Search Results

Search found 89 results on 4 pages for 'jmp'.

Page 3/4 | < Previous Page | 1 2 3 4  | Next Page >

  • Modifying an old Windows program not to call exit after a keypress without source access

    - by rustyn2
    I have an older C++ Windows program that I've been asked to get run in a kiosk style environment for a student project. From the main menu, hitting ESC will exit the program, which is undesirable. In ye olden days I would have trapped the keyboard interrupt or whatever and dug around to NOOP whatever JMP or CALL was getting referenced in the case statement that likely decides all that, but on Windows everything goes through various registered event handlers, and I haven't done any windows internals work in about 10 years. Is there a good tool to breakpoint a program on certain WM_EVENT (WM_KEYDOWN being a prime target) messages or similar, so that I can narrow down where in the executable the check is made? I'm currently stepping back from various potential system calls made before the various thread cleanups and final exit calls but it seems like there has to be a better way to do this that I'm forgetting.

    Read the article

  • What does subl do here?

    - by drozzy
    So... I'm compiling into assembler, with gcc -S -O2 -m32: void h(int y){int x; x=y+1; f(y); f(2); } And it gives me the following: .file "sample.c" .text .p2align 4,,15 .globl h .type h, @function h: pushl %ebp movl %esp, %ebp subl $24, %esp movl 8(%ebp), %eax movl %eax, (%esp) call f movl $2, 8(%ebp) leave jmp f .size h, .-h .ident "GCC: (GNU) 4.4.3 20100127 (Red Hat 4.4.3-4)" .section .note.GNU-stack,"",@progbits Now I know what pushl and movel: they store the current frame pointer onto the stack and then set the value of the frame pointer register to the value of the Stack Pointer. But I have no idea what the subl $24, %esp is. Thanks!

    Read the article

  • x86 Assembly Question about outputting

    - by jdea
    My code looks like this _declspec(naked) void f(unsigned int input,unsigned int *output) { __asm{ push dword ptr[esp+4] call factorial pop ecx mov [output], eax //copy result ret } } __declspec(naked) unsigned int factorial(unsigned int n) { __asm{ push esi mov esi, dword ptr [esp+8] cmp esi, 1 jg RECURSE mov eax, 1 jmp END RECURSE: dec esi push esi call factorial pop esi inc esi mul esi END: pop esi ret } } Its a factorial function and I'm trying to output the answer after it recursively calculates the number that was passed in But what I get returned as an output is the same large number I keep getting Not sure about what is wrong with my output, by I also see this error CXX0030: Error: expression cannot be evaluated Thanks!

    Read the article

  • C2244 when trying to call the pow function from inline assembly

    - by schrödingers cat
    I would like to call the pow function from inline assembly. The problem is i'm getting error C2244: 'pow' : unable to match function definition to an existing declaration. I'm new to assembly so this may be a trivial question but how do i resolve this? I guess it has something to do with the compiler not beeing able to properly resolve the overload of pow. The following code fragment is causing the error: do_POW: // push first argument to the stack sub esp, size value_type fld qword ptr [ecx] fstp qword ptr [esp] // push second argument to the stack sub esp, size value_type fld qword ptr [ecx - size value_type] fstp qword ptr [esp]and pop fpu stack // call the pow function call pow sub ecx, size value_type fstp qword ptr [ecx] add esp, 2 * size value_type jmp loop_start

    Read the article

  • Does MATLAB perform tail call optimization?

    - by Shea Levy
    I've recently learned Haskell, and am trying to carry the pure functional style over to my other code when possible. An important aspect of this is treating all variables as immutable, i.e. constants. In order to do so, many computations that would be implemented using loops in an imperative style have to be performed using recursion, which typically incurs a memory penalty due to the allocation a new stack frame for each function call. In the special case of a tail call (where the return value of a called function is immediately returned to the callee's caller), however, this penalty can be bypassed by a process called tail call optimization (in one method, this can be done by essentially replacing a call with a jmp after setting up the stack properly). Does MATLAB perform TCO by default, or is there a way to tell it to?

    Read the article

  • Problem with asm program (nasm)

    - by GLeBaTi
    org 0x100 SEGMENT .CODE mov ah,0x9 mov dx, Msg1 int 0x21 ;string input mov ah,0xA mov dx,buff int 0x21 mov ax,0 mov al,[buff+1]; length ;string UPPERCASE mov cl, al mov si, buff cld loop1: lodsb; cmp al, 'a' jnb upper loop loop1 ;output mov ah,0x9 mov dx, buff int 0x21 exit: mov ah, 0x8 int 0x21 int 0x20 upper: sub al,32 jmp loop1 SEGMENT .DATA Msg1 db 'Press string: $' buff db 254,0 this code perform poorly. I think that problem in "jnb upper". This program make small symbols into big symbols.

    Read the article

  • Running out of label names in assembly

    - by mamidon
    Heyo, My class at college has us writing programs in assembly. I have never truly appreciated the ease of C until now. Now, when I program in assembly, I often have to make while/for/if loops and conditionals with labels eg: SKIP: ... COMP:ADD R1, R1, #0 ;Check for equality BRZ WHILEEND ... ;code inside the while loop JMP COMP ;Return to while loop WHILEEND: ... So, in this while loop (example) I have used 1 label for the subroutine and 2 more for the loop itself. I've run out of good label names for all the loops and branches I'm doing in assembly, what do you guys do to keep it varied and descriptive?

    Read the article

  • easy asm program(nasm)

    - by GLeBaTi
    org 0x100 SEGMENT .CODE mov ah,0x9 mov dx, Msg1 int 0x21 ;string input mov ah,0xA mov dx,buff int 0x21 mov ax,0 mov al,[buff+1]; length ;string UPPERCASE mov cl, al mov si, buff cld loop1: lodsb; cmp al, 'a' jnb upper loop loop1 ;output mov ah,0x9 mov dx, buff int 0x21 exit: mov ah, 0x8 int 0x21 int 0x20 upper: sub al,32 jmp loop1 SEGMENT .DATA Msg1 db 'Press string: $' buff db 254,0 this code perform poorly. I think that problem in "jnb upper". This program make small symbols into big symbols.

    Read the article

  • Interrupt On GAS

    - by Nathan Campos
    I'm trying to convert my simple program from Intel syntax to the AT&T(to compile it with GAS). I've successfully converted a big part of my application, but I'm still getting an error with the int(the interrupts). My function is like this: printf: mov $0x0e, %ah mov $0x07, %bl nextchar: lodsb or %al, %al jz return int 10 jmp nextchar return: ret msg db "Welcome To Track!", 0Ah But when I compile it, I got this: hello.S: Assembler messages: hello.S:13: Error: operand size mismatch for int' hello.S:19: Error: no such instruction:msg db "Hello, World!",0Ah' What I need to do?

    Read the article

  • Why only the constant expression can be used as case expression in Switch statement?

    - by sinec
    Hi, what is bothering me is that I can't found an info regarding the question from the title. I found that assembly form the Switch-case statement is compiled into bunch of (MS VC 2008 compiler) cmp and je calls: 0041250C mov eax,dword ptr [i] 0041250F mov dword ptr [ebp-100h],eax 00412515 cmp dword ptr [ebp-100h],1 0041251C je wmain+52h (412532h) 0041251E cmp dword ptr [ebp-100h],2 00412525 je wmain+5Bh (41253Bh) 00412527 cmp dword ptr [ebp-100h],3 0041252E je wmain+64h (412544h) 00412530 jmp wmain+6Bh (41254Bh) where for above code will in case that if condition (i) is equal to 2, jump to address 41253Bh and do execution form there (at 41253Bh starts the code for 'case 2:' block) What I don't understand is why in case that,for instance, function is used as 'case expression', why first function couldn't be evaluated and then its result compared with the condition? Am I missing something? Thank you in advance

    Read the article

  • Deeper function profiling/emulation

    - by Syntax_Error
    Hello everyone Merry Christmas I need an advice I have the following code: int main() { int k=5000000; int p; int sum=0; for (p=0;p<k;p++) { sum+=p; } return 0; } When I assemble it I get main: pushl %ebp movl %esp, %ebp subl $16, %esp movl $5000000, -4(%ebp) movl $0, -12(%ebp) movl $0, -8(%ebp) jmp .L2 .L3: movl -8(%ebp), %eax addl %eax, -12(%ebp) addl $1, -8(%ebp) .L2: movl -8(%ebp), %eax cmpl -4(%ebp), %eax jl .L3 movl $0, %eax leave ret If I run it through gprof I get that main executed the most, which is quite obvious! Yet I want to go a step further and be able to know if L2, or L3 executed the most. here it is obvious that L3 executed the most. yet is there some kind of profiler, emulator that can give me that data for an entire code?

    Read the article

  • Is there kind of runtime C++ assembler library around?

    - by Anton
    Hi guys! For my small hobby project I need to emit machine code from C++ program in runtime. I have base address 0xDEADBEEF and want to write something like this: Assembler a((void*)0xDEADBEEF); a.Emit() << Push(Reg::Eax) << Push(Reg::Ebx) << Jmp(0xFEFEFEFE); Inline assembler isn't my choice because generated machine code is dependent of the program state. Does anybody know any existing library for doing this? If no, would it be a good idea to develop one from scratch and make it open source? (I mean, will anybody ever use this library if it existed?)

    Read the article

  • Getting Started with NASM

    - by MarkPearl
    Today I got to play with NASM. This is an assembler and disassembler that can be used to write 16-bit, 32-bit & 64-bit programs. Let me say upfront that the last time I looked at assembly code at any depth was when I was studying Computer Science in Pietermaritzburg – ten years ago – and we never ever got to touch any real assembly code so a lot of what I am looking at today is very new to me. The first thing I did was download NASM compiler. This turned out to be a bit more complicated than I thought. Originally I went to http://www.nasm.us/ and downloaded the nasm-2.09.04.zip file which I thought had all I needed. No luck! It seemed to just have the uncompiled code, and from what I could tell I would need to recompile and build it – possibly in c++? Well, I wasn’t going to waste my time with that, so a bit more searching and I found the Win32 (http://www.nasm.us/pub/nasm/releasebuilds/2.09.04/win32/) folder Nasm.exe which I downloaded. Choosing an IDE So, I have NASM compiler but to compile anything you need to pass a string of special characters in the command prompt. That’s fine if I was going to just do one program once every couple of years, but since I am aiming to do quite a bit more exploration of NASM I began searching for an IDE. There were a few options, even apparently Visual Studio with a bit of tweeking could do the job, but from past experience I wanted to avoid the VS route as it can sometimes get confusing. I eventually settled on TextPad which I had used a few years ago for a similar project and it had been simple enough yet powerful enough to do the job. A bit of searching and I found a syntax file for NASM and everything seemed hunky dory. Configuring TextPad to run the NASM Compiler Next was to get TextPad to run the NASM compiler. TextPad has this external tools option that allows one to configure special commands. To simplify the process I first created a bat file in the NASM directory that allowed me to simply compile asm files. The bat file was called as.bat and had just one line of code… nasm -f bin %1.asm -o %1.com -l %1.lst Once I had created as.bat I just needed to go into TextPad and create a tool. I have made a quick video of that just showing you where the various settings are which is viewable below. The 64Bit Problem So I now have an ‘IDE’ linked to my NASM compiler so everything should be fine right? No! Whenever I tried to compile an asm program it compiles fine, but when I try and run it I get an error – “This version of the file is not compatible with the version Windows you’re running. Check your computer’s system information to see whether you need an x86 (32-bit) or x64 (64-bit) version of the program, and then contact the software publisher." Well.. it turns out there are a few complications with having a 64 bit OS! So after searching google and coming to any real solution that I could find other than perhaps attempting to build the code for nasm, I eventually resorted to running a VM with Windows XP on it and putting NASM there… My first hello world program So I attempt my first hello world program as per an example I found… the code was quite simple and is shown below… bits16 org 0x100 jmp main message: db 'Hello World',0ah,0dh,'$' main: mov dx,message mov ah,09 int 21h int 20h Running the build tool from TextPad and everything compiles fine and I now have a console app with helllo world shown. Conclusion It’s very early days with NASM. I have been spoilt with Visual Studio and high order languages so I assume it will be a painful ride getting into the basics of assembly programming but I am hoping that at the end of it, I will at least have a bit more exposure to a language closer to the metal.

    Read the article

  • Manually setting breakpoints in WinDBG

    - by chris
    I am trying to examine the assembly for an executable using WinDBG, but I am having a hard time getting to it. I want to set a breakpoint at the first instruction in my program, but when I try to do that manually (using the address of the module), WinDBG tells me that it is "unable to insert breakpoint" at that location due to an "Invalid access to memory location." I notice that when I create a breakpoint through the source code GUI, the address is not the same as the first part of my module (In my example: "Win32FileOpen", a simple program I wrote.) Is there a header of some sort that requires adding an offset to the address of my module? In another question, I saw the suggestion: "I would attempt to calculate the breakpoint address as: Module start + code start + code offset" but was unsure where to obtain those values. Can somebody please elaborate on this? The reason I don't just use the source GUI is that I want to be able to do this with a program that I may not have the source/symbols for. If there is an easier way to immediately start working with the executable I open, please let me know. (e.g. Opening an .exe Olly immediately shows me the assembly for that .exe, searching for referenced strings gives me results from that module, etc. WinDBG seems to start me off in ntdll.dll, which is not usually useful for me.) 0:000> lm start end module name 00000000`00130000 00000000`0014b000 Win32FileOpen C (private pdb symbols) C:\cfinley\code\Win32FileOpen\Debug\Win32FileOpen.pdb 00000000`73bd0000 00000000`73c2c000 wow64win (deferred) 00000000`73c30000 00000000`73c6f000 wow64 (deferred) 00000000`74fe0000 00000000`74fe8000 wow64cpu (deferred) 00000000`77750000 00000000`778f9000 ntdll (pdb symbols) c:\symbols\mssymbols\ntdll.pdb\15EB43E23B12409C84E3CC7635BAF5A32\ntdll.pdb 00000000`77930000 00000000`77ab0000 ntdll32 (deferred) 0:000> bu 00000000`00130000 0:000> bl 0 e x86 00000000`001413a0 0001 (0001) 0:**** Win32FileOpen!main <-- One that is generated via GUI 1 e x86 00000000`00130000 0001 (0001) 0:**** Win32FileOpen!__ImageBase <-- One I tried to set manually 0:000> g Unable to insert breakpoint 1 at 00000000`00130000, Win32 error 0n998 "Invalid access to memory location." bp1 at 00000000`00130000 failed WaitForEvent failed ntdll!LdrpDoDebuggerBreak+0x31: 00000000`777fcb61 eb00 jmp ntdll!LdrpDoDebuggerBreak+0x33 (00000000`777fcb63)

    Read the article

  • What is Causing This Memory Leak in Delphi?

    - by lkessler
    I just can't figure out this memory leak that EurekaLog is reporting for my program. I'm using Delphi 2009. Here it is: Memory Leak: Type=Data; Total size=26; Count=1; The stack is: System.pas _UStrSetLength 17477 System.pas _UStrCat 17572 Process.pas InputGedcomFile 1145 That is all there is in the stack. EurekaLog is pointing me to the location where the memory that was not released was first allocated. According to it, the line in my program is line 1145 of InputGedcomFile. That line is: CurStruct0Key := 'HEAD' + Level0Key; where CurStruct0Key and Level0Key are simply defined in the procedure as local variables that should be dynamically handled by the Delphi memory manager when entering and leaving the procedure: var CurStruct0Key, Level0Key: string; So now I look at the _UStrCat procedure in the System Unit. Line 17572 is: CALL _UStrSetLength // Set length of Dest and I go to the _UStrSetLength procedure in the System Unit, and the relevant lines are: @@isUnicode: CMP [EAX-skew].StrRec.refCnt,1 // !!! MT safety JNE @@copyString // not unique, so copy SUB EAX,rOff // Offset EAX "S" to start of memory block ADD EDX,EDX // Double length to get size JO @@overflow ADD EDX,rOff+2 // Add string rec size JO @@overflow PUSH EAX // Put S on stack MOV EAX,ESP // to pass by reference CALL _ReallocMem POP EAX ADD EAX,rOff // Readjust MOV [EBX],EAX // Store MOV [EAX-skew].StrRec.length,ESI MOV WORD PTR [EAX+ESI*2],0 // Null terminate TEST EDI,EDI // Was a temp created? JZ @@exit PUSH EDI MOV EAX,ESP CALL _LStrClr POP EDI JMP @@exit where line 17477 is the "CALL _ReallocMem" line. So then what is the memory leak? Surely a simple concatenate of a string constant to a local string variable should not be causing a memory leak. Why is EurekaLog pointing me to the ReallocMem line in a _UStrSetLength routine that is part of Delphi? This is Delphi 2009 and I am using the new unicode strings. Any help or explanation here will be much appreciated.

    Read the article

  • Far jump in ntdll.dll's internal ZwCreateUserProcess

    - by user49164
    I'm trying to understand how the Windows API creates processes so I can create a program to determine where invalid exes fail. I have a program that calls kernel32.CreateProcessA. Following along in OllyDbg, this calls kernel32.CreateProcessInternalA, which calls kernel32.CreateProcessInternalW, which calls ntdll.ZwCreateUserProcess. This function goes: mov eax, 0xAA xor ecx, ecx lea edx, dword ptr [esp+4] call dword ptr fs:[0xC0] add esp, 4 retn 0x2C So I follow the call to fs:[0xC0], which contains a single instruction: jmp far 0x33:0x74BE271E But when I step this instruction, Olly just comes back to ntdll.ZwCreateUserProcess at the add esp, 4 right after the call (which is not at 0x74BE271E). I put a breakpoint at retn 0x2C, and I find that the new process was somehow created during the execution of add esp, 4. So I'm assuming there's some magic involved in the far jump. I tried to change the CS register to 0x33 and EIP to 0x74BE271E instead of actually executing the far jump, but that just gave me an access violation after a few instructions. What's going on here? I need to be able to delve deeper beyond the abstraction of this ZwCreateUserProcess to figure out how exactly Windows creates processes.

    Read the article

  • Intel Assembly Programming

    - by Kay
    class MyString{ char buf[100]; int len; boolean append(MyString str){ int k; if(this.len + str.len>100){ for(k=0; k<str.len; k++){ this.buf[this.len] = str.buf[k]; this.len ++; } return false; } return true; } } Does the above translate to: start: push ebp ; save calling ebp mov ebp, esp ; setup new ebp push esi ; push ebx ; mov esi, [ebp + 8] ; esi = 'this' mov ebx, [ebp + 14] ; ebx = str mov ecx, 0 ; k=0 mov edx, [esi + 200] ; edx = this.len append: cmp edx + [ebx + 200], 100 jle ret_true ; if (this.len + str.len)<= 100 then ret_true cmp ecx, edx jge ret_false ; if k >= str.len then ret_false mov [esi + edx], [ebx + 2*ecx] ; this.buf[this.len] = str.buf[k] inc edx ; this.len++ aux: inc ecx ; k++ jmp append ret_true: pop ebx ; restore ebx pop esi ; restore esi pop ebp ; restore ebp ret true ret_false: pop ebx ; restore ebx pop esi ; restore esi pop ebp ; restore ebp ret false My greatest difficulty here is figuring out what to push onto the stack and the math for pointers. NOTE: I'm not allowed to use global variables and i must assume 32-bit ints, 16-bit chars and 8-bit booleans.

    Read the article

  • Why doesn't gcc remove this check of a non-volatile variable?

    - by Thomas
    This question is mostly academic. I ask out of curiosity, not because this poses an actual problem for me. Consider the following incorrect C program. #include <signal.h> #include <stdio.h> static int running = 1; void handler(int u) { running = 0; } int main() { signal(SIGTERM, handler); while (running) ; printf("Bye!\n"); return 0; } This program is incorrect because the handler interrupts the program flow, so running can be modified at any time and should therefore be declared volatile. But let's say the programmer forgot that. gcc 4.3.3, with the -O3 flag, compiles the loop body (after one initial check of the running flag) down to the infinite loop .L7: jmp .L7 which was to be expected. Now we put something trivial inside the while loop, like: while (running) putchar('.'); And suddenly, gcc does not optimize the loop condition anymore! The loop body's assembly now looks like this (again at -O3): .L7: movq stdout(%rip), %rsi movl $46, %edi call _IO_putc movl running(%rip), %eax testl %eax, %eax jne .L7 We see that running is re-loaded from memory each time through the loop; it is not even cached in a register. Apparently gcc now thinks that the value of running could have changed. So why does gcc suddenly decide that it needs to re-check the value of running in this case?

    Read the article

  • How can I know what this does?

    - by Dabor Troppe
    I got this piece of Assembly code extracted from some piece of software, but unfortunately I don't know anything of assembler and the bits I touched of Assembler was back in the Commodore Amiga with the 68000. Can anybody guide me on how I could understand this code without me needing to learn assembler from scratch, or just tell me what it does? Is there any kind of "Simulator" out there that I can run this on to see what it does? -[ObjSample Param1:andParam2:]: 00000c79 pushl %ebp 00000c7a movl %esp,%ebp 00000c7c subl $0x48,%esp 00000c7f movl %ebx,0xf4(%ebp) 00000c82 movl %esi,0xf8(%ebp) 00000c85 movl %edi,0xfc(%ebp) 00000c88 calll 0x00000c8d 00000c8d popl %ebx 00000c8e cmpb $-[ObjSample delegate],_bDoOnce.26952-0xc8d(%ebx) 00000c95 jel 0x00000d47 00000c9b movb $-[ObjSample delegate],_bDoOnce.26952-0xc8d(%ebx) 00000ca2 movl 0x7dc0-0xc8d(%ebx),%eax 00000ca8 movl %eax,0x04(%esp) 00000cac movl 0x7df4-0xc8d(%ebx),%eax 00000cb2 movl %eax,(%esp) 00000cb5 calll _objc_msgSend 00000cba movl 0x7dbc-0xc8d(%ebx),%edx 00000cc0 movl %edx,0x04(%esp) 00000cc4 movl %eax,(%esp) 00000cc7 calll _objc_msgSend 00000ccc movl %eax,0xe4(%ebp) 00000ccf movl 0x7db8-0xc8d(%ebx),%eax 00000cd5 movl %eax,0x04(%esp) 00000cd9 movl 0xe4(%ebp),%eax 00000cdc movl %eax,(%esp) 00000cdf calll _objc_msgSend 00000ce4 leal (%eax,%eax),%edi 00000ce7 movl %edi,(%esp) 00000cea calll _malloc 00000cef movl %eax,%esi 00000cf1 movl %edi,0x08(%esp) 00000cf5 movl $-[ObjSample delegate],0x04(%esp) 00000cfd movl %eax,(%esp) 00000d00 calll _memset 00000d05 movl $0x00000004,0x10(%esp) 00000d0d movl %edi,0x0c(%esp) 00000d11 movl %esi,0x08(%esp) 00000d15 movl 0x7db4-0xc8d(%ebx),%eax 00000d1b movl %eax,0x04(%esp) 00000d1f movl 0xe4(%ebp),%eax 00000d22 movl %eax,(%esp) 00000d25 calll _objc_msgSend 00000d2a xorl %edx,%edx 00000d2c movl %edi,%eax 00000d2e shrl $0x03,%eax 00000d31 jmp 0x00000d34 00000d33 incl %edx 00000d34 cmpl %edx,%eax 00000d36 ja 0x00000d33 00000d38 movl %esi,(%esp) 00000d3b calll _free 00000d40 movb $0x01,_isAuthenticated-0xc8d(%ebx) 00000d47 movzbl _isAuthenticated-0xc8d(%ebx),%eax 00000d4e movl 0xf4(%ebp),%ebx 00000d51 movl 0xf8(%ebp),%esi 00000d54 movl 0xfc(%ebp),%edi 00000d57 leave 00000d58 ret

    Read the article

  • OpenGL Calls Lock/Freeze

    - by Necrolis
    I am using some dell workstations(running WinXP Pro SP 2 & DeepFreeze) for development, but something was recenlty loaded onto these machines that prevents any opengl call(the call locks) from completing(and I know the code works as I have tested it on 'clean' machines, I also tested with simple opengl apps generated by dev-cpp, which will also lock on the dell machines). I have tried to debug my own apps to see where exactly the gl calls freeze, but there is some global system hook on ZwQueryInformationProcess that messes up calls to ZwQueryInformationThread(used by ExitThread), preventing me from debugging at all(it causes the debugger, OllyDBG, to go into an access violation reporting loop or the program to crash if the exception is passed along). the hook: ntdll.ZwQueryInformationProcess 7C90D7E0 B8 9A000000 MOV EAX,9A 7C90D7E5 BA 0003FE7F MOV EDX,7FFE0300 7C90D7EA FF12 CALL DWORD PTR DS:[EDX] 7C90D7EC - E9 0F28448D JMP 09D50000 7C90D7F1 9B WAIT 7C90D7F2 0000 ADD BYTE PTR DS:[EAX],AL 7C90D7F4 00BA 0003FE7F ADD BYTE PTR DS:[EDX+7FFE0300],BH 7C90D7FA FF12 CALL DWORD PTR DS:[EDX] 7C90D7FC C2 1400 RETN 14 7C90D7FF 90 NOP ntdll.ZwQueryInformationToken 7C90D800 B8 9C000000 MOV EAX,9C the messed up function + call: ntdll.ZwQueryInformationThread 7C90D7F0 8D9B 000000BA LEA EBX,DWORD PTR DS:[EBX+BA000000] 7C90D7F6 0003 ADD BYTE PTR DS:[EBX],AL 7C90D7F8 FE ??? ; Unknown command 7C90D7F9 7F FF JG SHORT ntdll.7C90D7FA 7C90D7FB 12C2 ADC AL,DL 7C90D7FD 14 00 ADC AL,0 7C90D7FF 90 NOP ntdll.ZwQueryInformationToken 7C90D800 B8 9C000000 MOV EAX,9C So firstly, anyone know what if anything would lead to OpenGL calls cause an infinite lock,and if there are any ways around it? and what would be creating such a hook in kernal memory ? Update: After some more fiddling, I have discovered a few more kernal hooks, a lot of them are used to nullify data returned by system information calls(such as the remote debugging port), I also managed to find out the what ever is doing this is using madchook.dll(by madshi) to do this, this dll is also injected into every running process(these seem to be some anti debugging code). Also, on the OpenGL side, it seems Direct X is fine/unaffected(I ran one of the DX 9 demo's without problems), so could one of these kernal hooks somehow affect OpenGL?

    Read the article

  • Minimal assembler program for CP/M 3.1 (z80)

    - by Andrew J. Brehm
    I seem to be losing the battle against my stupidity. This site explains the system calls under various versions of CP/M. However, when I try to use call 2 (C_WRITE, console output), nothing much happens. I have the following code. ORG 100h LD E,'a' LD C,2 CALL 5 CALL 0 I recite this here from memory. If there are typos, rest assured they were not in the original since the file did compile and I had a COM file to start. I am thinking the lines mean the following: Make sure this gets loaded at address 100h (0h to FFh being the zero page). Load ASCII 'a' into E register for system call 2. Load integer 2 into C register for system call 2. Make system call (JMP to system call is at address 5 in zero page). End program (Exit command is at address 0 in zero page). The program starts and exits with no problems. If I remove the last command, it hangs the computer (which I guess is also expected and shows that CALL 0 works). However, it does not print the ASCII character. (But it does print an extra new line, but the system might have done that.) How can I get my CP/M program to do what the system call is supposed to do? What am I doing wrong?

    Read the article

  • NASM - Load code from USB Drive

    - by new123456
    Hola, Would any assembly gurus know the argument (register dl) that signifies the first USB drive? I'm working through a couple of NASM tutorials, and would like to get a physical boot (I can get a clean one with qemu). This is the section of code that loads the "kernel" data from disk: loadkernel: mov si, LMSG ;; 'Loading kernel',13,10,0 call prints ;; ex puts() mov dl, 0x00 ;; The disk to load from mov ah, 0x02 ;; Read operation mov al, 0x01 ;; Sectors to read mov ch, 0x00 ;; Track mov cl, 0x02 ;; Sector mov dh, 0x00 ;; Head mov bx, 0x2000 ;; Buffer end mov es, bx mov bx, 0x0000 ;; Buffer start int 0x13 jc loadkernel mov ax, 0x2000 mov ds, ax jmp 0x2000:0x00 If it makes any difference, I'm running a stock Dell Inspiron 15 BIOS. Apparently, the correct value for me is 0x80. The BIOS loads the hard drives and labels them starting at 0x80 according to this answer. My particular BIOS decides to load the USB drive up as the first, for some reason, so I can boot from there.

    Read the article

  • Questions regarding detouring by modifying the virtual table

    - by Elliott Darfink
    I've been practicing detours using the same approach as Microsoft Detours (replace the first five bytes with a jmp and an address). More recently I've been reading about detouring by modifying the virtual table. I would appreciate if someone could shed some light on the subject by mentioning a few pros and cons with this method compared to the one previously mentioned! I'd also like to ask about patched vtables and objects on the stack. Consider the following situation: // Class definition struct Foo { virtual void Call(void) { std::cout << "FooCall\n"; } }; // If it's GCC, 'this' is passed as the first parameter void MyCall(Foo * object) { std::cout << "MyCall\n"; } // In some function Foo * foo = new Foo; // Allocated on the heap Foo foo2; // Created on the stack // Arguments: void ** vtable, uint offset, void * replacement PatchVTable(*reinterpret_cast<void***>(foo), 0, MyCall); // Call the methods foo->Call(); // Outputs: 'MyCall' foo2.Call(); // Outputs: 'FooCall' In this case foo->Call() would end up calling MyCall(Foo * object) whilst foo2.Call() call the original function (i.e Foo::Call(void) method). This is because the compiler will try to decide any virtual calls during compile time if possible (correct me if I'm wrong). Does that mean it does not matter if you patch the virtual table or not, as long as you use objects on the stack (not heap allocated)?

    Read the article

  • PC boot: dl register and drive number

    - by kikou
    I read somewhere in the internet that, before jumping to 0x7c00, the BIOS loads into %dl the "drive number" of the booted device. But what is this "drive number"? Each device attached to the computer is assigned a number by the BIOS? If so, how can I know which number is a given device assigned to? Reading GRUB's source code I found when %dl has bits 0x80 and 0x70 set, it overwrites the whole register with 0x80. Why is that? Here is the code: jmp 3f /* grub-setup may overwrite this jump */ testb $0x80, %dl jz 2f 3: /* Ignore %dl different from 0-0x0f and 0x80-0x8f. */ testb $0x70, %dl jz 1f 2: movb $0x80, %dl 1: By the way. Is there any detailed resource on the boot process of PC's in the web? Specially about what the BIOS does before giving the control to the bootloader and also the standard codes used to communicate with it (like that "drive numer"). I was hoping to write my own bootloader and everything I found is a bit too vague, not technical enough to the point of informing of the exact state of the computer when my bootloader starts to run.

    Read the article

  • Sparc Assembly Call currupts data

    - by Sigge
    I am at the moment working with some assembler code for the Sparc processor family, and i am having some truble with a piece of code.. I think the code and output explains more, but in the short.. When i do a call to the function println my varaibels that i have written to the %fp - 8 memory location is destoryed.. here is my assembler code that i am trying to run !PROCEDURE main .section ".text" .global main .align 4 main: save %sp, -96, %sp L1: set 96, %l0 mov %l0, %o0 call initObject ; nop mov %o0, %l0 mov %l0, %o0 call Test$go ; nop mov %o0, %l0 mov %l0, %o0 call println ; nop L0: ret restore !END main !PROCEDURE Test$go .section ".text" .global Test$go .align 4 Test$go: save %sp, -96, %sp L3: mov %i0, %l0 set 0, %l0 set -8, %l1 add %fp,%l1, %l1 st %l0, [%l1] set 1, %l0 mov %l0, %o0 call println ; nop set -8, %l0 add %fp,%l0, %l0 ld [%l0], %l0 mov %l0, %o0 call println ; nop set 1, %l0 mov %l0, %i0 L2: ret restore !END Test$go Here is the assembler code for the println code .global println .type println,#function println: save %sp,-96,%sp ! block 1 .L193: ! File runtime.c: ! 42 } ! 43 ! 45 /** ! 46 Prints an integer to the standard output stream. ! 47 ! 48 @param i The integer to be printed. ! 49 */ ! 50 void println(int i) { ! 51 printf("%d\n", i); sethi %hi(.L195),%o0 or %o0,%lo(.L195),%o0 call printf mov %i0,%o1 jmp %i7+8 restore This is the out put i get when i run this piece of assembler code 1 67584 1 As u can see, the data that is located at %fp - 8 has been destroyed.. please all feedback is apritiated

    Read the article

< Previous Page | 1 2 3 4  | Next Page >