Ship Spawning
-
Looking at the disassembly where it reads it from the ini, I can tell you a few things. But first, yes, bool is a single byte, dword-alignment adds the three unused bytes.
0x8c = evade_break_attempt_reverse_time 0x90 = evade_break_reverse_distance 0xB8 = buzz_head_toward_roll_flip_direction (boolean) engine_kill_use_afterburner - read as boolean (TRUE or FALSE), stored as float (1.0f or 0.0f) fire_style - MULTIPLE = 0i, SINGLE (or anything) = 1i 0x1D8 = missile_launch_cone_angle 0x1DC = anti_cruise_missile_min_distance 0x1E0 = anti_cruise_missile_max_distance 0x1E4 = anti_cruise_missile_pre_fire_delay 0x1E8 = anti_cruise_missile_interval_time 0x228 = fire_missiles_damage_trigger_percent 0x22C = fire_missiles_damage_trigger_time 0x258 = break_apart_formation_damage_trigger_percent 0x25C = break_apart_formation_damage_trigger_time 0x268 = break_apart_formation_on_buzz_head_toward (bool) 0x26C = break_formation_on_buzz_head_toward_time 0x270 = regroup_formation_on_buzz_head_toward (bool) 0x271 = break_apart_formation_on_buzz_pass_by (bool) 0x274 = break_formation_on_buzz_pass_by_time 0x278 = regroup_formation_on_buzz_pass_by (bool) 0x279 = break_apart_formation_on_evade_dodge (bool) 0x27C = break_formation_on_evade_dodge_time 0x280 = regroup_formation_on_evade_dodge (bool) 0x281 = break_apart_formation_on_evade_break (bool) 0x288 = regroup_formation_on_evade_break (bool) 0x28C = formation_exit_mode . BREAK_AWAY_FROM_CENTER = 0 . BREAK_AWAY_FROM_CENTER_AFTERBURNER = 1 . BRAKE_REVERSE = 2 . OUTRUN = 3 . NOTHING = 5
-
Thanks adoxa! It appears we’re missing an entire block then, as cruise disruptors are mentioned nowhere in the INIs. This might explain why NPCs rarely if ever fire them by default.
-
Updated dump with adoxa’s values and fleshed out all the missing values.
-
This is slightly off-topic, but the anti_cruise_missile values are indeed not used in the normal pilots_population.ini, and they don’t seem to actually do much (as in, anything). In vanilla FL, AI only used CDs if their target was cruising - this could be worked around by setting auto_turret to true for the Cruise Disruptor weapons, in which case AI will fire them whenever ready to. In fact, setting any missile-based weapon to auto_turret = true will ignore all missile usage parameters defined under the pilot, instead firing missiles when in the weapon’s range.
Edit: As an aside, setting all missile weapons to auto_turret = true may fix RandomMission NPCs not firing missiles. -
Well I tried but I’m a bit stuck here, the rest of the Personality struct seems to consist of a lot of boolean values which are hard to track down, plus many constants that I do not know.
There’s so little left to reverse, think about what could be done with this! Could someone help out?
-
Awesome as usual
-
Seems like the SetPersonalityParams struct is used to initialize the AI properly… And it’s not reversed at all
I’ll try to get on it but I’m not promising anything.
-
enum OP_TYPE; class BaseOp { public: BaseOp( OP_TYPE ); BaseOp( const BaseOp& ); virtual bool validate(); OP_TYPE op_type; int x08; }; struct SetPersonalityParams { SetPersonalityParams(); SetPersonalityParams( const SetPersonalityParams& ); virtual bool validate(); BaseOp baseop; // 0 int state_graph; // -1, used by validate void* x10; // -1 void* x14; // -1 bool state_id; // true - state_graph_id, false - state_graph Personality personality; };
-
Mumbles about not even being allowed to have a go and fail
I kid, nice job adoxa, this’ll help tremendously.
-
Well spawning ships is rock solid now, can spawn any ship with a custom AI at will.
What I’m trying to figure out now are, in order:
-How to stop the NPC from dropping all of its equipment on death
-How to control the NPC
-How to add the NPC to the “normal” NPC list so that it disappears automatically when out of rangeI’m pretty sure the 1st point’s key is in the ShipInfo struct, while the second point obviously lies in the reversal of the Op structs.
I wish I knew just how you can find things out so fast, adoxa
-
Yeah, me too. How is that even possible? Maybe I’m just not knowledgeable enough in the subject matter but I wasn’t aware that you could even pull something so detailed (especially with regard to names of things) from just assembly level de-compilation.
-
Defining those structures was relatively trivial, due to exported constructors. Doing the points above will take a bit more effort, which I’ll not do (not for a while, anyway, by which time I’ll have forgotten). I expect point two can be solved by set_current_directive, so I suppose you want IDirectiveInfo and the remaining Ops?
-
I’m not asking you to do them at all, you’re a busy man with a lot on your plate
What I wondered is whether you could give some insight on how to do what you do. A tutorial if you want, just some tips otherwise. I’d like to stop having to ask you or w0d all the time, but I’ve never gleaned much from disassemblies
-
Well, if you want to give it a go, here’s an example using DirectiveFollowOp.
* Exported function Common.??0DirectiveFollowOp@AI@pub@@QAE@XZ | =1<===== 062DAF30 8BC1 mov eax, ecx 062DAF32 33C9 xor ecx, ecx 062DAF34 C7400404000000 mov dword[eax+04], 00000004 062DAF3B 894808 mov [eax+08], ecx 062DAF3E C7001CE13906 mov dword[eax], Common.??_7DirectiveFollowOp@AI@pub@@6B@ 062DAF44 89480C mov [eax+0C], ecx 062DAF47 C7401000001643 mov dword[eax+10], 43160000 ; 150 062DAF4E 894814 mov [eax+14], ecx 062DAF51 894818 mov [eax+18], ecx 062DAF54 89481C mov [eax+1C], ecx 062DAF57 C740200000C843 mov dword[eax+20], 43C80000 ; 400 062DAF5E C3 ret ```I have a separate program to demangle names, which gives us the namespace and constructor. [eax] is the virtual function table, [eax+04] & [eax+08] are from BaseOp. Looking at Follow in the mission files and where it reads it in content.dll (6F27400), +0C would be the nickname, but I still don't know what the other values are, apart from being float (probably maximum distance, x,y,z offset and something else). So assuming that, we can say:
namespace pub
{
namespace AI
{
enum OP_TYPE { FollowOp = 4 }; // and the others, of courseclass DirectiveFollowOp : public BaseOp // inheritance based on observation { public: DirectiveFollowOp()/* : BaseOp( FollowOp )*/; // some more functions here, should be in the CoreSDK virtual bool validate(); UINT leader; // 0 float max_distance; // 150 Vector ofs; // 0, 0, 0; copy constructor indicates Vector float unknown; // 400 };
}
} -
Very nice, that should help a lot!
Can I know what program(s)/steps you use to get the output you’ve shown? I think I read you use Ollydbg to disassemble the DLLs, but how do you get the values like 150 or 400? From the INIs, from a debug process?
-
Excuse me while I go hang myself for being so blind. -_-