Cheat Engine

[lylcheat]

How does CE locate the first byte of a multibyte value? For example, for a float value (I assume float means 4 byte, right?), the addresses could be, say:
(0x10FC000,0x10FC001,x010FC002,x010FC003)

or shifted by 1 byte:
(0x10FC001,x010FC002,x010FC003,0x10FC004)

or shifted by 2 bytes:
(x010FC002,x010FC003,0x10FC004,0x10FC005)
etc
Does it assume all these are possible bytes for a single float value?

[Dark Byte]

it just sets a float pointer to respectively 0x10fc0000, 0x10fc001 and 0x10fc002 and then evaluates the value.

[lylcheat]

But wouldn't that create a problem?

e.g. Say the value I want is a 4-bytes value with actual location starts at 0x10fc0003. I make the game to change the value and the byte value at 0x10fc0003 changed. But, this also causes an illusion that all the 4-byte values starting at 0x10fc000 to 0x10fc002 are changing at the same time (since the single byte at 0x10fc0003 changed).

That means there is no simple way to narrow down to 1 single 4-bytes value. And we need to manually eliminate these "false" report. Am I right?

[Dark Byte]

yes, thats why ce has implemented the "Next scan" option

also, if you do an exact value scan, it wouldn't even take the ones at 0x10fc000 to 0x10fc002 (value wouldn't match)

oh yes, there is a 98% chance the floating point value is NOT stored at 0x10fc003, but at 0x10fc000 or 0x10fc004 due to compiler optimizations that make it so values of specific sizes have to be memory aligned

tip: I get the feeling your memory scan routine is reading the memory byte by byte and putting 4 byte values together to be evaluated separately. (Might be wrong, but thats what I get from your byte specific questions) It is a lot faster and more efficient to read the memory in bigger blocks (e.g 4096 bytes at a time, or even more) and then go through that block with one pointer that just points to that block