Implementing Rain

Implementing Rain

Okay. Now I've just implemented the rain code in the Low Level Tempskron maps in my Butchered Client based upon the disputed release in this post.

It's posted by Harsaphes (MRX from the M.I.B. forums) but that also points us to MagicPT, and I believe Excelsior has claimed to be the person who implemented that code. I'm fairly certain that he (Excelsior) posted a direct dump from Olly of his code here, but that thread seems to have gone AWOL just as many other recent threads have.

Anyway, I'm going to walk you through my translation of that implementation, and if Excelsior wants to repost his thread, I'll take this post over to his thread and close mine.

In the process of reworking the implementation, I can see that parts of it are brilliantly optimised, and yet other parts look thrown in, or like they have been re-jiggled about by someone who understood what they where doing less. I can't claim that I fully understand how this code interacts with the main game, but I can see how it is working on it's own, and have broken it down and put it together again in a slightly different (cleaner) manner.

First off, I don't like adding sections. MRX has created an MRX section with access for any kind of operation from anywhere, rather like the Global Fantasy team did, and to me that's just an extra hole when PT has too many as it is. Once you have dumped all the XTrap code in a 1977 client you have quite a lot of free space in your exe to add new code and data anyway... and that's what I did.

I'll not give you the offsets I used, because you may be using a different client, or have already put your own groovy code into the space I used. Besides all of which, the ability to be more generally useful is the reason I prefer to see Tutorials rather than releases... let alone re-releases. XD

The code it's self has 3 main sections and a Table of DWords. However, the implementation in the posted game.exe is a little jumbled up, as the primary worker routine (I called it SubRain) is bunged in the middle of another routine, which then has to JMP over it. The alignment of the routines is kinda nasty too, suggesting that someone has been a little liberal with the Binary copy and paste functions in Olly whilst neglecting their fundamental understanding of the i386 PMode architecture. XD (I know Excelsior knows this well, I'm not so sure of the other signatorys')

Okay... on to code. If you're using a 1977 KPT based client as I am, you should consider the following code fragments to be labelled in accordance with the following EQUates:-

Code:

---

MapLo          EQU 0091C3BCh
MapHi            EQU 0091C3B0h

RainRet1        EQU 00440D8Ah
RainRet2        EQU 00440E46h
RainRet3        EQU 004435BCh
RainRet4        EQU 00443123h

AmbientSound    EQU 004E68C0h
WeatherSelector EQU 00533E60h

---

By which, I mean that in Olly, you should <Ctrl> G to the address post EQU and label it (by tapping the ':' key) in accordance with the name pre EQU. The listing above is how you would define a "constant" if you where using an assembler, not a debugger with live "assemble in place" capability. XD

If you are using a different basic version for your client, you should probably start by getting a 1977 KPT client, and examining the code at the addresses in the fragment above, in order to locate the equivalent code locations in your client.

Now we can look at the first block of code used to add rain. In KPT 1977, replace the code between 00440D61 and 00440D89 with a JMP to RainCode, and a fist full of NOPs. ;)

Code:

---

Align 4
RainCode:
  call SubRain
  cmp dword ptr [MapLo],00h
  jne short .Skip1
Align 4  ; > Optional, but I would advise you try to align loops. <
.Loop:
  mov dword ptr [MapLo],00h
  mov eax,[esi*04h+eax+C8h]
  jmp short .Skip2
.Skip1:
  mov ecx,[0091C430h]
  mov ecx,[ecx+016Ch]
  mov edx,ds:[ecx*04h+0091C360h] ; IDK What this table represents.
  mov ecx,[edx+C4h]
  cmp ecx,0400h
  je short .Loop
  cmp ecx,0500h
  je short .Loop
  cmp ecx,0800h
  je short .Loop
  cmp ecx,0900h
  je short .Loop
  mov eax,00h
.Skip2:
  cmp eax,ebx
  jl short .Ret1
  push eax                  ; Arg1
  call WeatherSelector      ; WeatherSelector(Arg 1)
  mov eax,[MapLo]
  add esp,04h
  cmp eax,01h
  je short .Ret1
  cmp eax,ebx
  jne short .Sound
.Ret1:
  jmp RainRet1
.Sound:
  push 0Dh                   ; Arg1 = 13
  call AmbientSound          ; AmbientSound(Arg 1)
  add esp,04h
  cmp dword ptr [MapHi],28h
  jg short .MapHiGT40
  cmp dword ptr [MapHi],14h
  jg short .MapHiGT20
  jmp short .Ret2
.MapHiGT40:
  cmp dword ptr [MapHi],2Dh
  jl short .MapHiRangeOK
.MapHiGT20:
  cmp dword ptr [MapHi],24h
  jl short .MapHiRangeOK
  jmp short .Ret2
.MapHiRangeOK:
  push 089Dh                ; Arg4 = 2205
  push 0190h                ; Arg3 = 400
  push 00h                  ; Arg2 = 0
  push 02h                  ; Arg1 = 2
  call 004E5110h            ; 004E5110(Arg1, Arg2, Arg3, Arg4)
                            ; I've not been able to figure out what this
                            ; routine is, but it's clearly important.
  add esp,10h
.Ret2:
  jmp RainRet2

---

Again, I'm aiming at a true assembly source listing (though I copied this from Olly and cleaned it up for readability) here. So I've used as few numeric constants as possible, unless the number is the best way to understand what is going on. Wherever a word, name or label would make it easier to read, that's what I do.

Look out for the routine @ 004E5110 if you aren't using KPT 1977 as your base. That is the only core routine I haven't given any name to, and the reason is... I don't understand it's function myself yet. (If I figure it out, or someone let's me know, I'll update this post.)

MapLo and MapHi are probably incorrect initial assumptions for the variables at the address they represent too. I initially thought, from the way they are used, that they related to the map / field in which the player is presently playing, but as I've gone through it's looking more likely that at least one of them relates to the current weather the player is experiencing. Again, I don't fully understand them, so guessing at a better name is pointless. Just be warned that those labels may be misleading.

If you are not familiar with it, the .Label notation in Assembler source suggests that the "scope" for that label is local to the last sub-routine (or, label without a "." before it) and does not apply globally to the entire source file, let alone the whole program. You can (and I do) create them in Olly, but it does not understand them when you are assembling a line of code. So those will need to be manually translated to an address when you are typing code into Olly, or you'll have to use globally unique labels that don't start with a dot. (period in US English or full-stop in British English, but "dot" will do for Web-heads)

Notice also that I advise that where ever you put these code sections you Align their start, and any iterated JMP destinations (loops) to DWord boundaries. Align 4 is a 4 byte, or 32-bit pure boundary, and executes much faster and easier for an x86 32-bit CPU. (some more so than others) It's only an advisory in loops because of the speed issue, but it's almost a must for the actual start of the routine... Olly can get very confused in Analysis if this isn't correct, and although it may only be called infrequently, the delay is compounded by the fact that most of these are not JMP Short instructions, but full Long Jumps.

Of course Olly can't Assemble an Align, because it's more like a compiler directive than and instruction. While in Olly, you really have to play the part of the compiler your self. From real source the Compiler (Assembler) would insert 0, 1, 2 or 3 NOP (or equivalent) instructions depending on how near or far from a 4 byte boundary the next instruction address is. I think you can manage that by hand. ;)

For the next code segment (again, only in a 1977 based client) you should replace the "cmp [MapLo],ecx" @ 0014030E5 with a JMP to RainHack. You'll get an extra NOP out of the deal, because the JMP is smaller bytecode than the rather complex in-direct addressed CMP. (you probably wouldn't see instructions like this on a RISC Architecture CPU)

Code:

---

Align 4
RainHack:                  ; 3 choices are broken to this code from the main.
  mov ecx,02h
  cmp dword ptr [MapLo],00h
  je short .ZeroMapLo
  mov eax,[0091C430h]
  mov eax,[eax+16Ch]
  cmp eax,edi
  jl short .Ret4
  mov ecx,ds:[eax*04h+0091C360h] ; There's that table that IDK what it is again. ;)
  mov eax,[ecx+C4h]
  cmp eax,0400h
  je short .ZeroMapLo
  cmp eax,0500h
  je short .ZeroMapLo
  cmp eax,0800h
  je short .ZeroMapLo
  cmp eax,0900h
  je short .ZeroMapLo
  cmp dword ptr [MapLo],01h
  je short .Ret3
.Ret4:
  jmp RainRet4
.ZeroMapLo:
  mov dword ptr [MapLo],00h
.Ret3:
  jmp RainRet3

---

The last code fragment is the subroutine that is CALLed from the first section. This is actually a rather elegant bit of nested looping which would otherwise have been a very large bit of code. It's beautifully optimised, but not easy to read.

Code:

---

Align 4
SubRain:
  mov edx,[005FB3B8h]
  xor ecx,ecx
Align 4  ; > Optional, but I would advise you try to align loops. <
.Loop1:
  cmp edx,[ecx*04h+RainTable]
  je short .Loop2
  inc ecx
  cmp ecx,05h
  jl short .Loop1
  mov dword ptr [MapLo],00h
  ret
Align 4  ; > Optional, but I would advise you try to align loops. <
.Loop2:
  jmp short .Branch2
Align 4  ; > Optional, but I would advise you try to align loops. <
.Loop2_1:
  jge short .Branch1
.Loop2_2:
  mov dword ptr [MapLo],01h
  ret
.Branch1:
  mov dword ptr [MapLo],02h
  ret
Align 4  ; > Optional, but I would advise you try to align loops.  <
.Branch2:
  cmp edx,10h
  je short .Loop2
  cmp dword ptr [MapHi],0Ah
  jmp short .Loop2_1

---

Finally, you need your RainTable. Now, I think you only need 5 DWords (20 bytes) to store this in... and the number of places XTrap stored 128-bit signatures in ASCII, this shouldn't be too hard to find space for.

In my listing, I stored a full 8 DWords, just so it takes up exactly 2 lines in a hex editor, and because I'm not at all short of space. This should be somewhere in .data or .rdata sections, but you can keep it in .text like a "jump table" if you really feel you need to.

Code:

---

RainTable:
  dd 01h ; 1
  dd 06h ; 6
  dd 0Bh ; 11
  dd 10h ; 16
  dd 15h ; 21
  dd 00h ; 0
  dd 00h ; 0
  dd 00h ; 0

---

Remember please, that Olly doesn't understand dd, dw, db or dq any better than it understands EQU or Align. Again, these are directives to an Assembler (and when in Olly, that means "you") not instructions for the CPU, which is all Olly can "assemble".

In Olly, your best option is to find a hole for this, and display it as Integer -> Unsigned Long in the "dump" panel.

I guess, with all my talk about optimising the alignment of jump destinations, you may be able to squeeze a little more performance out of P4 / Athelon XP based processors by using "branch hinting" to indicate which side of the jumps should be kept in the level 1 and level 2 CPU instruction caches... if anyone would like to try that (just for the fun of it) I'd love to hear how your experiments go.

Spoiler:

I guess that either the C++ compiler they use to build KPT1977 (Visual C++ 7 AKA .NET 2003 according to most analysis) doesn't optimise with "branch hinting", or they turn that optimisation off for some reason, as I've never seen it used in any PT client or server... or any of the simple things I've built with VC7. I know that Borland C++ Builder and GCC (the GNU C+ Compiler) can include them, and that the .net framework is supposed to have it in it's JIT compiler. I've also seen some great results with hand assembled demos that rapidly zoom a Mandelbrot fractal or such... but I suspect that it's more a gimmick in real world situations.

Anyway... I hope this helps others here get Rain working in their PT clients. :D: Have fun, and happy coding.
(I'll welcome any insight into any of the bit's I'm unsure of, or even thought I was sure of, but am wrong about. And I'll update the main post and credit you for pointing out what a wazzock I am. :wink:)

Again full credits to all who got me to the point where I could write this guide:-
Harsaphes (alias MRX) for making it work in 1977 and sharing with RZ, where I found it.
Exellsior who (I do believe) probably managed to make sense of it in the 166beta (and maybe a peek at a Sandurr client) so that it could be implemented in newer general clients, probably for MagicPT.

At least, that's how I'm assuming the information got to me in a manner I could use to make this guide. That's the problem when you don't cite your sources guys, the paper trail goes cold part way through, and someone gets hurt.

MRX original Video Tutorial

I can't make much sense of this, not just because it's in Portuguese, but because I have no idea what MRX (Harsaphes) is using for the base. So the offsets he begins with are unallocated when I start PT. XD

You could try to add/fix something more important, like PH. Or make a guide of how to add them. It would be nice.

What is a "PH"?

Thank you bob for a clear guide on adding rain to the client :D.

@ lelejau
This is not to insult you or anything, but please do be appreciative of what is posted, especially when the info/guide is posted in detail/with greater clarity. I understand your priorities are different, but still a understandable tutorial is always helpful. Additionally, once again not to flame you, I believe this guide is much more helpful than your comment on my question on adding “clan rejoin delay” (http://forum.ragezone.com/f286/addin...9/#post5881650 ). To this day I am trying to make sense on the vague response, though in every single of your posts you ask for more details ^^.

So to someone like me, clear and detailed guides are helpful, just like clear answers to questions that I ask ^^. Thanks.

Thanks Bob for your post keep your work up :). And it's true MRX stoles the code from MagicPT but whatever since the codes coded long time ago :). About "PH" i think he means Phoenix Pet. I perfer to you to check some old release. There you will find your answer. :)

Thanks Jay. :D:

Oh the Phoenix Pet. >grr< Personally I can't think of anything less important than the Phoenix Pet. I thank Gregoo for showing me how to make a client with no Low Level pets, and others should be thankful I don't treat them and Phoenix with the same disdain as XTrap when I release clients, I dislike them that much.

Armour, and Sheltoms? Yes, gladly. More levels? Why not. Smelting and Metallurgy? I wish. New Cores and Maps? Of course, the more the merrier. But that flipping annoying dragon pet. >.<

Anyway... With a basic 1977 and your server, JayMoko. Put egg in shop, buy egg, use egg I get Phoenix. Gah! Log out quick and get rid of him. I believe there is an update that let's him survive re-logs? Obviously I'm avoiding trying that. :wink:

Maybe you should ask Jay to make a Tutorial on how he made Phoenix work in his server Lelejau? If you ask nicely he may find the time in his busy schedule to write something up for you.

^^. Good Job

Yes bob I'm in MRX Galera Online forum =) thanks for the credits!

Yes.. Jay isnt answering me anymore in msn...

Well, he has said that he has many IRL commitments right now, but as Osirus says the "ask nicely" bit sometimes seems to elude you. I know English isn't your first language, and suspect it is JayMokos', or at least a very strong second language, as with many Northern Europeans, particularly in Norway, Sweden, Holland and Finland.

Spoiler, as this is a public message to Lelejau that is off-topic for this thread.

Spoiler:

One thing I found particularly interesting when I studied conversational Japanese was that the first thing they taught us was Japanese etiquette, even before we learned a single word. The reason being, that the way we say things in English under the same circumstances is incredibly rude when translated literally into Japanese.

For example, if you went up to a Japanese person in the street and said (in Japanese, literally) "Hi! I wonder if you can help me..." (perfectly correct and polite English) they would almost certainly turn away from you mid-sentence in complete disgust, as you have already been incredibly disrespectful to them on several levels.
a) You are (probably unavoidably) speaking out of turn. Your conversation is un-called-for, and unwanted.
b) You are using informal greetings usually reserved for your closest friends and family, with a stranger. "Hi" not "Good day", "Greetings" or even "Hello".
c) You are asking something of someone to whom you have not been properly introduced. This may also be unavoidable, as formal introductions are expected to be made by a mutual friend or family member, but when you are a stranger to everyone you have to start somewhere... this requires extra special care and attention to your politeness.
d) You are already suggesting that you may be asking something beyond their ability. "I wonder if you can" As if this is a test, belittling them.

On the other hand, if you took the proper Japanese etiquette and translated it literally to English, "Greetings, please look kindly on me, I am a developer from RageZone called bobsobol. I am in need of help and do not know who I can turn to. Would you please be so kind as to spare a moment to assist me?" You sound like a complete and utter spanner, and the reaction from an English speaking person would probably be more along the lines of "What a sweet little retard. I wonder what their condition is." XD

If you've ever watched "Heros" you may have noticed that both Hiro Nakamura and even his friend (who is better versed in English) get treated this way by many of the English speaking characters.

I suspect that, while your English language skills are clearly very good, your understanding of the cultural etiquette associated with that language is less profound. While I can see that and make allowances for it, in many ways it can provoke more hostility towards you than you deserve.

Because your level of vocabulary and grammar are so good we forget that you probably don't have the cultural background to match it.

Most English speakers are notoriously bad with second languages, and assume that if you know the words, that's all there is to it. A word for word translation from Norwegian or Swedish to English is pretty straight forward, unless you are translating jokes which all three cultures rely heavily on "word play" and don't translate well. Translating from Spanish or Italian to English is much worse, because the Grammar is so different, and French and German are somewhere in-between. The gender of in-animate adjectives in French is very strong and (almost) completely absent in English, and Germans tend to "run-on" words without spaces, making new words from collections of smaller ones, and mixing character case (lower UPPER) mid-sentence and even mid-word in ways that seem to have no logic to an English speaker. However, Spanish and Italian also change the meaning of phrases depending on what tone of voice, and hand gestures accompany them... I'm still none the wiser as to how this is translated in to writing.

Not to belittle you, your English is already better than my Japanese... which I can speak (in simple terms) but cannot write, or type except phonetically, either in Romaji (Japanese words written in Latin characters) or the most basic Kana (without combining multiple Glyphs into a single word glyph, as most Japanese people have learned to do by the time they are 6 years old.

Interestingly, I suspect the one group of English speakers who would not be in the slightest bit phased by the "tone" of your posts, would be South Africans... probably because of the strong Dutch and Portuguese influences there. And I'm sorry to say, when they speak English I tend to take a strong dis-like to them far more than if they speak Dutch, Portuguese, French or Afrikaans and I get sub-titles from a British or US translator. Likewise I much prefer Japanese films to be subbed than dubbed because the subtitles fill in the words I don't know and I find the American voice actors insert English vulgarity where I know when a Japanese person is speaking rudely, but vulgar is different from rude. (my reaction to sexually explicit expletives inserted between every other word is, possibly as extreme, but not quite the same as a Japanese persons reaction to an absence of proper humility and decorum)

I hope you will pick this up as you interact with English speakers on their own turf, (so to speak) but I will mention it, to give you the opportunity to work on this actively, since it's clear you have already invested considerable time and effort into learning English as a second language. This is a credit to you, as most English speakers would not even attempt what you are already competent at. But being (inadvertently) in-polite will make you wish you hadn't bothered if you don't realise why all the English speakers you speak to are so hostile to you. :wink:

Bob, I dont want to be idiot or "unpolite", but I didn't get your point.. what are you trying to tell me?

Lelejau, check your RZ-PMs. :wink:

rofl,asking other things already,please stop and be greatful,this is too much,thank you bob.

Okay... there is a problem with this implementation, in that a second rain shower locks up the client. Anyone have any ideas on that?

I'm pretty sure Pillia shouldn't get rain too... but that's not so important.

What I notice is that there is no ambient rain sound, only the thunder, and when the rain stops, the regular "ambient" sound doesn't return, if a second shower comes while there is no ambient sound at all, the client locks up.

I made a video-lesson for a forum in Brazil.

Download Chuva.rar from Sendspace.com - send big files the easy way

Problem is that the narration ta in Portuguese, but it could be useful...

Okay MRX, thanks for that, I'll give it a try and see if I can spot something I missed. :wink:

Well, I fixed the silly big video file to an MP4 Matroska... you can get it here.

It doesn't tell me anything I didn't know, unless that is in the Portuguese audio (which I also fixed, so you don't have to keep messing with the volume).

If anyone can see what I'm missing in this video, please let me know.

I definitely can't follow it as it seems to start from about 56 hours into the editing process. >.<

The video begins with an offset in Notepad which is then followed in Olly at a location completely outside the memory ranges for anything any normal compiler would ever produce. The sort of place system DLLs usually get loaded, and no indication of how on earth a whole heap of game.exe code got in there, which you proceed to copy out from it... Where does it come from?

thanks

Please follow the forum rules and click the "Like" button instead of bumping threads by posting "Thanks".

It's appreciated, but presented in the wrong way.

Cheers. :wink: