All NWScript functions identified

Papillon · x-man Joined: 28 Dec 2004 Posts: 1060 Location: Germany

This is just a heads-up for NWNX hackers.

By backtracing a known virtual machine function, I was able to correlate nwscript.nss and the virtual machine function table. This resulted in a complete list of all NWScript functions (GetTimeMillisecond, ActionSit, GetLastTrapDetected, and so on) and their exact memory locations in nwn2server.

I am not sure if it would be a wise idea to post the list here, but I think some instructions can not hurt Wink

.

1) Call a known NWScript function and let it RET in the debugger. It will jump into a small code section of 21 lines (starting with MOV EAX, ... and ending with RETN 8 ).
2) After the first few lines, EDX will contain the location of the function pointer table
3) EAX contains the function ID. This ID conveniently correlates with the position of the function definition in nwscript.nss (*)
4) The function adress is calculated from the lookup table like this: EDX+EAX*4.
5) Using an editor of your choice, copy the lookup table into a text file, and match the functions from nwscript.nss, line by line. An editor which supports column operations (e.g. UltraEdit) helps.

(*) int Random() is ID 0, each (real) line following this increments the ID by one.

I am not sure what to do with this yet, but it will surely proove helpful in the future Smile

.
_________________
Papillon

virusman · Joined: 30 Jan 2005 Posts: 1020 Location: Russia

I thought you knew this.. It's very useful for describing memory structures, finding offsets and specific functions, etc.
This table is being built dynamically on server startup with a special function. (1.05: 0x54ADD0) I guess it's a CNWVirtualMachineCommands constructor.
Groups of certain NWScript functions are handled by one function (like ItemProperties, some kinds of Effects, dices, SetLocal*, GetLocal*, math functions, etc.).
All functions use script stack (push&pop functions for every data type) to get parameters and pass return values.

Papillon · x-man Joined: 28 Dec 2004 Posts: 1060 Location: Germany

Well, I knew before, but I never bothered to compile all functions into a comprehensive list.

Since you mentioned the stack functions: Have you ever tried to manipulate the stack and then call an engine funtions (which takes the arguments from stack) ?
_________________
Papillon

virusman · Joined: 30 Jan 2005 Posts: 1020 Location: Russia

Papillon · x-man Joined: 28 Dec 2004 Posts: 1060 Location: Germany

I do see a need for calling e.g. DelayCommand(ExecuteScript()), that's why I am asking.
_________________
Papillon

virusman · Joined: 30 Jan 2005 Posts: 1020 Location: Russia

I think, it'd be better to call the corresponding engine function instead.

Papillon · x-man Joined: 28 Dec 2004 Posts: 1060 Location: Germany

In fact, I am talking about engine functions, like SetString and the like (see above). What type of functions are you talking about ?
_________________
Papillon

GodBeastX · Joined: 09 Aug 2006 Posts: 65

Oh, I didn't even see this thread! This is awesome news! Maybe I can finally put in a backend to ExportCharacter

Urlord · Joined: 17 Nov 2006 Posts: 122

Could one of you plugin development folks possibly use this information to find the function that dumps all an object's variables (like the DM command)?
_________________
Jim (aka, Urlord)
Visit the Persistent World of Nymri

The NWNX Community Forum