Changeset 309

Timestamp:

01/15/10 14:01:12 (8 weeks ago)

Author:

dark_byte

Message:

bugfixes for the heaplist and memory dissect

Location:

Cheat Engine

Files:

• CEFuncProc.pas (modified) (2 diffs)
• CheatEngine.res (modified) (previous)
• DBKKernel/DBKFunc.h (modified) (1 diff)
• DBKKernel/amd64/debuggera.asm (modified) (1 diff)
• DBKKernel/debugger.c (modified) (19 diffs)
• DBKKernel/vmxoffload.c (modified) (3 diffs)
• KernelDebugger.pas (modified) (7 diffs)
• MainUnit.dfm (modified) (1 diff)
• MainUnit.pas (modified) (1 diff)
• MemoryBrowserFormUnit.dfm (modified) (28 diffs)
• MemoryBrowserFormUnit.pas (modified) (11 diffs)
• Release/Cheat Engine.iss (modified) (2 diffs)
• Structuresfrm.pas (modified) (1 diff)
• SynEdit/Source/SynHighlighterAA.pas (modified) (7 diffs)
• cheatengine.dof (modified) (2 diffs)
• dbk32/debug.pas (modified) (1 diff)
• frmHeapsUnit.pas (modified) (1 diff)
• frmMemoryAllocHandlerUnit.pas (modified) (2 diffs)
• plugin.pas (modified) (3 diffs)
• plugin/cepluginsdk.h (modified) (2 diffs)
• plugin/cepluginsdk.pas (modified) (2 diffs)
• pluginexports.pas (modified) (1 diff)

Cheat Engine/CEFuncProc.pas

@@ -200 +200 @@
 function freetypetostring(freetype: dword):string;
 function isAddress(address: dword):boolean;
+function isExecutableAddress(address: dword):boolean;
 
 {$ifndef standalonetrainer}
@@ -3192 +3193 @@
 end;
 
+function isExecutableAddress(address: dword):boolean;
+var mbi: TMemoryBasicInformation;
+begin
+  result:=false;
+  if VirtualQueryEx(processhandle, pointer(address), mbi, sizeof(mbi))>0 then
+    result:=(mbi.State=MEM_COMMIT) and (((mbi.Protect and PAGE_EXECUTE)=PAGE_EXECUTE) or ((mbi.Protect and PAGE_EXECUTE_READ)=PAGE_EXECUTE_READ) or ((mbi.Protect and PAGE_EXECUTE_READWRITE)=PAGE_EXECUTE_READWRITE) or ((mbi.Protect and PAGE_EXECUTE_WRITECOPY)=PAGE_EXECUTE_WRITECOPY) );
+end;
+
+
+
 
 

Cheat Engine/DBKKernel/DBKFunc.h

@@ -84 +84 @@
 typedef struct tagDebugReg7
 {
-        unsigned L0                     :1; // 
-        unsigned G0                     :1; // 
-        unsigned L1                     :1; // 
-        unsigned G1                     :1; // 
-        unsigned L2                     :1; // 
-        unsigned G2                     :1; // 
-        unsigned L3                     :1; // 
-        unsigned G3                     :1; // 
-        unsigned GL                     :1; // 
-        unsigned GE                     :1; // 
-        unsigned undefined1     :3; // 001 
-        unsigned GD                     :1; // 
+        unsigned L0                     :1; //                  0
+        unsigned G0                     :1; //                  1
+        unsigned L1                     :1; //                  2
+        unsigned G1                     :1; //                  3
+        unsigned L2                     :1; //                  4
+        unsigned G2                     :1; //                  5
+        unsigned L3                     :1; //                  6
+        unsigned G3                     :1; //                  7
+        unsigned GL                     :1; //                  8
+        unsigned GE                     :1; //                  9
+        unsigned undefined1     :3; // 001              10
+        unsigned GD                     :1; //                  11
         unsigned undefined2     :2; // 00 
         unsigned RW0            :2;

Cheat Engine/DBKKernel/amd64/debuggera.asm

@@ -45 +45 @@
 interrupt1_asmentry:
                 ;save stack position
+                sub esp,4096
+
                 cld                     
                 push 0 ;push an errorcode on the stack so the stackindex enum type can stay the same relative to interrupts that do have an errorcode (int 14)

Cheat Engine/DBKKernel/debugger.c

@@ -159 +159 @@
 void debugger_touchDebugRegister(void)
 {
+        DbgPrint("Touching debug register. inepilogue=\n", DebuggerState.FakedDebugRegisterState[cpunr()].inEpilogue);
+
+        
         debugger_dr0_setValue(debugger_dr0_getValue());
+        
 }
 
@@ -223 +227 @@
 
                 DbgPrint("Int 1 is hooked,%ssetting GD\n",(state ? "":"un"));
+                DbgPrint("oldEpilogueState=%d\n",oldEpilogueState);
                 //debugger_setInitialFakeState();
 
@@ -228 +233 @@
                 DebuggerState.globalDebug=state;
                 debugger_dr7_setGD(state);
-                //DebuggerState.FakedDebugRegisterState[cpunr()].inEpilogue=oldEpilogueState;
-
+                
+                DebuggerState.FakedDebugRegisterState[cpunr()].inEpilogue=oldEpilogueState;
                 
 
                 DebuggerState.FakedDebugRegisterState[cpunr()].DR7=0x400;
                 debugger_dr7_setValueDword(0x400);              
+
         }
 
@@ -511 +517 @@
                 while (r != STATUS_SUCCESS)
                 {
-                        r=KeWaitForSingleObject(&debugger_event_CanBreak,UserRequest, KernelMode, TRUE, NULL);
+                        r=KeWaitForSingleObject(&debugger_event_CanBreak,Executive, KernelMode, FALSE, NULL);
                         //check r and handle specific events
+
+                        DbgPrint("Woke up. r=%x\n",r);
                                 
                 }
@@ -543 +551 @@
 
                         //LARGE_INTEGER wt;
-                        NTSTATUS s;
+                        NTSTATUS s=STATUS_UNSUCCESSFUL;
                         
                         //wt.QuadPart=-10000000LL; 
@@ -550 +558 @@
                         DbgPrint("Waiting...\n");
 
-                        s=KeWaitForSingleObject(&debugger_event_WaitForContinue, UserRequest, KernelMode, TRUE, NULL);
-
-                        DbgPrint("KeWaitForSingleObject=%x\n",s);               
+
+                        while (s != STATUS_SUCCESS)
+                        {
+                                s=KeWaitForSingleObject(&debugger_event_WaitForContinue, Executive, KernelMode, FALSE, NULL);
+                                DbgPrint("KeWaitForSingleObject=%x\n",s);               
+                        }
+
+                        
 
                         if (s==STATUS_SUCCESS)
@@ -569 +582 @@
                 }
 
+
+
                 //i'm done, let other threads catch it
                 KeSetEvent(&debugger_event_CanBreak, 0, FALSE);
@@ -596 +611 @@
         DebugReg7 _dr7=*(DebugReg7 *)&currentdebugregs[5];
 
+        DbgPrint("interrupt1_handler\n");
         
         //check if this break should be handled or not
@@ -830 +846 @@
         if (DebuggerState.isDebugging)
         {
+                DbgPrint("DebuggerState.isDebugging\n");
                 //check if this should break
                 if (CurrentProcessID==(HANDLE)(UINT_PTR)DebuggerState.debuggedProcessID)
@@ -835 +852 @@
                         UINT_PTR originaldebugregs[6];
                         UINT64 oldDR7=getDR7();
+
+                        DbgPrint("CurrentProcessID==(HANDLE)(UINT_PTR)DebuggerState.debuggedProcessID\n");
 
                         if (DebuggerState.globalDebug)
@@ -855 +874 @@
                                 ((PEFLAGS)&stackpointer[si_eflags])->RF=1;
                                 ((PEFLAGS)&stackpointer[si_eflags])->TF=1; //keep going until IF=1
+                                DbgPrint("IF==0\n");
                                 return 1; //don't handle it but also don't tell windows
                         }
@@ -879 +899 @@
                         }
 
+
+                        //save the current stack
+                        /*
+                        {
+                                int *p;
+                                p=ExAllocatePool(NonPagedPool,4096*2);
+
+                                        RtlZeroMemory(p,4096*2);
+                                        DbgPrint("p=%p\n",p);
+
+                                        RtlCopyMemory((PVOID)((UINT_PTR)p+4096), (PVOID)getRSP(), (UINT_PTR)(&stackpointer[si_ss])-(UINT_PTR)getRSP()); 
+
+                                        __asm
+                                        {
+                                                mov eax,p                                                       
+                                                add eax,4096
+                                                
+                                                sub ebp,esp
+                                                add ebp,eax
+
+                                                
+                                                mov esp,eax
+                                
+                                        }
+
+                                        return 1;
+        
+
+                        }
+                        */
+
+
+
                         //start the windows taskswitching mode
+
                         enableInterrupts();
                         {
                                 int rs=1;
-                                //DbgPrint("calling breakpointHandler_kernel\n");
+                                DbgPrint("calling breakpointHandler_kernel\n");
                                 
                                 rs=breakpointHandler_kernel(stackpointer, currentdebugregs);    
-                                //DbgPrint("After handler dr6=%x and before handling it was %x\n",debugger_dr6_getValue(), DebuggerState.FakedDebugRegisterState[cpunr()].DR6); 
+                                DbgPrint("After handler\n");
 
                                 //DbgPrint("rs=%d\n",rs);
@@ -906 +960 @@
                                 else
                                 {
+                                        
                                         if (getDR7() != oldDR7)
                                         {
@@ -919 +974 @@
                                         debugger_dr3_setValue(currentdebugregs[3]);
                                         debugger_dr6_setValue(currentdebugregs[4]);
-                                        debugger_dr7_setValue(*(DebugReg7 *)&currentdebugregs[5]);                                      
+
+                                        if ((currentdebugregs[5] >> 11) & 1)
+                                        {
+                                                DbgPrint("WTF? GD is 1 in currentdebugregs[5]\n");
+                                        }
+                                        else
+                                                debugger_dr7_setValue(*(DebugReg7 *)&currentdebugregs[5]);      
+                                                
                                 }
                                 
@@ -965 +1027 @@
         int i;
 
-        DbgPrint("interrupt1_centry:%d\n",cpunr());
+        DbgPrint("interrupt1_centry cpunr=%d esp=%x\n",cpunr(), getRSP());
 
         before=getRSP();
+
+        for (i=-12; i<7; i++)
+        {       
+                DbgPrint("stackpointer %d=%x\n",i, stackpointer[i]);
+        }
 
         
@@ -976 +1043 @@
         //DbgPrint("current csr=%x\n", _mm_getcsr());
 
-        //DbgPrint("stackpointer RAX=%llx\n",stackpointer[si_eax]);
-        //DbgPrint("stackpointer RBX=%llx\n",stackpointer[si_ebx]);
-        //DbgPrint("stackpointer RCX=%llx\n",stackpointer[si_ecx]);
-        //DbgPrint("stackpointer RDX=%llx\n",stackpointer[si_edx]);
-        //DbgPrint("stackpointer cs:rip=%llx:%llx\n",stackpointer[si_cs], stackpointer[si_eip]);
-        //DbgPrint("stackpointer ss:rsp=%llx:%llx\n",stackpointer[si_ss], stackpointer[si_esp]);
+
 
 #endif
@@ -1212 +1274 @@
                 //not global debug, just clear all flags and be done with it
                 debugger_dr6_setValue(0xffff0ff0);
-                
-        }
-
+                __nop();
+                
+        }
+
+        __nop();
+        __nop();
+        disableInterrupts();
+        disableInterrupts();
+        
+        __asm
+        {
+                cli
+        }
 
         if (handled == 2)
         {
+                __nop();
+                //DbgPrint("handled==2\n");             
                 handled = 1; //epilogue = 1 Dr handler
+                __nop();
         }
         else
         {               
+                __nop();
                 //not handled by the epilogue set DR0, so the actual epilogue
-                DebuggerState.FakedDebugRegisterState[cpunr()].inEpilogue=0;
-                debugger_dr7_setGD(DebuggerState.globalDebug);          
-        }
-
-        after=getRSP();
-
-        DbgPrint("before=%llx after=%llx\n",before,after);
+                //DbgPrint("handled==1\n");
+                
+                if (DebuggerState.globalDebug)
+                {
+                        DebuggerState.FakedDebugRegisterState[cpunr()].inEpilogue=0;
+                        debugger_dr7_setGD(DebuggerState.globalDebug); //set it back to 1               
+                        __nop();
+                        __nop();
+                }
+                __nop();
+                __nop();
+        }
+
+        __nop();
+        __nop();
+
+        //after=getRSP();
+
+        //DbgPrint("before=%llx after=%llx\n",before,after);
 
         return handled;
@@ -1239 +1327 @@
 {
         __asm{
+                //change the start of the stack so that instructions like setthreadcontext do not affect the stack it when it's frozen and waiting for input
+                //meaning the setting of debug registers will have to be done with the changestate call
+
+                //sub esp,4096
+                //push [esp+4096+0+16] //optional ss
+                //push [esp+4096+4+12] //optional esp
+                //push [esp+4096+8+8] //eflags
+                //push [esp+4096+12+4] //cs
+                //push [esp+4096+16+0] //eip
+                
+                
+                
+                
+
+
+
                 //save stack position
                 push 0 //push an errorcode on the stack so the stackindex can stay the same
@@ -1246 +1350 @@
                 //save state
                 pushad
-                push ds
-                push es
-                push fs
-                push gs
-
+                xor eax,eax
+                mov ax,ds
+                push eax
+
+                mov ax,es
+                push eax
+
+                mov ax,fs
+                push eax
+
+                mov ax,gs
+                push eax
+                
                 mov ax,0x23 //0x10 should work too, but even windows itself is using 0x23
                 mov ds,ax

Cheat Engine/DBKKernel/vmxoffload.c

@@ -203 +203 @@
                         NTSTATUS OpenedFile;
 
-                        vmmPA=MmGetPhysicalAddress(vmm).QuadPart;
+                        vmmPA=(UINT_PTR)MmGetPhysicalAddress(vmm).QuadPart;
                         DbgPrint("Allocated memory at virtual address %p (physical address %llx)\n",vmm,MmGetPhysicalAddress(vmm));
                         RtlZeroMemory(vmm,4*1024*1024); //initialize
@@ -743 +743 @@
                         xchg bx,bx
                         
+                        mov ebx,vmmPA
+                        __emit 0x8b
+                        __emit 0xeb //mov ebp,ebx
+                        
+
                         lea ebx,NewGDTDescriptor
                         mov ecx,pagedirptrbasePA
@@ -748 +753 @@
                         mov esi,enterVMM2PA
                         mov edi,originalstatePA
-                        mov ebp,vmmPA
+                        
                         call [enterVMM2]
                         

Cheat Engine/KernelDebugger.pas

@@ -39 +39 @@
 
     function getDebugReason: integer;
+
 
   public
@@ -379 +380 @@
     Debuggerthread.threadlistCS.Enter;
     try
-      if not setthreadcontext(threadhandle, generaldebugregistercontext) then
-        OutputDebugString(format('Failed setting debug registers on thread %x with error %d',[threadhandle, GetLastError]));
+      if debuggerthread.stepping then
+      begin
+        OutputDebugString('debuggerthread.stepping is TRUE');
+        debuggerthread.currentdebuggerstate.dr0:=generaldebugregistercontext.Dr0;
+        debuggerthread.currentdebuggerstate.dr1:=generaldebugregistercontext.Dr1;
+        debuggerthread.currentdebuggerstate.dr2:=generaldebugregistercontext.Dr2;
+        debuggerthread.currentdebuggerstate.dr3:=generaldebugregistercontext.Dr3;
+        debuggerthread.currentdebuggerstate.dr6:=generaldebugregistercontext.Dr6;
+        debuggerthread.currentdebuggerstate.dr7:=generaldebugregistercontext.Dr7;
+      end
+      else
+      begin
+        OutputDebugString('debuggerthread.stepping is FALSE');      
+        if not setthreadcontext(threadhandle, generaldebugregistercontext) then
+          OutputDebugString(format('Failed setting debug registers on thread %x with error %d',[threadhandle, GetLastError]));
+      end;
     finally
       Debuggerthread.threadlistCS.Leave;
@@ -559 +574 @@
     stacktrace1.Enabled:=true;
     Executetillreturn1.Enabled:=true;
-    caption:='Memory Viewer - Currently debugging thread';
+    if stepping then
+      caption:='Memory Viewer - Currently debugging thread'
+    else
+      caption:='Memory Viewer - Running...';
 
     if frmstacktrace<>nil then
@@ -810 +828 @@
   end;
 end;
-
 
 function TKDebuggerThread.getDebugReason: integer;
@@ -927 +944 @@
     co_stepover:
     begin
-      OutputDebugString('step over');
+      OutputDebugString('step over. Stepping='+booltostr(stepping,true));
       currentdebuggerstate.eflags:=eflags_setRF(currentdebuggerstate.eflags,1); //skip current instruction bp
       currentdebuggerstate.eflags:=eflags_setTF(currentdebuggerstate.eflags,0);
@@ -944 +961 @@
       currentdebuggerstate.eflags:=eflags_setRF(currentdebuggerstate.eflags,1); //skip current instruction bp
       currentdebuggerstate.eflags:=eflags_setTF(currentdebuggerstate.eflags,0);
+      OutputDebugString('Setting breakpoint to '+inttohex(runtilladdress,8));
       KDebugger.SetBreakpoint(runtilladdress, bt_OnInstruction, 1, bo_Break, nil, currentdebuggerstate.threadid, true);
       stepping:=false;
@@ -1096 +1114 @@
                 //delete if it belongs to this thread and it's a one time only break
                 if owner.breakpoint[breakreason].BreakOnce then
+                begin
+                  stepping:=true;
                   KDebugger.DisableBreakpoint(breakreason);
+                end;
               end
               else

Cheat Engine/MainUnit.dfm

@@ -1460 +1460 @@
       Height = 13
       Caption = 'Launch DBVM'
+      Visible = False
       OnClick = Label59Click
     end

Cheat Engine/MainUnit.pas

@@ -10732 +10732 @@
 procedure TMainForm.Label59Click(Sender: TObject);
 var
-  f: TfrmFloatingPointPanel;
-begin
-  ZeroMemory(@c,sizeof(c));
-  c.ContextFlags:=CONTEXT_FLOATING_POINT or CONTEXT_EXTENDED_REGISTERS;
-  if GetThreadContext(getcurrentthread, c) then
-  begin
-    f:=TfrmFloatingPointPanel.create(self);
-    f.SetContextPointer(@c);
-    memorybrowser.memoryaddress:=dword(@c);
-    f.show;
-
-    showmessage(inttohex(dword(@c)+sizeof(c),8))
-   
-  end else showmessage('fuck');
+  i,j: integer;
+  temp: thandle;
+  found: boolean;
+  c: Tcontext;
+begin
+    found:=false;
+    for i:=0 to length(frmprocesswatcher.processes)-1 do
+    begin
+      if frmprocesswatcher.processes[i].processid=processid then
+      begin
+        //open the threads
+        for j:=0 to length(frmprocesswatcher.processes[i].threadlist)-1 do
+        begin
+
+          temp:=Openthread(STANDARD_RIGHTS_REQUIRED or $3ff,true,frmprocesswatcher.processes[i].threadlist[j].threadid);
+          if temp<>0 then
+          begin
+            c.ContextFlags:=CONTEXT_DEBUG_REGISTERS;
+            GetThreadContext(temp,c);
+
+            c.ContextFlags:=CONTEXT_DEBUG_REGISTERS;
+            c.Dr0:=$12345678;
+            SetThreadContext(temp,c);
+
+//            setlength(threadlist,length(threadlist)+1);
+//            threadlist[length(threadlist)-1]:=temp;
+          end;
+        end;
+
+        found:=true;
+        showmessage('found');
+        break;
+
+      end;
+    end;
+
+    if not found then showmessage('error');
 end;
 

Cheat Engine/MemoryBrowserFormUnit.dfm

@@ -77 +77 @@
         OnResize = ScrollBox1Resize
         object EAXLabel: TLabel
-          Left = 10
+          Left = 8
           Top = 19
           Width = 96
@@ -93 +93 @@
         object EBXlabel: TLabel
           Tag = 1
-          Left = 10
-          Top = 32
+          Left = 8
+          Top = 35
           Width = 96
           Height = 13
@@ -109 +109 @@
         object ECXlabel: TLabel
           Tag = 2
-          Left = 10
-          Top = 45
+          Left = 8
+          Top = 51
           Width = 96
           Height = 13
@@ -125 +125 @@
         object EDXlabel: TLabel
           Tag = 3
-          Left = 10
-          Top = 58
+          Left = 8
+          Top = 67
           Width = 96
           Height = 13
@@ -141 +141 @@
         object ESIlabel: TLabel
           Tag = 4
-          Left = 10
-          Top = 70
+          Left = 8
+          Top = 83
           Width = 96
           Height = 13
@@ -157 +157 @@
         object EDIlabel: TLabel
           Tag = 5
-          Left = 10
-          Top = 83
+          Left = 8
+          Top = 99
           Width = 96
           Height = 13
@@ -173 +173 @@
         object EBPlabel: TLabel
           Tag = 6
-          Left = 10
-          Top = 96
+          Left = 8
+          Top = 115
           Width = 96
-          Height = 13
+          Height = 14
           Cursor = crHandPoint
           Caption = 'EBP 00000000'
@@ -189 +189 @@
         object ESPlabel: TLabel
           Tag = 7
-          Left = 10
-          Top = 109
+          Left = 8
+          Top = 131
           Width = 96
-          Height = 13
+          Height = 14
           Cursor = crHandPoint
           Caption = 'ESP 00000000'
@@ -205 +205 @@
         object EIPlabel: TLabel
           Tag = 8
-          Left = 10
-          Top = 121
+          Left = 8
+          Top = 147
           Width = 96
-          Height = 13
+          Height = 15
           Cursor = crHandPoint
           Caption = 'EIP 00000000'
@@ -221 +221 @@
         object CSLabel: TLabel
           Tag = 9
-          Left = 10
-          Top = 153
+          Left = 8
+          Top = 184
           Width = 56
           Height = 13
@@ -237 +237 @@
         object DSLabel: TLabel
           Tag = 11
-          Left = 10
-          Top = 176
+          Left = 8
+          Top = 216
           Width = 56
           Height = 13
@@ -253 +253 @@
         object SSlabel: TLabel
           Tag = 10
-          Left = 10
-          Top = 164
+          Left = 8
+          Top = 200
           Width = 56
           Height = 13
@@ -269 +269 @@
         object ESlabel: TLabel
           Tag = 12
-          Left = 10
-          Top = 188
+          Left = 8
+          Top = 232
           Width = 56
           Height = 13
@@ -285 +285 @@
         object FSlabel: TLabel
           Tag = 13
-          Left = 10
-          Top = 199
+          Left = 8
+          Top = 248
           Width = 56
           Height = 13
@@ -301 +301 @@
         object GSlabel: TLabel
           Tag = 14
-          Left = 10
-          Top = 211
+          Left = 8
+          Top = 264
           Width = 56
           Height = 13
@@ -317 +317 @@
         object cflabel: TLabel
           Tag = 20
-          Left = 143
-          Top = 20
+          Left = 136
+          Top = 24
           Width = 32
           Height = 13
@@ -332 +332 @@
         object pflabel: TLabel
           Tag = 21
-          Left = 143
-          Top = 31
+          Left = 136
+          Top = 40
           Width = 32
           Height = 13
@@ -347 +347 @@
         object aflabel: TLabel
           Tag = 22
-          Left = 143
-          Top = 43
+          Left = 136
+          Top = 56
           Width = 32
           Height = 13
@@ -362 +362 @@
         object zflabel: TLabel
           Tag = 23
-          Left = 143
-          Top = 55
+          Left = 136
+          Top = 72
           Width = 32
           Height = 13
@@ -377 +377 @@
         object sflabel: TLabel
           Tag = 24
-          Left = 143
-          Top = 66
+          Left = 136
+          Top = 88
           Width = 32
           Height = 13
@@ -392 +392 @@
         object oflabel: TLabel
           Tag = 26
-          Left = 143
-          Top = 90
+          Left = 136
+          Top = 120
           Width = 32
           Height = 13
@@ -420 +420 @@
         end
         object Label15: TLabel
-          Left = 143
+          Left = 139
           Top = 0
           Width = 34
@@ -427 +427 @@
         end
         object Shape2: TShape
-          Left = 142
+          Left = 138
           Top = 16
           Width = 35
@@ -435 +435 @@
         object Label16: TLabel
           Left = 7
-          Top = 134
+          Top = 162
           Width = 115
           Height = 16
@@ -442 +442 @@
         object Shape3: TShape
           Left = 7
-          Top = 150
+          Top = 178
           Width = 111
           Height = 3
@@ -449 +449 @@
         object dflabel: TLabel
           Tag = 25
-          Left = 143
-          Top = 78
+          Left = 136
+          Top = 104
           Width = 32
           Height = 13
@@ -463 +463 @@
         end
         object sbShowFloats: TSpeedButton
-          Left = 157
-          Top = 135
+          Left = 153
+          Top = 159
           Width = 21
           Height = 31
@@ -635 +635 @@
         ViewStyle = vsReport
         OnData = lvStacktraceDataData
+        OnDblClick = lvStacktraceDataDblClick
       end
     end

Cheat Engine/MemoryBrowserFormUnit.pas

@@ -313 +313 @@
     procedure Executetillreturn1Click(Sender: TObject);
     procedure lvStacktraceDataData(Sender: TObject; Item: TListItem);
+    procedure lvStacktraceDataDblClick(Sender: TObject);
   private
     { Private declarations }
@@ -1841 +1842 @@
     debuggerthread.continuehow:=wdco_run;   //note: I could also have the debuggerthread suspend itself, and resume it here
     debuggerthread.continueprocess:=true;
-    caption:='Memory Viewer - Running';
-  end;
+  end;
+  caption:='Memory Viewer - Running';  
   {$endif}
 end;
@@ -1858 +1859 @@
     debuggerthread.continuehow:=wdco_stepinto; //single step
     debuggerthread.continueprocess:=true;
-    caption:='Memory Viewer - Running';
-  end;
-
+  end;
+
+  caption:='Memory Viewer - Running';
   {$endif}
 end;
@@ -1870 +1871 @@
     int3: byte;
     original,a,written:dword;
-
-begin
-  {$ifndef net}
+begin
   int3:=$cc;
   //place a invisble for the user breakpoint on the following upcode
@@ -1937 +1936 @@
 
     debuggerthread.continueprocess:=true;
-    caption:='Memory Viewer - Running';
-  end;
-  {$endif}
+
+  end;
+  caption:='Memory Viewer - Running';
 end;
 
@@ -1955 +1954 @@
   if kdebugger.isactive then
   begin
-    kdebugger.continue(co_runtill);
+    kdebugger.continue(co_runtill, disassemblerview.SelectedAddress);
   end
   else
@@ -1999 +1998 @@
 
     debuggerthread.continueprocess:=true;
-    caption:='Memory Viewer - Running';
-  end;
+
+  end;
+  caption:='Memory Viewer - Running';
 
   {$endif}
@@ -3998 +3998 @@
           c:=lvstacktracedata.Columns.Add;
           c.Caption:='Return Address';
-          c.Width:=120;
+          c.Width:=lvstacktracedata.Canvas.TextWidth('DDDDDDDD');
+          c.AutoSize:=true;
+
 
           c:=lvstacktracedata.Columns.Add;
@@ -4158 +4160 @@
 
 function TMemoryBrowser.GetReturnaddress: dword;
-var haserror: boolean;
+var
+  haserror: boolean;
+  stack: array [0..1023] of dword;
+  x: dword;
+  i: integer;
 begin
   result:=0;
@@ -4172 +4178 @@
   end;
 
+  if result=0 then
+  begin
+
+    //go through the stack and find a entry that falls in executable memory
+    ReadProcessMemory(processhandle, pointer(lastdebugcontext.Esp), @stack[0], 4096, x);
+    for i:=0 to (x div 4) do
+    begin
+      if symhandler.inModule(stack[i]) and isExecutableAddress(stack[i]) then
+      begin
+        result:=stack[i]; //best guess, it's an address specifier, it falls inside a module, and it's executable
+        exit;
+      end;
+    end;
+  end;
 end;
 
@@ -4244 +4264 @@
 end;
 
+procedure TMemoryBrowser.lvStacktraceDataDblClick(Sender: TObject);
+var
+  hasError: boolean;
+  x: dword;
+
+  column : integer;
+  cursorpos: tpoint;
+  tvrect: trect;
+  i: integer;
+
+  currentleft: integer;
+  s: string;
+begin
+  if stacktrace2.checked then
+  begin
+    //go to the selected address
+    x:=symhandler.getAddressFromName(lvStacktraceData.Selected.Caption,false,haserror);
+    if not haserror then
+      disassemblerview.SelectedAddress:=x;
+  end
+  else
+  begin
+    //depending on what column is selected go to the disassembler/hexview part
+    cursorpos:=mouse.CursorPos;
+    GetWindowRect(lvStacktraceData.Handle, tvrect);
+
+    //get the relative position
+    cursorpos.X:=cursorpos.X-tvrect.Left;
+    cursorpos.Y:=cursorpos.Y-tvrect.Top;
+
+    column:=0;
+
+    currentleft:=0;
+    for i:=0 to lvStacktraceData.Columns.count-1 do
+    begin
+      if (cursorpos.X>currentleft) and (cursorpos.X<(currentleft+lvStacktraceData.Columns[i].width)) then
+      begin
+        column:=i;
+        break;
+      end;
+      inc(currentleft, lvStacktraceData.Columns[i].width);
+    end;
+
+    if column=0 then
+      s:=lvStacktraceData.Selected.Caption
+    else
+      s:=lvStacktraceData.Selected.SubItems[column-1];
+
+    x:=symhandler.getAddressFromName(lvStacktraceData.Selected.Caption,false,haserror);
+    if not haserror then
+    begin
+      if isExecutableAddress(x) then
+        disassemblerview.SelectedAddress:=x
+      else
+      begin
+        memoryaddress:=x;
+        RefreshMB;
+      end;
+    end;
+
+  end;
+end;
+
 end.

Cheat Engine/Release/Cheat Engine.iss

@@ -3 +3 @@
 
 [Setup]
-AppName=Cheat Engine 5.6 BETA 4
-AppVerName=Cheat Engine 5.6 BETA 4
+AppName=Cheat Engine 5.6 BETA 5
+AppVerName=Cheat Engine 5.6 BETA 5
 AppPublisher=Dark Byte
 AppPublisherURL=http://www.cheatengine.org/
 AppSupportURL=http://www.cheatengine.org/
 AppUpdatesURL=http://www.cheatengine.org/
-DefaultDirName={pf}\Cheat Engine Beta4
-DefaultGroupName=Cheat Engine 5.6 BETA 4
+DefaultDirName={pf}\Cheat Engine Beta5
+DefaultGroupName=Cheat Engine 5.6 BETA 5
 AllowNoIcons=yes
 LicenseFile=..\Release\License.txt
 InfoAfterFile=..\Release\readme.txt
-OutputBaseFilename=CheatEngine56Beta4
+OutputBaseFilename=CheatEngine56Beta5
 PrivilegesRequired=admin
 ChangesAssociations=yes
@@ -248 +248 @@
 
 [Run]
-Filename: "{app}\Cheat Engine.exe"; Description: "Launch Cheat Engine 5.6"; Flags: nowait postinstall skipifsilent runascurrentuser
+Filename: "{app}\Cheat Engine.exe"; Description: "Launch Cheat Engine 5.6 Beta 5"; Flags: nowait postinstall skipifsilent runascurrentuser

Cheat Engine/Structuresfrm.pas

@@ -1181 +1181 @@
       Memorybrowsethisaddress1.Visible:=false;
 
-      if (s.basestructure<0) then
+      if (s<>nil) and (s.basestructure<0) then
       begin
         Addelement1.Visible:=false;

Cheat Engine/SynEdit/Source/SynHighlighterAA.pas

@@ -139 +139 @@
     function Func59: TtkTokenKind; //readmem    
     function Func68: TtkTokenKind; //include
+    function Func82: TtkTokenKind; //assert
     function Func92: TtkTokenKind; //globalalloc
     function Func101: TtkTokenKind; //fullaccess/loadbinary
@@ -226 +227 @@
   end;
 
+procedure aa_AddExtraCommand(command:pchar);
+procedure aa_RemoveExtraCommand(command:pchar);
+function isExtraCommand(token:string): boolean;
+
+
 implementation
 
@@ -238 +244 @@
   Identifiers: array[#0..#255] of ByteBool;
   mHashTable: array[#0..#255] of Integer;
+
+  extraCommands: Tstringlist;
+
+procedure aa_AddExtraCommand(command:pchar);
+begin
+  if extraCommands=nil then
+  begin
+    extraCommands:=tstringlist.create;
+    extraCommands.Duplicates:=dupIgnore;
+    extracommands.CaseSensitive:=false;
+  end;
+
+  extraCommands.Add(command);
+end;
+
+procedure aa_RemoveExtraCommand(command:pchar);
+begin
+  if extracommands<>nil then
+  begin
+    extracommands.Delete(extracommands.IndexOf(command));
+    if extracommands.Count=0 then
+      freeandnil(extracommands);
+  end;
+end;
+
+function isExtraCommand(token: string): boolean;
+begin
+  result:=false;
+  if extracommands<>nil then
+    result:=extracommands.IndexOf(token)<>-1;
+end;
+
 
 procedure MakeIdentTable;
@@ -293 +331 @@
   fIdentFuncTable[59] := Func59;
   fIdentFuncTable[68] := Func68;
+  fIdentFuncTable[82] := Func82;  
   fIdentFuncTable[92] := Func92;
   fIdentFuncTable[101] := Func101;
@@ -500 +539 @@
 end;
 
+function TSynAASyn.Func82: TtkTokenKind; //include
+begin
+  if KeyComp('assert') then Result := tkKey else
+    Result := tkIdentifier;
+end;
+
 function TSynAASyn.Func92: TtkTokenKind; //globalalloc
 begin
@@ -548 +593 @@
   for i:=1 to length(s) do
   begin
-    if (s[i]=' ') or (s[i]=#9) or (s[i]=',') or (s[i]=#10) or (s[i]=#13) then
+    if (s[i]='(') or (s[i]=' ') or (s[i]=#9) or (s[i]=',') or (s[i]=#10) or (s[i]=#13) then
     begin
       result:=copy(s,1,i-1);
@@ -566 +611 @@
 
     
-  if (result=tkIdentifier) and (GetOpcodesIndex(getfirsttoken(maybe))<>-1) then
-    result:=tkKey;
+  if (result=tkIdentifier) then
+  begin
+    if GetOpcodesIndex(getfirsttoken(maybe))<>-1 then
+      result:=tkKey
+    else
+    if isExtraCommand(getfirsttoken(maybe)) then
+      result:=tkKey;
+  end;
+
+
 end;
 

Cheat Engine/cheatengine.dof

@@ -189 +189 @@
 MinorVer=6
 Release=0
-Build=48
+Build=53
 Debug=0
 PreRelease=1
@@ -200 +200 @@
 CompanyName=
 FileDescription=Cheat Engine 5.6
-FileVersion=5.6.0.48
+FileVersion=5.6.0.53
 InternalName=CheatEngine
 LegalCopyright=none

Cheat Engine/dbk32/debug.pas

@@ -115 +115 @@
 //just make sure to disable the breakpoint before removing the handler
 begin
+  OutputDebugString('DBKDebug_TouchDebugRegister');
   foreachcpu(internal_touchdebugregister,nil);
 end;

Cheat Engine/frmHeapsUnit.pas

@@ -126 +126 @@
 procedure TfrmHeaps.FormCreate(Sender: TObject);
 begin
-  frmMemoryAllocHandler:=TfrmMemoryAllocHandler.Create(self); //just not show
+  if frmMemoryAllocHandler=nil then
+    frmMemoryAllocHandler:=TfrmMemoryAllocHandler.Create(self); //just not show
+
   frmMemoryAllocHandler.WaitForInitializationToFinish;
 

Cheat Engine/frmMemoryAllocHandlerUnit.pas

@@ -566 +566 @@
 var injectionscript: TStringlist;
 var x,y,z: THandle;
+mi: tmoduleinfo;
 begin
   memrecCS:=TCriticalSection.Create;
@@ -572 +573 @@
   try
     //inject allochook.dll
-    injectdll(CheatEngineDir+'allochook.dll');
-    symhandler.reinitialize;
+    if not symhandler.getmodulebyname('allochook.dll',mi) then
+    begin
+      injectdll(CheatEngineDir+'allochook.dll');
+      symhandler.reinitialize;
+    end;
+      
+
 
 

Cheat Engine/plugin.pas

@@ -117 +117 @@
   disassembleEx     : pointer;
   loadModule        : pointer;
+  aa_AddExtraCommand: pointer;
+  aa_RemoveExtraCommand: pointer;
 end;
 type PExportedFunctions3 = ^TExportedFunctions3;
@@ -495 +497 @@
 implementation
 
-uses mainunit,memorybrowserformunit,formsettingsunit, pluginexports;
+uses mainunit,memorybrowserformunit,formsettingsunit, pluginexports, SynHighlighterAA;
 
 function TPluginHandler.GetDLLFilePath(pluginid: integer):string;
@@ -1327 +1329 @@
   exportedfunctions.disassembleEx:=@ce_disassemble;
   exportedfunctions.loadModule:=@ce_loadModule;
+
+  exportedfunctions.aa_AddExtraCommand:=@aa_AddExtraCommand;
+  exportedfunctions.aa_RemoveExtraCommand:=@aa_RemoveExtraCommand;
+
 end;
 

Cheat Engine/plugin/cepluginsdk.h

@@ -148 +148 @@
 typedef BOOL (__stdcall *CEP_LOADMODULE)(char *modulepath, char *exportlist, int *maxsize);
 typedef BOOL (__stdcall *CEP_DISASSEMBLEEX)(ULONG address, char *output, int maxsize);
+typedef VOID (__stdcall *CEP_AA_ADDCOMMAND)(void);
+typedef VOID (__stdcall *CEP_AA_DELCOMMAND)(void);
 
 typedef struct _ExportedFunctions
@@ -255 +257 @@
   CEP_DISASSEMBLEEX disassembleEx;
   CEP_LOADMODULE loadModule;
+  CEP_AA_ADDCOMMAND aa_AddExtraCommand;
+  CEP_AA_DELCOMMAND aa_RemoveExtraCommand;
 
 

Cheat Engine/plugin/cepluginsdk.pas

@@ -125 +125 @@
 type TloadModule=function(modulepath: pchar; exportlist: pchar; maxsize: pinteger): BOOL; stdcall;
 type TDisassembleEx=function(address: pdword; output: pchar; maxsize: integer): BOOL; stdcall;
+type Taa_AddExtraCommand=procedure(command:pchar);
+type Taa_RemoveExtraCommand=procedure(command:pchar);
 
 type TPluginVersion =record
@@ -237 +239 @@
   disassembleEx     : TDisassembleEx;
   loadModule        : TloadModule;
+
+  aa_AddExtraCommand: Taa_AddExtraCommand;
+  aa_RemoveExtraCommand:Taa_RemoveExtraCommand;
+
 end;
 

Cheat Engine/pluginexports.pas

@@ -37 +37 @@
 
 function ce_loadModule(modulepath: pchar; exportlist: pchar; maxsize: pinteger): BOOL; stdcall;
+