 |
Cheat Engine
The Official Site of Cheat Engine
|
| View previous topic :: View next topic |
| Author |
Message |
Merlini
Advanced Cheater
![]() Reputation: 2
Joined: 12 Jun 2016
Posts: 53
|
 Posted: Fri May 05, 2017 6:03 pm Post subject: How to get the number between execution of two instructions |
 |
|
Hello is there a efficient way of getting the number of executions between two instructions?
e.g.
Addr A: 0x4001000 push ebp // Set Break point here and run to Addr B
.
50,000 instructions in here including loops, branches, etc.
.
Addr B: 0x4500123 ret
I want to know if I can get the number 50,000 here somehow.
Of course, I can put break and trace at Addr A, and a bp at Addr B,
then count the number of entries in the trace. But that does not seem
very efficient.
Thank you.
--
In actuality, I have a program that loops and runs the same instruction at
Addr A a bunch of times, and I want to know approximately how many
instructions are within each loop. This number could vary, of course,
but I would like to get a rough estimate.
I have a problem that doesn't converge within 200k+ instructions, so
that's the problem I'm working with.
|
|
| Back to top |
|
 |
FreeER
Grandmaster Cheater Supreme
![]() Reputation: 53
Joined: 09 Aug 2013
Posts: 1091
|
| Posted: Sat May 06, 2017 8:06 am Post subject: |
|
|
A lua script like this should be able to tell you how many instructions there are, but it won't tell you how many instructions are _run_. That's going to depend on the values used at run time so to figure out that you're going to actually have to run the code, which essentially means break and trace as far as I know (you can save the results to a file and then count certain lines, eg. how many EAX lines there are; In an editor like vim you can easily delete every line that doesn't start with EAX and then just use the line numbers to tell you how many instructions were executed)...
script to count instructions, tested in the lua engine (open the memory view(er) go to tools then lua engine) on the tutorial
| Code: | thestart = 0x4001000
theend = 0x4500123 -- not included in count
count = 0
current = thestart
repeat
count = count + 1
size = getInstructionSize(current)
--print(disassemble(current)) -- show each instruction
current = current + size
until current >= theend
-- use getAddress in case a symbol was used, so that the actual address is shown
print(string.format("There are %i instructions from %#X to %#X", count, getAddress(thestart), getAddress(theend)))
|
|
|
| Back to top |
|
|
Dark Byte
Site Admin
 Reputation: 458
Joined: 09 May 2003
Posts: 25291
Location: The netherlands
|
| Posted: Sat May 06, 2017 9:02 am Post subject: |
|
|
hmm, check ultimap2
in there set a start and stop region, and make it output to a file . then parse that file
_________________
Do not ask me about online cheats. I don't know any and wont help finding them.
Like my help? Join me on Patreon so i can keep helping |
|
| Back to top |
|
|
Merlini
Advanced Cheater
![]() Reputation: 2
Joined: 12 Jun 2016
Posts: 53
|
| Posted: Sat May 06, 2017 2:05 pm Post subject: |
|
|
| Dark Byte wrote: | hmm, check ultimap2
in there set a start and stop region, and make it output to a file . then parse that file |
Unfortunately, it says "Sorry, but your CPU seems to be lacking the Intel
Processor Trace feature ..." I suspect my PC is too old to have this feature.
But I can run the original ultimap which seems hopeful.
Here's what I've done.
1) I've set a bp at the starting instruction with a bp condition.
2) Started ultimap and press "start"
3) The bp is hit in the debugger and ultimap stops
4) Result shown in pic
The "Banch targets" (I'm assuming that's B[r]anch targets?" shows
19418. This number depends on run.
First loop was around 50k next one was 45k, and this one is around 20k.
In any case, I'm assuming ultimap found 19418 "branches" while doing
a loop.
a) Are branches only calls or also jumps, loops, etc?
Or is it total number of instructions?
b) The log didn't get created automatically. How do I create it?
---
Tbh, this has been helpful already.
If the branch targets actually mean some kind of branches, with say 100 instructions in each branch, then I'm already looking at 2 to 5 million instructions, and the problem is infeasible for me and I should look for
another way.
| Description: |
|
| Filesize: |
25.36 KB |
| Viewed: |
5007 Time(s) |
|
|
|
| Back to top |
|
|
Dark Byte
Site Admin
Reputation: 458
Joined: 09 May 2003
Posts: 25291
Location: The netherlands
|
| Posted: Sat May 06, 2017 2:19 pm Post subject: |
|
|
a: also jumps and loops (and conditional jums)
b: choose log directly to file.
it will hold all a list origin, destination and extra field
the problem with ultimap1 is that you can't set the start/stop region so it logs all branches in the target process. (including interrupts)
_________________
Do not ask me about online cheats. I don't know any and wont help finding them.
Like my help? Join me on Patreon so i can keep helping |
|
| Back to top |
|
|
|
|
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum
|
|
FAQ
Search
Memberlist
Usergroups
Register
Profile
Log in to check your private messages
Log in
