Cheat Engine

[Banjo Patterson]

Hey guys,

I'm wondering if anyone could clarify this one for me. I'm currently playing around with PJ64 and super smash bros (U), tracking the instructions that set a player's health after taking damage. The instruction is highlighted in blue, EAX is the new health, EDX+ESI is therefore the player's health address. (Pic attached).

In my example, P2's health is at address 4D8B5714. What confuses me, is EDX+ESI = 14D8B5714, which is way out of any loaded memory region, being 1 billion addresses too far. It seems the player’s health address in this instance is derived from that far address 14D8B5714 - ESI (CD640000) = 4D8B5714.

I'm hoping somebody here could shed some light on why this may be. Being an emulator it probably adds a level of mixup to the disassembly/registers, but I'm curious anyhow.

Cheers guys.

EDIT:

Actually I think I may have worked it out. Seeing as EDX is a higher address than the address of the player's health, it may be some funky assembly trick to get EDX+ESI to equal the actual address, as you can't address by EDX-ESI. Maybe the emulator just adds EDX+ESI then subs a billion addresses.

Still curious though I could be completely wrong.

[ParkourPenguin]

https://en.wikipedia.org/wiki/Integer_overflow

In x86, the effective address that results from an address computation is reduced modulo 2^32. In other words, everything beyond the first 4 bytes gets truncated. 14D8B5714 simply becomes 4D8B5714- that extra 1 at the front just gets carried away and never actually exists from the perspective of software.