 |
Cheat Engine
The Official Site of Cheat Engine
|
| View previous topic :: View next topic |
| Author |
Message |
oddgamer
Advanced Cheater
![]() Reputation: 0
Joined: 19 Jan 2013
Posts: 58
|
 Posted: Thu Mar 07, 2013 11:29 pm Post subject: Like a challenge? |
 |
|
Okay... anyone out there who likes an insane challenge?
Floating point variables on the CCS64 emulator.
To find out how the c64 stores floats, do a Google search for:
how does commodore 64 store floating point variables
The first result will show you how it's stored and an example.
After that, the emulator stores each byte as a four-byte value. So where as in an actual C64 the 9.348 used in the example is stored as:
84 15 91 68 72
in the CCS64 emulator it shows up as:
84 00 00 00 15 00 00 00 91 00 00 00 68 00 00 00 72
Yes, I tested that. Anyone able to make CE search for that and change it?
|
|
| Back to top |
|
 |
Dark Byte
Site Admin
 Reputation: 458
Joined: 09 May 2003
Posts: 25287
Location: The netherlands
|
| Posted: Fri Mar 08, 2013 5:18 am Post subject: |
|
|
check out this topic: http://forum.cheatengine.org/viewtopic.php?p=5446531
and then make something similar for the float type
_________________
Do not ask me about online cheats. I don't know any and wont help finding them.
Like my help? Join me on Patreon so i can keep helping |
|
| Back to top |
|
|
oddgamer
Advanced Cheater
![]() Reputation: 0
Joined: 19 Jan 2013
Posts: 58
|
| Posted: Fri Mar 08, 2013 1:37 pm Post subject: |
|
|
| Dark Byte wrote: | check out this topic: <link omitted>
and then make something similar for the float type |
The problem is that, unless I've misunderstood, the float format for IEEE is not the same at all. That is, if you took that same array of bytes, minus all the 00's and fed it into a variable of any sort, what comes out bears no resemblance to a normal floating point value. In addition, looking at the info I had, I can figure out how to take the bytes and turn them into a value (they show it right there), what I've got no idea how to do is go in reverse, starting from a value and getting to the strange floating point.
|
|
| Back to top |
|
|
Gniarf
Grandmaster Cheater Supreme
![]() Reputation: 43
Joined: 12 Mar 2012
Posts: 1285
|
| Posted: Sat Mar 09, 2013 5:29 am Post subject: |
|
|
@oddgamer: Challenge accepted. The following custom type should do.
@Dark byte: Do you know why CE says "The value XXX couldn't be parsed" when I commit a value longer than a single digit with this custom type? I.e "5" is handled properly but "-5", "55", and "5.5" throw the aforementioned error.
| Code: | alloc(ConvertRoutine,1024)
alloc(ConvertBackRoutine,1024)
alloc(TypeName,256)
alloc(ByteSize,4)
alloc(UsesFloat,4)
alloc(PreferedAlignment, 4)
label(ConvertRoutine_BigMantissa)
label(ConvertBackRoutine_NegativeMantissa)
label(ConvertBackRoutine_SignHandled)
TypeName:
db 'C64Emulator Float',0
ByteSize:
dd #20
UsesFloat:
dd 1
PreferedAlignment:
dd 1
//stdcall int ConvertRoutine(unsigned char *input);
ConvertRoutine:
[64-bit]
//parameters: (64-bit)
//rcx=address of input
push rdx
push rbx
xor rdx,rdx //edx will be our converted float
//the sign bit
test byte [rcx+4],80
setne dl
//the exponent
shl edx,8
mov dl,byte [rcx] //dl=ExpByte
dec dl //exponent=ExpByte+127 in x87 float, ExpByte+128 in C64 float
dec dl //wtf?
//the mantissa
shl edx,7
mov bl,byte [rcx+4]
and bl,7f
test byte [rcx+4],80 //C64 oddity: if the number is positive, add 128 to the mantissa
jne ConvertRoutine_BigMantissa
add bl,#128
and bl,7f
ConvertRoutine_BigMantissa:
or dl,bl
shl edx,10 //x87 mantissas are 23 bit long. C64's are 31 bit long so sayonara C64 LSByte
mov dh,byte [rcx+8]
mov dl,byte [rcx+C]
//store the converted float in eax
mov rax,rdx
pop rbx
pop rdx
ret
[/64-bit]
[32-bit]
push ebp
mov ebp,esp
mov eax,dword [ebp+8] //ebp+8=address of input
push edx
push ebx
xor edx,edx //edx will be our converted float
//the sign bit
test byte [eax+4],80
setne dl
//the exponent
shl edx,8
mov dl,byte [eax] //dl=ExpByte
dec dl //exponent=ExpByte+127 in x87 float, ExpByte+128 in C64 float
dec dl //comes from different mantissa handling?
//the mantissa
shl edx,7
mov bl,byte [eax+4]
and bl,7f
test byte [eax+4],80 //C64 oddity: if the number is positive, add 128 to the mantissa
jne ConvertRoutine_BigMantissa
add bl,#128
and bl,7f
ConvertRoutine_BigMantissa:
or dl,bl
shl edx,10 //x87 mantissas are 23 bit long. C64's are 31 bit long so sayonara C64 LSByte
mov dh,byte [eax+8]
mov dl,byte [eax+C]
//store the converted float in eax
mov eax,edx
pop ebx
pop edx
pop ebp
ret 4
[/32-bit]
//stdcall void ConvertBackRoutine(int i, unsigned char *output);
ConvertBackRoutine:
[64-bit]
//ecx=input
//rdx=address of output
push rax
//mantissa LSB and LSB2
movzx rax,cl //rax=mantissa's LSB
mov qword [rdx+C],rax //writes C64 mantissa LSB as 0 and C64 mantissa LSB2
//mantissa LSB3
movzx eax,ch
mov dword [rdx+8], eax
//mantissa MSB+sign bit
shr ecx,10
movzx eax,cl
and al,7F //clears the MSb of eax (future sign bit)
test ch,80
jne ConvertBackRoutine_NegativeMantissa
sub al,#128
and al,7F
jmp ConvertBackRoutine_SignHandled
ConvertBackRoutine_NegativeMantissa:
or al,80 //negative mantissa->set the sign bit
ConvertBackRoutine_SignHandled:
mov [rdx+4],eax
//exponent
shr ecx,7
inc cl //exponent convention conversion
inc cl
and ecx,0ff //only keep the exponent in ecx
mov dword [rdx],ecx
pop rax
ret
[/64-bit]
[32-bit]
push ebp
mov ebp,esp
//[ebp+8]=input
//[ebp+c]=address of output
//example:
push eax
push ecx
push edx
mov edx,dword [ebp+C]
mov ecx,dword [ebp+8]
//mantissa LSB and LSB2
movzx eax,cl //eax=mantissa's LSB
mov dword [edx+10],0//writes C64 mantissa LSB as 0 and C64 mantissa LSB2
mov dword [edx+C],eax
//mantissa LSB3
movzx eax,ch
mov dword [edx+8], eax
//mantissa MSB+sign bit
shr ecx,10
movzx eax,cl
and al,7F //clears the MSb of eax (future sign bit)
test ch,80
jne ConvertBackRoutine_NegativeMantissa
sub al,#128
and al,7F
jmp ConvertBackRoutine_SignHandled
ConvertBackRoutine_NegativeMantissa:
or al,80 //negative mantissa->set the sign bit
ConvertBackRoutine_SignHandled:
mov [edx+4],eax
//exponent
shr ecx,7
inc cl //exponent convention conversion
inc cl
and ecx,0ff //only keep the exponent in ecx
mov dword [edx],ecx
pop edx
pop ecx
pop eax
pop ebp
ret 8
[/32-bit] |
Last edited by Gniarf on Wed Mar 13, 2013 9:29 am; edited 1 time in total |
|
| Back to top |
|
|
Dark Byte
Site Admin
Reputation: 458
Joined: 09 May 2003
Posts: 25287
Location: The netherlands
|
| Posted: Sat Mar 09, 2013 5:58 am Post subject: |
|
|
hmm, not sure. it works for me.
try alloc(UsesFloat,4) and use dd 1
_________________
Do not ask me about online cheats. I don't know any and wont help finding them.
Like my help? Join me on Patreon so i can keep helping |
|
| Back to top |
|
|
Gniarf
Grandmaster Cheater Supreme
![]() Reputation: 43
Joined: 12 Mar 2012
Posts: 1285
|
| Posted: Sat Mar 09, 2013 6:23 am Post subject: |
|
|
Ah, found it: my test variable was in "show as hexadecimal" mode (former AOB turned into a C64 float...). Sorry for the false alarm Dark Byte.
BTW if you take a regular float or double variable in hex mode and set it "1" it is set to (int) 1. If you set it "1.0" it is set to (float) 1. It's not really bothering but for tidiness' sake I think hex display of floats/doubles should be either disabled or should have an uniform behavior.
|
|
| Back to top |
|
|
oddgamer
Advanced Cheater
![]() Reputation: 0
Joined: 19 Jan 2013
Posts: 58
|
| Posted: Sat Mar 09, 2013 2:28 pm Post subject: |
|
|
| Gniarf wrote: | | @oddgamer: Challenge accepted. The following custom type should do. |
Very awesome! Thank you so much! *Examines code* *gets dizzy* Riiight... okie... I was getting that middle of next never... 
|
|
| Back to top |
|
|
oddgamer
Advanced Cheater
![]() Reputation: 0
Joined: 19 Jan 2013
Posts: 58
|
| Posted: Tue Mar 12, 2013 10:07 pm Post subject: |
|
|
| oddgamer wrote: | | Very awesome! Thank you so much! *Examines code* *gets dizzy* Riiight... okie... I was getting that middle of next never... |
Oh. Yes, I know, it's been a couple days, and I should have checked. ... It doesn't seem to work, Gariff. 
Test involved, using the CCS64 Emulator, I load up Sword of Fargoal, start the game. I note I have 12 hit points. Using your script, I search for 12. No hits. Searching for the array of bytes '84 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00', which is equal to 12, I can find the two addresses I should (one for current HP, the other for Max HP).
I notice it's suggesting a 'fast search' is 14 bytes, but the listing above is 17 long, and technically could include '00 00 00' at the end to make it 20.
|
|
| Back to top |
|
|
Dark Byte
Site Admin
Reputation: 458
Joined: 09 May 2003
Posts: 25287
Location: The netherlands
|
| Posted: Tue Mar 12, 2013 10:30 pm Post subject: |
|
|
Fast search should be 1
Check the other topic on how to set PreferedAlignment:
_________________
Do not ask me about online cheats. I don't know any and wont help finding them.
Like my help? Join me on Patreon so i can keep helping |
|
| Back to top |
|
|
Gniarf
Grandmaster Cheater Supreme
![]() Reputation: 43
Joined: 12 Mar 2012
Posts: 1285
|
| Posted: Wed Mar 13, 2013 9:30 am Post subject: |
|
|
| Script updated.
|
|
| Back to top |
|
|
oddgamer
Advanced Cheater
![]() Reputation: 0
Joined: 19 Jan 2013
Posts: 58
|
| Posted: Wed Mar 13, 2013 5:42 pm Post subject: |
|
|
| Gniarf wrote: | | Script updated. |
And still not apparently working.
Tested now with the same game, HP = 66 (obviously after playing for a while). Searching for '66' with the script reveals nothing. Searching for '87 00 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00' with array of byte reveals one address.
It still tries to claim, when I switch over, that it should be 14 bytes for the fast search. Switching that to 1 has no effect (I have it unchecked anyway, I brought it up as a possible reason pointing to an error in the script). ... I don't make things easy, do I?
|
|
| Back to top |
|
|
Gniarf
Grandmaster Cheater Supreme
![]() Reputation: 43
Joined: 12 Mar 2012
Posts: 1285
|
| Posted: Wed Mar 13, 2013 6:21 pm Post subject: |
|
|
Pasting "87 00 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00" somewhere in memory and then searching for 66 finds the address where I pasted those bytes.
-When you manually find the array of bytes, add it to your table and change its type to C64 float. If it displays the float value you were looking for, then it means that there is probably something wrong in your search settings.
-Then change the value of that cheat entry to whatever you want, and then back to the value you where searching (ex:66). Then revert the type of this cheat entry from c64 float to array of bytes. If the array is the same, the problem is not in the script, period.
-Of course if the float values or AOBs do not match, report them and accept my apologies.
Note that "show as hexadecimal" is activated by default for arrays of bytes, but must be disabled to edit C64 floats.
Also if you can't find - for example - 66 using "exact value" searches, can you find it using "value between" 65 and 67?
|
|
| Back to top |
|
|
oddgamer
Advanced Cheater
![]() Reputation: 0
Joined: 19 Jan 2013
Posts: 58
|
| Posted: Fri Mar 15, 2013 1:32 am Post subject: |
|
|
| Gniarf wrote: | Pasting "87 00 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00" somewhere in memory and then searching for 66 finds the address where I pasted those bytes.
-When you manually find the array of bytes, add it to your table and change its type to C64 float. If it displays the float value you were looking for, then it means that there is probably something wrong in your search settings.
-Then change the value of that cheat entry to whatever you want, and then back to the value you where searching (ex:66). Then revert the type of this cheat entry from c64 float to array of bytes. If the array is the same, the problem is not in the script, period.
-Of course if the float values or AOBs do not match, report them and accept my apologies.
Note that "show as hexadecimal" is activated by default for arrays of bytes, but must be disabled to edit C64 floats.
Also if you can't find - for example - 66 using "exact value" searches, can you find it using "value between" 65 and 67? |
Have 76 HP at this point (the game trundles merrily on). Searching for the array '87 00 00 00 18 00 00 00 00 00 00 00 00 00 00 00 00', bringing it down, and changing the type to C64 Float gets me: '42980000'
A thought occurs to me. You said you updated the script. Does that mean that the one further up in the forum which held the original code has been changed to be the new correct script? ... 'Cause that's what I thought it meant but if it's somewhere else then I'm using the same original broken code.
Just so you know, did a search for 75 to 77 and got a couple addresses but not the right one.
|
|
| Back to top |
|
|
Gniarf
Grandmaster Cheater Supreme
![]() Reputation: 43
Joined: 12 Mar 2012
Posts: 1285
|
| Posted: Fri Mar 15, 2013 4:46 am Post subject: |
|
|
Funny, 0x42980000 read as a normal float = 76.0, looks like your cheat engine thinks C64Emulator Floats are integers. Check if there isin your script...
Or simply trash your custom type and copy-paste a fresh new one from above.
What becomes the array of bytes if you edit this "42980000" C64 float and set it to 76? And 76.0?
What version of cheat engine are you using? I'm using CE 6.2, with no additional fixes from svn (ignore that last bit if you don't understand what it means).
"Script updated" meant that the script posted above was changed. It was only a small change: preferred alignment (=fast scan default setting) changed from 0x14 to 1. Feel free to change it back if you don't like it.
|
|
| Back to top |
|
|
mgr.inz.Player
I post too much
 Reputation: 218
Joined: 07 Nov 2008
Posts: 4438
Location: W kraju nad Wisla. UTC+01:00
|
| Posted: Fri Mar 15, 2013 4:17 pm Post subject: |
|
|
"array of byte" searches are "hexadecimal" by default.
And added addresses (from found list, scanned as "array of byte") have "Show as hexadecimal" by default.
He probably forgot to change from "Show as hexadecimal" to "Show as decimal".
He's done this:
1) searched for '87 00 00 00 18 00 00 00 00 00 00 00 00 00 00 00 00'
2) added to table
3) changed type to "C64Emulator Float"
He should do this:
1) search for '87 00 00 00 18 00 00 00 00 00 00 00 00 00 00 00 00'
2) add to table
3) change type to "C64Emulator Float", change to "Show as decimal"
or
1) search for '87 00 00 00 18 00 00 00 00 00 00 00 00 00 00 00 00'
2) add to table
3) double click address column, copy address to clipboard
4) "add address manually",
5) paste address, choose type "C64Emulator Float", press OK.
_________________
|
|
| Back to top |
|
|
|
|
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum
|
|
FAQ
Search
Memberlist
Usergroups
Register
Profile
Log in to check your private messages
Log in
