Talk:014C

From GTAMods Wiki
Revision as of 16:06, 13 June 2016 by Spaceeinstein (talk | contribs)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to navigation Jump to search

Is there more information on the bug? The causes, possible fixes? Seemann (talk) 10:45, 13 June 2016 (UTC)

The bug is at around 0x5A7617 where it is making a bad comparison.
; the switch/counter is at cargen+0x28, size two bytes
; using a value of 101 or above stores 0xffff, using a value between 0 and 100 stores the number as-is
.text:005A7617                 movzx   eax, word ptr [ebx+28h] ; grabs a two-byte value, do an unsigned extension
                                                               ; this means 0xffff would change to 0x0000ffff
.text:005A761B                 cmp     eax, 0FFFFFFFFh         ; compare against 0xffffffff
.text:005A761E                 jge     short loc_5A7624        ; jump if greater than or equal, signed comparison
                                                               ; but ALL resulting values are greater than -1
.text:005A7620                 dec     word ptr [ebx+28h]      ; decrement cargen+0x28 by 1, which is never reached
.text:005A7624 loc_5A7624:
So here's my fix that worked for me.
.text:005A7617                 movsx   eax, word ptr [ebx+28h] ; do a signed extension so that 0xffff would change to 0xffffffff
.text:005A761B                 cmp     eax, 0FFFFFFFFh         ; 
.text:005A761E                 jz      short loc_5A7624        ; jump if equal, signed comparison
.text:005A7620                 dec     word ptr [ebx+28h]      ; 
.text:005A7624 loc_5A7624:
Here's the code for CLEO.
05DF: write_memory 0x5A7618 size 1 value 0xBF virtual_protect 1
05DF: write_memory 0x5A761E size 1 value 0x74 virtual_protect 1
--Spaceeinstein (talk) 16:04, 13 June 2016 (UTC)