Tracking Values Written to the Stack

Started by live2play, April 13, 2010, 04:21:33 AM

Previous topic - Next topic
Print
Go Down Pages 1 2
User actions

live2play

#15
April 16, 2010, 03:01:53 AM
Ok, I did a slightly different technique as follows:

1) Enable hack
2) Enter game that will cause freeze with hack enabled
3) Set execute BP at instruction that loads float that was created by the hack
4) Once BP triggered, selected Next
5) Game froze
6) Selected Get BP Data and received the following

stbu   r0,1(r6)
r6 equals FFFFFFFF at this point.  I recall that you indicated that the pointer may not be set yet, but if it is, FFFFFFFF is definitely a bad address.  :)

dcx2

#16
April 16, 2010, 03:28:22 AM
Yeah, FFFFFFFF is definitely an invalid pointer.

You should keep track of where this stbu is.  Write down the address to it somewhere...annotate it with a meaningful note, like "this is where the game freezes when I do xyz hack".  It might come in handy later, you never know.

See if you can trace back and figure out where r6 came from.  Also, how close is the stbu to your lfs?  Try hitting Step after your lfs for about 20-30 instructions or so and see if you end up near the stbu.

Did you try setting multiple execute breakpoints on the C2 address to see if it's being executed multiple times per frame?

live2play

#17
April 16, 2010, 04:26:40 AM Last Edit: April 16, 2010, 04:41:13 AM by live2play
For the C2 code BP, you said
QuoteIn the best case, you see one frame go by each time you press Set Breakpoint.  However, if you have to hit the button more than once to make one frame pass by, then someone else is running this same section of code.
.  how can I tell how many frames have gone by?

EDIT:  I set the BP on the C2 code, performed the action, the BP triggered, I immediately hit Set Breakpoint again and nothing triggered it until I performed the action again.

dcx2

#18
April 16, 2010, 02:57:47 PM
You would know a frame went by because you would hit a breakpoint and the game would adjust the contents of the screen by a little bit

If the game keeps running after you hit Set Breakpoint, the instruction you found is only being executed once for each action...hm...when the game freezes, does it only freeze when you do the action, or does it also freeze when not doing the action?

Try to run around and explore a level with the execute breakpoint set and NOT doing the action, and see if something else ever hits it.  Try to do whatever made the game freeze...maybe there's a certain class of actor that executes that instruction when you're close enough to them for their AI to run.

live2play

#19
April 17, 2010, 01:03:58 AM
It only freezes when the action occurs.
Print
Go Up Pages 1 2
User actions