 = 0;
  DAT_fff89962 = 6;
  return 0;
}

Compelica · **Joined:** Mon Mar 11, 2024 11:18 pm **Posts:** 3

Attaching the definition if anyone would like to test it. I am using the OFT v4.03 definition, but should work fine with a stock K00G ROM.

This is untested, so please use at your own risk.

There are three sets of values:

For A and B you should be using the same values for the internal A and B cells. Those values point to only a single function, a pointer and nowhere else. For the C and D tables those locations are not even referenced anywhere at all.

To change the value, divide the values from tables A and C by 4.1 and multiply with your intended ratio. Those values should be replicated to tables B and D as well.

RomRaider

Forum rules

Finding gear determination thresholds for 2017 BRZ ZA1JK00G

Who is online