Beta Technical Demonstration - Translation without Hexing the EXE

I think its needed, because the game crashs after I choose a character and starts to load.

And no, I dont have another OS...

But it would be nice to fix it in XP, because not everyone has upgraded from XP.

Well its working on my XP so if this:
Multiupload.com - upload your files to multiple file hosting sites!
(copy those .dll into PT folder)
will not work than do

FORMAT C:

:)

@Vormav: Thanks. Yea... I'm thinking of digging out an old XP PC to try, but concerned because I "retired" it because it had become too "unstable" even when I install clean XP on to it. (bluescreen after a matter of 20min - 3hrs) Which suggests the chipset on the motherboard is failing / overheating.

I don't know anybody locally who is using any OS older than Vista, and I'd normally turn to a VM, but we all know PT client doesn't run under any VM software. :(: (unless you count WOW6432 XD)

@lelejau: did you miss the "PTInternational.exe" update with all the latest DLL builds and HanDes all together so there is no difference in any of our executable dependencies?
>Download from here< if you did.

with skill description fixed?

---------- Post added at 07:46 PM ---------- Previous post was at 07:44 PM ----------

Yes!!!!

No crashs!!!

---------- Post added at 07:48 PM ---------- Previous post was at 07:46 PM ----------

I saw the lng file is very updated.

Can you tell us what you didnt translated so I can continue your work?

Oh, well with Vormavs help I've managed to recreate your error. So I will try to find a way to ensure that nothing so serious can be caused with the .lng file alone, if at all possible.

It is interesting, you still have "/n" which should now be "\r". (more standard escape notation, and the form that PT uses internally) I hope it isn't simply that which is causing the problem.

What I've been doing (aside from Skill descriptions, which I stepped up specifically because you asked me to) was going through all the strings dumped with the "ExtractStrings.exe" tool I created, and matching them to the versions in an EPT client. You will probably notice that (after the specific initial testing and proving points) the addresses just follow on consecutively, all pulled directly from .rdata section. The .data section seems to be less similar between different language builds, so it's a good thing that there aren't a lot of strings in it. XD

I dont understand what you've said.

Well, in your answers can you use words more "simple"?
I mean, its been a while that I dont use english, I'm using it just here in RZ. But you are a native speaker, and I'm not, and as your answers are like a big book (XD nothing against. You are a great teacher) sometimes I just, lose the "point" of what you are saying.

And another thing. Why dont upgrade to the 1988 client I have posted here? Its more actual than 1977 of yours.

Reegards.

Okay. In reverse order.

a) I'm using Butchered because the point of Butchered was to be a general client that people could use for their server, and configure how they want, like a newer QF1873, and it's taken me nearly 8 months to get it to this point... to start over with 1988 would be a lot of work.

The features I've added (or restrictions removed) UAC compliance (no need to be full token Admin) DEP compliance, no access to registry HKLM, no restriction on screen resolution, enabled window mode, enabled hardware cursor (need to make it "change shape") etc. No XTrap code of any kind (I hope), and I've reduced a lot of the calls to official PT IPs (which are present even in 1873) even though that code is rarely / never accessed... also added some code bumming (made routines smaller / faster) to improve frame rate and reduce screen lag.

b) Simple words. "How far have you got" up until 6113028 in rdata section. XD

Code:

---

;______________________________________________________________________________
;                              RData
6049240 = "Fury's phantasma(Complete)"
...
...
...
6113028 = "<Quest> Hunt %d of %s "

---

All is just taken from the "ExtractStrings.exe" program.

I see.
The addresses of ExtractProgram are ussualy like:
71010101 = "korean string".

Right?

So, this cant be used, as the addresses we've seen alot is like 6xxxxx.
So, you are using some kind of converter, or just using the 7xxxx ?

If the addresses you get out of ExtractStrings.exe are like that, then you have passed the wrong base address as the second value.

Extract:-

Code:

---

6046788 = "지역서버 연결실패 (%s)"
6046812 = "지역서버 설정 (%d)"
6046832 = "지역서버 연결 (%s)"
6046852 = "지역서버 종료 (%s)"
6046872 = "effect_item07.tga"
6046892 = "effect_item06.tga"
6046912 = "effect_item05.tga"
6046932 = "effect_item04.tga"
6046952 = "effect_item03.tga"
6046972 = "effect_item02.tga"
6046992 = "effect_item01.tga"
6047012 = "T_8_56_64.tga"
6047028 = "T_Con_754_65.tga"
6047048 = "T_S-fail_180_65.tga"
6047068 = "T_S-complete_440_65.tga"
6047092 = "T_S-Stage_280_65.tga"
6047116 = "T_Start_278_65.tga"
6047136 = "T_7_51_64.tga"
6047152 = "T_6_55_64.tga"
6047168 = "T_5_55_64.tga"
6047184 = "T_4_56_64.tga"
6047200 = "T_3_53_64.tga"
6047216 = "T_2_54_64.tga"
6047232 = "T_1_37_64.tga"
6047248 = "T_Round_316_65.tga"
6047268 = "F_change03.bmp"
6047284 = "F_change02.bmp"
6047300 = "F_change01.bmp"
6047316 = "BL_loding_04.bmp"
6047336 = "BL_loding_03.bmp"
6047356 = "BL_loding_02.bmp"
6047376 = "BL_loding_01.bmp"
6047396 = "BL_loding_00.bmp"
6047416 = "BL_loding.bmp"

---

Which should be the exact same format as the .lng file. In fact, if you used it as your .lng file then you would have very large memory usage from IntStr.dll and quite a lot of lag, with no alteration what-so-ever to the text produced in game.

Correct way to call ExtractStrings for 1977 =

Code:

---

ExtractStrings 1977.RData 5C4000 > KoRData.txt
ExtractStrings 1977.Data 5F9000 > KoData.txt

---

http://d.imagehost.org/0945/Image3_5.png

I keep this in a batch file, and extract .rdata to 1977.RData and .data to 1977.Data files in the same folder.

I think my last post suggests I don't want people to use the final International.dll method with other clients... ever. Which is wrong. I'm happy for them to be used with clients which aren't 1977 Butchered, but I also want Butchered to use them as an integral part of it's being a general client that anyone can use... regardless of what language they want their players to run, what hardware they want as minimum & maximum, what resolutions they want to allow, what fonts and skins and so-on and so-forth.

I can see that KPTTrans section is a big part of why 1873 is good, I can also see that KPTTrans is a very, very bad way of making changes to a client to make it more useful as a private server client. I wanted to achieve the same, thing in Butchered, but do it in a better way. The International.dll is the way I'm attempting. If you want to use it elsewhere, that's fine, but Butchered is what inspired it. That's all.

The problem with the line

Code:

---

6136992 = "Vel. da Arma:/n"

---

is that 6136992 is a valid string address in 1977, and should contain "%s%s%s". So now routines are looking for 3 extra parameters (arguments) in a string that no longer has formatters for *any* other parameters. :S

That could be tricky to fix... but I guess I could ensure that there are as many "%" that aren't "%%" in the destination as there are in the source. The loss then, would be that you couldn't use the old

Code:

---

6191640 = "Ver: 2b Eng"

---

method. As it would now have to have 4 additional parameters in it, just as the original "%s%d.%d.%d" string had. If you see what I mean?

--- EDIT2 ---
Erroneous .lng line log extract:-

Code:

---

wsprintf(), 6136992, "%s%s%s", "Vel. da Arma:/n"
wsprintf(), 1566796, "GeoSphere_1.smd", "/* Not Replaced */"
wsprintf(), 1568552, "image\Sinimage\AssaEffect\Ball\", "/* Not Replaced */"
wsprintf(), 1567072, "", "/* Not Replaced */"
; Should have produced the string "image\Sinimage\AssaEffect\Ball\image\Sinimage\AssaEffect\Ball\" for FindFirstFile(), FindNextFile(), FindClose() loop!!! Problem.
wsprintf(), 6136992, "%s%s%s", "Vel. da Arma:/n"
wsprintf(), 1566496, "GeoSphere_1.ase", "/* Not Replaced */"
wsprintf(), 1568552, "image\Sinimage\AssaEffect\Ball\", "/* Not Replaced */"
wsprintf(), 1567072, "", "/* Not Replaced */"
; Should have produced the string  "image\Sinimage\AssaEffect\Ball\image\Sinimage\AssaEffect\Ball\GeoSphere_1.ase" for fopen()!!! Bigger Problem
wsprintf(), 6136992, "%s%s%s", "Vel. da Arma:/n"
lstrcpy(), 52719956, "Vel. da Arma:/n", "/* Not Replaced */"
lstrcpy(), 52719956, "Vel. da Arma:/n", "/* Not Replaced */"
lstrcpy(), 6092928, "smd", "/* Not Replaced */"
; Should be replacing the file names found from FindNextFile() with ""image\Sinimage\AssaEffect\Ball\image\Sinimage\AssaEffect\Ball\GeoSphere_1.smd" but gives "Vel. da Arma:/nVel. da Armasmd" instead", so now we try to open that for binary read!? :s

---

Correct operation:-

Code:

---

wsprintf(), 6136992, "%s%s%s", "/* Not Replaced */"
wsprintf(), 1566796, "GeoSphere_1.smd", "/* Not Replaced */"
wsprintf(), 1568552, "image\Sinimage\AssaEffect\Ball\", "/* Not Replaced */"
wsprintf(), 1567072, "", "/* Not Replaced */"
wsprintf(), 6136992, "%s%s%s", "/* Not Replaced */"
wsprintf(), 1566496, "GeoSphere_1.ase", "/* Not Replaced */"
wsprintf(), 1568552, "image\Sinimage\AssaEffect\Ball\", "/* Not Replaced */"
wsprintf(), 1567072, "", "/* Not Replaced */"
wsprintf(), 6136992, "%s%s%s", "/* Not Replaced */"
lstrcpy(), 52719956, "image\Sinimage\AssaEffect\Ball\GeoSphere_1.ase", "/* Not Replaced */"
lstrcpy(), 52719956, "image\Sinimage\AssaEffect\Ball\GeoSphere_1.ase", "/* Not Replaced */"
lstrcpy(), 6092928, "smd", "/* Not Replaced */"
lstrcmp(), 6092892, "SMD Model data Ver 0.62", "/* Not Replaced */"
lstrcmp(), 1565476, "SMD Model data Ver 0.62", "/* Not Replaced */"
lstrcpy(), 1561336, "image\Sinimage\AssaEffect\Ball\GeoSphere_01.bmp", "/* Not Replaced */"

---

---/EDIT2 ---

--- EDIT ---
BTW... I also like Vormavs idea of loading the item tables from files, and hope he will share his findings and methods to the extent that that can be incorporated into Butchered. :D:

No I dont. Vel da Arma: is Weapon Speed.

This is a Item Decription.

Not in 1977 it isn't. It's mostly used for concatenating paths to resources, but that constant string formatter could be used for many things.

The problem was that you where using an .lng file developed based on one exe on a different exe... that won't work, and that's your problem. (It's also why I asked that you post .lng files based on 1977 clients out of preference... unless you want to make everyone work out what the correct offsets are)

My problem is that I would rather it wasn't so catastrophic when the two don't match. If it throws up a dialogue box or leaves an error log, I'm not so unhappy, but if it crashes the game with no explanation as to why... that's not acceptable to me. :wink:

--- EDIT ---
BTW, if I could click the like button 20 times for Vormavs' example line post, I would. That was such a great help.

Thank you, thank you, thank you. I'd given invalid addresses before, but never patched the wrong thing at such a crucial, and valid address.

OK, I will use 1977 game then.

For the time being, I would appreciate that. Thanks.

Eventually, I hope to be able to document everything a person needs to do to integrate the system with whatever client they want. But while it's developing, it would help a lot if we all use the same client. Especially where things require modification of the basic operation of the exe in order to gain access points to patch.

Why I like to work together with you:-

Spoiler:

I can't force people not to "opt-out" and use the information and code I've listed here to "go their own way". I can't even force people to go any further than a commit part way, and develop further for them self alone. But I do appreciate those of you who have chosen to "chip-in" and help me make this better for us all.

I'm sure there is some ego-centric win to be gained by working alone. That you can say "This is mine, all mine!" but I also believe that that feeling can only last until someone takes it off you. The moment you show everyone what it is you have done that is so great, is the moment someone will try to take it from you. What if you never show it to anyone? Ah, but then what was the point in achieving it, and who will know of your greatness?

I know this because I have seen those who choose to work alone get ripped off by others who want what they have. That's why I choose to work openly, and publicly. Because I believe that if you want some of what I can give, you will feed back, and help me make it, or make it better than I alone could have imagined. And when that is the case, it is no longer mine, it is ours. And the "greatness" belongs to us all. So I protect myself from being stolen from, by giving before I have made any claim to complete ownership.

I believe this to be true, right and fair to all. It is in the best interest of producers, contributors and consumers alike. Those of you who are working with me are proving my belief.

Thank you all.

Quote:

---

Originally Posted by bobsobol

BTW... I also like Vormavs idea of loading the item tables from files, and hope he will share his findings and methods to the extent that that can be incorporated into Butchered. :D:

---

Well, I always release my stuff (except heavy beta or pre alpha projects ;) ). Problem with this is that there is no space for modifications so I jump to new section move data to register and jump back, in other words there is a lot of jumping and I am afraid that game might slow down by a few nanoseconds ;).
You need to do a lot of manual work to move this to a different .exe (and doing it with dll is impossible, this would be more hack than app + it would slow down game A LOT!) but in exchange adding items will be very easy.


Anyway lets back to main "dish".
Do you think it is possible to patch monsters names with your .dlls?
There is 6112016 = "Hopy" in your 009.lng file, I tried with other mob names too and its not working for me :/

It would be cool if players could see monsters names in their language.

--EDIT--
When I think about it now, mobs names coming in packets so I think It would be better to haxxor those ;)

Mobs, NPC Names they all come and go through the packets. I think its better to leave them alone. But, if bob say there is no problem at all, so its up to you either patch or not.

Quote:

---

Originally Posted by Vormav

Well, I always release my stuff (except heavy beta or pre alpha projects ;) ). Problem with this is that there is no space for modifications

---

It's good to hear, even though I suspected as much. There is some cross-over between your item import project and my text import one, so I think there's room for collaboration between these projects. Possibly even with an ultimate aim of merging them.

Maybe there is "no space" in your game.exe, but between code bumming and dumping all XTrap routines, there is lots of space in Butchered for new routines, or moving routines to a new location where they can "Grow". This is what I did with the Class Skills table builder.

I do wonder if something like an XML file mightn't be the easiest editable form to keep item tables, and then you have the choice of Hashing the table in memory or file. (I even wonder if Class Skills shouldn't come from an XML file rather than copy / expand from .rdata to .data, especially as many people want to implement the second page of Class Tiers)

If you import functions to retrieve the data structures of XML files from a DLL, the code in game shouldn't be too big. (there are a number of freely available small fast XML handling DLLs)

Removing the item table from the .data section clears a lot of space there, but it's awkwardly placed. If you could move stuff above it back in memory, you could reduce the game.exe size considerably. The same is true of the many many strings of text in the game.exe, however, they are mixed and mashed into a whole load of other data.

Quote:

---

Originally Posted by Vormav

Do you think it is possible to patch monsters names with your .dlls?
There is 6112016 = "Hopy" in your 009.lng file, I tried with other mob names too and its not working for me :/

It would be cool if players could see monsters names in their language.

--EDIT--
When I think about it now, mobs names coming in packets so I think It would be better to haxxor those ;)

---

Correct, they come from the server, not the client. For some reason the client keeps internal names for the key monsters... but they aren't the names that are displayed on screen.

a) The server could be language neutralized with these libraries the same as the game.exe, but it will still only produce a single language per instance (Alpha, Beta, Gamma).

b) I wouldn't patch the packets, as such, but considered changing the monster names, and the "*CHAT" for key codes, like the Item codes "WA101" = "Stone Axe". So you could then make the client lookup the code in the players preferred language before displaying it.

c) All strings that come from the server are going to be a lower priority than anything that is already embedded client side. Because it's more work, and it probably involves tying the client into a specific setup of server.

It's not beyond the realm of possibility, and certainly wouldn't pose a great slow down in game play, if it's done right. But it would require considerable effort and coding (there are lots of texts that come from the server) and is more likely to be a "Version 2.0" implementation... where I'm not even up to Version 0.1 yet.

Strings that are moved with Rep Movs along with other binary data before being merged together with wsprintf() or strcat() are prevalent, and each of those will need client modification to use the DLLs effectively. Something I wanted to avoid as much as possible when I started out, but seems unavoidable now. This makes it hard to use the DLLs in other clients... but I think Lelejau has proven that it can be done, if it's sufficiently well documented.

Quote:

---

Originally Posted by bobsobol

[...]there is lots of space in Butchered for new routines, or moving routines to a new location where they can "Grow". This is what I did with the Class Skills table builder.

I do wonder if something like an XML file mightn't be the easiest editable form to keep item tables, and then you have the choice of Hashing the table in memory or file.[...]

---

Problem is that I can't do something like this:
MOV ECX,DWORD PTR DS:[EDI+600F7C]
and just change 600F7C to my offset (448105C) address because it will contain address to memory where items_table.dat is stored and not data. I have to do something like this:

Code:

---

04481585  8915 D0314804    MOV DWORD PTR DS:[44831D0],EDX
0448158B  8B15 5C104804    MOV EDX,DWORD PTR DS:[448105C]
04481591  8B0C3A          MOV ECX,DWORD PTR DS:[EDX+EDI]
04481594  8B15 D0314804    MOV EDX,DWORD PTR DS:[44831D0]
0448159A  -E9 132904FC      JMP game_ext.004C3EB2

---

For every offset to item table... (300+,400+? I stopped counting =P)

But in they end if I am going to add for example SWORD to item table all I have to do is copy last SWORD (item size is constant and its 314)
and past it on the end of last item with WEAPON "mark", fix Item ID to new one and than add +314 to every offset after that weapon:

Code:

---

[...]
04480CED  891D 14314804    MOV DWORD PTR DS:[4483114],EBX
04480CF3  8D98 215F0900    LEA EBX,DWORD PTR DS:[EAX+95F21] +314
04480CF9  891D 18314804    MOV DWORD PTR DS:[4483118],EBX
04480CFF  8D98 1B650900    LEA EBX,DWORD PTR DS:[EAX+9651B] +314
04480D05  891D 1C314804    MOV DWORD PTR DS:[448311C],EBX
04480D0B  8D98 28CC0A00    LEA EBX,DWORD PTR DS:[EAX+ACC28] +314
04480D11  891D 20314804    MOV DWORD PTR DS:[4483120],EBX
[...]

---

if i add sword and a bow than +(314 x 2) and so on.
Its quite simple instead of fixing all offsets all the time and TOOL for adding items can be made, rules are simple :)

For now I adding everything to new section so other people will know what was added and what was changed :)

Quote:

---

Originally Posted by bobsobol

a)[...]
b)[...]
c)[...]

---

OK so I will post that just for the record than:

When I did some tracing I found this:

Code:

---

0042B420  /$ 53            PUSH EBX
0042B421  |. 55            PUSH EBP
0042B422  |. 8B6C24 0C      MOV EBP,DWORD PTR SS:[ESP+C]
0042B426  |. 56            PUSH ESI
0042B427  |. 8BD9          MOV EBX,ECX
0042B429  |. 57            PUSH EDI
0042B42A  |. 8D75 08        LEA ESI,DWORD PTR SS:[EBP+8]
0042B42D  |. 8DBB 8C380000  LEA EDI,DWORD PTR DS:[EBX+388C]
0042B433  |. B9 74000000    MOV ECX,74
0042B438  |. F3:A5          REP MOVS DWORD PTR ES:[EDI],DWORD PTR DS:[ESI]
[...]

---

ESI contain monster/NPC/player name from packets.
It can work as "detector" but it don't see "/hide" hidden GM/ADMIN :/

Anyway if you swap name here, monster/NPC/player name will swap too :)
Names are putted here 01E29168 and some more details after name but all you have to do is extract name and change it.

PS. I can help you when I finish external items table =P

That's good to know.

Actually, I was thinking of reading values from XML into a memory table... so that it's still represented like items_table.dat in memory, but is loaded value by value from a plain text file.

So how game.exe works shouldn't be any different, but the way the file is loaded is... IE the binary data is laid out from reading a text file.

I know that would be a slower loading method, but since it should be done before the intro sequence, it wouldn't interfere with the game play. And it's only a thought, as that would mean you don't have to know the binary layout or how to edit a file in Hex to add, remove or change items.

>Update IntStr V0.0.2.30<
Fixes multiple line output in the log, to comply with CSV more fully.

Tooltips on items look like they could do with optimising... I see no reason why the following sequence should appear so many times between each TextOut() of the information:-

Code:

---

lstrcpy(), 6054110, "", "/* Not Replaced */"
wsprintf(), 6105736, "%  ", "/* Not Replaced */"
wsprintf(), 6105704, "%d.%d%s", "/* Not Replaced */"
wsprintf(), 6109856, "  ", "/* Not Replaced */"
wsprintf(), 51364100, "Ancient Axe", "/* Not Replaced */"
wsprintf(), 6109848, "%s%s\r", "/* Not Replaced */"
lstrcpy(), 6109736, "\r", "/* Not Replaced */"
lstrcpy(), 6119336, "공격력: \r", "Attack Power: \r"
wsprintf(), 6109816, "%d-%d\r", "/* Not Replaced */"
lstrcat(), 1572136, "Attack Power: \r", "/* Not Replaced */"
lstrcat(), 51370400, "Ancient Axe  \r", "/* Not Replaced */"
lstrcat(), 1572072, "41-62\r", "/* Not Replaced */"
lstrcat(), 51364608, "\r", "/* Not Replaced */"
lstrcpy(), 6119324, "무기속도: \r", "Weapon Speed: \r"
wsprintf(), 6109768, "%d\r", "/* Not Replaced */"
lstrcat(), 1572136, "Weapon Speed: \r", "/* Not Replaced */"
lstrcat(), 51370400, "Ancient Axe  \rAttack Power: \r", "/* Not Replaced */"
lstrcat(), 1572072, "7\r", "/* Not Replaced */"
lstrcat(), 51364608, "\r41-62\r", "/* Not Replaced */"
lstrcpy(), 6119300, "크리티컬: \r", "Critical: \r"
wsprintf(), 6099548, "%", "/* Not Replaced */"
wsprintf(), 6109760, "%d%s\r", "/* Not Replaced */"
lstrcat(), 1572136, "Critical: \r", "/* Not Replaced */"
lstrcat(), 51370400, "Ancient Axe  \rAttack Power: \rWeapon Speed: \r", "/* Not Replaced */"
lstrcat(), 1572072, "18%\r", "/* Not Replaced */"
lstrcat(), 51364608, "\r41-62\r7\r", "/* Not Replaced */"
lstrcpy(), 6119276, "명중력: \r", "Attack Rating: \r"
wsprintf(), 6109768, "%d\r", "/* Not Replaced */"
lstrcat(), 1572136, "Attack Rating: \r", "/* Not Replaced */"
lstrcat(), 51370400, "Ancient Axe  \rAttack Power: \rWeapon Speed: \rCritical: \r", "/* Not Replaced */"
lstrcat(), 1572072, "136\r", "/* Not Replaced */"
lstrcat(), 51364608, "\r41-62\r7\r18%\r", "/* Not Replaced */"
lstrcpy(), 6119252, "블럭율: \r", "Block Rating: \r"
wsprintf(), 6099548, "%", "/* Not Replaced */"
wsprintf(), 6109760, "%d%s\r", "/* Not Replaced */"
lstrcat(), 1572136, "Block Rating: \r", "/* Not Replaced */"
lstrcat(), 51370400, "Ancient Axe  \rAttack Power: \rWeapon Speed: \rCritical: \rAttack Rating: \r", "/* Not Replaced */"
lstrcat(), 1572072, "9%\r", "/* Not Replaced */"
lstrcat(), 51364608, "\r41-62\r7\r18%\r136\r", "/* Not Replaced */"
lstrcpy(), 6119228, "내구력: \r", "Integrity: \r"
wsprintf(), 6109808, "%d/%d\r", "/* Not Replaced */"
lstrcat(), 1572136, "Integrity: \r", "/* Not Replaced */"
lstrcat(), 51370400, "Ancient Axe  \rAttack Power: \rWeapon Speed: \rCritical: \rAttack Rating: \rBlock Rating: \r", "/* Not Replaced */"
lstrcat(), 1572072, "152/152\r", "/* Not Replaced */"
lstrcat(), 51364608, "\r41-62\r7\r18%\r136\r9%\r", "/* Not Replaced */"
lstrcpy(), 6118984, "요구레벨: \r", "Req. Level: \r"
wsprintf(), 6109768, "%d\r", "/* Not Replaced */"
lstrcat(), 1572136, "Req. Level: \r", "/* Not Replaced */"
lstrcat(), 51370400, "Ancient Axe  \rAttack Power: \rWeapon Speed: \rCritical: \rAttack Rating: \rBlock Rating: \rIntegrity: \r", "/* Not Replaced */"
lstrcat(), 1572072, "80\r", "/* Not Replaced */"
lstrcat(), 51364608, "\r41-62\r7\r18%\r136\r9%\r152/152\r", "/* Not Replaced */"
lstrcpy(), 6118972, "요구힘: \r", "Req. Strength: \r"
wsprintf(), 6109768, "%d\r", "/* Not Replaced */"
lstrcat(), 1572136, "Req. Strength: \r", "/* Not Replaced */"
lstrcat(), 51370400, "Ancient Axe  \rAttack Power: \rWeapon Speed: \rCritical: \rAttack Rating: \rBlock Rating: \rIntegrity: \rReq. Level: \r", "/* Not Replaced */"
lstrcat(), 1572072, "182\r", "/* Not Replaced */"
lstrcat(), 51364608, "\r41-62\r7\r18%\r136\r9%\r152/152\r80\r", "/* Not Replaced */"
lstrcpy(), 6118944, "요구재능: \r", "Req. Talent: \r"
wsprintf(), 6109768, "%d\r", "/* Not Replaced */"
lstrcat(), 1572136, "Req. Talent: \r", "/* Not Replaced */"
lstrcat(), 51370400, "Ancient Axe  \rAttack Power: \rWeapon Speed: \rCritical: \rAttack Rating: \rBlock Rating: \rIntegrity: \rReq. Level: \rReq. Strength: \r", "/* Not Replaced */"
lstrcat(), 1572072, "90\r", "/* Not Replaced */"
lstrcat(), 51364608, "\r41-62\r7\r18%\r136\r9%\r152/152\r80\r182\r", "/* Not Replaced */"
wsprintf(), 6067616, "파이터", "Fighter"
wsprintf(), 6118376, "%s 특화\r", "%s Spec.\r"
lstrcpy(), 6109228, "  \r", "/* Not Replaced */"
lstrcat(), 1571668, "Fighter Spec.\r", "/* Not Replaced */"
lstrcat(), 51370400, "Ancient Axe  \rAttack Power: \rWeapon Speed: \rCritical: \rAttack Rating: \rBlock Rating: \rIntegrity: \rReq. Level: \rReq. Strength: \rReq. Talent: \r", "/* Not Replaced */"
lstrcat(), 1571732, "  \r", "/* Not Replaced */"
lstrcat(), 51364608, "\r41-62\r7\r18%\r136\r9%\r152/152\r80\r182\r90\r", "/* Not Replaced */"
lstrcpy(), 6118884, "특화크리티컬: \r", "Spec. CRIT:\r"
wsprintf(), 6099548, "%", "/* Not Replaced */"
wsprintf(), 6109760, "%d%s\r", "/* Not Replaced */"
lstrcat(), 1571888, "Spec. CRIT:\r", "/* Not Replaced */"
lstrcat(), 51370400, "Ancient Axe  \rAttack Power: \rWeapon Speed: \rCritical: \rAttack Rating: \rBlock Rating: \rIntegrity: \rReq. Level: \rReq. Strength: \rReq. Talent: \rFighter Spec.\r", "/* Not Replaced */"
lstrcat(), 1571824, "3%\r", "/* Not Replaced */"
lstrcat(), 51364608, "\r41-62\r7\r18%\r136\r9%\r152/152\r80\r182\r90\r  \r", "/* Not Replaced */"
lstrcpy(), 6118660, "특화공격력: \r", "Spec. ATK POW:\r"
wsprintf(), 6109740, "LV/%d\r", "/* Not Replaced */"
lstrcat(), 1571888, "Spec. ATK POW:\r", "/* Not Replaced */"
lstrcat(), 51370400, "Ancient Axe  \rAttack Power: \rWeapon Speed: \rCritical: \rAttack Rating: \rBlock Rating: \rIntegrity: \rReq. Level: \rReq. Strength: \rReq. Talent: \rFighter Spec.\rSpec. CRIT:\r", "/* Not Replaced */"
lstrcat(), 1571824, "LV/7\r", "/* Not Replaced */"
lstrcat(), 51364608, "\r41-62\r7\r18%\r136\r9%\r152/152\r80\r182\r90\r  \r3%\r", "/* Not Replaced */"
lstrcpy(), 6118644, "특화명중력: \r", "Spec. ATK RTG:\r"
wsprintf(), 6109740, "LV/%d\r", "/* Not Replaced */"
lstrcat(), 1571888, "Spec. ATK RTG:\r", "/* Not Replaced */"
lstrcat(), 51370400, "Ancient Axe  \rAttack Power: \rWeapon Speed: \rCritical: \rAttack Rating: \rBlock Rating: \rIntegrity: \rReq. Level: \rReq. Strength: \rReq. Talent: \rFighter Spec.\rSpec. CRIT:\rSpec. ATK POW:\r", "/* Not Replaced */"
lstrcat(), 1571824, "LV/3\r", "/* Not Replaced */"
lstrcat(), 51364608, "\r41-62\r7\r18%\r136\r9%\r152/152\r80\r182\r90\r  \r3%\rLV/7\r", "/* Not Replaced */"

---

That just looks like another silly waste of CPU time to me... and it certainly wastes an awful lot of log space.

Can others confirm they also get a similar sequence repeated over and over? (the list is only 1 iteration of many in the sequence before it's actually displayed)

Same here,

Code:

---

wsprintf(), 6109760, "%d%s\r", "/* Not Replaced */"
lstrcat(), 1637672, "Critical: \r", "/* Not Replaced */"
lstrcat(), 51370400, "Wyvern Axe  \rDamage: \rSpeed: \r", "/* Not Replaced */"
lstrcat(), 1637608, "20%\r", "/* Not Replaced */"
lstrcat(), 51364608, "\r81-107\r7\r", "/* Not Replaced */"
lstrcpy(), 6119276, "명중력: \r", "Weight: \r"
wsprintf(), 6109768, "%d\r", "/* Not Replaced */"
lstrcat(), 1637672, "Weight: \r", "/* Not Replaced */"
lstrcat(), 51370400, "Wyvern Axe  \rDamage: \rSpeed: \rCritical: \r", "/* Not Replaced */"
lstrcat(), 1637608, "226\r", "/* Not Replaced */"
lstrcat(), 51364608, "\r81-107\r7\r20%\r", "/* Not Replaced */"
lstrcpy(), 6119252, "블럭율: \r", "Block: \r"
wsprintf(), 6099548, "%", "/* Not Replaced */"
wsprintf(), 6109760, "%d%s\r", "/* Not Replaced */"

---

I see those patterns all the time.
But aren't those talking about every item?
lstrcat(), 1637672, "Weight: \r", "/* Not Replaced */"
Weight of my shield, axe, gloves, my weight?
So they are same yet different for different item?

Yea, but how many times does it repeat that loop of building the layout of the tooltip text from those details between each TextOut() loop which is where all that work is used.

All the times in-between are exactly the same details being strung together into a complete tooltip which is then cleared, and done again... and again... and again, until, eventually, it is broken down again at the "\r" points and made into little strings which are passed to TextOut(). (twice per line, for the shadow effect... if you can see that XD )

Line like that for example

Code:

---

TextOutA(), 54394804, "From> a: Admin Level 3 - Activated.  ", "/* Not Replaced */"
TextOutA(), 54394804, "From> a: Admin Level 3 - Activated.  ", "/* Not Replaced */"

---

might be taken from memory than again whey its formated on chat out.

But yeah its showing up in memory too many times. Some kind of check or refresh?


PS. Your client crashed when I tried to accept T4 quest (with mech), I need to w8 70 minutes now because on my .exe it was OK and I will check that again with debugger.

And something is wrong here:

http://oi55.tinypic.com/izmg5e.jpg

Time is not going down too :/ "70minute" all the time. Are you missing some %d?

--UPDATE--
In KPT is Time Limit: 70Minutes, thats static and not decrease too
and under is Avelin: ??/?? killed.

Yea... that's the kind of play-testing I need. I've never figured out how to do tier quests... which is why my highest character is level 9x and still only has 4 skills. :lol: I have no idea what the quest is asking me to do.

You do all know I'm no good at actually "playing" this game right? :ott1:

Things I've never done:-

• Survived round 1 of SoD or even entered SoD2
• Been to "Bless Castle" when the event was on (except as a "hidden GM")
• Got past the the second rank-up quest
• Legitimately leveled up to 40
• Aged an item
• Killed, or been in a party that killed a "boss" spawn (unless I spawned it my self as GM)

None of that is exaggeration. I have literally never been that good a player. I'm a complete *noob* at video gaming, and always found PT too hard to be fun to play after the mid lvl30s.:*:

There is a problem when I start with debugger:
763028C7: The instruction at 0x763028C7 referenced memory at 0x0. The memory could not be read -> 00000000 (exc.code c0000005, tid 5592)

Code:

---

kernel32.dll:763028C7 mov    al, [ecx]

---

But i can pass that.


When I click OK to take T4 quest:
769A9D60: The instruction at 0x769A9D60 referenced memory at 0x1E. The memory could not be read -> 0000001E (exc.code c0000005, tid 5592)

Code:

---

user32.dll:769A9D60 mov    dl, [eax]

---

and game crash/quit.

When I just quit, debugger giving me error:
0: The instruction at 0x0 referenced memory at 0x0. The memory could not be read -> 00000000 (exc.code c0000005, tid 10580)

And no more information to all those errors :/

With or without 009.lng file make no difference.
Same thing happen with your older IntStr.dll

Even restart did not help, do you have same problems?

How would I acquire this quest to try to replicate it?

I'd like to try on some of the earlier edits of Butchered and 1977 to see if it's some edit I made way back when. I keep all the key stages, even if I don't remember every edit that I made, I can compare blocks of code around an area and what information they are given.

Copy
DataServer > userdata > 65 > a.dat
DataServer > userdata_backup > 65 > a.dat
DataServer > userinfo > 65 > a.dat

files in attachments, to your server.
Create account with "a" login "a" password.
Login as a mech and try to take T4 quest from skill master, game will crash.

Also when you start game with olly and press quit; it can be done even on login screen; game will crash with error (additional errors that only IDA shows me are in previous post):

http://oi53.tinypic.com/2mgrqly.jpg


If you planing to do quest by yourself than use this:
Priston Tale: Tempskron job quest
Priston Tale: Morion job quest

Seasons Greetings to all.

I've spent the last couple of days boxing with my server... seems something has broken my registration page (probably switching to IIS) so I've not managed to use this account.

The guides look good, and I implemented a warning on mismatched parameters in the logging version of IntStr.dll and a compiled (executable) SetLogging program with a simple Windows Dialog UI which is prettier and faster than the batch file.

So before I head off to be with family this holiday season, I'll leave you this latest release archive containing all DLLs, and both the game executable (ButcheredInternational, which I don't think has changed since the last upload) and the SetLogging executable to quickly switch between logging and release DLLs.

Wishing you all the very best of the holiday season. :wink: "God bless us, every one." Be safe, be merry and stay warm, within and without.

@off

Merry christmas.

@on

What is the issue with the dll? I've been away for a few days, whats going on?I saw the pictures but cant understand the error.

I think it's my game.exe rather than the DLLs, but there seems to be a bug with (at least) one of the rank-up quests.

I suspect there is also a problem with Server DC... If I shut the server the client doesn't quit, it locks up.

Sorry, by mistake i wrote "take skill from skill master" I meant "T4 quest", and I fixed that =P

@lelejau you can try if you have same bug as me, game crash when you try to take T4 quest with bobsobol game.exe and dll's ON.

Re Post 125 above.

I've looked into it, and it feels like a corrupt save game file... but what I don't understand is why some clients will ignore the corruption.

Specifically, I have a 1977 client which only has the simple "ignore XTrap if it's not in the folder" patch... and it will work on that.

It will work longer out of the debugger than in it, but there seems to be a lstrcpy() performed on a location pointed to by a DWord in the character file, which is 0 in this game state.

Run outside the debugger, it completes the lstrcpy() copying a 0 character string from what should be protected BIOS area. But then crashes when you accept the quest. Inside the debugger, of course Olly picks up the illegal memory operation as soon as the character is loaded into the game.

If the character is loaded into my older XTrap indifferent 1977 game.exe, then the pointer seems to be updated before it gets to the point where the lstrcpy() comes up.

It's rather odd, since it definitely seems to be the save game state, and either way it's only just been downloaded from the server.

At location 0049E456h lstrcpy is made to copy a string from address 0 to 03100480h

Before my edits, the address was not 0, but 005D457Ch.

This address is aquired by a routine at 0049DE90h:-

Code:

---

Mov EAX,[ESP+4]                                  ; game.0049DE90(guessed Arg1)
Mov EAX,[EAX*4+006AFFB0h]
Ret

---

This code is the same in both clients that work flawlessly and clients that crash.

If you NOP out the lstrcpy(arg1,arg2), (ie. the CALL and it's two PUSHes before hand) I don't personally see any detrimental effect, but even the International Client loads it okay. But that's clearly not the way it's meant to operate.

Strange error, one of the problems is here :
kernel32.dll:758A28CB inc ecx
ecx have wrong offset on stack, its pointing
debug024:04638BE0 aMetron db 'Metron',0
or
debug042:045E8828 aDarkSpecter db 'Dark Specter',0
I don't know why ist random :/

Code:

---

kernel32.dll:758A28B1 kernel32_lstrcpy:
kernel32.dll:758A28B1 push    8
kernel32.dll:758A28B3 push    offset unk_758A28E8
kernel32.dll:758A28B8 call    near ptr unk_75881928
kernel32.dll:758A28BD and    dword ptr [ebp-4], 0
kernel32.dll:758A28C1 mov    ecx, [ebp+0Ch]
kernel32.dll:758A28C4 mov    edx, [ebp+8]
kernel32.dll:758A28C7
kernel32.dll:758A28C7 loc_758A28C7:                          ; CODE XREF: kernel32.dll:758A28CFj
kernel32.dll:758A28C7 mov    al, [ecx]
kernel32.dll:758A28C9 mov    [edx], al
kernel32.dll:758A28CB inc    ecx
kernel32.dll:758A28CC inc    edx
kernel32.dll:758A28CD test    al, al
kernel32.dll:758A28CF jnz    short loc_758A28C7
kernel32.dll:758A28D1 mov    dword ptr [ebp-4], 0FFFFFFFEh
kernel32.dll:758A28D8 mov    eax, [ebp+8]
kernel32.dll:758A28DB call    near ptr unk_7588196D
kernel32.dll:758A28E0 retn    8

---

if I change ecx to 005D457C function go to call wsprintfA and crash there.

Quote:

---

Stack[000023A8]:0018F684 dd offset byte_3100480 <-- player name OK
Stack[000023A8]:0018F688 dd offset aMetron ; "Metron" <-- should be "©Ěă«Ŕđ"
Stack[000023A8]:0018F68C dd offset unk_2543E1F4

---

This is as far i checked.

I don't have clean 1977 so I can't tell for sure. Maybe your dlls messed stack somehow?

It's not the DLLs. I'll attach KPT1977 with optional XTrap, and with XTrap fully disabled, but no extra DLL usage.

The problem persists in the NoXTrap version, but not in the OptionalXTrap version... so it looks like I cleaned out something badly.

There are still a couple of calls to XTrap checking routines which I am simply returning from. It's quite a long time ago since I did those now, but I tried to check that the stack after modification was the same. It's possible one of them modified the frame under certain circumstances, but didn't normally.

(not)Fixed,
problem is (not) here:

Code:

---

0044367D  . EB 01          JMP SHORT Butchere.00443680
0044367F    90            NOP
00443680  > 83FD 02        CMP EBP,2

---

(not)change it back to:

Code:

---

0044367D  . FF52 44        CALL DWORD PTR DS:[EDX+44]
00443680  . 83FD 02        CMP EBP,2

---

At lest if you saying that KPT1977-NoXTrap.exe had this bug too.
I will check it on ButcheredInternational.exe when my quest time will break.

PS. JMP is better than NOP? Is it faster? Pointless nops are that slow?

--EDIT--

It must be something else you modified, there is no bug on KPT1977-NoXTrap.exe
:/

Quote:

---

Originally Posted by Vormav

...
if you saying that KPT1977-NoXTrap.exe had this bug too.
I will check it on ButcheredInternational.exe when my quest time will break.

---

I tried the saved character on ButcherdInternational, and it crashed. I restored the files, and restarted the server and tried on KPT1977NoXTrap and it crashed again. I restored the files, restarted the server and tried with KPT1977OptionalXTrap and it didn't crash.

This leads me to believe it's something I cleared out with XTrap.

Quote:

---

Originally Posted by Vormav

PS. JMP is better than NOP? Is it faster? Pointless nops are that slow?

---

In many circumstances yes. NOP is actually considered to be a "delay" instruction, like a primative Sleep() API call. NOP is usually a 1 byte instruction, but should take several cycles to complete. Different OS often treat it as a "privileged" instruction, and replace the cycles with a "sleep" type call to allow the CPU to do something else, some treat it as time to cool down the CPU, as an overheat prevention. Exactly what it does has changed over the years, but what it definitely is not is the JMP [EPC+1] which it appears to be when tracing.

Spoiler:

The EPA logo on many BIOS should mean they "virtualise" NOP (by making it privileged, catching the exception doing something else and then returning the Program Counter to it's original position) into an Interrupt 13h (IMS) which should send the CPU into a cool down. This is particularly useful on primitive OS like DOS on systems like laptops... but can increase energy efficiency during the bootloader process of many OS. (the BCD in NT6, Boot Manager for OS/2 - NT5, Grub / Lilo / SysLinux etc)

Back on DOS, up until the i486 we used to be able to execute a run of "something like" 50 NOPs and know that it would take a tenth of a second, regardless of whether the CPU was running at 25, 33 or 66 Mhz (the usual speeds at the time), and would use that to time vertical blanking and avoid tearing, since the VGA specification doesn't pass "fly back" or "refresh" data to anything the CPU can read.

CPU manufacturers like Evergreen and Cyrex broke those standards to appear to run "faster" or "cooler" than Intel processors; and exactly what NOP does has never been the same since.

Runs of more than a couple of NOPs should be avoided from being executed where possible, at least in a multi-threaded / multi-tasking environment. :wink:

Spoiler:

If you are very cleaver, and have thoroughly checked out the specification of NOP on every CPU you want to support, and have analysed exactly what make and model CPU your program is running on, you can use NOP to generate very very fine grained timing in your fabulous demo or 4K intro or something.

It's a massive show off, but I'm not sure the effort is worth the pay-off, and it dates your Demo very quickly, because you can't possibly know the specs of the processors that haven't yet been made, or that new OS aren't going to treat NOP in a different way. Some kernels take NOP as a queue to jump thread context, others treat it as a "give some time to the idle thread", others treat it as just "suspend me for a few microns", and others literally skip over it, with a possible context change and return... which is very wasteful.

Quote:

---

Originally Posted by Vormav

--EDIT--

It must be something else you modified, there is no bug on KPT1977-NoXTrap.exe
:/

---

That's odd... that doesn't tally with the results I got.

Seems I need to re-test again and ensure I didn't make a mistake somewhere along the way.

Nope on your KPT1977-NoXTrap.exe this bug simply don't exist.
I think problem is with your dll or with what you patched.

in you 009.lng file change:

Code:

---

6112628 = "Metron"
6112636 = "Dark Specter"

---

to

Code:

---

6112628 = "다크 스펙터"
6112636 = "다크 스펙터"

---

and your code will work till (it will crash sooner without this modification)

Code:

---

0049F2DF  |. FF15 D4425C00  CALL DWORD PTR DS:[<&USER32.wsprintfA>]  ; \wsprintfA

---

and after executing this call it will crash.

So your dll is patching something wrong again in:

Code:

---

user32.dll:76E39D60 mov    dl, [eax]

---

eax have wrong value (its 0x0000001E), eax should be 0310F558 (다크 스펙터) again.

This problem might be connected to picture I uploaded

http://oi55.tinypic.com/izmg5e.jpg

its showing wrong translations in wrong places (so it might patch wrong things in wrong places).



--EDIT--

confirmed just a moment ago:
if you leave only those two lines in 009.lng file:

Code:

---

6112628 = "다크 스펙터"
6112636 = "다크 스펙터"

---

you will be able to take T4 quest without any bug on ButcheredInternational.exe!

Conclusion, you are patching some wrong lines connected to quest.


--EDIT--2--

You can't translate this the way you done it:
server side file:
87_DarkSpecter.inf
have line:

Code:

---

*이름                        "다크 스펙터"

---

and client copy monster name from this line ignoring .zhoon translation and

Code:

---

*Name                        "Dark Specter"

---

in other words to see this translated you need to translate 87_DarkSpecter.inf to look like this

Code:

---

*이름                        "Dark Specter"

---

but thats a bit problematic when come to translation.

There is one more thing that can't be translated (I did not found it yet, maybe 6113028 = "<Quest> Hunt %d of %s "? I am sure its on quest icon), anyway I am not sure yet if line in .inf file is compared to what client have or you should translate monster name "after" player got quest (copy of quest is saved somewhere else and quest icon read from there so you need to translate that "somewhere else"... probably >=P).

I am sure you will be able to fix it now :)

That's very helpful. Probably best to just not keep that in the .lng file then. ^_^

-- EDIT --
Your screen always shows "Avelin" but I always see Korean there anyway... (after the crash of course)

But if it's there for quest lookup, then I would leave out all of the following:-

Code:

---

6112592 = "Sadnesst"
6112604 = "Dusk"
6112612 = "Avelisk Lord"
6112628 = "Metron"
6112636 = "Dark Specter"
6112648 = "Chain Golem"
6112660 = "Incubus"
6112672 = "Stygian"
6112684 = "Dawlin"
6112692 = "Heavy Goblin"
6112704 = "Witch"
6112712 = "Nightmare"
6112724 = "Illusion Knight"
6112740 = "BeEvil"
6112748 = "Avelisk-L"
6112764 = "Avelin"
6112772 = "Iron Guard"
6112784 = "Stone Golem"
6112796 = "Stone Giant"
6112812 = "Figon"
6112820 = "Doom Guard"
6112828 = "Mummy"
6112836 = "Thorn Crawler"
6112848 = "Solid Snail"
6112864 = "Skeleton Knight"
6112880 = "Armored Bettle"
6112888 = "Grotesque"
6112900 = "Dire Bee"
6112908 = "Skeleton Ranger"
6112924 = "Headcutter"

---

The API should then just pass through.
--- EDIT2---
Nope... even this does not fix it. Hmm. What an annoying little rascal bug.

Told you, you need to remove this and "something", and that something is

Code:

---

6113028 = "<Quest> Hunt %d of %s "

---

if you remove monster list you posted and line I posted you should be able to fix this bug.

There might be more bugs like this; we where talking about T4 quest.

However I would like to see this translated so maybe there is a way to do this after you took quest?

Well... If this should be translated, it shouldn't cause problems, if it causes problems then the strings patched shouldn't be displayed.

--- EDIT ---
Okay. You're right, that does fix the crash. Which means this string is used in an unusual manner.

Trying to track it.