Decompile and.. Unknown instruction at..

Discuss thaw modding, post your own, share your ideas, ask questions.
b4k3r.dll
Posts: 6
Joined: Mon Nov 26, 2012 8:18 pm
Location: localhost
Contact:

Decompile and.. Unknown instruction at..

Postby b4k3r.dll » Mon Nov 26, 2012 8:26 pm

Hello everybody!

When i decompile with roq.exe this script -> QB: scripts\game\misc\cheats.qb.wpc cheat_unlock_moon_grav and i got this code:

Code: Select all

#/ QB Script version 2.1 by RoQ www.HackTHPS.de
%include "scripts#game#misc#cheats#qb#wpc_184EF674.qbscript_table.qbi"   #/ Table file

:i $0963ebfa$Unknown instruction at 00000006:4a

#/ END


I often have this problem. How i can repair this code or how i can made good decompile without 'errors'.

Greetings :)
Image You never know who’s on the other side.";
„Imagination is more important than knowledge” ~Einstein
WhoElseButMe
Posts: 419
Joined: Tue Aug 04, 2009 12:50 am
Location: FL - USA
Contact:

Re: Decompile and.. Unknown instruction at..

Postby WhoElseButMe » Mon Nov 26, 2012 9:19 pm

I posted about this a while back and even show the break down of a script and how you can convert them, read about it here
simply put they are thaw structures and they use thaw qb data types inside a script
0x4A is followed by a short integer that is the length of the structure block of code starting from the structure header
0x00000100 is the structure header data type
thaw structures are padded at the beginning so look for 010008 and subtract 5 from the short integer then start counting bytes from that position, this will bring you to the end of the structure.
Image
WhoElseButMe on Nov 26, 2009 wrote:It's that lack of respect amongst their peers and ignorance towards modding etiquette that keeps us who know this stuff well from spreading it like wild fire. We do still enjoy playing the game and if you need to cheat to play a game PLAY SOMETHING ELSE YOU DON'T SUCK AT.
b4k3r.dll
Posts: 6
Joined: Mon Nov 26, 2012 8:18 pm
Location: localhost
Contact:

Re: Decompile and.. Unknown instruction at..

Postby b4k3r.dll » Mon Nov 26, 2012 10:24 pm

Code: Select all

01 16 09 63 eb fa 4a 18 00 00 00 00 00 00 01 00
08 00 00 00 00 1b 00 00 65 14 0b 2e 35 a6 c8 df
00 00 00 00 01


Where're the errors?

Code: Select all

01 16 09 63 eb fa = :i $0963ebfa$ (faeb6309 -> SetGlobalFlag)
4a = ScriptStuctItem
18 00 = ScriptStructItem Size from the start of the struct header
00 00 00 = null bytes
00 00 01 00 = StructHeader - count : 4
08 00 00 00 = pointer to byte 8
00 1b 00 00 = Structure QbKey Item
65 14 0b 2e = QbKey 1
35 a6 c8 df = QbKey 2
00 00 00 00 = byte count 40
01 24 = :i endfunction
Image You never know who’s on the other side.";
„Imagination is more important than knowledge” ~Einstein
WhoElseButMe
Posts: 419
Joined: Tue Aug 04, 2009 12:50 am
Location: FL - USA
Contact:

Re: Decompile and.. Unknown instruction at..

Postby WhoElseButMe » Mon Nov 26, 2012 11:23 pm

you almost got the block of code you were off by 1 byte

Code: Select all

01 16 09 63 eb fa 4a 18 00 00 00 00 00 00 01 00
08 00 00 00 00 1b 00 00 65 14 0b 2e 35 a6 c8 df
00 00 00 00 01

The above shouldn't have that final 0x01

So if you read the thread to the link I posted you would know that the relevant data is

Code: Select all

4a 18 00 00 00 00 00 00 01 00 08 00 00 00 00 1b
00 00 65 14 0b 2e 35 a6 c8 df 00 00 00 00

so 4a from start to finish should become

Code: Select all

07 03 16 65 14 0b 2e 07 16 35 a6 c8 df 04

because we're telling the compiler that this is (0x07) a structure (0x03) and no longer an unknown thaw structure instruction of (0x4a)
0x001b0000 is a QbKey item thaw data type, (4 byte data type, 4 byte first qbkey, 4 byte second qbkey, 4 byte pointer OR null if last item in the structure)
so QbKey1 (0x16)(4byte QbKey) equals (0x07) QbKey2 (0x16)(4byte QbKey) close structure (0x04)

The output would look like this

Code: Select all

= :s{ $2e0b1465$ = $dfc8a635$ :s}
Image
WhoElseButMe on Nov 26, 2009 wrote:It's that lack of respect amongst their peers and ignorance towards modding etiquette that keeps us who know this stuff well from spreading it like wild fire. We do still enjoy playing the game and if you need to cheat to play a game PLAY SOMETHING ELSE YOU DON'T SUCK AT.
b4k3r.dll
Posts: 6
Joined: Mon Nov 26, 2012 8:18 pm
Location: localhost
Contact:

Re: Decompile and.. Unknown instruction at..

Postby b4k3r.dll » Tue Nov 27, 2012 9:27 pm

Thanks, i understand. After i forgotten $ in end.

New code (scripts#engine#camera#qb#wpc_724B374D):

Code: Select all

01 16 35 8e 7a 3e 4a 38 00 00 00 00 00 00 01 00
08 00 00 00 00 05 00 00 aa 3c 7c 0f 38 8e e3 3f
18 00 00 00 00 1b 00 00 f6 ba 7e ff a7 39 61 94
28 00 00 00 00 03 00 00 d3 8d 32 d4 00 00 00 00
00 00 00 00 01 16 df 01 a8 bf 4a 18 00 00 00 00
00 00 01 00 08 00 00 00 00 1b 00 00 02 e6 5f d6
b4 bc 5e 50 00 00 00 00 01 16 0e c6 e8 2d 4a 30
00 00 00 00 00 00 01 00 08 00 00 00 00 07 00 00
00 00 00 00 18 00 00 00 00 00 00 00 63 68 61 6e
67 65 20 74 6f 20 77 69 64 65 73 63 72 65 65 6e
00 00 00 00 01 24


Am I doing it right?
Structure:

Code: Select all

4a 38 00 00 00 00 00 00 01 00 08 00 00 00 00 05 00 00 aa 3c 7c 0f 38 8e e3 3f 18 00 00 00 00 1b 00 00 f6 ba 7e ff a7 39 61 94 28 00 00 00 00 00 03 00 00 d3 8d 32 d4 00 00 00 00 00 00 00 00

Final:

Code: Select all

07 03 16 aa 3c 7c 0f 07 1a 38 8e e3 3f 18 00 00 00 00 1b 00 00 f6 ba 7e ff 07 16 a7 39 61 94 28 00 00 00 00 00 03 00 00 07 16 d3 8d 32 d4 07 18 00 00 00 00 00 00 00 00

Code: Select all

:s{ $aa3c7c0f$ =  %i(0.000068)
    $f6ba7eff$ = $a7396194$
    $d38d32d4$= 0
:s}

Code: Select all

:s{ $Aspect$ =  %i(0.000068)
    $angle$ = $widescreen_camera_fov$
    $letterbox$ = 0
:s}


ps.
float - hex http://gregstoll.dyndns.org/~gregstoll/floattohex/
hex - dec http://www.statman.info/conversions/hexadecimal.html
Image You never know who’s on the other side.";
„Imagination is more important than knowledge” ~Einstein
WhoElseButMe
Posts: 419
Joined: Tue Aug 04, 2009 12:50 am
Location: FL - USA
Contact:

Re: Decompile and.. Unknown instruction at..

Postby WhoElseButMe » Wed Nov 28, 2012 4:07 am

Almost, but you're on the right track.
input code block is off by 1 byte again

Code: Select all

4a 38 00 00 00 00 00 00 01 00 08 00 00 00 00 05
00 00 aa 3c 7c 0f 38 8e e3 3f 18 00 00 00 00 1b
00 00 f6 ba 7e ff a7 39 61 94 28 00 00 00 00 00
03 00 00 d3 8d 32 d4 00 00 00 00 00 00 00 00

the output conversion has some minor issues too

Code: Select all

07 03 // correct
16 aa 3c 7c 0f 07 1a 38 8e e3 3f // correct
18 00 00 00 // this is a pointer to the next structure item and needs to be removed
00 1b 00 00 // this is a structure qbkey data type, there should be a 16 at the beginning of the next line and these bytes should be removed
f6 ba 7e ff 07 16 a7 39 61 94 // correct once you make the changes stated above
28 00 00 00 // this is a pointer to the next structure item and needs to be removed
00 // some how you have an extra byte
00 03 00 00// this is a structure integer item
this
07 16 d3 8d 32 d4 07 18 00 00 00 00 00 00 00 00
should look like this
16 d3 8d 32 d4 07 17 d4 00 00 00
and finish it off with a structure close 04


I use the base converter that comes with hex workshop for basic base conversions. But someone might find them useful


A THAW structure item will always be a minimum of 16 bytes. If the type has a child it will be larger.
The general make up of a structure item is always the same
4 byte data type
4 byte qbkey, name identifier of this item. this can be null i'll show an example below
4 byte value, the value of the item dependent on its type. If this item has a child this field is a pointer to the beginning of the child
4 byte pointer, points to the next item in the structure UNLESS this is the last item in the structure then this value is null.

Here's an example of THAW structure items that will have their name field null.
You might not see this exact code in a section script but I picked something simple not to over complicate things.
take for example the following code

Code: Select all

:i call $wait$ arguments
   %i(3,00000003)$seconds$

the 3 integer value doesn't have a name property nor does the seconds qbkey
the above code would look something like this as a THAW structure

Code: Select all

01 16 1a 7c 11 82 4a 28 00 00 00 00 00 00 01 00
08 00 00 00 00 03 00 00 00 00 00 00 03 00 00 00
18 00 00 00 00 1b 00 00 00 00 00 00 19 f6 29 d0
00 00 00 00

Notice how both the structure integer item and the structure qbkey item don't have qbkey names
the output of the second code block should look like the first code block after conversion.

EDIT:
I'd like to go over the last instruction 4a in the larger code block you posted
this is a structure string this item displays key aspects to the THAW structure alignment that I think should be mentioned

Code: Select all

01 16 0e c6 e8 2d 4a 30 00 00 00 00 00 00 01 00
08 00 00 00 00 07 00 00 00 00 00 00 18 00 00 00
00 00 00 00 63 68 61 6e 67 65 20 74 6f 20 77 69
64 65 73 63 72 65 65 6e 00 00 00 00

The structures are on a 4 byte boundary, basically you could write a loop that reads 4 bytes at a time and read from start to finish an entire THAW qb file without going out of bounds
anything that isn't of this boundary is padded, in the case of script structures they are padded before the struct header to align them properly. Also, strings are padded to keep alignment.

Code: Select all

4a 30 00 // thaw structure with a length of 48 bytes from the start of the structure header
00 00 01 00 08 00 00 00 // structure header item, data type + pointer to the first structure item
00 07 00 00 // structure string item data type
00 00 00 00 // name field
18 00 00 00 // value field, string items have a child that is the string so this points to the beginning of the string
00 00 00 00 // pointer field, this is the last item in the structure so this pointer is null
63 68 61 6e 67 65 20 74 6f 20 77 69 // the next 2 lines are the string + padding, because the string must contain a null byte terminator the full string length
64 65 73 63 72 65 65 6e 00 00 00 00 // becomes 21 characters long which can't be divided by 4 evenly, it is then padded with 3 null bytes to align to the boundary

conversion

Code: Select all

01 16 0e c6 e8 2d 1b 15 00 00 00 63 68 61 6e 67
65 20 74 6f 20 77 69 64 65 73 63 72 65 65 6e 00

output

Code: Select all

:i $printf$%s(21,"change to widescreen")
Image
WhoElseButMe on Nov 26, 2009 wrote:It's that lack of respect amongst their peers and ignorance towards modding etiquette that keeps us who know this stuff well from spreading it like wild fire. We do still enjoy playing the game and if you need to cheat to play a game PLAY SOMETHING ELSE YOU DON'T SUCK AT.
b4k3r.dll
Posts: 6
Joined: Mon Nov 26, 2012 8:18 pm
Location: localhost
Contact:

Re: Decompile and.. Unknown instruction at..

Postby b4k3r.dll » Fri Nov 30, 2012 12:11 am

I don't understand. How to convert

Code: Select all

from
4a 30
to
2d 1b 19
Image You never know who’s on the other side.";
„Imagination is more important than knowledge” ~Einstein
WhoElseButMe
Posts: 419
Joined: Tue Aug 04, 2009 12:50 am
Location: FL - USA
Contact:

Re: Decompile and.. Unknown instruction at..

Postby WhoElseButMe » Fri Nov 30, 2012 12:44 am

typo that should be 15

Code: Select all

01 16 0e c6 e8 2d // before the 4a, :i $printf$
// 4a and beyond, since this item is 00070000 or StringA item it is a string item in normal byte code
// which is 1b followed by a 4 byte integer which is the length of the string including the null terminator byte
1b 15 00 00 00
// then the string + null terminator byte
63 68 61 6e 67 65 20 74 6f 20 77 69 64 65 73 63 72 65 65 6e 00

the 30 is just the number of bytes of this structure, but the byte count doesn't start until the structure header 0x00000100
0x30 = 48 bytes

Below are the bytes from the instruction 4a block for the string item
starting from the structure header to the end of the structure, 3 rows * each row having 16 bytes = 48 bytes in total

Code: Select all

00 00 01 00 08 00 00 00 00 07 00 00 00 00 00 00
18 00 00 00 00 00 00 00 63 68 61 6e 67 65 20 74
6f 20 77 69 64 65 73 63 72 65 65 6e 00 00 00 00
Image
WhoElseButMe on Nov 26, 2009 wrote:It's that lack of respect amongst their peers and ignorance towards modding etiquette that keeps us who know this stuff well from spreading it like wild fire. We do still enjoy playing the game and if you need to cheat to play a game PLAY SOMETHING ELSE YOU DON'T SUCK AT.

Return to “THAW modding”

Who is online

Users browsing this forum: No registered users and 27 guests