|
|
|
 |
|
|
 |
|
 |
 |
|
 |
 |
|
 |
|
| Development::Development Forum for development topics and for those interested in EQEMu development. (Not a support forum) |
 |
|
 |
12-16-2008, 05:31 PM
|
 |
Developer
|
|
Join Date: Aug 2006
Location: USA
Posts: 5,946
|
|
Like I said, MQ reads from memory and is written in a completely different way than our packet structures. They use offsets that line up directly with the assembly code from the eqgame.exe, and so their format is completely different. Possibly if I was very familiar with the MQ source, I might have an idea of how it could be useful. Unfortunately I might as well be trying to read in German (which I don't know how to do), because that is about how different the code is from the emu source.
I figured out last night that all of the fields I had listed in my last post were actually in with the SoF release. The only one I am still not 100% certain about is the evolving items part. According to 13th floor, I saw it mentioned that evolving items need their own separate table and have a separate opcode (I think) if the item is able to evolve. Hopefully setting that field to 0 will just disable evolving so we don't need to write anything for it until we are at a point where we can do it at leisure. As far as the item field list for SoF, I think that I now have it 100% (or very close to it) complete. This is good, because it is 1 more step closer to being done, but the bad part is that it didn't fix my current issue.
I looked into it further last night and checked the debug where I am crashing in SoF vs a debug of a successful Titanium connection. I then compared a few things in the Titanium assembly code to the SoF assembly code. I am pretty sure that I have narrowed the current issue down to the Spawn_Structure. Unfortunately, I think that structure is by far the worst and hardest part left of getting SoF to work with the emulator. Out of all structures, the spawn struct gets completely moved around with almost every patch. I was able to find the packet size of 385 (HEX is 181) for the Titanium spawn struct by using the hex calculator here http://www.squarebox.co.uk/hcalc.html (very useful when messing with the assembly code), and then searching for 0x0181 in the assembly code. I found the same section of code in the SoF assembly code, but I was unable to figure out what the struct size was. Since this technique worked perfectly for finding the struct size for the player profile, I think that means that the new spawn struct for SoF is now a variable length struct. I checked the current SEQ source code and it lists it as variable length, even though the SEQ version from when SoF came out shows it as a fixed size.
I don't know anything about variable structure sizes or what to do with them. The spawn struct also seems to use unions, packet padding, signed and unsigned ints, all of which I know absolutely nothing about... All of the other structures are pretty straight forward and I think most of them should already be ready to start working once I get the spawn struct correct. This is probably going to be the biggest hurdle to getting SoF working.
I am still going to do some further testing on Titanium to see if I can duplicate the exact crash I am having on SoF, which should help narrow down the exact cause of the problem. That technique has already helped me multiple times in figuring out what is causing a problem.
I figured this stuff was over my skill level too, but so far, I have learned alot just reading the structures and forums here and SEQ forums. I have been able to do alot of things that I didn't expect to be able to do. So, even though it might sound above your skill level doesn't mean that you wouldn't be able to figure it out if you put some thought into it  |
 |
|
 |
|
|
|
12-16-2008, 09:05 PM
|
|
Developer
|
|
Join Date: Aug 2006
Location: USA
Posts: 5,946
|
|
Here is a link to the post from right before when SoF was released stating that he was able to get the spawn struct from the eqgame.exe and that it should be fully accurate:
http://www.showeq.net/forums/showpos...4&postcount=21
Since that struct didn't change in the update following the SoF release and they said everything in SEQ was still functional, I am wondering if it is safe to assume that it is correct. Ultimately, I wish I knew exactly what he did to pull all of that info from the .exe and if I knew that, this would be simple.
Here is the Spawn_Struct according to SEQ at the time of SoF (and a few patches later as well):
Code:
/*
** Generic Spawn Struct
** Length: 897 Octets
** Used in:
** dbSpawnStruct
** petStruct
** spawnShroudOther
** spawnShroudSelf
*/
struct spawnStruct
{
/*0000*/ uint8_t unknown0000[9];
/*0009*/ int16_t deity; // Player's Deity
/*0011*/ uint8_t unknown0011[11];
/*0022*/ uint8_t gender; // Gender (0=male, 1=female)
/*0023*/ uint8_t unknown0023[4];
/*0027*/ union
{
struct
{
/*0027*/ EquipStruct equip_helmet; // Equiptment: Helmet visual
/*0039*/ EquipStruct equip_chest; // Equiptment: Chest visual
/*0051*/ EquipStruct equip_arms; // Equiptment: Arms visual
/*0063*/ EquipStruct equip_bracers; // Equiptment: Wrist visual
/*0075*/ EquipStruct equip_hands; // Equiptment: Hands visual
/*0087*/ EquipStruct equip_legs; // Equiptment: Legs visual
/*0099*/ EquipStruct equip_feet; // Equiptment: Boots visual
/*0111*/ EquipStruct equip_primary; // Equiptment: Main visual
/*0123*/ EquipStruct equip_secondary; // Equiptment: Off visual
} equip;
/*0027*/ EquipStruct equipment[9];
};
/*0135*/ uint8_t state; // stand state
/*0136*/ uint8_t unknown0136;
/*0137*/ uint32_t guildID; // Current guild
/*0141*/ uint8_t unknown0141[24];
/*0165*/ uint8_t class_; // Player's class
/*0166*/ uint8_t unknown0166[201];
/*%%% gm right this time? */
/*0367*/ uint8_t gm;
/*0368*/ uint8_t unknown0368[134];
/*0502*/ float runspeed; // Speed when walking
/*0506*/ uint8_t light; // Spawn's lightsource
/*0507*/ uint8_t unknown0507[4];
/*0511*/ uint8_t level; // Spawn Level
/*0512*/ uint8_t unknown0512[23];
/*0535*/ uint32_t race; // Spawn race
/*0539*/ uint8_t unknown0539[41];
/*0580*/ char suffix[32]; // Player's suffix (of Veeshan, etc.)
/*0612*/ uint8_t unknown0612;
/*0613*/ uint8_t bodytype; // Bodytype
/*0614*/ uint8_t unknown0614[41];
/*0655*/ uint8_t curHp; // Current hp
/*0656*/ uint8_t unknown0656[2];
/*0658*/ char lastName[32]; // Player's Lastname
/*0690*/ uint8_t unknown0690[2];
/*0692*/ char title[32]; // Title
/*0724*/ uint8_t unknown0724[6];
/*0730*/ uint8_t NPC; // 0=player,1=npc,2=pc corpse,3=npc corpse
/*0731*/ uint8_t unknown0731[12];
/*0743*/ signed padding0000:12; // ***Placeholder
signed x:19; // x coord
signed padding0002:1; // ***Placeholder
/*0747*/ signed deltaX:13; // change in x
signed deltaY:13; // change in y
signed padding0006:6; // ***Placeholder
/*0751*/ signed z:19; // z coord
signed deltaHeading:10;// change in heading
signed padding0014:3; // ***Placeholder
/*0755*/ signed y:19; // y coord
signed deltaZ:13; // change in z
/*0759*/ signed animation:10; // animation
unsigned heading:12; // heading
signed padding0018:10; // ***Placeholder
/*0763*/ uint32_t spawnId; // Spawn Id
/*0767*/ uint8_t unknown0767[8];
/*0775*/ char name[64]; // Player's Name
/*0839*/ uint32_t petOwnerId; // If this is a pet, the spawn id of owner
/*0843*/ uint8_t unknown0843;
/*0844*/ union
{
struct
{
/*0844*/ Color_Struct color_helmet; // Color of helmet item
/*0848*/ Color_Struct color_chest; // Color of chest item
/*0852*/ Color_Struct color_arms; // Color of arms item
/*0856*/ Color_Struct color_bracers; // Color of bracers item
/*0860*/ Color_Struct color_hands; // Color of hands item
/*0864*/ Color_Struct color_legs; // Color of legs item
/*0868*/ Color_Struct color_feet; // Color of feet item
/*0872*/ Color_Struct color_primary; // Color of primary item
/*0876*/ Color_Struct color_secondary; // Color of secondary item
} equipment_colors;
/*0844*/ Color_Struct colors[9]; // Array elements correspond to struct equipment_colors above
};
/*0880*/ uint8_t anon; // 0=normal, 1=anon, 2=roleplay
/*0881*/ uint8_t unknown0881[10];
/*0891*/ float walkspeed; // Speed when running
/*0895*/ uint8_t unknown896[2];
/*0897*/
};
Part of the problem may be that I had to change this considerably to fit in all of the stuff that EQEmu currently uses for settings on spawns within the same number of bytes. Also, I don't know how to count the signed and padding stuff, so my structure size may be off.
It is still possible that something else could be the cause of my crashes, but at least by fixing everything as much as possible now, it will mean less work later. I am glad that the itemlist stuff is all done now, so it should hopefully work as soon as it is ready to get to that point  |
|
|
|
|
|
|
12-17-2008, 01:14 AM
|
|
Developer
|
|
Join Date: Aug 2006
Location: USA
Posts: 5,946
|
|
Well, I guess I was looking too hard for the spawn struct size lol. I simply converted the 897 to HEX, which is 381, and then searched the SoF eqgame.exe code for 381 and found this:
Code:
.text:00481860 mov eax, [esp+arg_4]
.text:00481864 sub esp, 80h
.text:0048186A cmp eax, 381h
.text:0048186F push esi ; char
.text:00481870 jz short loc_4818DC
.text:00481872 push offset aErrorCorruptAd ; "ERROR: Corrupt addplayer, disconnecting"...
.text:00481877 call sub_645680
.text:0048187C mov eax, dword_98AF10
.text:00481881 add esp, 4
.text:00481884 mov esi, 1
.text:00481889 mov [eax+38E98h], esi
.text:0048188F mov ecx, dword_98AF10
.text:00481895 push 0FFh
.text:0048189A call sub_4BF9E0
.text:0048189F mov ecx, dword_98AF10
.text:004818A5 mov dword_925C8C, 106h
.text:004818AF mov [ecx+5C0h], esi
.text:004818B5 mov ecx, dword_761C6C
.text:004818BB push offset dword_907EF0
.text:004818C0 call sub_43D670
.text:004818C5 push offset aErrorInReceive ; "ERROR: in receive add player, LEN failu"...
.text:004818CA call sub_645680
.text:004818CF add esp, 4
.text:004818D2 xor al, al
.text:004818D4 pop esi
.text:004818D5 add esp, 80h
.text:004818DB retn
And, when I changed the Titanium spawn structure size and logged in, it didn't crash, but it did time out and put out this debug log from the normal EQ debug file:
Code:
2008-12-15 06:08:03 Zone Connect -- 2 -- Sending MSG_EQ_ADDPLAYER
2008-12-15 06:08:06 Zone Connect -- 3 -- Received MSG_SEND_PC
2008-12-15 06:08:06 Zone Connect -- 4 -- Received MSG_EQ_ADDPLAYER
2008-12-15 06:08:07 ERROR: Corrupt addplayer, disconnecting.
2008-12-15 06:08:07
2008-12-15 06:08:07 Networking: Connection Closed [0] with 0 pending bytes.
2008-12-15 06:08:07 ERROR: in receive add player, LEN failure.
2008-12-15 06:08:07
2008-12-15 06:08:07 disconnected at C:\EQ\EverQuest\EverQuest.cpp:17233 (char. select) g_world == NULL
2008-12-15 06:08:07
2008-12-15 06:08:07 Character is Trevazar.
2008-12-15 06:08:07
2008-12-15 06:08:10 nError is TRUE at C:\EQ\EverQuest\EverQuest.cpp:20261
So, it sounds like those guys at SEQ might be correct with that spawn file after-all. Now, I just need to figure out what is being done on SoF that is causing a crash. Anyone know of a debug program that could be run on Everquest? |
|
|
|
12-17-2008, 04:40 AM
|
|
Sarnak
|
|
Join Date: Apr 2008
Posts: 71
|
|
Anyone know of a debug program
Anyone know of a debug program that could be run on Everquest?
Yes i use w32dsm89
will allow you to read it in asm lang plus debug the program all in one.
send email addy and i'll be happy to link ya to them don't want to post
anything againts the rules.
What i'm doing is looking at the code with
w32dsm89
etu-dasm-32/16 bit disassembler v 2.22 alpha
i really think etu-dasm would help you out
more as it will allow you read more info
in english so you'll understnad it better.
i been following up on what your doing.
what i'm intrested in is getting the expanshions
to read 15-15 etc. i noticed your not letting
us know what ver of peqserverpack.. 80) as well i
change the opcode OP_EnterWorld=0x7cba
put in patch_Anniversary.conf and opened
fos got into char slect screen.
i was using the newest ver
ActivePerl-5.10.0.1004-MSWin32-x86-287188
PEQUpdatePack-4.0-1129Rev233
mysql-5.0.51a-win32
|
|
|
|
12-17-2008, 08:01 PM
|
|
Developer
|
|
Join Date: Aug 2006
Location: USA
Posts: 5,946
|
|
When you say you want expansions to display 15 out of 15, do you mean at the server select? I don't think there is anything we can do about that. I am pretty sure we would have to adjust the login server source code to fix that. That isn't an option, because no one has access to it that is active around here these days. Titanium shows the wrong number of expansions, and SoF shows 0 of 0 expansions. Luckily, that has no effect on how the actual server handles your connection, it is just a display thing.
The version of code or database I am running doesn't really matter, but I am using one of the latest revisions from the SVN, R238. My database is about a year old PEQ one that has been updated by me for my custom server. The changes I am making should be able to work on any version once they are all done. If I can get it working, I will submit any needed changes for database tables once we get to that point, but for now, I am doing everything without relying on database changes.
My current status is that I worked all night last night trying to duplicate the same crash on Titanium by throwing off the structure format by increasing or decreasing the size of certain pieces of the playerprofile structure. I couldn't once get it to crash the way that SoF is, and it actually made it in game almost no matter what I changed, but it did make things wrong like plat, levels, etc, because the structure info wasn't aligned properly. I also tried to remove all of the opcodes in Titanium that I don't have correct for SoF yet, and that didn't cause a crash either.
The spawn struct seems like it should be ok, and the player profile looks like it should be very close to correct, so I am still trying to figure out what is causing the crash. I am wondering if something else was added to the playerprofile struct that we don't know anything about. There were 1032 packets added to the end of the structure sometime between the Titanium to Anniversary time period. I have no idea what that 1032 is supposed to be for, but maybe that is the cause of the crash, since we aren't sending anything at all for it.
|
|
|
|
|
|
|
12-19-2008, 08:11 AM
|
|
Developer
|
|
Join Date: Aug 2006
Location: USA
Posts: 5,946
|
|
After spending hours working to get to the next step towards getting in game, I finally made some progress.
Code:
[Fri Dec 19 06:01:40 2008]00131:Zone Connect -- 0 -- Received MSG_ZONE_ADDRESS
[Fri Dec 19 06:01:40 2008]00132:Zone addr [192.168.1.102:19997] received...
[Fri Dec 19 06:01:41 2008]00133:ZONING
[Fri Dec 19 06:01:41 2008]00134:Networking: Connection Closed [0] with 0 pending bytes.
[Fri Dec 19 06:01:41 2008]00135:Networking: using port [1969].
[Fri Dec 19 06:01:41 2008]00136:Networking: Connection Established [1]
[Fri Dec 19 06:01:41 2008]00137:Connected to 192.168.1.102:19997...
[Fri Dec 19 06:01:41 2008]00138:Zone Connect -- 2 -- Sending MSG_EQ_ADDPLAYER
[Fri Dec 19 06:01:43 2008]00139:Zone Connect -- 3 -- Received MSG_SEND_PC
[Fri Dec 19 06:01:43 2008]00140:Zone Connect -- 4 -- Received MSG_EQ_ADDPLAYER
[Fri Dec 19 06:01:43 2008]00141:Received our Player from zone. MSG_EQ_NETPLAYERBUFF is next.
[Fri Dec 19 06:01:43 2008]00142:Player = Trevazar, zone = Loading
[Fri Dec 19 06:01:43 2008]00143:MSG_TIME_STAMP received.
[Fri Dec 19 06:01:43 2008]00144:MSG_TIME_STAMP received. (Items inc).
[Fri Dec 19 06:01:51 2008]00145:fatal error in main thread Code = c0000005 ADDR=0x004e59f9
[Fri Dec 19 06:01:51 2008]00146:EAX=22447600 EBX=22447600 ECX=22447600 EDX=00000001
[Fri Dec 19 06:01:51 2008]00147:ESI=0013a53c EDI=224476e0 EBP=30347c39 ESP=0013a4f0
[Fri Dec 19 06:01:51 2008]00148:Raw Stack
It turns out that it was the spawn struct causing that after-all. The EQ debug info isn't very helpful (but much better than nothing!), because it appeared to be crashing at the point of getting the player profile. After messing with the player profile, no matter what I did to it, I couldn't duplicate the crash on Titanium.
I think I am probably only a couple smaller structs away from getting in game now. All of the big ones should be ok enough to get in at least, I think. On to solving the next crash point problem :P |
|
|
|
|
|
|
12-20-2008, 06:57 AM
|
|
Developer
|
|
Join Date: Aug 2006
Location: USA
Posts: 5,946
|
|
Just to test, I made a new level 1 character (on a Titanium Client) and deleted all of his items and attempted to log him in with SoF. So far, I got further than ever
Code:
[Sat Dec 20 04:48:12 2008]00129:Initializing character select UI.
[Sat Dec 20 04:48:12 2008]00130:Resetting game UI.
[Sat Dec 20 04:49:01 2008]00131:Zone Connect -- 0 -- Received MSG_ZONE_ADDRESS
[Sat Dec 20 04:49:01 2008]00132:Zone addr [192.168.1.102:20253] received...
[Sat Dec 20 04:49:01 2008]00133:ZONING
[Sat Dec 20 04:49:01 2008]00134:Networking: Connection Closed [0] with 0 pending bytes.
[Sat Dec 20 04:49:01 2008]00135:Networking: using port [1574].
[Sat Dec 20 04:49:01 2008]00136:Networking: Connection Established [1]
[Sat Dec 20 04:49:01 2008]00137:Connected to 192.168.1.102:20253...
[Sat Dec 20 04:49:02 2008]00138:Zone Connect -- 2 -- Sending MSG_EQ_ADDPLAYER
[Sat Dec 20 04:49:12 2008]00139:Zone Connect -- 3 -- Received MSG_SEND_PC
[Sat Dec 20 04:49:12 2008]00140:Zone Connect -- 4 -- Received MSG_EQ_ADDPLAYER
[Sat Dec 20 04:49:12 2008]00141:Received our Player from zone. MSG_EQ_NETPLAYERBUFF is next.
[Sat Dec 20 04:49:12 2008]00142:Player = Ztestius, zone = The Nexus
[Sat Dec 20 04:49:12 2008]00143:MSG_TIME_STAMP received.
[Sat Dec 20 04:49:12 2008]00144:MSG_TIME_STAMP received. (Items inc).
[Sat Dec 20 04:49:12 2008]00145:Item done, MSG_WEATHER_EVENT received.
[Sat Dec 20 04:49:12 2008]00146:Initializing zone.
[Sat Dec 20 04:49:12 2008]00147:Initializing world.
[Sat Dec 20 04:49:12 2008]00148:Verifying world files.
[Sat Dec 20 04:49:12 2008]00149:Attempting to load nexus.EQG.
[Sat Dec 20 04:49:12 2008]00150:Loading zone specific files.
[Sat Dec 20 04:49:12 2008]00151:Loading nexus_obj2
[Sat Dec 20 04:49:12 2008]00152:Loading nexus_obj
[Sat Dec 20 04:49:12 2008]00153:Loading nexus_chr2
[Sat Dec 20 04:49:12 2008]00154:Loading nexus_chr
[Sat Dec 20 04:49:12 2008]00155:Loading nexus
[Sat Dec 20 04:49:13 2008]00156:Loading objects
[Sat Dec 20 04:49:13 2008]00157:Loading lights
[Sat Dec 20 04:49:13 2008]00158:Initializing cameras.
[Sat Dec 20 04:49:13 2008]00159:Initializing lights.
[Sat Dec 20 04:49:13 2008]00160:Initializing visual effects.
[Sat Dec 20 04:49:13 2008]00161:Initializing target indicator.
[Sat Dec 20 04:49:13 2008]00162:Initializing player path.
[Sat Dec 20 04:49:13 2008]00163:Performing post-load operations.
[Sat Dec 20 04:49:13 2008]00164:Initializing precipitation system.
[Sat Dec 20 04:49:13 2008]00165:World initialized: nexus
[Sat Dec 20 04:49:13 2008]00166:Requesting zone data.
[Sat Dec 20 04:49:13 2008]00167:Resetting cameras.
[Sat Dec 20 04:49:13 2008]00168:Resetting vision.
[Sat Dec 20 04:49:13 2008]00169:Resetting overlays.
[Sat Dec 20 04:49:13 2008]00170:Zone initialized.
[Sat Dec 20 04:49:13 2008]00171:Creating INI files.
[Sat Dec 20 04:49:13 2008]00172:Requesting AA data.
[Sat Dec 20 04:49:13 2008]00173:Requesting Skill rank data.
[Sat Dec 20 04:49:13 2008]00174:Loading UI.
[Sat Dec 20 04:49:13 2008]00175:Deactivating previous UI.
[Sat Dec 20 04:49:13 2008]00176:Unloading previous textures.
[Sat Dec 20 04:49:13 2008]00177:Resetting UI.
[Sat Dec 20 04:49:13 2008]00178:Resetting character select UI.
[Sat Dec 20 04:49:13 2008]00179:Resetting game UI.
[Sat Dec 20 04:49:13 2008]00180:UI Reset.
[Sat Dec 20 04:49:13 2008]00181:Initializing UI.
[Sat Dec 20 04:49:13 2008]00182:Initializing UI manager.
[Sat Dec 20 04:49:13 2008]00183:Initializing fonts.
[Sat Dec 20 04:49:13 2008]00184:Parsing UI XML.
[Sat Dec 20 04:49:13 2008]00185:Parsing INI file .\UI_Ztestius_stormhaven.ini
[Sat Dec 20 04:49:13 2008]00186:INI file .\UI_Ztestius_stormhaven.ini loaded.
[Sat Dec 20 04:49:14 2008]00187:Loading default UI resources.
[Sat Dec 20 04:49:14 2008]00188:Initializing game UI.
[Sat Dec 20 04:49:14 2008]00189:Parsing INI file .\Ztestius_stormhaven.ini
[Sat Dec 20 04:49:14 2008]00190:INI file .\Ztestius_stormhaven.ini loaded.
[Sat Dec 20 04:49:15 2008]00191:Loading Icons.
[Sat Dec 20 04:49:16 2008]00192:Resetting viewport.
[Sat Dec 20 04:49:16 2008]00193:Game UI Initialized.
[Sat Dec 20 04:49:16 2008]00194:Entering main loop.
[Sat Dec 20 04:49:16 2008]00195:DoMainLoop - Just after packet processing()
[Sat Dec 20 04:49:16 2008]00196:DoMainLoop - Just after actor creation()
[Sat Dec 20 04:49:16 2008]00197:Loading game sounds.
[Sat Dec 20 04:49:16 2008]00198:Requesting initialization data.
[Sat Dec 20 04:49:16 2008]00199:DoMainLoop: just before first while(!EverQuest.ReceievedWorldObjects).
I think I just need to track down a few more opcodes and I should be able to at least get a naked level 1 in game. Then, I will have to work out if it is AAs or Items or something else causing the crash when I try to log in my GM character that I have done most of the testing with. Still making progress, and getting much better at finding opcodes in the assembly code. I still can't find every one of them using the comparing method, but I can probably find about 50% that way |
|
|
|
| Thread Tools |
|
|
| Display Modes |
 Hybrid Mode
|
Posting Rules
|
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
HTML code is Off
|
|
|
All times are GMT -4. The time now is 11:14 PM.
|
|
 |
|
 |
|
|
|
 |
|
 |
|
 |
