View previous topic :: View next topic |
Author |
Message |
sgsgwv$6263 Advanced Cheater Reputation: 0
Joined: 05 Aug 2020 Posts: 75
|
Posted: Fri Feb 23, 2024 6:49 am Post subject: Memory addressgetting accessed by pure register instructions |
|
|
Hi. So I have a memory address and it is getting accessed by this instruction:
But I think its impossible. Uptil now whenever I tried " what accesses this address" functionality, it always gave me instructions which had [] in them like:
So here it seems like the instruction is working with registers but in reality they are accessing memory address.
So, I am confused here. Can someone tell me how to see the actual instruction which is accessing the memory address. Or naybe I have to use some other debugger or is it because of some bug in CE. I am using 6.8.1 version btw
|
|
Back to top |
|
|
Dark Byte Site Admin Reputation: 458
Joined: 09 May 2003 Posts: 25298 Location: The netherlands
|
Posted: Fri Feb 23, 2024 8:56 am Post subject: |
|
|
bug in old ce
just look at the next instruction
also make sure editing a value has an effect in the game before you debug, this usually happens on display values
_________________
Do not ask me about online cheats. I don't know any and wont help finding them.
Like my help? Join me on Patreon so i can keep helping |
|
Back to top |
|
|
sgsgwv$6263 Advanced Cheater Reputation: 0
Joined: 05 Aug 2020 Posts: 75
|
Posted: Fri Feb 23, 2024 11:11 am Post subject: |
|
|
Thanks for the reply sir.
I checked there is no instruction around that instruction which access the same memory.
As far as bug in old ce is concerned, I am happy that its a known bug but have not checked with newer version. Can you tell me the version in which it was fixed. I can't check change log for each version after 6.8.1 as a human.
Its also a value which affects the game.
And even if its a display value, the debugger should find the instruction which is accessing it or modifying it. That is the expectation.
Last edited by sgsgwv$6263 on Sat Feb 24, 2024 7:38 am; edited 1 time in total |
|
Back to top |
|
|
Dark Byte Site Admin Reputation: 458
Joined: 09 May 2003 Posts: 25298 Location: The netherlands
|
Posted: Fri Feb 23, 2024 12:40 pm Post subject: |
|
|
rep movs* accesses memory as well
_________________
Do not ask me about online cheats. I don't know any and wont help finding them.
Like my help? Join me on Patreon so i can keep helping |
|
Back to top |
|
|
sgsgwv$6263 Advanced Cheater Reputation: 0
Joined: 05 Aug 2020 Posts: 75
|
Posted: Sat Feb 24, 2024 7:42 am Post subject: |
|
|
Hi,
No, even those instructions are not showing what memory address they use.
I just tried with CE 7.5 and I see the same problem so even if its a bug , its not resolved yet.
Really need help here.
Also I can tell you that the memory I am trying to access is a very big memory region. All of them are getting accessed by the same instruction but the values in the memory region are diversified. I can see 0.5s,0.07s to 1500 to 7500 or -400 or -456. I am not sure how much this will help with understanding my situation but..
The instruction has an address "vcruntime140.memcmp+E8"
|
|
Back to top |
|
|
ParkourPenguin I post too much Reputation: 140
Joined: 06 Jul 2014 Posts: 4307
|
Posted: Sat Feb 24, 2024 1:41 pm Post subject: |
|
|
Post the code around the instruction CE thinks is accessing an address.
I'm almost certain it's some string instruction (e.g. rep cmpsb) and you haven't looked up what that instruction does yet.
_________________
I don't know where I'm going, but I'll figure it out when I get there. |
|
Back to top |
|
|
Dark Byte Site Admin Reputation: 458
Joined: 09 May 2003 Posts: 25298 Location: The netherlands
|
Posted: Sat Feb 24, 2024 6:08 pm Post subject: |
|
|
since the instruction is memcmp I'd have to guess it's rep scas* then
_________________
Do not ask me about online cheats. I don't know any and wont help finding them.
Like my help? Join me on Patreon so i can keep helping |
|
Back to top |
|
|
sgsgwv$6263 Advanced Cheater Reputation: 0
Joined: 05 Aug 2020 Posts: 75
|
Posted: Sat Feb 24, 2024 11:16 pm Post subject: |
|
|
here is the entire function:
Code: |
VCRUNTIME140.memcmp+D6 - 66 66 0F1F 84 00 00000000 - nop word ptr [rax+rax+00000000]
VCRUNTIME140.memcmp+E0 - 57 - push rdi
VCRUNTIME140.memcmp+E1 - 56 - push rsi
VCRUNTIME140.memcmp+E2 - 48 8B F9 - mov rdi,rcx
VCRUNTIME140.memcmp+E5 - 48 8B F2 - mov rsi,rdx
VCRUNTIME140.memcmp+E8 - 49 8B C8 - mov rcx,r8
VCRUNTIME140.memcmp+EB - F3 A4 - repe movsb
VCRUNTIME140.memcmp+ED - 5E - pop rsi
VCRUNTIME140.memcmp+EE - 5F - pop rdi
VCRUNTIME140.memcmp+EF - C3 - ret
|
I tried getting memory addresses getting accessed by both the `nop word ptr..` and `repe movsb` , but both don't access any memory.
|
|
Back to top |
|
|
ParkourPenguin I post too much Reputation: 140
Joined: 06 Jul 2014 Posts: 4307
|
Posted: Sun Feb 25, 2024 1:16 am Post subject: |
|
|
This instruction accesses your address. It moves a number of bytes specified by rcx from rsi (source pointer) to rdi (destination pointer).
If you want further information, look it up in an instruction set reference manual
_________________
I don't know where I'm going, but I'll figure it out when I get there. |
|
Back to top |
|
|
sgsgwv$6263 Advanced Cheater Reputation: 0
Joined: 05 Aug 2020 Posts: 75
|
Posted: Sun Feb 25, 2024 6:37 am Post subject: |
|
|
But how can I see which addresses are getting accessed by this instruction? Coz when I tried "what address this instruction addresses", it showed nothing.
|
|
Back to top |
|
|
Dark Byte Site Admin Reputation: 458
Joined: 09 May 2003 Posts: 25298 Location: The netherlands
|
Posted: Sun Feb 25, 2024 10:47 am Post subject: |
|
|
1: set a breakpoint at VCRUNTIME140.memcmp+E0
all addresses from rcx to rcx+r8 will get written and all addresses from rdx to rdx+r8 will get read
2: you don't want to, this instruction is a generic copy mem function
you'll have more luck with the s or ipt button to show the trace at execution time
_________________
Do not ask me about online cheats. I don't know any and wont help finding them.
Like my help? Join me on Patreon so i can keep helping |
|
Back to top |
|
|
|