[Deji]

Restoring Rockstars Original Keypress Opcodes

Since it's taking me a while to figure out how to build the ASM for 0662, I'll post my current progress on project: R.A.O.R.O.S.O.A.F.S.W.C.U.M.S.

SANNY

{$CLEO}
// Project: Restore all of Rockstars original SCM opcodes and functions so we can uncover many secrets
0A9F: 0@ = current_thread_pointer
000A: 0@ += 0x10
0A8D: 0@ = read_memory 0@ size 4 virtual_protect 0

// 0735: is_keyboard_key_pressed 49
0A8F: 1@ = 0@ - @_isKeyPressed
000E: 1@ -= 0x571985
0A8C: write_memory 0x571980 size 1 value 0xE9 virtual_protect 1
0A8C: write_memory 0x571981 size 4 value 1@ virtual_protect 1

// 0736: is_keyboard_key_just_pressed 32
0A8F: 1@ = 0@ - @_isKeyJustPressed
000E: 1@ -= 0x571975
0A8C: write_memory 0x571970 size 1 value 0xE9 virtual_protect 1
0A8C: write_memory 0x571971 size 4 value 1@ virtual_protect 1
0A93: end_custom_thread

:_isKeyPressed
hex
FF742404        // push [esp+04]
B8B0DD5200      // mov eax, 0052DDB0
FFD0            // call eax
C20C00          // ret 000C
end

:_isKeyJustPressed
hex
FF742404        // push [esp+04]
B850E45200      // mov eax, 0052E450
FFD0            // call eax
C20C00          // ret 000C
end

Works on CLEO 3 and 4. This allows you to use 2 new opcodes (actually, they are old ones!):

CODE

0735:   is_keyboard_key_pressed 49

Returns true if the specified keyboard key (in this case, "1") is being pressed. Used in missions in the main.scm for activating code that functions once instantly or changing values etc.

CODE

0736:   is_keyboard_key_just_pressed 32

Returns true if the specified keyboard key (in this case, Spacebar) has been pressed, but just let go. Used in the loops of missions in the main.scm for activating code may need to be run once at a time.


Developers of mods can find the most use of these by compiling the code as a CLEO Script and keeping it for personal use. Now we can set up debug scripts in our mods and release them without having to worry about them interrupting the users gameplay!

0736 is even more special, since we never had this ability with 0AB0.


However, neither of these opcodes use standard Virtual Keycodes like 0AB0 does. The only standard Virtual Keycodes that seem to work are 0x30-0x39 0x41-0x5A (0-9 A-Z) - although I have yet to test many of them. There are 255 spaces along with the Virtual Keycodes that do work (enough for all standard Virtual Keycodes) so there are probably more Virtual Keycodes that work.

Here is a list of keypresses I've found for these so far:

CODE

0x1   - F1
0x2   - F2
0x3   - F3
0x4   - F4
0x5   - F5
0x6   - F6
0x7   - F7
0x8   - F8
0x9   - F9
0xA   - F10
0xB   - F11
0xC   - F12

0x30-0x39 - 0-9
0x41-0x5A - A-Z

0x3E8 - ESC
0x3E9 - F1
0x3EA - F2
0x3EB - F3
0x3EC - F4
0x3ED - F5
0x3EE - F6
0x3EF - F7
0x3F0 - F8
0x3F1 - F9
0x3F2 - F10
0x3F3 - F11
0x3F4 - F12
0x3F5 - INSERT
0x3F6 - DEL
0x3F7 - HOME
0x3F8 - END
0x3F9 - PGUP
0x3FA - PGDN
0x3FB - UP
0x3FC - DOWN
0x3FD - LEFT
0x3FE - RIGHT
0x3FF - DIV
0x400 - MUL
0x401 - ADD
0x402 - SUB
0x403 - EXTDEL
0x404 - EXT_END
0x405 - EXTDOWN
0x406 - EXTPGDN
0x407 - EXTLEFT
0x408 - NUM5
0x409 - NUMLOCK
0x40A - EXTRIGHT
0x40B - EXTHOME
0x40C - EXTUP
0x40D - EXTPGUP
0x40E - EXTINSERT
0x40F - ENTER
0x410 - SCROLL
0x411 - PAUSE
0x412 - BACK
0x413 - TAB
0x414 - CAPSLOCK
0x415 - EXTENTER
0x416 - LSHIFT
0x417 - RSHIFT
0x418 - SHIFT
0x419 - LCTRL
0x41A - RCTRL
0x41B - LMENU
0x41C - RMENU
0x41D - LWIN
0x41E - RWIN
0x41F - APPS
0x420 - NULL

Running the script also unlocks many debug functions within the main.scm - I started documenting them here: http://deji.pastebin.com/WWQvqxFY

For example, pressing "1" on the bee game will increase your life count for as long as you keep the key held down (0735: 0x31). "S" can be used in quite a lot of missions to skip the mission.


There are a few rare seemingly invalid key ID's used with these opcodes. I suspect that these are keys that worked on a previous platform (most probably from Xbox) which weren't changed when converted for PC. For example, one of these "invalid" keys writes race coordinates to a debug file... which would probably never have needed to be done again for the PC version.


CKeyState Struct: http://deji.pastebin.com/sr1h2byD

Keys for my game: http://deji.pastebin.com/cd2kD04q

For example:

CODE

GO_FORWARD                              FB 03 00 00 01 00 00 00 20 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00

FB 03 = 0x3FB, which is the UP key and the key I'm using to move forward in SA. The following "01" is a flag making the key "important".

[Adler]

Wuh Deji's on a new project? What could R.A.O.R.O.S.O.A.F.S.W.C.U.M.S. possibly stand for?

[Deji]

Project: Restore all of Rockstars original SCM opcodes and functions so we can uncover many secrets

[Sweet]

By launching the code you wrote is getting debugger mode on?

[Deji]

There is no "debugger" in SA anymore (dunno if there ever fully was, just lots of debugging scripts) but there are traces (functions and mission code) of stuff which can help to determine how to re-implement certain debug functions. These opcodes allow some debug code to activate in the main.scm, but not full-on debugging.

If I manage to patch 0662, it should allow you to print out messages, which will be saved to a debug file. Not fully sure that's exactly what the original would do, but the ability to see what 0662 outputs can't do anything but help.

Compile it to a CLEO script and it will make those opcodes work, which enables you get past the checks in the main.scm like here:

SANNY

:GRAV_3627 // (bee game)
if
0038:   $6208 == 0
else_jump @GRAV_5140
if
0735:   NOP_false 49 // with the patch I wrote, press the "1" key to make this check return true
else_jump @GRAV_3667
000A: 51@ += 1 // add 1 to the life count

:GRAV_3667
0494: get_joystick 0 direction_offset_to 34@ 35@ 36@ 37@

There are quite a lot of other missions with keys. Most common is "S" which can be used to skip the mission.


You can use these opcodes (0735 and 0736) similarly yourself in your own scripts. To anyone without the patch, the opcode would always return false.



I've made a lot of speculations about the origin of most nop'd opcodes...

SANNY

03A9: NOP // write a newline to the debug file
03A9: NOP  // write a newline to the debug file
05B6: 85 // CHECKPOINTS_X[0] = // write a string to the debug file (note that the data written as it is would've been copy'n'pasteable straight to their main.scm source
03A8: NOP $tempvar_Float_1 // write a float to the debug file
03A9: NOP // write a newline to the debug file
05B6: 86 // CHECKPOINTS_Y[0] = // write a string to the debug file
03A8: NOP $tempvar_Float_2 // write a float to the debug file
03A9: NOP // write a newline
05B6: 87 // CHECKPOINTS_Z[0] = // write a string
03A8: NOP $tempvar_Float_3  // write a float
00BC: show_text_highpriority GXT 'LABEL' time 1000 flag 1  // print the written data (all the above are added to this GXT entry)

SANNY

03A9: NOP  // write newline
05B6: 83 // RACERS_CAR_MODEL[  // write string
03A7: NOP 252@ // write integer
05B6: 84 // ] =  // write string
03A7: NOP 230@ // write integer
000A: 252@ += 1

That particular thread has a few secret keys.. including ones to progress the player car further along in the race, allowing Rockstar to test an entire race in seconds

[Adler]

Project: Restore all of Rockstars original SCM opcodes and functions so we can uncover many secrets

Woooops didn't see that lol. I'm not quite sure what this project is about...

[Sweet]

I have regular random crashes during game. Why?

[Deji]

Is there an error report?

[Sweet]

It's always different
aaand... it could be problem of my game :3