Server Help

[Mr Ekted]

Windows uses the FS segment register for exception handling. When most excpetions occur, it triggers a special set of events and lands in the kernel. Windows then will invoke the application's exception handler stored at FS:[0]. The above instruction is commonly created when using the C++ keyword "try".

http://www.jorgon.freeserve.co.uk/ExceptFrame.htm
_________________
4,691 irradiated haggis!

[Smong]

Code: Show/Hide    /* 0041C256 to 0041C25A */    if (newseed <= 0)        newseed = newseed + 0x7fffffff;

So the range is 0xffffffff to 0x7fffffff?

Suppose newseed = 0x8000,0000, then it will change to 0xffff,ffff which is -1, still negative, correct?

[Bak]

[Cyan~Fire]

Eighth:

Code: Show/Hide    mov         edi,[000467E20]    mov         eax,[edi][00004]    mov         edx,[edi][0000C]    mov         ecx,[eax][00018]

Smong got this ASM with a different disassembler, it's at the very beginning of the func. (Ekted, you only gave us the strictly doors bit, I think?) The 00004 and whatever is addition, but Smong and I can't figure out whether it's offsetting a pointer or just doing math. The value of 0x00467E20 *cough cough* just might be *cough cough* 50 2D CC 00 at, ummm, some point when connected to some zone. Now that doesn't look like a pointer to me, so I think it's math, but Smong and I weren't so sure you could do math like that.

Also, is edi a 16-bit register? I wouldn't think so, but if it is math, 0x2D50 is a much prettier number than 0x00CC2D50.
_________________
This help is informational only. No representation is made or warranty given as to its content. User assumes all risk of use. Cyan~Fire assumes no responsibility for any loss or delay resulting from such use.
Wise men STILL seek Him.

[Mr Ekted]

MOV EAX, [EDI+4]

is like doing this in C:

int *edi;
int eax;

eax = edi[1];

All "E" registers are 32-bit.

[Cyan~Fire]

OK, I thought all e registers were 32-bit, thanks.

But this still doesn't make much sense. 1 more line of code:

Code: Show/Hide    mov         edi,[000467E20]    mov         eax,[edi][00004]    mov         edx,[edi][0000C]    mov         ecx,[eax][00018]    xor         ecx,edx

edi is an array of some sort, we know that. But now is it a ptr array or an integer array? eax is set to edi[1], and then indexed again? But then edx (edi[3]) is used as the source of xor? I'm quite confused.

Also, most of the pointers are 0x0046XXXX, but this one is 0x00CCXXXX. Is there something special here which I don't know?

[Mr Ekted]

My post was just an example. EDI could point to a structure.

[Cyan~Fire]

OK, I was kinda thinking that myself.

However, is there some kind of limit to the size of a structure before it starts referencing members directly instead of through the first-member pointer? I ask this because all the arena settings have been referenced directly so far.

Unless VIE didn't put the settings in a structure.

[Cyan~Fire]

No reply?

Code: Show/Hide    /*    mov         eax,[edi][00004]    mov         edx,[edi][0000C]    mov         ecx,[eax][00018]    mov         eax,010624DD3    xor         ecx,edx    movsx       edx,w,[00047DD34]    imul        ecx,edx    imul        ecx    sar         edx,006    mov         eax,edx    shr         eax,01F    add         edx,eax    */    ecx = global5.offset1[6] ^ global5.offset3;   //num players?!    edx = settings.PrizeFactor / 1000 * ecx;    edx += (edx >> 31);

It would seem like global5.offset1[6] ^ global5.offset3 is the number of players, since it's used as a multiplier for PrizeFactor. But WTF? Is there something I'm missing here?? Of course, the offset1[6] could be another struct, but the xor is still rather odd. And anybody have a clue why it's adding one if it's negative? I don't see how it even could be negative.

Code: Show/Hide    /*    mov         eax,000000400    sub         eax,ecx    cdq    sub         eax,edx    */    eax = 1024 - ecx;    eax -= (eax < 0) ? -1 : 0;

That also seems kinda weird. Is that some familiar operation in C++ which I'm not translating properly?

[Mr Ekted]

Anything in the data space (public/static data) is at a fixed location and will be referenced by fixed address, even elements of structures, unless it is passed around by address. Anything on the stack (local data) or the heap (allocated data) will be reference by pointer, since it's addres is unknown at compile- and/or load-time.

[Cyan~Fire]

Heh. You know, I never saw that reply, Ekted. Thanks anyway.

Anyway, I have a question from MERV. Does anyone see a difference between this

Code: Show/Hide    // calculate timestamp (straight from subspace)    Uint32 loword = getShort(msg, 2);    Uint32 timestamp = h->getHostTime() & 0x7FFFFFFF;    if ((timestamp & 0x0000FFFF) >= loword)    {       timestamp &= 0xFFFF0000;    }    else    {       timestamp &= 0xFFFF0000;       timestamp -= 0x00010000;    }    timestamp |= loword;   // fill in the low word

and this

Code: Show/Hide    Uint32 timestamp = (Uint32)h->getHostTime();    if (LOWORD(timestamp) < pkt->timestamp)       timestamp -= 0x00010000;    timestamp = HIWORD(timestamp) | (Uint32)pkt->timestamp;

other than the obvious getShort() vs. pkt->?

(I like the message, MGB.)

[Mr Ekted]

Oh oh. This is an old can of worms.

[1stStrike]

Oh god, make it stop. Programming is the devil.

[Agurus]

lol
_________________
X-SSCI Halo CTF Administrator

"I used to do drugs. I still do, but I used to, too."

[xor eax]

Hey 1stStrike! Nice to see you ;)

I want to clarify some things.

First of all, Cyan, the asm code you’re talking about it’s not Catid’s code. It is the code I gave to him after extracting it from subspace v1.34, subgame and subbill.

Catid wanted to write bots (he was 15 years old) but he knew little programming. He was learning VB while trying to figure out how to get SS critical routines such as encryption. I did put all the critical code in a dll for him. It took me 2 months of very intensive working. While I was hacking subspace he was working on SS protocol.
My dll was working with VB strings, it dissapointed him when he wanted to translate the whole project to C. I told him I could have write a C version of the dll but he decided to translate the asm code to C. He was learning C very fast and a few time after that he ditched me. He wanted it to be HIS code so he had to translate it to some other lang. I would have embbed asm into C but oh well… that’s another story. I have read in Merv’s page that Cyan fixed a tiny encryption problem. I think it couldn’t have happened using the original asm code that I supplied.

My alias wasn’t xor eax, I used to be Coconut emulator at that time.

As for the “mov eax,0” versus “xor eax, eax” I have to say that both operations takes same time on pentium but they didn’t on lower x86 machines, that’s why old school programmers will always use xor.

Most of the rest of the things that you mention would have never been an issue embbebeding “my” original asm into C.

[Gravitron]

Catid gone weird.
He started hanging with two nutjobs, it changed him.
Or maybe he was changed when he met them.

Eitherway, he's not the same catid I remembered and he's hanging in "bad" company.

[Smong]

There is a long thread and even a document by catid on the position packet timestamp at SFN. Which bits of it are you unsure of?
http://www.ssforum.net/c/index.php?showtopic=2848&hl=

[Gravitron]

Quite the interesting reading.

Notice catid's use of smilies in the beginning of some of his posts and Ekted's trashtalk stab with the chewbaka defence, he's obviously been worn out and fortified in his position and not willing to defend/explain it any further.

Now there comes Excel with what seems to be the hammer drop down...*resumes reading*
Well, was a good laugh, but if this guy works for Microsoft as his title represents, it is no wonder why windows code fails so miserably.
Dear Excel, next time, please post something useful such as a professional coder's POV on the issue (yes, I know Excel doesn't read this and this whole thread is a year old, but I can't help being a sinical sarcastic SOB).

Well, Ekted said one thing which I agree is right, coding style isn't worth arguing over (unless it's a specific style which hampers efficiency/eating resources unncessarily).

Note to self : learn assembly already.
Seriously, even Juan knows x86 assembly, and he's a god damned fucking awesome artist!

[Mr Ekted]

[xor eax]

[Cyan~Fire]

[Mr Ekted]

Don't try to make the code have a normal and a special case. Assume any sync delta is valid, and compute the result. Then you can decide what to DO with that result after. Also, don't just let the extreme cases fall through the cracks "cuz they don't matter".

[Cyan~Fire]

Heh. I guess I was opening up a can of worms here, a simple question has evolved into huge amounts of writing.

I don't really care about the cases right now, all I'm trying to do is modify the mervbot code to use this isntead of its rather stupid current getShort() get Long() getCrap() functions. Maybe I'll worry about fixing possible bugs later.

Anyway, I'm just going to assume that that code will work alright, I guess any error will show up soon enough when I test this.

Edit: Ahhhhh, overpunctuation!

[Mr Ekted]

I'm pretty sure all the getShort() get Long() getCrap() stuff was just a carry-over from the original VB code. That's definitely not the way to do it in C.

[Cyan~Fire]

Indeed, but catid's too lazy (aka busy) to fix it these days. I'm also going to try to split off part of class Host (for anyone who knows anything about MERV) into a somewhat self-contained SS protocol wrapper thing that'll theoretically black-box the core protocol.

And yes, I just did use the evil word "wrapper".

And after that, receives go in a separate thread. And maybe a bit of a plugin system modification, but I don't want to touch that backwards-compatability mess just yet.

And why I am doing this? Who knows.