Cheat Engine Forum Index Cheat Engine
The Official Site of Cheat Engine
 
 FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups   RegisterRegister 
 ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 


Call Sleep Function For x64

 
Post new topic   Reply to topic    Cheat Engine Forum Index -> Cheat Engine
View previous topic :: View next topic  
Author Message
++METHOS
I post too much
Reputation: 92

Joined: 29 Oct 2010
Posts: 4197

PostPosted: Thu Jan 28, 2016 2:32 pm    Post subject: Call Sleep Function For x64 Reply with quote

Has anyone had success getting the call sleep function to work properly on 64bit targets? I have tried several different approaches on two different targets, using the proper calling conventions, but I can't get it to work. One game crashes and the other just freezes up.

Thanks.
Back to top
View user's profile Send private message
mgr.inz.Player
I post too much
Reputation: 218

Joined: 07 Nov 2008
Posts: 4438
Location: W kraju nad Wisla. UTC+01:00

PostPosted: Thu Jan 28, 2016 3:25 pm    Post subject: Reply with quote

Code:
mov rcx,#500
call Sleep



post AA script you are currently using.

_________________
Back to top
View user's profile Send private message MSN Messenger
Dark Byte
Site Admin
Reputation: 457

Joined: 09 May 2003
Posts: 25262
Location: The netherlands

PostPosted: Thu Jan 28, 2016 3:56 pm    Post subject: This post has 1 review(s) Reply with quote

might need a stack alignment and reservation if the code injection is done in a function that didn't intend to call other functions. (e.g sub rsp, 28 / add rsp,28 )
_________________
Do not ask me about online cheats. I don't know any and wont help finding them.

Like my help? Join me on Patreon so i can keep helping
Back to top
View user's profile Send private message MSN Messenger
++METHOS
I post too much
Reputation: 92

Joined: 29 Oct 2010
Posts: 4197

PostPosted: Thu Jan 28, 2016 4:01 pm    Post subject: Reply with quote

I've tried that. Nothing seems to work.

As a test, I had CE auto-create a script for minesweeper (win 7 X64) that doesn't change anything. Untouched, it works fine. Adding the sleep call freezes/crashes the target.

EDIT:
@ Dark Byte - I've tried that also, on the other target, but not on Minesweeper. Let me try and report back.

EDIT2:
It seems to work as intended on Minesweeper. Thanks!
Unfortunately, for the target process that I am working on, it does not work. The speedhack doesn't work on it, either, so I suppose it's an isolated case.

Thanks for the help, guys. I appreciate it.
Back to top
View user's profile Send private message
mgr.inz.Player
I post too much
Reputation: 218

Joined: 07 Nov 2008
Posts: 4438
Location: W kraju nad Wisla. UTC+01:00

PostPosted: Thu Jan 28, 2016 4:19 pm    Post subject: Reply with quote

@Dark Byte, sleep function doesn't backup xmm register (movdqa, movaps or movapd) on the stack.
_________________
Back to top
View user's profile Send private message MSN Messenger
Dark Byte
Site Admin
Reputation: 457

Joined: 09 May 2003
Posts: 25262
Location: The netherlands

PostPosted: Fri Jan 29, 2016 12:55 am    Post subject: Reply with quote

mgr.inz.Player wrote:
@Dark Byte, sleep function doesn't backup xmm register (movdqa, movaps or movapd) on the stack.

no, but it could use the bytes of scratchspace to store the rcx parameter if it needs to use it for something else.
without that allocation the stack could get corrupted

++methos, try sub rsp,20/add rsp, 20 . perhaps the stack is already aligned, but not enough space (or injection at a point that space is still used by something else)

_________________
Do not ask me about online cheats. I don't know any and wont help finding them.

Like my help? Join me on Patreon so i can keep helping
Back to top
View user's profile Send private message MSN Messenger
++METHOS
I post too much
Reputation: 92

Joined: 29 Oct 2010
Posts: 4197

PostPosted: Fri Jan 29, 2016 4:59 am    Post subject: Reply with quote

Thanks, Dark Byte. That did the trick! Very Happy
Back to top
View user's profile Send private message
mgr.inz.Player
I post too much
Reputation: 218

Joined: 07 Nov 2008
Posts: 4438
Location: W kraju nad Wisla. UTC+01:00

PostPosted: Fri Jan 29, 2016 8:14 am    Post subject: Reply with quote

Probably it is not alignment problem. I think your injection point is inside a function, and that function doesn't call any other function. It doesn't preserve 0x20 bytes because it doesn't need it, maybe it only preserve space on the stack for local variables. Calling sleep cause overwriting those local variables and crash.

In 64bit architecture, a caller must preserve those 32bytes, also
caller must presume that volatile registers are destroyed across a call.

read: https://msdn.microsoft.com/en-us/library/9z1stfyw.aspx

_________________
Back to top
View user's profile Send private message MSN Messenger
++METHOS
I post too much
Reputation: 92

Joined: 29 Oct 2010
Posts: 4197

PostPosted: Fri Jan 29, 2016 9:37 am    Post subject: Reply with quote

Not sure. The injection point is a basic instruction that handles player coordinates:

Code:
SUBPS XMM2,[RDI+70]


I can post more, if you like.
Back to top
View user's profile Send private message
ParkourPenguin
I post too much
Reputation: 138

Joined: 06 Jul 2014
Posts: 4275

PostPosted: Fri Jan 29, 2016 11:21 am    Post subject: Reply with quote

After looking into that link provided by mgr.inz.Player, I'm pretty certain it's because of this:
Quote:
The caller is responsible for allocating space for parameters to the callee, and must always allocate sufficient space for the 4 register parameters, even if the callee doesn’t have that many parameters.

So while Sleep may preserve RSP it may not preserve the values in the stack if you don't give it enough space.
If you want to find out if this really is the problem, set a breakpoint just before your call to Sleep and see if any of those 32 bytes change after you step over the call.

_________________
I don't know where I'm going, but I'll figure it out when I get there.
Back to top
View user's profile Send private message
Display posts from previous:   
Post new topic   Reply to topic    Cheat Engine Forum Index -> Cheat Engine All times are GMT - 6 Hours
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum


Powered by phpBB © 2001, 2005 phpBB Group

CE Wiki   IRC (#CEF)   Twitter
Third party websites