Starting Work on SoF Opcodes/Structs - Page 2

**trevius** · #16 12-16-2008, 12:21 AM

I spent most of the day working on this, but this should be the item field list order that is currently used on live according to 13th floor collects:

Code:

/* 000 */	//I(ItemClass) Leave this one off on purpose
/* 001 */	S(Name)
/* 002 */	S(Lore)
/* 003 */	S("")//lorefile - Newly Added - Field is Null
/* 003 */	S(IDFile)
/* 004 */	I(ID)
/* 005 */	I(Weight)
/* 006 */	I(NoRent)
/* 007 */	I(NoDrop)
/* 008 */	I(Size)
/* 009 */	I(Slots)
/* 010 */	I(Price)
/* 011 */	I(Icon)
/* 012 */	I(0)
/* 013 */	I(0)
/* 014 */	I(BenefitFlag)
/* 015 */	I(Tradeskills)
/* 016 */	I(CR)
/* 017 */	I(DR)
/* 018 */	I(PR)
/* 019 */	I(MR)
/* 020 */	I(FR)
/* 020 */	I(0)//svcorruption - Newly Added
/* 021 */	I(AStr)
/* 022 */	I(ASta)
/* 023 */	I(AAgi)
/* 024 */	I(ADex)
/* 025 */	I(ACha)
/* 026 */	I(AInt)
/* 027 */	I(AWis)
/* 028 */	I(HP)
/* 029 */	I(Mana)
/* 111 */	I(Endur) //endur - Relocated
/* 030 */	I(AC)
/* 052 */	I(Classes)//classes - Relocated
/* 053 */	I(Races)//races - Relocated
/* 031 */	I(Deity)
/* 032 */	I(SkillModValue)
/* 033 */	I(0)//UNK038 - Default is 0
/* 034 */	I(SkillModType)
/* 035 */	I(BaneDmgRace)
/* 037 */	I(BaneDmgBody)//banedmgbody - Relocated
/* 103 */	I(BaneDmgRaceAmt)//banedmgraceamt - Relocated
/* 036 */	I(BaneDmgAmt)//banedmgamt - Relocated
/* 038 */	I(Magic)
/* 039 */	I(CastTime_)
/* 040 */	I(ReqLevel)
/* 045 */	I(RecLevel)//reclevel - Relocated
/* 046 */	I(RecSkill)//recskill - Relocated
/* 041 */	I(BardType)
/* 042 */	I(BardValue)
/* 043 */	I(Light)
/* 044 */	I(Delay)
/* 047 */	I(ElemDmgType)
/* 048 */	I(ElemDmgAmt)
/* 049 */	I(Range)
/* 050 */	I(Damage)
/* 051 */	I(Color)
/* 056 */	I(ItemType)
/* 057 */	I(Material)
/* 054 */	I(0)//UNK060 - Default is 0
/* 054 */	I(0)//UNK061 - Default is 0
/* 058 */	F(SellRate)
/* 063 */	I(CombatEffects)
/* 064 */	I(Shielding)
/* 065 */	I(StunResist)
/* 066 */	I(StrikeThrough)
/* 067 */	I(ExtraDmgSkill)
/* 068 */	I(ExtraDmgAmt)
/* 069 */	I(SpellShield)
/* 070 */	I(Avoidance)
/* 071 */	I(Accuracy)
/* 072 */	I(CharmFileID)
/* 073 */	I(FactionMod1)//Swapped these so Faction Amt comes after each Faction Mod
/* 077 */	I(FactionAmt1)//Swapped these so Faction Amt comes after each Faction Mod
/* 074 */	I(FactionMod2)//Swapped these so Faction Amt comes after each Faction Mod
/* 078 */	I(FactionAmt2)//Swapped these so Faction Amt comes after each Faction Mod
/* 075 */	I(FactionMod3)//Swapped these so Faction Amt comes after each Faction Mod
/* 079 */	I(FactionAmt3)//Swapped these so Faction Amt comes after each Faction Mod
/* 076 */	I(FactionMod4)//Swapped these so Faction Amt comes after each Faction Mod
/* 080 */	I(FactionAmt4)//Swapped these so Faction Amt comes after each Faction Mod
/* 081 */	S(CharmFile)
/* 082 */	I(AugType)
/* 104 */	I(AugRestrict)//augrestrict - Relocated
/* 122 */	I(AugDistiller)//augdistiller - Relocated
/* 083 */	I(AugSlotType[0])
/* 084 */	I(AugSlotUnk[0])//augslot1visible - Default 1
/* 084 */	I(0)//augslot1unk2 - Newly Added  - Default 0
/* 085 */	I(AugSlotType[1])
/* 086 */	I(AugSlotUnk[1])
/* 084 */	I(0)//augslot2unk2 - Newly Added
/* 087 */	I(AugSlotType[2])
/* 088 */	I(AugSlotUnk[2])
/* 084 */	I(0)//augslot3unk2 - Newly Added
/* 089 */	I(AugSlotType[3])
/* 090 */	I(AugSlotUnk[3])
/* 084 */	I(0)//augslot4unk2 - Newly Added
/* 091 */	I(AugSlotType[4])
/* 092 */	I(AugSlotUnk[4])
/* 084 */	I(0)//augslot5unk2 - Newly Added
/* 128 */	I(PointType)//pointtype - Relocated
/* 093 */	I(LDoNTheme)
/* 094 */	I(LDoNPrice)
/* 084 */	I(70)//UNK098 - Newly Added - Default 70, but some are set to 0
/* 095 */	I(LDoNSold)
/* 096 */	I(BagType)
/* 097 */	I(BagSlots)
/* 098 */	I(BagSize)
/* 099 */	I(BagWR)
/* 100 */	I(Book)
/* 101 */	I(BookType)
/* 102 */	S(Filename)
/* 105 */	I(LoreGroup)
/* 107 */	I(ArtifactFlag)
/* 106 */	I(PendingLoreFlag)//UNK109 - Default 0, but a few are 1
/* 109 */	I(Favor)
/* 121 */	I(GuildFavor)//guildfavor - Relocated
/* 110 */	I(FVNoDrop)
/* 112 */	I(DotShielding)
/* 113 */	I(Attack)
/* 114 */	I(Regen)
/* 115 */	I(ManaRegen)
/* 116 */	I(EnduranceRegen)
/* 117 */	I(Haste)
/* 118 */	I(DamageShield)
/* 123 */	I(-1) //UNK120 - Default is -1
/* 124 */	I(0) //UNK121 - Default is 0
/* 125 */	I(Attuneable)
/* 126 */	I(NoPet)
/* 127 */	I(0) //UNK124 - Default 0, but a few are 1
/* 129 */	I(PotionBelt)
/* 130 */	I(0) //potionbeltslots - Default 0, but a few are 1
/* 131 */	I(StackSize)
/* 132 */	I(NoTransfer)
/* 133 */	I(Stackable)//UNK129 - Default is 0, but some are much higher
/* 133 */	I(0)//questitemflag - Default is 0 (off), flag on = 1
/* 133 */	I(0)//UNK131 - Default is 0, but there is an item set to 1
/* 133 */	I(0)//UNK132 - Default is 0
/* 134 */	I(Click.Effect)
/* 135 */	I(Click.Type)
/* 136 */	I(Click.Level2)
/* 137 */	I(Click.Level)
/* 055 */	I(MaxCharges)//maxcharges - Relocated
/* 060 */	I(CastTime_)//casttime - Relocated - Note Duplicate Entries for CastTime_ and none for CastTime
/* 119 */	I(RecastDelay)//recastdelay - Relocated
/* 120 */	I(RecastType)//recasttype - Relocated
/* 133 */	I(0)//clickunk5 - Newly Added - Default is 0
/* 138 */	S("")//clickname - Newly Added - Default is Null
/* 133 */	I(-1)//clickunk7 - Newly Added - Default is -1, but some set to 0 and some much higher
/* 139 */	I(Proc.Effect)
/* 140 */	I(Proc.Type)
/* 141 */	I(Proc.Level2)
/* 142 */	I(Proc.Level)
/* 133 */	I(0)//procunk1 - Newly Added - Default is 0, but some set to -1 and 1
/* 133 */	I(0)//procunk2 - Newly Added - Default is 0
/* 133 */	I(0)//procunk3 - Newly Added - Default is 0
/* 133 */	I(0)//procunk4 - Newly Added - Default is 0
/* 062 */	I(ProcRate)procrate - Relocated
/* 138 */	S("")//procname - Newly Added - Default is Null
/* 133 */	I(-1)//procunk7 - Newly Added - Default is -1, but some set to 0
/* 144 */	I(Worn.Effect)
/* 145 */	I(Worn.Type)
/* 146 */	I(Worn.Level2)
/* 147 */	I(Worn.Level)
/* 133 */	I(0)//wornunk1 - Newly Added - Default is 0
/* 133 */	I(0)//wornunk2 - Newly Added - Default is 0
/* 133 */	I(0)//wornunk3 - Newly Added - Default is 0
/* 133 */	I(0)//wornunk4 - Newly Added - Default is 0
/* 133 */	I(0)//wornunk5 - Newly Added - Default is 0
/* 138 */	S("")//wornname - Newly Added - Default is Null
/* 133 */	I(-1)//wornunk7 - Newly Added - Default is -1, but some set to 0
/* 149 */	I(Focus.Effect)
/* 150 */	I(Focus.Type)
/* 151 */	I(Focus.Level2)
/* 152 */	I(Focus.Level)
/* 133 */	I(0)//focusunk1 - Newly Added - Default is 0
/* 133 */	I(0)//focusunk2 - Newly Added - Default is 0
/* 133 */	I(0)//focusunk3 - Newly Added - Default is 0
/* 133 */	I(0)//focusunk4 - Newly Added - Default is 0
/* 133 */	I(0)//focusunk5 - Newly Added - Default is 0
/* 138 */	S("")//focusname - Newly Added - Default is Null
/* 133 */	I(-1)//focusunk7 - Newly Added - Default is -1, but some set to 0
/* 154 */	I(Scroll.Effect)
/* 155 */	I(Scroll.Type)
/* 156 */	I(Scroll.Level2)
/* 157 */	I(Scroll.Level)scrollunk1
/* 133 */	I(0)//scrollunk2 - Newly Added - Default is 0
/* 133 */	I(0)//scrollunk3 - Newly Added - Default is 0
/* 133 */	I(0)//scrollunk4 - Newly Added - Default is 0
/* 133 */	I(0)//scrollunk5 - Newly Added - Default is 0
/* 138 */	S("")//scrollname - Newly Added - Default is Null
/* 133 */	I(-1)//scrollunk7 - Newly Added - Default is -1, but some set to 0
/* 158 */	I(0)//UNK193 - Default is 0
/* 133 */	I(0)//purity - Newly Added - Default is 0, but some go up to 75
/* 133 */	I(0)//dsmitigation - Newly Added - Default is 0, but some are up to 2
/* 133 */	I(0)//heroic_str - Newly Added - Default is 0
/* 133 */	I(0)//heroic_int - Newly Added - Default is 0
/* 133 */	I(0)//heroic_wis - Newly Added - Default is 0
/* 133 */	I(0)//heroic_agi - Newly Added - Default is 0
/* 133 */	I(0)//heroic_dex - Newly Added - Default is 0
/* 133 */	I(0)//heroic_sta - Newly Added - Default is 0
/* 133 */	I(0)//heroic_cha - Newly Added - Default is 0
/* 133 */	I(0)//healamt - Newly Added - Default is 0, but some are up to 9
/* 133 */	I(0)//spelldmg - Newly Added - Default is 0, but some are up to 9
/* 133 */	I(0)//clairvoyance - Newly Added - Default is 0, but some are up to 10
/* 133 */	I(0)//backstabdmg - Newly Added - Default is 0, but some are up to 65
/* 133 */	I(0)//evolvinglevel - Newly Added - Default is 0, but some are up to 7

//This doesn't appear to be used /* 102 */	S(verified)//verified
//This doesn't appear to be used /* 102 */	S(serialized)//created
//Unsure where this goes right now (or if it is even used) /* 108 */	I(SummonedFlag)

#undef I
#undef C
#undef S
#undef F

I will try this as soon as I get home tonight. I am guessing that the following fields were added after SoF, so I will comment them out for now and try adding them 1 at a time until it works (hopefully):

Code:

/* 133 */	I(0)//healamt - Newly Added - Default is 0, but some are up to 9
/* 133 */	I(0)//spelldmg - Newly Added - Default is 0, but some are up to 9
/* 133 */	I(0)//clairvoyance - Newly Added - Default is 0, but some are up to 10
/* 133 */	I(0)//backstabdmg - Newly Added - Default is 0, but some are up to 65
/* 133 */	I(0)//evolvinglevel - Newly Added - Default is 0, but some are up to 7

Note that the item field numbers are not correct, but once I have the list working, I will renumber it all manually.

Also, the only thing I am not quite sure about here is the use of quotes on ints and nulls. Does anyone know if I(0) is the same as I("0"), and if S("") is the same as NULL, or if there is a better way to put NULL there? Maybe something like S(NULL)?

MNWatchdog · #17 12-16-2008, 01:17 AM

Have you checked Macroquest sources from around that time? I would assume most of the structs are in there.

**trevius** · #18 12-16-2008, 03:25 AM

I already looked into it a little, but Macroquest reads directly from memory and doesn't do any kind of packet sniffing as far as I can tell. So, it uses offsets and such, which might possibly be useful for figuring out something, but I don't really know what to do with them personally.

MNWatchdog · #19 12-16-2008, 04:48 AM

Just thinking that by comparing MQ Titanium/Emus structs to MQs SoF structs would make it far easier to figure out what new fields need to be added to Emus structs that need to be send to the SoF client.

Im thinking that say a items struct is sent to the client in the same formate its readable from memory. I dont know if this is true, but if it is, looking at MQs SoFs structs should help a lot.

Rocker8956 · #20 12-16-2008, 03:49 PM

Wow, way above my skill level so all I can do is cheer you on.

Just one thought though, perhaps the correct fields could be found by looking at stats on items that were released with SoF.

I think clairvoyance and healamt were on those items but they could have been added later.

**trevius** · #21 12-16-2008, 05:31 PM

Like I said, MQ reads from memory and is written in a completely different way than our packet structures. They use offsets that line up directly with the assembly code from the eqgame.exe, and so their format is completely different. Possibly if I was very familiar with the MQ source, I might have an idea of how it could be useful. Unfortunately I might as well be trying to read in German (which I don't know how to do), because that is about how different the code is from the emu source.

I figured out last night that all of the fields I had listed in my last post were actually in with the SoF release. The only one I am still not 100% certain about is the evolving items part. According to 13th floor, I saw it mentioned that evolving items need their own separate table and have a separate opcode (I think) if the item is able to evolve. Hopefully setting that field to 0 will just disable evolving so we don't need to write anything for it until we are at a point where we can do it at leisure. As far as the item field list for SoF, I think that I now have it 100% (or very close to it) complete. This is good, because it is 1 more step closer to being done, but the bad part is that it didn't fix my current issue.

I looked into it further last night and checked the debug where I am crashing in SoF vs a debug of a successful Titanium connection. I then compared a few things in the Titanium assembly code to the SoF assembly code. I am pretty sure that I have narrowed the current issue down to the Spawn_Structure. Unfortunately, I think that structure is by far the worst and hardest part left of getting SoF to work with the emulator. Out of all structures, the spawn struct gets completely moved around with almost every patch. I was able to find the packet size of 385 (HEX is 181) for the Titanium spawn struct by using the hex calculator here http://www.squarebox.co.uk/hcalc.html (very useful when messing with the assembly code), and then searching for 0x0181 in the assembly code. I found the same section of code in the SoF assembly code, but I was unable to figure out what the struct size was. Since this technique worked perfectly for finding the struct size for the player profile, I think that means that the new spawn struct for SoF is now a variable length struct. I checked the current SEQ source code and it lists it as variable length, even though the SEQ version from when SoF came out shows it as a fixed size.

I don't know anything about variable structure sizes or what to do with them. The spawn struct also seems to use unions, packet padding, signed and unsigned ints, all of which I know absolutely nothing about... All of the other structures are pretty straight forward and I think most of them should already be ready to start working once I get the spawn struct correct. This is probably going to be the biggest hurdle to getting SoF working.

I am still going to do some further testing on Titanium to see if I can duplicate the exact crash I am having on SoF, which should help narrow down the exact cause of the problem. That technique has already helped me multiple times in figuring out what is causing a problem.

I figured this stuff was over my skill level too, but so far, I have learned alot just reading the structures and forums here and SEQ forums. I have been able to do alot of things that I didn't expect to be able to do. So, even though it might sound above your skill level doesn't mean that you wouldn't be able to figure it out if you put some thought into it

**trevius** · #22 12-16-2008, 09:05 PM

Here is a link to the post from right before when SoF was released stating that he was able to get the spawn struct from the eqgame.exe and that it should be fully accurate:

http://www.showeq.net/forums/showpos...4&postcount=21

Since that struct didn't change in the update following the SoF release and they said everything in SEQ was still functional, I am wondering if it is safe to assume that it is correct. Ultimately, I wish I knew exactly what he did to pull all of that info from the .exe and if I knew that, this would be simple.

Here is the Spawn_Struct according to SEQ at the time of SoF (and a few patches later as well):

Code:

/* 
** Generic Spawn Struct 
** Length: 897 Octets 
** Used in: 
**   dbSpawnStruct
**   petStruct
**   spawnShroudOther
**   spawnShroudSelf
*/ 

struct spawnStruct
{
/*0000*/ uint8_t  unknown0000[9];
/*0009*/ int16_t  deity;          // Player's Deity
/*0011*/ uint8_t  unknown0011[11];
/*0022*/ uint8_t  gender;         // Gender (0=male, 1=female)
/*0023*/ uint8_t  unknown0023[4];
/*0027*/ union 
	 {
		struct
		{
		/*0027*/ EquipStruct equip_helmet; // Equiptment: Helmet visual
		/*0039*/ EquipStruct equip_chest; // Equiptment: Chest visual
		/*0051*/ EquipStruct equip_arms; // Equiptment: Arms visual
		/*0063*/ EquipStruct equip_bracers; // Equiptment: Wrist visual
		/*0075*/ EquipStruct equip_hands; // Equiptment: Hands visual
		/*0087*/ EquipStruct equip_legs; // Equiptment: Legs visual
		/*0099*/ EquipStruct equip_feet; // Equiptment: Boots visual
		/*0111*/ EquipStruct equip_primary; // Equiptment: Main visual
		/*0123*/ EquipStruct equip_secondary; // Equiptment: Off visual
		} equip;
		/*0027*/ EquipStruct equipment[9];
	 };
/*0135*/ uint8_t  state;          // stand state
/*0136*/ uint8_t  unknown0136;
/*0137*/ uint32_t guildID;        // Current guild
/*0141*/ uint8_t  unknown0141[24];
/*0165*/ uint8_t  class_;         // Player's class
/*0166*/ uint8_t  unknown0166[201];
/*%%% gm right this time? */
/*0367*/ uint8_t  gm;
/*0368*/ uint8_t  unknown0368[134];
/*0502*/ float    runspeed;       // Speed when walking
/*0506*/ uint8_t  light;          // Spawn's lightsource
/*0507*/ uint8_t  unknown0507[4];
/*0511*/ uint8_t  level;          // Spawn Level
/*0512*/ uint8_t  unknown0512[23];
/*0535*/ uint32_t race;           // Spawn race
/*0539*/ uint8_t  unknown0539[41];
/*0580*/ char     suffix[32];     // Player's suffix (of Veeshan, etc.)
/*0612*/ uint8_t  unknown0612;
/*0613*/ uint8_t  bodytype;       // Bodytype
/*0614*/ uint8_t  unknown0614[41];
/*0655*/ uint8_t  curHp;          // Current hp
/*0656*/ uint8_t  unknown0656[2];
/*0658*/ char     lastName[32];   // Player's Lastname
/*0690*/ uint8_t  unknown0690[2];
/*0692*/ char     title[32];      // Title
/*0724*/ uint8_t  unknown0724[6];
/*0730*/ uint8_t  NPC;            // 0=player,1=npc,2=pc corpse,3=npc corpse
/*0731*/ uint8_t  unknown0731[12];
/*0743*/ signed   padding0000:12; // ***Placeholder
	 signed   x:19;           // x coord
	 signed   padding0002:1; // ***Placeholder
/*0747*/ signed   deltaX:13;      // change in x
	 signed   deltaY:13;      // change in y
	 signed   padding0006:6;  // ***Placeholder
/*0751*/ signed   z:19;           // z coord
	 signed   deltaHeading:10;// change in heading
	 signed   padding0014:3;  // ***Placeholder
/*0755*/ signed   y:19;           // y coord
	 signed   deltaZ:13;      // change in z
/*0759*/ signed   animation:10;   // animation
	 unsigned heading:12;     // heading
	 signed   padding0018:10;  // ***Placeholder
/*0763*/ uint32_t spawnId;        // Spawn Id
/*0767*/ uint8_t  unknown0767[8];
/*0775*/ char     name[64];       // Player's Name
/*0839*/ uint32_t petOwnerId;     // If this is a pet, the spawn id of owner
/*0843*/ uint8_t  unknown0843;
/*0844*/ union 
	 {
		struct 
		{
		/*0844*/ Color_Struct color_helmet;    // Color of helmet item
		/*0848*/ Color_Struct color_chest;     // Color of chest item
		/*0852*/ Color_Struct color_arms;      // Color of arms item
		/*0856*/ Color_Struct color_bracers;   // Color of bracers item
		/*0860*/ Color_Struct color_hands;     // Color of hands item
		/*0864*/ Color_Struct color_legs;      // Color of legs item
		/*0868*/ Color_Struct color_feet;      // Color of feet item
		/*0872*/ Color_Struct color_primary;   // Color of primary item
		/*0876*/ Color_Struct color_secondary; // Color of secondary item
		} equipment_colors;
		/*0844*/ Color_Struct colors[9]; // Array elements correspond to struct equipment_colors above
	 };
/*0880*/ uint8_t  anon;           // 0=normal, 1=anon, 2=roleplay
/*0881*/ uint8_t  unknown0881[10];
/*0891*/ float    walkspeed;      // Speed when running
/*0895*/ uint8_t  unknown896[2];
/*0897*/
};

Part of the problem may be that I had to change this considerably to fit in all of the stuff that EQEmu currently uses for settings on spawns within the same number of bytes. Also, I don't know how to count the signed and padding stuff, so my structure size may be off.

It is still possible that something else could be the cause of my crashes, but at least by fixing everything as much as possible now, it will mean less work later. I am glad that the itemlist stuff is all done now, so it should hopefully work as soon as it is ready to get to that point

**trevius** · #23 12-17-2008, 01:14 AM

Well, I guess I was looking too hard for the spawn struct size lol. I simply converted the 897 to HEX, which is 381, and then searched the SoF eqgame.exe code for 381 and found this:

Code:

.text:00481860                 mov     eax, [esp+arg_4]
.text:00481864                 sub     esp, 80h
.text:0048186A                 cmp     eax, 381h
.text:0048186F                 push    esi             ; char
.text:00481870                 jz      short loc_4818DC
.text:00481872                 push    offset aErrorCorruptAd ; "ERROR: Corrupt addplayer, disconnecting"...
.text:00481877                 call    sub_645680
.text:0048187C                 mov     eax, dword_98AF10
.text:00481881                 add     esp, 4
.text:00481884                 mov     esi, 1
.text:00481889                 mov     [eax+38E98h], esi
.text:0048188F                 mov     ecx, dword_98AF10
.text:00481895                 push    0FFh
.text:0048189A                 call    sub_4BF9E0
.text:0048189F                 mov     ecx, dword_98AF10
.text:004818A5                 mov     dword_925C8C, 106h
.text:004818AF                 mov     [ecx+5C0h], esi
.text:004818B5                 mov     ecx, dword_761C6C
.text:004818BB                 push    offset dword_907EF0
.text:004818C0                 call    sub_43D670
.text:004818C5                 push    offset aErrorInReceive ; "ERROR: in receive add player, LEN failu"...
.text:004818CA                 call    sub_645680
.text:004818CF                 add     esp, 4
.text:004818D2                 xor     al, al
.text:004818D4                 pop     esi
.text:004818D5                 add     esp, 80h
.text:004818DB                 retn

And, when I changed the Titanium spawn structure size and logged in, it didn't crash, but it did time out and put out this debug log from the normal EQ debug file:

Code:

2008-12-15 06:08:03	Zone Connect -- 2 -- Sending MSG_EQ_ADDPLAYER
2008-12-15 06:08:06	Zone Connect -- 3 -- Received MSG_SEND_PC
2008-12-15 06:08:06	Zone Connect -- 4 -- Received MSG_EQ_ADDPLAYER
2008-12-15 06:08:07	ERROR: Corrupt addplayer, disconnecting.
2008-12-15 06:08:07	
2008-12-15 06:08:07	Networking: Connection Closed [0] with 0 pending bytes.
2008-12-15 06:08:07	ERROR: in receive add player, LEN failure.
2008-12-15 06:08:07	
2008-12-15 06:08:07	disconnected at C:\EQ\EverQuest\EverQuest.cpp:17233 (char. select) g_world == NULL
2008-12-15 06:08:07	
2008-12-15 06:08:07	Character is Trevazar.
2008-12-15 06:08:07	
2008-12-15 06:08:10	nError is TRUE at C:\EQ\EverQuest\EverQuest.cpp:20261

So, it sounds like those guys at SEQ might be correct with that spawn file after-all. Now, I just need to figure out what is being done on SoF that is causing a crash. Anyone know of a debug program that could be run on Everquest?

OscarGrouch05 · #24 12-17-2008, 04:40 AM

Anyone know of a debug program that could be run on Everquest?

Yes i use w32dsm89
will allow you to read it in asm lang plus debug the program all in one.
send email addy and i'll be happy to link ya to them don't want to post
anything againts the rules.
What i'm doing is looking at the code with
w32dsm89
etu-dasm-32/16 bit disassembler v 2.22 alpha
i really think etu-dasm would help you out
more as it will allow you read more info
in english so you'll understnad it better.

i been following up on what your doing.
what i'm intrested in is getting the expanshions
to read 15-15 etc. i noticed your not letting
us know what ver of peqserverpack.. 80) as well i
change the opcode OP_EnterWorld=0x7cba
put in patch_Anniversary.conf and opened
fos got into char slect screen.
i was using the newest ver
ActivePerl-5.10.0.1004-MSWin32-x86-287188
PEQUpdatePack-4.0-1129Rev233
mysql-5.0.51a-win32

**trevius** · #25 12-17-2008, 08:01 PM

When you say you want expansions to display 15 out of 15, do you mean at the server select? I don't think there is anything we can do about that. I am pretty sure we would have to adjust the login server source code to fix that. That isn't an option, because no one has access to it that is active around here these days. Titanium shows the wrong number of expansions, and SoF shows 0 of 0 expansions. Luckily, that has no effect on how the actual server handles your connection, it is just a display thing.

The version of code or database I am running doesn't really matter, but I am using one of the latest revisions from the SVN, R238. My database is about a year old PEQ one that has been updated by me for my custom server. The changes I am making should be able to work on any version once they are all done. If I can get it working, I will submit any needed changes for database tables once we get to that point, but for now, I am doing everything without relying on database changes.

My current status is that I worked all night last night trying to duplicate the same crash on Titanium by throwing off the structure format by increasing or decreasing the size of certain pieces of the playerprofile structure. I couldn't once get it to crash the way that SoF is, and it actually made it in game almost no matter what I changed, but it did make things wrong like plat, levels, etc, because the structure info wasn't aligned properly. I also tried to remove all of the opcodes in Titanium that I don't have correct for SoF yet, and that didn't cause a crash either.

The spawn struct seems like it should be ok, and the player profile looks like it should be very close to correct, so I am still trying to figure out what is causing the crash. I am wondering if something else was added to the playerprofile struct that we don't know anything about. There were 1032 packets added to the end of the structure sometime between the Titanium to Anniversary time period. I have no idea what that 1032 is supposed to be for, but maybe that is the cause of the crash, since we aren't sending anything at all for it.

**trevius** · #26 12-19-2008, 08:11 AM

After spending hours working to get to the next step towards getting in game, I finally made some progress.

Code:

[Fri Dec 19 06:01:40 2008]00131:Zone Connect -- 0 -- Received MSG_ZONE_ADDRESS
[Fri Dec 19 06:01:40 2008]00132:Zone addr [192.168.1.102:19997] received...
[Fri Dec 19 06:01:41 2008]00133:ZONING
[Fri Dec 19 06:01:41 2008]00134:Networking: Connection Closed [0] with 0 pending bytes.
[Fri Dec 19 06:01:41 2008]00135:Networking: using port [1969].
[Fri Dec 19 06:01:41 2008]00136:Networking: Connection Established [1]
[Fri Dec 19 06:01:41 2008]00137:Connected to 192.168.1.102:19997...

[Fri Dec 19 06:01:41 2008]00138:Zone Connect -- 2 -- Sending MSG_EQ_ADDPLAYER
[Fri Dec 19 06:01:43 2008]00139:Zone Connect -- 3 -- Received MSG_SEND_PC
[Fri Dec 19 06:01:43 2008]00140:Zone Connect -- 4 -- Received MSG_EQ_ADDPLAYER
[Fri Dec 19 06:01:43 2008]00141:Received our Player from zone. MSG_EQ_NETPLAYERBUFF is next.
[Fri Dec 19 06:01:43 2008]00142:Player = Trevazar, zone = Loading
[Fri Dec 19 06:01:43 2008]00143:MSG_TIME_STAMP received.

[Fri Dec 19 06:01:43 2008]00144:MSG_TIME_STAMP received. (Items inc).

[Fri Dec 19 06:01:51 2008]00145:fatal error in main thread Code = c0000005  ADDR=0x004e59f9

[Fri Dec 19 06:01:51 2008]00146:EAX=22447600  EBX=22447600  ECX=22447600  EDX=00000001

[Fri Dec 19 06:01:51 2008]00147:ESI=0013a53c  EDI=224476e0  EBP=30347c39  ESP=0013a4f0

[Fri Dec 19 06:01:51 2008]00148:Raw Stack

It turns out that it was the spawn struct causing that after-all. The EQ debug info isn't very helpful (but much better than nothing!), because it appeared to be crashing at the point of getting the player profile. After messing with the player profile, no matter what I did to it, I couldn't duplicate the crash on Titanium.

I think I am probably only a couple smaller structs away from getting in game now. All of the big ones should be ok enough to get in at least, I think. On to solving the next crash point problem :P

**trevius** · #27 12-20-2008, 06:57 AM

Just to test, I made a new level 1 character (on a Titanium Client) and deleted all of his items and attempted to log him in with SoF. So far, I got further than ever

Code:

[Sat Dec 20 04:48:12 2008]00129:Initializing character select UI.
[Sat Dec 20 04:48:12 2008]00130:Resetting game UI.
[Sat Dec 20 04:49:01 2008]00131:Zone Connect -- 0 -- Received MSG_ZONE_ADDRESS
[Sat Dec 20 04:49:01 2008]00132:Zone addr [192.168.1.102:20253] received...
[Sat Dec 20 04:49:01 2008]00133:ZONING
[Sat Dec 20 04:49:01 2008]00134:Networking: Connection Closed [0] with 0 pending bytes.
[Sat Dec 20 04:49:01 2008]00135:Networking: using port [1574].
[Sat Dec 20 04:49:01 2008]00136:Networking: Connection Established [1]
[Sat Dec 20 04:49:01 2008]00137:Connected to 192.168.1.102:20253...

[Sat Dec 20 04:49:02 2008]00138:Zone Connect -- 2 -- Sending MSG_EQ_ADDPLAYER
[Sat Dec 20 04:49:12 2008]00139:Zone Connect -- 3 -- Received MSG_SEND_PC
[Sat Dec 20 04:49:12 2008]00140:Zone Connect -- 4 -- Received MSG_EQ_ADDPLAYER
[Sat Dec 20 04:49:12 2008]00141:Received our Player from zone. MSG_EQ_NETPLAYERBUFF is next.
[Sat Dec 20 04:49:12 2008]00142:Player = Ztestius, zone = The Nexus
[Sat Dec 20 04:49:12 2008]00143:MSG_TIME_STAMP received.

[Sat Dec 20 04:49:12 2008]00144:MSG_TIME_STAMP received. (Items inc).

[Sat Dec 20 04:49:12 2008]00145:Item done, MSG_WEATHER_EVENT received.

[Sat Dec 20 04:49:12 2008]00146:Initializing zone.
[Sat Dec 20 04:49:12 2008]00147:Initializing world.
[Sat Dec 20 04:49:12 2008]00148:Verifying world files.
[Sat Dec 20 04:49:12 2008]00149:Attempting to load nexus.EQG.
[Sat Dec 20 04:49:12 2008]00150:Loading zone specific files.
[Sat Dec 20 04:49:12 2008]00151:Loading nexus_obj2
[Sat Dec 20 04:49:12 2008]00152:Loading nexus_obj
[Sat Dec 20 04:49:12 2008]00153:Loading nexus_chr2
[Sat Dec 20 04:49:12 2008]00154:Loading nexus_chr
[Sat Dec 20 04:49:12 2008]00155:Loading nexus
[Sat Dec 20 04:49:13 2008]00156:Loading objects
[Sat Dec 20 04:49:13 2008]00157:Loading lights
[Sat Dec 20 04:49:13 2008]00158:Initializing cameras.
[Sat Dec 20 04:49:13 2008]00159:Initializing lights.
[Sat Dec 20 04:49:13 2008]00160:Initializing visual effects.
[Sat Dec 20 04:49:13 2008]00161:Initializing target indicator.
[Sat Dec 20 04:49:13 2008]00162:Initializing player path.
[Sat Dec 20 04:49:13 2008]00163:Performing post-load operations.
[Sat Dec 20 04:49:13 2008]00164:Initializing precipitation system.
[Sat Dec 20 04:49:13 2008]00165:World initialized: nexus
[Sat Dec 20 04:49:13 2008]00166:Requesting zone data.
[Sat Dec 20 04:49:13 2008]00167:Resetting cameras.
[Sat Dec 20 04:49:13 2008]00168:Resetting vision.
[Sat Dec 20 04:49:13 2008]00169:Resetting overlays.
[Sat Dec 20 04:49:13 2008]00170:Zone initialized.
[Sat Dec 20 04:49:13 2008]00171:Creating INI files.
[Sat Dec 20 04:49:13 2008]00172:Requesting AA data.
[Sat Dec 20 04:49:13 2008]00173:Requesting Skill rank data.
[Sat Dec 20 04:49:13 2008]00174:Loading UI.
[Sat Dec 20 04:49:13 2008]00175:Deactivating previous UI.
[Sat Dec 20 04:49:13 2008]00176:Unloading previous textures.
[Sat Dec 20 04:49:13 2008]00177:Resetting UI.
[Sat Dec 20 04:49:13 2008]00178:Resetting character select UI.
[Sat Dec 20 04:49:13 2008]00179:Resetting game UI.
[Sat Dec 20 04:49:13 2008]00180:UI Reset.
[Sat Dec 20 04:49:13 2008]00181:Initializing UI.
[Sat Dec 20 04:49:13 2008]00182:Initializing UI manager.
[Sat Dec 20 04:49:13 2008]00183:Initializing fonts.
[Sat Dec 20 04:49:13 2008]00184:Parsing UI XML.
[Sat Dec 20 04:49:13 2008]00185:Parsing INI file .\UI_Ztestius_stormhaven.ini
[Sat Dec 20 04:49:13 2008]00186:INI file .\UI_Ztestius_stormhaven.ini loaded.
[Sat Dec 20 04:49:14 2008]00187:Loading default UI resources.
[Sat Dec 20 04:49:14 2008]00188:Initializing game UI.
[Sat Dec 20 04:49:14 2008]00189:Parsing INI file .\Ztestius_stormhaven.ini
[Sat Dec 20 04:49:14 2008]00190:INI file .\Ztestius_stormhaven.ini loaded.
[Sat Dec 20 04:49:15 2008]00191:Loading Icons.
[Sat Dec 20 04:49:16 2008]00192:Resetting viewport.
[Sat Dec 20 04:49:16 2008]00193:Game UI Initialized.
[Sat Dec 20 04:49:16 2008]00194:Entering main loop.
[Sat Dec 20 04:49:16 2008]00195:DoMainLoop - Just after packet processing()
[Sat Dec 20 04:49:16 2008]00196:DoMainLoop - Just after actor creation()
[Sat Dec 20 04:49:16 2008]00197:Loading game sounds.
[Sat Dec 20 04:49:16 2008]00198:Requesting initialization data.
[Sat Dec 20 04:49:16 2008]00199:DoMainLoop: just before first while(!EverQuest.ReceievedWorldObjects).

I think I just need to track down a few more opcodes and I should be able to at least get a naked level 1 in game. Then, I will have to work out if it is AAs or Items or something else causing the crash when I try to log in my GM character that I have done most of the testing with. Still making progress, and getting much better at finding opcodes in the assembly code. I still can't find every one of them using the comparing method, but I can probably find about 50% that way

Yeormom · #28 12-20-2008, 10:20 PM

Trevius is our hero.

**trevius** · #29 12-21-2008, 05:31 AM

While it is good to know some people are following this post, I think it would be best to keep the clutter down if possible. I am hoping that I can get it working enough that others might be able to start assisting me at some point and it is easier to read if there is less clutter. I do appreciate the cheering on (it is alot of work so far), but this thread isn't really the place for it. Besides, until it is at least somewhat usable, there isn't much to cheer about. There is a good chance that we may never have enough info to get SoF fully functional. I am trying to stay positive about it though lol.

I have already learned a ton over the past couple of weeks just playing with the different sources I have available to me to get them all frankenstiened into something that will at least let us log all of the way in. If I could read the assembly code better, it may eventually be possible to pull everything we need straight from there, but I am still a good ways from being able to understand it enough to do that.

Currently, I am trying to understand the item serialization code. I have the full itemlist for SoF, and I think it should be very close to accurate. But, until I know how to set the serialization up so that it works with my new list, I can't load items. Other than that, I already have a large amount of the bare minimum opcodes needed to log in. There are only a few more I need to have a complete list. Here is what I have so far:

Code:

Opcode Name=Titanium Op - SoF Op
OP_SendLoginInfo=0x4dd0 - 0x6c3c V
OP_GuildsList=0x6957 - 0x04FB V
OP_LogServer=0x0fa6 - 0x129A V
OP_ApproveWorld=0x3c25 - 0x7FC0 V
OP_EnterWorld=0x7cba - 0x1340 V
OP_PostEnterWorld=0x52A4 - 0x1AEE V
OP_ExpansionInfo=0x04ec - 0x0A1B V
OP_SendCharInfo=0x4513 - 0x6040 V
OP_World_Client_CRC1=0x5072 - 0x7a9e V
OP_World_Client_CRC2=0x5b18 - 0x3795 V
 - 0x22cf - size 2056 - Some new CRC from SoF.  This shouldn't be required to use at all.
 - 0x43ba - size 2056 - Some new CRC from SoF.  This shouldn't be required to use at all.
OP_AckPacket=0x7752 - 0x4D38 V
OP_WorldClientReady=0x5e99 - 2EBD V
0x58FB - size 8 - the Auto-AFK opcode - This isn't in Titanium opcodes, but does exist.  Not required though.

Log into a zone:
OP_EnterWorld=0x7cba - 0x1340 V
OP_MOTD=0x024d - 0x5711 V?
OP_SetChatServer=0x00d7 - 0x71B8 V
OP_SetChatServer2=0x6536 - 0x32CC V
OP_ZoneServerInfo=0x61b6 - 0x18B1 V
OP_WorldComplete=0x509d - 0x2486 V
OP_PlayerProfile=0x75DF - 0x0FEB V
OP_ZoneEntry=0x7213 - 0x737E V
OP_TimeOfDay=0x1580 - 0x7274 V
OP_TributeUpdate=0x5639 - 0x71Fb ???
OP_TributeTimer=0x4665 - 0x4775 ???
OP_CharInventory=0x5394 - 0x08A3 V
OP_TaskDescription=0x5ef7 - 0x0Af9 ???
OP_TaskActivity=0x682d - 0x2E60 ???
OP_CompletedTasks=0x76a2 - 0x5855
OP_Weather=0x254d - 0x70A5 V

OP_ReqNewZone=0x7ac5 - 0x3CDC NEW from IDA 0x5417 V
OP_NewZone=0x0920 - 0x5D22 V
OP_CustomTitles=0x2a28 - ???
OP_SendAATable=0x367d - 0x6F05 V
OP_UpdateAA=0x5966 - 0x45D2 V
OP_RespondAA=0x3af4 - 
OP_SendTributes=0x067a - 0x28C1??? From Tail 0x6764
OP_TributeInfo=0x152d - 0x4775  From Tail 0x3F33
OP_SendGuildTributes=0x5e3a - 0x6774
OP_SpawnAppearance=0x7c32 - 0x10B7 NEW from IDA 0x50EC V? 0x0000?
OP_ReqClientSpawn=0x0322 - 0x45D2 NEW from IDA 0x014C V
OP_SpawnDoor=0x4c24 - 0x68C8 NEW from IDA 0x3547 V???
OP_GroundSpawn=0x0f47 - 0x33E5 ???
OP_SendZonepoints=0x3eba - 0x2992 ???
OP_PetitionCheckout=0x0000 - Shouldn't be required as we don't have it in Titanium either.
OP_SendAAStats=0x5996 - 0x3518 ??? - I don't know if this is used in Titanium
OP_SendExpZonein=0x0587 - 0x3703 V?
OP_AAExpUpdate=0x5f58 - 0x3518 ???
OP_ExpUpdate=0x5ecd - 0x581A ???
OP_RaidUpdate=0x1f21 - 0x00AF ???
OP_GuildMemberList=0x147d - 0x317C ???
OP_GuildMOTD=0x475a - 0xD677 ???
OP_SetServerFilter=0x6563 - I don't think this is required.
OP_ClientReady=0x5e20 - NEW 0x2854 V
OP_PetitionUpdate=0x0000 - Shouldn't be required as we don't have it in Titanium either.
OP_WearChange=0x7441 - 0x25F0 V?
OP_HPUpdate=0x3bcf - 0x62F6 ???
OP_WeaponEquip2=0x63da - skip this as it is unhandled in Titanium and comes from the client each time you zone
OP_WeaponEquip1=0x6c5e - skip this as it is unhandled in Titanium and comes from the client each time you zone
OP_ManaChange=0x4839 - 0x0659 V?
OP_SpecialMesg=0x2372 - 0x1126 V?
OP_TGB=0x0c11 - 0x0137 V?
OP_ClientUpdate=0x14cb - 0x5Cf3 V?
OP_FloatListThing=0x6a1b - I don't have this yet, but it comes from the client and should be able to get it from the tail once I can get in game with SoF

The V means it has been verified either from the client, or from IDA or both. This is about 95% sure to be accurate. The V? means I verified it from IDA, but the code isn't an exact match, so I am only 50-75% sure it is accurate. The ??? means I was either unable to find it at all in IDA, or that I found it and it doesn't look like a match to me, they are likely to be wrong.

I think if we can get all of those, I may have enough opcodes correct that we can at least log in a naked character all of the way. Once the item serialization is done for SoF, we should be able to login geared characters as well. I think the main opcode I need to be accurate now is the doorspawn opcode. I think that also sends objects in the zone and seems to be where the naked test character is getting hung up at.

Like I said, as soon as I can get any character logged in all of the way, I will submit my changes to the SVN so others can assist with it if they want. What I will probably do is set it so that the Anniversary files (that I am using for getting SoF to work currently), will not be used by default on new builds. It would be disabled by a simple define and could be easily enabled by anyone who wanted to mess with it. I will post how to enable it if I can get to that point. It will just mean a simple 1 line code change to enable it (uncommenting a #define). The reason to leave it disabled is so you don't have players trying to use SoF and crashing zones if there are issues with it that cause crashes.

**trevius** · #30 12-21-2008, 05:36 AM

Here is my new updated itemlist incase anyone knows how to write the item serialization code to use it properly:

Code:

/* 000 */	//I(ItemClass) // Leave this one off on purpose
/* 001 */	S(Name)
/* 002 */	S(Lore)
/* 003 */	C("")//lorefile - Newly Added - Field is Null
/* 004 */	S(IDFile)
/* 005 */	I(ID)
/* 006 */	I(Weight)
/* 007 */	I(NoRent)
/* 008 */	I(NoDrop)
/* 009 */	I(Size)
/* 010 */	I(Slots)
/* 011 */	I(Price)
/* 012 */	I(Icon)
/* 013 */	C("0")//UNK013
/* 014 */	C("0")//UNK014
/* 015 */	I(BenefitFlag)
/* 016 */	I(Tradeskills)
/* 017 */	I(CR)
/* 018 */	I(DR)
/* 019 */	I(PR)
/* 020 */	I(MR)
/* 021 */	I(FR)
/* 022 */	C("0")//svcorruption - Newly Added
/* 023 */	I(AStr)
/* 024 */	I(ASta)
/* 025 */	I(AAgi)
/* 026 */	I(ADex)
/* 027 */	I(ACha)
/* 028 */	I(AInt)
/* 029 */	I(AWis)
/* 030 */	I(HP)
/* 031 */	I(Mana)
/* 032 */	I(Endur) //endur - Relocated
/* 033 */	I(AC)
/* 034 */	I(Classes)//classes - Relocated
/* 035 */	I(Races)//races - Relocated
/* 036 */	I(Deity)
/* 037 */	I(SkillModValue)
/* 038 */	C("0")//UNK038 - Default is 0
/* 039 */	I(SkillModType)
/* 040 */	I(BaneDmgRace)
/* 041 */	I(BaneDmgBody)//banedmgbody - Relocated
/* 042 */	I(BaneDmgRaceAmt)//banedmgraceamt - Relocated
/* 043 */	I(BaneDmgAmt)//banedmgamt - Relocated
/* 044 */	I(Magic)
/* 045 */	I(CastTime_)
/* 046 */	I(ReqLevel)
/* 047 */	I(RecLevel)//reclevel - Relocated
/* 048 */	I(RecSkill)//recskill - Relocated
/* 049 */	I(BardType)
/* 050 */	I(BardValue)
/* 051 */	I(Light)
/* 052 */	I(Delay)
/* 053 */	I(ElemDmgType)
/* 054 */	I(ElemDmgAmt)
/* 055 */	I(Range)
/* 056 */	I(Damage)
/* 057 */	I(Color)
/* 058 */	I(ItemType)
/* 059 */	I(Material)
/* 060 */	C("0")//UNK060 - Default is 0
/* 061 */	C("0")//UNK061 - Default is 0
/* 062 */	F(SellRate)
/* 063 */	I(CombatEffects)
/* 064 */	I(Shielding)
/* 065 */	I(StunResist)
/* 066 */	I(StrikeThrough)
/* 067 */	I(ExtraDmgSkill)
/* 068 */	I(ExtraDmgAmt)
/* 069 */	I(SpellShield)
/* 070 */	I(Avoidance)
/* 071 */	I(Accuracy)
/* 072 */	I(CharmFileID)
/* 073 */	I(FactionMod1)//Swapped these so Faction Amt comes after each Faction Mod
/* 074 */	I(FactionAmt1)//Swapped these so Faction Amt comes after each Faction Mod
/* 075 */	I(FactionMod2)//Swapped these so Faction Amt comes after each Faction Mod
/* 076 */	I(FactionAmt2)//Swapped these so Faction Amt comes after each Faction Mod
/* 077 */	I(FactionMod3)//Swapped these so Faction Amt comes after each Faction Mod
/* 078 */	I(FactionAmt3)//Swapped these so Faction Amt comes after each Faction Mod
/* 079 */	I(FactionMod4)//Swapped these so Faction Amt comes after each Faction Mod
/* 080 */	I(FactionAmt4)//Swapped these so Faction Amt comes after each Faction Mod
/* 081 */	S(CharmFile)
/* 082 */	I(AugType)
/* 083 */	I(AugRestrict)//augrestrict - Relocated
/* 084 */	I(AugDistiller)//augdistiller - Relocated
/* 085 */	I(AugSlotType[0])
/* 086 */	I(AugSlotUnk[0])//augslot1visible - Default 1
/* 087 */	C("0")//augslot1unk2 - Newly Added  - Default 0
/* 088 */	I(AugSlotType[1])
/* 089 */	I(AugSlotUnk[1])
/* 090 */	C("0")//augslot2unk2 - Newly Added
/* 091 */	I(AugSlotType[2])
/* 092 */	I(AugSlotUnk[2])
/* 093 */	C("0")//augslot3unk2 - Newly Added
/* 094 */	I(AugSlotType[3])
/* 095 */	I(AugSlotUnk[3])
/* 096 */	C("0")//augslot4unk2 - Newly Added
/* 097 */	I(AugSlotType[4])
/* 098 */	I(AugSlotUnk[4])
/* 099 */	C("0")//augslot5unk2 - Newly Added
/* 100 */	I(PointType)//pointtype - Relocated
/* 101 */	I(LDoNTheme)
/* 102 */	I(LDoNPrice)
/* 103 */	C("70")//UNK098 - Newly Added - Default 70, but some are set to 0
/* 104 */	I(LDoNSold)
/* 105 */	I(BagType)
/* 106 */	I(BagSlots)
/* 107 */	I(BagSize)
/* 108 */	I(BagWR)
/* 109 */	I(Book)
/* 110 */	I(BookType)
/* 111 */	S(Filename)
/* 112 */	I(LoreGroup)
/* 113 */	I(ArtifactFlag)
/* 114 */	C("0")//I(PendingLoreFlag)?//UNK109 - Default 0, but a few are 1
/* 115 */	I(Favor)
/* 116 */	I(GuildFavor)//guildfavor - Relocated
/* 117 */	I(FVNoDrop)
/* 118 */	I(DotShielding)
/* 119 */	I(Attack)
/* 120 */	I(Regen)
/* 121 */	I(ManaRegen)
/* 122 */	I(EnduranceRegen)
/* 123 */	I(Haste)
/* 124 */	I(DamageShield)
/* 125 */	C("-1") //UNK120 - Default is -1
/* 126 */	C("0") //UNK121 - Default is 0
/* 127 */	I(Attuneable)
/* 128 */	I(NoPet)
/* 129 */	C("0") //UNK124 - Default 0, but a few are 1
/* 130 */	I(PotionBelt)
/* 131 */	C("0") //potionbeltslots - Default 0, but a few are 1
/* 132 */	I(StackSize)
/* 133 */	I(NoTransfer)
/* 134 */	I(Stackable)//UNK129 - Default is 0, but some are much higher
/* 135 */	I(QuestItemFlag)//questitemflag - Default is 0 (off), flag on = 1
/* 136 */	C("0")//UNK131 - Default is 0, but there is an item set to 1
/* 137 */	C("0")//UNK132 - Default is 0? 0000000000000000000?
/* 138 */	I(Click.Effect)
/* 139 */	I(Click.Type)
/* 140 */	I(Click.Level2)
/* 141 */	I(Click.Level)
/* 142 */	I(MaxCharges)//maxcharges - Relocated
/* 143 */	I(CastTime_)//casttime - Relocated - Note Duplicate Entries for CastTime_ and none for CastTime
/* 144 */	I(RecastDelay)//recastdelay - Relocated
/* 145 */	I(RecastType)//recasttype - Relocated
/* 146 */	C("0")//clickunk5 - Newly Added - Default is 0
/* 147 */	C("")//clickname - Newly Added - Default is Null
/* 148 */	C("-1")//clickunk7 - Newly Added - Default is -1, but some set to 0 and some much higher
/* 149 */	I(Proc.Effect)
/* 150 */	I(Proc.Type)
/* 151 */	I(Proc.Level2)
/* 152 */	I(Proc.Level)
/* 153 */	C("0")//procunk1 - Newly Added - Default is 0, but some set to -1 and 1
/* 154 */	C("0")//procunk2 - Newly Added - Default is 0
/* 155 */	C("0")//procunk3 - Newly Added - Default is 0
/* 156 */	C("0")//procunk4 - Newly Added - Default is 0
/* 157 */	I(ProcRate)//procrate - Relocated
/* 158 */	C("")//procname - Newly Added - Default is Null
/* 159 */	C("-1")//procunk7 - Newly Added - Default is -1, but some set to 0
/* 160 */	I(Worn.Effect)
/* 161 */	I(Worn.Type)
/* 162 */	I(Worn.Level2)
/* 163 */	I(Worn.Level)
/* 164 */	C("0")//wornunk1 - Newly Added - Default is 0
/* 165 */	C("0")//wornunk2 - Newly Added - Default is 0
/* 166 */	C("0")//wornunk3 - Newly Added - Default is 0
/* 167 */	C("0")//wornunk4 - Newly Added - Default is 0
/* 168 */	C("0")//wornunk5 - Newly Added - Default is 0
/* 169 */	C("")//wornname - Newly Added - Default is Null
/* 170 */	C("-1")//wornunk7 - Newly Added - Default is -1, but some set to 0
/* 171 */	I(Focus.Effect)
/* 172 */	I(Focus.Type)
/* 173 */	I(Focus.Level2)
/* 174 */	I(Focus.Level)
/* 175 */	C("0")//focusunk1 - Newly Added - Default is 0
/* 176 */	C("0")//focusunk2 - Newly Added - Default is 0
/* 177 */	C("0")//focusunk3 - Newly Added - Default is 0
/* 178 */	C("0")//focusunk4 - Newly Added - Default is 0
/* 179 */	C("0")//focusunk5 - Newly Added - Default is 0
/* 180 */	C("")//focusname - Newly Added - Default is Null
/* 181 */	C("-1")//focusunk7 - Newly Added - Default is -1, but some set to 0
/* 182 */	I(Scroll.Effect)
/* 183 */	I(Scroll.Type)
/* 184 */	I(Scroll.Level2)
/* 185 */	I(Scroll.Level)
/* 186 */	C("0")//scrollunk1 - Renumber this***
/* 187 */	C("0")//scrollunk2 - Newly Added - Default is 0
/* 188 */	C("0")//scrollunk3 - Newly Added - Default is 0
/* 189 */	C("0")//scrollunk4 - Newly Added - Default is 0
/* 190 */	C("0")//scrollunk5 - Newly Added - Default is 0
/* 191 */	C("")//scrollname - Newly Added - Default is Null
/* 192 */	C("-1")//scrollunk7 - Newly Added - Default is -1, but some set to 0
/* 193 */	C("0")//UNK193 - Default is 0
/* 194 */	C("0")//purity - Newly Added - Default is 0, but some go up to 75
/* 195 */	C("0")//dsmitigation - Newly Added - Default is 0, but some are up to 2
/* 196 */	C("0")//heroic_str - Newly Added - Default is 0
/* 197 */	C("0")//heroic_int - Newly Added - Default is 0
/* 198 */	C("0")//heroic_wis - Newly Added - Default is 0
/* 199 */	C("0")//heroic_agi - Newly Added - Default is 0
/* 200 */	C("0")//heroic_dex - Newly Added - Default is 0
/* 201 */	C("0")//heroic_sta - Newly Added - Default is 0
/* 202 */	C("0")//heroic_cha - Newly Added - Default is 0
/* 203 */	C("0")//healamt - Newly Added - Default is 0, but some are up to 9
/* 204 */	C("0")//spelldmg - Newly Added - Default is 0, but some are up to 9
/* 205 */	C("0")//clairvoyance - Newly Added - Default is 0, but some are up to 10
/* 206 */	C("0")//backstabdmg - Newly Added - Default is 0, but some are up to 65
//* 207 */	C("0")//evolvinglevel - Newly Added - Default is 0, but some are up to 7

//This doesn't appear to be used /* 102 */	S(verified)//verified
//This doesn't appear to be used /* 102 */	S(serialized)//created
//Unsure where this goes right now (or if it is even used) /* 108 */	I(SummonedFlag)

Here is a piece of the log from the EQ Debug showing where it is currently failing:

Code:

[Sun Dec 21 07:09:29 2008]00201:Entering main loop.
[Sun Dec 21 07:09:30 2008]00202:DoMainLoop - Just after packet processing()
[Sun Dec 21 07:09:30 2008]00203:DoMainLoop - Just after actor creation()
[Sun Dec 21 07:09:30 2008]00204:Loading game sounds.
[Sun Dec 21 07:09:30 2008]00205:Requesting initialization data.
[Sun Dec 21 07:09:30 2008]00206:DoMainLoop: just before first while(!EverQuest.ReceievedWorldObjects).
[Sun Dec 21 07:11:14 2008]00132:THE SERVER IS NOT RESPONDING.
[Sun Dec 21 07:11:38 2008]00133:
end of DisplayScreen

[Sun Dec 21 07:11:40 2008]00134:TIMED OUT WAITING FOR ZONE ADDR

[Sun Dec 21 07:11:41 2008]00135:Networking: Connection Closed [0] with 0 pending bytes.