MantisBT - Cheat Engine
View Issue Details
0000096Cheat Enginepublic2009-02-01 23:552009-02-03 19:40
ReporterCsimbi 
Assigned To 
PrioritynormalSeverityminorReproducibilityhave not tried
StatusacknowledgedResolutionopen 
PlatformOSOS Version
Summary0000096: CE 5.5 Code finder identifies "funny" instructions
DescriptionHi there,
I am using the code finder to find all instructions that access a certain byte in the memory.
The funny thing is, one of these instructions is a jump instructions.
I am not very good in ASM, but my gut feeling is telling me that this is wrong.
I attached the screenshots.
Additional InformationThe game I am attempting to hack is Master of Magic, running in DosBox.
TagsNo tags attached.
Attached Files

Notes
(0000208)
Dark Byte   
2009-02-02 01:03   
(Last edited: 2009-02-02 01:04)
Is shot2.png really like that or do you just hate me and removed the lines above and below the instruction with an editor just to spite me ?

anyhow, in cases this happens it can be caused by a rep xxxx instruction (should be right after the jmp) because normally a breakpoint happens ce has to go one stap back to find the original called, but with a rep xxxx that isn't the case unless it was the last iteration

If it's really like that I have no clue what causes it except a messed up dpi problem, but then I wonder why the middle one IS visible...

Also, you mention it's running in dosbox, which means it's running under an emulator. finding what accesses an address will return the code of the emulator, not the game. (unless you play in real-mode emulation using ntvdm.exe)

(0000210)
Csimbi   
2009-02-02 20:57   
(Last edited: 2009-02-02 20:59)
It's really like that, and it happens every time like that.

Yes, DoxBox is an emulator. Your response about an emulator executing the instructions in the game makes sense, so I am happy to close this problem.

It should be interesting to figure out why the rest of the code is not listed (the part you are missing from shot2).

Edit:
The game is available for download at abandon-ware sites, if you are interested to check it out for yourself, let me know and I will write down how I ended up with that screen shot.

(0000211)
Csimbi   
2009-02-03 00:39   
I found another one of these; Z: Steel Soldiers 1.41b. (See the SHOTS2.ZIP that I just attached above.)
This is a windows game, so no emulator is involved.
(0000216)
Dark Byte   
2009-02-03 16:53   
could be a disassembler bug and it can't properly calculate the 'previousopcode' address. Or perhaps you where looking for a stack address that was put there and the instruction to there was a call that pushed the return address on the location you where watching, or it's an unhandled event from a previous kernelmode debugger event (but then it'd most likely be the first)
(0000217)
Csimbi   
2009-02-03 19:40   
This second one was a floating point value (the resource count).

Issue History
2009-02-01 23:55CsimbiNew Issue
2009-02-01 23:55CsimbiFile Added: SHOTS.ZIP
2009-02-02 01:03Dark ByteNote Added: 0000208
2009-02-02 01:03Dark ByteStatusnew => acknowledged
2009-02-02 01:04Dark ByteNote Edited: 0000208
2009-02-02 20:57CsimbiNote Added: 0000210
2009-02-02 20:59CsimbiNote Edited: 0000210
2009-02-03 00:37CsimbiFile Added: SHOTS2.ZIP
2009-02-03 00:39CsimbiNote Added: 0000211
2009-02-03 16:53Dark ByteNote Added: 0000216
2009-02-03 19:40CsimbiNote Added: 0000217