Cheat Engine

[ner0]

There seems to exist this long standing issue of using Cheat Engine with a Dreamcast emulator called nullDC. Using Cheat Engine with other known emulators of the same platform, like Demul, works perfectly out of the box. Yet using a decade old basic cheat engine (nullDC Cheater) works just fine with nullDC emulator...

My question is why doesn't Cheat Engine play nice with nullDC or vice-versa?

Afaik, there is currently only one cheat engine, more primitive than CE, which is capable of scanning and writing correctly the nullDC emulator's memory. That cheat engine is called "nullDC Cheater", already repacked from the days of an older emulator called Chankast with which it also worked fine.

Anyway, Cheat Engine is one of the most advanced of it's kind so certainly that it is possible to have it work with nullDC. The question is, how?

For example, scanning nullDC with Cheat Engine will find matching results with two addresses for the same value, one of those addresses isn't in the range that you would expect, while the other is exactly the address to expect. What happens then with Cheat Engine is that if you change the value it will work as expected but then that value will be reallocated to a different address.

Here are 3 practical examples:

1. Using Cheat Engine on nullDC to find the value 43A00000, gives two matching addresses:

0x1C251EF8 <- unknown address/range
0x02231EF8 <- expected address/range

Now, if I change the value of the first one then the emulator will crash.
If I change the value of the second address the change will be successful but then the address won't hold it anymore and I'll have to search again for the new address.


2. Using nullDC Cheater on nullDC to find the value 43A00000, gives one matching addresses:

0x02231EF8 <- expected address/range

If I change the value of this address the change will be successful and the address will still be valid for further changes to the same propriety.


3. Using Cheat Engine on Demul to find the value 43A00000, gives one matching address:

0x2C231EF8 <- expected address/range

Note the different prefix, 2C instead of 02, but everything works fine, changing values is not an issue at all, the change will be successful and the address will still be valid for further changes to the same propriety.

So far the only thing I've tried was to enabled MEM_MAPPED in the memory regions to scan but unfortunately it didn't help.

NOTE: This is not the same thing as dynamic addresses that change with every game boot. In fact the addresses are static.

Does someone have an idea why a decade old piece of software works nicely with nullDC emulator yet Cheat Engine does not (not out of the box at least)?
Any ideas on how to make Cheat Engine work with nullDC?

Much appreciated, thank you!

[Dark Byte]

assuming you're on 6.6

execute this lua script before targeting the process:

[ner0]

[Dark Byte]

windows 10 has this issue where if you change the protection of a mapped page it gets destroyed, which is why dbk_writesIgnoreWriteProtection(true) is needed so it won't change the protection

try without dbk_useKernelmodeProcessMemoryAccess() or only call dbk_useKernelmodeProcessMemoryAccess() when you wish to write.

also, you an run two ce's next to eachother. one scqns, the other writes.

trainers can also use kernelmode, but remember to add the kernel files to the package

[ner0]