Engine reversing/exploration

They're just the name and description of the perks/skills/whatever. They're 0 to start with because fallout loads them all from the message files to support multiple languages.

Edit: and to fill in those unknowns for you, the 3rd field of traits, perks and stats (and 4th of skills) is the image frame id, and the last field of skills is non-zero if the xp gain from use should be multiplied by the 5th argument to the show_skill_use_messages function.

 

This looks interesting! I'm thinking of adding Enhanced Knockback to big shotguns. I remember that trying to give the Ripper laser damage to make it cut people in half didn't work, now I know why.

Incidentally, coming from someone with an IN of < 10, is there any way to edit this info and recompile it? The perks, for example, would be good patch candidates.

Also, is the player unarmed damage handled in the engine, or can you just edit the proto files?

 

AFAIK it doesn't work on ranged weapons, but Kanhef will prob be able to confirm.

Yeah - i am hoping and praying Timeslip or Kanhef will be able to figure out how to allow melee weapons to cause death animations ... *prays to Timeslip and Kanhef*

 

It's proven that shooting someone and knocking him back is not realistic with the weapons from our time. The knockback perk should be added only to the weapon(s) that shoot with great strength. Shotgun and Sawed-Off Shotgun are just normal shotguns, I don't think it would be realistic for them to have knockback.

But, anyway, the game is very unrealistic (like all games, actually), so it wouldn't hurt adding knockback to any weapon you wish. It would be realistic on everything with Explosive damage, the Pulse Rifle/Pistol, the EMP grenade, the Alien Blaster (since it's unknown what technology does it uses), maybe on the Jackhammer, even on Gauss weapons, but I'm not sure of the exact way they work - it's described on wikipedia, I think it was some sort of electromagnetic field.

 

sfall has allowed you to change the perk table for yonks. (via a perks.ini file, which also lets you add new entries to the table.) You can't use it to change the trait/skill/stat tables directly, (there may have been functions to set stat min/max, can't remember...) but you can still use the WriteXXX functions to save having to do any hex editing. I'm not at home at the minute, so I can't post the offsets you need, but I'll edit them in when I get back.

Edit: Ack, forgot I said I'd post them. Ah well, better late than never:

perk_data: 519DCC
skill_data: 51D118
trait_data: 51DB84
stat_data: 51D53C
pc_stat_data: 51D8CC

I'm occupied trying for proper 32 bit colour again. Once I get that working or give up again, I'll take a look.

sfall also lets you modify this already. There's functions for setting custom multipliers or fixed absolute values on individual weapons, as well as two settings per critter for when they're attacking or a target.

 

Since you're messing with graphics... Any chances to hack this past-gen crap and remove tile size restriction (but this would require to hack a Mapper, otherwise you won't be able to build any map from larger tiles ) or give a possibility to totally disable utter broken highlight "feature" on scenery/walls?

Tile problem:

Default tile (80x36):



Custom tile (for example 3x3 tile in one piece):



or can be even bigger - 4x4 or 5x5 (or 5x3, or 4x1), for example, since engine will be able to handle it.

Highlight problem:

 

Yes, we totally need to get rid of the tile size limit (floor and roof tiles).

Even if we still would need to add invisible fake-tiles to tell the game that we are under a roof, etc.

 

Yeah, it's even more important than 32 bit colors, I'd say. 228 colors aren't a problem for me. Not to mention that 99,9% of FO's graphics will be still running in 8 bit mode. No advantages. But this shitty restriction with tiles is a totally different story... it's preventing very well from doing any larger, good looking floors/roofs because of TONS of fucking small and unique pieces you must make (split it/add to game/etc.). Or you must doing workarounds with scenery that acts as a tiles, which is causing a problems with highlight feature! WTF?

 

Hello there, NMA.

Some of my findings might be relevant to already mentioned issues (there is much more, but it'll take time to write it all down. I'll try to do this when I find some spare time). All of the code is from PC version:

1. Weapon Knockback, and it's behaviour with various weapons

Code:

CPU Disasm
Address   Hex dump          Command                                  Comments
00424AD0  |.  837C24 04 06  CMP DWORD PTR SS:[LOCAL.15],6
00424AD5  |.  74 1A         JE SHORT 00424AF1
00424AD7  |.  837E 08 00    CMP DWORD PTR DS:[ESI+8],0
00424ADB  |.  74 14         JE SHORT 00424AF1
00424ADD  |.  8B56 04       MOV EDX,DWORD PTR DS:[ESI+4]
00424AE0  |.  8B46 08       MOV EAX,DWORD PTR DS:[ESI+8]
00424AE3  |.  E8 98370500   CALL _item_w_subtype                     ; [FALLOUT2._item_w_subtype
00424AE8  |.  83F8 02       CMP EAX,2
00424AEB  |.  0F85 B1000000 JNE compute_damage_end                   ; bail out if non-explode and real weapon type != 2
00424AF1  |>  8B4424 14     MOV EAX,DWORD PTR SS:[LOCAL.11]
00424AF5  |.  8B40 64       MOV EAX,DWORD PTR DS:[EAX+64]
00424AF8  |.  C1E8 18       SHR EAX,18
00424AFB  |.  83F8 01       CMP EAX,1                                ; already knocked down?
00424AFE  |.  0F85 9E000000 JNE compute_damage_end
00424B04  |.  8B4424 14     MOV EAX,DWORD PTR SS:[LOCAL.11]
00424B08  |.  BA 00400000   MOV EDX,4000
00424B0D  |.  8B40 64       MOV EAX,DWORD PTR DS:[EAX+64]
00424B10  |.  E8 979B0000   CALL _critter_flag_check                 ; [fallout2.flag_read
00424B15  |.  85C0          TEST EAX,EAX                             ; knockdown flag test
00424B17  |.  0F85 85000000 JNE compute_damage_end

Then the knockbacking section follows.

compute_damage_end is actually 00424BA2. LOCAL.15 (stack variable +4) holds the damage type, 6 is explode. Item subtype 2 means melee weapon. As one can see, entire knockback section is skipped when real weapon is not of melee type and not explode type, OR one of the checks: critter is already knocked; critter is unknockable is passed.
What knockback section does is updating [offset_attack_struct+34] to the certain value (damage/10; weapon knockback perk makes it damage/5; stonewall makes check if (rnd(0,100) \lt 50) and sets 0 in case of success; also, stonewall divides the total value by 2, no matter the throw result). This value is then used by action_knockback to determine the number of hexes travelled by the target.


2. Weapon Enhanced Knockout (yep, there's no such thing like Enhanced Knockback)
This works pretty much as Kanhef described and with any weapon type.


3. Weapon perks, concerning ToHit
If I'm not mistaken somehow, this works like this: http://fonlinedocs.netii.net/tohit2.c
I was testing this reversed formula in FO2, and it worked fine.


4. Special unarmed attacks
+critical chance is actually "partial slayer". +50% chance means that non-critical hit have 50% chance to be upgraded. Also, The code (starting at 42394A) is bugged: only two of the attacks are checked, the rest of the upgrading code (for other attacks) is there, but is skipped. However, this can be easily fixed by changing jump addresses.

Code:

CPU Disasm
Address   Hex dump          Command                                  Comments
0042394A  |> \8B56 04       MOV EDX,DWORD PTR DS:[ESI+4]             ; = attack type
0042394D  |.  83FA 10       CMP EDX,10                               ; next: special unarmed attacks, upgrade to critical, BUGGED!
00423950  |.  74 09         JE SHORT 0042395B
00423952  |.  83FA 09       CMP EDX,9
00423955  |.  0F85 B2000000 JNE special_no_upgrade

Then the upgrade code follows, ending just before special_no_upgrade (423A04).

[edit] Ah yeah, forgot to add something already written down: http://fonlinedocs.netii.net/fo2calg.pdf - critical failures behaviour. The tables themselves:

Code:

fallout2.exe at file offset 0x1065A0
row: weapon type (critfail list), column: critfail severity
0x00000000 0x00800000 0x00800000 0x02000800 0x00002000
0x00000000 0x00800000 0x00400000 0x00001000 0x00000100
0x00000000 0x00000200 0x00400000 0x00001000 0x00200000
0x00800000 0x00800200 0x00C00000 0x00001000 0x00900000
0x00000400 0x00400000 0x00400800 0x00001000 0x00100000
0x00800000 0x00000400 0x00200000 0x00001000 0x02900000
0x00000000 0x00800000 0x00001000 0x00200000 0x00940000

0x00000100 hit self
0x00000200 lost rest of ammo
0x00000400 fired dud shot
0x00000800 hurt self
0x00001000 hit randomly
0x00002000 crippled random limb
0x00040000 on fire
0x00100000 weapon exploded
0x00200000 weapon destroyed
0x00400000 weapon dropped
0x00800000 lost next turn
0x02000000 knocked down

 

any other interesting updates?

 

Was this ever addressed in sfall?

 

bump

 

Not that I can see. I've dig a bit deeper into the code and can see the problem. I'll issue a fix for it shortly after double checking sfall again to make sure that nothing has been done -- wouldn't want double fixing to occur, after all.

-- The Haen.

Edit: A fix has now been committed to sfall for this issue. So expect to see it in the next sfall release.

 

Was wondering: does anybody still have the function lists/architecture Kanhef made saved somewhere? Links are dead unfortunately. I always feel a bit guilty making completely uninformed requests to Timeslip, so I'd like to get at least a bit of a feel for how the .exe does things.

 

@JimTheDinosaur
Here are the original files:
http://rotators.fodev.net/atom/F2_function_list.txt
http://rotators.fodev.net/atom/F2_function_structure.txt

 

I'm shocked, how did you guys managed to generate a list of function names? It's too big to be filled manually
I'm using IDA disassembler (it has cool features like pseudocode), but all game-related functions are unnamed. There are no information to restore their names in EXE, as far as I know, so... how in hell did you managed that?
(I wanted to attach this list to my debugger database somehow, but looks like that the offsets in F2_function_structure.txt are wrong (they are not actual offsets from the "canon" fallout2.exe that sfall uses).

Please, help me understand this.

Ok, I think I got it. It turns out mapper actually includes debug information with almost all functions having names: http://return0.pisem.net/script.html
Sadly, I can't apply all this automatically to fallout2.exe, but at least I can see how stuff works in mapper.

Edit:
For those who interested, MAPPER2.EXE decompiled in C using IDA (w/ 95% functions having meaningfull names): https://yadi.sk/d/QbT9VnD8aA9wQ
As you may now, mapper2 contains whole game code inside, so you can use this to see how actual game works.

 

Yes, the site you linked gives an IDA script to populate Mapper symbols.
It's worth noting that the pseudocode is fairly useless for all but small, contained branches, or for getting a five-foot overview. It doesn't seem to like the calling convention that the game uses. (For the record, I don't either. The code Watcom generated is absolutely terrible by today's standards. It annoys me to read it.)