Cheat Engine Forum Index Cheat Engine
The Official Site of Cheat Engine
 
 FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups   RegisterRegister 
 ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 


The "call" command

 
Post new topic   Reply to topic    Cheat Engine Forum Index -> Cheat Engine
View previous topic :: View next topic  
Author Message
Dr.Disrespect
Grandmaster Cheater
Reputation: 3

Joined: 17 Feb 2016
Posts: 526
PostPosted: Fri Mar 18, 2016 2:13 am    Post subject: The "call" command Reply with quote
Code:

01700444    call 01700449
01700449    pop eax
0170044A    sub eax,008DB449
0170044F    ret
01700450    call 01700444
...
...
...
017004BC   call 01700444   <--------------This line is called first.
push esi
mov esi,eax
...
...

I am confused by all these calls. Isn't there an infinite loop? BTW, this code works perfectly, but I just don't understand how it works. Which is executed first, which is later and to where does it return? Thanks a lot.
Back to top
View user's profile Send private message
++METHOS
I post too much
Reputation: 92

Joined: 29 Oct 2010
Posts: 4197
PostPosted: Fri Mar 18, 2016 3:26 am    Post subject: Reply with quote
If you set a breakpoint on the call and then step (F7) in to the call, you'll see that the call will return at the end of the sub-routine, which will jump back to the next line in the code (below the call that you set a breakpoint on). Also, not all jumps will jump forward in code, some will jump backwards and since we have conditional jumps, the code may not always follow the same path...which is how you could have a call towards the end of a sub-routine get executed before a call the occurs near the beginning of that same routine.
Back to top
View user's profile Send private message
Dark Byte
Site Admin
Reputation: 470

Joined: 09 May 2003
Posts: 25806
Location: The netherlands
PostPosted: Fri Mar 18, 2016 4:11 am    Post subject: Reply with quote
this function returns the difference in address from the original address to the current address. (originally 01700449 was located at 008DB449

this is useful for code that can change location in case the relocation



as to what it does exactly:
call stores the address right after the call instruction in the stack
pop eax takes that address out of the stack
then decreases it with 008DB449 and returns to the caller

so ret returns to 017004C0
_________________
Do not ask me about online cheats. I don't know any and wont help finding them.

Like my help? Join me on Patreon so i can keep helping
Back to top
View user's profile Send private message MSN Messenger
Dr.Disrespect
Grandmaster Cheater
Reputation: 3

Joined: 17 Feb 2016
Posts: 526
PostPosted: Fri Mar 18, 2016 10:35 am    Post subject: Reply with quote
@++METHOS, Thanks a lot. Good to know that I can check step by step by using F7.

@Dark Byte:
Thanks. I have some questions:
1. "call stores the address right after the call instruction in the stack":
Which call stores the address after which call instruction? Do you mean the call at 01700444 stores the address after the call instruction at 0170004BC?

2. "ret returns to 017004C"
It returns to the line under "017004BC call 01700444", right?

3. Why subtract eax?

Thanks.
Back to top
View user's profile Send private message
ParkourPenguin
I post too much
Reputation: 152

Joined: 06 Jul 2014
Posts: 4706
PostPosted: Fri Mar 18, 2016 11:48 am    Post subject: Reply with quote
1. When a call instruction is executed, it pushes the address of the next instruction onto the stack. Inside that call, when a ret instruction is run, it pops off the address at the top of the stack and jumps to that.

2. Yes. If the computer executes the call at 017004BC, the ret at 0170044F will make it jump to the next instruction, push esi.

3. Because that's how getting the difference between two numbers work. If you want to know what the difference is between 5 and 7, then that's 7-5, or 2. Same case here, just with bigger numbers written in hexadecimal.
_________________
I don't know where I'm going, but I'll figure it out when I get there.
Back to top
View user's profile Send private message
Dr.Disrespect
Grandmaster Cheater
Reputation: 3

Joined: 17 Feb 2016
Posts: 526
PostPosted: Sat Mar 19, 2016 12:55 pm    Post subject: Reply with quote
ParkourPenguin wrote:
1. When a call instruction is executed, it pushes the address of the next instruction onto the stack. Inside that call, when a ret instruction is run, it pops off the address at the top of the stack and jumps to that.

2. Yes. If the computer executes the call at 017004BC, the ret at 0170044F will make it jump to the next instruction, push esi.

3. Because that's how getting the difference between two numbers work. If you want to know what the difference is between 5 and 7, then that's 7-5, or 2. Same case here, just with bigger numbers written in hexadecimal.


Thanks a lot. Smile
Back to top
View user's profile Send private message
Display posts from previous:   
Post new topic   Reply to topic    Cheat Engine Forum Index -> Cheat Engine All times are GMT - 6 Hours
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum


Powered by phpBB © 2001, 2005 phpBB Group

CE Wiki   IRC (#CEF)   Twitter
Third party websites