Cheat Engine Forum Index Cheat Engine
The Official Site of Cheat Engine
 
 FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups   RegisterRegister 
 ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 


CreateThread crashes

 
Post new topic   Reply to topic    Cheat Engine Forum Index -> General Gamehacking
View previous topic :: View next topic  
Author Message
Corruptor
Advanced Cheater
Reputation: 3

Joined: 10 Aug 2011
Posts: 82

PostPosted: Wed Oct 31, 2012 1:13 pm    Post subject: CreateThread crashes Reply with quote

Ok, this is a strange thing i cant seem to figure out.
This Code crashes the current process:
Code:
[ENABLE]
alloc(create, 2000)
CREATETHREAD(create)

create:
push 0000000C
push 00000000
add esp,8

ret
[DISABLE]
//code from here till the end of the code will be used to disable the cheat

while this one works fine:
Code:
[ENABLE]
alloc(create, 2000)
CREATETHREAD(create)

create:
push 0000000C
push 00000000
pop eax
pop eax

ret
[DISABLE]
//code from here till the end of the code will be used to disable the cheat


This is a major problem as basically every function on this planet increases esp to get rid of the parameters. Why is this happening?
Back to top
View user's profile Send private message
Dark Byte
Site Admin
Reputation: 457

Joined: 09 May 2003
Posts: 25262
Location: The netherlands

PostPosted: Wed Oct 31, 2012 1:34 pm    Post subject: Reply with quote

Weird. Is the target 64-bit by any chance?
_________________
Do not ask me about online cheats. I don't know any and wont help finding them.

Like my help? Join me on Patreon so i can keep helping
Back to top
View user's profile Send private message MSN Messenger
Corruptor
Advanced Cheater
Reputation: 3

Joined: 10 Aug 2011
Posts: 82

PostPosted: Wed Oct 31, 2012 2:33 pm    Post subject: Reply with quote

I used the editor asuming its 32bit (as its lying in the system32 folder) but seemingly it isnt.... thank you for that. Kinda embarrassing Embarassed
Back to top
View user's profile Send private message
SteveAndrew
Master Cheater
Reputation: 30

Joined: 02 Sep 2012
Posts: 323

PostPosted: Thu Nov 01, 2012 2:18 pm    Post subject: Reply with quote

Corruptor wrote:
I used the editor asuming its 32bit (as its lying in the system32 folder) but seemingly it isnt.... thank you for that. Kinda embarrassing Embarassed


Okay so then it is 64-bit...

So then to fix it you had to double the amount you were popping off the stack right?

So then if you change it to:
Code:

[ENABLE]
alloc(create, 2000)
CREATETHREAD(create)

create:
push 0000000C
push 00000000
add esp,10

ret
[DISABLE]
//code from here till the end of the code will be used to disable the cheat


Then it doesn't crash right?

As previously you were popping 8 bytes off the stack (by adding 8 to ESP) which on 32-bit would pop off both of those pushed parameters... On 64-bit however it would only be popping off one of the parameters... (Since 32-bits == 4 bytes and 64-bits == 8 bytes)

So by doubling the amount being popped off (added to ESP) on 64-bit it nows pops both parameters off properly correct? (Of course it isn't truly popping them off as they aren't going into any register like in your first example (they were being popped off into eax) but you know what I mean.

So in 64-bit you can still use EAX,EBX,ECX,EDX, etc registers? I thought they now look like: RAX,RBX,RCX,RDX, etc... Or is it kind like how on 32-bit as opposed to 16-bit you can still use AX,BX,CX,DX,etc registers?

I should really just test this myself but I've got to go out and do something right now... Smile

_________________


Last edited by SteveAndrew on Thu Nov 01, 2012 2:23 pm; edited 1 time in total
Back to top
View user's profile Send private message
Dark Byte
Site Admin
Reputation: 457

Joined: 09 May 2003
Posts: 25262
Location: The netherlands

PostPosted: Thu Nov 01, 2012 2:22 pm    Post subject: Reply with quote

almost correct, but remember that ce's default value type is hexadecimal.
so, "add rsp,10" (or #16)
(esp will work most of the time fine as well, but it's recommended to use rsp)

and yes, you can still use those 32-bit registers.
As for address specifiers those can only be 64-bit though. But ce is lenient enough and doesn't bitch if you use a 32-bit register as address specifier.

_________________
Do not ask me about online cheats. I don't know any and wont help finding them.

Like my help? Join me on Patreon so i can keep helping


Last edited by Dark Byte on Thu Nov 01, 2012 2:23 pm; edited 1 time in total
Back to top
View user's profile Send private message MSN Messenger
SteveAndrew
Master Cheater
Reputation: 30

Joined: 02 Sep 2012
Posts: 323

PostPosted: Thu Nov 01, 2012 2:23 pm    Post subject: Reply with quote

Dark Byte wrote:
almost correct, but remember that ce's default value type is hexadecimal.
so, "add rsp,10" (or #16)
(esp will work most of the time fine as well, but it's recommended to use rsp)


Yes that's right, that's what I meant but for some reason I was thinking in decimal...

So in 64-bit you can still use EAX,EBX,ECX,EDX, etc registers? I thought they now look like: RAX,RBX,RCX,RDX, etc... Or is it kind like how on 32-bit as opposed to 16-bit you can still use AX,BX,CX,DX,etc registers?

_________________
Back to top
View user's profile Send private message
Dark Byte
Site Admin
Reputation: 457

Joined: 09 May 2003
Posts: 25262
Location: The netherlands

PostPosted: Thu Nov 01, 2012 2:27 pm    Post subject: This post has 1 review(s) Reply with quote

The same as 32-bit/16-bit.

but unlike 32-bit using a 16-bit instruction requiring a prefix (0x66) in 64-bit you need a prefix(0x4*) if you wish to use the 64-bit (R) instructions.

So mov eax,1234 is the same encoding as in 32-bit. And mov rax,1234 adds a prefix

Also, for some reason it added 1 byte specifiers for some registers like si (sil) and di (dil)

_________________
Do not ask me about online cheats. I don't know any and wont help finding them.

Like my help? Join me on Patreon so i can keep helping
Back to top
View user's profile Send private message MSN Messenger
SteveAndrew
Master Cheater
Reputation: 30

Joined: 02 Sep 2012
Posts: 323

PostPosted: Thu Nov 01, 2012 2:56 pm    Post subject: Reply with quote

Dark Byte wrote:
The same as 32-bit/16-bit.

but unlike 32-bit using a 16-bit instruction requiring a prefix (0x66) in 64-bit you need a prefix(0x4*) if you wish to use the 64-bit (R) instructions.

So mov eax,1234 is the same encoding as in 32-bit. And mov rax,1234 adds a prefix

Also, for some reason it added 1 byte specifiers for some registers like si (sil) and di (dil)


Well that's pretty cool! Yeah I've been avoiding 64-bit programming / learning 64-bit assembler for a long time, but now have decided it's time to step up and start doing it! And to my surprise its really not as complicated as I thought it would be. Which is good Very Happy

Anyways as you've probably already read I've gotten a completely new computer now, and it's fast! Very Happy But now I'm still having issues with DBVM even with a supported CPU, so I was hoping you could look into it as I really want to get DBVM going for me!

Here's my thread posted in the DBVM section:
http://forum.cheatengine.org/viewtopic.php?t=559050

Either way I'm enjoying my new computer, but having DBVM working would just be the icing on the cake Razz Help me out with DBVM when you've got time, or is there source to DBVM available that I can play around with? I'm not sure if you've released the source to that particular part of CE... (Sorry for going offtopic but the DBVM forum isn't that active so it might not get noticed there)

_________________
Back to top
View user's profile Send private message
Dark Byte
Site Admin
Reputation: 457

Joined: 09 May 2003
Posts: 25262
Location: The netherlands

PostPosted: Thu Nov 01, 2012 4:47 pm    Post subject: Reply with quote

I replied to that topic.

The source: http://code.google.com/p/cheat-engine/source/browse/trunk/dbvm/
The sourcecode is a complete chaotic mess and has been known to cause hardcore coders' eyes to explode after trying to read it

To compile you need a 64-bit linux with both nasm and yasm installed. (and gcc)

_________________
Do not ask me about online cheats. I don't know any and wont help finding them.

Like my help? Join me on Patreon so i can keep helping
Back to top
View user's profile Send private message MSN Messenger
Display posts from previous:   
Post new topic   Reply to topic    Cheat Engine Forum Index -> General Gamehacking All times are GMT - 6 Hours
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum


Powered by phpBB © 2001, 2005 phpBB Group

CE Wiki   IRC (#CEF)   Twitter
Third party websites