Archgrove - Implicit Definition

My apologies for not getting part 5 of “Reapplying the Decal” up today, but I do have a (pathetic) excuse. I was in London for the majority of the my time, and in what I had left for writing, I decided that one more part wouldn’t cut it for the “memlocs” section. Expect to see part 2 of a total 3 or 4 tomorrow!

To at least write something, I’ll answer a few of the comment questions. Anyone not interested in what the comments have said, feel free to tune out now and return for the article on Friday.

First of all, a myriad of thanks to those who’ve left supporting comments, and I’ll even spare a couple for those who’ve don’t think this was particularly useful. Criticism is always useful; as long as one can extract the barbs it often comes with. I didn’t expect a lot of interest when I started writing these, but I’m glad that people found them interesting.

Regarding personal questions, I don’t normally like to talk about myself as I prefer to let my work speak for me. Nonetheless, for Kyle, no – I’m not a teacher nor have I ever formally taught. At the moment, I’m a mature student (over 21) majoring in Mathematics with a minor in Computer Science.

As for those wondering about a donations link, don’t expect to see one on my site anytime soon (I cannot and do not speak for the rest of the developers). I’m fortunate to be blessed with a comfortable life, and I do this purely because I find it interesting. On the remote chance that something here really provokes the need for a fiscal contribution, there are many good charities and groups that I’d much rather see the money go to. I’ll value anything given to them (or other good causes) much the more than any money you could ever give me. Oh, and if you do donate because of something I’ve done, please send me an e-mail that we might share the warm fuzzy feeling.

Now, the meaty technical questions and advice regarding memlocs. I should first say that I’m not overly involved in finding the function and object addresses at the moment – Hazridi has shouldered the bulk of this work, and he’s had a much harder job than I have by an order of magnitude.

To Joseph Bruno, we have used a pattern matching technique in the past to help locate functions changed by only address additions (and other minor alterations). At one point, someone (alas, I can’t remember who) wrote a tool that would find all the functions for us. But, as you say, this sort of device is vulnerable to failure when significant changes are made, or when the compiler is updated. The best of my memory says we’ve lived through two compiler updates so far - VC6 to VC7, and VC7 to VC7.1 We might have also suffered an optimisation flag change (which is just as damaging), I’m sure one of the other developers will remember far better than I. The idea is certainly sound, and I’m Decal will use it again when the client is stable.

To Miss Stepahnie, it’s an intriguing idea, but I’ve yet to find any decompiler that will produce anything useful from compiled C++. We have no debug symbols and compiler optimisations are used aggressively in the client, both contributing to a soup of code that, whilst in theory is reversible, would produce C that wouldn’t be much more better than assembly itself. The one to many instruction mapping you get with 3g to 1g alone would be a big issue (we’d have to go back to the assembly to know exactly where, and in what state we want to perform the call). However, I love being proven wrong so if you know of one, I’m sure we’ll gladly look at it!