Quantcast
Jump to content
Search In
  • More options...
Find results that contain...
Find results in...
    1. Welcome to GTAForums!   (84,692 visits to this link)

    2. News

    1. GTA Online

      1. Find Lobbies & Players
      2. Guides & Strategies
      3. Vehicles
      4. Content Creator
      5. Help & Support
    2. Crews

      1. Events
      2. Recruitment
    1. Grand Theft Auto Series

    2. GTA Next

    3. GTA V

      1. PC
      2. Guides & Strategies
      3. Help & Support
    4. GTA IV

      1. Episodes from Liberty City
      2. Multiplayer
      3. Guides & Strategies
      4. Help & Support
      5. GTA Mods
    5. GTA Chinatown Wars

    6. GTA Vice City Stories

    7. GTA Liberty City Stories

    8. GTA San Andreas

      1. Guides & Strategies
      2. Help & Support
      3. GTA Mods
    9. GTA Vice City

      1. Guides & Strategies
      2. Help & Support
      3. GTA Mods
    10. GTA III

      1. Guides & Strategies
      2. Help & Support
      3. GTA Mods
    11. Top Down Games

      1. GTA Advance
      2. GTA 2
      3. GTA
    12. Wiki

      1. Merchandising
    1. GTA Modding

      1. GTA V
      2. GTA IV
      3. GTA III, VC & SA
      4. Tutorials
    2. Mod Showroom

      1. Scripts & Plugins
      2. Maps
      3. Total Conversions
      4. Vehicles
      5. Textures
      6. Characters
      7. Tools
      8. Other
      9. Workshop
    3. Featured Mods

      1. DYOM
      2. OpenIV
      3. GTA: Underground
      4. GTA: Liberty City
      5. GTA: State of Liberty
    1. Red Dead Redemption 2

    2. Red Dead Redemption

    3. Rockstar Games

    1. Off-Topic

      1. General Chat
      2. Gaming
      3. Technology
      4. Programming
      5. Movies & TV
      6. Music
      7. Sports
      8. Vehicles
    2. Expression

      1. Graphics / Visual Arts
      2. GFX Requests & Tutorials
      3. Writers' Discussion
      4. Debates & Discussion
    1. Forum Support

    2. Site Suggestions

Beatnut

Documenting GTA3 memory addresses

Recommended Posts

Beatnut

Well there is one for vice city, one for SA, so i though for those interested i would make one for GTA3. In the same vain as the other two threads, if you find a memory address, Post it in this thread so others can enjoy your findings.

 

Money = 0094139C you can add / subtract and poke a DWORD value to this, works fine for me, havent tryed anything else with this address, yet.

Share this post


Link to post
Share on other sites
JernejL

quite some addresses for gta3 were posted in vc memory topic, btw doing

anything for gta3 is probably stupid because game is like 4 years old and

san andreas pc was just released so why would anyone still bother with gta3 engine?

 

Share this post


Link to post
Share on other sites
Beatnut

Whats the matter with learning? some people still play the game, obviously, as i started this thread, so under assumption you should of guessed that, I dont have SA on pc, I dont like Vice city and to be honest why would people post GTA3 Memory addresses in a vice city memory address topic?

is this not GTAforums? a place to talk about and learn how to edit GTA games? and probably more.

All i wanted was a clean topic where if people knew they could help me and other people out, since the search dosent seem to work on here for me and i didnt see a topic i thought i would start one.

I wanted to know how trainers were made through bordem mainly and so far i have been sucessful, i have made a few friends and i have learnt alot about the trade from them. So far people have been happy to help and point me in the right direction.

Vice city and SA are just more complex versions of the same game, it became obvious to me that it would be easyer for me to learn on a simple game then progress to the harder stuff when i learnt a thing or two, Hence the first game i made a trainer for was mine sweeper.

I guess ill go trawl through the topic about vice city and try and take out the stuff thats useful to me, thanks for your help confused.gif

Share this post


Link to post
Share on other sites
JernejL

okay, sorry, but i just wanted to say you to think twice if it is worth working with so old

game when we have much powerful and better versions confused.gif

 

Share this post


Link to post
Share on other sites
DexX

 

GTA3 Memory addresses in a vice city memory address topic?

is this not GTAforums? a place to talk about and learn how to edit GTA games? and probably more.

Your right, this is a place to do that, THE place really.

And in the interest of keeping the boards as clean as possible, and considering the age of gta3, and vice, i merged the vice memory topic title with gta3. so it now covers both. it also helps to keep as many of those addresses in the same spot as possible, since there were already a considerable amount of gta3 addresses posted in there. post yours there too.

Share this post


Link to post
Share on other sites
OrionSR

I'm not having much luck digging GTA3 info out of the combined topic so I'll post what I've got here where it's easier to find.

 

GTA3 PC (retail, not sure on the version)

 

0x6FB1C8 DWORD pointer to player CPed

 

I think these are animation variables. I just watched the bytes change as I played and tried to make guesses as to their meaning.

 

GTA3:CPed BYTE 0x22C MoveStatus (1 = stand 2 = walk 3 = run 4 = sprint)
GTA3:CPed BYTE 0x234 CarEnex (1 = exit 3 = enter)

 

GTA3:CPed BYTE 0x4AC MeleeStatus

0 Default

1 Attack
2 Defend
3 Advance
5 Headbutt
7 GutPunch
8 Kick
9 JumpKick
12 GroundKick
14 BackDamage
15 RightDamage
16 LeftDamage
17 GroinDamage
18 LowDamage
19 FrontDamage
20 HeadDamage


GTA3:CPed BYTE 0x1D4 WeaponMoves
1 HandForward (Fists Grenades Molotov)
2 RocketForward (Rockets)
3 MoveForward (Pistol Uzi)
4 NoSprintForward (Shotgun AK47 M4 Rifle Flame)
5 BatForward (Bat)
19 MoveBack
20 MoveLeft
21 MoveRight
22 RocketBack
23 RocketLeft
24 RocketRight

GTA3:CPed BYTE 0x154 StatusBits (bit flags)
0 OnGround
1 Standing
2 Attack (melee while running to reset)
3 (not observed)
4 TouchedEntity (doesn't seem to go away after first touch)
5 LookFront (follows LookBack)
6 LookBack
7 HipShot (when using weapons that can fire without aiming)

It's not the traditional format but it's really easy to export from my templates.

Offset  Size  GTA3   Player5F0h    1520  struct CPed+        0h      4     DWORD  unknown_vtbl4h      12    struct RwV3D cam_roll_xyz14h     12    struct RwV3D cam_direction_xyz24h     12    struct RwV3D cam_previous_xyz34h     12    struct RwV3D playerCoordsC0h     4     FLOAT  weightEEh     1     BYTE   nEntitiesTouchedF0h     4     DWORD  pPlayerVehicleF4h     4     DWORD  pPlayerVehicle14Ch    1     BYTE   bOnGround154h    1     BYTE   StatusBits170h    4     DWORD  pPlayerVehicle1D4h    1     BYTE   WeaponMoves1F0h    4     DWORD  pPlayerCPed228h    1     BYTE   bAnimating22Ch    1     BYTE   MoveStatus234h    1     BYTE   CarEnex2C0h    4     FLOAT  health2C4h    4     FLOAT  armor30Ch    4     DWORD  pPlayerVehicle310h    4     DWORD  pPlayerVehicle314h    1     BYTE   bIsDriving344h    4     DWORD  pPlayerVehicle35Ch    312   struct weaponslots[13]498h    1     enum   WEPNO weaponSlot4A0h    12    struct RwV3D MeleeCoords  4ACh    1     BYTE   MeleeStatus4B8h    4     DWORD  pPreviousVehicle4C0h    4     enum   WEPID weaponModel4F4h    40    DWORD  pNearestCPeds[10]51Ch    1     BYTE   nLoadedCpeds53Ch    4     DWORD  pWantedArray548h    4     FLOAT  fCurrentStamina54Ch    4     FLOAT  fNaxStamina550h    4     FLOAT  fSprintDistance57Ch    1     BYTE   bAdrenalineMode580h    4     DWORD  tAdrenalineTimer

At one point all of the pointers labeled as pPlayerVehicle pointed to the same car, but not always. I'm still trying to work out the details.

 

What is a vtbl? I'm assuming this means "variable table" but, what is this value and how can I confirm what it is? It seems too small to be a pointer and too large to be an index.

Edited by OrionSR

Share this post


Link to post
Share on other sites
MrPancakes

i've never seen someone dig up a decade old thread.

Edited by MrPancakes

Share this post


Link to post
Share on other sites
OrionSR

Yeah, I know. But the other topic isn't working for GTA3 and this topic has the correct title.

 

Does anyone know where the global timer is hidden in GTA 3 memory?

 

How is the player rotation determined?

Edited by OrionSR

Share this post


Link to post
Share on other sites
OrionSR

Player CPED+ 0x53C
Pointer to WantedArray [32 bytes] (unconfirmed size)


0x00 DWORD WantedChaos (ticks down when not in view of cops with less than 2 stars)
0x04 DWORD tWantedTicker (updates continuously when not in view of cops with less than 2 stars)
0x08 DWORD tWantedChange (updates to global timer when wanted level changes)
0x0C BYTE fWantedSensitivity (no opcode?)
0x10 BYTE unknownBytes[4] (probably all flags)
0x14 BYTE WantedCops (4=Cops3, 8=SWAT4, 10=FBI5, 12=Army6)
0x15 BYTE WantedBits
0x16 BYTE WantedFlags
0x17 BYTE unknownByte
0x18 DWORD WantedLevel (Stars)
0x1C DWORD WantedCrime



WantedChaos 0x00 - Wanted Star level
1 - 40
2 - 200
3 - 400
4 - 800
5 - 1600
6 - 3200

WantedCrime Type 0x1C - Persists for 12 seconds
1 - Light Weapon
2 - Melee Attack
3 - Melee Cop
4 - Heavy Weapon
5 - Heavy Cop
6 - Jack Vehicle
8 - Car Kill
14 - Flame Attack

Wanted Flags 0x16 - Ignore and More
1 - Ignored by Cops
2 - Ignored by Everyone
4 - unknown

* bitflag data is incomplete; there are more to be identified by the curious

Edited by OrionSR

Share this post


Link to post
Share on other sites
Seemann

What is a vtbl? I'm assuming this means "variable table" but, what is this value and how can I confirm what it is? It seems too small to be a pointer and too large to be an index.

 

https://en.wikipedia.org/wiki/Virtual_method_table

Simply speaking, if a class contains virtual methods (that can be redefined / overloaded in a child class) it's very first DWORD is a pointer to the array of pointers to the functions implemeting this class' methods. For example, a method Destroy or Free is virtual, and have its own implemetation for different classes (in the class CPed you must do one thing, whereas in the class CCopPed you must do another one). The VMT is constant and built by the compiler for each virtual class.

 

GTA III VMTs

 

CPed

.data:005F8C2C _5CPed::`vtbl' dd offset CPed::Destroy(void)                ; DATA XREF: CPed::CPed((uint))+12o.data:005F8C2C                                                             ; CPed::~CPed((void))+5o.data:005F8C30 dd offset CPhysical::Add((void)).data:005F8C34 dd offset CPhysical::Remove((void)).data:005F8C38 dd offset CPed::SetModelIndex((uint)).data:005F8C3C dd offset CEntity::SetModelIndexNoCreate((uint)).data:005F8C40 dd offset CEntity::CreateRwObject((void)).data:005F8C44 dd offset CEntity::DeleteRwObject((void)).data:005F8C48 dd offset CPhysical::GetBoundRect((void)).data:005F8C4C dd offset CPed::ProcessControl((void)).data:005F8C50 dd offset CPhysical::ProcessCollision((void)).data:005F8C54 dd offset CPhysical::ProcessShift((void)).data:005F8C58 dd offset sub_4D3E70.data:005F8C5C dd offset CPed::PreRender(void).data:005F8C60 dd offset CPed::Render(void).data:005F8C64 dd offset CPed::SetupLighting(void).data:005F8C68 dd offset CPed::RemoveLighting(void).data:005F8C6C dd offset CPed::FlagToDestroyWhenNextProcessed((void)).data:005F8C70 dd offset CPed::ProcessEntityCollision(void).data:005F8C74 dd offset CPed::SetMoveAnim((void))

CCivilianPed

 

.data:005F819C _13CCivilianPed::`vtbl' dd offset CCivilianPed::Destroy(void).data:005F819C                                                             ; DATA XREF: CCivilianPed::CCivilianPed((ePedType,uint))+16o.data:005F819C                                                             ; sub_4BFFC0+3o.data:005F81A0 dd offset CPhysical::Add((void)).data:005F81A4 dd offset CPhysical::Remove((void)).data:005F81A8 dd offset CPed::SetModelIndex((uint)).data:005F81AC dd offset CEntity::SetModelIndexNoCreate((uint)).data:005F81B0 dd offset CEntity::CreateRwObject((void)).data:005F81B4 dd offset CEntity::DeleteRwObject((void)).data:005F81B8 dd offset CPhysical::GetBoundRect((void)).data:005F81BC dd offset CCivilianPed::ProcessControl((void)).data:005F81C0 dd offset CPhysical::ProcessCollision((void)).data:005F81C4 dd offset CPhysical::ProcessShift((void)).data:005F81C8 dd offset sub_4D3E70.data:005F81CC dd offset CPed::PreRender(void).data:005F81D0 dd offset CPed::Render(void).data:005F81D4 dd offset CPed::SetupLighting(void).data:005F81D8 dd offset CPed::RemoveLighting(void).data:005F81DC dd offset CPed::FlagToDestroyWhenNextProcessed((void)).data:005F81E0 dd offset CPed::ProcessEntityCollision(void).data:005F81E4 dd offset CPed::SetMoveAnim((void))

CEmergencyPed

 

.data:005F8374 _14CEmergencyPed::`vtbl' dd offset sub_4C3F40               ; DATA XREF: CEmergencyPed::CEmergencyPed((uint))+18o.data:005F8374                                                             ; sub_4C2EF0+3o.data:005F8378 dd offset CPhysical::Add((void)).data:005F837C dd offset CPhysical::Remove((void)).data:005F8380 dd offset CPed::SetModelIndex((uint)).data:005F8384 dd offset CEntity::SetModelIndexNoCreate((uint)).data:005F8388 dd offset CEntity::CreateRwObject((void)).data:005F838C dd offset CEntity::DeleteRwObject((void)).data:005F8390 dd offset CPhysical::GetBoundRect((void)).data:005F8394 dd offset sub_4C2F10.data:005F8398 dd offset CPhysical::ProcessCollision((void)).data:005F839C dd offset CPhysical::ProcessShift((void)).data:005F83A0 dd offset sub_4D3E70.data:005F83A4 dd offset CPed::PreRender(void).data:005F83A8 dd offset CPed::Render(void).data:005F83AC dd offset CPed::SetupLighting(void).data:005F83B0 dd offset CPed::RemoveLighting(void).data:005F83B4 dd offset CPed::FlagToDestroyWhenNextProcessed((void)).data:005F83B8 dd offset CPed::ProcessEntityCollision(void).data:005F83BC dd offset CPed::SetMoveAnim((void))

CCopPed

 

.data:005F82A4 _8CCopPed::`vtbl' dd offset sub_4C2E00                      ; DATA XREF: CCopPed::CCopPed((eCopType))+19o.data:005F82A4                                                             ; sub_4C13E0+3o.data:005F82A8 dd offset CPhysical::Add((void)).data:005F82AC dd offset CPhysical::Remove((void)).data:005F82B0 dd offset CPed::SetModelIndex((uint)).data:005F82B4 dd offset CEntity::SetModelIndexNoCreate((uint)).data:005F82B8 dd offset CEntity::CreateRwObject((void)).data:005F82BC dd offset CEntity::DeleteRwObject((void)).data:005F82C0 dd offset CPhysical::GetBoundRect((void)).data:005F82C4 dd offset sub_4C1400.data:005F82C8 dd offset CPhysical::ProcessCollision((void)).data:005F82CC dd offset CPhysical::ProcessShift((void)).data:005F82D0 dd offset sub_4D3E70.data:005F82D4 dd offset CPed::PreRender(void).data:005F82D8 dd offset CPed::Render(void).data:005F82DC dd offset CPed::SetupLighting(void).data:005F82E0 dd offset CPed::RemoveLighting(void).data:005F82E4 dd offset CPed::FlagToDestroyWhenNextProcessed((void)).data:005F82E8 dd offset CPed::ProcessEntityCollision(void).data:005F82EC dd offset CPed::SetMoveAnim((void))

CPlayerPed

.data:005FA500 _10CPlayerPed::`vtbl' dd offset sub_456920                  ; DATA XREF: CPlayerPed::CPlayerPed((void))+13o.data:005FA500                                                             ; CPlayerPed::~CPlayerPed((void))+3o.data:005FA500                                                             ; debug162:096A61F8o.data:005FA500                                                             ; 0BEE1F60o ....data:005FA504 dd offset CPhysical::Add((void)).data:005FA508 dd offset CPhysical::Remove((void)).data:005FA50C dd offset CPed::SetModelIndex((uint)).data:005FA510 dd offset CEntity::SetModelIndexNoCreate((uint)).data:005FA514 dd offset CEntity::CreateRwObject((void)).data:005FA518 dd offset CEntity::DeleteRwObject((void)).data:005FA51C dd offset CPhysical::GetBoundRect((void)).data:005FA520 dd offset CPlayerPed::ProcessControl((void)).data:005FA524 dd offset CPhysical::ProcessCollision((void)).data:005FA528 dd offset CPhysical::ProcessShift((void)).data:005FA52C dd offset sub_4D3E70.data:005FA530 dd offset CPed::PreRender(void).data:005FA534 dd offset CPed::Render(void).data:005FA538 dd offset CPed::SetupLighting(void).data:005FA53C dd offset CPed::RemoveLighting(void).data:005FA540 dd offset CPed::FlagToDestroyWhenNextProcessed((void)).data:005FA544 dd offset CPed::ProcessEntityCollision(void).data:005FA548 dd offset sub_4F3760
Edited by Seemann

Share this post


Link to post
Share on other sites
Seemann

Does anyone know where the global timer is hidden in GTA 3 memory?

bss:00885B48 _ZN6CTimer22m_snTimeInMillisecondsE_ptr // CTimer::m_snTimeInMilliseconds

 

How is the player rotation determined?

just like any other CPlaceable and its descendants

double z = atan2(-y,x) * 180.0 / M_PI;if (z  360.0) { z -= 360.0; }

where y is RwMatrix.top.y (CPlaceable+0x14), and x is RwMatrix.top.x (CPlaceable+0x18)

Edited by Seemann

Share this post


Link to post
Share on other sites
OrionSR

I contacted customer support at SweetScape about my difficulties finding absolute game memory addresses in 010, which currently omits address ranges that can't be read from it's local offsets. The response was quick. Basically, we're working on it, and in the meantime here's a handy script that will Goto a specific memory location. I asked, and I can re-post it and we can modify it however we want.

 

They offered to host the original script in their Script Archive; I'll try to update with a direct link when it becomes available.

 

GotoMemoryLocation.1sc

//--------------------------------------//--- 010 Editor v6.0a Script File//// File:    GotoMemoryLocation.1sc// Author:  SweetScape Software// Revision:1.0// Purpose: Run this script on a process and//  enter a memory location in the dialog//  that is displayed. The memory address//  is converted to a local address and the//  cursor is moved to that position.//--------------------------------------// Input a numberint64 pos = InputNumber( "Goto Memory Location",     "Enter a memory location to goto in the current process. Use 'h' after a number to denote a hex address.", "0h" );if( pos == BAD_VALUE )    return -1; // cancelled// Computer addresspos = ProcessHeapToLocalAddress( pos );if( pos < 0 ){    Warning( "Could not convert memory address or the current file is not a process." );    return -2;}// Goto the addressSetCursorPos( pos );SetSelection( pos, 0 ); 

I assigned this script to a right-click button. Be sure to click on the hex display, it won't work on template output.

Share this post


Link to post
Share on other sites
OrionSR

GTA3_Cped9.bt

 

This template represents my current progress for mapping the Cped structure for GTA3. I don't expect to continue this investigation any time soon as I've learned that most of this information doesn't matter as far as the save is concerned.

 

I've backtracked on trying to guess where many of the pointers are pointing. My observations provided inconsistent results.

 

I've been using "c" to identify a "constant" but I'm not sure if that's a standard or not, and I'm not really sure if what I marked as a constant really is constant; I just labeled them that way to making it easier to identify when something changed.

 

In general, there is a lot of speculation here. Don't believe anything you can't verify yourself.

 

 

 

//--------------------------------------//--- 010 Editor v6.0.2 Binary Template//// Author: OrionSR// Purpose: Mapping GTA3 CPed in saves,//          snippets, and process memory.// Last edit: 1 July 2015//--------------------------------------typedef struct RwV3D{  FLOAT X, Y, Z;};void align(int n){    FSkip(n);};enum <DWORD> WEPID { Fists = -1, Grenade = 170, Ak47 = 171, Bat = 172, Colt45 = 173, Molotov = 174, Rocket = 175, Shotgun = 176, Sniper = 177, Uzi = 178, Missile = 179, M16 = 180, Flame = 181, Bomb = 182, Fingers = 183 };enum <BYTE> WEPNO { bFists = 0, bGrenade = 11, bAk47 = 5, bBat = 1, bColt45 = 2, bMolotov = 10, bRocket = 8, bShotgun = 4, bSniper = 7, bUzi = 3, bMissile = 179, bM16 = 6, bFlame = 9, bBomb = 12, bFingers = 183 };// Find first instance of Cped based on weight and the following 4 floatsFSeek(FindFirst("00 00 8C 42 00 00 C8 42 00 00 80 3F E7 3E BB 3B CD CC 4C 3D,h", true, false));FSkip(-0xC0);Printf( "%d\n", FindFirst("00 00 8C 42 00 00 C8 42 00 00 80 3F E7 3E BB 3B CD CC 4C 3D,h", true, false));// 0x6FB1C8  DWORD   pPlayerCPed // pointer to player CPed game memory offset//                      Cped Stucture                        struct                        {                            DWORD unknown_vtbl <format=hex>; // 0x00                            RwV3D cam_roll_xyz;         // 0x04                            DWORD unknown_CMatrix;      // 0x10                            RwV3D cam_direction_xyz;    // 0x14                            DWORD unknown_CMatrix;      // 0x20                            RwV3D cam_previous_xyz;     // 0x24                            DWORD unknown_CMatrix;      // 0x30                             RwV3D playerCoords <comment="persistent">; // 0x34                            DWORD unknown_playerCoords; // 0x40                            DWORD unknownPointer1 <format=hex>; // something with player coords                            DWORD unknownEmpty;                            DWORD unknownPointer2 <format=hex>; // something with player coords                            DWORD unknownTimer <format=hex>;   //                             DWORD unknownEmpty;                            DWORD unknownDword <format=hex>;                            DWORD unknownEmpty;                            DWORD unknownDword <format=hex>;                            DWORD unknownDword_data; //usually 10, 35 on first control                            FLOAT unknown_c100;                               DWORD unknownPointer3 <format=hex>; //                             DWORD unknownPointer4 <format=hex>; //                             DWORD unknownTimer <format=hex>;   //                             struct {                                BYTE unknown[72];                                } unknownEmptyBytes;                            FLOAT weight <comment="search string">;       // 0xC0                              FLOAT unknown_c100 <comment="search string">; // 0xC4                            FLOAT unknown_c1 <comment="search string">;   // 0xC8                            FLOAT unknown_s0 <comment="search string">;   // 0xCC                            FLOAT unknown_s1 <comment="search string">;   // 0xD0                            struct {                                BYTE unknown[16];                                } unknownEmptyBytes;                            DWORD unknownPointer5 <format=hex>; //                             DWORD unknownPointer6 <format=hex>; //                             struct {                                BYTE unknown[2];                                } unknownBytes;                            BYTE nEntitiesTouched;                            struct {                                BYTE unknown[1];                                } unknownBytes;                            DWORD unknownPointer7 <format=hex>; // 0xF0                            DWORD unknownPointer8 <format=hex>; // 0xF4                            struct {                                BYTE unknown[28];                                 } unknownEmptyBytes;                            FLOAT unknonwnFloat;        // 0x114                            FLOAT unknonwnFloat;                              FLOAT unknonwnFloat;                              DWORD unknownDword <format=hex>;                                 DWORD unknownDword <format=hex>;                                  RwV3D unknownCoords[3];     // 0x128 // near player                            BYTE bOnGround; // or InCar // 0x14C                            struct {                                BYTE unknown[7];                                } unknownEmptyBytes;                            BYTE StatusBits;     // 0x154  1=OnGround, 2=Standing, 4=Melee, 16=TouchedEntity, 32=LookFront, 64=LookBack, 128=HiShot                            BYTE AnimBits;       // 0x155  1=TargetedShot, 2=Attacked, 4=Reload, 8=InAir, 16=Landing, 64=Coliding                            BYTE CarBits;        // 0x156  1=EnterCar, 2&4=AlwaysOn, 8=ExitCar                            BYTE unknownByte;    //                               BYTE PedBits;        // 0x158  8=GetUp                                                  BYTE unknownByte;    //                               BYTE bUsageType <comment="persistent">;  // 0x160 (1=Random, 2=Script) or bOriginType                               BYTE unknownByte;    //                               DWORD unknownDword_c8 <format=hex>;                            BYTE unknownByte;                            struct {                                BYTE unknown[15];                                } unknownEmptyBytes;                            DWORD unknownPointer9 <format=hex>; // 0x170                            struct {                                BYTE unknown[48];                               } unknownBytes;                            DWORD UnknownPointerArray[12] <format=hex>; // 0x1A4 (to 32 byte structures)                            BYTE WeaponMoves; // 0x1D4                            struct {                                BYTE unknown[27];                               } unknownBytes;                            DWORD pPlayerCPed <format=hex>;  // 0x1F0                            FLOAT unknonwnFloat;                              FLOAT unknonwnFloat;                              struct {                                BYTE unknown[40];                               } unknownBytes;                            BYTE unknownByte;         // 0x228                            struct {                                BYTE unknown[3];                               } unknownBytes;                            BYTE bAnimating;         // 0x228                            struct {                                BYTE unknown[3];                               } unknownBytes;                            BYTE MoveStatus;         // 0x22C                            struct {                                BYTE unknown[7];                               } unknownBytes;                            BYTE CarEnex;         // 0x22C                            struct {                                BYTE unknown[7];                               } unknownBytes;                            DWORD unknownTimer <format=hex>;                             struct {                                BYTE unknown[128];                               } unknownBytes;                            FLOAT health <comment="persistent">;  // 0x2C0                            FLOAT armor <comment="persistent">;   // 0x2C4                            WORD  unknownWord;                             struct {                                BYTE unknown[18];                                } unknownBytes;                            FLOAT unknonwnFloat;                              FLOAT unknonwnFloat;                              FLOAT unknonwnFloat;                              BYTE unknownByte;                             struct {                                BYTE unknown[19];                                } unknownBytes;                            DWORD unknownPointer10 <format=hex>; //                             struct {                                BYTE unknown[12];                                } unknownBytes;                            DWORD unknownPointer11 <format=hex>; // 0x30C                            DWORD unknownPointer12 <format=hex>; // 0x310                            BYTE bIsDriving;          // 0x314                            struct {                                BYTE unknown[3];                                } unknownBytes;                            FLOAT unknown_c1orInCar; // 0.5 in vehicle?                            struct {                                BYTE unknown[2];                                } unknownBytes;                            INT16 unknownWord;                            struct {                                BYTE unknown[16];                                } unknownBytes;                            DWORD unknownDword <format=hex>;                            struct {                                BYTE unknown[16];                                } unknownBytes;                            DWORD unknownPointer13 <format=hex>; //  0x344                            struct {                                BYTE unknown[20];                                } unknownBytes;                            struct {                                WEPNO weaponID;                                  BYTE  align1[3];                                        DWORD WeaponState;                                DWORD clipAmmo;                                DWORD weaponAmmo;                                DWORD LastShotTime;                                BYTE WepCamMode;                                BYTE align2[3];                            } weaponslots[13] <format=hex, comment="persistent">; // 0x35C                            BYTE unknownByte_c16;                            struct {                                BYTE unknown[3];                                 } unknownBytes_100;                            WEPNO weaponSlot <comment="persistent">;        // 0x498                            BYTE nWeaponCount <comment="persistent">; // 0x499                            BYTE unknownByte <format=hex>;                            BYTE unknownByte_c100;                             struct {                               BYTE unknown[4];                                } unknownBytes;                            RwV3D MeleeCoords;       // 0x4A0                            BYTE MeleeStatus;        // 0x4AC                            struct {                                BYTE unknown[4];                                 } unknownBytes;                            BYTE unknownByte_cFE;    // 0x4B1                            struct {                                BYTE unknown[6];                                 } unknownBytes;                            DWORD unknownPointer14 <format=hex>; // 0x4B8                            DWORD unknownDword <format=hex>;                            WEPID weaponModel;       // 0x4C0                            struct {                                BYTE unknown[4];                                 } unknownBytes;                            DWORD unknownTimer <format=hex>;   //                             DWORD unknownTimer <format=hex>;   //                             struct {                                BYTE unknown[34];                                 } unknownBytes;                            BYTE unknownByte_cFF;     //                             BYTE unknownByte;         //                             DWORD pNearestCPeds[10] <format=hex>;  // 0x4F4                            BYTE nLoadedCpeds;        // 0x51C                            BYTE unknownByte;         //                             BYTE unknownByte_cFF;     //                             BYTE unknownByte;         //                             DWORD unknownTimer <format=hex>;   //                             DWORD unknownTimer <format=hex>;   //                             WORD  unknownWord;   //                             WORD  unknownWord;   //                             struct {                                BYTE unknown[16];                                 } unknownBytes;                            DWORD pWantedArray <format=hex>; // 0x53C                            struct {                                BYTE unknown[8];                                 } unknownBytes;                            FLOAT fCurrentStamina;     // 0x548                            FLOAT fNaxStamina <comment="persistent">;         // 0x54C                            FLOAT fSprintDistance;     // 0x550                                   BYTE unknownByte_0or9;     //                             BYTE unknownByte_c1;       //                             BYTE unknownByte;          //                             BYTE unknownByte;          //                             DWORD unknownTimer <format=hex>;   //                             DWORD unknownEmptyDword <format=hex>;                            DWORD unknownDword <format=hex>;                            DWORD unknownEmptyDword <format=hex>;                            DWORD unknownEmptyDword <format=hex>;                            DWORD TargetableObject1 <format=hex, comment="persistent">;; // 0x56C                            DWORD TargetableObject2 <format=hex, comment="persistent">; // 0x570                            DWORD TargetableObject3 <format=hex, comment="persistent">; // 0x574                            DWORD TargetableObject4 <format=hex, comment="persistent">; // 0x578                            BYTE bAdrenalineMode;      // 0x57C                            struct {                                BYTE unknown[3];                                } unknownBytes;                            DWORD tAdrenalineTimer <format=hex>; // 0x580                            BYTE unknownByte_c1;       //                             BYTE unknownByte;          //                             BYTE unknownByte;          //                             BYTE unknownByte;          //                             struct {                                BYTE unknownEmptyBytes[96];                                } unknownBytes;                            DWORD unknownWantedDword <format=hex>;                            DWORD unknownEmptyDword;//                        } CPed[138];       // 0x5F0 size of CPed                        } CPed[138];       // for use in memory array

 

 

Edited by OrionSR

Share this post


Link to post
Share on other sites
Seemann

Very impressive, if you did it without a debugger.

 

0x310 is the pointer to a CVehicle if the ped is driving.

Share this post


Link to post
Share on other sites
OrionSR

Thanks. And yes, this was a purely observational study, and player ped data was always used - so take everything with a grain of salt. The basic strategy was to take Cped grabs from memory during game play using the template above and comparing the results. Anything that changed was then displayed on screen with a cleo script so I could keep a closer eye on things as I played.

 

I quickly got over my head trying to figure out where the pointers were pointing. 0x310 seems to be consistent with ped vehicle, but so was 0x30C and 0x170. Lots of things light up when the player enters a vehicle.

 

Pointers on Pointers

 

0x44 and 0x4C: These two point to a much different area of memory than most other pointers. I don't know what I found; my notes are, "something with player coordinates." These values did not change during my experiments.

 

0x6C seems like a primary object - whatever the player is on or over, even when in a car.

 

0x70 included the same data as 0x6C but didn't light up until the player had entered a 2nd car, or perhaps moved to a different object. My experiments were not terribly controlled. I was mostly gathering data to form hypothesizes I could test.

 

0xE4 pointed to a huge array of 20 byte structures. 0xE8 pointed to a huge array of 6 byte structures. The pointers appear to point to different records within their arrays as game play continues.

 

0xF0 and 0x2FC were pretty much the same as 0x6C except when standing on a car. Then, iirc, they pointed to a unique structure that I suspect is some sort of attachment bot that allows the ped to move in relation to moving vehicles or objects.

 

0xF4 lit up with a vehicle pointer when the first car was entered, but then was pointing at objects when a 2nd car was entered, and... I don't know what to do with this field.

 

0x170, 0x310 and 0x30C all pointed to the same vehicle.

 

0x344 pointed to a vehicle record after the first vehicle was entered and retained that value after a 2nd car was entered. I was thinking this was going to be the previous vehicle pointer until it reset to 0 after entering a 3rd car.

 

0x4B8 had the same data as 0x344 but also pointed to the weird attachment bot. But unlike 0xF0 and 0x2FC the pointer didn't change when the player jumped off the vehicle.

Edited by OrionSR

Share this post


Link to post
Share on other sites
JazzCZ

Has anyone found a Start New Game memory address?

I'm trying to make an autosplitter for speedrunning, but I cannot make it start automatically. Also need address for starting the first ingame cutscene on the bridge.

Share this post


Link to post
Share on other sites
Shagg_E

In addition to this - vehicles(maybe also peds and entity) struct:

+0x78 - [float] - x push
+0x7C - [float] - y push
+0x80 - [float] - z push
+0x84 - [float] - X turn speed
+0x88 - [float] - Y turn speed
+0x8C - [float] - Z turn speed

 

Edited by NRShaggy

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

×

Important Information

By using GTAForums.com, you agree to our Terms of Use and Privacy Policy.