Jump to content
  • 0

Question

15 answers to this question

Recommended Posts

  • 0
Posted

You provided logcat, but for such cases region log is needed. In settings tab there is "Write region log" option for creating it.

  • 0
Posted

My guess is that the values are actually from this region: 

6e36d4b000-6e36dcb000 rw-p 00000000 00:00 0                              [anon:scudo:primary]

but for some reason the address in GG starts with "B40000" instead of "000000".

You should be able to check this assumption by navigating to presumably correct address (that starts with zeros) in GG's memory viewer.

  • 0
Posted

I just checked and you are right. Without "B40000", the memory range is in Other. The thing is, if I search for the address without "B40000", nothing comes up so "B40000" is needed.

  • 0
Posted

I don't have any explanation for described behavior, but it may help, if you provide details regarding finding the value in problematic region. Which game/application is that? What is the algorithm to find any value from problematic region?

  • 0
Posted (edited)

The game is Bitlife 64-bit version.

  1. Search for the Bank Balance which is a Double
  2. Once you find the value, tap and hold on it and then tap on "Offset calculator" and use -0x10
  3. Next, go to the pointer and there you are

Here is a link to a video if you need it

Edited by AmbitiousNoob
  • 0
Posted

Thanks for the details. With them it appeared to be quite easy to find the answer.

The value is tagged pointer that actually points to valid address in process address space. Top byte in tagged pointers is "implementation defined tag" that needs to be ignored to get the real address that pointer holds. More information about tagged pointers is present in Android documentation: https://source.android.com/devices/tech/debug/tagged-pointers

So when you encounter such pointers, discard the top byte of their hex value (or replace it with "00") when navigating to the address to get to the correct address.

  • 0
Posted
On 29/11/2021 at 02:48, CmP said:

Cảm ơn các chi tiết. Với họ, dường như khá dễ dàng để tìm ra câu trả lời.

Giá trị được gắn thẻ con trỏ thực sự trỏ đến địa chỉ hợp lệ trong không gian địa chỉ quá trình. Byte trên cùng trong con trỏ được gắn thẻ là "thẻ được xác định triển khai" cần được bỏ qua để lấy địa chỉ thực mà con trỏ lưu giữ. Thông tin thêm về con trỏ được gắn thẻ có trong tài liệu Android:  https://source.android.com/devices/tech/debug/tagged-pointers

Vì vậy, khi bạn gặp những con trỏ như vậy, hãy loại bỏ byte trên cùng của giá trị hex của chúng (hoặc thay thế bằng "00") khi điều hướng đến địa chỉ để đến đúng địa chỉ.

my top byte is already 0 what should i do? hope you can help

  • 0
Posted
2 minutes ago, toanpham6001 said:

my top byte is already 0 what should i do?

Since you have already created separate topic for your question, provide the details there. Include region log, address of the value and the value itself.

  • 0
Posted (edited)

the ? region is a memory out of boundry means for each app to be executed the proccessor allocate a memory for the app , these addresses and values are for another application editing them won't affect the game but it does for the other application 
what cause this : it might be a GLIBC Heap bug or a heap overflow

Edited by XEKEX

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.