|
Cheat Engine The Official Site of Cheat Engine
|
View previous topic :: View next topic |
Author |
Message |
mgr.inz.Player I post too much Reputation: 218
Joined: 07 Nov 2008 Posts: 4438 Location: W kraju nad Wisla. UTC+01:00
|
Posted: Mon Dec 24, 2012 7:08 am Post subject: |
|
|
Dark Byte wrote: | I haven't tried on 32-bit yet
Anyhow, I use fpc 2.6.1. I heard that 2.7.x does not work so stick with 2.6 for now
If that doesn't work you could try changing the for loop to a while loop, but the iterator must stay a qword |
I'm using Lazarus-1.1-39122-fpc-2.6.1-20121018-win32.exe
and got this (rev. 1550):
Code: | frmSortPointerlistUnit.pas(116,11) Error: Ordinal expression expected
frmSortPointerlistUnit.pas(361) Fatal: There were 1 errors compiling module, stopping |
looks like we have to change line 84:
var i: qword;
to
var i: Integer; // Cardinal // Longword
or something.
_________________
|
|
Back to top |
|
|
Dark Byte Site Admin Reputation: 458
Joined: 09 May 2003 Posts: 25287 Location: The netherlands
|
Posted: Mon Dec 24, 2012 7:43 am Post subject: |
|
|
no, an integer is impossible, it HAS to be a qword (or at last int64)
change the for loop to a while if you have to, but else you won't be able to handle pointerfiles with more than 2 billion results (And those aren't uncommon)
_________________
Do not ask me about online cheats. I don't know any and wont help finding them.
Like my help? Join me on Patreon so i can keep helping |
|
Back to top |
|
|
mgr.inz.Player I post too much Reputation: 218
Joined: 07 Nov 2008 Posts: 4438 Location: W kraju nad Wisla. UTC+01:00
|
Posted: Mon Dec 24, 2012 7:51 am Post subject: |
|
|
int64 doesn't work too.
OK, so "while loop" then.
Code: | Index: frmSortPointerlistUnit.pas
===================================================================
--- frmSortPointerlistUnit.pas (wersja 1550)
+++ frmSortPointerlistUnit.pas (kopia robocza)
@@ -113,7 +113,9 @@
initialtime:=gettickcount;
try
- for i:=0 to Pointerscanresults.count-1 do
+ //for i:=0 to Pointerscanresults.count-1 do
+ i:=0;
+ while (i < Pointerscanresults.count) do
begin
if terminated then exit;
@@ -138,6 +140,7 @@
end;
f.Write(p^, entrysize);
+ inc(i)
end;
finally
|
Edit:
side note - vehdebugger doesn't work. It compiles without error, but when we want use it we got vehdebug-i386.dll exception 0xc0000005.
here:
vehdebug-i386.UnloadVEH+589 - 8B 12 - mov edx,[edx]
(vehdebug-i386.dll+1D889, probably inside threadstart function)
_________________
|
|
Back to top |
|
|
Dark Byte Site Admin Reputation: 458
Joined: 09 May 2003 Posts: 25287 Location: The netherlands
|
Posted: Mon Dec 24, 2012 8:42 am Post subject: |
|
|
I don't have the 32-bit vehdebug right now.
Anyhow, one way you can test it is run the tutorial, then attach lazarus to the tutorial process. (perhaps you can run it using the run parameters now, but last time that was broken for me)
Then enable the veh debugger on the tutorial.
You can set breakpoints and perhaps it will even show where it goes wrong
_________________
Do not ask me about online cheats. I don't know any and wont help finding them.
Like my help? Join me on Patreon so i can keep helping |
|
Back to top |
|
|
mgr.inz.Player I post too much Reputation: 218
Joined: 07 Nov 2008 Posts: 4438 Location: W kraju nad Wisla. UTC+01:00
|
Posted: Mon Dec 24, 2012 9:46 am Post subject: |
|
|
Unfortunately, "the tutorial" just closes - there isn't any error messages.
I think it crashes when "while attaching". Because everything I tried ("what accessed this address", "what addresses this instruction accesses" and "attach debugger to process") gives the same exception 0xc0000005.
EDIT:
DB, when you'll have more free time, can you provide step by step instructions? I really want to help you with VEHDebugger. But I didn't get any error messages while debugging under lazarus.
Inside \Downloads\SVN\ce62\bin I have freshly compiled vehdebug-i386.dll (build mode - "release", I tried "debug" mode too), Tutorial-i386.exe (build mode - "release"). For CE I chose "debug" build mode.
Then F9. Attaching VEHDebugger to Tutorial-i386.exe just crash "tutorial" without any message or error.
If I attach VEHDebugger e.g. to calc.exe (windows XP calculator) I get exception 0xc0000005 at vehdebug-i386.dll+1D889 (vehdebug-i386.UnloadVEH+589) which is probably inside threadstart function (I saw reference to "A thread has crashed" about dozen lines below)
"Cheat Engine 6.2+" doesn't crash, so I can try many times.
_________________
|
|
Back to top |
|
|
Dark Byte Site Admin Reputation: 458
Joined: 09 May 2003 Posts: 25287 Location: The netherlands
|
Posted: Mon Dec 24, 2012 6:17 pm Post subject: |
|
|
easiest is just get the 32-bit veh debugger dll from the 6.2 release
anyhow, set a breakpoint at InitializeVEH, and then launch it (make sure that run->run parameters... points to the tutorial exe)
now go to the processlist in ce (the ce in the bin folder where the vehdebug dll goes to as well) and attach the debugger to the tutorial
if that fails, just add a couple of debugprint lines and use dbgview to read the output and replace "oldExceptionHandler:=AddVectoredExceptionHandler(1,@Handler);" with "oldExceptionHandler:=nil" to exclude the debugger part itself
And test the speedhack, it could be a problem with dll injection as well
_________________
Do not ask me about online cheats. I don't know any and wont help finding them.
Like my help? Join me on Patreon so i can keep helping |
|
Back to top |
|
|
mgr.inz.Player I post too much Reputation: 218
Joined: 07 Nov 2008 Posts: 4438 Location: W kraju nad Wisla. UTC+01:00
|
Posted: Mon Dec 24, 2012 8:06 pm Post subject: |
|
|
Quote: | easiest is just get the 32-bit veh debugger dll from the 6.2 release |
I have a copy, no problem.
Quote: | use dbgview to read the output |
Just after "what addresses this instruction accesses" (attaching VEHdebugger), gdb output, from CE:
Code: | =thread-created,id="5",group-id="i1"
~"[New Thread 472.0xd40]\n"
*running,thread-id="all"
&"warning: WaitTillAttachedOrError\n"
&"warning: loop WaitTillAttachedOrError\n"
&"warning: Creating filemap with name \"{C91D5139-CB18-4029-9DAF-459B6694BE82}\"\n"
&"warning: Created the filemap\n"
=thread-created,id="6",group-id="i1"
~"[New Thread 472.0x658]\n"
*running,thread-id="all"
&"warning: loop WaitTillAttachedOrError\n"
&"warning: loop WaitTillAttachedOrError\n"
&"warning: loop WaitTillAttachedOrError\n"
&"warning: Symbolhandler: sync: Calling finishedloadingsymbols\n"
&"warning: loop WaitTillAttachedOrError\n"
&"warning: finishedLoadingSymbols called\n"
&"warning: After CheckSynchronize\n"
=thread-exited,id="6",group-id="i1"
&"warning: HandleDebugEvent:3\n"
&"warning: fillContext: handle=0\n"
&"warning: CreateProcessDebugEvent\n"
&"warning: Returned from HandleDebugEvent\n"
&"warning: WaitTillAttachedOrError exit\n"
&"warning: HandleDebugEvent:2\n"
&"warning: fillContext: handle=0\n"
&"warning: CreateThreadDebugEvent\n"
&"warning: Returned from HandleDebugEvent\n"
&"warning: HandleDebugEvent:8\n"
&"warning: GetThreadContext(B14, 628, 07741170)\n"
&"warning: OutputDebugStringEvent\n"
&"warning: 1:Debugregistermask=00000000\n"
&"warning: 2:Debugregistermask=00000000\n"
&"warning: 3:Debugregistermask=00000403\n"
&"warning: clearmask=FFF0FFFC\n"
&"warning: GetThreadContext(ED4, 630, 07741020)\n"
&"warning: setThreadContext(ED4, 630, 07741020). dr0=1012498 dr1=0 dr2=0 dr3=0 dr7=403\n"
&"warning: GetThreadContext(B14, 628, 07741170)\n"
&"warning: setThreadContext(B14, 628, 07741170). dr0=1012498 dr1=0 dr2=0 dr3=0 dr7=403\n"
&"warning: Returned from HandleDebugEvent\n"
&"warning: HandleDebugEvent:1\n"
&"warning: fillContext: handle=0\n"
&"warning: HandleExceptionDebugEvent:C0000005\n"
&"warning: Returned from HandleDebugEvent\n"
|
gdb output, from tutorial.exe:
Code: | =thread-created,id="2",group-id="i1"
~"[New Thread 1624.0xa40]\n"
*running,thread-id="all"
=library-loaded,id="C:\\Documents and Settings\\xxx\\Moje dokumenty\\Pobieranie\\ce62\\bin\\vehdebug-i386.dll",target-name="C:\\Documents and Settings\\xxx\\Moje dokumenty\\Pobieranie\\ce62\\bin\\vehdebug-i386.dll",host-name="C:\\Documents and Settings\\xxx\\Moje dokumenty\\Pobieranie\\ce62\\bin\\vehdebug-i386.dll",symbols-loaded="0",thread-group="i1"
=thread-exited,id="2",group-id="i1"
=thread-created,id="3",group-id="i1"
~"[New Thread 1624.0x60c]\n"
*running,thread-id="all"
&"warning: VEHDebug init\n"
&"warning: ConfigName=\"{E99F1FD5-607B-4651-BBBB-0CA04C864FEA}\"\n"
&"warning: fm=00000764\n"
&"warning: VEHSharedMem=003E0000\n"
&"warning: HasDebugEvent=0000076C\n"
&"warning: HasHandledDebugEvent=00000768\n"
&"warning: @HasDebugEvent=003E2000\n"
&"warning: @HasHandledDebugEvent=003E2008\n"
&"warning: Testing if it handles normal debug events\n"
&"warning: 1\n"
&"warning: 2\n"
&"warning: 3\n"
&"warning: Calling EmulateInitializeEvents\n"
&"warning: returned from EmulateInitializeEvents\n"
&"warning: Registering exception handler\n"
&"warning: Created exception handler:001411C0\n"
=thread-exited,id="3",group-id="i1"
=thread-created,id="4",group-id="i1"
~"[New Thread 1624.0x2d8]\n"
*running,thread-id="all"
~"[Switching to Thread 1624.0x2d8]\n"
*stopped,reason="signal-received",signal-name="SIGSEGV",signal-meaning="Segmentation fault",frame={addr="0x1001d889",func="VEHDEBUG!ConfigName",args=[],from="C:\\Documents and Settings\\xxx\\Moje dokumenty\\Pobieranie\\ce62\\bin\\vehdebug-i386.dll"},thread-id="4",stopped-threads="all"
=thread-selected,id="4"
(gdb)
<info program>
&"info program\n"
~"\tUsing the running image of child Thread 1624.0x2d8.\n"
~"Program stopped at 0x1001d889.\n"
~"It stopped with signal SIGSEGV, Segmentation fault.\n"
~"Type \"info stack\" or \"info registers\" for more information.\n"
^done
(gdb)
<-data-disassemble -s 268556304 -e 268556305 -- 0>
^done,asm_insns=[{address="0x1001d810",func-name="VEHDEBUG!ConfigName",offset="1296",inst="cld "}] |
(full log here http://paste2.org/p/2644818 ) (highlight and copy paste to notepad++, enable "wrap")
Quote: | And test the speedhack, it could be a problem with dll injection as well |
I forgot to tell you. speedhack dll (the one from the 6.2 release and the freshly compiled) works as should.
_________________
|
|
Back to top |
|
|
Dark Byte Site Admin Reputation: 458
Joined: 09 May 2003 Posts: 25287 Location: The netherlands
|
Posted: Tue Dec 25, 2012 4:50 am Post subject: |
|
|
This looks like the vehdebug was build in release mode
Anyhow, replace "oldExceptionHandler:=AddVectoredExceptionHandler(1,@Handler);" with "oldExceptionHandler:=nil" and just attach the debugger. Do not use any debug options.
Just to be sure that it's not a problem with setting the breakpoint and handling with it
and comment out
Code: |
if VEHSharedMem.ThreadWatchMethod=0 then
ThreadPoller:=TThreadPoller.create(false);
|
in EmulateInitializeEvents
If it stops crashing then it's probably the threadpoller or the threadcreation, else something else I do not expect.
Assuming that it stopped crashing:
Put the threadpoller creation back (do NOT put the vehandler back, it interferes with dbgview)
go to simplethread.pas and uncomment "OutputDebugString('threadstart called');"
and after self.execute add "Outputdebugstring('Properly executed');"
Then go to TThreadPoller.execute and comment out the whole body.
Then execute and see what happens
If it crashes, it's probably the threadcreation somewhere, else it's the threadpoller
Also, use dbgview from sysinternals, and don't use the debugger on ce nor the vehdebugger/tutorial (gdb interferes). That way you get a cleaner view
_________________
Do not ask me about online cheats. I don't know any and wont help finding them.
Like my help? Join me on Patreon so i can keep helping |
|
Back to top |
|
|
mgr.inz.Player I post too much Reputation: 218
Joined: 07 Nov 2008 Posts: 4438 Location: W kraju nad Wisla. UTC+01:00
|
Posted: Tue Dec 25, 2012 3:46 pm Post subject: |
|
|
OK. Now I have free time...
I commented only that
Code: | if VEHSharedMem.ThreadWatchMethod=0 then
ThreadPoller:=TThreadPoller.create(false); |
(vehdebug-i386.dll compiled in "release mode")
And I can "attach debugger" to tutorial.exe and calc.exe without crash.
Now I'll try with this "OutputDebugString", give me a while.
Edit:
OK. I used those patches
inside init.pas:
oldExceptionHandler:=nil;
inside SimpleThread.pas:
uncommented OutputDebugString('threadstart called');
and added Outputdebugstring('Properly executed'); after self.execute
inside threadpoll.pas:
I commented whole TThreadPoller.execute procedure body.
vehdebug-i386.dll compiled in "DEBUG mode", then copy pasted (overwrite) to my CE6.2 install directory.
I launched calc.exe, then launched CE, then I attached vehdubugger to calc.exe.
gdb output, from calc.exe:
Code: | ~"[New Thread 4028.0xd10]\n"
*running,thread-id="all"
=library-loaded,id="C:\\Program Files\\Cheat Engine 6\\vehdebug-i386.dll",target-name="C:\\Program Files\\Cheat Engine 6\\vehdebug-i386.dll",host-name="C:\\Program Files\\Cheat Engine 6\\vehdebug-i386.dll",symbols-loaded="0",thread-group="i1"
=thread-exited,id="3",group-id="i1"
=thread-created,id="4",group-id="i1"
~"[New Thread 4028.0xa34]\n"
*running,thread-id="all"
&"warning: VEHDebug init\n"
&"warning: ConfigName=\"{F649DE1F-0DA1-40E3-B2BD-98520150BE4B}\"\n"
&"warning: fm=00000758\n"
&"warning: VEHSharedMem=00400000\n"
&"warning: HasDebugEvent=0000076C\n"
&"warning: HasHandledDebugEvent=00000754\n"
&"warning: @HasDebugEvent=00402000\n"
&"warning: @HasHandledDebugEvent=00402008\n"
&"warning: Testing if it handles normal debug events\n"
&"warning: 1\n"
&"warning: 2\n"
&"warning: 3\n"
&"warning: Calling EmulateInitializeEvents\n"
&"warning: returned from EmulateInitializeEvents\n"
&"warning: Registering exception handler\n"
&"warning: Failed creating exception handler\n"
=thread-created,id="5",group-id="i1"
~"[New Thread 4028.0x994]\n"
*running,thread-id="all"
=thread-exited,id="4",group-id="i1"
&"warning: threadstart called\n"
~"[Switching to Thread 4028.0x994]\n"
*stopped,reason="signal-received",signal-name="SIGSEGV",signal-meaning="Segmentation fault",frame={addr="0x1001ef44",func="THREADSTART",args=[{name="SELF",value="0x0"}],file="SimpleThread.pas",fullname="C:/Documents and Settings/xxx/Moje dokumenty/Pobieranie/ce62/VEHDebug/SimpleThread.pas",line="38"},thread-id="5",stopped-threads="all"
=thread-selected,id="5"
(gdb)
...
cut...
|
There isn't "Properly executed" and "A thread has crashed" strings inside gdb output.
and this:
*stopped,reason="signal-received",signal-name="SIGSEGV",signal-meaning="Segmentation fault",frame={addr="0x1001ef44",func="THREADSTART",args=[{name="SELF",value="0x0"}],file="SimpleThread.pas",fullname="C:/Documents and Settings/xxx/Moje dokumenty/Pobieranie/ce62/VEHDebug/SimpleThread.pas",line="38"},thread-id="5",stopped-threads="all"
=thread-selected,id="5"
line 38:
self.execute;
weird, because TThreadPoller.execute procedure is commented.
Hm, self is a threadstart function parameter, but from what I know, classes have default pointer "self" in objPascal.
_________________
|
|
Back to top |
|
|
Dark Byte Site Admin Reputation: 458
Joined: 09 May 2003 Posts: 25287 Location: The netherlands
|
Posted: Tue Dec 25, 2012 4:32 pm Post subject: |
|
|
I think I know why it's crashing in 32-bit and not 64-bit
change
Code: |
function threadstart(self: TSimpleThread): dword;
|
to
Code: |
function threadstart(self: TSimpleThread): dword; stdcall;
|
_________________
Do not ask me about online cheats. I don't know any and wont help finding them.
Like my help? Join me on Patreon so i can keep helping |
|
Back to top |
|
|
mgr.inz.Player I post too much Reputation: 218
Joined: 07 Nov 2008 Posts: 4438 Location: W kraju nad Wisla. UTC+01:00
|
Posted: Tue Dec 25, 2012 4:36 pm Post subject: |
|
|
OK, will try.
Edit: it works.
_________________
|
|
Back to top |
|
|
SER[G]ANT Expert Cheater Reputation: 10
Joined: 29 Dec 2005 Posts: 215 Location: Russia
|
Posted: Wed Feb 13, 2013 12:51 am Post subject: |
|
|
rev 1666+
Code: | NewKernelHandler.pas(412,80) Error: Identifier not found "CONTEXT32"
NewKernelHandler.pas(413,82) Error: Identifier not found "CONTEXT32"
NewKernelHandler.pas(705,1) Fatal: There were 2 errors compiling module, stopping |
|
|
Back to top |
|
|
Dark Byte Site Admin Reputation: 458
Joined: 09 May 2003 Posts: 25287 Location: The netherlands
|
Posted: Wed Feb 13, 2013 5:24 am Post subject: |
|
|
should be fixed now
_________________
Do not ask me about online cheats. I don't know any and wont help finding them.
Like my help? Join me on Patreon so i can keep helping |
|
Back to top |
|
|
SER[G]ANT Expert Cheater Reputation: 10
Joined: 29 Dec 2005 Posts: 215 Location: Russia
|
Posted: Wed Feb 13, 2013 6:31 am Post subject: |
|
|
Thanks
After this fix Lazarus says
Code: | frmstacktraceunit.pas(97,2) Fatal: Syntax error, ";" expected but "WHILE" found |
(frmstacktraceunit.pas was also updated in rev1666)
until I fixed
Code: | //function StackWalk64(MachineType:dword; hProcess:THANDLE; hThread:THANDLE; StackFrame:LPSTACKFRAME64; ContextRecord:pointer; ReadMemoryRoutine:TREAD_PROCESS_MEMORY_ROUTINE64; FunctionTableAccessRoutine:TFUNCTION_TABLE_ACCESS_ROUTINE64; GetModuleBaseRoutine:TGET_MODULE_BASE_ROUTINE64; TranslateAddress:TTRANSLATE_ADDRESS_ROUTINE64):bool;stdcall;external External_library name 'StackWalk64';
{$ifdef cpu32}
machinetype:=IMAGE_FILE_MACHINE_I386
{$else} |
to
Code: |
//function StackWalk64(MachineType:dword; hProcess:THANDLE; hThread:THANDLE; StackFrame:LPSTACKFRAME64; ContextRecord:pointer; ReadMemoryRoutine:TREAD_PROCESS_MEMORY_ROUTINE64; FunctionTableAccessRoutine:TFUNCTION_TABLE_ACCESS_ROUTINE64; GetModuleBaseRoutine:TGET_MODULE_BASE_ROUTINE64; TranslateAddress:TTRANSLATE_ADDRESS_ROUTINE64):bool;stdcall;external External_library name 'StackWalk64';
{$ifdef cpu32}
machinetype:=IMAGE_FILE_MACHINE_I386; //<====== ;
{$else}
|
Maybe wrong (I'm not a programmer) but it works
Lazarus-1.1-40285-fpc-2.6.1-20130213-win32.exe
|
|
Back to top |
|
|
unknown_k Expert Cheater Reputation: 5
Joined: 24 May 2011 Posts: 211
|
Posted: Wed Feb 13, 2013 9:01 am Post subject: |
|
|
SER[G]ANT wrote: | Maybe wrong (I'm not a programmer) but it works |
no, you are right.
Code: | 75: machinetype:=IMAGE_FILE_MACHINE_I386;
79: machinetype:=IMAGE_FILE_MACHINE_AMD64; |
|
|
Back to top |
|
|
|
|
You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum You cannot vote in polls in this forum You cannot attach files in this forum You can download files in this forum
|
|