Quantcast
Jump to content
Search In
  • More options...
Find results that contain...
Find results in...
    1. Welcome to GTAForums!   (86,035 visits to this link)

    2. News

    1. GTA Online

      1. Find Lobbies & Players
      2. Guides & Strategies
      3. Vehicles
      4. Content Creator
      5. Help & Support
    2. Crews

      1. Events
      2. Recruitment
    1. Grand Theft Auto Series

    2. GTA Next

    3. GTA V

      1. PC
      2. Guides & Strategies
      3. Help & Support
    4. GTA IV

      1. Episodes from Liberty City
      2. Multiplayer
      3. Guides & Strategies
      4. Help & Support
      5. GTA Mods
    5. GTA Chinatown Wars

    6. GTA Vice City Stories

    7. GTA Liberty City Stories

    8. GTA San Andreas

      1. Guides & Strategies
      2. Help & Support
      3. GTA Mods
    9. GTA Vice City

      1. Guides & Strategies
      2. Help & Support
      3. GTA Mods
    10. GTA III

      1. Guides & Strategies
      2. Help & Support
      3. GTA Mods
    11. Top Down Games

      1. GTA Advance
      2. GTA 2
      3. GTA
    12. Wiki

      1. Merchandising
    1. GTA Modding

      1. GTA V
      2. GTA IV
      3. GTA III, VC & SA
      4. Tutorials
    2. Mod Showroom

      1. Scripts & Plugins
      2. Maps
      3. Total Conversions
      4. Vehicles
      5. Textures
      6. Characters
      7. Tools
      8. Other
      9. Workshop
    3. Featured Mods

      1. DYOM
      2. OpenIV
      3. GTA: Underground
      4. GTA: Liberty City
      5. GTA: State of Liberty
    1. Red Dead Redemption 2

    2. Red Dead Redemption

    3. Rockstar Games

    1. Off-Topic

      1. General Chat
      2. Gaming
      3. Technology
      4. Programming
      5. Movies & TV
      6. Music
      7. Sports
      8. Vehicles
    2. Expression

      1. Graphics / Visual Arts
      2. GFX Requests & Tutorials
      3. Writers' Discussion
      4. Debates & Discussion
    1. Forum Support

    2. Site Suggestions

JernejL

Documenting GTA-SA memory addresses

Recommended Posts

MKKJ

Forgot that i found more related addresses.

 

0x858CEC - Aiming Recoil Multiplier (float, default 0.04)
How much recoil increased/crosshair expands per shot (calculated with data from weapon.dat)
Set to 0.0 to "freeze" crosshair.

0x8D2E64 - Aiming Recoil Cooldown Multiplier (float, default 0.96)
How much recoil "decreased" / crosshair retracts.
Set to 0.0 for instant cooldown. 1.0 to disable cooldown. More than 1.0 to make crosshair expand indefinitely.



I'ts possible to make every value independent?

I mean, have just the "static" crosshair, but with the bulletspread value intact?

Locking up the crosshair but keep the recoil?
Sorry, I don't know how. Haven't been looking into it.

Edited by MKKJ

Share this post


Link to post
Share on other sites
CharlesVercetti

I searched through the whole topic for addresses related to the HUD positions(Health bar,armor bar,time,money,weapon icon,ammo count,wanted stars).

Many posts were linked to the gtagaming.com website.They were inactive links.Also had a look at the gtamodding wiki,where they provided addresses for changing colors only.Can someone provide me the addresses?

Share this post


Link to post
Share on other sites
null0245

Leaving this here. This is for GTA III CPlayerInfo. Notice it's the same with GTA VC so the structure around could be more or less similar.

 

 

/// <summary>/// The HookerMoneyTimer offset from the PlayerInfo address. (4 bytes integer)/// </summary>#define PLAYER_INFO_HOOKER_MONEY_TIMER_OFFSET 0xCC/// <summary>/// The HookerTimer offset from the PlayerInfo address. (4 bytes integer)/// </summary>#define PLAYER_INFO_HOOKER_TIMER_OFFSET 0xC8/// <summary>/// The HookerTime offset from the PlayerInfo address. (4 bytes integer)/// </summary>#define PLAYER_INFO_HOOKER_TIME_OFFSET 0xD0/// <summary>/// The Hooker offset from the PlayerInfo address. (CPed*)/// </summary>#define PLAYER_INFO_HOOKER_OFFSET 0xD4

Share this post


Link to post
Share on other sites
Gmer

I documented hundreds of new mem addresses/offsets that weren't known in earlier research.

See here: https://paste.ee/p/vAxZw (backup just incase http://www.mediafire.com/file/c8fqwiv0s583jxw/gtasaFuncsMemOffset.txt)

 

PC addresses. That is from a novel IDA database, self-generated. It's a DB to IDA MAP for offsets, make sure to read notes at file beginning.

 

More;

the decompiled GTA_SA IDA C++ pseudocode that belongs to said db: http://www.mediafire.com/file/3geqc5pwjyvvacc/gta_sa-source.c

 

clean import of gta_sa.exe to newest IDA 7.0 and fresh decompile pseudocode (No db linked to it, so no function names and offset titles in the source!): http://www.mediafire.com/file/4ge2ny5jrh2139z/gta_sa.c

Just uploaded because of IDA 7.0 enhanced pseudodecompiled code output.

 

Now here's my novel IDA DB used to list the new offsets and mem addresses where this post is all about: .idb http://www.mediafire.com/file/12ec4jx5n6z6821/gta_sa_IDBdb.idb

 

EDIT: Never rely on all of my addresses in the whole topic, I found obvious mistakes with it, some offsets dont match due to the generating method I used. The function names and great part of the addresses are useful after all.

Edited by Gmer

Share this post


Link to post
Share on other sites
boludoz
Which is the direction that deactivates the markers in 2 player mode? How can this be solved? Many people are asking for it. Everything related helps.

Share this post


Link to post
Share on other sites
Nick007J

Do you mean missions becoming unavailable? While you can fix it in memory, I don't think starting a mission is possible without a crash in two-player mode.

Share this post


Link to post
Share on other sites
boludoz

Do you mean missions becoming unavailable? While you can fix it in memory, I don't think starting a mission is possible without a crash in two-player mode.

 

 

I had thought of complementing it with this code, once ? (take the marker)-, player 2 is eliminated, when ?= 1 // 1 - player is entering in an interior is re-enabled.
I do not think it is a big problem to add an extra ped to the mission, in fact there are mods that do it but only once it is in the mission and in the form of cheat. The problem would be to have the mission activated.
Edited by boludoz

Share this post


Link to post
Share on other sites
Nick007J

Anyway, as far as I know, markers are "disabled", because CPlayerPed::CanPlayerStartMission [0x609590] returns false, because it checks CGameLogic::IsCoopGameGoingOn().

Share this post


Link to post
Share on other sites
boludoz

Anyway, as far as I know, markers are "disabled", because CPlayerPed::CanPlayerStartMission [0x609590] returns false, because it checks CGameLogic::IsCoopGameGoingOn().

It was the 'OPCODE' that I was missing, thank you. my screen goes black, when I corrupt this. I'm very new in memory edition from where could I get that? how many bytes does that have?
Edited by boludoz

Share this post


Link to post
Share on other sites
Gmer

PC GTA SA: From the same never-seen before IDA DB as that I previously posted, I created a much better offset/mem function address list than before:

 

https://pastebin.com/K3eqq3MP

 

It's still too big to fit in a post here.

 

Also ive combined several IDA db's offset/func address maps into one HUGE file, if you want a certain hit on what you're looking for get it here:

https://www.mediafire.com/file/7njezcvtmgkcqle/SA-MEM-OFFSETS-HUGEDB.txt

 

EDIT: Never rely on all of my addresses in the whole topic, I found obvious mistakes with it, some offsets dont match due to the generating method I used. The function names and great part of the addresses are useful after all.

Edited by Gmer

Share this post


Link to post
Share on other sites
boludoz

From the same never-seen before IDA DB as that I previously posted, I created a much better offset/mem function address list than before:

 

https://pastebin.com/K3eqq3MP

 

It's still too big to fit in a post here.

I had taken a look at this but I did not know how to 0001: 00040390> to hex, excellent job! PD:If we are talking about android this means that the game is still supporting 2p mode on android, beyond the opcode 00E1.

Edited by boludoz

Share this post


Link to post
Share on other sites
boludoz
0x736AEF (float): Radio necessary for an explosion to affect a vehicle.

Edited by boludoz

Share this post


Link to post
Share on other sites
frankandbeans

[sA]

 

Does anybody know the address that spawns the actors (swat) on the ropes during wanted levels? They seem to be invincible while rappeling down.

Share this post


Link to post
Share on other sites
Jack

 

0x006C6C86     loc_6C6C86:                             ; CODE XREF: sub_6C69C0+2C2j0x006C6C86 09C                 push    eax             ; pTask0x006C6C87 0A0                 mov     ecx, ebp        ; this0x006C6C89 0A0                 mov     byte ptr [esp+0A0h+var_4], 00x006C6C91 0A0                 call    CTaskComplexSequence__addTaskToSequence0x006C6C96 09C                 mov     eax, [edi+47Ch]0x006C6C9C 09C                 push    00x006C6C9E 0A0                 push    30x006C6CA0 0A4                 push    ebp0x006C6CA1 0A8                 lea     ecx, [eax+4]0x006C6CA4 0A8                 call    CPedTasks__AssignPrimaryTask ; CPedTasks method0x006C6CA9 09C                 and     dword ptr [edi+1Ch], 0FFFFFFFEh  //  ped->physical.entity.m_dwFlags &= 0xFFFFFFFE;   //  -20x006C6CAD 09C                 mov     al, [esi+9B9h]0x006C6CB3 09C                 dec     al0x006C6CB5 09C                 mov     [esi+9B9h], al0x006C6CBB 09C                 movzx   eax, al0x006C6CBE 09C                 push    40800000h0x006C6CC3 0A0                 push    98h0x006C6CC8 0A4                 mov     byte ptr [eax+esi+9BAh], 0AAh0x006C6CD0 0A4                 mov     ecx, [edi+18h]0x006C6CD3 0A4                 push    00x006C6CD5 0A8                 push    ecx0x006C6CD6 0AC                 call    _ZN12CAnimManager14BlendAnimationEP7RpClump12AssocGroupId11AnimationIdf ; CAnimManager::BlendAnimation(RpClump *,AssocGroupId,AnimationId,float)0x006C6CDB 0AC                 add     esp, 10h0x006C6CDE 09C                 lea     ecx, [esp+9Ch+m]0x006C6CE2 09C                 mov     [esp+9Ch+var_4], 0FFFFFFFFh0x006C6CED 09C                 call    _ZN7CMatrixD2Ev ; CMatrix::~CMatrix()0x006C6CF2 09C                 mov     al, 10x006C6CF4 09C                 jmp     short loc_6C6D0C

plugin::patch::SetUChar(0x6C6CAC, -1);

Share this post


Link to post
Share on other sites
TheStansGTA

Hello guys,I maked a mod.

My mod name is:

GTA Military and Social Stories 1.1

Added mods:

- Car Spawn(press H+7 to spawn car)

- Added 5 new cars

- 2 new Skins

 

Update 1.2 coming soon...

 

Installation:

1-Download the .rar file and extract it to your desktop.
2-Then download the other .rar and extract it to the GTA San Andreas User Files folder.
3-Move your game files to a folder on your desktop.
4 - Delete the www.gamemodding.net folder in the Game Folder.

Share this post


Link to post
Share on other sites
guard3

Excuse me?

Share this post


Link to post
Share on other sites
TheSangheili

This page https://www.gtamodding.com/wiki/Memory_Addresses_(SA) says:

Cars:	+1080 = [dword] modding data as in garage info (Not working?)	+1084 = [dword] modding data as in garage info (Not working?)	+1088 = [dword] modding data as in garage info (Not working?)	+1092 = [dword] modding data as in garage info (Not working?)	+1096 = [dword] modding data as in garage info (Not working?)	+1100 = [dword] modding data as in garage info (Not working?)	+1104 = [dword] modding data as in garage info (Not working?)	+1108 = [dword] modding data as in garage info (Not working?)

It is not working because these are not DWORDs. They are WORDs, for example the first line becomes:

        +1080 [word] model id        +1082 [word] model id

But you can't just write values, you have to load the model then add the mode like in main.scm.

Share this post


Link to post
Share on other sites
DK22Pac

Who the hell need that outdated wiki information, when we have this?

 

Also, at +0x438 offset we have 2 bytes with extra IDs

TODr1zm.png

 

And there are 8 slots for passengers, not 9.

 

Okay, I'm ready to delete this useless wiki page.

Edited by DK22Pac

Share this post


Link to post
Share on other sites
TheSangheili

Great, Thanks!!!

Share this post


Link to post
Share on other sites
SaH4PoK

Hi all, do you guys could help with the search of addresses of the display sizes of the accumulated money in the pickup? It is very necessary, or at least display on the X-axis in order to correct their tension.

 

fFKNJR.jpg

 

Edited by SaH4PoK

Share this post


Link to post
Share on other sites
DK22Pac

Look at CPickups::RenderPickupText.

 

y8sN64e.png

 

 

 

#include "plugin.h"#include "CFont.h" using namespace plugin; const float MULTIPLIER_X = 1.0f;const float MULTIPLIER_Y = 2.0f; class PickupTextScale {public:    static void SetPickupTextScale(float x, float y) {        CFont::SetScale(x * MULTIPLIER_X, y * MULTIPLIER_Y);    }     PickupTextScale() {        patch::RedirectCall(0x455132, SetPickupTextScale);    }} pickupTextScale;

 

Share this post


Link to post
Share on other sites
SaH4PoK

Big thanks!

Share this post


Link to post
Share on other sites
TheSangheili

...

struct CVehicle {   ...   CVehicleBodyInfo    m_bodyInfo; // offset 0x5A0   ...};struct CVehicleBodyInfo {    float m_fFlatTireFrictionMultiplier;   // 0x00 (0x5A0)    char field_5A4;			    // 0x04 (0x5A4)	// 0   = default, 225 = car on fire, 250 = car blew up. set to something over 250 to reduce health to 250 over time (flags?)    char m_bTireState[4];		    // 0x05 (0x5A5) // 0 = ok, 1 = flat, 2 = Used by planes when landing gear is up     char m_nDoorsState[6]                   // 0x09 (0x5A9) // (Flags) 0 = closed, 1 = open, 2 = damaged, 4 = lost (You can't just set it to 2 or 4, the door will still be rendered closed if you do) // doors in order: hood, trunk, fl-door, fr-door, rl-door, rr-door    char field_5AF			    // 0x0F (0x5AF) // Possible values 0 and 12, maybe it's just padding??    unsigned int m_nFrontBumperDamageFlags; // 0x10 (0x5B0) // 0 = ok, 1 = left light is out, 4 = right light is out, 256 = ???? // (writing has no effect?)    unsigned int m_nDamageFlags;	    // 0x14 (0x5B4) // 0 = ok (Writing has not effect?)}; // size 0x18

btw, is this thread dead?

Edited by TheSangheili

Share this post


Link to post
Share on other sites
DK22Pac

TheSangheili, there's no offset 0x5A0 in CVehicle struct, because CVehicle's size is 0x5A0 bytes.

Yours 'CVehicleBodyInfo' struct is originally called CDamageManager and it's a part of CAutomobile.

Edited by DK22Pac

Share this post


Link to post
Share on other sites
TheSangheili

Oh, thanks again, I thought CVehicle size was 0x0A18 bytes, so I assumed the files in this source were incomplete.

btw, damage manager is a better term.

Edited by TheSangheili

Share this post


Link to post
Share on other sites
DK22Pac

0xA18 is a size of the largest structure in CVehicle hierarchy (CHeli struct)

 

And, as you can see here, R* creates vehicle pool with the size of the largest structure in hierarchy (CPool template takes 2 parameters - first one is a base class, second one is the 'largest' class.

 

static CPool<CVehicle, CHeli> *ms_pVehiclePool;

BRIVFyFm.png

Edited by DK22Pac

Share this post


Link to post
Share on other sites
pep legal

R* creates vehicle pool with the size of the largest structure in hierarchy (CPool template takes 2 parameters - first one is a base class, second one is the 'largest' class.

 

Does that mean there is useful (and not used) memory space between 0x988 and 0xA18 for each Automobile created ???

 

(Currently I'm using 0x4EC to 0x4F7 as "Free" vehicle memory space for custom info)

Edited by pep legal

Share this post


Link to post
Share on other sites
TheSangheili

 

R* creates vehicle pool with the size of the largest structure in hierarchy (CPool template takes 2 parameters - first one is a base class, second one is the 'largest' class.

 

Does that mean there is useful (and not used) memory space between 0x988 and 0xA18 for each Automobile created ???

 

(Currently I'm using 0x4EC to 0x4F7 as "Free" vehicle memory space for custom info)

 

 

Yes, for cars only! But you need to detected when the Automobile is created and when it is removed to reset the values!

Edited by TheSangheili

Share this post


Link to post
Share on other sites
DK22Pac
Posted (edited)

Does that mean there is useful (and not used) memory space between 0x988 and 0xA18 for each Automobile created ???

yes and no.

 

1. What if you need some extra data for CHeli?

2. What if you need more than (0xA18-0x988=) 0x90 bytes?

3. These bytes may contain any random values (aka garbage) (until you initialize them).

4. What if there are two or more plugins/scripts who want to take control over this data?

 

UserA: Wow, I can save data there, I will do it in my mod A!

UserB: I also need this, I will use it in my mod B!

 

Result: mods A and B are not compatible.

 

That's why we have Extender interfaces in plugin-sdk which solve all these problems.

#include "plugin.h"

using namespace plugin;

class VehicleExtraDataExample {
public:
    struct VehicleExtraData {
        char myData[100]; // my data here
        char *myAdditionalData; // and I can also allocate dynamic buffer

        VehicleExtraData(CVehicle *) {
            // I can initialize my data here
            for (int i = 0; i < 100; ++i)
                myData[i] = i;
            myAdditionalData = new char[200]; // I can allocate extra 200 bytes (initialization is skipped)
        }

        ~VehicleExtraData() {
            // and I know it will be deallocated when vehicle is destroyed
            delete[] myAdditionalData;
        }
    };

    VehicleExtraDataExample() {
        static VehicleExtendedData<VehicleExtraData> vehExtraInfo;

        Events::gameProcessEvent += [] {
            for (auto veh : CPools::ms_pVehiclePool) {
                auto &data = vehExtraInfo.Get(veh);
                // work with data
                // ...
            }
        };
    }
} vehicleExtraDatExample;
Edited by DK22Pac

Share this post


Link to post
Share on other sites
pep legal
Posted (edited)

Amazing ! :lol:

...But now, could you give us a similar solution in CLEO script ? :evilgrin: (just kidding)

 

(my problem is I have a 20 thousand lines script which desperately needs extra mem space for cars)

 

---------------

 

and one more question (hope not abusing)...

 

For a given RwResEntry (inside a Geometry)...after a RxD3D9ResEntryHeader struct, I see a RxD3D9InstanceData....Am I correct if I assume there are many more RxD3D9InstanceData next each other, one for each material used by the Geometry ?

 

.

Edited by pep legal

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

×

Important Information

By using GTAForums.com, you agree to our Terms of Use and Privacy Policy.