j'ordos

Hey Mutonbrain, great work! With your permission I'd like to add your fix to apatcher, giving full credit ofcourse. Let me know what you think.

I checked it and you're right, only three weapons are possible, both for the player's ships as those controlled by the AI.

No that isn't possible. Vehicles that belong to other organizations can use more than three weapons though.

OK, removed those two from the list Looks like I added them myself without actually checking first, mb. I took a peek at the equip code, the size of the item table seems to be limited at 500 items. (this may be higher in battle as some item slots may be reserved for e.g. brainsucker pods) Changing the code to first add other equipment and grenades afterwards may be a bit too difficult though.

OK, thanks for trying to help! I uploaded the files here in a rar archive: http://users.telenet...822/apocasm.rar A few things to note: the old UFO2P.IDB is based on another version of xcom apoc than the one I'm using now - so it doesn't correspond exactly to UFO2P.EXE. If you want I can upload a disassembly of the new exe instead but it won't have anything mapped out. UFO2Pafter.exe and .idb is the one where I made the modification. The sub I modified is called 'add_aliens_build', I added it to the new database as well (UFO2Pafter.idb) so you can find it easily. The offset when you open the exe's in a hex editor is 794630 (decimal). This is the address for the first jump in the sub (jz short_loc 5FE0F in the original exe and jmp short loc_8A0F1 in the modified exe). Let me know if you need more info!

I took a look at the changed code in IDA (it's a bit of a hassle since I first have to remove a 32bit extender from the exe before IDA can do anything with it) but I can only load it as a binary file. It still disassembled the function I changed though and I couldn't spot anything wrong with it. I'll post an image of the graph view of the original code and list my edits, maybe you can spot a problem this way So the first thing I do is edit the jz short_loc etc... to an unconditional jmp. I also deduct two bytes from the address, because I remove two from the code I'm jumping over (so I can add a new jmp to the code following it to the now unused code to do what I want and jump back afterwards, as you suggested). So in hex the code changes from 74 1F to EB 1E. I change the last two bytes before loc_5FE0F to 90 (nop) and run xcom apoc, no problems. However, once I shift the two nop bytes to where I actually want them (somewhere near that mov dl, [eax+0D4h] line) xcom apocalypse starts crashing. I began looking from where exactly in the code the addition of those two bytes started to cause a crash and found it is right after the mov eax, save_build line (marked on the image). If I add two bytes before that code executes xcom runs fine, if I add them after xcom crashes. Is the address for that mov instruction relative? It looked fine in IDA after the change as far as I could tell. Any ideas? EDIT: I figured I could do the jump before the line from where the added code starts to crash xcom and just repeat the instructions in the newly created pocket, there's just enough room for that. Unfortunately xcom still crashes, this time with a different error though. Well actually no error from xcom but dosbox reports the following in the console: Exit to error: CPU_SetSegGeneral: Stack segment zero. Here's an image of the IDA output of the function after the modification: edit2: comparing the images I noticed one instruction had fallen off (add edx,eax) , I corrected it but the crash remains the same

Most likely there is a static item table in apocalypse as well, but I don't know what it's limit is, seems to be pretty high, can't remember any instances where e.g. brainsucker pods would stop appearing or such, even when fighting both aliens and building guards. Agent Equipment (score) took me some time to figure out as well, at first I also thought the aliens would get weapon Type 1 + grenade type 1 + other equipment 1A&B, etc... but it's random for each equipment type. It's been a while but I'm pretty sure the game does assign both 'other equipment type A & B' and not two random items from the entire list. Your guess that their inventory is filled with grenades and ammo is a good one. Probably the game follows the order in the list when adding equipment so guns+ ammo, then grenades and lastly other equipment. Since the game accepts any equipment anywhere you could for example replace some grenades with shields (and some other equipment with grenades), or for aliens with weapons without clips you could add shields as their ammo type. Prioritizing other equipment instead of grenades when adding equipment would be alot better though. I'll try to find the code in TACP.EXE! edit: I added your observations to apoc'd karadoc, thanks. But regarding current/max morale, I already have current morale mapped in apoc'd (by zaimoni), right after Current Strength. Would you mind checking that?

Thanks karadoc, I'll add those to apoc'd. You may be right, I never checked if damaged armor had to be repaired or not - just assumed so .Let me know if armor effectiveness drops vs weapons fire & explosions if the remaining durability is low.

The two values for armor are just current vs max durability. I.e. should you edit armor to read 18/32. Each part will be repaired over time to 32/32 in the cityscape. Ah I know about the garbage in the names in savegames, I guess it's an easy fix, just never bothered to do it What was the hunch?

Thanks for the info Kyrub, I'll try again, maybe I'll be able to get it to work now Sorry for the late reply, I lost interest shortly after posting this

Ooh, new replies Don't really know anything about how armor&damage modifiers work for xcom troops unfortunately. About the damage types in the battlescape, AFAIK that's hardcoded. There's a string list in TACP.EXE for damage modifier types, I think it just follows the internal ordering of the weapons, so there's no 'unknown variable' somewhere that can be edited. The only way to fix it is to open TACP.EXE with a hex editor, search for hot plasma and edit it yourself. Remember that you may not exceed the length of the original text! Unfortunately there's no way to export such an edit using apoc'd yet. I don't know anything about the damage type icon. Thanks for the info on the unknowns, I've been working on apoc'd and my other xcom apoc stuff again some time ago. I actually have a new version ready, but it just adds support for another spanish version of xcom apoc. I'll try to finish it up. There's no really good way to integrate apatcher into apoc'd I can see, apoc'd edits data structures whereas apatcher patches the game's code. Can't really use the existing apoc'd UI for that.

OK, I've got another question. This time I'm trying to modify a small amount of code so that when a UFO drops aliens the building is marked on the overhead map (tired of constantly having to monitor the troop transports). For this I need to overwrite another piece of code though. I found some that I don't need in a sub that adds the aliens to the building: for each alien type there is a 5% chance it will be placed in the next building instead. Since I'm trying to reduce the number of cleanup missions as well I figured I should replace that code. To mark the building I need to edit a var in the building data struct which is loaded after the code I intend to overwrite, so I add the new code in another place than the code I'm removing, but within the same sub. Unfortunately the game crashes when I do this, dosbox gives me an error 'exit to error: illegal jump descriptor type 0' or something like that. Anyone an idea on what could be the cause? this is the original sub I'm patching: cseg01:0005FDDC add_aliens_build proc near ; CODE XREF: UFO_drop?+59Fp cseg01:0005FDDC 51 push ecx cseg01:0005FDDD 56 push esi cseg01:0005FDDE 89 C1 mov ecx, eax cseg01:0005FDE0 0F BF C2 movsx eax, dx ; Move with Sign-Extend cseg01:0005FDE3 E8 74 F3 FF FF call check_bldisxcombase? ; Call Procedure cseg01:0005FDE8 0F BF F0 movsx esi, ax ; Move with Sign-Extend cseg01:0005FDEB 83 FE FF cmp esi, 0FFFFFFFFh ; Compare Two Operands cseg01:0005FDEE 74 1F jz short loc_5FE0F ; Jump if Zero (ZF=1) this jump address has to be modified because some bytes are removed from the code between here and loc_5FE0F, or the jump can be removed entirely cseg01:0005FDF0 B8 64 00 00 00 mov eax, 64h ;The following code is what I'd like to remove cseg01:0005FDF5 E8 DE D3 FF FF call randomize ; Call Procedure cseg01:0005FDFA 66 3D 05 00 cmp ax, 5 ; Compare Two Operands cseg01:0005FDFE 73 0F jnb short loc_5FE0F ; Jump if Not Below (CF=0) cseg01:0005FE00 69 F6 BE 02 00+ imul esi, 2BEh ; Signed Multiply cseg01:0005FE06 66 C7 86 EA 96+ mov word_D96EA[esi], 1 cseg01:0005FE0F cseg01:0005FE0F loc_5FE0F: ; CODE XREF: add_aliens_build+12j This is the code that actually adds the aliens to a building, here I want to patch in an instruction that marks the building on the map cseg01:0005FE0F ; add_aliens_build+22j cseg01:0005FE0F 0F BF D2 movsx edx, dx ; Move with Sign-Extend cseg01:0005FE12 8D 04 D5 00 00+ lea eax, ds:0[edx*8] ; Load Effective Address cseg01:0005FE19 29 D0 sub eax, edx ; Integer Subtraction cseg01:0005FE1B C1 E0 04 shl eax, 4 ; Shift Logical Left cseg01:0005FE1E 01 C2 add edx, eax ; Add cseg01:0005FE20 A1 6C 27 18 00 mov eax, save_build cseg01:0005FE25 01 D2 add edx, edx ; Add cseg01:0005FE27 01 D0 add eax, edx ; Add cseg01:0005FE29 0F BF D1 movsx edx, cx ; Move with Sign-Extend cseg01:0005FE2C 01 D0 add eax, edx ; Add cseg01:0005FE2E 31 D2 xor edx, edx ; Logical Exclusive OR cseg01:0005FE30 0F BF F3 movsx esi, bx ; Move with Sign-Extend cseg01:0005FE33 8A 90 D4 00 00+ mov dl, [eax+0D4h] cseg01:0005FE39 01 F2 add edx, esi ; Add cseg01:0005FE3B 83 FA 64 cmp edx, 64h ; Compare Two Operands cseg01:0005FE3E 7D 09 jge short loc_5FE49 ; Jump if Greater or Equal (SF=OF) cseg01:0005FE40 00 98 D4 00 00+ add [eax+0D4h], bl ; Add cseg01:0005FE46 5E pop esi cseg01:0005FE47 59 pop ecx cseg01:0005FE48 C3 retn ; Return Near from Procedure cseg01:0005FE49 ; ---------------------------------------------------------------------------

Hello everyone, I've been doing some xcom apocalypse modding again after a long break. One thing I've been trying to do is to reduce the number of cleanup missions by preventing the aliens from spreading too often. What I'd like to do is to only allow aliens to spread to a nearby building if their number is greater than 36 (which, IIRC, is the maximum number of aliens on a tactical map). I've found the relevant code using IDA but unfortunately I don't really understand asm all that well and I've been unable to figure out the formula it's using. If anyone could help me out that'd be great! loc_6F82C: ; Logical Exclusive OR xor edx, edx mov eax, dword_E0D0C[ebx] mov dl, [ecx+0D4h] ; aliens in buildings add eax, edi ; Add imul edx, eax ; Signed Multiply mov [esp+54h+var_1C], 64h mov eax, edx sar edx, 1Fh ; Shift Arithmetic Right idiv [esp+54h+var_1C] ; Signed Divide add ebx, 4 ; Add inc ecx ; Increment by 1 add esi, eax ; Add mov [esp+ebx+54h+var_58], eax cmp ebx, 38h ; loop through each alien type jnz short loc_6F82C ; Jump if Not Zero (ZF=0) So this piece if code loops through all the alien types in a given building.it starts by setting edx to 0, then it puts some kind of modifier value for the current alien type in eax. The actual # of aliens of the current type is then put in dl (edi). And then all kinds of mysterious math takes place . The modifier value in eax lies around 30 for most alien types, some aliens don't count for anything (value set to 0) - for example chrysali. Once ebx reaches 38 (increases by 4 each step) the loop ends and the code jumps here: cmp esi, 3 ; total number of aliens in building?? jl abortspread? ; Jump if Less (SF!=OF) so if esi is smaller then 3 the aliens stay put, otherwise they (may?) spread. edit: ok nevermind, I managed to figure it out myself

Since you want to make more extensive changes to the morale system in apocalypse I'd start searching in TACP.EXE. Anything you find in there that has something to do with the morale points will be useful to you . No idea where it would be located though, sorry. edit: Ive done some searching for the value 72 in tacp.exe and I found three possible locations right away. Just do an 'immediate value' search for 0x72 (check find all occurrences) and look for results like mov byte ptr [ebx + 72h], 64h. I can confirm that in the first three results like that the register (ebx/esi/...) points to the units data. Possibly there are three functions to load units, one for aliens, one for xcom troops and one for guards/civilians. Mayeb there are even more, there were a lot of results and I didn't check them all

You should download the pmw133.zip file from that site, extract it's contents and then use PMWBIND.EXE on the apocalypse exe's. Easiest way would be to unzip pmw133.zip to it's own folder and copy UFO2P.EXE (cityscape) and TACP.EXE (battlescape) to this folder. Then you open a cmd window, navigate to this directory and type "PMWBIND.EXE /U TACP.EXE". This should create a file called TACP.LE I think, which you can then open using IDA. I'll take a look at the apatcher source code to see if I made a mistake, thanks for the report The intended behavior is that Y enables it, N disables it, and A (abort) leaves it as it was.

Ah I forgot, IDA has trouble disassembling the apocalypse exe's, I had seb76 guide me through that it uses a 32bit extender which part needs te be cut from the exe before IDA can open it properly. You can do this with http://www.sid6581.net/pmodew/. Give me some time and I'll just upload the databases I have. Because of this you can never just use the offsets from IDA though, you'll have to search for a sequence of bytes to get to the right location in the exe with a hex editor. edit: yes, if you're lucky you'll be able to find what you need that way!

Hey jos, that's some dedication you have Using a hex editor to edit stuff like that (game code) is not a good idea in this case. Hex editing is more suited to finding data, like unit stats etc... that are stored in 'lists', then you can look at the surrounding numbers and eliminate most possibilities. Since you're trying to find code, not data the surrounding numbers could be almost anything. In this case you should use IDA like kyrub suggested. I'd first use apoc'd to identify the current morale var (edit savegames->units (battlescape) ). It's already in there (Current Morale) but I'm not sure if I ever actually tested it. Then you can calculate the 'offset' of that var compared to the start of the units data. So in case of the Current Morale var I have in apoc'd that would be 135540 (current morale) - 135426 (units data start) = 114. In hex that makes 72. Then you can search the IDA database for this number (usually the game accesses the data by loading the base address to a register (eax, ebx, ecx etc) and then adding the offset to that register, so you get something like mov [eax + 72h], 64h, where eax is the start of the units data, which means store the value 100 to that memory address. Sorry if it's not totally clear What kyrub describes is also a good way. There is one problem though, it could be that the game already loads all unit stats while still in the cityscape (UFO2P.EXE) so you may have to search that exe as well!

Hey jos, I'm still around, though it's been quite some time since I last worked on apoc'd or disassembling apocalypse! Regarding a) I suppose editing the damage modifiers for incendiary should work, assuming fire uses that damage type at least, don't think that's ever been tested. b) sounds like something that won't work without editing the code, kind of like my attempts to edit the brainsucker launcher to fire grenades instead. c) again could work, if the fire uses incendiary damage type Sorry I can't give any real help here, it's been a while

You can use apatcher (in the files section) to enable the Dimension Destabilizer to do actual damage and allow the forceweb to appear in battle. It also has an option to enable the 'apocalypse designer mode' which allows you to edit cityscape maps.

Make sure the Valkyrie has a cargo module installed?

http://www.escapecrate.co.uk/wp-content/uploads/2006/12/cannonfodder.jpg Remember Stoo!

Hey how did I end up in this mess? I was just having a drink with these nice fellas and next morning I wake up in an X-COM uniform at some secret location! (I bet that's how X-COM gets recruits - how else do you explain troops throwing prox grenades at their feet?)

It says meduna airport under the map

There's a thread about it here: http://www.xcomufo.com/forums/index.php?sh...1&hl=bullet, showing some images of the bullets, but it's at xcomufo and you have to register.

Those are not kept in images but created on-the-fly to save the trouble of creating an image frame for each of the possible angles the bullet could travel in.