diff --git a/CodeVirtualizer/Jit.cpp b/CodeVirtualizer/Jit.cpp index 52c325d..a3c09c8 100644 --- a/CodeVirtualizer/Jit.cpp +++ b/CodeVirtualizer/Jit.cpp @@ -263,7 +263,7 @@ PNATIVE_CODE_BLOCK JitEmitPostRipMov(PNATIVE_CODE_LINK Link, INT32 Delta) return Block; } -BOOL JitiEmitWrapperD(ULONG OpType, PNATIVE_CODE_BLOCK Block, INT32 RipDelta, ULONG Value) +INLINE BOOL JitiEmitWrapperD(ULONG OpType, PNATIVE_CODE_BLOCK Block, INT32 RipDelta, ULONG Value) { switch (OpType) { @@ -272,7 +272,7 @@ BOOL JitiEmitWrapperD(ULONG OpType, PNATIVE_CODE_BLOCK Block, INT32 RipDelta, UL case JIT_BITWISE_OR: return JitEmitRipRelativeOrD(Block, RipDelta, Value); } } -BOOL JitiEmitWrapperW(ULONG OpType, PNATIVE_CODE_BLOCK Block, INT32 RipDelta, ULONG Value) +INLINE BOOL JitiEmitWrapperW(ULONG OpType, PNATIVE_CODE_BLOCK Block, INT32 RipDelta, ULONG Value) { switch (OpType) { @@ -281,7 +281,7 @@ BOOL JitiEmitWrapperW(ULONG OpType, PNATIVE_CODE_BLOCK Block, INT32 RipDelta, UL case JIT_BITWISE_OR: return JitEmitRipRelativeOrW(Block, RipDelta, Value); } } -BOOL JitiEmitWrapperB(ULONG OpType, PNATIVE_CODE_BLOCK Block, INT32 RipDelta, ULONG Value) +INLINE BOOL JitiEmitWrapperB(ULONG OpType, PNATIVE_CODE_BLOCK Block, INT32 RipDelta, ULONG Value) { switch (OpType) { diff --git a/CodeVirtualizer/Main.cpp b/CodeVirtualizer/Main.cpp index 311263f..0c6ec1c 100644 --- a/CodeVirtualizer/Main.cpp +++ b/CodeVirtualizer/Main.cpp @@ -9,6 +9,15 @@ #include "OpaqueBranching.h" #include "Jit.h" + +PVOID MakeExecutableBuffer(PVOID Buffer, ULONG BufferSize) +{ + PVOID ExecBuffer = VirtualAlloc(nullptr, BufferSize, MEM_COMMIT, PAGE_EXECUTE_READWRITE); + if (!ExecBuffer) + return NULL; + RtlCopyMemory(ExecBuffer, Buffer, BufferSize); +} + UCHAR TestBuffer[] = { 0x48, 0x33, 0xC0, 0x48, 0x33, 0xC0, @@ -28,21 +37,44 @@ UCHAR TestBuffer[] = { }; ULONG TestBufferSize = sizeof(TestBuffer); +UCHAR meme1[] = { 0x31, 0xc0 }; + int main() { XedTablesInit(); - /*srand(time(NULL)); + srand(time(NULL)); + NATIVE_CODE_BLOCK Block; NcDisassemble(&Block, TestBuffer, TestBufferSize); - PNATIVE_CODE_BLOCK OpaqueBranch = ObfGenOpaqueBranch(Block.Start, Block.End); - NcDebugPrint(OpaqueBranch); - system("pause");*/ + PNATIVE_CODE_LINK NewLink = new NATIVE_CODE_LINK(CODE_FLAG_IS_INST, meme1, sizeof(meme1)); + + NcInsertLinkBefore(Block.End->Prev->Prev->Prev->Prev, NewLink); + + + ULONG AssembledSize; + PVOID AssembledBlock = NcAssemble(&Block, &AssembledSize); + if (!AssembledBlock || !AssembledSize) + { + printf("Something failed nicka.\n"); + system("pause"); + return -1; + } + PUCHAR Tb = (PUCHAR)AssembledBlock; + for (uint32_t i = 0; i < AssembledSize; i++) + { + std::cout << std::hex << std::setw(2) << std::setfill('0') << (int)Tb[i] << ' '; + } + //PNATIVE_CODE_BLOCK OpaqueBranch = ObfGenOpaqueBranch(Block.Start, Block.End); + //NcDebugPrint(OpaqueBranch); + system("pause"); - NATIVE_CODE_LINK T; + + + /*NATIVE_CODE_LINK T; T.RawDataSize = 10; T.RawData = new UCHAR[10]; memset(T.RawData, 0xAA, 10); @@ -56,6 +88,6 @@ int main() printf("\n"); NcPrintBlockCode(NewBlock); } - system("pause"); + system("pause");*/ } \ No newline at end of file diff --git a/CodeVirtualizer/NativeCode.cpp b/CodeVirtualizer/NativeCode.cpp index 6c2a787..c585f9c 100644 --- a/CodeVirtualizer/NativeCode.cpp +++ b/CodeVirtualizer/NativeCode.cpp @@ -27,7 +27,7 @@ _NATIVE_CODE_LINK::_NATIVE_CODE_LINK(ULONG F, PVOID Rd, ULONG Rds) RawDataSize = Rds; RawData = new UCHAR[Rds]; if (Rd) - memcpy(RawData, Rd, Rds); + RtlCopyMemory(RawData, Rd, Rds); } _NATIVE_CODE_LINK::~_NATIVE_CODE_LINK() @@ -343,6 +343,122 @@ PNATIVE_CODE_BLOCK NcDeepCopyBlock(PNATIVE_CODE_BLOCK Block) return NcDeepCopyPartialBlock(Block->Start, Block->End); } +BOOL NcGetDeltaToLabel(PNATIVE_CODE_LINK Link, PINT32 DeltaOut) +{ + INT32 Delta = 0; + //First checking backwards because I feel like thats the direction most jmps are in + for (PNATIVE_CODE_LINK T = Link; T; T = T->Prev) + { + if (T->Flags & CODE_FLAG_IS_LABEL) + { + if (T->Label == Link->Label) + { + *DeltaOut = Delta; + return TRUE; + } + continue; + } + Delta -= T->RawDataSize; + } + + //Now check forwards + Delta = 0; + for (PNATIVE_CODE_LINK T = Link->Next; T; T = T->Next) + { + if (T->Flags & CODE_FLAG_IS_LABEL) + { + if (T->Label == Link->Label) + { + *DeltaOut = Delta; + return TRUE; + } + continue; + } + Delta += T->RawDataSize; + } + return FALSE; +} + +BOOL NcFixRelJmps(PNATIVE_CODE_BLOCK Block) +{ + for (PNATIVE_CODE_LINK T = Block->Start; T != Block->End->Next;) + { + if (T->Flags & CODE_FLAG_IS_REL_JMP) + { + INT32 BranchDisp = 0; + if (!NcGetDeltaToLabel(T, &BranchDisp)) + return FALSE; + + ULONG DispWidth = XedDecodedInstGetBranchDisplacementWidthBits(&T->XedInstruction); + if (log2(abs(BranchDisp)) + 1 > DispWidth) + { + //duh oh + if (DispWidth == 32) + return FALSE; + + //Grow displacement width to required size + DispWidth *= 2; + + //Check again + if (log2(abs(BranchDisp)) + 1 > DispWidth) + { + if (DispWidth == 32) + return FALSE; + + //Grow once more if not already at 32 + DispWidth *= 2; + } + + //Encode new instruction + XED_STATE MachineState; + MachineState.mmode = XED_MACHINE_MODE_LONG_64; + MachineState.stack_addr_width = XED_ADDRESS_WIDTH_64b; + XED_ENCODER_INSTRUCTION EncoderInstruction; + XED_ENCODER_REQUEST EncoderRequest; + UCHAR EncodeBuffer[15]; + UINT ReturnedSize; + XED_ICLASS_ENUM IClass = XedDecodedInstGetIClass(&T->XedInstruction); + + //Do the encoding + XedInst1(&EncoderInstruction, MachineState, IClass, DispWidth, XedRelBr(0, DispWidth)); + XedEncoderRequestZeroSetMode(&EncoderRequest, &MachineState); + if (!XedConvertToEncoderRequest(&EncoderRequest, &EncoderInstruction)) + return FALSE; + if (XED_ERROR_NONE != XedEncode(&EncoderRequest, EncodeBuffer, 15, &ReturnedSize)) + return FALSE; + + //fixup T->RawData + delete[] T->RawData; + T->RawDataSize = ReturnedSize; + T->RawData = new UCHAR[ReturnedSize]; + RtlCopyMemory(T->RawData, EncodeBuffer, ReturnedSize); + + //Decode instruction so its proper and all that + XedDecodedInstZeroSetMode(&T->XedInstruction, &MachineState); + if (XED_ERROR_NONE != XedDecode(&T->XedInstruction, T->RawData, T->RawDataSize)) + return FALSE; + + //Go back to the start and loop through all labels again because now this instruction is larger :)))) + T = Block->Start; + continue; + } + else + { + DispWidth = XedDecodedInstGetBranchDisplacementWidth(&T->XedInstruction); + switch (DispWidth) + { + case 1: *(PINT8)&T->RawData[T->RawDataSize - DispWidth] = (INT8)BranchDisp; break; + case 2: *(PINT16)&T->RawData[T->RawDataSize - DispWidth] = (INT16)BranchDisp; break; + case 4: *(PINT32)&T->RawData[T->RawDataSize - DispWidth] = (INT32)BranchDisp; break; + } + } + } + + T = T->Next; + } + return TRUE; +} + BOOL NcDisassemble(PNATIVE_CODE_BLOCK Block, PVOID Buffer, ULONG BufferSize) { PUCHAR Buf = (PUCHAR)Buffer; @@ -363,7 +479,7 @@ BOOL NcDisassemble(PNATIVE_CODE_BLOCK Block, PVOID Buffer, ULONG BufferSize) } Link->RawDataSize = XedDecodedInstGetLength(&Link->XedInstruction); Link->RawData = new UCHAR[Link->RawDataSize]; - memcpy(Link->RawData, (Buf + Offset), Link->RawDataSize); + RtlCopyMemory(Link->RawData, (Buf + Offset), Link->RawDataSize); NcAppendToBlock(Block, Link); @@ -375,10 +491,29 @@ BOOL NcDisassemble(PNATIVE_CODE_BLOCK Block, PVOID Buffer, ULONG BufferSize) return TRUE; } -PVOID NcAssemble(PNATIVE_CODE_BLOCK Block) +PVOID NcAssemble(PNATIVE_CODE_BLOCK Block, PULONG OutSize) { - //TODO: handle post assembly editing for Jit obfuscation types(maybe a vector of post assembly processing traits inside of NATIVE_CODE_LINK) - return NULL; + if (!NcFixRelJmps(Block)) + return NULL; + + *OutSize = NcCalcBlockSize(Block); + + PUCHAR Buffer = (PUCHAR)malloc(*OutSize); + if (!Buffer) + return NULL; + + PUCHAR BufferOffset = Buffer; + + for (PNATIVE_CODE_LINK T = Block->Start; T != Block->End->Next; T = T->Next) + { + if (T->Flags & CODE_FLAG_IS_LABEL) + continue; + + RtlCopyMemory(BufferOffset, T->RawData, T->RawDataSize); + BufferOffset += T->RawDataSize; + } + + return Buffer; } VOID NcDeleteBlock(PNATIVE_CODE_BLOCK Block) diff --git a/CodeVirtualizer/NativeCode.h b/CodeVirtualizer/NativeCode.h index c1cd807..ffdb0be 100644 --- a/CodeVirtualizer/NativeCode.h +++ b/CodeVirtualizer/NativeCode.h @@ -25,9 +25,9 @@ typedef struct _NATIVE_CODE_LINK typedef struct _NATIVE_CODE_BLOCK { - PNATIVE_CODE_LINK Start; - PNATIVE_CODE_LINK End; - STDVECTOR LabelIds; + PNATIVE_CODE_LINK Start; + PNATIVE_CODE_LINK End; + STDVECTOR LabelIds; _NATIVE_CODE_BLOCK(); }NATIVE_CODE_BLOCK, *PNATIVE_CODE_BLOCK; @@ -63,9 +63,13 @@ PNATIVE_CODE_BLOCK NcDeepCopyPartialBlock(PNATIVE_CODE_LINK Start, PNATIVE_CODE_ PNATIVE_CODE_BLOCK NcDeepCopyBlock(PNATIVE_CODE_BLOCK Block); +BOOL NcGetDeltaToLabel(PNATIVE_CODE_LINK Link, PINT32 DeltaOut); + +BOOL NcFixRelJmps(PNATIVE_CODE_BLOCK Block); + BOOL NcDisassemble(PNATIVE_CODE_BLOCK Block, PVOID Buffer, ULONG BufferSize); -PVOID NcAssemble(PNATIVE_CODE_BLOCK Block); +PVOID NcAssemble(PNATIVE_CODE_BLOCK Block, PULONG OutSize); VOID NcDeleteBlock(PNATIVE_CODE_BLOCK Block); diff --git a/CodeVirtualizer/RipMovInst.cpp b/CodeVirtualizer/RipMovInst.cpp index fbae370..09c8732 100644 --- a/CodeVirtualizer/RipMovInst.cpp +++ b/CodeVirtualizer/RipMovInst.cpp @@ -6,8 +6,7 @@ BOOL JitEmitRipRelativeMovD(PNATIVE_CODE_BLOCK Block, INT32 RipDelta, PUCHAR Dat PNATIVE_CODE_LINK Link = new NATIVE_CODE_LINK(CODE_FLAG_IS_INST | CODE_FLAG_DO_NOT_DIVIDE, RawData, sizeof(RawData)); *(PINT32)&Link->RawData[2] = RipDelta; - memcpy(&Link->RawData[6], Data, 4); - printf("%p memes\n", Link); + RtlCopyMemory(&Link->RawData[6], Data, 4); XedDecode(&Link->XedInstruction, Link->RawData, Link->RawDataSize); NcAppendToBlock(Block, Link); return TRUE; @@ -19,7 +18,7 @@ BOOL JitEmitRipRelativeMovW(PNATIVE_CODE_BLOCK Block, INT32 RipDelta, PUCHAR Dat PNATIVE_CODE_LINK Link = new NATIVE_CODE_LINK(CODE_FLAG_IS_INST | CODE_FLAG_DO_NOT_DIVIDE, RawData, sizeof(RawData)); *(PINT32)&Link->RawData[3] = RipDelta; - memcpy(&Link->RawData[7], Data, 2); + RtlCopyMemory(&Link->RawData[7], Data, 2); XedDecode(&Link->XedInstruction, Link->RawData, Link->RawDataSize); NcAppendToBlock(Block, Link); return TRUE; diff --git a/CodeVirtualizer/XedWrap.h b/CodeVirtualizer/XedWrap.h index ba9bbe5..26fdbb6 100644 --- a/CodeVirtualizer/XedWrap.h +++ b/CodeVirtualizer/XedWrap.h @@ -26,10 +26,12 @@ extern "C" #define XedDecode xed_decode #define XedDecodedInstZero xed_decoded_inst_zero +#define XedDecodedInstZeroSetMode xed_decoded_inst_zero_set_mode #define XedDecodedInstSetMode xed_decoded_inst_set_mode #define XedDecodedInstGetLength xed_decoded_inst_get_length #define XedDecodedInstGetCategory xed_decoded_inst_get_category #define XedDecodedInstGetBranchDisplacementWidth xed_decoded_inst_get_branch_displacement_width +#define XedDecodedInstGetBranchDisplacementWidthBits xed_decoded_inst_get_branch_displacement_width_bits #define XedDecodedInstGetBranchDisplacement xed_decoded_inst_get_branch_displacement #define XedDecodedInstInst xed_decoded_inst_inst #define XedDecodedInstNumOperands xed_decoded_inst_noperands diff --git a/CodeVirtualizer/x64/Debug/Assembly.lst b/CodeVirtualizer/x64/Debug/Assembly.lst index c29685f..45493cc 100644 --- a/CodeVirtualizer/x64/Debug/Assembly.lst +++ b/CodeVirtualizer/x64/Debug/Assembly.lst @@ -1,4 +1,4 @@ -Microsoft (R) Macro Assembler (x64) Version 14.27.29111.0 10/11/21 20:38:55 +Microsoft (R) Macro Assembler (x64) Version 14.27.29111.0 10/14/21 00:59:02 Assembly.asm Page 1 - 1 @@ -6,7 +6,7 @@ Assembly.asm Page 1 - 1 END - Microsoft (R) Macro Assembler (x64) Version 14.27.29111.0 10/11/21 20:38:55 + Microsoft (R) Macro Assembler (x64) Version 14.27.29111.0 10/14/21 00:59:02 Assembly.asm Symbols 2 - 1 diff --git a/CodeVirtualizer/x64/Debug/Jit.cod b/CodeVirtualizer/x64/Debug/Jit.cod index a72d1b8..aaa69e6 100644 --- a/CodeVirtualizer/x64/Debug/Jit.cod +++ b/CodeVirtualizer/x64/Debug/Jit.cod @@ -115,10 +115,15 @@ PUBLIC ?JitUpdateConFlagsLedger@@YAXPEBTxed_flag_set_s@@PEAT1@@Z ; JitUpdateConF PUBLIC ?JitDoesInstOverriteConditionFlags@@YAHPEAU_NATIVE_CODE_LINK@@@Z ; JitDoesInstOverriteConditionFlags PUBLIC ?JitAreFlagsClobberedBeforeUse@@YAHPEAU_NATIVE_CODE_LINK@@@Z ; JitAreFlagsClobberedBeforeUse PUBLIC ?JitMutateInstForXor@@YAXPEAU_NATIVE_CODE_LINK@@PEAU_JIT_BITWISE_DATA@@@Z ; JitMutateInstForXor +PUBLIC ?JitMutateInstForOr@@YAXPEAU_NATIVE_CODE_LINK@@PEAU_JIT_BITWISE_DATA@@@Z ; JitMutateInstForOr +PUBLIC ?JitMutateInstForAnd@@YAXPEAU_NATIVE_CODE_LINK@@PEAU_JIT_BITWISE_DATA@@@Z ; JitMutateInstForAnd PUBLIC ?JitEmitPreRipMov@@YAPEAU_NATIVE_CODE_BLOCK@@PEAU_NATIVE_CODE_LINK@@H@Z ; JitEmitPreRipMov PUBLIC ?JitEmitPostRipMov@@YAPEAU_NATIVE_CODE_BLOCK@@PEAU_NATIVE_CODE_LINK@@H@Z ; JitEmitPostRipMov PUBLIC ?JitEmitPreRipBitwiseOp@@YAPEAU_NATIVE_CODE_BLOCK@@PEAU_NATIVE_CODE_LINK@@PEAU_JIT_BITWISE_DATA@@KHH@Z ; JitEmitPreRipBitwiseOp PUBLIC ?JitEmitPostRipBitwiseOp@@YAPEAU_NATIVE_CODE_BLOCK@@PEAU_NATIVE_CODE_LINK@@PEAU_JIT_BITWISE_DATA@@KHH@Z ; JitEmitPostRipBitwiseOp +PUBLIC ?JitiEmitWrapperD@@YAHKPEAU_NATIVE_CODE_BLOCK@@HK@Z ; JitiEmitWrapperD +PUBLIC ?JitiEmitWrapperW@@YAHKPEAU_NATIVE_CODE_BLOCK@@HK@Z ; JitiEmitWrapperW +PUBLIC ?JitiEmitWrapperB@@YAHKPEAU_NATIVE_CODE_BLOCK@@HK@Z ; JitiEmitWrapperB PUBLIC ??$?0K@?$allocator@U_Container_proxy@std@@@std@@QEAA@AEBV?$allocator@K@1@@Z ; std::allocator::allocator PUBLIC ??$exchange@PEAU_Container_proxy@std@@$$T@std@@YAPEAU_Container_proxy@0@AEAPEAU10@$$QEA$$T@Z ; std::exchange PUBLIC ??$_Delete_plain_internal@V?$allocator@U_Container_proxy@std@@@std@@@std@@YAXAEAV?$allocator@U_Container_proxy@std@@@0@QEAU_Container_proxy@0@@Z ; std::_Delete_plain_internal > @@ -176,6 +181,12 @@ EXTRN ?NcDeleteBlock@@YAXPEAU_NATIVE_CODE_BLOCK@@@Z:PROC ; NcDeleteBlock EXTRN ?JitEmitRipRelativeXorD@@YAHPEAU_NATIVE_CODE_BLOCK@@HK@Z:PROC ; JitEmitRipRelativeXorD EXTRN ?JitEmitRipRelativeXorW@@YAHPEAU_NATIVE_CODE_BLOCK@@HK@Z:PROC ; JitEmitRipRelativeXorW EXTRN ?JitEmitRipRelativeXorB@@YAHPEAU_NATIVE_CODE_BLOCK@@HK@Z:PROC ; JitEmitRipRelativeXorB +EXTRN ?JitEmitRipRelativeAndD@@YAHPEAU_NATIVE_CODE_BLOCK@@HK@Z:PROC ; JitEmitRipRelativeAndD +EXTRN ?JitEmitRipRelativeAndW@@YAHPEAU_NATIVE_CODE_BLOCK@@HK@Z:PROC ; JitEmitRipRelativeAndW +EXTRN ?JitEmitRipRelativeAndB@@YAHPEAU_NATIVE_CODE_BLOCK@@HK@Z:PROC ; JitEmitRipRelativeAndB +EXTRN ?JitEmitRipRelativeOrD@@YAHPEAU_NATIVE_CODE_BLOCK@@HK@Z:PROC ; JitEmitRipRelativeOrD +EXTRN ?JitEmitRipRelativeOrW@@YAHPEAU_NATIVE_CODE_BLOCK@@HK@Z:PROC ; JitEmitRipRelativeOrW +EXTRN ?JitEmitRipRelativeOrB@@YAHPEAU_NATIVE_CODE_BLOCK@@HK@Z:PROC ; JitEmitRipRelativeOrB EXTRN ?JitEmitRipRelativeMovD@@YAHPEAU_NATIVE_CODE_BLOCK@@HPEAE@Z:PROC ; JitEmitRipRelativeMovD EXTRN ?JitEmitRipRelativeMovW@@YAHPEAU_NATIVE_CODE_BLOCK@@HPEAE@Z:PROC ; JitEmitRipRelativeMovW EXTRN ?JitEmitRipRelativeMovB@@YAHPEAU_NATIVE_CODE_BLOCK@@HPEAE@Z:PROC ; JitEmitRipRelativeMovB @@ -392,6 +403,18 @@ $pdata$?JitMutateInstForXor@@YAXPEAU_NATIVE_CODE_LINK@@PEAU_JIT_BITWISE_DATA@@@Z pdata ENDS ; COMDAT pdata pdata SEGMENT +$pdata$?JitMutateInstForOr@@YAXPEAU_NATIVE_CODE_LINK@@PEAU_JIT_BITWISE_DATA@@@Z DD imagerel $LN3 + DD imagerel $LN3+69 + DD imagerel $unwind$?JitMutateInstForOr@@YAXPEAU_NATIVE_CODE_LINK@@PEAU_JIT_BITWISE_DATA@@@Z +pdata ENDS +; COMDAT pdata +pdata SEGMENT +$pdata$?JitMutateInstForAnd@@YAXPEAU_NATIVE_CODE_LINK@@PEAU_JIT_BITWISE_DATA@@@Z DD imagerel $LN3 + DD imagerel $LN3+69 + DD imagerel $unwind$?JitMutateInstForAnd@@YAXPEAU_NATIVE_CODE_LINK@@PEAU_JIT_BITWISE_DATA@@@Z +pdata ENDS +; COMDAT pdata +pdata SEGMENT $pdata$?JitEmitPreRipMov@@YAPEAU_NATIVE_CODE_BLOCK@@PEAU_NATIVE_CODE_LINK@@H@Z DD imagerel $LN25 DD imagerel $LN25+1088 DD imagerel $unwind$?JitEmitPreRipMov@@YAPEAU_NATIVE_CODE_BLOCK@@PEAU_NATIVE_CODE_LINK@@H@Z @@ -429,7 +452,7 @@ pdata ENDS ; COMDAT pdata pdata SEGMENT $pdata$?JitEmitPreRipBitwiseOp@@YAPEAU_NATIVE_CODE_BLOCK@@PEAU_NATIVE_CODE_LINK@@PEAU_JIT_BITWISE_DATA@@KHH@Z DD imagerel $LN29 - DD imagerel $LN29+1111 + DD imagerel $LN29+1132 DD imagerel $unwind$?JitEmitPreRipBitwiseOp@@YAPEAU_NATIVE_CODE_BLOCK@@PEAU_NATIVE_CODE_LINK@@PEAU_JIT_BITWISE_DATA@@KHH@Z pdata ENDS ; COMDAT pdata @@ -441,7 +464,7 @@ pdata ENDS ; COMDAT pdata pdata SEGMENT $pdata$?JitEmitPostRipBitwiseOp@@YAPEAU_NATIVE_CODE_BLOCK@@PEAU_NATIVE_CODE_LINK@@PEAU_JIT_BITWISE_DATA@@KHH@Z DD imagerel $LN29 - DD imagerel $LN29+1245 + DD imagerel $LN29+1266 DD imagerel $unwind$?JitEmitPostRipBitwiseOp@@YAPEAU_NATIVE_CODE_BLOCK@@PEAU_NATIVE_CODE_LINK@@PEAU_JIT_BITWISE_DATA@@KHH@Z pdata ENDS ; COMDAT pdata @@ -452,6 +475,24 @@ $pdata$?dtor$0@?0??JitEmitPostRipBitwiseOp@@YAPEAU_NATIVE_CODE_BLOCK@@PEAU_NATIV pdata ENDS ; COMDAT pdata pdata SEGMENT +$pdata$?JitiEmitWrapperD@@YAHKPEAU_NATIVE_CODE_BLOCK@@HK@Z DD imagerel $LN8 + DD imagerel $LN8+197 + DD imagerel $unwind$?JitiEmitWrapperD@@YAHKPEAU_NATIVE_CODE_BLOCK@@HK@Z +pdata ENDS +; COMDAT pdata +pdata SEGMENT +$pdata$?JitiEmitWrapperW@@YAHKPEAU_NATIVE_CODE_BLOCK@@HK@Z DD imagerel $LN8 + DD imagerel $LN8+197 + DD imagerel $unwind$?JitiEmitWrapperW@@YAHKPEAU_NATIVE_CODE_BLOCK@@HK@Z +pdata ENDS +; COMDAT pdata +pdata SEGMENT +$pdata$?JitiEmitWrapperB@@YAHKPEAU_NATIVE_CODE_BLOCK@@HK@Z DD imagerel $LN8 + DD imagerel $LN8+197 + DD imagerel $unwind$?JitiEmitWrapperB@@YAHKPEAU_NATIVE_CODE_BLOCK@@HK@Z +pdata ENDS +; COMDAT pdata +pdata SEGMENT $pdata$??$?0K@?$allocator@U_Container_proxy@std@@@std@@QEAA@AEBV?$allocator@K@1@@Z DD imagerel $LN3 DD imagerel $LN3+76 DD imagerel $unwind$??$?0K@?$allocator@U_Container_proxy@std@@@std@@QEAA@AEBV?$allocator@K@1@@Z @@ -719,6 +760,27 @@ $unwind$??$?0K@?$allocator@U_Container_proxy@std@@@std@@QEAA@AEBV?$allocator@K@1 xdata ENDS ; COMDAT xdata xdata SEGMENT +$unwind$?JitiEmitWrapperB@@YAHKPEAU_NATIVE_CODE_BLOCK@@HK@Z DD 025053701H + DD 011c2321H + DD 07015001fH + DD 05014H +xdata ENDS +; COMDAT xdata +xdata SEGMENT +$unwind$?JitiEmitWrapperW@@YAHKPEAU_NATIVE_CODE_BLOCK@@HK@Z DD 025053701H + DD 011c2321H + DD 07015001fH + DD 05014H +xdata ENDS +; COMDAT xdata +xdata SEGMENT +$unwind$?JitiEmitWrapperD@@YAHKPEAU_NATIVE_CODE_BLOCK@@HK@Z DD 025053701H + DD 011c2321H + DD 07015001fH + DD 05014H +xdata ENDS +; COMDAT xdata +xdata SEGMENT $unwind$?dtor$0@?0??JitEmitPostRipBitwiseOp@@YAPEAU_NATIVE_CODE_BLOCK@@PEAU_NATIVE_CODE_LINK@@PEAU_JIT_BITWISE_DATA@@KHH@Z@4HA DD 031001H DD 0700c4210H DD 0500bH @@ -913,6 +975,20 @@ $unwind$?JitEmitPreRipMov@@YAPEAU_NATIVE_CODE_BLOCK@@PEAU_NATIVE_CODE_LINK@@H@Z xdata ENDS ; COMDAT xdata xdata SEGMENT +$unwind$?JitMutateInstForAnd@@YAXPEAU_NATIVE_CODE_LINK@@PEAU_JIT_BITWISE_DATA@@@Z DD 025052f01H + DD 01132318H + DD 0700c001dH + DD 0500bH +xdata ENDS +; COMDAT xdata +xdata SEGMENT +$unwind$?JitMutateInstForOr@@YAXPEAU_NATIVE_CODE_LINK@@PEAU_JIT_BITWISE_DATA@@@Z DD 025052f01H + DD 01132318H + DD 0700c001dH + DD 0500bH +xdata ENDS +; COMDAT xdata +xdata SEGMENT $unwind$?JitMutateInstForXor@@YAXPEAU_NATIVE_CODE_LINK@@PEAU_JIT_BITWISE_DATA@@@Z DD 025052f01H DD 01132318H DD 0700c002dH @@ -1830,6 +1906,300 @@ $LN3: _TEXT ENDS ; Function compile flags: /Odtp /RTCsu /ZI ; File C:\$Fanta\code-virtualizer\CodeVirtualizer\Jit.cpp +; COMDAT ?JitiEmitWrapperB@@YAHKPEAU_NATIVE_CODE_BLOCK@@HK@Z +_TEXT SEGMENT +tv64 = 192 +OpType$ = 240 +Block$ = 248 +RipDelta$ = 256 +Value$ = 264 +?JitiEmitWrapperB@@YAHKPEAU_NATIVE_CODE_BLOCK@@HK@Z PROC ; JitiEmitWrapperB, COMDAT + +; 285 : { + +$LN8: + 00000 44 89 4c 24 20 mov DWORD PTR [rsp+32], r9d + 00005 44 89 44 24 18 mov DWORD PTR [rsp+24], r8d + 0000a 48 89 54 24 10 mov QWORD PTR [rsp+16], rdx + 0000f 89 4c 24 08 mov DWORD PTR [rsp+8], ecx + 00013 55 push rbp + 00014 57 push rdi + 00015 48 81 ec f8 00 + 00 00 sub rsp, 248 ; 000000f8H + 0001c 48 8d 6c 24 20 lea rbp, QWORD PTR [rsp+32] + 00021 48 8b fc mov rdi, rsp + 00024 b9 3e 00 00 00 mov ecx, 62 ; 0000003eH + 00029 b8 cc cc cc cc mov eax, -858993460 ; ccccccccH + 0002e f3 ab rep stosd + 00030 8b 8c 24 18 01 + 00 00 mov ecx, DWORD PTR [rsp+280] + 00037 48 8d 0d 00 00 + 00 00 lea rcx, OFFSET FLAT:__DD050276_Jit@cpp + 0003e e8 00 00 00 00 call __CheckForDebuggerJustMyCode + +; 286 : switch (OpType) + + 00043 8b 85 f0 00 00 + 00 mov eax, DWORD PTR OpType$[rbp] + 00049 89 85 c0 00 00 + 00 mov DWORD PTR tv64[rbp], eax + 0004f 83 bd c0 00 00 + 00 00 cmp DWORD PTR tv64[rbp], 0 + 00056 74 14 je SHORT $LN4@JitiEmitWr + 00058 83 bd c0 00 00 + 00 01 cmp DWORD PTR tv64[rbp], 1 + 0005f 74 26 je SHORT $LN5@JitiEmitWr + 00061 83 bd c0 00 00 + 00 02 cmp DWORD PTR tv64[rbp], 2 + 00068 74 38 je SHORT $LN6@JitiEmitWr + 0006a eb 4f jmp SHORT $LN2@JitiEmitWr +$LN4@JitiEmitWr: + +; 287 : { +; 288 : case JIT_BITWISE_XOR: return JitEmitRipRelativeXorB(Block, RipDelta, Value); + + 0006c 44 8b 85 08 01 + 00 00 mov r8d, DWORD PTR Value$[rbp] + 00073 8b 95 00 01 00 + 00 mov edx, DWORD PTR RipDelta$[rbp] + 00079 48 8b 8d f8 00 + 00 00 mov rcx, QWORD PTR Block$[rbp] + 00080 e8 00 00 00 00 call ?JitEmitRipRelativeXorB@@YAHPEAU_NATIVE_CODE_BLOCK@@HK@Z ; JitEmitRipRelativeXorB + 00085 eb 34 jmp SHORT $LN1@JitiEmitWr +$LN5@JitiEmitWr: + +; 289 : case JIT_BITWISE_AND: return JitEmitRipRelativeAndB(Block, RipDelta, Value); + + 00087 44 8b 85 08 01 + 00 00 mov r8d, DWORD PTR Value$[rbp] + 0008e 8b 95 00 01 00 + 00 mov edx, DWORD PTR RipDelta$[rbp] + 00094 48 8b 8d f8 00 + 00 00 mov rcx, QWORD PTR Block$[rbp] + 0009b e8 00 00 00 00 call ?JitEmitRipRelativeAndB@@YAHPEAU_NATIVE_CODE_BLOCK@@HK@Z ; JitEmitRipRelativeAndB + 000a0 eb 19 jmp SHORT $LN1@JitiEmitWr +$LN6@JitiEmitWr: + +; 290 : case JIT_BITWISE_OR: return JitEmitRipRelativeOrB(Block, RipDelta, Value); + + 000a2 44 8b 85 08 01 + 00 00 mov r8d, DWORD PTR Value$[rbp] + 000a9 8b 95 00 01 00 + 00 mov edx, DWORD PTR RipDelta$[rbp] + 000af 48 8b 8d f8 00 + 00 00 mov rcx, QWORD PTR Block$[rbp] + 000b6 e8 00 00 00 00 call ?JitEmitRipRelativeOrB@@YAHPEAU_NATIVE_CODE_BLOCK@@HK@Z ; JitEmitRipRelativeOrB +$LN2@JitiEmitWr: +$LN1@JitiEmitWr: + +; 291 : } +; 292 : } + + 000bb 48 8d a5 d8 00 + 00 00 lea rsp, QWORD PTR [rbp+216] + 000c2 5f pop rdi + 000c3 5d pop rbp + 000c4 c3 ret 0 +?JitiEmitWrapperB@@YAHKPEAU_NATIVE_CODE_BLOCK@@HK@Z ENDP ; JitiEmitWrapperB +_TEXT ENDS +; Function compile flags: /Odtp /RTCsu /ZI +; File C:\$Fanta\code-virtualizer\CodeVirtualizer\Jit.cpp +; COMDAT ?JitiEmitWrapperW@@YAHKPEAU_NATIVE_CODE_BLOCK@@HK@Z +_TEXT SEGMENT +tv64 = 192 +OpType$ = 240 +Block$ = 248 +RipDelta$ = 256 +Value$ = 264 +?JitiEmitWrapperW@@YAHKPEAU_NATIVE_CODE_BLOCK@@HK@Z PROC ; JitiEmitWrapperW, COMDAT + +; 276 : { + +$LN8: + 00000 44 89 4c 24 20 mov DWORD PTR [rsp+32], r9d + 00005 44 89 44 24 18 mov DWORD PTR [rsp+24], r8d + 0000a 48 89 54 24 10 mov QWORD PTR [rsp+16], rdx + 0000f 89 4c 24 08 mov DWORD PTR [rsp+8], ecx + 00013 55 push rbp + 00014 57 push rdi + 00015 48 81 ec f8 00 + 00 00 sub rsp, 248 ; 000000f8H + 0001c 48 8d 6c 24 20 lea rbp, QWORD PTR [rsp+32] + 00021 48 8b fc mov rdi, rsp + 00024 b9 3e 00 00 00 mov ecx, 62 ; 0000003eH + 00029 b8 cc cc cc cc mov eax, -858993460 ; ccccccccH + 0002e f3 ab rep stosd + 00030 8b 8c 24 18 01 + 00 00 mov ecx, DWORD PTR [rsp+280] + 00037 48 8d 0d 00 00 + 00 00 lea rcx, OFFSET FLAT:__DD050276_Jit@cpp + 0003e e8 00 00 00 00 call __CheckForDebuggerJustMyCode + +; 277 : switch (OpType) + + 00043 8b 85 f0 00 00 + 00 mov eax, DWORD PTR OpType$[rbp] + 00049 89 85 c0 00 00 + 00 mov DWORD PTR tv64[rbp], eax + 0004f 83 bd c0 00 00 + 00 00 cmp DWORD PTR tv64[rbp], 0 + 00056 74 14 je SHORT $LN4@JitiEmitWr + 00058 83 bd c0 00 00 + 00 01 cmp DWORD PTR tv64[rbp], 1 + 0005f 74 26 je SHORT $LN5@JitiEmitWr + 00061 83 bd c0 00 00 + 00 02 cmp DWORD PTR tv64[rbp], 2 + 00068 74 38 je SHORT $LN6@JitiEmitWr + 0006a eb 4f jmp SHORT $LN2@JitiEmitWr +$LN4@JitiEmitWr: + +; 278 : { +; 279 : case JIT_BITWISE_XOR: return JitEmitRipRelativeXorW(Block, RipDelta, Value); + + 0006c 44 8b 85 08 01 + 00 00 mov r8d, DWORD PTR Value$[rbp] + 00073 8b 95 00 01 00 + 00 mov edx, DWORD PTR RipDelta$[rbp] + 00079 48 8b 8d f8 00 + 00 00 mov rcx, QWORD PTR Block$[rbp] + 00080 e8 00 00 00 00 call ?JitEmitRipRelativeXorW@@YAHPEAU_NATIVE_CODE_BLOCK@@HK@Z ; JitEmitRipRelativeXorW + 00085 eb 34 jmp SHORT $LN1@JitiEmitWr +$LN5@JitiEmitWr: + +; 280 : case JIT_BITWISE_AND: return JitEmitRipRelativeAndW(Block, RipDelta, Value); + + 00087 44 8b 85 08 01 + 00 00 mov r8d, DWORD PTR Value$[rbp] + 0008e 8b 95 00 01 00 + 00 mov edx, DWORD PTR RipDelta$[rbp] + 00094 48 8b 8d f8 00 + 00 00 mov rcx, QWORD PTR Block$[rbp] + 0009b e8 00 00 00 00 call ?JitEmitRipRelativeAndW@@YAHPEAU_NATIVE_CODE_BLOCK@@HK@Z ; JitEmitRipRelativeAndW + 000a0 eb 19 jmp SHORT $LN1@JitiEmitWr +$LN6@JitiEmitWr: + +; 281 : case JIT_BITWISE_OR: return JitEmitRipRelativeOrW(Block, RipDelta, Value); + + 000a2 44 8b 85 08 01 + 00 00 mov r8d, DWORD PTR Value$[rbp] + 000a9 8b 95 00 01 00 + 00 mov edx, DWORD PTR RipDelta$[rbp] + 000af 48 8b 8d f8 00 + 00 00 mov rcx, QWORD PTR Block$[rbp] + 000b6 e8 00 00 00 00 call ?JitEmitRipRelativeOrW@@YAHPEAU_NATIVE_CODE_BLOCK@@HK@Z ; JitEmitRipRelativeOrW +$LN2@JitiEmitWr: +$LN1@JitiEmitWr: + +; 282 : } +; 283 : } + + 000bb 48 8d a5 d8 00 + 00 00 lea rsp, QWORD PTR [rbp+216] + 000c2 5f pop rdi + 000c3 5d pop rbp + 000c4 c3 ret 0 +?JitiEmitWrapperW@@YAHKPEAU_NATIVE_CODE_BLOCK@@HK@Z ENDP ; JitiEmitWrapperW +_TEXT ENDS +; Function compile flags: /Odtp /RTCsu /ZI +; File C:\$Fanta\code-virtualizer\CodeVirtualizer\Jit.cpp +; COMDAT ?JitiEmitWrapperD@@YAHKPEAU_NATIVE_CODE_BLOCK@@HK@Z +_TEXT SEGMENT +tv64 = 192 +OpType$ = 240 +Block$ = 248 +RipDelta$ = 256 +Value$ = 264 +?JitiEmitWrapperD@@YAHKPEAU_NATIVE_CODE_BLOCK@@HK@Z PROC ; JitiEmitWrapperD, COMDAT + +; 267 : { + +$LN8: + 00000 44 89 4c 24 20 mov DWORD PTR [rsp+32], r9d + 00005 44 89 44 24 18 mov DWORD PTR [rsp+24], r8d + 0000a 48 89 54 24 10 mov QWORD PTR [rsp+16], rdx + 0000f 89 4c 24 08 mov DWORD PTR [rsp+8], ecx + 00013 55 push rbp + 00014 57 push rdi + 00015 48 81 ec f8 00 + 00 00 sub rsp, 248 ; 000000f8H + 0001c 48 8d 6c 24 20 lea rbp, QWORD PTR [rsp+32] + 00021 48 8b fc mov rdi, rsp + 00024 b9 3e 00 00 00 mov ecx, 62 ; 0000003eH + 00029 b8 cc cc cc cc mov eax, -858993460 ; ccccccccH + 0002e f3 ab rep stosd + 00030 8b 8c 24 18 01 + 00 00 mov ecx, DWORD PTR [rsp+280] + 00037 48 8d 0d 00 00 + 00 00 lea rcx, OFFSET FLAT:__DD050276_Jit@cpp + 0003e e8 00 00 00 00 call __CheckForDebuggerJustMyCode + +; 268 : switch (OpType) + + 00043 8b 85 f0 00 00 + 00 mov eax, DWORD PTR OpType$[rbp] + 00049 89 85 c0 00 00 + 00 mov DWORD PTR tv64[rbp], eax + 0004f 83 bd c0 00 00 + 00 00 cmp DWORD PTR tv64[rbp], 0 + 00056 74 14 je SHORT $LN4@JitiEmitWr + 00058 83 bd c0 00 00 + 00 01 cmp DWORD PTR tv64[rbp], 1 + 0005f 74 26 je SHORT $LN5@JitiEmitWr + 00061 83 bd c0 00 00 + 00 02 cmp DWORD PTR tv64[rbp], 2 + 00068 74 38 je SHORT $LN6@JitiEmitWr + 0006a eb 4f jmp SHORT $LN2@JitiEmitWr +$LN4@JitiEmitWr: + +; 269 : { +; 270 : case JIT_BITWISE_XOR: return JitEmitRipRelativeXorD(Block, RipDelta, Value); + + 0006c 44 8b 85 08 01 + 00 00 mov r8d, DWORD PTR Value$[rbp] + 00073 8b 95 00 01 00 + 00 mov edx, DWORD PTR RipDelta$[rbp] + 00079 48 8b 8d f8 00 + 00 00 mov rcx, QWORD PTR Block$[rbp] + 00080 e8 00 00 00 00 call ?JitEmitRipRelativeXorD@@YAHPEAU_NATIVE_CODE_BLOCK@@HK@Z ; JitEmitRipRelativeXorD + 00085 eb 34 jmp SHORT $LN1@JitiEmitWr +$LN5@JitiEmitWr: + +; 271 : case JIT_BITWISE_AND: return JitEmitRipRelativeAndD(Block, RipDelta, Value); + + 00087 44 8b 85 08 01 + 00 00 mov r8d, DWORD PTR Value$[rbp] + 0008e 8b 95 00 01 00 + 00 mov edx, DWORD PTR RipDelta$[rbp] + 00094 48 8b 8d f8 00 + 00 00 mov rcx, QWORD PTR Block$[rbp] + 0009b e8 00 00 00 00 call ?JitEmitRipRelativeAndD@@YAHPEAU_NATIVE_CODE_BLOCK@@HK@Z ; JitEmitRipRelativeAndD + 000a0 eb 19 jmp SHORT $LN1@JitiEmitWr +$LN6@JitiEmitWr: + +; 272 : case JIT_BITWISE_OR: return JitEmitRipRelativeOrD(Block, RipDelta, Value); + + 000a2 44 8b 85 08 01 + 00 00 mov r8d, DWORD PTR Value$[rbp] + 000a9 8b 95 00 01 00 + 00 mov edx, DWORD PTR RipDelta$[rbp] + 000af 48 8b 8d f8 00 + 00 00 mov rcx, QWORD PTR Block$[rbp] + 000b6 e8 00 00 00 00 call ?JitEmitRipRelativeOrD@@YAHPEAU_NATIVE_CODE_BLOCK@@HK@Z ; JitEmitRipRelativeOrD +$LN2@JitiEmitWr: +$LN1@JitiEmitWr: + +; 273 : } +; 274 : } + + 000bb 48 8d a5 d8 00 + 00 00 lea rsp, QWORD PTR [rbp+216] + 000c2 5f pop rdi + 000c3 5d pop rbp + 000c4 c3 ret 0 +?JitiEmitWrapperD@@YAHKPEAU_NATIVE_CODE_BLOCK@@HK@Z ENDP ; JitiEmitWrapperD +_TEXT ENDS +; Function compile flags: /Odtp /RTCsu /ZI +; File C:\$Fanta\code-virtualizer\CodeVirtualizer\Jit.cpp ; COMDAT ?JitEmitPostRipBitwiseOp@@YAPEAU_NATIVE_CODE_BLOCK@@PEAU_NATIVE_CODE_LINK@@PEAU_JIT_BITWISE_DATA@@KHH@Z _TEXT SEGMENT FourByte$ = 4 @@ -1847,10 +2217,10 @@ $T7 = 552 $T8 = 584 $T9 = 616 $T10 = 648 -tv221 = 664 -tv211 = 664 -tv183 = 664 -tv157 = 664 +tv224 = 664 +tv214 = 664 +tv185 = 664 +tv158 = 664 tv128 = 664 tv86 = 664 Link$ = 704 @@ -1860,7 +2230,7 @@ SaveFlags$ = 728 Delta$ = 736 ?JitEmitPostRipBitwiseOp@@YAPEAU_NATIVE_CODE_BLOCK@@PEAU_NATIVE_CODE_LINK@@PEAU_JIT_BITWISE_DATA@@KHH@Z PROC ; JitEmitPostRipBitwiseOp, COMDAT -; 331 : { +; 369 : { $LN29: 00000 44 89 4c 24 20 mov DWORD PTR [rsp+32], r9d @@ -1882,7 +2252,7 @@ $LN29: 00 00 lea rcx, OFFSET FLAT:__DD050276_Jit@cpp 00040 e8 00 00 00 00 call __CheckForDebuggerJustMyCode -; 332 : ULONG FourByte = Link->RawDataSize / 4; +; 370 : ULONG FourByte = Link->RawDataSize / 4; 00045 33 d2 xor edx, edx 00047 48 8b 85 c0 02 @@ -1892,7 +2262,7 @@ $LN29: 00056 f7 f1 div ecx 00058 89 45 04 mov DWORD PTR FourByte$[rbp], eax -; 333 : ULONG TwoByte = (Link->RawDataSize - (FourByte * 4)) / 2; +; 371 : ULONG TwoByte = (Link->RawDataSize - (FourByte * 4)) / 2; 0005b 8b 45 04 mov eax, DWORD PTR FourByte$[rbp] 0005e c1 e0 02 shl eax, 2 @@ -1906,7 +2276,7 @@ $LN29: 00076 f7 f1 div ecx 00078 89 45 24 mov DWORD PTR TwoByte$[rbp], eax -; 334 : ULONG OneByte = (Link->RawDataSize - (FourByte * 4) - (TwoByte * 2)); +; 372 : ULONG OneByte = (Link->RawDataSize - (FourByte * 4) - (TwoByte * 2)); 0007b 8b 45 04 mov eax, DWORD PTR FourByte$[rbp] 0007e c1 e0 02 shl eax, 2 @@ -1920,8 +2290,8 @@ $LN29: 00094 2b c1 sub eax, ecx 00096 89 45 44 mov DWORD PTR OneByte$[rbp], eax -; 335 : -; 336 : PNATIVE_CODE_BLOCK Block = new NATIVE_CODE_BLOCK; +; 373 : +; 374 : PNATIVE_CODE_BLOCK Block = new NATIVE_CODE_BLOCK; 00099 b9 30 00 00 00 mov ecx, 48 ; 00000030H 0009e e8 00 00 00 00 call ??2@YAPEAX_K@Z ; operator new @@ -1949,19 +2319,19 @@ $LN17@JitEmitPos: 00 00 mov rax, QWORD PTR $T4[rbp] 000e9 48 89 45 68 mov QWORD PTR Block$[rbp], rax -; 337 : if (!Block) +; 375 : if (!Block) 000ed 48 83 7d 68 00 cmp QWORD PTR Block$[rbp], 0 000f2 75 07 jne SHORT $LN4@JitEmitPos -; 338 : return NULL; +; 376 : return NULL; 000f4 33 c0 xor eax, eax - 000f6 e9 d8 03 00 00 jmp $LN1@JitEmitPos + 000f6 e9 ed 03 00 00 jmp $LN1@JitEmitPos $LN4@JitEmitPos: -; 339 : -; 340 : if (SaveFlags && !JitEmitPushfqInst(Block)) +; 377 : +; 378 : if (SaveFlags && !JitEmitPushfqInst(Block)) 000fb 83 bd d8 02 00 00 00 cmp DWORD PTR SaveFlags$[rbp], 0 @@ -1971,13 +2341,13 @@ $LN4@JitEmitPos: 0010d 85 c0 test eax, eax 0010f 75 4a jne SHORT $LN5@JitEmitPos -; 341 : { -; 342 : NcDeleteBlock(Block); +; 379 : { +; 380 : NcDeleteBlock(Block); 00111 48 8b 4d 68 mov rcx, QWORD PTR Block$[rbp] 00115 e8 00 00 00 00 call ?NcDeleteBlock@@YAXPEAU_NATIVE_CODE_BLOCK@@@Z ; NcDeleteBlock -; 343 : delete Block; +; 381 : delete Block; 0011a 48 8b 45 68 mov rax, QWORD PTR Block$[rbp] 0011e 48 89 85 08 02 @@ -1998,30 +2368,30 @@ $LN18@JitEmitPos: 00 mov QWORD PTR tv128[rbp], 0 $LN19@JitEmitPos: -; 344 : return NULL; +; 382 : return NULL; 00154 33 c0 xor eax, eax - 00156 e9 78 03 00 00 jmp $LN1@JitEmitPos + 00156 e9 8d 03 00 00 jmp $LN1@JitEmitPos $LN5@JitEmitPos: -; 345 : } -; 346 : -; 347 : ULONG Count = FourByte; +; 383 : } +; 384 : +; 385 : ULONG Count = FourByte; 0015b 8b 45 04 mov eax, DWORD PTR FourByte$[rbp] 0015e 89 85 84 00 00 00 mov DWORD PTR Count$[rbp], eax $LN2@JitEmitPos: -; 348 : while (Count) +; 386 : while (Count) 00164 83 bd 84 00 00 00 00 cmp DWORD PTR Count$[rbp], 0 - 0016b 0f 84 0a 01 00 + 0016b 0f 84 11 01 00 00 je $LN3@JitEmitPos -; 349 : { -; 350 : INT32 RipDelta = Link->RawDataSize - ((FourByte - Count) * 4); +; 387 : { +; 388 : INT32 RipDelta = Link->RawDataSize - ((FourByte - Count) * 4); 00171 8b 85 84 00 00 00 mov eax, DWORD PTR Count$[rbp] @@ -2037,13 +2407,13 @@ $LN2@JitEmitPos: 0018f 89 85 a4 00 00 00 mov DWORD PTR RipDelta$1[rbp], eax -; 351 : if (SaveFlags) +; 389 : if (SaveFlags) 00195 83 bd d8 02 00 00 00 cmp DWORD PTR SaveFlags$[rbp], 0 0019c 74 0e je SHORT $LN6@JitEmitPos -; 352 : RipDelta += 1; +; 390 : RipDelta += 1; 0019e 8b 85 a4 00 00 00 mov eax, DWORD PTR RipDelta$1[rbp] @@ -2052,7 +2422,7 @@ $LN2@JitEmitPos: 00 mov DWORD PTR RipDelta$1[rbp], eax $LN6@JitEmitPos: -; 353 : RipDelta += (FourByte - (Count - 1)) * DWORD_RIP_INST_LENGTH; +; 391 : RipDelta += (FourByte - (Count - 1)) * DWORD_RIP_INST_LENGTH; 001ac 8b 85 84 00 00 00 mov eax, DWORD PTR Count$[rbp] @@ -2068,14 +2438,14 @@ $LN6@JitEmitPos: 001c8 89 85 a4 00 00 00 mov DWORD PTR RipDelta$1[rbp], eax -; 354 : RipDelta *= (-1); +; 392 : RipDelta *= (-1); 001ce 6b 85 a4 00 00 00 ff imul eax, DWORD PTR RipDelta$1[rbp], -1 001d5 89 85 a4 00 00 00 mov DWORD PTR RipDelta$1[rbp], eax -; 355 : RipDelta += Delta; +; 393 : RipDelta += Delta; 001db 8b 85 e0 02 00 00 mov eax, DWORD PTR Delta$[rbp] @@ -2086,7 +2456,7 @@ $LN6@JitEmitPos: 001eb 89 85 a4 00 00 00 mov DWORD PTR RipDelta$1[rbp], eax -; 356 : if (!JitEmitRipRelativeXorD(Block, RipDelta, JitData->Data[FourByte - Count])) +; 394 : if (!JitiEmitWrapperD(OpType, Block, RipDelta, JitData->Data[FourByte - Count])) 001f1 8b 85 84 00 00 00 mov eax, DWORD PTR Count$[rbp] @@ -2096,370 +2466,376 @@ $LN6@JitEmitPos: 001fe 8b c0 mov eax, eax 00200 48 8b 8d c8 02 00 00 mov rcx, QWORD PTR JitData$[rbp] - 00207 44 8b 04 81 mov r8d, DWORD PTR [rcx+rax*4] - 0020b 8b 95 a4 00 00 - 00 mov edx, DWORD PTR RipDelta$1[rbp] - 00211 48 8b 4d 68 mov rcx, QWORD PTR Block$[rbp] - 00215 e8 00 00 00 00 call ?JitEmitRipRelativeXorD@@YAHPEAU_NATIVE_CODE_BLOCK@@HK@Z ; JitEmitRipRelativeXorD - 0021a 85 c0 test eax, eax - 0021c 75 4a jne SHORT $LN7@JitEmitPos - -; 357 : { -; 358 : NcDeleteBlock(Block); - - 0021e 48 8b 4d 68 mov rcx, QWORD PTR Block$[rbp] - 00222 e8 00 00 00 00 call ?NcDeleteBlock@@YAXPEAU_NATIVE_CODE_BLOCK@@@Z ; NcDeleteBlock - -; 359 : delete Block; - - 00227 48 8b 45 68 mov rax, QWORD PTR Block$[rbp] - 0022b 48 89 85 28 02 + 00207 44 8b 0c 81 mov r9d, DWORD PTR [rcx+rax*4] + 0020b 44 8b 85 a4 00 + 00 00 mov r8d, DWORD PTR RipDelta$1[rbp] + 00212 48 8b 55 68 mov rdx, QWORD PTR Block$[rbp] + 00216 8b 8d d0 02 00 + 00 mov ecx, DWORD PTR OpType$[rbp] + 0021c e8 00 00 00 00 call ?JitiEmitWrapperD@@YAHKPEAU_NATIVE_CODE_BLOCK@@HK@Z ; JitiEmitWrapperD + 00221 85 c0 test eax, eax + 00223 75 4a jne SHORT $LN7@JitEmitPos + +; 395 : { +; 396 : NcDeleteBlock(Block); + + 00225 48 8b 4d 68 mov rcx, QWORD PTR Block$[rbp] + 00229 e8 00 00 00 00 call ?NcDeleteBlock@@YAXPEAU_NATIVE_CODE_BLOCK@@@Z ; NcDeleteBlock + +; 397 : delete Block; + + 0022e 48 8b 45 68 mov rax, QWORD PTR Block$[rbp] + 00232 48 89 85 28 02 00 00 mov QWORD PTR $T7[rbp], rax - 00232 48 83 bd 28 02 + 00239 48 83 bd 28 02 00 00 00 cmp QWORD PTR $T7[rbp], 0 - 0023a 74 1a je SHORT $LN20@JitEmitPos - 0023c ba 01 00 00 00 mov edx, 1 - 00241 48 8b 8d 28 02 + 00241 74 1a je SHORT $LN20@JitEmitPos + 00243 ba 01 00 00 00 mov edx, 1 + 00248 48 8b 8d 28 02 00 00 mov rcx, QWORD PTR $T7[rbp] - 00248 e8 00 00 00 00 call ??_G_NATIVE_CODE_BLOCK@@QEAAPEAXI@Z - 0024d 48 89 85 98 02 - 00 00 mov QWORD PTR tv157[rbp], rax - 00254 eb 0b jmp SHORT $LN21@JitEmitPos + 0024f e8 00 00 00 00 call ??_G_NATIVE_CODE_BLOCK@@QEAAPEAXI@Z + 00254 48 89 85 98 02 + 00 00 mov QWORD PTR tv158[rbp], rax + 0025b eb 0b jmp SHORT $LN21@JitEmitPos $LN20@JitEmitPos: - 00256 48 c7 85 98 02 + 0025d 48 c7 85 98 02 00 00 00 00 00 - 00 mov QWORD PTR tv157[rbp], 0 + 00 mov QWORD PTR tv158[rbp], 0 $LN21@JitEmitPos: -; 360 : return NULL; +; 398 : return NULL; - 00261 33 c0 xor eax, eax - 00263 e9 6b 02 00 00 jmp $LN1@JitEmitPos + 00268 33 c0 xor eax, eax + 0026a e9 79 02 00 00 jmp $LN1@JitEmitPos $LN7@JitEmitPos: -; 361 : } -; 362 : --Count; +; 399 : } +; 400 : --Count; - 00268 8b 85 84 00 00 + 0026f 8b 85 84 00 00 00 mov eax, DWORD PTR Count$[rbp] - 0026e ff c8 dec eax - 00270 89 85 84 00 00 + 00275 ff c8 dec eax + 00277 89 85 84 00 00 00 mov DWORD PTR Count$[rbp], eax -; 363 : } +; 401 : } - 00276 e9 e9 fe ff ff jmp $LN2@JitEmitPos + 0027d e9 e2 fe ff ff jmp $LN2@JitEmitPos $LN3@JitEmitPos: -; 364 : -; 365 : if (TwoByte) +; 402 : +; 403 : if (TwoByte) - 0027b 83 7d 24 00 cmp DWORD PTR TwoByte$[rbp], 0 - 0027f 0f 84 e8 00 00 + 00282 83 7d 24 00 cmp DWORD PTR TwoByte$[rbp], 0 + 00286 0f 84 ef 00 00 00 je $LN8@JitEmitPos -; 366 : { -; 367 : INT32 RipDelta = Link->RawDataSize - (FourByte * 4); +; 404 : { +; 405 : INT32 RipDelta = Link->RawDataSize - (FourByte * 4); - 00285 8b 45 04 mov eax, DWORD PTR FourByte$[rbp] - 00288 c1 e0 02 shl eax, 2 - 0028b 48 8b 8d c0 02 + 0028c 8b 45 04 mov eax, DWORD PTR FourByte$[rbp] + 0028f c1 e0 02 shl eax, 2 + 00292 48 8b 8d c0 02 00 00 mov rcx, QWORD PTR Link$[rbp] - 00292 8b 49 28 mov ecx, DWORD PTR [rcx+40] - 00295 2b c8 sub ecx, eax - 00297 8b c1 mov eax, ecx - 00299 89 85 c4 00 00 + 00299 8b 49 28 mov ecx, DWORD PTR [rcx+40] + 0029c 2b c8 sub ecx, eax + 0029e 8b c1 mov eax, ecx + 002a0 89 85 c4 00 00 00 mov DWORD PTR RipDelta$2[rbp], eax -; 368 : if (SaveFlags) +; 406 : if (SaveFlags) - 0029f 83 bd d8 02 00 + 002a6 83 bd d8 02 00 00 00 cmp DWORD PTR SaveFlags$[rbp], 0 - 002a6 74 0e je SHORT $LN9@JitEmitPos + 002ad 74 0e je SHORT $LN9@JitEmitPos -; 369 : RipDelta += 1; +; 407 : RipDelta += 1; - 002a8 8b 85 c4 00 00 + 002af 8b 85 c4 00 00 00 mov eax, DWORD PTR RipDelta$2[rbp] - 002ae ff c0 inc eax - 002b0 89 85 c4 00 00 + 002b5 ff c0 inc eax + 002b7 89 85 c4 00 00 00 mov DWORD PTR RipDelta$2[rbp], eax $LN9@JitEmitPos: -; 370 : RipDelta += (FourByte * DWORD_RIP_INST_LENGTH); +; 408 : RipDelta += (FourByte * DWORD_RIP_INST_LENGTH); - 002b6 6b 45 04 0a imul eax, DWORD PTR FourByte$[rbp], 10 - 002ba 8b 8d c4 00 00 + 002bd 6b 45 04 0a imul eax, DWORD PTR FourByte$[rbp], 10 + 002c1 8b 8d c4 00 00 00 mov ecx, DWORD PTR RipDelta$2[rbp] - 002c0 03 c8 add ecx, eax - 002c2 8b c1 mov eax, ecx - 002c4 89 85 c4 00 00 + 002c7 03 c8 add ecx, eax + 002c9 8b c1 mov eax, ecx + 002cb 89 85 c4 00 00 00 mov DWORD PTR RipDelta$2[rbp], eax -; 371 : RipDelta += WORD_RIP_INST_LENGTH; +; 409 : RipDelta += WORD_RIP_INST_LENGTH; - 002ca 8b 85 c4 00 00 + 002d1 8b 85 c4 00 00 00 mov eax, DWORD PTR RipDelta$2[rbp] - 002d0 83 c0 09 add eax, 9 - 002d3 89 85 c4 00 00 + 002d7 83 c0 09 add eax, 9 + 002da 89 85 c4 00 00 00 mov DWORD PTR RipDelta$2[rbp], eax -; 372 : RipDelta *= (-1); +; 410 : RipDelta *= (-1); - 002d9 6b 85 c4 00 00 + 002e0 6b 85 c4 00 00 00 ff imul eax, DWORD PTR RipDelta$2[rbp], -1 - 002e0 89 85 c4 00 00 + 002e7 89 85 c4 00 00 00 mov DWORD PTR RipDelta$2[rbp], eax -; 373 : RipDelta += Delta; +; 411 : RipDelta += Delta; - 002e6 8b 85 e0 02 00 + 002ed 8b 85 e0 02 00 00 mov eax, DWORD PTR Delta$[rbp] - 002ec 8b 8d c4 00 00 + 002f3 8b 8d c4 00 00 00 mov ecx, DWORD PTR RipDelta$2[rbp] - 002f2 03 c8 add ecx, eax - 002f4 8b c1 mov eax, ecx - 002f6 89 85 c4 00 00 + 002f9 03 c8 add ecx, eax + 002fb 8b c1 mov eax, ecx + 002fd 89 85 c4 00 00 00 mov DWORD PTR RipDelta$2[rbp], eax -; 374 : if (!JitEmitRipRelativeXorW(Block, RipDelta, JitData->Data[3])) +; 412 : if (!JitiEmitWrapperW(OpType, Block, RipDelta, JitData->Data[3])) - 002fc b8 04 00 00 00 mov eax, 4 - 00301 48 6b c0 03 imul rax, rax, 3 - 00305 48 8b 8d c8 02 + 00303 b8 04 00 00 00 mov eax, 4 + 00308 48 6b c0 03 imul rax, rax, 3 + 0030c 48 8b 8d c8 02 00 00 mov rcx, QWORD PTR JitData$[rbp] - 0030c 44 8b 04 01 mov r8d, DWORD PTR [rcx+rax] - 00310 8b 95 c4 00 00 - 00 mov edx, DWORD PTR RipDelta$2[rbp] - 00316 48 8b 4d 68 mov rcx, QWORD PTR Block$[rbp] - 0031a e8 00 00 00 00 call ?JitEmitRipRelativeXorW@@YAHPEAU_NATIVE_CODE_BLOCK@@HK@Z ; JitEmitRipRelativeXorW - 0031f 85 c0 test eax, eax - 00321 75 4a jne SHORT $LN8@JitEmitPos - -; 375 : { -; 376 : NcDeleteBlock(Block); - - 00323 48 8b 4d 68 mov rcx, QWORD PTR Block$[rbp] - 00327 e8 00 00 00 00 call ?NcDeleteBlock@@YAXPEAU_NATIVE_CODE_BLOCK@@@Z ; NcDeleteBlock - -; 377 : delete Block; - - 0032c 48 8b 45 68 mov rax, QWORD PTR Block$[rbp] - 00330 48 89 85 48 02 + 00313 44 8b 0c 01 mov r9d, DWORD PTR [rcx+rax] + 00317 44 8b 85 c4 00 + 00 00 mov r8d, DWORD PTR RipDelta$2[rbp] + 0031e 48 8b 55 68 mov rdx, QWORD PTR Block$[rbp] + 00322 8b 8d d0 02 00 + 00 mov ecx, DWORD PTR OpType$[rbp] + 00328 e8 00 00 00 00 call ?JitiEmitWrapperW@@YAHKPEAU_NATIVE_CODE_BLOCK@@HK@Z ; JitiEmitWrapperW + 0032d 85 c0 test eax, eax + 0032f 75 4a jne SHORT $LN8@JitEmitPos + +; 413 : { +; 414 : NcDeleteBlock(Block); + + 00331 48 8b 4d 68 mov rcx, QWORD PTR Block$[rbp] + 00335 e8 00 00 00 00 call ?NcDeleteBlock@@YAXPEAU_NATIVE_CODE_BLOCK@@@Z ; NcDeleteBlock + +; 415 : delete Block; + + 0033a 48 8b 45 68 mov rax, QWORD PTR Block$[rbp] + 0033e 48 89 85 48 02 00 00 mov QWORD PTR $T8[rbp], rax - 00337 48 83 bd 48 02 + 00345 48 83 bd 48 02 00 00 00 cmp QWORD PTR $T8[rbp], 0 - 0033f 74 1a je SHORT $LN22@JitEmitPos - 00341 ba 01 00 00 00 mov edx, 1 - 00346 48 8b 8d 48 02 + 0034d 74 1a je SHORT $LN22@JitEmitPos + 0034f ba 01 00 00 00 mov edx, 1 + 00354 48 8b 8d 48 02 00 00 mov rcx, QWORD PTR $T8[rbp] - 0034d e8 00 00 00 00 call ??_G_NATIVE_CODE_BLOCK@@QEAAPEAXI@Z - 00352 48 89 85 98 02 - 00 00 mov QWORD PTR tv183[rbp], rax - 00359 eb 0b jmp SHORT $LN23@JitEmitPos + 0035b e8 00 00 00 00 call ??_G_NATIVE_CODE_BLOCK@@QEAAPEAXI@Z + 00360 48 89 85 98 02 + 00 00 mov QWORD PTR tv185[rbp], rax + 00367 eb 0b jmp SHORT $LN23@JitEmitPos $LN22@JitEmitPos: - 0035b 48 c7 85 98 02 + 00369 48 c7 85 98 02 00 00 00 00 00 - 00 mov QWORD PTR tv183[rbp], 0 + 00 mov QWORD PTR tv185[rbp], 0 $LN23@JitEmitPos: -; 378 : return NULL; +; 416 : return NULL; - 00366 33 c0 xor eax, eax - 00368 e9 66 01 00 00 jmp $LN1@JitEmitPos + 00374 33 c0 xor eax, eax + 00376 e9 6d 01 00 00 jmp $LN1@JitEmitPos $LN8@JitEmitPos: -; 379 : } -; 380 : } -; 381 : -; 382 : if (OneByte) +; 417 : } +; 418 : } +; 419 : +; 420 : if (OneByte) - 0036d 83 7d 44 00 cmp DWORD PTR OneByte$[rbp], 0 - 00371 0f 84 fb 00 00 + 0037b 83 7d 44 00 cmp DWORD PTR OneByte$[rbp], 0 + 0037f 0f 84 02 01 00 00 je $LN11@JitEmitPos -; 383 : { -; 384 : INT32 RipDelta = Link->RawDataSize - (FourByte * 4) - (TwoByte * 2); +; 421 : { +; 422 : INT32 RipDelta = Link->RawDataSize - (FourByte * 4) - (TwoByte * 2); - 00377 8b 45 04 mov eax, DWORD PTR FourByte$[rbp] - 0037a c1 e0 02 shl eax, 2 - 0037d 48 8b 8d c0 02 + 00385 8b 45 04 mov eax, DWORD PTR FourByte$[rbp] + 00388 c1 e0 02 shl eax, 2 + 0038b 48 8b 8d c0 02 00 00 mov rcx, QWORD PTR Link$[rbp] - 00384 8b 49 28 mov ecx, DWORD PTR [rcx+40] - 00387 2b c8 sub ecx, eax - 00389 8b c1 mov eax, ecx - 0038b 8b 4d 24 mov ecx, DWORD PTR TwoByte$[rbp] - 0038e d1 e1 shl ecx, 1 - 00390 2b c1 sub eax, ecx - 00392 89 85 e4 00 00 + 00392 8b 49 28 mov ecx, DWORD PTR [rcx+40] + 00395 2b c8 sub ecx, eax + 00397 8b c1 mov eax, ecx + 00399 8b 4d 24 mov ecx, DWORD PTR TwoByte$[rbp] + 0039c d1 e1 shl ecx, 1 + 0039e 2b c1 sub eax, ecx + 003a0 89 85 e4 00 00 00 mov DWORD PTR RipDelta$3[rbp], eax -; 385 : if (SaveFlags) +; 423 : if (SaveFlags) - 00398 83 bd d8 02 00 + 003a6 83 bd d8 02 00 00 00 cmp DWORD PTR SaveFlags$[rbp], 0 - 0039f 74 0e je SHORT $LN12@JitEmitPos + 003ad 74 0e je SHORT $LN12@JitEmitPos -; 386 : RipDelta += 1; +; 424 : RipDelta += 1; - 003a1 8b 85 e4 00 00 + 003af 8b 85 e4 00 00 00 mov eax, DWORD PTR RipDelta$3[rbp] - 003a7 ff c0 inc eax - 003a9 89 85 e4 00 00 + 003b5 ff c0 inc eax + 003b7 89 85 e4 00 00 00 mov DWORD PTR RipDelta$3[rbp], eax $LN12@JitEmitPos: -; 387 : RipDelta += (FourByte * DWORD_RIP_INST_LENGTH); +; 425 : RipDelta += (FourByte * DWORD_RIP_INST_LENGTH); - 003af 6b 45 04 0a imul eax, DWORD PTR FourByte$[rbp], 10 - 003b3 8b 8d e4 00 00 + 003bd 6b 45 04 0a imul eax, DWORD PTR FourByte$[rbp], 10 + 003c1 8b 8d e4 00 00 00 mov ecx, DWORD PTR RipDelta$3[rbp] - 003b9 03 c8 add ecx, eax - 003bb 8b c1 mov eax, ecx - 003bd 89 85 e4 00 00 + 003c7 03 c8 add ecx, eax + 003c9 8b c1 mov eax, ecx + 003cb 89 85 e4 00 00 00 mov DWORD PTR RipDelta$3[rbp], eax -; 388 : RipDelta += WORD_RIP_INST_LENGTH; +; 426 : RipDelta += WORD_RIP_INST_LENGTH; - 003c3 8b 85 e4 00 00 + 003d1 8b 85 e4 00 00 00 mov eax, DWORD PTR RipDelta$3[rbp] - 003c9 83 c0 09 add eax, 9 - 003cc 89 85 e4 00 00 + 003d7 83 c0 09 add eax, 9 + 003da 89 85 e4 00 00 00 mov DWORD PTR RipDelta$3[rbp], eax -; 389 : RipDelta += BYTE_RIP_INST_LENGTH; +; 427 : RipDelta += BYTE_RIP_INST_LENGTH; - 003d2 8b 85 e4 00 00 + 003e0 8b 85 e4 00 00 00 mov eax, DWORD PTR RipDelta$3[rbp] - 003d8 83 c0 07 add eax, 7 - 003db 89 85 e4 00 00 + 003e6 83 c0 07 add eax, 7 + 003e9 89 85 e4 00 00 00 mov DWORD PTR RipDelta$3[rbp], eax -; 390 : RipDelta *= (-1); +; 428 : RipDelta *= (-1); - 003e1 6b 85 e4 00 00 + 003ef 6b 85 e4 00 00 00 ff imul eax, DWORD PTR RipDelta$3[rbp], -1 - 003e8 89 85 e4 00 00 + 003f6 89 85 e4 00 00 00 mov DWORD PTR RipDelta$3[rbp], eax -; 391 : RipDelta += Delta; +; 429 : RipDelta += Delta; - 003ee 8b 85 e0 02 00 + 003fc 8b 85 e0 02 00 00 mov eax, DWORD PTR Delta$[rbp] - 003f4 8b 8d e4 00 00 + 00402 8b 8d e4 00 00 00 mov ecx, DWORD PTR RipDelta$3[rbp] - 003fa 03 c8 add ecx, eax - 003fc 8b c1 mov eax, ecx - 003fe 89 85 e4 00 00 + 00408 03 c8 add ecx, eax + 0040a 8b c1 mov eax, ecx + 0040c 89 85 e4 00 00 00 mov DWORD PTR RipDelta$3[rbp], eax -; 392 : if (!JitEmitRipRelativeXorB(Block, RipDelta, JitData->Data[4])) +; 430 : if (!JitiEmitWrapperB(OpType, Block, RipDelta, JitData->Data[4])) - 00404 b8 04 00 00 00 mov eax, 4 - 00409 48 6b c0 04 imul rax, rax, 4 - 0040d 48 8b 8d c8 02 + 00412 b8 04 00 00 00 mov eax, 4 + 00417 48 6b c0 04 imul rax, rax, 4 + 0041b 48 8b 8d c8 02 00 00 mov rcx, QWORD PTR JitData$[rbp] - 00414 44 8b 04 01 mov r8d, DWORD PTR [rcx+rax] - 00418 8b 95 e4 00 00 - 00 mov edx, DWORD PTR RipDelta$3[rbp] - 0041e 48 8b 4d 68 mov rcx, QWORD PTR Block$[rbp] - 00422 e8 00 00 00 00 call ?JitEmitRipRelativeXorB@@YAHPEAU_NATIVE_CODE_BLOCK@@HK@Z ; JitEmitRipRelativeXorB - 00427 85 c0 test eax, eax - 00429 75 47 jne SHORT $LN11@JitEmitPos + 00422 44 8b 0c 01 mov r9d, DWORD PTR [rcx+rax] + 00426 44 8b 85 e4 00 + 00 00 mov r8d, DWORD PTR RipDelta$3[rbp] + 0042d 48 8b 55 68 mov rdx, QWORD PTR Block$[rbp] + 00431 8b 8d d0 02 00 + 00 mov ecx, DWORD PTR OpType$[rbp] + 00437 e8 00 00 00 00 call ?JitiEmitWrapperB@@YAHKPEAU_NATIVE_CODE_BLOCK@@HK@Z ; JitiEmitWrapperB + 0043c 85 c0 test eax, eax + 0043e 75 47 jne SHORT $LN11@JitEmitPos -; 393 : { -; 394 : NcDeleteBlock(Block); +; 431 : { +; 432 : NcDeleteBlock(Block); - 0042b 48 8b 4d 68 mov rcx, QWORD PTR Block$[rbp] - 0042f e8 00 00 00 00 call ?NcDeleteBlock@@YAXPEAU_NATIVE_CODE_BLOCK@@@Z ; NcDeleteBlock + 00440 48 8b 4d 68 mov rcx, QWORD PTR Block$[rbp] + 00444 e8 00 00 00 00 call ?NcDeleteBlock@@YAXPEAU_NATIVE_CODE_BLOCK@@@Z ; NcDeleteBlock -; 395 : delete Block; +; 433 : delete Block; - 00434 48 8b 45 68 mov rax, QWORD PTR Block$[rbp] - 00438 48 89 85 68 02 + 00449 48 8b 45 68 mov rax, QWORD PTR Block$[rbp] + 0044d 48 89 85 68 02 00 00 mov QWORD PTR $T9[rbp], rax - 0043f 48 83 bd 68 02 + 00454 48 83 bd 68 02 00 00 00 cmp QWORD PTR $T9[rbp], 0 - 00447 74 1a je SHORT $LN24@JitEmitPos - 00449 ba 01 00 00 00 mov edx, 1 - 0044e 48 8b 8d 68 02 + 0045c 74 1a je SHORT $LN24@JitEmitPos + 0045e ba 01 00 00 00 mov edx, 1 + 00463 48 8b 8d 68 02 00 00 mov rcx, QWORD PTR $T9[rbp] - 00455 e8 00 00 00 00 call ??_G_NATIVE_CODE_BLOCK@@QEAAPEAXI@Z - 0045a 48 89 85 98 02 - 00 00 mov QWORD PTR tv211[rbp], rax - 00461 eb 0b jmp SHORT $LN25@JitEmitPos + 0046a e8 00 00 00 00 call ??_G_NATIVE_CODE_BLOCK@@QEAAPEAXI@Z + 0046f 48 89 85 98 02 + 00 00 mov QWORD PTR tv214[rbp], rax + 00476 eb 0b jmp SHORT $LN25@JitEmitPos $LN24@JitEmitPos: - 00463 48 c7 85 98 02 + 00478 48 c7 85 98 02 00 00 00 00 00 - 00 mov QWORD PTR tv211[rbp], 0 + 00 mov QWORD PTR tv214[rbp], 0 $LN25@JitEmitPos: -; 396 : return NULL; +; 434 : return NULL; - 0046e 33 c0 xor eax, eax - 00470 eb 61 jmp SHORT $LN1@JitEmitPos + 00483 33 c0 xor eax, eax + 00485 eb 61 jmp SHORT $LN1@JitEmitPos $LN11@JitEmitPos: -; 397 : } -; 398 : } -; 399 : -; 400 : if (SaveFlags && !JitEmitPopfqInst(Block)) +; 435 : } +; 436 : } +; 437 : +; 438 : if (SaveFlags && !JitEmitPopfqInst(Block)) - 00472 83 bd d8 02 00 + 00487 83 bd d8 02 00 00 00 cmp DWORD PTR SaveFlags$[rbp], 0 - 00479 74 54 je SHORT $LN14@JitEmitPos - 0047b 48 8b 4d 68 mov rcx, QWORD PTR Block$[rbp] - 0047f e8 00 00 00 00 call ?JitEmitPopfqInst@@YAHPEAU_NATIVE_CODE_BLOCK@@@Z ; JitEmitPopfqInst - 00484 85 c0 test eax, eax - 00486 75 47 jne SHORT $LN14@JitEmitPos + 0048e 74 54 je SHORT $LN14@JitEmitPos + 00490 48 8b 4d 68 mov rcx, QWORD PTR Block$[rbp] + 00494 e8 00 00 00 00 call ?JitEmitPopfqInst@@YAHPEAU_NATIVE_CODE_BLOCK@@@Z ; JitEmitPopfqInst + 00499 85 c0 test eax, eax + 0049b 75 47 jne SHORT $LN14@JitEmitPos -; 401 : { -; 402 : NcDeleteBlock(Block); +; 439 : { +; 440 : NcDeleteBlock(Block); - 00488 48 8b 4d 68 mov rcx, QWORD PTR Block$[rbp] - 0048c e8 00 00 00 00 call ?NcDeleteBlock@@YAXPEAU_NATIVE_CODE_BLOCK@@@Z ; NcDeleteBlock + 0049d 48 8b 4d 68 mov rcx, QWORD PTR Block$[rbp] + 004a1 e8 00 00 00 00 call ?NcDeleteBlock@@YAXPEAU_NATIVE_CODE_BLOCK@@@Z ; NcDeleteBlock -; 403 : delete Block; +; 441 : delete Block; - 00491 48 8b 45 68 mov rax, QWORD PTR Block$[rbp] - 00495 48 89 85 88 02 + 004a6 48 8b 45 68 mov rax, QWORD PTR Block$[rbp] + 004aa 48 89 85 88 02 00 00 mov QWORD PTR $T10[rbp], rax - 0049c 48 83 bd 88 02 + 004b1 48 83 bd 88 02 00 00 00 cmp QWORD PTR $T10[rbp], 0 - 004a4 74 1a je SHORT $LN26@JitEmitPos - 004a6 ba 01 00 00 00 mov edx, 1 - 004ab 48 8b 8d 88 02 + 004b9 74 1a je SHORT $LN26@JitEmitPos + 004bb ba 01 00 00 00 mov edx, 1 + 004c0 48 8b 8d 88 02 00 00 mov rcx, QWORD PTR $T10[rbp] - 004b2 e8 00 00 00 00 call ??_G_NATIVE_CODE_BLOCK@@QEAAPEAXI@Z - 004b7 48 89 85 98 02 - 00 00 mov QWORD PTR tv221[rbp], rax - 004be eb 0b jmp SHORT $LN27@JitEmitPos + 004c7 e8 00 00 00 00 call ??_G_NATIVE_CODE_BLOCK@@QEAAPEAXI@Z + 004cc 48 89 85 98 02 + 00 00 mov QWORD PTR tv224[rbp], rax + 004d3 eb 0b jmp SHORT $LN27@JitEmitPos $LN26@JitEmitPos: - 004c0 48 c7 85 98 02 + 004d5 48 c7 85 98 02 00 00 00 00 00 - 00 mov QWORD PTR tv221[rbp], 0 + 00 mov QWORD PTR tv224[rbp], 0 $LN27@JitEmitPos: -; 404 : return NULL; +; 442 : return NULL; - 004cb 33 c0 xor eax, eax - 004cd eb 04 jmp SHORT $LN1@JitEmitPos + 004e0 33 c0 xor eax, eax + 004e2 eb 04 jmp SHORT $LN1@JitEmitPos $LN14@JitEmitPos: -; 405 : } -; 406 : -; 407 : return Block; +; 443 : } +; 444 : +; 445 : return Block; - 004cf 48 8b 45 68 mov rax, QWORD PTR Block$[rbp] + 004e4 48 8b 45 68 mov rax, QWORD PTR Block$[rbp] $LN1@JitEmitPos: -; 408 : } +; 446 : } - 004d3 48 8d a5 a8 02 + 004e8 48 8d a5 a8 02 00 00 lea rsp, QWORD PTR [rbp+680] - 004da 5f pop rdi - 004db 5d pop rbp - 004dc c3 ret 0 + 004ef 5f pop rdi + 004f0 5d pop rbp + 004f1 c3 ret 0 ?JitEmitPostRipBitwiseOp@@YAPEAU_NATIVE_CODE_BLOCK@@PEAU_NATIVE_CODE_LINK@@PEAU_JIT_BITWISE_DATA@@KHH@Z ENDP ; JitEmitPostRipBitwiseOp _TEXT ENDS ; COMDAT text$x @@ -2479,10 +2855,10 @@ $T7 = 552 $T8 = 584 $T9 = 616 $T10 = 648 -tv221 = 664 -tv211 = 664 -tv183 = 664 -tv157 = 664 +tv224 = 664 +tv214 = 664 +tv185 = 664 +tv158 = 664 tv128 = 664 tv86 = 664 Link$ = 704 @@ -2525,10 +2901,10 @@ $T7 = 552 $T8 = 584 $T9 = 616 $T10 = 648 -tv221 = 664 -tv211 = 664 -tv183 = 664 -tv157 = 664 +tv224 = 664 +tv214 = 664 +tv185 = 664 +tv158 = 664 tv128 = 664 tv86 = 664 Link$ = 704 @@ -2572,10 +2948,10 @@ $T7 = 552 $T8 = 584 $T9 = 616 $T10 = 648 -tv211 = 664 -tv201 = 664 -tv179 = 664 -tv157 = 664 +tv214 = 664 +tv204 = 664 +tv181 = 664 +tv158 = 664 tv128 = 664 tv86 = 664 Link$ = 704 @@ -2585,7 +2961,7 @@ SaveFlags$ = 728 Delta$ = 736 ?JitEmitPreRipBitwiseOp@@YAPEAU_NATIVE_CODE_BLOCK@@PEAU_NATIVE_CODE_LINK@@PEAU_JIT_BITWISE_DATA@@KHH@Z PROC ; JitEmitPreRipBitwiseOp, COMDAT -; 257 : { +; 295 : { $LN29: 00000 44 89 4c 24 20 mov DWORD PTR [rsp+32], r9d @@ -2607,7 +2983,7 @@ $LN29: 00 00 lea rcx, OFFSET FLAT:__DD050276_Jit@cpp 00040 e8 00 00 00 00 call __CheckForDebuggerJustMyCode -; 258 : ULONG FourByte = Link->RawDataSize / 4; +; 296 : ULONG FourByte = Link->RawDataSize / 4; 00045 33 d2 xor edx, edx 00047 48 8b 85 c0 02 @@ -2617,7 +2993,7 @@ $LN29: 00056 f7 f1 div ecx 00058 89 45 04 mov DWORD PTR FourByte$[rbp], eax -; 259 : ULONG TwoByte = (Link->RawDataSize - (FourByte * 4)) / 2; +; 297 : ULONG TwoByte = (Link->RawDataSize - (FourByte * 4)) / 2; 0005b 8b 45 04 mov eax, DWORD PTR FourByte$[rbp] 0005e c1 e0 02 shl eax, 2 @@ -2631,7 +3007,7 @@ $LN29: 00076 f7 f1 div ecx 00078 89 45 24 mov DWORD PTR TwoByte$[rbp], eax -; 260 : ULONG OneByte = (Link->RawDataSize - (FourByte * 4) - (TwoByte * 2)); +; 298 : ULONG OneByte = (Link->RawDataSize - (FourByte * 4) - (TwoByte * 2)); 0007b 8b 45 04 mov eax, DWORD PTR FourByte$[rbp] 0007e c1 e0 02 shl eax, 2 @@ -2645,8 +3021,8 @@ $LN29: 00094 2b c1 sub eax, ecx 00096 89 45 44 mov DWORD PTR OneByte$[rbp], eax -; 261 : -; 262 : PNATIVE_CODE_BLOCK Block = new NATIVE_CODE_BLOCK; +; 299 : +; 300 : PNATIVE_CODE_BLOCK Block = new NATIVE_CODE_BLOCK; 00099 b9 30 00 00 00 mov ecx, 48 ; 00000030H 0009e e8 00 00 00 00 call ??2@YAPEAX_K@Z ; operator new @@ -2674,19 +3050,19 @@ $LN17@JitEmitPre: 00 00 mov rax, QWORD PTR $T4[rbp] 000e9 48 89 45 68 mov QWORD PTR Block$[rbp], rax -; 263 : if (!Block) +; 301 : if (!Block) 000ed 48 83 7d 68 00 cmp QWORD PTR Block$[rbp], 0 000f2 75 07 jne SHORT $LN4@JitEmitPre -; 264 : return NULL; +; 302 : return NULL; 000f4 33 c0 xor eax, eax - 000f6 e9 52 03 00 00 jmp $LN1@JitEmitPre + 000f6 e9 67 03 00 00 jmp $LN1@JitEmitPre $LN4@JitEmitPre: -; 265 : -; 266 : if (SaveFlags && !JitEmitPushfqInst(Block)) +; 303 : +; 304 : if (SaveFlags && !JitEmitPushfqInst(Block)) 000fb 83 bd d8 02 00 00 00 cmp DWORD PTR SaveFlags$[rbp], 0 @@ -2696,13 +3072,13 @@ $LN4@JitEmitPre: 0010d 85 c0 test eax, eax 0010f 75 4a jne SHORT $LN5@JitEmitPre -; 267 : { -; 268 : NcDeleteBlock(Block); +; 305 : { +; 306 : NcDeleteBlock(Block); 00111 48 8b 4d 68 mov rcx, QWORD PTR Block$[rbp] 00115 e8 00 00 00 00 call ?NcDeleteBlock@@YAXPEAU_NATIVE_CODE_BLOCK@@@Z ; NcDeleteBlock -; 269 : delete Block; +; 307 : delete Block; 0011a 48 8b 45 68 mov rax, QWORD PTR Block$[rbp] 0011e 48 89 85 08 02 @@ -2723,30 +3099,30 @@ $LN18@JitEmitPre: 00 mov QWORD PTR tv128[rbp], 0 $LN19@JitEmitPre: -; 270 : return NULL; +; 308 : return NULL; 00154 33 c0 xor eax, eax - 00156 e9 f2 02 00 00 jmp $LN1@JitEmitPre + 00156 e9 07 03 00 00 jmp $LN1@JitEmitPre $LN5@JitEmitPre: -; 271 : } -; 272 : -; 273 : ULONG Count = FourByte; +; 309 : } +; 310 : +; 311 : ULONG Count = FourByte; 0015b 8b 45 04 mov eax, DWORD PTR FourByte$[rbp] 0015e 89 85 84 00 00 00 mov DWORD PTR Count$[rbp], eax $LN2@JitEmitPre: -; 274 : while (Count) +; 312 : while (Count) 00164 83 bd 84 00 00 00 00 cmp DWORD PTR Count$[rbp], 0 - 0016b 0f 84 f0 00 00 + 0016b 0f 84 f7 00 00 00 je $LN3@JitEmitPre -; 275 : { -; 276 : INT32 RipDelta = (((Count - 1) * DWORD_RIP_INST_LENGTH) + (TwoByte * WORD_RIP_INST_LENGTH) + (OneByte * BYTE_RIP_INST_LENGTH)); +; 313 : { +; 314 : INT32 RipDelta = (((Count - 1) * DWORD_RIP_INST_LENGTH) + (TwoByte * WORD_RIP_INST_LENGTH) + (OneByte * BYTE_RIP_INST_LENGTH)); 00171 8b 85 84 00 00 00 mov eax, DWORD PTR Count$[rbp] @@ -2759,13 +3135,13 @@ $LN2@JitEmitPre: 00188 89 85 a4 00 00 00 mov DWORD PTR RipDelta$1[rbp], eax -; 277 : if (SaveFlags) +; 315 : if (SaveFlags) 0018e 83 bd d8 02 00 00 00 cmp DWORD PTR SaveFlags$[rbp], 0 00195 74 0e je SHORT $LN6@JitEmitPre -; 278 : RipDelta += 1; +; 316 : RipDelta += 1; 00197 8b 85 a4 00 00 00 mov eax, DWORD PTR RipDelta$1[rbp] @@ -2774,7 +3150,7 @@ $LN2@JitEmitPre: 00 mov DWORD PTR RipDelta$1[rbp], eax $LN6@JitEmitPre: -; 279 : RipDelta += ((FourByte - Count) * 4); +; 317 : RipDelta += ((FourByte - Count) * 4); 001a5 8b 85 84 00 00 00 mov eax, DWORD PTR Count$[rbp] @@ -2787,7 +3163,7 @@ $LN6@JitEmitPre: 001bb 89 85 a4 00 00 00 mov DWORD PTR RipDelta$1[rbp], eax -; 280 : RipDelta += Delta; +; 318 : RipDelta += Delta; 001c1 8b 85 e0 02 00 00 mov eax, DWORD PTR Delta$[rbp] @@ -2798,7 +3174,7 @@ $LN6@JitEmitPre: 001d1 89 85 a4 00 00 00 mov DWORD PTR RipDelta$1[rbp], eax -; 281 : if (!JitEmitRipRelativeXorD(Block, RipDelta, JitData->Data[FourByte - Count])) +; 319 : if (!JitiEmitWrapperD(OpType, Block, RipDelta, JitData->Data[FourByte - Count])) 001d7 8b 85 84 00 00 00 mov eax, DWORD PTR Count$[rbp] @@ -2808,316 +3184,322 @@ $LN6@JitEmitPre: 001e4 8b c0 mov eax, eax 001e6 48 8b 8d c8 02 00 00 mov rcx, QWORD PTR JitData$[rbp] - 001ed 44 8b 04 81 mov r8d, DWORD PTR [rcx+rax*4] - 001f1 8b 95 a4 00 00 - 00 mov edx, DWORD PTR RipDelta$1[rbp] - 001f7 48 8b 4d 68 mov rcx, QWORD PTR Block$[rbp] - 001fb e8 00 00 00 00 call ?JitEmitRipRelativeXorD@@YAHPEAU_NATIVE_CODE_BLOCK@@HK@Z ; JitEmitRipRelativeXorD - 00200 85 c0 test eax, eax - 00202 75 4a jne SHORT $LN7@JitEmitPre - -; 282 : { -; 283 : NcDeleteBlock(Block); - - 00204 48 8b 4d 68 mov rcx, QWORD PTR Block$[rbp] - 00208 e8 00 00 00 00 call ?NcDeleteBlock@@YAXPEAU_NATIVE_CODE_BLOCK@@@Z ; NcDeleteBlock - -; 284 : delete Block; - - 0020d 48 8b 45 68 mov rax, QWORD PTR Block$[rbp] - 00211 48 89 85 28 02 + 001ed 44 8b 0c 81 mov r9d, DWORD PTR [rcx+rax*4] + 001f1 44 8b 85 a4 00 + 00 00 mov r8d, DWORD PTR RipDelta$1[rbp] + 001f8 48 8b 55 68 mov rdx, QWORD PTR Block$[rbp] + 001fc 8b 8d d0 02 00 + 00 mov ecx, DWORD PTR OpType$[rbp] + 00202 e8 00 00 00 00 call ?JitiEmitWrapperD@@YAHKPEAU_NATIVE_CODE_BLOCK@@HK@Z ; JitiEmitWrapperD + 00207 85 c0 test eax, eax + 00209 75 4a jne SHORT $LN7@JitEmitPre + +; 320 : { +; 321 : NcDeleteBlock(Block); + + 0020b 48 8b 4d 68 mov rcx, QWORD PTR Block$[rbp] + 0020f e8 00 00 00 00 call ?NcDeleteBlock@@YAXPEAU_NATIVE_CODE_BLOCK@@@Z ; NcDeleteBlock + +; 322 : delete Block; + + 00214 48 8b 45 68 mov rax, QWORD PTR Block$[rbp] + 00218 48 89 85 28 02 00 00 mov QWORD PTR $T7[rbp], rax - 00218 48 83 bd 28 02 + 0021f 48 83 bd 28 02 00 00 00 cmp QWORD PTR $T7[rbp], 0 - 00220 74 1a je SHORT $LN20@JitEmitPre - 00222 ba 01 00 00 00 mov edx, 1 - 00227 48 8b 8d 28 02 + 00227 74 1a je SHORT $LN20@JitEmitPre + 00229 ba 01 00 00 00 mov edx, 1 + 0022e 48 8b 8d 28 02 00 00 mov rcx, QWORD PTR $T7[rbp] - 0022e e8 00 00 00 00 call ??_G_NATIVE_CODE_BLOCK@@QEAAPEAXI@Z - 00233 48 89 85 98 02 - 00 00 mov QWORD PTR tv157[rbp], rax - 0023a eb 0b jmp SHORT $LN21@JitEmitPre + 00235 e8 00 00 00 00 call ??_G_NATIVE_CODE_BLOCK@@QEAAPEAXI@Z + 0023a 48 89 85 98 02 + 00 00 mov QWORD PTR tv158[rbp], rax + 00241 eb 0b jmp SHORT $LN21@JitEmitPre $LN20@JitEmitPre: - 0023c 48 c7 85 98 02 + 00243 48 c7 85 98 02 00 00 00 00 00 - 00 mov QWORD PTR tv157[rbp], 0 + 00 mov QWORD PTR tv158[rbp], 0 $LN21@JitEmitPre: -; 285 : return NULL; +; 323 : return NULL; - 00247 33 c0 xor eax, eax - 00249 e9 ff 01 00 00 jmp $LN1@JitEmitPre + 0024e 33 c0 xor eax, eax + 00250 e9 0d 02 00 00 jmp $LN1@JitEmitPre $LN7@JitEmitPre: -; 286 : } -; 287 : --Count; +; 324 : } +; 325 : --Count; - 0024e 8b 85 84 00 00 + 00255 8b 85 84 00 00 00 mov eax, DWORD PTR Count$[rbp] - 00254 ff c8 dec eax - 00256 89 85 84 00 00 + 0025b ff c8 dec eax + 0025d 89 85 84 00 00 00 mov DWORD PTR Count$[rbp], eax -; 288 : } +; 326 : } - 0025c e9 03 ff ff ff jmp $LN2@JitEmitPre + 00263 e9 fc fe ff ff jmp $LN2@JitEmitPre $LN3@JitEmitPre: -; 289 : -; 290 : if (TwoByte) +; 327 : +; 328 : if (TwoByte) - 00261 83 7d 24 00 cmp DWORD PTR TwoByte$[rbp], 0 - 00265 0f 84 ba 00 00 + 00268 83 7d 24 00 cmp DWORD PTR TwoByte$[rbp], 0 + 0026c 0f 84 c1 00 00 00 je $LN8@JitEmitPre -; 291 : { -; 292 : INT32 RipDelta = (OneByte * BYTE_RIP_INST_LENGTH); +; 329 : { +; 330 : INT32 RipDelta = (OneByte * BYTE_RIP_INST_LENGTH); - 0026b 6b 45 44 07 imul eax, DWORD PTR OneByte$[rbp], 7 - 0026f 89 85 c4 00 00 + 00272 6b 45 44 07 imul eax, DWORD PTR OneByte$[rbp], 7 + 00276 89 85 c4 00 00 00 mov DWORD PTR RipDelta$2[rbp], eax -; 293 : if (SaveFlags) +; 331 : if (SaveFlags) - 00275 83 bd d8 02 00 + 0027c 83 bd d8 02 00 00 00 cmp DWORD PTR SaveFlags$[rbp], 0 - 0027c 74 0e je SHORT $LN9@JitEmitPre + 00283 74 0e je SHORT $LN9@JitEmitPre -; 294 : RipDelta += 1; +; 332 : RipDelta += 1; - 0027e 8b 85 c4 00 00 + 00285 8b 85 c4 00 00 00 mov eax, DWORD PTR RipDelta$2[rbp] - 00284 ff c0 inc eax - 00286 89 85 c4 00 00 + 0028b ff c0 inc eax + 0028d 89 85 c4 00 00 00 mov DWORD PTR RipDelta$2[rbp], eax $LN9@JitEmitPre: -; 295 : RipDelta += (FourByte * 4); +; 333 : RipDelta += (FourByte * 4); - 0028c 8b 85 c4 00 00 + 00293 8b 85 c4 00 00 00 mov eax, DWORD PTR RipDelta$2[rbp] - 00292 8b 4d 04 mov ecx, DWORD PTR FourByte$[rbp] - 00295 8d 04 88 lea eax, DWORD PTR [rax+rcx*4] - 00298 89 85 c4 00 00 + 00299 8b 4d 04 mov ecx, DWORD PTR FourByte$[rbp] + 0029c 8d 04 88 lea eax, DWORD PTR [rax+rcx*4] + 0029f 89 85 c4 00 00 00 mov DWORD PTR RipDelta$2[rbp], eax -; 296 : RipDelta += Delta; +; 334 : RipDelta += Delta; - 0029e 8b 85 e0 02 00 + 002a5 8b 85 e0 02 00 00 mov eax, DWORD PTR Delta$[rbp] - 002a4 8b 8d c4 00 00 + 002ab 8b 8d c4 00 00 00 mov ecx, DWORD PTR RipDelta$2[rbp] - 002aa 03 c8 add ecx, eax - 002ac 8b c1 mov eax, ecx - 002ae 89 85 c4 00 00 + 002b1 03 c8 add ecx, eax + 002b3 8b c1 mov eax, ecx + 002b5 89 85 c4 00 00 00 mov DWORD PTR RipDelta$2[rbp], eax -; 297 : if (!JitEmitRipRelativeXorW(Block, RipDelta, JitData->Data[3])) +; 335 : if (!JitiEmitWrapperW(OpType, Block, RipDelta, JitData->Data[3])) - 002b4 b8 04 00 00 00 mov eax, 4 - 002b9 48 6b c0 03 imul rax, rax, 3 - 002bd 48 8b 8d c8 02 + 002bb b8 04 00 00 00 mov eax, 4 + 002c0 48 6b c0 03 imul rax, rax, 3 + 002c4 48 8b 8d c8 02 00 00 mov rcx, QWORD PTR JitData$[rbp] - 002c4 44 8b 04 01 mov r8d, DWORD PTR [rcx+rax] - 002c8 8b 95 c4 00 00 - 00 mov edx, DWORD PTR RipDelta$2[rbp] - 002ce 48 8b 4d 68 mov rcx, QWORD PTR Block$[rbp] - 002d2 e8 00 00 00 00 call ?JitEmitRipRelativeXorW@@YAHPEAU_NATIVE_CODE_BLOCK@@HK@Z ; JitEmitRipRelativeXorW - 002d7 85 c0 test eax, eax - 002d9 75 4a jne SHORT $LN8@JitEmitPre - -; 298 : { -; 299 : NcDeleteBlock(Block); - - 002db 48 8b 4d 68 mov rcx, QWORD PTR Block$[rbp] - 002df e8 00 00 00 00 call ?NcDeleteBlock@@YAXPEAU_NATIVE_CODE_BLOCK@@@Z ; NcDeleteBlock - -; 300 : delete Block; - - 002e4 48 8b 45 68 mov rax, QWORD PTR Block$[rbp] - 002e8 48 89 85 48 02 + 002cb 44 8b 0c 01 mov r9d, DWORD PTR [rcx+rax] + 002cf 44 8b 85 c4 00 + 00 00 mov r8d, DWORD PTR RipDelta$2[rbp] + 002d6 48 8b 55 68 mov rdx, QWORD PTR Block$[rbp] + 002da 8b 8d d0 02 00 + 00 mov ecx, DWORD PTR OpType$[rbp] + 002e0 e8 00 00 00 00 call ?JitiEmitWrapperW@@YAHKPEAU_NATIVE_CODE_BLOCK@@HK@Z ; JitiEmitWrapperW + 002e5 85 c0 test eax, eax + 002e7 75 4a jne SHORT $LN8@JitEmitPre + +; 336 : { +; 337 : NcDeleteBlock(Block); + + 002e9 48 8b 4d 68 mov rcx, QWORD PTR Block$[rbp] + 002ed e8 00 00 00 00 call ?NcDeleteBlock@@YAXPEAU_NATIVE_CODE_BLOCK@@@Z ; NcDeleteBlock + +; 338 : delete Block; + + 002f2 48 8b 45 68 mov rax, QWORD PTR Block$[rbp] + 002f6 48 89 85 48 02 00 00 mov QWORD PTR $T8[rbp], rax - 002ef 48 83 bd 48 02 + 002fd 48 83 bd 48 02 00 00 00 cmp QWORD PTR $T8[rbp], 0 - 002f7 74 1a je SHORT $LN22@JitEmitPre - 002f9 ba 01 00 00 00 mov edx, 1 - 002fe 48 8b 8d 48 02 + 00305 74 1a je SHORT $LN22@JitEmitPre + 00307 ba 01 00 00 00 mov edx, 1 + 0030c 48 8b 8d 48 02 00 00 mov rcx, QWORD PTR $T8[rbp] - 00305 e8 00 00 00 00 call ??_G_NATIVE_CODE_BLOCK@@QEAAPEAXI@Z - 0030a 48 89 85 98 02 - 00 00 mov QWORD PTR tv179[rbp], rax - 00311 eb 0b jmp SHORT $LN23@JitEmitPre + 00313 e8 00 00 00 00 call ??_G_NATIVE_CODE_BLOCK@@QEAAPEAXI@Z + 00318 48 89 85 98 02 + 00 00 mov QWORD PTR tv181[rbp], rax + 0031f eb 0b jmp SHORT $LN23@JitEmitPre $LN22@JitEmitPre: - 00313 48 c7 85 98 02 + 00321 48 c7 85 98 02 00 00 00 00 00 - 00 mov QWORD PTR tv179[rbp], 0 + 00 mov QWORD PTR tv181[rbp], 0 $LN23@JitEmitPre: -; 301 : return NULL; +; 339 : return NULL; - 0031e 33 c0 xor eax, eax - 00320 e9 28 01 00 00 jmp $LN1@JitEmitPre + 0032c 33 c0 xor eax, eax + 0032e e9 2f 01 00 00 jmp $LN1@JitEmitPre $LN8@JitEmitPre: -; 302 : } -; 303 : } -; 304 : -; 305 : if (OneByte) +; 340 : } +; 341 : } +; 342 : +; 343 : if (OneByte) - 00325 83 7d 44 00 cmp DWORD PTR OneByte$[rbp], 0 - 00329 0f 84 bd 00 00 + 00333 83 7d 44 00 cmp DWORD PTR OneByte$[rbp], 0 + 00337 0f 84 c4 00 00 00 je $LN11@JitEmitPre -; 306 : { -; 307 : INT32 RipDelta = 0; +; 344 : { +; 345 : INT32 RipDelta = 0; - 0032f c7 85 e4 00 00 + 0033d c7 85 e4 00 00 00 00 00 00 00 mov DWORD PTR RipDelta$3[rbp], 0 -; 308 : if (SaveFlags) +; 346 : if (SaveFlags) - 00339 83 bd d8 02 00 + 00347 83 bd d8 02 00 00 00 cmp DWORD PTR SaveFlags$[rbp], 0 - 00340 74 0e je SHORT $LN12@JitEmitPre + 0034e 74 0e je SHORT $LN12@JitEmitPre -; 309 : RipDelta += 1; +; 347 : RipDelta += 1; - 00342 8b 85 e4 00 00 + 00350 8b 85 e4 00 00 00 mov eax, DWORD PTR RipDelta$3[rbp] - 00348 ff c0 inc eax - 0034a 89 85 e4 00 00 + 00356 ff c0 inc eax + 00358 89 85 e4 00 00 00 mov DWORD PTR RipDelta$3[rbp], eax $LN12@JitEmitPre: -; 310 : RipDelta += (FourByte * 4) + (TwoByte * 2); +; 348 : RipDelta += (FourByte * 4) + (TwoByte * 2); - 00350 8b 85 e4 00 00 + 0035e 8b 85 e4 00 00 00 mov eax, DWORD PTR RipDelta$3[rbp] - 00356 8b 4d 04 mov ecx, DWORD PTR FourByte$[rbp] - 00359 8d 04 88 lea eax, DWORD PTR [rax+rcx*4] - 0035c 8b 4d 24 mov ecx, DWORD PTR TwoByte$[rbp] - 0035f 8d 04 48 lea eax, DWORD PTR [rax+rcx*2] - 00362 89 85 e4 00 00 + 00364 8b 4d 04 mov ecx, DWORD PTR FourByte$[rbp] + 00367 8d 04 88 lea eax, DWORD PTR [rax+rcx*4] + 0036a 8b 4d 24 mov ecx, DWORD PTR TwoByte$[rbp] + 0036d 8d 04 48 lea eax, DWORD PTR [rax+rcx*2] + 00370 89 85 e4 00 00 00 mov DWORD PTR RipDelta$3[rbp], eax -; 311 : RipDelta += Delta; +; 349 : RipDelta += Delta; - 00368 8b 85 e0 02 00 + 00376 8b 85 e0 02 00 00 mov eax, DWORD PTR Delta$[rbp] - 0036e 8b 8d e4 00 00 + 0037c 8b 8d e4 00 00 00 mov ecx, DWORD PTR RipDelta$3[rbp] - 00374 03 c8 add ecx, eax - 00376 8b c1 mov eax, ecx - 00378 89 85 e4 00 00 + 00382 03 c8 add ecx, eax + 00384 8b c1 mov eax, ecx + 00386 89 85 e4 00 00 00 mov DWORD PTR RipDelta$3[rbp], eax -; 312 : if (!JitEmitRipRelativeXorB(Block, RipDelta, JitData->Data[4])) +; 350 : if (!JitiEmitWrapperB(OpType, Block, RipDelta, JitData->Data[4])) - 0037e b8 04 00 00 00 mov eax, 4 - 00383 48 6b c0 04 imul rax, rax, 4 - 00387 48 8b 8d c8 02 + 0038c b8 04 00 00 00 mov eax, 4 + 00391 48 6b c0 04 imul rax, rax, 4 + 00395 48 8b 8d c8 02 00 00 mov rcx, QWORD PTR JitData$[rbp] - 0038e 44 8b 04 01 mov r8d, DWORD PTR [rcx+rax] - 00392 8b 95 e4 00 00 - 00 mov edx, DWORD PTR RipDelta$3[rbp] - 00398 48 8b 4d 68 mov rcx, QWORD PTR Block$[rbp] - 0039c e8 00 00 00 00 call ?JitEmitRipRelativeXorB@@YAHPEAU_NATIVE_CODE_BLOCK@@HK@Z ; JitEmitRipRelativeXorB - 003a1 85 c0 test eax, eax - 003a3 75 47 jne SHORT $LN11@JitEmitPre - -; 313 : { -; 314 : NcDeleteBlock(Block); - - 003a5 48 8b 4d 68 mov rcx, QWORD PTR Block$[rbp] - 003a9 e8 00 00 00 00 call ?NcDeleteBlock@@YAXPEAU_NATIVE_CODE_BLOCK@@@Z ; NcDeleteBlock - -; 315 : delete Block; - - 003ae 48 8b 45 68 mov rax, QWORD PTR Block$[rbp] - 003b2 48 89 85 68 02 + 0039c 44 8b 0c 01 mov r9d, DWORD PTR [rcx+rax] + 003a0 44 8b 85 e4 00 + 00 00 mov r8d, DWORD PTR RipDelta$3[rbp] + 003a7 48 8b 55 68 mov rdx, QWORD PTR Block$[rbp] + 003ab 8b 8d d0 02 00 + 00 mov ecx, DWORD PTR OpType$[rbp] + 003b1 e8 00 00 00 00 call ?JitiEmitWrapperB@@YAHKPEAU_NATIVE_CODE_BLOCK@@HK@Z ; JitiEmitWrapperB + 003b6 85 c0 test eax, eax + 003b8 75 47 jne SHORT $LN11@JitEmitPre + +; 351 : { +; 352 : NcDeleteBlock(Block); + + 003ba 48 8b 4d 68 mov rcx, QWORD PTR Block$[rbp] + 003be e8 00 00 00 00 call ?NcDeleteBlock@@YAXPEAU_NATIVE_CODE_BLOCK@@@Z ; NcDeleteBlock + +; 353 : delete Block; + + 003c3 48 8b 45 68 mov rax, QWORD PTR Block$[rbp] + 003c7 48 89 85 68 02 00 00 mov QWORD PTR $T9[rbp], rax - 003b9 48 83 bd 68 02 + 003ce 48 83 bd 68 02 00 00 00 cmp QWORD PTR $T9[rbp], 0 - 003c1 74 1a je SHORT $LN24@JitEmitPre - 003c3 ba 01 00 00 00 mov edx, 1 - 003c8 48 8b 8d 68 02 + 003d6 74 1a je SHORT $LN24@JitEmitPre + 003d8 ba 01 00 00 00 mov edx, 1 + 003dd 48 8b 8d 68 02 00 00 mov rcx, QWORD PTR $T9[rbp] - 003cf e8 00 00 00 00 call ??_G_NATIVE_CODE_BLOCK@@QEAAPEAXI@Z - 003d4 48 89 85 98 02 - 00 00 mov QWORD PTR tv201[rbp], rax - 003db eb 0b jmp SHORT $LN25@JitEmitPre + 003e4 e8 00 00 00 00 call ??_G_NATIVE_CODE_BLOCK@@QEAAPEAXI@Z + 003e9 48 89 85 98 02 + 00 00 mov QWORD PTR tv204[rbp], rax + 003f0 eb 0b jmp SHORT $LN25@JitEmitPre $LN24@JitEmitPre: - 003dd 48 c7 85 98 02 + 003f2 48 c7 85 98 02 00 00 00 00 00 - 00 mov QWORD PTR tv201[rbp], 0 + 00 mov QWORD PTR tv204[rbp], 0 $LN25@JitEmitPre: -; 316 : return NULL; +; 354 : return NULL; - 003e8 33 c0 xor eax, eax - 003ea eb 61 jmp SHORT $LN1@JitEmitPre + 003fd 33 c0 xor eax, eax + 003ff eb 61 jmp SHORT $LN1@JitEmitPre $LN11@JitEmitPre: -; 317 : } -; 318 : } -; 319 : -; 320 : if (SaveFlags && !JitEmitPopfqInst(Block)) +; 355 : } +; 356 : } +; 357 : +; 358 : if (SaveFlags && !JitEmitPopfqInst(Block)) - 003ec 83 bd d8 02 00 + 00401 83 bd d8 02 00 00 00 cmp DWORD PTR SaveFlags$[rbp], 0 - 003f3 74 54 je SHORT $LN14@JitEmitPre - 003f5 48 8b 4d 68 mov rcx, QWORD PTR Block$[rbp] - 003f9 e8 00 00 00 00 call ?JitEmitPopfqInst@@YAHPEAU_NATIVE_CODE_BLOCK@@@Z ; JitEmitPopfqInst - 003fe 85 c0 test eax, eax - 00400 75 47 jne SHORT $LN14@JitEmitPre + 00408 74 54 je SHORT $LN14@JitEmitPre + 0040a 48 8b 4d 68 mov rcx, QWORD PTR Block$[rbp] + 0040e e8 00 00 00 00 call ?JitEmitPopfqInst@@YAHPEAU_NATIVE_CODE_BLOCK@@@Z ; JitEmitPopfqInst + 00413 85 c0 test eax, eax + 00415 75 47 jne SHORT $LN14@JitEmitPre -; 321 : { -; 322 : NcDeleteBlock(Block); +; 359 : { +; 360 : NcDeleteBlock(Block); - 00402 48 8b 4d 68 mov rcx, QWORD PTR Block$[rbp] - 00406 e8 00 00 00 00 call ?NcDeleteBlock@@YAXPEAU_NATIVE_CODE_BLOCK@@@Z ; NcDeleteBlock + 00417 48 8b 4d 68 mov rcx, QWORD PTR Block$[rbp] + 0041b e8 00 00 00 00 call ?NcDeleteBlock@@YAXPEAU_NATIVE_CODE_BLOCK@@@Z ; NcDeleteBlock -; 323 : delete Block; +; 361 : delete Block; - 0040b 48 8b 45 68 mov rax, QWORD PTR Block$[rbp] - 0040f 48 89 85 88 02 + 00420 48 8b 45 68 mov rax, QWORD PTR Block$[rbp] + 00424 48 89 85 88 02 00 00 mov QWORD PTR $T10[rbp], rax - 00416 48 83 bd 88 02 + 0042b 48 83 bd 88 02 00 00 00 cmp QWORD PTR $T10[rbp], 0 - 0041e 74 1a je SHORT $LN26@JitEmitPre - 00420 ba 01 00 00 00 mov edx, 1 - 00425 48 8b 8d 88 02 + 00433 74 1a je SHORT $LN26@JitEmitPre + 00435 ba 01 00 00 00 mov edx, 1 + 0043a 48 8b 8d 88 02 00 00 mov rcx, QWORD PTR $T10[rbp] - 0042c e8 00 00 00 00 call ??_G_NATIVE_CODE_BLOCK@@QEAAPEAXI@Z - 00431 48 89 85 98 02 - 00 00 mov QWORD PTR tv211[rbp], rax - 00438 eb 0b jmp SHORT $LN27@JitEmitPre + 00441 e8 00 00 00 00 call ??_G_NATIVE_CODE_BLOCK@@QEAAPEAXI@Z + 00446 48 89 85 98 02 + 00 00 mov QWORD PTR tv214[rbp], rax + 0044d eb 0b jmp SHORT $LN27@JitEmitPre $LN26@JitEmitPre: - 0043a 48 c7 85 98 02 + 0044f 48 c7 85 98 02 00 00 00 00 00 - 00 mov QWORD PTR tv211[rbp], 0 + 00 mov QWORD PTR tv214[rbp], 0 $LN27@JitEmitPre: -; 324 : return NULL; +; 362 : return NULL; - 00445 33 c0 xor eax, eax - 00447 eb 04 jmp SHORT $LN1@JitEmitPre + 0045a 33 c0 xor eax, eax + 0045c eb 04 jmp SHORT $LN1@JitEmitPre $LN14@JitEmitPre: -; 325 : } -; 326 : -; 327 : return Block; +; 363 : } +; 364 : +; 365 : return Block; - 00449 48 8b 45 68 mov rax, QWORD PTR Block$[rbp] + 0045e 48 8b 45 68 mov rax, QWORD PTR Block$[rbp] $LN1@JitEmitPre: -; 328 : } +; 366 : } - 0044d 48 8d a5 a8 02 + 00462 48 8d a5 a8 02 00 00 lea rsp, QWORD PTR [rbp+680] - 00454 5f pop rdi - 00455 5d pop rbp - 00456 c3 ret 0 + 00469 5f pop rdi + 0046a 5d pop rbp + 0046b c3 ret 0 ?JitEmitPreRipBitwiseOp@@YAPEAU_NATIVE_CODE_BLOCK@@PEAU_NATIVE_CODE_LINK@@PEAU_JIT_BITWISE_DATA@@KHH@Z ENDP ; JitEmitPreRipBitwiseOp _TEXT ENDS ; COMDAT text$x @@ -3137,10 +3519,10 @@ $T7 = 552 $T8 = 584 $T9 = 616 $T10 = 648 -tv211 = 664 -tv201 = 664 -tv179 = 664 -tv157 = 664 +tv214 = 664 +tv204 = 664 +tv181 = 664 +tv158 = 664 tv128 = 664 tv86 = 664 Link$ = 704 @@ -3183,10 +3565,10 @@ $T7 = 552 $T8 = 584 $T9 = 616 $T10 = 648 -tv211 = 664 -tv201 = 664 -tv179 = 664 -tv157 = 664 +tv214 = 664 +tv204 = 664 +tv181 = 664 +tv158 = 664 tv128 = 664 tv86 = 664 Link$ = 704 @@ -3244,7 +3626,7 @@ Link$ = 1008 Delta$ = 1016 ?JitEmitPostRipMov@@YAPEAU_NATIVE_CODE_BLOCK@@PEAU_NATIVE_CODE_LINK@@H@Z PROC ; JitEmitPostRipMov, COMDAT -; 191 : { +; 201 : { $LN25: 00000 89 54 24 10 mov DWORD PTR [rsp+16], edx @@ -3269,7 +3651,7 @@ $LN25: 00 00 lea rcx, OFFSET FLAT:__DD050276_Jit@cpp 00046 e8 00 00 00 00 call __CheckForDebuggerJustMyCode -; 192 : ULONG FourByte = Link->RawDataSize / 4; +; 202 : ULONG FourByte = Link->RawDataSize / 4; 0004b 33 d2 xor edx, edx 0004d 48 8b 85 f0 03 @@ -3279,7 +3661,7 @@ $LN25: 0005c f7 f1 div ecx 0005e 89 45 04 mov DWORD PTR FourByte$[rbp], eax -; 193 : ULONG TwoByte = (Link->RawDataSize - (FourByte * 4)) / 2; +; 203 : ULONG TwoByte = (Link->RawDataSize - (FourByte * 4)) / 2; 00061 8b 45 04 mov eax, DWORD PTR FourByte$[rbp] 00064 c1 e0 02 shl eax, 2 @@ -3293,7 +3675,7 @@ $LN25: 0007c f7 f1 div ecx 0007e 89 45 24 mov DWORD PTR TwoByte$[rbp], eax -; 194 : ULONG OneByte = (Link->RawDataSize - (FourByte * 4) - (TwoByte * 2)); +; 204 : ULONG OneByte = (Link->RawDataSize - (FourByte * 4) - (TwoByte * 2)); 00081 8b 45 04 mov eax, DWORD PTR FourByte$[rbp] 00084 c1 e0 02 shl eax, 2 @@ -3307,8 +3689,8 @@ $LN25: 0009a 2b c1 sub eax, ecx 0009c 89 45 44 mov DWORD PTR OneByte$[rbp], eax -; 195 : -; 196 : PNATIVE_CODE_BLOCK Block = new NATIVE_CODE_BLOCK; +; 205 : +; 206 : PNATIVE_CODE_BLOCK Block = new NATIVE_CODE_BLOCK; 0009f b9 30 00 00 00 mov ecx, 48 ; 00000030H 000a4 e8 00 00 00 00 call ??2@YAPEAX_K@Z ; operator new @@ -3336,8 +3718,8 @@ $LN12@JitEmitPos: 00 00 mov rax, QWORD PTR $T7[rbp] 000ef 48 89 45 68 mov QWORD PTR Block$[rbp], rax -; 197 : -; 198 : Block->Start = Block->End = new NATIVE_CODE_LINK; +; 207 : +; 208 : Block->Start = Block->End = new NATIVE_CODE_LINK; 000f3 b9 f0 00 00 00 mov ecx, 240 ; 000000f0H 000f8 e8 00 00 00 00 call ??2@YAPEAX_K@Z ; operator new @@ -3370,27 +3752,27 @@ $LN14@JitEmitPos: 00 00 mov rcx, QWORD PTR $T9[rbp] 00156 48 89 08 mov QWORD PTR [rax], rcx -; 199 : ULONG ZeroValue = 0; +; 209 : ULONG ZeroValue = 0; 00159 c7 85 84 00 00 00 00 00 00 00 mov DWORD PTR ZeroValue$[rbp], 0 -; 200 : ULONG Count = FourByte; +; 210 : ULONG Count = FourByte; 00163 8b 45 04 mov eax, DWORD PTR FourByte$[rbp] 00166 89 85 a4 00 00 00 mov DWORD PTR Count$[rbp], eax $LN2@JitEmitPos: -; 201 : while (Count) +; 211 : while (Count) 0016c 83 bd a4 00 00 00 00 cmp DWORD PTR Count$[rbp], 0 00173 0f 84 e0 00 00 00 je $LN3@JitEmitPos -; 202 : { -; 203 : INT32 RipDelta = Link->RawDataSize - ((FourByte - Count) * 4); +; 212 : { +; 213 : INT32 RipDelta = Link->RawDataSize - ((FourByte - Count) * 4); 00179 8b 85 a4 00 00 00 mov eax, DWORD PTR Count$[rbp] @@ -3406,7 +3788,7 @@ $LN2@JitEmitPos: 00197 89 85 c4 00 00 00 mov DWORD PTR RipDelta$4[rbp], eax -; 204 : RipDelta += (FourByte - (Count - 1)) * DWORD_MOV_INST_LENGTH; +; 214 : RipDelta += (FourByte - (Count - 1)) * DWORD_MOV_INST_LENGTH; 0019d 8b 85 a4 00 00 00 mov eax, DWORD PTR Count$[rbp] @@ -3422,14 +3804,14 @@ $LN2@JitEmitPos: 001b9 89 85 c4 00 00 00 mov DWORD PTR RipDelta$4[rbp], eax -; 205 : RipDelta *= (-1); +; 215 : RipDelta *= (-1); 001bf 6b 85 c4 00 00 00 ff imul eax, DWORD PTR RipDelta$4[rbp], -1 001c6 89 85 c4 00 00 00 mov DWORD PTR RipDelta$4[rbp], eax -; 206 : RipDelta += Delta; +; 216 : RipDelta += Delta; 001cc 8b 85 f8 03 00 00 mov eax, DWORD PTR Delta$[rbp] @@ -3440,7 +3822,7 @@ $LN2@JitEmitPos: 001dc 89 85 c4 00 00 00 mov DWORD PTR RipDelta$4[rbp], eax -; 207 : if (!JitEmitRipRelativeMovD(Block, RipDelta, (PUCHAR)&ZeroValue)) +; 217 : if (!JitEmitRipRelativeMovD(Block, RipDelta, (PUCHAR)&ZeroValue)) 001e2 4c 8d 85 84 00 00 00 lea r8, QWORD PTR ZeroValue$[rbp] @@ -3451,13 +3833,13 @@ $LN2@JitEmitPos: 001f8 85 c0 test eax, eax 001fa 75 4a jne SHORT $LN4@JitEmitPos -; 208 : { -; 209 : NcDeleteBlock(Block); +; 218 : { +; 219 : NcDeleteBlock(Block); 001fc 48 8b 4d 68 mov rcx, QWORD PTR Block$[rbp] 00200 e8 00 00 00 00 call ?NcDeleteBlock@@YAXPEAU_NATIVE_CODE_BLOCK@@@Z ; NcDeleteBlock -; 210 : delete Block; +; 220 : delete Block; 00205 48 8b 45 68 mov rax, QWORD PTR Block$[rbp] 00209 48 89 85 48 03 @@ -3478,14 +3860,14 @@ $LN15@JitEmitPos: 00 mov QWORD PTR tv152[rbp], 0 $LN16@JitEmitPos: -; 211 : return NULL; +; 221 : return NULL; 0023f 33 c0 xor eax, eax 00241 e9 3b 02 00 00 jmp $LN1@JitEmitPos $LN4@JitEmitPos: -; 212 : } -; 213 : --Count; +; 222 : } +; 223 : --Count; 00246 8b 85 a4 00 00 00 mov eax, DWORD PTR Count$[rbp] @@ -3493,20 +3875,20 @@ $LN4@JitEmitPos: 0024e 89 85 a4 00 00 00 mov DWORD PTR Count$[rbp], eax -; 214 : } +; 224 : } 00254 e9 13 ff ff ff jmp $LN2@JitEmitPos $LN3@JitEmitPos: -; 215 : -; 216 : if (TwoByte) +; 225 : +; 226 : if (TwoByte) 00259 83 7d 24 00 cmp DWORD PTR TwoByte$[rbp], 0 0025d 0f 84 c4 00 00 00 je $LN5@JitEmitPos -; 217 : { -; 218 : INT32 RipDelta = Link->RawDataSize - (FourByte * 4); +; 227 : { +; 228 : INT32 RipDelta = Link->RawDataSize - (FourByte * 4); 00263 8b 45 04 mov eax, DWORD PTR FourByte$[rbp] 00266 c1 e0 02 shl eax, 2 @@ -3518,7 +3900,7 @@ $LN3@JitEmitPos: 00277 89 85 e4 00 00 00 mov DWORD PTR RipDelta$5[rbp], eax -; 219 : RipDelta += (FourByte * DWORD_MOV_INST_LENGTH); +; 229 : RipDelta += (FourByte * DWORD_MOV_INST_LENGTH); 0027d 6b 45 04 0a imul eax, DWORD PTR FourByte$[rbp], 10 00281 8b 8d e4 00 00 @@ -3528,7 +3910,7 @@ $LN3@JitEmitPos: 0028b 89 85 e4 00 00 00 mov DWORD PTR RipDelta$5[rbp], eax -; 220 : RipDelta += WORD_MOV_INST_LENGTH; +; 230 : RipDelta += WORD_MOV_INST_LENGTH; 00291 8b 85 e4 00 00 00 mov eax, DWORD PTR RipDelta$5[rbp] @@ -3536,14 +3918,14 @@ $LN3@JitEmitPos: 0029a 89 85 e4 00 00 00 mov DWORD PTR RipDelta$5[rbp], eax -; 221 : RipDelta *= (-1); +; 231 : RipDelta *= (-1); 002a0 6b 85 e4 00 00 00 ff imul eax, DWORD PTR RipDelta$5[rbp], -1 002a7 89 85 e4 00 00 00 mov DWORD PTR RipDelta$5[rbp], eax -; 222 : RipDelta += Delta; +; 232 : RipDelta += Delta; 002ad 8b 85 f8 03 00 00 mov eax, DWORD PTR Delta$[rbp] @@ -3554,7 +3936,7 @@ $LN3@JitEmitPos: 002bd 89 85 e4 00 00 00 mov DWORD PTR RipDelta$5[rbp], eax -; 223 : if (!JitEmitRipRelativeMovW(Block, RipDelta, (PUCHAR)&ZeroValue)) +; 233 : if (!JitEmitRipRelativeMovW(Block, RipDelta, (PUCHAR)&ZeroValue)) 002c3 4c 8d 85 84 00 00 00 lea r8, QWORD PTR ZeroValue$[rbp] @@ -3565,13 +3947,13 @@ $LN3@JitEmitPos: 002d9 85 c0 test eax, eax 002db 75 4a jne SHORT $LN5@JitEmitPos -; 224 : { -; 225 : NcDeleteBlock(Block); +; 234 : { +; 235 : NcDeleteBlock(Block); 002dd 48 8b 4d 68 mov rcx, QWORD PTR Block$[rbp] 002e1 e8 00 00 00 00 call ?NcDeleteBlock@@YAXPEAU_NATIVE_CODE_BLOCK@@@Z ; NcDeleteBlock -; 226 : delete Block; +; 236 : delete Block; 002e6 48 8b 45 68 mov rax, QWORD PTR Block$[rbp] 002ea 48 89 85 68 03 @@ -3592,23 +3974,23 @@ $LN17@JitEmitPos: 00 mov QWORD PTR tv173[rbp], 0 $LN18@JitEmitPos: -; 227 : return NULL; +; 237 : return NULL; 00320 33 c0 xor eax, eax 00322 e9 5a 01 00 00 jmp $LN1@JitEmitPos $LN5@JitEmitPos: -; 228 : } -; 229 : } -; 230 : -; 231 : if (OneByte) +; 238 : } +; 239 : } +; 240 : +; 241 : if (OneByte) 00327 83 7d 44 00 cmp DWORD PTR OneByte$[rbp], 0 0032b 0f 84 d7 00 00 00 je $LN7@JitEmitPos -; 232 : { -; 233 : INT32 RipDelta = Link->RawDataSize - (FourByte * 4) - (TwoByte * 2); +; 242 : { +; 243 : INT32 RipDelta = Link->RawDataSize - (FourByte * 4) - (TwoByte * 2); 00331 8b 45 04 mov eax, DWORD PTR FourByte$[rbp] 00334 c1 e0 02 shl eax, 2 @@ -3623,7 +4005,7 @@ $LN5@JitEmitPos: 0034c 89 85 04 01 00 00 mov DWORD PTR RipDelta$6[rbp], eax -; 234 : RipDelta += (FourByte * DWORD_MOV_INST_LENGTH); +; 244 : RipDelta += (FourByte * DWORD_MOV_INST_LENGTH); 00352 6b 45 04 0a imul eax, DWORD PTR FourByte$[rbp], 10 00356 8b 8d 04 01 00 @@ -3633,7 +4015,7 @@ $LN5@JitEmitPos: 00360 89 85 04 01 00 00 mov DWORD PTR RipDelta$6[rbp], eax -; 235 : RipDelta += WORD_MOV_INST_LENGTH; +; 245 : RipDelta += WORD_MOV_INST_LENGTH; 00366 8b 85 04 01 00 00 mov eax, DWORD PTR RipDelta$6[rbp] @@ -3641,7 +4023,7 @@ $LN5@JitEmitPos: 0036f 89 85 04 01 00 00 mov DWORD PTR RipDelta$6[rbp], eax -; 236 : RipDelta += BYTE_MOV_INST_LENGTH; +; 246 : RipDelta += BYTE_MOV_INST_LENGTH; 00375 8b 85 04 01 00 00 mov eax, DWORD PTR RipDelta$6[rbp] @@ -3649,14 +4031,14 @@ $LN5@JitEmitPos: 0037e 89 85 04 01 00 00 mov DWORD PTR RipDelta$6[rbp], eax -; 237 : RipDelta *= (-1); +; 247 : RipDelta *= (-1); 00384 6b 85 04 01 00 00 ff imul eax, DWORD PTR RipDelta$6[rbp], -1 0038b 89 85 04 01 00 00 mov DWORD PTR RipDelta$6[rbp], eax -; 238 : RipDelta += Delta; +; 248 : RipDelta += Delta; 00391 8b 85 f8 03 00 00 mov eax, DWORD PTR Delta$[rbp] @@ -3667,7 +4049,7 @@ $LN5@JitEmitPos: 003a1 89 85 04 01 00 00 mov DWORD PTR RipDelta$6[rbp], eax -; 239 : if (!JitEmitRipRelativeMovB(Block, RipDelta, (PUCHAR)&ZeroValue)) +; 249 : if (!JitEmitRipRelativeMovB(Block, RipDelta, (PUCHAR)&ZeroValue)) 003a7 4c 8d 85 84 00 00 00 lea r8, QWORD PTR ZeroValue$[rbp] @@ -3678,13 +4060,13 @@ $LN5@JitEmitPos: 003bd 85 c0 test eax, eax 003bf 75 47 jne SHORT $LN7@JitEmitPos -; 240 : { -; 241 : NcDeleteBlock(Block); +; 250 : { +; 251 : NcDeleteBlock(Block); 003c1 48 8b 4d 68 mov rcx, QWORD PTR Block$[rbp] 003c5 e8 00 00 00 00 call ?NcDeleteBlock@@YAXPEAU_NATIVE_CODE_BLOCK@@@Z ; NcDeleteBlock -; 242 : delete Block; +; 252 : delete Block; 003ca 48 8b 45 68 mov rax, QWORD PTR Block$[rbp] 003ce 48 89 85 88 03 @@ -3705,23 +4087,23 @@ $LN19@JitEmitPos: 00 mov QWORD PTR tv196[rbp], 0 $LN20@JitEmitPos: -; 243 : return NULL; +; 253 : return NULL; 00404 33 c0 xor eax, eax 00406 eb 79 jmp SHORT $LN1@JitEmitPos $LN7@JitEmitPos: -; 244 : } -; 245 : } -; 246 : -; 247 : PNATIVE_CODE_LINK StartLink = Block->Start; +; 254 : } +; 255 : } +; 256 : +; 257 : PNATIVE_CODE_LINK StartLink = Block->Start; 00408 48 8b 45 68 mov rax, QWORD PTR Block$[rbp] 0040c 48 8b 00 mov rax, QWORD PTR [rax] 0040f 48 89 85 28 01 00 00 mov QWORD PTR StartLink$[rbp], rax -; 248 : Block->Start = Block->Start->Next; +; 258 : Block->Start = Block->Start->Next; 00416 48 8b 45 68 mov rax, QWORD PTR Block$[rbp] 0041a 48 8b 00 mov rax, QWORD PTR [rax] @@ -3729,13 +4111,13 @@ $LN7@JitEmitPos: 00421 48 8b 00 mov rax, QWORD PTR [rax] 00424 48 89 01 mov QWORD PTR [rcx], rax -; 249 : if (Block->Start) +; 259 : if (Block->Start) 00427 48 8b 45 68 mov rax, QWORD PTR Block$[rbp] 0042b 48 83 38 00 cmp QWORD PTR [rax], 0 0042f 74 0f je SHORT $LN9@JitEmitPos -; 250 : Block->Start->Prev = NULL; +; 260 : Block->Start->Prev = NULL; 00431 48 8b 45 68 mov rax, QWORD PTR Block$[rbp] 00435 48 8b 00 mov rax, QWORD PTR [rax] @@ -3743,7 +4125,7 @@ $LN7@JitEmitPos: 00 00 00 mov QWORD PTR [rax+8], 0 $LN9@JitEmitPos: -; 251 : delete StartLink; +; 261 : delete StartLink; 00440 48 8b 85 28 01 00 00 mov rax, QWORD PTR StartLink$[rbp] @@ -3765,13 +4147,13 @@ $LN21@JitEmitPos: 00 mov QWORD PTR tv209[rbp], 0 $LN22@JitEmitPos: -; 252 : -; 253 : return Block; +; 262 : +; 263 : return Block; 0047d 48 8b 45 68 mov rax, QWORD PTR Block$[rbp] $LN1@JitEmitPos: -; 254 : } +; 264 : } 00481 48 8b f8 mov rdi, rax 00484 48 8d 4d e0 lea rcx, QWORD PTR [rbp-32] @@ -4008,7 +4390,7 @@ Link$ = 992 Delta$ = 1000 ?JitEmitPreRipMov@@YAPEAU_NATIVE_CODE_BLOCK@@PEAU_NATIVE_CODE_LINK@@H@Z PROC ; JitEmitPreRipMov, COMDAT -; 124 : { +; 134 : { $LN25: 00000 89 54 24 10 mov DWORD PTR [rsp+16], edx @@ -4028,7 +4410,7 @@ $LN25: 00 00 lea rcx, OFFSET FLAT:__DD050276_Jit@cpp 00035 e8 00 00 00 00 call __CheckForDebuggerJustMyCode -; 125 : ULONG FourByte = Link->RawDataSize / 4; +; 135 : ULONG FourByte = Link->RawDataSize / 4; 0003a 33 d2 xor edx, edx 0003c 48 8b 85 e0 03 @@ -4038,7 +4420,7 @@ $LN25: 0004b f7 f1 div ecx 0004d 89 45 04 mov DWORD PTR FourByte$[rbp], eax -; 126 : ULONG TwoByte = (Link->RawDataSize - (FourByte * 4)) / 2; +; 136 : ULONG TwoByte = (Link->RawDataSize - (FourByte * 4)) / 2; 00050 8b 45 04 mov eax, DWORD PTR FourByte$[rbp] 00053 c1 e0 02 shl eax, 2 @@ -4052,7 +4434,7 @@ $LN25: 0006b f7 f1 div ecx 0006d 89 45 24 mov DWORD PTR TwoByte$[rbp], eax -; 127 : ULONG OneByte = (Link->RawDataSize - (FourByte * 4) - (TwoByte * 2)); +; 137 : ULONG OneByte = (Link->RawDataSize - (FourByte * 4) - (TwoByte * 2)); 00070 8b 45 04 mov eax, DWORD PTR FourByte$[rbp] 00073 c1 e0 02 shl eax, 2 @@ -4066,8 +4448,8 @@ $LN25: 00089 2b c1 sub eax, ecx 0008b 89 45 44 mov DWORD PTR OneByte$[rbp], eax -; 128 : -; 129 : PNATIVE_CODE_BLOCK Block = new NATIVE_CODE_BLOCK; +; 138 : +; 139 : PNATIVE_CODE_BLOCK Block = new NATIVE_CODE_BLOCK; 0008e b9 30 00 00 00 mov ecx, 48 ; 00000030H 00093 e8 00 00 00 00 call ??2@YAPEAX_K@Z ; operator new @@ -4095,8 +4477,8 @@ $LN12@JitEmitPre: 00 00 mov rax, QWORD PTR $T4[rbp] 000de 48 89 45 68 mov QWORD PTR Block$[rbp], rax -; 130 : -; 131 : Block->Start = Block->End = new NATIVE_CODE_LINK; +; 140 : +; 141 : Block->Start = Block->End = new NATIVE_CODE_LINK; 000e2 b9 f0 00 00 00 mov ecx, 240 ; 000000f0H 000e7 e8 00 00 00 00 call ??2@YAPEAX_K@Z ; operator new @@ -4129,7 +4511,7 @@ $LN14@JitEmitPre: 00 00 mov rcx, QWORD PTR $T6[rbp] 00145 48 89 08 mov QWORD PTR [rax], rcx -; 132 : PUCHAR DataOffset = Link->RawData; +; 142 : PUCHAR DataOffset = Link->RawData; 00148 48 8b 85 e0 03 00 00 mov rax, QWORD PTR Link$[rbp] @@ -4137,23 +4519,23 @@ $LN14@JitEmitPre: 00153 48 89 85 88 00 00 00 mov QWORD PTR DataOffset$[rbp], rax -; 133 : ULONG Count = FourByte; +; 143 : ULONG Count = FourByte; 0015a 8b 45 04 mov eax, DWORD PTR FourByte$[rbp] 0015d 89 85 a4 00 00 00 mov DWORD PTR Count$[rbp], eax $LN2@JitEmitPre: -; 134 : while (Count) +; 144 : while (Count) 00163 83 bd a4 00 00 00 00 cmp DWORD PTR Count$[rbp], 0 0016a 0f 84 f8 00 00 00 je $LN3@JitEmitPre -; 135 : { -; 136 : //Account for remaining MOVs -; 137 : INT32 RipDelta = (((Count - 1) * DWORD_MOV_INST_LENGTH) + (TwoByte * WORD_MOV_INST_LENGTH) + (OneByte * BYTE_MOV_INST_LENGTH)); +; 145 : { +; 146 : //Account for remaining MOVs +; 147 : INT32 RipDelta = (((Count - 1) * DWORD_MOV_INST_LENGTH) + (TwoByte * WORD_MOV_INST_LENGTH) + (OneByte * BYTE_MOV_INST_LENGTH)); 00170 8b 85 a4 00 00 00 mov eax, DWORD PTR Count$[rbp] @@ -4166,8 +4548,8 @@ $LN2@JitEmitPre: 00187 89 85 c4 00 00 00 mov DWORD PTR RipDelta$1[rbp], eax -; 138 : //Account for already MOVd instructions -; 139 : RipDelta += ((FourByte - Count) * 4); +; 148 : //Account for already MOVd instructions +; 149 : RipDelta += ((FourByte - Count) * 4); 0018d 8b 85 a4 00 00 00 mov eax, DWORD PTR Count$[rbp] @@ -4180,7 +4562,7 @@ $LN2@JitEmitPre: 001a3 89 85 c4 00 00 00 mov DWORD PTR RipDelta$1[rbp], eax -; 140 : RipDelta += Delta; +; 150 : RipDelta += Delta; 001a9 8b 85 e8 03 00 00 mov eax, DWORD PTR Delta$[rbp] @@ -4191,8 +4573,8 @@ $LN2@JitEmitPre: 001b9 89 85 c4 00 00 00 mov DWORD PTR RipDelta$1[rbp], eax -; 141 : //Add the actual instruction -; 142 : printf("%p IS THE DATAOFFSET\n", DataOffset); +; 151 : //Add the actual instruction +; 152 : printf("%p IS THE DATAOFFSET\n", DataOffset); 001bf 48 8b 95 88 00 00 00 mov rdx, QWORD PTR DataOffset$[rbp] @@ -4200,14 +4582,14 @@ $LN2@JitEmitPre: 00 00 lea rcx, OFFSET FLAT:??_C@_0BG@BLDOCDOA@?$CFp?5IS?5THE?5DATAOFFSET?6@ 001cd e8 00 00 00 00 call printf -; 143 : system("pause"); +; 153 : system("pause"); 001d2 48 8d 0d 00 00 00 00 lea rcx, OFFSET FLAT:??_C@_05PDJBBECF@pause@ 001d9 ff 15 00 00 00 00 call QWORD PTR __imp_system -; 144 : if (!JitEmitRipRelativeMovD(Block, RipDelta, DataOffset)) +; 154 : if (!JitEmitRipRelativeMovD(Block, RipDelta, DataOffset)) 001df 4c 8b 85 88 00 00 00 mov r8, QWORD PTR DataOffset$[rbp] @@ -4218,13 +4600,13 @@ $LN2@JitEmitPre: 001f5 85 c0 test eax, eax 001f7 75 4a jne SHORT $LN4@JitEmitPre -; 145 : { -; 146 : NcDeleteBlock(Block); +; 155 : { +; 156 : NcDeleteBlock(Block); 001f9 48 8b 4d 68 mov rcx, QWORD PTR Block$[rbp] 001fd e8 00 00 00 00 call ?NcDeleteBlock@@YAXPEAU_NATIVE_CODE_BLOCK@@@Z ; NcDeleteBlock -; 147 : delete Block; +; 157 : delete Block; 00202 48 8b 45 68 mov rax, QWORD PTR Block$[rbp] 00206 48 89 85 48 03 @@ -4245,14 +4627,14 @@ $LN15@JitEmitPre: 00 mov QWORD PTR tv156[rbp], 0 $LN16@JitEmitPre: -; 148 : return NULL; +; 158 : return NULL; 0023c 33 c0 xor eax, eax 0023e e9 f3 01 00 00 jmp $LN1@JitEmitPre $LN4@JitEmitPre: -; 149 : } -; 150 : DataOffset += 4; +; 159 : } +; 160 : DataOffset += 4; 00243 48 8b 85 88 00 00 00 mov rax, QWORD PTR DataOffset$[rbp] @@ -4260,7 +4642,7 @@ $LN4@JitEmitPre: 0024e 48 89 85 88 00 00 00 mov QWORD PTR DataOffset$[rbp], rax -; 151 : --Count; +; 161 : --Count; 00255 8b 85 a4 00 00 00 mov eax, DWORD PTR Count$[rbp] @@ -4268,26 +4650,26 @@ $LN4@JitEmitPre: 0025d 89 85 a4 00 00 00 mov DWORD PTR Count$[rbp], eax -; 152 : } +; 162 : } 00263 e9 fb fe ff ff jmp $LN2@JitEmitPre $LN3@JitEmitPre: -; 153 : -; 154 : if (TwoByte) +; 163 : +; 164 : if (TwoByte) 00268 83 7d 24 00 cmp DWORD PTR TwoByte$[rbp], 0 0026c 0f 84 a8 00 00 00 je $LN5@JitEmitPre -; 155 : { -; 156 : INT32 RipDelta = (OneByte * BYTE_MOV_INST_LENGTH); +; 165 : { +; 166 : INT32 RipDelta = (OneByte * BYTE_MOV_INST_LENGTH); 00272 6b 45 44 07 imul eax, DWORD PTR OneByte$[rbp], 7 00276 89 85 e4 00 00 00 mov DWORD PTR RipDelta$2[rbp], eax -; 157 : RipDelta += (FourByte * 4); +; 167 : RipDelta += (FourByte * 4); 0027c 8b 85 e4 00 00 00 mov eax, DWORD PTR RipDelta$2[rbp] @@ -4296,7 +4678,7 @@ $LN3@JitEmitPre: 00288 89 85 e4 00 00 00 mov DWORD PTR RipDelta$2[rbp], eax -; 158 : RipDelta += Delta; +; 168 : RipDelta += Delta; 0028e 8b 85 e8 03 00 00 mov eax, DWORD PTR Delta$[rbp] @@ -4307,7 +4689,7 @@ $LN3@JitEmitPre: 0029e 89 85 e4 00 00 00 mov DWORD PTR RipDelta$2[rbp], eax -; 159 : if (!JitEmitRipRelativeMovW(Block, RipDelta, DataOffset)) +; 169 : if (!JitEmitRipRelativeMovW(Block, RipDelta, DataOffset)) 002a4 4c 8b 85 88 00 00 00 mov r8, QWORD PTR DataOffset$[rbp] @@ -4318,13 +4700,13 @@ $LN3@JitEmitPre: 002ba 85 c0 test eax, eax 002bc 75 4a jne SHORT $LN6@JitEmitPre -; 160 : { -; 161 : NcDeleteBlock(Block); +; 170 : { +; 171 : NcDeleteBlock(Block); 002be 48 8b 4d 68 mov rcx, QWORD PTR Block$[rbp] 002c2 e8 00 00 00 00 call ?NcDeleteBlock@@YAXPEAU_NATIVE_CODE_BLOCK@@@Z ; NcDeleteBlock -; 162 : delete Block; +; 172 : delete Block; 002c7 48 8b 45 68 mov rax, QWORD PTR Block$[rbp] 002cb 48 89 85 68 03 @@ -4345,14 +4727,14 @@ $LN17@JitEmitPre: 00 mov QWORD PTR tv174[rbp], 0 $LN18@JitEmitPre: -; 163 : return NULL; +; 173 : return NULL; 00301 33 c0 xor eax, eax 00303 e9 2e 01 00 00 jmp $LN1@JitEmitPre $LN6@JitEmitPre: -; 164 : } -; 165 : DataOffset += 2; +; 174 : } +; 175 : DataOffset += 2; 00308 48 8b 85 88 00 00 00 mov rax, QWORD PTR DataOffset$[rbp] @@ -4361,21 +4743,21 @@ $LN6@JitEmitPre: 00 00 mov QWORD PTR DataOffset$[rbp], rax $LN5@JitEmitPre: -; 166 : } -; 167 : -; 168 : if (OneByte) +; 176 : } +; 177 : +; 178 : if (OneByte) 0031a 83 7d 44 00 cmp DWORD PTR OneByte$[rbp], 0 0031e 0f 84 99 00 00 00 je $LN7@JitEmitPre -; 169 : { -; 170 : INT32 RipDelta = 0; +; 179 : { +; 180 : INT32 RipDelta = 0; 00324 c7 85 04 01 00 00 00 00 00 00 mov DWORD PTR RipDelta$3[rbp], 0 -; 171 : RipDelta += (FourByte * 4) + (TwoByte * 2); +; 181 : RipDelta += (FourByte * 4) + (TwoByte * 2); 0032e 8b 85 04 01 00 00 mov eax, DWORD PTR RipDelta$3[rbp] @@ -4386,7 +4768,7 @@ $LN5@JitEmitPre: 00340 89 85 04 01 00 00 mov DWORD PTR RipDelta$3[rbp], eax -; 172 : RipDelta += Delta; +; 182 : RipDelta += Delta; 00346 8b 85 e8 03 00 00 mov eax, DWORD PTR Delta$[rbp] @@ -4397,7 +4779,7 @@ $LN5@JitEmitPre: 00356 89 85 04 01 00 00 mov DWORD PTR RipDelta$3[rbp], eax -; 173 : if (!JitEmitRipRelativeMovB(Block, RipDelta, DataOffset)) +; 183 : if (!JitEmitRipRelativeMovB(Block, RipDelta, DataOffset)) 0035c 4c 8b 85 88 00 00 00 mov r8, QWORD PTR DataOffset$[rbp] @@ -4408,13 +4790,13 @@ $LN5@JitEmitPre: 00372 85 c0 test eax, eax 00374 75 47 jne SHORT $LN7@JitEmitPre -; 174 : { -; 175 : NcDeleteBlock(Block); +; 184 : { +; 185 : NcDeleteBlock(Block); 00376 48 8b 4d 68 mov rcx, QWORD PTR Block$[rbp] 0037a e8 00 00 00 00 call ?NcDeleteBlock@@YAXPEAU_NATIVE_CODE_BLOCK@@@Z ; NcDeleteBlock -; 176 : delete Block; +; 186 : delete Block; 0037f 48 8b 45 68 mov rax, QWORD PTR Block$[rbp] 00383 48 89 85 88 03 @@ -4435,23 +4817,23 @@ $LN19@JitEmitPre: 00 mov QWORD PTR tv192[rbp], 0 $LN20@JitEmitPre: -; 177 : return NULL; +; 187 : return NULL; 003b9 33 c0 xor eax, eax 003bb eb 79 jmp SHORT $LN1@JitEmitPre $LN7@JitEmitPre: -; 178 : } -; 179 : } -; 180 : -; 181 : PNATIVE_CODE_LINK StartLink = Block->Start; +; 188 : } +; 189 : } +; 190 : +; 191 : PNATIVE_CODE_LINK StartLink = Block->Start; 003bd 48 8b 45 68 mov rax, QWORD PTR Block$[rbp] 003c1 48 8b 00 mov rax, QWORD PTR [rax] 003c4 48 89 85 28 01 00 00 mov QWORD PTR StartLink$[rbp], rax -; 182 : Block->Start = Block->Start->Next; +; 192 : Block->Start = Block->Start->Next; 003cb 48 8b 45 68 mov rax, QWORD PTR Block$[rbp] 003cf 48 8b 00 mov rax, QWORD PTR [rax] @@ -4459,13 +4841,13 @@ $LN7@JitEmitPre: 003d6 48 8b 00 mov rax, QWORD PTR [rax] 003d9 48 89 01 mov QWORD PTR [rcx], rax -; 183 : if (Block->Start) +; 193 : if (Block->Start) 003dc 48 8b 45 68 mov rax, QWORD PTR Block$[rbp] 003e0 48 83 38 00 cmp QWORD PTR [rax], 0 003e4 74 0f je SHORT $LN9@JitEmitPre -; 184 : Block->Start->Prev = NULL; +; 194 : Block->Start->Prev = NULL; 003e6 48 8b 45 68 mov rax, QWORD PTR Block$[rbp] 003ea 48 8b 00 mov rax, QWORD PTR [rax] @@ -4473,7 +4855,7 @@ $LN7@JitEmitPre: 00 00 00 mov QWORD PTR [rax+8], 0 $LN9@JitEmitPre: -; 185 : delete StartLink; +; 195 : delete StartLink; 003f5 48 8b 85 28 01 00 00 mov rax, QWORD PTR StartLink$[rbp] @@ -4495,13 +4877,13 @@ $LN21@JitEmitPre: 00 mov QWORD PTR tv205[rbp], 0 $LN22@JitEmitPre: -; 186 : -; 187 : return Block; +; 196 : +; 197 : return Block; 00432 48 8b 45 68 mov rax, QWORD PTR Block$[rbp] $LN1@JitEmitPre: -; 188 : } +; 198 : } 00436 48 8d a5 c8 03 00 00 lea rsp, QWORD PTR [rbp+968] @@ -4694,6 +5076,82 @@ Delta$ = 1000 text$x ENDS ; Function compile flags: /Odtp /RTCsu /ZI ; File C:\$Fanta\code-virtualizer\CodeVirtualizer\Jit.cpp +; COMDAT ?JitMutateInstForAnd@@YAXPEAU_NATIVE_CODE_LINK@@PEAU_JIT_BITWISE_DATA@@@Z +_TEXT SEGMENT +Link$ = 224 +XorData$ = 232 +?JitMutateInstForAnd@@YAXPEAU_NATIVE_CODE_LINK@@PEAU_JIT_BITWISE_DATA@@@Z PROC ; JitMutateInstForAnd, COMDAT + +; 129 : { + +$LN3: + 00000 48 89 54 24 10 mov QWORD PTR [rsp+16], rdx + 00005 48 89 4c 24 08 mov QWORD PTR [rsp+8], rcx + 0000a 55 push rbp + 0000b 57 push rdi + 0000c 48 81 ec e8 00 + 00 00 sub rsp, 232 ; 000000e8H + 00013 48 8d 6c 24 20 lea rbp, QWORD PTR [rsp+32] + 00018 48 8b fc mov rdi, rsp + 0001b b9 3a 00 00 00 mov ecx, 58 ; 0000003aH + 00020 b8 cc cc cc cc mov eax, -858993460 ; ccccccccH + 00025 f3 ab rep stosd + 00027 48 8b 8c 24 08 + 01 00 00 mov rcx, QWORD PTR [rsp+264] + 0002f 48 8d 0d 00 00 + 00 00 lea rcx, OFFSET FLAT:__DD050276_Jit@cpp + 00036 e8 00 00 00 00 call __CheckForDebuggerJustMyCode + +; 130 : +; 131 : } + + 0003b 48 8d a5 c8 00 + 00 00 lea rsp, QWORD PTR [rbp+200] + 00042 5f pop rdi + 00043 5d pop rbp + 00044 c3 ret 0 +?JitMutateInstForAnd@@YAXPEAU_NATIVE_CODE_LINK@@PEAU_JIT_BITWISE_DATA@@@Z ENDP ; JitMutateInstForAnd +_TEXT ENDS +; Function compile flags: /Odtp /RTCsu /ZI +; File C:\$Fanta\code-virtualizer\CodeVirtualizer\Jit.cpp +; COMDAT ?JitMutateInstForOr@@YAXPEAU_NATIVE_CODE_LINK@@PEAU_JIT_BITWISE_DATA@@@Z +_TEXT SEGMENT +Link$ = 224 +XorData$ = 232 +?JitMutateInstForOr@@YAXPEAU_NATIVE_CODE_LINK@@PEAU_JIT_BITWISE_DATA@@@Z PROC ; JitMutateInstForOr, COMDAT + +; 124 : { + +$LN3: + 00000 48 89 54 24 10 mov QWORD PTR [rsp+16], rdx + 00005 48 89 4c 24 08 mov QWORD PTR [rsp+8], rcx + 0000a 55 push rbp + 0000b 57 push rdi + 0000c 48 81 ec e8 00 + 00 00 sub rsp, 232 ; 000000e8H + 00013 48 8d 6c 24 20 lea rbp, QWORD PTR [rsp+32] + 00018 48 8b fc mov rdi, rsp + 0001b b9 3a 00 00 00 mov ecx, 58 ; 0000003aH + 00020 b8 cc cc cc cc mov eax, -858993460 ; ccccccccH + 00025 f3 ab rep stosd + 00027 48 8b 8c 24 08 + 01 00 00 mov rcx, QWORD PTR [rsp+264] + 0002f 48 8d 0d 00 00 + 00 00 lea rcx, OFFSET FLAT:__DD050276_Jit@cpp + 00036 e8 00 00 00 00 call __CheckForDebuggerJustMyCode + +; 125 : +; 126 : } + + 0003b 48 8d a5 c8 00 + 00 00 lea rsp, QWORD PTR [rbp+200] + 00042 5f pop rdi + 00043 5d pop rbp + 00044 c3 ret 0 +?JitMutateInstForOr@@YAXPEAU_NATIVE_CODE_LINK@@PEAU_JIT_BITWISE_DATA@@@Z ENDP ; JitMutateInstForOr +_TEXT ENDS +; Function compile flags: /Odtp /RTCsu /ZI +; File C:\$Fanta\code-virtualizer\CodeVirtualizer\Jit.cpp ; COMDAT ?JitMutateInstForXor@@YAXPEAU_NATIVE_CODE_LINK@@PEAU_JIT_BITWISE_DATA@@@Z _TEXT SEGMENT FourByte$ = 4 @@ -4704,7 +5162,7 @@ Link$ = 352 JitData$ = 360 ?JitMutateInstForXor@@YAXPEAU_NATIVE_CODE_LINK@@PEAU_JIT_BITWISE_DATA@@@Z PROC ; JitMutateInstForXor, COMDAT -; 97 : { +; 99 : { $LN7: 00000 48 89 54 24 10 mov QWORD PTR [rsp+16], rdx @@ -4724,7 +5182,7 @@ $LN7: 00 00 lea rcx, OFFSET FLAT:__DD050276_Jit@cpp 00036 e8 00 00 00 00 call __CheckForDebuggerJustMyCode -; 98 : ULONG FourByte = Link->RawDataSize / 4; +; 100 : ULONG FourByte = Link->RawDataSize / 4; 0003b 33 d2 xor edx, edx 0003d 48 8b 85 60 01 @@ -4734,7 +5192,7 @@ $LN7: 0004c f7 f1 div ecx 0004e 89 45 04 mov DWORD PTR FourByte$[rbp], eax -; 99 : ULONG TwoByte = (Link->RawDataSize - (FourByte * 4)) / 2; +; 101 : ULONG TwoByte = (Link->RawDataSize - (FourByte * 4)) / 2; 00051 8b 45 04 mov eax, DWORD PTR FourByte$[rbp] 00054 c1 e0 02 shl eax, 2 @@ -4748,7 +5206,7 @@ $LN7: 0006c f7 f1 div ecx 0006e 89 45 24 mov DWORD PTR TwoByte$[rbp], eax -; 100 : ULONG OneByte = (Link->RawDataSize - (FourByte * 4) - (TwoByte * 2)); +; 102 : ULONG OneByte = (Link->RawDataSize - (FourByte * 4) - (TwoByte * 2)); 00071 8b 45 04 mov eax, DWORD PTR FourByte$[rbp] 00074 c1 e0 02 shl eax, 2 @@ -4762,8 +5220,8 @@ $LN7: 0008a 2b c1 sub eax, ecx 0008c 89 45 44 mov DWORD PTR OneByte$[rbp], eax -; 101 : -; 102 : PUCHAR Buffer = Link->RawData; +; 103 : +; 104 : PUCHAR Buffer = Link->RawData; 0008f 48 8b 85 60 01 00 00 mov rax, QWORD PTR Link$[rbp] @@ -4771,13 +5229,13 @@ $LN7: 0009a 48 89 45 68 mov QWORD PTR Buffer$[rbp], rax $LN2@JitMutateI: -; 103 : while (FourByte) +; 105 : while (FourByte) 0009e 83 7d 04 00 cmp DWORD PTR FourByte$[rbp], 0 000a2 74 3a je SHORT $LN3@JitMutateI -; 104 : { -; 105 : *(PULONG)Buffer ^= JitData->Data[2 - FourByte]; +; 106 : { +; 107 : *(PULONG)Buffer ^= JitData->Data[2 - FourByte]; 000a4 b8 02 00 00 00 mov eax, 2 000a9 2b 45 04 sub eax, DWORD PTR FourByte$[rbp] @@ -4792,31 +5250,31 @@ $LN2@JitMutateI: 000c2 48 8b 4d 68 mov rcx, QWORD PTR Buffer$[rbp] 000c6 89 01 mov DWORD PTR [rcx], eax -; 106 : Buffer += 4; +; 108 : Buffer += 4; 000c8 48 8b 45 68 mov rax, QWORD PTR Buffer$[rbp] 000cc 48 83 c0 04 add rax, 4 000d0 48 89 45 68 mov QWORD PTR Buffer$[rbp], rax -; 107 : FourByte--; +; 109 : FourByte--; 000d4 8b 45 04 mov eax, DWORD PTR FourByte$[rbp] 000d7 ff c8 dec eax 000d9 89 45 04 mov DWORD PTR FourByte$[rbp], eax -; 108 : } +; 110 : } 000dc eb c0 jmp SHORT $LN2@JitMutateI $LN3@JitMutateI: -; 109 : -; 110 : if (TwoByte) +; 111 : +; 112 : if (TwoByte) 000de 83 7d 24 00 cmp DWORD PTR TwoByte$[rbp], 0 000e2 74 32 je SHORT $LN4@JitMutateI -; 111 : { -; 112 : *(PUSHORT)Buffer ^= (USHORT)JitData->Data[3]; +; 113 : { +; 114 : *(PUSHORT)Buffer ^= (USHORT)JitData->Data[3]; 000e4 b8 04 00 00 00 mov eax, 4 000e9 48 6b c0 03 imul rax, rax, 3 @@ -4830,21 +5288,21 @@ $LN3@JitMutateI: 00103 48 8b 4d 68 mov rcx, QWORD PTR Buffer$[rbp] 00107 66 89 01 mov WORD PTR [rcx], ax -; 113 : Buffer += 2; +; 115 : Buffer += 2; 0010a 48 8b 45 68 mov rax, QWORD PTR Buffer$[rbp] 0010e 48 83 c0 02 add rax, 2 00112 48 89 45 68 mov QWORD PTR Buffer$[rbp], rax $LN4@JitMutateI: -; 114 : } -; 115 : -; 116 : if (OneByte) +; 116 : } +; 117 : +; 118 : if (OneByte) 00116 83 7d 44 00 cmp DWORD PTR OneByte$[rbp], 0 0011a 74 25 je SHORT $LN5@JitMutateI -; 117 : *(PUCHAR)Buffer ^= (UCHAR)JitData->Data[3]; +; 119 : *(PUCHAR)Buffer ^= (UCHAR)JitData->Data[3]; 0011c b8 04 00 00 00 mov eax, 4 00121 48 6b c0 03 imul rax, rax, 3 @@ -4859,8 +5317,8 @@ $LN4@JitMutateI: 0013f 88 01 mov BYTE PTR [rcx], al $LN5@JitMutateI: -; 118 : -; 119 : } +; 120 : +; 121 : } 00141 48 8d a5 48 01 00 00 lea rsp, QWORD PTR [rbp+328] @@ -4882,7 +5340,7 @@ __$ArrayPad$ = 344 Link$ = 384 ?JitAreFlagsClobberedBeforeUse@@YAHPEAU_NATIVE_CODE_LINK@@@Z PROC ; JitAreFlagsClobberedBeforeUse, COMDAT -; 67 : { +; 69 : { $LN9: 00000 48 89 4c 24 08 mov QWORD PTR [rsp+8], rcx @@ -4906,45 +5364,45 @@ $LN9: 00 00 lea rcx, OFFSET FLAT:__DD050276_Jit@cpp 00042 e8 00 00 00 00 call __CheckForDebuggerJustMyCode -; 68 : XED_FLAG_SET Ledger; -; 69 : Ledger.s.zf = TRUE; +; 70 : XED_FLAG_SET Ledger; +; 71 : Ledger.s.zf = TRUE; 00047 8b 45 04 mov eax, DWORD PTR Ledger$[rbp] 0004a 83 c8 40 or eax, 64 ; 00000040H 0004d 89 45 04 mov DWORD PTR Ledger$[rbp], eax -; 70 : Ledger.s.sf = TRUE; +; 72 : Ledger.s.sf = TRUE; 00050 8b 45 04 mov eax, DWORD PTR Ledger$[rbp] 00053 0f ba e8 07 bts eax, 7 00057 89 45 04 mov DWORD PTR Ledger$[rbp], eax -; 71 : Ledger.s.pf = TRUE; +; 73 : Ledger.s.pf = TRUE; 0005a 8b 45 04 mov eax, DWORD PTR Ledger$[rbp] 0005d 83 c8 04 or eax, 4 00060 89 45 04 mov DWORD PTR Ledger$[rbp], eax -; 72 : Ledger.s.of = TRUE; +; 74 : Ledger.s.of = TRUE; 00063 8b 45 04 mov eax, DWORD PTR Ledger$[rbp] 00066 0f ba e8 0b bts eax, 11 0006a 89 45 04 mov DWORD PTR Ledger$[rbp], eax -; 73 : Ledger.s.cf = TRUE; +; 75 : Ledger.s.cf = TRUE; 0006d 8b 45 04 mov eax, DWORD PTR Ledger$[rbp] 00070 83 c8 01 or eax, 1 00073 89 45 04 mov DWORD PTR Ledger$[rbp], eax -; 74 : Ledger.s.af = TRUE; +; 76 : Ledger.s.af = TRUE; 00076 8b 45 04 mov eax, DWORD PTR Ledger$[rbp] 00079 83 c8 10 or eax, 16 0007c 89 45 04 mov DWORD PTR Ledger$[rbp], eax -; 75 : -; 76 : for (PNATIVE_CODE_LINK T = Link->Next; T; T = T->Next) +; 77 : +; 78 : for (PNATIVE_CODE_LINK T = Link->Next; T; T = T->Next) 0007f 48 8b 85 80 01 00 00 mov rax, QWORD PTR Link$[rbp] @@ -4959,8 +5417,8 @@ $LN4@JitAreFlag: 0009a 48 83 7d 28 00 cmp QWORD PTR T$4[rbp], 0 0009f 74 77 je SHORT $LN3@JitAreFlag -; 77 : { -; 78 : if (T->Flags & CODE_FLAG_IS_LABEL) +; 79 : { +; 80 : if (T->Flags & CODE_FLAG_IS_LABEL) 000a1 48 8b 45 28 mov rax, QWORD PTR T$4[rbp] 000a5 8b 40 18 mov eax, DWORD PTR [rax+24] @@ -4968,13 +5426,13 @@ $LN4@JitAreFlag: 000ab 85 c0 test eax, eax 000ad 74 02 je SHORT $LN5@JitAreFlag -; 79 : continue; +; 81 : continue; 000af eb de jmp SHORT $LN2@JitAreFlag $LN5@JitAreFlag: -; 80 : -; 81 : CONST XED_SIMPLE_FLAG* SimpleFlags = XedDecodedInstGetRflagsInfo(&T->XedInstruction); +; 82 : +; 83 : CONST XED_SIMPLE_FLAG* SimpleFlags = XedDecodedInstGetRflagsInfo(&T->XedInstruction); 000b1 48 8b 45 28 mov rax, QWORD PTR T$4[rbp] 000b5 48 83 c0 30 add rax, 48 ; 00000030H @@ -4982,21 +5440,21 @@ $LN5@JitAreFlag: 000bc e8 00 00 00 00 call xed_decoded_inst_get_rflags_info 000c1 48 89 45 48 mov QWORD PTR SimpleFlags$5[rbp], rax -; 82 : CONST XED_FLAG_SET* FlagsRead = XedSimpleFlagGetReadFlagSet(SimpleFlags); +; 84 : CONST XED_FLAG_SET* FlagsRead = XedSimpleFlagGetReadFlagSet(SimpleFlags); 000c5 48 8b 4d 48 mov rcx, QWORD PTR SimpleFlags$5[rbp] 000c9 e8 00 00 00 00 call xed_simple_flag_get_read_flag_set 000ce 48 89 45 68 mov QWORD PTR FlagsRead$6[rbp], rax -; 83 : CONST XED_FLAG_SET* FlagsWritten = XedSimpleFlagGetWrittenFlagSet(SimpleFlags); +; 85 : CONST XED_FLAG_SET* FlagsWritten = XedSimpleFlagGetWrittenFlagSet(SimpleFlags); 000d2 48 8b 4d 48 mov rcx, QWORD PTR SimpleFlags$5[rbp] 000d6 e8 00 00 00 00 call xed_simple_flag_get_written_flag_set 000db 48 89 85 88 00 00 00 mov QWORD PTR FlagsWritten$7[rbp], rax -; 84 : -; 85 : if (JitCheckFlagCollisions(FlagsRead, Ledger)) +; 86 : +; 87 : if (JitCheckFlagCollisions(FlagsRead, Ledger)) 000e2 8b 55 04 mov edx, DWORD PTR Ledger$[rbp] 000e5 48 8b 4d 68 mov rcx, QWORD PTR FlagsRead$6[rbp] @@ -5004,43 +5462,43 @@ $LN5@JitAreFlag: 000ee 85 c0 test eax, eax 000f0 74 04 je SHORT $LN6@JitAreFlag -; 86 : return FALSE; +; 88 : return FALSE; 000f2 33 c0 xor eax, eax 000f4 eb 24 jmp SHORT $LN1@JitAreFlag $LN6@JitAreFlag: -; 87 : -; 88 : JitUpdateConFlagsLedger(FlagsWritten, &Ledger); +; 89 : +; 90 : JitUpdateConFlagsLedger(FlagsWritten, &Ledger); 000f6 48 8d 55 04 lea rdx, QWORD PTR Ledger$[rbp] 000fa 48 8b 8d 88 00 00 00 mov rcx, QWORD PTR FlagsWritten$7[rbp] 00101 e8 00 00 00 00 call ?JitUpdateConFlagsLedger@@YAXPEBTxed_flag_set_s@@PEAT1@@Z ; JitUpdateConFlagsLedger -; 89 : -; 90 : if (Ledger.flat == 0) +; 91 : +; 92 : if (Ledger.flat == 0) 00106 83 7d 04 00 cmp DWORD PTR Ledger$[rbp], 0 0010a 75 07 jne SHORT $LN7@JitAreFlag -; 91 : return TRUE; +; 93 : return TRUE; 0010c b8 01 00 00 00 mov eax, 1 00111 eb 07 jmp SHORT $LN1@JitAreFlag $LN7@JitAreFlag: -; 92 : } +; 94 : } 00113 e9 77 ff ff ff jmp $LN2@JitAreFlag $LN3@JitAreFlag: -; 93 : return FALSE; +; 95 : return FALSE; 00118 33 c0 xor eax, eax $LN1@JitAreFlag: -; 94 : } +; 96 : } 0011a 48 8b f8 mov rdi, rax 0011d 48 8d 4d e0 lea rcx, QWORD PTR [rbp-32] @@ -5070,7 +5528,7 @@ tv132 = 276 Link$ = 320 ?JitDoesInstOverriteConditionFlags@@YAHPEAU_NATIVE_CODE_LINK@@@Z PROC ; JitDoesInstOverriteConditionFlags, COMDAT -; 52 : { +; 54 : { $LN5: 00000 48 89 4c 24 08 mov QWORD PTR [rsp+8], rcx @@ -5089,7 +5547,7 @@ $LN5: 00 00 lea rcx, OFFSET FLAT:__DD050276_Jit@cpp 00031 e8 00 00 00 00 call __CheckForDebuggerJustMyCode -; 53 : CONST XED_SIMPLE_FLAG* SimpleFlags = XedDecodedInstGetRflagsInfo(&Link->XedInstruction); +; 55 : CONST XED_SIMPLE_FLAG* SimpleFlags = XedDecodedInstGetRflagsInfo(&Link->XedInstruction); 00036 48 8b 85 40 01 00 00 mov rax, QWORD PTR Link$[rbp] @@ -5098,20 +5556,20 @@ $LN5: 00044 e8 00 00 00 00 call xed_decoded_inst_get_rflags_info 00049 48 89 45 08 mov QWORD PTR SimpleFlags$[rbp], rax -; 54 : CONST XED_FLAG_SET* FlagsWritten = XedSimpleFlagGetWrittenFlagSet(SimpleFlags); +; 56 : CONST XED_FLAG_SET* FlagsWritten = XedSimpleFlagGetWrittenFlagSet(SimpleFlags); 0004d 48 8b 4d 08 mov rcx, QWORD PTR SimpleFlags$[rbp] 00051 e8 00 00 00 00 call xed_simple_flag_get_written_flag_set 00056 48 89 45 28 mov QWORD PTR FlagsWritten$[rbp], rax -; 55 : CONST XED_FLAG_SET* FlagsUndefined = XedSimpleFlagGetUndefinedFlagSet(SimpleFlags); +; 57 : CONST XED_FLAG_SET* FlagsUndefined = XedSimpleFlagGetUndefinedFlagSet(SimpleFlags); 0005a 48 8b 4d 08 mov rcx, QWORD PTR SimpleFlags$[rbp] 0005e e8 00 00 00 00 call xed_simple_flag_get_undefined_flag_set 00063 48 89 45 48 mov QWORD PTR FlagsUndefined$[rbp], rax -; 56 : -; 57 : return (FlagsWritten->s.zf && +; 58 : +; 59 : return (FlagsWritten->s.zf && 00067 48 8b 45 28 mov rax, QWORD PTR FlagsWritten$[rbp] 0006b 8b 00 mov eax, DWORD PTR [rax] @@ -5158,13 +5616,13 @@ $LN4@JitDoesIns: 000da 8b 85 14 01 00 00 mov eax, DWORD PTR tv132[rbp] -; 58 : FlagsWritten->s.sf && -; 59 : FlagsWritten->s.pf && -; 60 : FlagsWritten->s.of && -; 61 : FlagsWritten->s.cf && -; 62 : FlagsUndefined->s.af -; 63 : ); -; 64 : } +; 60 : FlagsWritten->s.sf && +; 61 : FlagsWritten->s.pf && +; 62 : FlagsWritten->s.of && +; 63 : FlagsWritten->s.cf && +; 64 : FlagsUndefined->s.af +; 65 : ); +; 66 : } 000e0 48 8d a5 28 01 00 00 lea rsp, QWORD PTR [rbp+296] @@ -5181,7 +5639,7 @@ FlagsWritten$ = 224 Ledger$ = 232 ?JitUpdateConFlagsLedger@@YAXPEBTxed_flag_set_s@@PEAT1@@Z PROC ; JitUpdateConFlagsLedger, COMDAT -; 36 : { +; 38 : { $LN9: 00000 48 89 54 24 10 mov QWORD PTR [rsp+16], rdx @@ -5201,7 +5659,7 @@ $LN9: 00 00 lea rcx, OFFSET FLAT:__DD050276_Jit@cpp 00036 e8 00 00 00 00 call __CheckForDebuggerJustMyCode -; 37 : if (FlagsWritten->s.zf) +; 39 : if (FlagsWritten->s.zf) 0003b 48 8b 85 e0 00 00 00 mov rax, QWORD PTR FlagsWritten$[rbp] @@ -5211,7 +5669,7 @@ $LN9: 0004a 85 c0 test eax, eax 0004c 74 15 je SHORT $LN2@JitUpdateC -; 38 : Ledger->s.zf = FALSE; +; 40 : Ledger->s.zf = FALSE; 0004e 48 8b 85 e8 00 00 00 mov rax, QWORD PTR Ledger$[rbp] @@ -5222,7 +5680,7 @@ $LN9: 00061 89 01 mov DWORD PTR [rcx], eax $LN2@JitUpdateC: -; 39 : if (FlagsWritten->s.sf) +; 41 : if (FlagsWritten->s.sf) 00063 48 8b 85 e0 00 00 00 mov rax, QWORD PTR FlagsWritten$[rbp] @@ -5232,7 +5690,7 @@ $LN2@JitUpdateC: 00072 85 c0 test eax, eax 00074 74 16 je SHORT $LN3@JitUpdateC -; 40 : Ledger->s.sf = FALSE; +; 42 : Ledger->s.sf = FALSE; 00076 48 8b 85 e8 00 00 00 mov rax, QWORD PTR Ledger$[rbp] @@ -5243,7 +5701,7 @@ $LN2@JitUpdateC: 0008a 89 01 mov DWORD PTR [rcx], eax $LN3@JitUpdateC: -; 41 : if (FlagsWritten->s.pf) +; 43 : if (FlagsWritten->s.pf) 0008c 48 8b 85 e0 00 00 00 mov rax, QWORD PTR FlagsWritten$[rbp] @@ -5253,7 +5711,7 @@ $LN3@JitUpdateC: 0009b 85 c0 test eax, eax 0009d 74 15 je SHORT $LN4@JitUpdateC -; 42 : Ledger->s.pf = FALSE; +; 44 : Ledger->s.pf = FALSE; 0009f 48 8b 85 e8 00 00 00 mov rax, QWORD PTR Ledger$[rbp] @@ -5264,7 +5722,7 @@ $LN3@JitUpdateC: 000b2 89 01 mov DWORD PTR [rcx], eax $LN4@JitUpdateC: -; 43 : if (FlagsWritten->s.of) +; 45 : if (FlagsWritten->s.of) 000b4 48 8b 85 e0 00 00 00 mov rax, QWORD PTR FlagsWritten$[rbp] @@ -5274,7 +5732,7 @@ $LN4@JitUpdateC: 000c3 85 c0 test eax, eax 000c5 74 16 je SHORT $LN5@JitUpdateC -; 44 : Ledger->s.of = FALSE; +; 46 : Ledger->s.of = FALSE; 000c7 48 8b 85 e8 00 00 00 mov rax, QWORD PTR Ledger$[rbp] @@ -5285,7 +5743,7 @@ $LN4@JitUpdateC: 000db 89 01 mov DWORD PTR [rcx], eax $LN5@JitUpdateC: -; 45 : if (FlagsWritten->s.cf) +; 47 : if (FlagsWritten->s.cf) 000dd 48 8b 85 e0 00 00 00 mov rax, QWORD PTR FlagsWritten$[rbp] @@ -5294,7 +5752,7 @@ $LN5@JitUpdateC: 000e9 85 c0 test eax, eax 000eb 74 15 je SHORT $LN6@JitUpdateC -; 46 : Ledger->s.cf = FALSE; +; 48 : Ledger->s.cf = FALSE; 000ed 48 8b 85 e8 00 00 00 mov rax, QWORD PTR Ledger$[rbp] @@ -5305,7 +5763,7 @@ $LN5@JitUpdateC: 00100 89 01 mov DWORD PTR [rcx], eax $LN6@JitUpdateC: -; 47 : if (FlagsWritten->s.af) +; 49 : if (FlagsWritten->s.af) 00102 48 8b 85 e0 00 00 00 mov rax, QWORD PTR FlagsWritten$[rbp] @@ -5315,7 +5773,7 @@ $LN6@JitUpdateC: 00111 85 c0 test eax, eax 00113 74 15 je SHORT $LN7@JitUpdateC -; 48 : Ledger->s.af = FALSE; +; 50 : Ledger->s.af = FALSE; 00115 48 8b 85 e8 00 00 00 mov rax, QWORD PTR Ledger$[rbp] @@ -5326,7 +5784,7 @@ $LN6@JitUpdateC: 00128 89 01 mov DWORD PTR [rcx], eax $LN7@JitUpdateC: -; 49 : } +; 51 : } 0012a 48 8d a5 c8 00 00 00 lea rsp, QWORD PTR [rbp+200] @@ -5344,7 +5802,7 @@ FlagsRead$ = 240 Ledger$ = 248 ?JitCheckFlagCollisions@@YAHPEBTxed_flag_set_s@@T1@@Z PROC ; JitCheckFlagCollisions, COMDAT -; 25 : { +; 27 : { $LN11: 00000 89 54 24 10 mov DWORD PTR [rsp+16], edx @@ -5364,7 +5822,7 @@ $LN11: 00 00 lea rcx, OFFSET FLAT:__DD050276_Jit@cpp 00035 e8 00 00 00 00 call __CheckForDebuggerJustMyCode -; 26 : return ((FlagsRead->s.zf && FlagsRead->s.zf == Ledger.s.zf) || +; 28 : return ((FlagsRead->s.zf && FlagsRead->s.zf == Ledger.s.zf) || 0003a 48 8b 85 f0 00 00 00 mov rax, QWORD PTR FlagsRead$[rbp] @@ -5490,13 +5948,13 @@ $LN10@JitCheckFl: 0017f 8b 85 c0 00 00 00 mov eax, DWORD PTR tv165[rbp] -; 27 : (FlagsRead->s.sf && FlagsRead->s.sf == Ledger.s.sf) || -; 28 : (FlagsRead->s.pf && FlagsRead->s.pf == Ledger.s.pf) || -; 29 : (FlagsRead->s.of && FlagsRead->s.of == Ledger.s.of) || -; 30 : (FlagsRead->s.cf && FlagsRead->s.cf == Ledger.s.cf) || -; 31 : (FlagsRead->s.af && FlagsRead->s.af == Ledger.s.af) -; 32 : ); -; 33 : } +; 29 : (FlagsRead->s.sf && FlagsRead->s.sf == Ledger.s.sf) || +; 30 : (FlagsRead->s.pf && FlagsRead->s.pf == Ledger.s.pf) || +; 31 : (FlagsRead->s.of && FlagsRead->s.of == Ledger.s.of) || +; 32 : (FlagsRead->s.cf && FlagsRead->s.cf == Ledger.s.cf) || +; 33 : (FlagsRead->s.af && FlagsRead->s.af == Ledger.s.af) +; 34 : ); +; 35 : } 00185 48 8d a5 d8 00 00 00 lea rsp, QWORD PTR [rbp+216] @@ -5518,7 +5976,7 @@ __$ArrayPad$ = 320 Block$ = 368 ?JitEmitPopfqInst@@YAHPEAU_NATIVE_CODE_BLOCK@@@Z PROC ; JitEmitPopfqInst, COMDAT -; 16 : { +; 18 : { $LN6: 00000 48 89 4c 24 08 mov QWORD PTR [rsp+8], rcx @@ -5542,11 +6000,11 @@ $LN6: 00 00 lea rcx, OFFSET FLAT:__DD050276_Jit@cpp 00042 e8 00 00 00 00 call __CheckForDebuggerJustMyCode -; 17 : UCHAR RawData[] = { 0x9D }; +; 19 : UCHAR RawData[] = { 0x9D }; 00047 c6 45 04 9d mov BYTE PTR RawData$[rbp], 157 ; 0000009dH -; 18 : PNATIVE_CODE_LINK Link = new NATIVE_CODE_LINK(CODE_FLAG_IS_INST, RawData, 1); +; 20 : PNATIVE_CODE_LINK Link = new NATIVE_CODE_LINK(CODE_FLAG_IS_INST, RawData, 1); 0004b b9 f0 00 00 00 mov ecx, 240 ; 000000f0H 00050 e8 00 00 00 00 call ??2@YAPEAX_K@Z ; operator new @@ -5578,7 +6036,7 @@ $LN4@JitEmitPop: 00 00 mov rax, QWORD PTR $T4[rbp] 000aa 48 89 45 28 mov QWORD PTR Link$[rbp], rax -; 19 : XedDecode(&Link->XedInstruction, Link->RawData, 1); +; 21 : XedDecode(&Link->XedInstruction, Link->RawData, 1); 000ae 48 8b 45 28 mov rax, QWORD PTR Link$[rbp] 000b2 48 83 c0 30 add rax, 48 ; 00000030H @@ -5589,18 +6047,18 @@ $LN4@JitEmitPop: 000c4 48 8b c8 mov rcx, rax 000c7 e8 00 00 00 00 call xed_decode -; 20 : NcAppendToBlock(Block, Link); +; 22 : NcAppendToBlock(Block, Link); 000cc 48 8b 55 28 mov rdx, QWORD PTR Link$[rbp] 000d0 48 8b 8d 70 01 00 00 mov rcx, QWORD PTR Block$[rbp] 000d7 e8 00 00 00 00 call ?NcAppendToBlock@@YAXPEAU_NATIVE_CODE_BLOCK@@PEAU_NATIVE_CODE_LINK@@@Z ; NcAppendToBlock -; 21 : return TRUE; +; 23 : return TRUE; 000dc b8 01 00 00 00 mov eax, 1 -; 22 : } +; 24 : } 000e1 8b f8 mov edi, eax 000e3 48 8d 4d e0 lea rcx, QWORD PTR [rbp-32] @@ -5685,7 +6143,7 @@ __$ArrayPad$ = 320 Block$ = 368 ?JitEmitPushfqInst@@YAHPEAU_NATIVE_CODE_BLOCK@@@Z PROC ; JitEmitPushfqInst, COMDAT -; 7 : { +; 9 : { $LN6: 00000 48 89 4c 24 08 mov QWORD PTR [rsp+8], rcx @@ -5709,11 +6167,11 @@ $LN6: 00 00 lea rcx, OFFSET FLAT:__DD050276_Jit@cpp 00042 e8 00 00 00 00 call __CheckForDebuggerJustMyCode -; 8 : UCHAR RawData[] = { 0x9C }; +; 10 : UCHAR RawData[] = { 0x9C }; 00047 c6 45 04 9c mov BYTE PTR RawData$[rbp], 156 ; 0000009cH -; 9 : PNATIVE_CODE_LINK Link = new NATIVE_CODE_LINK(CODE_FLAG_IS_INST, RawData, 1); +; 11 : PNATIVE_CODE_LINK Link = new NATIVE_CODE_LINK(CODE_FLAG_IS_INST, RawData, 1); 0004b b9 f0 00 00 00 mov ecx, 240 ; 000000f0H 00050 e8 00 00 00 00 call ??2@YAPEAX_K@Z ; operator new @@ -5745,7 +6203,7 @@ $LN4@JitEmitPus: 00 00 mov rax, QWORD PTR $T4[rbp] 000aa 48 89 45 28 mov QWORD PTR Link$[rbp], rax -; 10 : XedDecode(&Link->XedInstruction, Link->RawData, 1); +; 12 : XedDecode(&Link->XedInstruction, Link->RawData, 1); 000ae 48 8b 45 28 mov rax, QWORD PTR Link$[rbp] 000b2 48 83 c0 30 add rax, 48 ; 00000030H @@ -5756,18 +6214,18 @@ $LN4@JitEmitPus: 000c4 48 8b c8 mov rcx, rax 000c7 e8 00 00 00 00 call xed_decode -; 11 : NcAppendToBlock(Block, Link); +; 13 : NcAppendToBlock(Block, Link); 000cc 48 8b 55 28 mov rdx, QWORD PTR Link$[rbp] 000d0 48 8b 8d 70 01 00 00 mov rcx, QWORD PTR Block$[rbp] 000d7 e8 00 00 00 00 call ?NcAppendToBlock@@YAXPEAU_NATIVE_CODE_BLOCK@@PEAU_NATIVE_CODE_LINK@@@Z ; NcAppendToBlock -; 12 : return TRUE; +; 14 : return TRUE; 000dc b8 01 00 00 00 mov eax, 1 -; 13 : } +; 15 : } 000e1 8b f8 mov edi, eax 000e3 48 8d 4d e0 lea rcx, QWORD PTR [rbp-32] diff --git a/CodeVirtualizer/x64/Debug/Main.cod b/CodeVirtualizer/x64/Debug/Main.cod index b8bb8ec..c81270d 100644 --- a/CodeVirtualizer/x64/Debug/Main.cod +++ b/CodeVirtualizer/x64/Debug/Main.cod @@ -7,6 +7,7 @@ INCLUDELIB OLDNAMES PUBLIC ?TestBuffer@@3PAEA ; TestBuffer PUBLIC ?TestBufferSize@@3KA ; TestBufferSize +PUBLIC ?meme1@@3PAEA ; meme1 msvcjmc SEGMENT __B2D2BA86_ctype@h DB 01H __79C7FC57_basetsd@h DB 01H @@ -76,6 +77,7 @@ __BB5B4FF8_xed-encode@h DB 01H __21860875_xed-encoder-hl@h DB 01H __F7815311_xed-decoded-inst-api@h DB 01H __4031338C_Main@cpp DB 01H +__BF2A7ACC_vector DB 01H __7EA464AF_istream DB 01H __1D745195_ostream DB 01H __6FFBAAB7_streambuf DB 01H @@ -84,6 +86,7 @@ __3E6EDFAA_iosfwd DB 01H __CF1C1A3F_utility DB 01H __38038D2D_xstddef DB 01H __EE19A480_xatomic@h DB 01H +__8266A2FD_iomanip DB 01H msvcjmc ENDS _DATA SEGMENT ?TestBuffer@@3PAEA DB 048H ; TestBuffer @@ -134,40 +137,85 @@ _DATA SEGMENT DB 0c3H ORG $+2 ?TestBufferSize@@3KA DD 02eH ; TestBufferSize +?meme1@@3PAEA DB 031H ; meme1 + DB 0c0H _DATA ENDS PUBLIC ?__empty_global_delete@@YAXPEAX@Z ; __empty_global_delete PUBLIC ?__empty_global_delete@@YAXPEAX_K@Z ; __empty_global_delete PUBLIC ?__empty_global_delete@@YAXPEAXW4align_val_t@std@@@Z ; __empty_global_delete PUBLIC ?__empty_global_delete@@YAXPEAX_KW4align_val_t@std@@@Z ; __empty_global_delete -PUBLIC RtlSecureZeroMemory PUBLIC __local_stdio_printf_options PUBLIC _vfprintf_l PUBLIC printf PUBLIC wmemcpy +PUBLIC ?_Adjust_manually_vector_aligned@std@@YAXAEAPEAXAEA_K@Z ; std::_Adjust_manually_vector_aligned +PUBLIC ?_Orphan_all@_Container_base12@std@@QEAAXXZ ; std::_Container_base12::_Orphan_all +PUBLIC ?eq_int_type@?$_Narrow_char_traits@DH@std@@SA_NAEBH0@Z ; std::_Narrow_char_traits::eq_int_type +PUBLIC ?eof@?$_Narrow_char_traits@DH@std@@SAHXZ ; std::_Narrow_char_traits::eof PUBLIC ??$_Maklocstr@_W@std@@YAPEA_WPEBDPEA_WAEBU_Cvtvec@@@Z ; std::_Maklocstr PUBLIC ?_Maklocwcs@std@@YAPEA_WPEB_W@Z ; std::_Maklocwcs PUBLIC ??$_Maklocstr@D@std@@YAPEADPEBDPEADAEBU_Cvtvec@@@Z ; std::_Maklocstr +PUBLIC ?hex@std@@YAAEAVios_base@1@AEAV21@@Z ; std::hex PUBLIC ??$_Getvals@_W@?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@IEAAX_WAEBV_Locinfo@1@@Z ; std::time_get > >::_Getvals PUBLIC ??$_Getvals@_W@?$time_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@IEAAX_WAEBV_Locinfo@1@@Z ; std::time_get > >::_Getvals +PUBLIC ?deallocate@?$allocator@K@std@@QEAAXQEAK_K@Z ; std::allocator::deallocate +PUBLIC ??1?$vector@KV?$allocator@K@std@@@std@@QEAA@XZ ; std::vector >::~vector > +PUBLIC ?_Destroy@?$vector@KV?$allocator@K@std@@@std@@AEAAXPEAK0@Z ; std::vector >::_Destroy +PUBLIC ?_Tidy@?$vector@KV?$allocator@K@std@@@std@@AEAAXXZ ; std::vector >::_Tidy +PUBLIC ?_Getal@?$vector@KV?$allocator@K@std@@@std@@AEAAAEAV?$allocator@K@2@XZ ; std::vector >::_Getal +PUBLIC ?_Get_first@?$_Compressed_pair@V?$allocator@K@std@@V?$_Vector_val@U?$_Simple_types@K@std@@@2@$00@std@@QEAAAEAV?$allocator@K@2@XZ ; std::_Compressed_pair,std::_Vector_val >,1>::_Get_first +PUBLIC ??1_NATIVE_CODE_BLOCK@@QEAA@XZ ; _NATIVE_CODE_BLOCK::~_NATIVE_CODE_BLOCK +PUBLIC ?MakeExecutableBuffer@@YAPEAXPEAXK@Z ; MakeExecutableBuffer PUBLIC main +PUBLIC ??$?6U?$char_traits@D@std@@@std@@YAAEAV?$basic_ostream@DU?$char_traits@D@std@@@0@AEAV10@D@Z ; std::operator<< > +PUBLIC ??$?6DU?$char_traits@D@std@@_J@std@@YAAEAV?$basic_ostream@DU?$char_traits@D@std@@@0@AEAV10@AEBU?$_Smanip@_J@0@@Z ; std::operator<<,__int64> +PUBLIC ??$setfill@D@std@@YA?AU?$_Fillobj@D@0@D@Z ; std::setfill +PUBLIC ??0?$_Fillobj@D@std@@QEAA@D@Z ; std::_Fillobj::_Fillobj +PUBLIC ??$?6DU?$char_traits@D@std@@D@std@@YAAEAV?$basic_ostream@DU?$char_traits@D@std@@@0@AEAV10@AEBU?$_Fillobj@D@0@@Z ; std::operator<<,char> +PUBLIC ??$?0K@?$allocator@U_Container_proxy@std@@@std@@QEAA@AEBV?$allocator@K@1@@Z ; std::allocator::allocator +PUBLIC ??$exchange@PEAU_Container_proxy@std@@$$T@std@@YAPEAU_Container_proxy@0@AEAPEAU10@$$QEA$$T@Z ; std::exchange +PUBLIC ??$_Delete_plain_internal@V?$allocator@U_Container_proxy@std@@@std@@@std@@YAXAEAV?$allocator@U_Container_proxy@std@@@0@QEAU_Container_proxy@0@@Z ; std::_Delete_plain_internal > +PUBLIC ??0_Sentry_base@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAA@AEAV12@@Z ; std::basic_ostream >::_Sentry_base::_Sentry_base +PUBLIC ??1_Sentry_base@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAA@XZ ; std::basic_ostream >::_Sentry_base::~_Sentry_base +PUBLIC ??0sentry@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAA@AEAV12@@Z ; std::basic_ostream >::sentry::sentry +PUBLIC ??1sentry@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAA@XZ ; std::basic_ostream >::sentry::~sentry +PUBLIC ??Bsentry@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEBA_NXZ ; std::basic_ostream >::sentry::operator bool +PUBLIC ??$_Destroy_range@V?$allocator@K@std@@@std@@YAXPEAKQEAKAEAV?$allocator@K@0@@Z ; std::_Destroy_range > +PUBLIC ??$_Deallocate@$0BA@$0A@@std@@YAXPEAX_K@Z ; std::_Deallocate<16,0> +PUBLIC ??$_Deallocate_plain@V?$allocator@U_Container_proxy@std@@@std@@@std@@YAXAEAV?$allocator@U_Container_proxy@std@@@0@QEAU_Container_proxy@0@@Z ; std::_Deallocate_plain > +PUBLIC ?deallocate@?$_Default_allocator_traits@V?$allocator@U_Container_proxy@std@@@std@@@std@@SAXAEAV?$allocator@U_Container_proxy@std@@@2@QEAU_Container_proxy@2@_K@Z ; std::_Default_allocator_traits >::deallocate PUBLIC __JustMyCode_Default PUBLIC ?_OptionsStorage@?1??__local_stdio_printf_options@@9@4_KA ; `__local_stdio_printf_options'::`2'::_OptionsStorage +PUBLIC ?__LINE__Var@?0??_Adjust_manually_vector_aligned@std@@YAXAEAPEAXAEA_K@Z@4JA ; `std::_Adjust_manually_vector_aligned'::`1'::__LINE__Var +PUBLIC ??_C@_0BB@FCMFBGOM@invalid?5argument@ ; `string' +PUBLIC ??_C@_02DKCKIIND@?$CFs@ ; `string' +PUBLIC ??_C@_0GI@JMEOMKJO@C?3?2Program?5Files?5?$CIx86?$CJ?2Microsof@ ; `string' +PUBLIC ??_C@_1NA@FEEOBALC@?$AAC?$AA?3?$AA?2?$AAP?$AAr?$AAo?$AAg?$AAr?$AAa?$AAm?$AA?5?$AAF?$AAi?$AAl?$AAe@ ; `string' +PUBLIC ??_C@_1EK@NIFDJFDG@?$AAs?$AAt?$AAd?$AA?3?$AA?3?$AA_?$AAA?$AAd?$AAj?$AAu?$AAs?$AAt?$AA_?$AAm?$AAa@ ; `string' +PUBLIC ??_C@_1CG@JNLFBNGN@?$AA?$CC?$AAi?$AAn?$AAv?$AAa?$AAl?$AAi?$AAd?$AA?5?$AAa?$AAr?$AAg?$AAu?$AAm?$AAe@ ; `string' PUBLIC ??_C@_0GI@DEICPIDJ@C?3?2Program?5Files?5?$CIx86?$CJ?2Microsof@ ; `string' PUBLIC ?__LINE__Var@?0??_Maklocwcs@std@@YAPEA_WPEB_W@Z@4JA ; `std::_Maklocwcs'::`1'::__LINE__Var PUBLIC ??_C@_0GI@LHMPPKJI@C?3?2Program?5Files?5?$CIx86?$CJ?2Microsof@ ; `string' -PUBLIC ??_C@_01EEMJAFIK@?6@ ; `string' +PUBLIC ??_C@_0BJ@LHKOPLNN@Something?5failed?5nicka?4?6@ ; `string' PUBLIC ??_C@_05PDJBBECF@pause@ ; `string' PUBLIC ??_C@_0N@LPFKKEBD@?3AM?3am?3PM?3pm@ ; `string' PUBLIC ??_C@_1BK@MHIKGOKE@?$AA?3?$AAA?$AAM?$AA?3?$AAa?$AAm?$AA?3?$AAP?$AAM?$AA?3?$AAp?$AAm@ ; `string' -EXTRN ??_U@YAPEAX_K@Z:PROC ; operator new[] +EXTRN ??2@YAPEAX_K@Z:PROC ; operator new +EXTRN ??3@YAXPEAX_K@Z:PROC ; operator delete +EXTRN __imp__invalid_parameter:PROC EXTRN memcpy:PROC -EXTRN memset:PROC EXTRN __imp_wcslen:PROC EXTRN strlen:PROC +EXTRN __imp_VirtualAlloc:PROC +EXTRN __imp_srand:PROC EXTRN __imp_system:PROC EXTRN __imp___acrt_iob_func:PROC EXTRN __imp___stdio_common_vfprintf:PROC EXTRN __imp__calloc_dbg:PROC +EXTRN __imp__CrtDbgReport:PROC +EXTRN __imp_??0_Lockit@std@@QEAA@H@Z:PROC +EXTRN __imp_??1_Lockit@std@@QEAA@XZ:PROC +EXTRN ?uncaught_exception@std@@YA_NXZ:PROC ; std::uncaught_exception EXTRN ?_Xbad_alloc@std@@YAXXZ:PROC ; std::_Xbad_alloc EXTRN _Mbrtowc:PROC EXTRN __imp_?_Getcvt@_Locinfo@std@@QEBA?AU_Cvtvec@@XZ:PROC @@ -175,12 +223,29 @@ EXTRN __imp_?_Getdays@_Locinfo@std@@QEBAPEBDXZ:PROC EXTRN __imp_?_Getmonths@_Locinfo@std@@QEBAPEBDXZ:PROC EXTRN __imp_?_W_Getdays@_Locinfo@std@@QEBAPEBGXZ:PROC EXTRN __imp_?_W_Getmonths@_Locinfo@std@@QEBAPEBGXZ:PROC +EXTRN __imp_?good@ios_base@std@@QEBA_NXZ:PROC +EXTRN __imp_?flags@ios_base@std@@QEBAHXZ:PROC +EXTRN __imp_?setf@ios_base@std@@QEAAHHH@Z:PROC +EXTRN __imp_?width@ios_base@std@@QEBA_JXZ:PROC +EXTRN __imp_?width@ios_base@std@@QEAA_J_J@Z:PROC +EXTRN __imp_?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHD@Z:PROC +EXTRN __imp_?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAAXH_N@Z:PROC +EXTRN __imp_?tie@?$basic_ios@DU?$char_traits@D@std@@@std@@QEBAPEAV?$basic_ostream@DU?$char_traits@D@std@@@2@XZ:PROC +EXTRN __imp_?rdbuf@?$basic_ios@DU?$char_traits@D@std@@@std@@QEBAPEAV?$basic_streambuf@DU?$char_traits@D@std@@@2@XZ:PROC +EXTRN __imp_?fill@?$basic_ios@DU?$char_traits@D@std@@@std@@QEBADXZ:PROC +EXTRN __imp_?fill@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAADD@Z:PROC +EXTRN __imp_?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAXXZ:PROC +EXTRN __imp_??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@P6AAEAVios_base@1@AEAV21@@Z@Z:PROC +EXTRN __imp_??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@H@Z:PROC +EXTRN __imp_?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@XZ:PROC +EXTRN __imp__time64:PROC +EXTRN ?setw@std@@YA?AU?$_Smanip@_J@1@_J@Z:PROC ; std::setw EXTRN xed_tables_init:PROC -EXTRN ??0_NATIVE_CODE_LINK@@QEAA@XZ:PROC ; _NATIVE_CODE_LINK::_NATIVE_CODE_LINK -EXTRN ??1_NATIVE_CODE_LINK@@QEAA@XZ:PROC ; _NATIVE_CODE_LINK::~_NATIVE_CODE_LINK -EXTRN ?NcDebugPrint@@YAXPEAU_NATIVE_CODE_BLOCK@@@Z:PROC ; NcDebugPrint -EXTRN ?NcPrintBlockCode@@YAXPEAU_NATIVE_CODE_BLOCK@@@Z:PROC ; NcPrintBlockCode -EXTRN ?JitEmitPreRipMov@@YAPEAU_NATIVE_CODE_BLOCK@@PEAU_NATIVE_CODE_LINK@@H@Z:PROC ; JitEmitPreRipMov +EXTRN ??0_NATIVE_CODE_LINK@@QEAA@KPEAXK@Z:PROC ; _NATIVE_CODE_LINK::_NATIVE_CODE_LINK +EXTRN ??0_NATIVE_CODE_BLOCK@@QEAA@XZ:PROC ; _NATIVE_CODE_BLOCK::_NATIVE_CODE_BLOCK +EXTRN ?NcInsertLinkBefore@@YAXPEAU_NATIVE_CODE_LINK@@0@Z:PROC ; NcInsertLinkBefore +EXTRN ?NcDisassemble@@YAHPEAU_NATIVE_CODE_BLOCK@@PEAXK@Z:PROC ; NcDisassemble +EXTRN ?NcAssemble@@YAPEAXPEAU_NATIVE_CODE_BLOCK@@PEAK@Z:PROC ; NcAssemble EXTRN _RTC_CheckStackVars:PROC EXTRN _RTC_InitBase:PROC EXTRN _RTC_Shutdown:PROC @@ -189,6 +254,7 @@ EXTRN __CxxFrameHandler4:PROC EXTRN __GSHandlerCheck:PROC EXTRN __GSHandlerCheck_EH4:PROC EXTRN __security_check_cookie:PROC +EXTRN __imp_?cout@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A:BYTE EXTRN __security_cookie:QWORD ; COMDAT ?_OptionsStorage@?1??__local_stdio_printf_options@@9@4_KA _BSS SEGMENT @@ -220,12 +286,6 @@ $pdata$?__empty_global_delete@@YAXPEAX_KW4align_val_t@std@@@Z DD imagerel $LN3 pdata ENDS ; COMDAT pdata pdata SEGMENT -$pdata$RtlSecureZeroMemory DD imagerel $LN3 - DD imagerel $LN3+102 - DD imagerel $unwind$RtlSecureZeroMemory -pdata ENDS -; COMDAT pdata -pdata SEGMENT $pdata$__local_stdio_printf_options DD imagerel $LN3 DD imagerel $LN3+59 DD imagerel $unwind$__local_stdio_printf_options @@ -250,6 +310,30 @@ $pdata$wmemcpy DD imagerel $LN3 pdata ENDS ; COMDAT pdata pdata SEGMENT +$pdata$?_Adjust_manually_vector_aligned@std@@YAXAEAPEAXAEA_K@Z DD imagerel $LN21 + DD imagerel $LN21+476 + DD imagerel $unwind$?_Adjust_manually_vector_aligned@std@@YAXAEAPEAXAEA_K@Z +pdata ENDS +; COMDAT pdata +pdata SEGMENT +$pdata$?_Orphan_all@_Container_base12@std@@QEAAXXZ DD imagerel $LN7 + DD imagerel $LN7+233 + DD imagerel $unwind$?_Orphan_all@_Container_base12@std@@QEAAXXZ +pdata ENDS +; COMDAT pdata +pdata SEGMENT +$pdata$?eq_int_type@?$_Narrow_char_traits@DH@std@@SA_NAEBH0@Z DD imagerel $LN5 + DD imagerel $LN5+118 + DD imagerel $unwind$?eq_int_type@?$_Narrow_char_traits@DH@std@@SA_NAEBH0@Z +pdata ENDS +; COMDAT pdata +pdata SEGMENT +$pdata$?eof@?$_Narrow_char_traits@DH@std@@SAHXZ DD imagerel $LN3 + DD imagerel $LN3+57 + DD imagerel $unwind$?eof@?$_Narrow_char_traits@DH@std@@SAHXZ +pdata ENDS +; COMDAT pdata +pdata SEGMENT $pdata$??$_Maklocstr@_W@std@@YAPEA_WPEBDPEA_WAEBU_Cvtvec@@@Z DD imagerel $LN12 DD imagerel $LN12+584 DD imagerel $unwind$??$_Maklocstr@_W@std@@YAPEA_WPEBDPEA_WAEBU_Cvtvec@@@Z @@ -268,6 +352,18 @@ $pdata$??$_Maklocstr@D@std@@YAPEADPEBDPEADAEBU_Cvtvec@@@Z DD imagerel $LN7 pdata ENDS ; COMDAT pdata pdata SEGMENT +$pdata$?hex@std@@YAAEAVios_base@1@AEAV21@@Z DD imagerel $LN3 + DD imagerel $LN3+95 + DD imagerel $unwind$?hex@std@@YAAEAVios_base@1@AEAV21@@Z +pdata ENDS +; COMDAT pdata +pdata SEGMENT +$pdata$time DD imagerel time + DD imagerel time+77 + DD imagerel $unwind$time +pdata ENDS +; COMDAT pdata +pdata SEGMENT $pdata$??$_Getvals@_W@?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@IEAAX_WAEBV_Locinfo@1@@Z DD imagerel $LN5 DD imagerel $LN5+379 DD imagerel $unwind$??$_Getvals@_W@?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@IEAAX_WAEBV_Locinfo@1@@Z @@ -280,8 +376,56 @@ $pdata$??$_Getvals@_W@?$time_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@st pdata ENDS ; COMDAT pdata pdata SEGMENT -$pdata$main DD imagerel $LN5 - DD imagerel $LN5+292 +$pdata$?deallocate@?$allocator@K@std@@QEAAXQEAK_K@Z DD imagerel $LN3 + DD imagerel $LN3+100 + DD imagerel $unwind$?deallocate@?$allocator@K@std@@QEAAXQEAK_K@Z +pdata ENDS +; COMDAT pdata +pdata SEGMENT +$pdata$??1?$vector@KV?$allocator@K@std@@@std@@QEAA@XZ DD imagerel $LN3 + DD imagerel $LN3+202 + DD imagerel $unwind$??1?$vector@KV?$allocator@K@std@@@std@@QEAA@XZ +pdata ENDS +; COMDAT pdata +pdata SEGMENT +$pdata$?_Destroy@?$vector@KV?$allocator@K@std@@@std@@AEAAXPEAK0@Z DD imagerel $LN3 + DD imagerel $LN3+108 + DD imagerel $unwind$?_Destroy@?$vector@KV?$allocator@K@std@@@std@@AEAAXPEAK0@Z +pdata ENDS +; COMDAT pdata +pdata SEGMENT +$pdata$?_Tidy@?$vector@KV?$allocator@K@std@@@std@@AEAAXXZ DD imagerel $LN4 + DD imagerel $LN4+280 + DD imagerel $unwind$?_Tidy@?$vector@KV?$allocator@K@std@@@std@@AEAAXXZ +pdata ENDS +; COMDAT pdata +pdata SEGMENT +$pdata$?_Getal@?$vector@KV?$allocator@K@std@@@std@@AEAAAEAV?$allocator@K@2@XZ DD imagerel $LN3 + DD imagerel $LN3+80 + DD imagerel $unwind$?_Getal@?$vector@KV?$allocator@K@std@@@std@@AEAAAEAV?$allocator@K@2@XZ +pdata ENDS +; COMDAT pdata +pdata SEGMENT +$pdata$?_Get_first@?$_Compressed_pair@V?$allocator@K@std@@V?$_Vector_val@U?$_Simple_types@K@std@@@2@$00@std@@QEAAAEAV?$allocator@K@2@XZ DD imagerel $LN3 + DD imagerel $LN3+71 + DD imagerel $unwind$?_Get_first@?$_Compressed_pair@V?$allocator@K@std@@V?$_Vector_val@U?$_Simple_types@K@std@@@2@$00@std@@QEAAAEAV?$allocator@K@2@XZ +pdata ENDS +; COMDAT pdata +pdata SEGMENT +$pdata$??1_NATIVE_CODE_BLOCK@@QEAA@XZ DD imagerel $LN3 + DD imagerel $LN3+71 + DD imagerel $unwind$??1_NATIVE_CODE_BLOCK@@QEAA@XZ +pdata ENDS +; COMDAT pdata +pdata SEGMENT +$pdata$?MakeExecutableBuffer@@YAPEAXPEAXK@Z DD imagerel $LN4 + DD imagerel $LN4+136 + DD imagerel $unwind$?MakeExecutableBuffer@@YAPEAXPEAXK@Z +pdata ENDS +; COMDAT pdata +pdata SEGMENT +$pdata$main DD imagerel $LN14 + DD imagerel $LN14+646 DD imagerel $unwind$main pdata ENDS ; COMDAT pdata @@ -290,6 +434,132 @@ $pdata$main$dtor$0 DD imagerel main$dtor$0 DD imagerel main$dtor$0+36 DD imagerel $unwind$main$dtor$0 pdata ENDS +; COMDAT pdata +pdata SEGMENT +$pdata$main$dtor$1 DD imagerel main$dtor$1 + DD imagerel main$dtor$1+44 + DD imagerel $unwind$main$dtor$1 +pdata ENDS +; COMDAT pdata +pdata SEGMENT +$pdata$??$?6U?$char_traits@D@std@@@std@@YAAEAV?$basic_ostream@DU?$char_traits@D@std@@@0@AEAV10@D@Z DD imagerel $LN23 + DD imagerel $LN23+1095 + DD imagerel $unwind$??$?6U?$char_traits@D@std@@@std@@YAAEAV?$basic_ostream@DU?$char_traits@D@std@@@0@AEAV10@D@Z +pdata ENDS +; COMDAT pdata +pdata SEGMENT +$pdata$?dtor$0@?0???$?6U?$char_traits@D@std@@@std@@YAAEAV?$basic_ostream@DU?$char_traits@D@std@@@0@AEAV10@D@Z@4HA DD imagerel ?dtor$0@?0???$?6U?$char_traits@D@std@@@std@@YAAEAV?$basic_ostream@DU?$char_traits@D@std@@@0@AEAV10@D@Z@4HA + DD imagerel ?dtor$0@?0???$?6U?$char_traits@D@std@@@std@@YAAEAV?$basic_ostream@DU?$char_traits@D@std@@@0@AEAV10@D@Z@4HA+36 + DD imagerel $unwind$?dtor$0@?0???$?6U?$char_traits@D@std@@@std@@YAAEAV?$basic_ostream@DU?$char_traits@D@std@@@0@AEAV10@D@Z@4HA +pdata ENDS +; COMDAT pdata +pdata SEGMENT +$pdata$?catch$1@?0???$?6U?$char_traits@D@std@@@std@@YAAEAV?$basic_ostream@DU?$char_traits@D@std@@@0@AEAV10@D@Z@4HA DD imagerel ?catch$1@?0???$?6U?$char_traits@D@std@@@std@@YAAEAV?$basic_ostream@DU?$char_traits@D@std@@@0@AEAV10@D@Z@4HA + DD imagerel ?catch$1@?0???$?6U?$char_traits@D@std@@@std@@YAAEAV?$basic_ostream@DU?$char_traits@D@std@@@0@AEAV10@D@Z@4HA+91 + DD imagerel $unwind$?catch$1@?0???$?6U?$char_traits@D@std@@@std@@YAAEAV?$basic_ostream@DU?$char_traits@D@std@@@0@AEAV10@D@Z@4HA +pdata ENDS +; COMDAT pdata +pdata SEGMENT +$pdata$??$?6DU?$char_traits@D@std@@_J@std@@YAAEAV?$basic_ostream@DU?$char_traits@D@std@@@0@AEAV10@AEBU?$_Smanip@_J@0@@Z DD imagerel $LN3 + DD imagerel $LN3+140 + DD imagerel $unwind$??$?6DU?$char_traits@D@std@@_J@std@@YAAEAV?$basic_ostream@DU?$char_traits@D@std@@@0@AEAV10@AEBU?$_Smanip@_J@0@@Z +pdata ENDS +; COMDAT pdata +pdata SEGMENT +$pdata$??$setfill@D@std@@YA?AU?$_Fillobj@D@0@D@Z DD imagerel $LN3 + DD imagerel $LN3+94 + DD imagerel $unwind$??$setfill@D@std@@YA?AU?$_Fillobj@D@0@D@Z +pdata ENDS +; COMDAT pdata +pdata SEGMENT +$pdata$??0?$_Fillobj@D@std@@QEAA@D@Z DD imagerel $LN3 + DD imagerel $LN3+91 + DD imagerel $unwind$??0?$_Fillobj@D@std@@QEAA@D@Z +pdata ENDS +; COMDAT pdata +pdata SEGMENT +$pdata$??$?6DU?$char_traits@D@std@@D@std@@YAAEAV?$basic_ostream@DU?$char_traits@D@std@@@0@AEAV10@AEBU?$_Fillobj@D@0@@Z DD imagerel $LN3 + DD imagerel $LN3+133 + DD imagerel $unwind$??$?6DU?$char_traits@D@std@@D@std@@YAAEAV?$basic_ostream@DU?$char_traits@D@std@@@0@AEAV10@AEBU?$_Fillobj@D@0@@Z +pdata ENDS +; COMDAT pdata +pdata SEGMENT +$pdata$??$?0K@?$allocator@U_Container_proxy@std@@@std@@QEAA@AEBV?$allocator@K@1@@Z DD imagerel $LN3 + DD imagerel $LN3+76 + DD imagerel $unwind$??$?0K@?$allocator@U_Container_proxy@std@@@std@@QEAA@AEBV?$allocator@K@1@@Z +pdata ENDS +; COMDAT pdata +pdata SEGMENT +$pdata$??$exchange@PEAU_Container_proxy@std@@$$T@std@@YAPEAU_Container_proxy@0@AEAPEAU10@$$QEA$$T@Z DD imagerel $LN3 + DD imagerel $LN3+107 + DD imagerel $unwind$??$exchange@PEAU_Container_proxy@std@@$$T@std@@YAPEAU_Container_proxy@0@AEAPEAU10@$$QEA$$T@Z +pdata ENDS +; COMDAT pdata +pdata SEGMENT +$pdata$??$_Delete_plain_internal@V?$allocator@U_Container_proxy@std@@@std@@@std@@YAXAEAV?$allocator@U_Container_proxy@std@@@0@QEAU_Container_proxy@0@@Z DD imagerel $LN3 + DD imagerel $LN3+89 + DD imagerel $unwind$??$_Delete_plain_internal@V?$allocator@U_Container_proxy@std@@@std@@@std@@YAXAEAV?$allocator@U_Container_proxy@std@@@0@QEAU_Container_proxy@0@@Z +pdata ENDS +; COMDAT pdata +pdata SEGMENT +$pdata$??0_Sentry_base@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAA@AEAV12@@Z DD imagerel $LN4 + DD imagerel $LN4+171 + DD imagerel $unwind$??0_Sentry_base@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAA@AEAV12@@Z +pdata ENDS +; COMDAT pdata +pdata SEGMENT +$pdata$??1_Sentry_base@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAA@XZ DD imagerel $LN4 + DD imagerel $LN4+143 + DD imagerel $unwind$??1_Sentry_base@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAA@XZ +pdata ENDS +; COMDAT pdata +pdata SEGMENT +$pdata$??0sentry@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAA@AEAV12@@Z DD imagerel $LN7 + DD imagerel $LN7+284 + DD imagerel $unwind$??0sentry@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAA@AEAV12@@Z +pdata ENDS +; COMDAT pdata +pdata SEGMENT +$pdata$?dtor$0@?0???0sentry@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAA@AEAV12@@Z@4HA DD imagerel ?dtor$0@?0???0sentry@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAA@AEAV12@@Z@4HA + DD imagerel ?dtor$0@?0???0sentry@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAA@AEAV12@@Z@4HA+39 + DD imagerel $unwind$?dtor$0@?0???0sentry@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAA@AEAV12@@Z@4HA +pdata ENDS +; COMDAT pdata +pdata SEGMENT +$pdata$??1sentry@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAA@XZ DD imagerel $LN6 + DD imagerel $LN6+139 + DD imagerel $unwind$??1sentry@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAA@XZ +pdata ENDS +; COMDAT pdata +pdata SEGMENT +$pdata$??Bsentry@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEBA_NXZ DD imagerel $LN3 + DD imagerel $LN3+75 + DD imagerel $unwind$??Bsentry@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEBA_NXZ +pdata ENDS +; COMDAT pdata +pdata SEGMENT +$pdata$??$_Destroy_range@V?$allocator@K@std@@@std@@YAXPEAKQEAKAEAV?$allocator@K@0@@Z DD imagerel $LN3 + DD imagerel $LN3+75 + DD imagerel $unwind$??$_Destroy_range@V?$allocator@K@std@@@std@@YAXPEAKQEAKAEAV?$allocator@K@0@@Z +pdata ENDS +; COMDAT pdata +pdata SEGMENT +$pdata$??$_Deallocate@$0BA@$0A@@std@@YAXPEAX_K@Z DD imagerel $LN4 + DD imagerel $LN4+121 + DD imagerel $unwind$??$_Deallocate@$0BA@$0A@@std@@YAXPEAX_K@Z +pdata ENDS +; COMDAT pdata +pdata SEGMENT +$pdata$??$_Deallocate_plain@V?$allocator@U_Container_proxy@std@@@std@@@std@@YAXAEAV?$allocator@U_Container_proxy@std@@@0@QEAU_Container_proxy@0@@Z DD imagerel $LN3 + DD imagerel $LN3+95 + DD imagerel $unwind$??$_Deallocate_plain@V?$allocator@U_Container_proxy@std@@@std@@@std@@YAXAEAV?$allocator@U_Container_proxy@std@@@0@QEAU_Container_proxy@0@@Z +pdata ENDS +; COMDAT pdata +pdata SEGMENT +$pdata$?deallocate@?$_Default_allocator_traits@V?$allocator@U_Container_proxy@std@@@std@@@std@@SAXAEAV?$allocator@U_Container_proxy@std@@@2@QEAU_Container_proxy@2@_K@Z DD imagerel $LN3 + DD imagerel $LN3+97 + DD imagerel $unwind$?deallocate@?$_Default_allocator_traits@V?$allocator@U_Container_proxy@std@@@std@@@std@@SAXAEAV?$allocator@U_Container_proxy@std@@@2@QEAU_Container_proxy@2@_K@Z +pdata ENDS ; COMDAT rtc$TMZ rtc$TMZ SEGMENT _RTC_Shutdown.rtc$TMZ DQ FLAT:_RTC_Shutdown @@ -312,9 +582,10 @@ CONST ENDS CONST SEGMENT ??_C@_05PDJBBECF@pause@ DB 'pause', 00H ; `string' CONST ENDS -; COMDAT ??_C@_01EEMJAFIK@?6@ +; COMDAT ??_C@_0BJ@LHKOPLNN@Something?5failed?5nicka?4?6@ CONST SEGMENT -??_C@_01EEMJAFIK@?6@ DB 0aH, 00H ; `string' +??_C@_0BJ@LHKOPLNN@Something?5failed?5nicka?4?6@ DB 'Something failed nic' + DB 'ka.', 0aH, 00H ; `string' CONST ENDS ; COMDAT ??_C@_0GI@LHMPPKJI@C?3?2Program?5Files?5?$CIx86?$CJ?2Microsof@ CONST SEGMENT @@ -332,484 +603,3611 @@ CONST SEGMENT DB 'gram Files (x86)\Microsoft Visual Studio\2019\Community\VC\To' DB 'ols\MSVC\14.27.29110\include\xlocale', 00H ; `string' CONST ENDS +; COMDAT ??_C@_1CG@JNLFBNGN@?$AA?$CC?$AAi?$AAn?$AAv?$AAa?$AAl?$AAi?$AAd?$AA?5?$AAa?$AAr?$AAg?$AAu?$AAm?$AAe@ +CONST SEGMENT +??_C@_1CG@JNLFBNGN@?$AA?$CC?$AAi?$AAn?$AAv?$AAa?$AAl?$AAi?$AAd?$AA?5?$AAa?$AAr?$AAg?$AAu?$AAm?$AAe@ DB '"' + DB 00H, 'i', 00H, 'n', 00H, 'v', 00H, 'a', 00H, 'l', 00H, 'i', 00H + DB 'd', 00H, ' ', 00H, 'a', 00H, 'r', 00H, 'g', 00H, 'u', 00H, 'm' + DB 00H, 'e', 00H, 'n', 00H, 't', 00H, '"', 00H, 00H, 00H ; `string' +CONST ENDS +; COMDAT ??_C@_1EK@NIFDJFDG@?$AAs?$AAt?$AAd?$AA?3?$AA?3?$AA_?$AAA?$AAd?$AAj?$AAu?$AAs?$AAt?$AA_?$AAm?$AAa@ +CONST SEGMENT +??_C@_1EK@NIFDJFDG@?$AAs?$AAt?$AAd?$AA?3?$AA?3?$AA_?$AAA?$AAd?$AAj?$AAu?$AAs?$AAt?$AA_?$AAm?$AAa@ DB 's' + DB 00H, 't', 00H, 'd', 00H, ':', 00H, ':', 00H, '_', 00H, 'A', 00H + DB 'd', 00H, 'j', 00H, 'u', 00H, 's', 00H, 't', 00H, '_', 00H, 'm' + DB 00H, 'a', 00H, 'n', 00H, 'u', 00H, 'a', 00H, 'l', 00H, 'l', 00H + DB 'y', 00H, '_', 00H, 'v', 00H, 'e', 00H, 'c', 00H, 't', 00H, 'o' + DB 00H, 'r', 00H, '_', 00H, 'a', 00H, 'l', 00H, 'i', 00H, 'g', 00H + DB 'n', 00H, 'e', 00H, 'd', 00H, 00H, 00H ; `string' +CONST ENDS +; COMDAT ??_C@_1NA@FEEOBALC@?$AAC?$AA?3?$AA?2?$AAP?$AAr?$AAo?$AAg?$AAr?$AAa?$AAm?$AA?5?$AAF?$AAi?$AAl?$AAe@ +CONST SEGMENT +??_C@_1NA@FEEOBALC@?$AAC?$AA?3?$AA?2?$AAP?$AAr?$AAo?$AAg?$AAr?$AAa?$AAm?$AA?5?$AAF?$AAi?$AAl?$AAe@ DB 'C' + DB 00H, ':', 00H, '\', 00H, 'P', 00H, 'r', 00H, 'o', 00H, 'g', 00H + DB 'r', 00H, 'a', 00H, 'm', 00H, ' ', 00H, 'F', 00H, 'i', 00H, 'l' + DB 00H, 'e', 00H, 's', 00H, ' ', 00H, '(', 00H, 'x', 00H, '8', 00H + DB '6', 00H, ')', 00H, '\', 00H, 'M', 00H, 'i', 00H, 'c', 00H, 'r' + DB 00H, 'o', 00H, 's', 00H, 'o', 00H, 'f', 00H, 't', 00H, ' ', 00H + DB 'V', 00H, 'i', 00H, 's', 00H, 'u', 00H, 'a', 00H, 'l', 00H, ' ' + DB 00H, 'S', 00H, 't', 00H, 'u', 00H, 'd', 00H, 'i', 00H, 'o', 00H + DB '\', 00H, '2', 00H, '0', 00H, '1', 00H, '9', 00H, '\', 00H, 'C' + DB 00H, 'o', 00H, 'm', 00H, 'm', 00H, 'u', 00H, 'n', 00H, 'i', 00H + DB 't', 00H, 'y', 00H, '\', 00H, 'V', 00H, 'C', 00H, '\', 00H, 'T' + DB 00H, 'o', 00H, 'o', 00H, 'l', 00H, 's', 00H, '\', 00H, 'M', 00H + DB 'S', 00H, 'V', 00H, 'C', 00H, '\', 00H, '1', 00H, '4', 00H, '.' + DB 00H, '2', 00H, '7', 00H, '.', 00H, '2', 00H, '9', 00H, '1', 00H + DB '1', 00H, '0', 00H, '\', 00H, 'i', 00H, 'n', 00H, 'c', 00H, 'l' + DB 00H, 'u', 00H, 'd', 00H, 'e', 00H, '\', 00H, 'x', 00H, 'm', 00H + DB 'e', 00H, 'm', 00H, 'o', 00H, 'r', 00H, 'y', 00H, 00H, 00H ; `string' +CONST ENDS +; COMDAT ??_C@_0GI@JMEOMKJO@C?3?2Program?5Files?5?$CIx86?$CJ?2Microsof@ +CONST SEGMENT +??_C@_0GI@JMEOMKJO@C?3?2Program?5Files?5?$CIx86?$CJ?2Microsof@ DB 'C:\Pro' + DB 'gram Files (x86)\Microsoft Visual Studio\2019\Community\VC\To' + DB 'ols\MSVC\14.27.29110\include\xmemory', 00H ; `string' +CONST ENDS +; COMDAT ??_C@_02DKCKIIND@?$CFs@ +CONST SEGMENT +??_C@_02DKCKIIND@?$CFs@ DB '%s', 00H ; `string' +CONST ENDS +; COMDAT ??_C@_0BB@FCMFBGOM@invalid?5argument@ +CONST SEGMENT +??_C@_0BB@FCMFBGOM@invalid?5argument@ DB 'invalid argument', 00H ; `string' +CONST ENDS +; COMDAT ?__LINE__Var@?0??_Adjust_manually_vector_aligned@std@@YAXAEAPEAXAEA_K@Z@4JA +_DATA SEGMENT +?__LINE__Var@?0??_Adjust_manually_vector_aligned@std@@YAXAEAPEAXAEA_K@Z@4JA DD 084H ; `std::_Adjust_manually_vector_aligned'::`1'::__LINE__Var +_DATA ENDS ; COMDAT xdata xdata SEGMENT -$unwind$main$dtor$0 DD 031001H - DD 0700c4210H - DD 0500bH +$unwind$?deallocate@?$_Default_allocator_traits@V?$allocator@U_Container_proxy@std@@@std@@@std@@SAXAEAV?$allocator@U_Container_proxy@std@@@2@QEAU_Container_proxy@2@_K@Z DD 025053401H + DD 0118231dH + DD 07011001dH + DD 05010H xdata ENDS ; COMDAT xdata xdata SEGMENT -$ip2state$main DB 06H +$ip2state$??$_Deallocate_plain@V?$allocator@U_Container_proxy@std@@@std@@@std@@YAXAEAV?$allocator@U_Container_proxy@std@@@0@QEAU_Container_proxy@0@@Z DB 02H DB 00H DB 00H - DB 094H - DB 02H - DB 089H, 02H - DB 00H xdata ENDS ; COMDAT xdata xdata SEGMENT -$stateUnwindMap$main DB 02H - DB 0eH - DD imagerel main$dtor$0 +$cppxdata$??$_Deallocate_plain@V?$allocator@U_Container_proxy@std@@@std@@@std@@YAXAEAV?$allocator@U_Container_proxy@std@@@0@QEAU_Container_proxy@0@@Z DB 060H + DD imagerel $ip2state$??$_Deallocate_plain@V?$allocator@U_Container_proxy@std@@@std@@@std@@YAXAEAV?$allocator@U_Container_proxy@std@@@0@QEAU_Container_proxy@0@@Z xdata ENDS ; COMDAT xdata xdata SEGMENT -$cppxdata$main DB 028H - DD imagerel $stateUnwindMap$main - DD imagerel $ip2state$main +$unwind$??$_Deallocate_plain@V?$allocator@U_Container_proxy@std@@@std@@@std@@YAXAEAV?$allocator@U_Container_proxy@std@@@0@QEAU_Container_proxy@0@@Z DD 025052f19H + DD 01132318H + DD 0700c001dH + DD 0500bH + DD imagerel __CxxFrameHandler4 + DD imagerel $cppxdata$??$_Deallocate_plain@V?$allocator@U_Container_proxy@std@@@std@@@std@@YAXAEAV?$allocator@U_Container_proxy@std@@@0@QEAU_Container_proxy@0@@Z xdata ENDS ; COMDAT xdata xdata SEGMENT -$unwind$main DD 025052f19H - DD 010a230fH - DD 07003004dH - DD 05002H - DD imagerel __GSHandlerCheck_EH4 - DD imagerel $cppxdata$main - DD 025aH -xdata ENDS -; COMDAT CONST -CONST SEGMENT -main$rtcName$0 DB 054H +$ip2state$??$_Deallocate@$0BA@$0A@@std@@YAXPEAX_K@Z DB 02H DB 00H - ORG $+2 -main$rtcName$1 DB 044H - DB 061H - DB 074H - DB 061H DB 00H - ORG $+7 -main$rtcVarDesc DD 0138H - DD 014H - DQ FLAT:main$rtcName$1 - DD 030H - DD 0f0H - DQ FLAT:main$rtcName$0 - ORG $+96 -main$rtcFrameData DD 02H - DD 00H - DQ FLAT:main$rtcVarDesc -CONST ENDS +xdata ENDS ; COMDAT xdata xdata SEGMENT -$unwind$??$_Getvals@_W@?$time_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@IEAAX_WAEBV_Locinfo@1@@Z DD 025063501H - DD 0119231eH - DD 070120026H - DD 050106011H +$cppxdata$??$_Deallocate@$0BA@$0A@@std@@YAXPEAX_K@Z DB 060H + DD imagerel $ip2state$??$_Deallocate@$0BA@$0A@@std@@YAXPEAX_K@Z xdata ENDS ; COMDAT xdata xdata SEGMENT -$unwind$??$_Getvals@_W@?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@IEAAX_WAEBV_Locinfo@1@@Z DD 025063501H - DD 0119231eH - DD 070120026H - DD 050106011H +$unwind$??$_Deallocate@$0BA@$0A@@std@@YAXPEAX_K@Z DD 025052f19H + DD 01132318H + DD 0700c001dH + DD 0500bH + DD imagerel __CxxFrameHandler4 + DD imagerel $cppxdata$??$_Deallocate@$0BA@$0A@@std@@YAXPEAX_K@Z xdata ENDS ; COMDAT xdata xdata SEGMENT -$unwind$??$_Maklocstr@D@std@@YAPEADPEBDPEADAEBU_Cvtvec@@@Z DD 035053401H - DD 0118331dH - DD 07011002bH - DD 05010H +$ip2state$??$_Destroy_range@V?$allocator@K@std@@@std@@YAXPEAKQEAKAEAV?$allocator@K@0@@Z DB 02H + DB 00H + DB 00H xdata ENDS ; COMDAT xdata xdata SEGMENT -$unwind$?_Maklocwcs@std@@YAPEA_WPEB_W@Z DD 035052a01H - DD 010e3313H - DD 070070027H - DD 05006H +$cppxdata$??$_Destroy_range@V?$allocator@K@std@@@std@@YAXPEAKQEAKAEAV?$allocator@K@0@@Z DB 060H + DD imagerel $ip2state$??$_Destroy_range@V?$allocator@K@std@@@std@@YAXPEAKQEAKAEAV?$allocator@K@0@@Z xdata ENDS ; COMDAT xdata xdata SEGMENT -$unwind$??$_Maklocstr@_W@std@@YAPEA_WPEBDPEA_WAEBU_Cvtvec@@@Z DD 035054519H - DD 0118331dH - DD 070110047H +$unwind$??$_Destroy_range@V?$allocator@K@std@@@std@@YAXPEAKQEAKAEAV?$allocator@K@0@@Z DD 025053419H + DD 0118231dH + DD 07011001dH DD 05010H - DD imagerel __GSHandlerCheck - DD 0228H + DD imagerel __CxxFrameHandler4 + DD imagerel $cppxdata$??$_Destroy_range@V?$allocator@K@std@@@std@@YAXPEAKQEAKAEAV?$allocator@K@0@@Z xdata ENDS -; COMDAT CONST -CONST SEGMENT -??$_Maklocstr@_W@std@@YAPEA_WPEBDPEA_WAEBU_Cvtvec@@@Z$rtcName$0 DB 05fH ; std::_Maklocstr - DB 057H - DB 063H - DB 00H -??$_Maklocstr@_W@std@@YAPEA_WPEBDPEA_WAEBU_Cvtvec@@@Z$rtcName$1 DB 05fH ; std::_Maklocstr - DB 04dH - DB 062H - DB 073H - DB 074H - DB 031H +; COMDAT xdata +xdata SEGMENT +$unwind$??Bsentry@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEBA_NXZ DD 025052a01H + DD 010e2313H + DD 07007001dH + DD 05006H +xdata ENDS +; COMDAT xdata +xdata SEGMENT +$ip2state$??1sentry@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAA@XZ DB 02H DB 00H - ORG $+1 -??$_Maklocstr@_W@std@@YAPEA_WPEBDPEA_WAEBU_Cvtvec@@@Z$rtcName$2 DB 05fH ; std::_Maklocstr - DB 04dH - DB 062H - DB 073H - DB 074H - DB 032H DB 00H - ORG $+13 -??$_Maklocstr@_W@std@@YAPEA_WPEBDPEA_WAEBU_Cvtvec@@@Z$rtcVarDesc DD 0158H ; std::_Maklocstr - DD 08H - DQ FLAT:??$_Maklocstr@_W@std@@YAPEA_WPEBDPEA_WAEBU_Cvtvec@@@Z$rtcName$2 - DD 0f8H - DD 08H - DQ FLAT:??$_Maklocstr@_W@std@@YAPEA_WPEBDPEA_WAEBU_Cvtvec@@@Z$rtcName$1 - DD 0d4H - DD 02H - DQ FLAT:??$_Maklocstr@_W@std@@YAPEA_WPEBDPEA_WAEBU_Cvtvec@@@Z$rtcName$0 - ORG $+144 -??$_Maklocstr@_W@std@@YAPEA_WPEBDPEA_WAEBU_Cvtvec@@@Z$rtcFrameData DD 03H ; std::_Maklocstr - DD 00H - DQ FLAT:??$_Maklocstr@_W@std@@YAPEA_WPEBDPEA_WAEBU_Cvtvec@@@Z$rtcVarDesc -CONST ENDS +xdata ENDS ; COMDAT xdata xdata SEGMENT -$unwind$wmemcpy DD 025053401H - DD 0118231dH - DD 07011001dH - DD 05010H +$cppxdata$??1sentry@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAA@XZ DB 060H + DD imagerel $ip2state$??1sentry@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAA@XZ xdata ENDS ; COMDAT xdata xdata SEGMENT -$unwind$printf DD 025054a19H - DD 011d2322H - DD 07016002bH - DD 05015H - DD imagerel __GSHandlerCheck - DD 0148H +$unwind$??1sentry@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAA@XZ DD 025052a19H + DD 010e2313H + DD 070070021H + DD 05006H + DD imagerel __CxxFrameHandler4 + DD imagerel $cppxdata$??1sentry@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAA@XZ xdata ENDS -; COMDAT CONST -CONST SEGMENT -printf$rtcName$0 DB 05fH - DB 041H - DB 072H - DB 067H - DB 04cH - DB 069H - DB 073H - DB 074H +; COMDAT xdata +xdata SEGMENT +$unwind$?dtor$0@?0???0sentry@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAA@AEAV12@@Z@4HA DD 031001H + DD 0700c4210H + DD 0500bH +xdata ENDS +; COMDAT xdata +xdata SEGMENT +$ip2state$??0sentry@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAA@AEAV12@@Z DB 06H DB 00H - ORG $+7 -printf$rtcVarDesc DD 048H - DD 08H - DQ FLAT:printf$rtcName$0 - ORG $+48 -printf$rtcFrameData DD 01H - DD 00H - DQ FLAT:printf$rtcVarDesc -CONST ENDS + DB 00H + DB 09eH + DB 02H + DB 0f1H, 02H + DB 00H +xdata ENDS ; COMDAT xdata xdata SEGMENT -$unwind$_vfprintf_l DD 035053901H - DD 011d3322H - DD 07016001fH - DD 05015H +$stateUnwindMap$??0sentry@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAA@AEAV12@@Z DB 02H + DB 0eH + DD imagerel ?dtor$0@?0???0sentry@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAA@AEAV12@@Z@4HA xdata ENDS ; COMDAT xdata xdata SEGMENT -$unwind$__local_stdio_printf_options DD 025051e01H - DD 010a230fH - DD 07003001dH - DD 05002H +$cppxdata$??0sentry@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAA@AEAV12@@Z DB 028H + DD imagerel $stateUnwindMap$??0sentry@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAA@AEAV12@@Z + DD imagerel $ip2state$??0sentry@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAA@AEAV12@@Z xdata ENDS ; COMDAT xdata xdata SEGMENT -$unwind$RtlSecureZeroMemory DD 025052f01H +$unwind$??0sentry@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAA@AEAV12@@Z DD 025052f11H DD 01132318H DD 0700c0021H DD 0500bH + DD imagerel __CxxFrameHandler4 + DD imagerel $cppxdata$??0sentry@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAA@AEAV12@@Z xdata ENDS ; COMDAT xdata xdata SEGMENT -$ip2state$?__empty_global_delete@@YAXPEAX_KW4align_val_t@std@@@Z DB 02H +$ip2state$??1_Sentry_base@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAA@XZ DB 02H DB 00H DB 00H xdata ENDS ; COMDAT xdata xdata SEGMENT -$cppxdata$?__empty_global_delete@@YAXPEAX_KW4align_val_t@std@@@Z DB 060H - DD imagerel $ip2state$?__empty_global_delete@@YAXPEAX_KW4align_val_t@std@@@Z +$cppxdata$??1_Sentry_base@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAA@XZ DB 060H + DD imagerel $ip2state$??1_Sentry_base@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAA@XZ xdata ENDS ; COMDAT xdata xdata SEGMENT -$unwind$?__empty_global_delete@@YAXPEAX_KW4align_val_t@std@@@Z DD 025053419H - DD 0118231dH - DD 07011001dH - DD 05010H +$unwind$??1_Sentry_base@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAA@XZ DD 025052a19H + DD 010e2313H + DD 070070021H + DD 05006H DD imagerel __CxxFrameHandler4 - DD imagerel $cppxdata$?__empty_global_delete@@YAXPEAX_KW4align_val_t@std@@@Z + DD imagerel $cppxdata$??1_Sentry_base@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAA@XZ xdata ENDS ; COMDAT xdata xdata SEGMENT -$ip2state$?__empty_global_delete@@YAXPEAXW4align_val_t@std@@@Z DB 02H +$unwind$??0_Sentry_base@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAA@AEAV12@@Z DD 025052f01H + DD 01132318H + DD 0700c0021H + DD 0500bH +xdata ENDS +; COMDAT xdata +xdata SEGMENT +$ip2state$??$_Delete_plain_internal@V?$allocator@U_Container_proxy@std@@@std@@@std@@YAXAEAV?$allocator@U_Container_proxy@std@@@0@QEAU_Container_proxy@0@@Z DB 02H DB 00H DB 00H xdata ENDS ; COMDAT xdata xdata SEGMENT -$cppxdata$?__empty_global_delete@@YAXPEAXW4align_val_t@std@@@Z DB 060H - DD imagerel $ip2state$?__empty_global_delete@@YAXPEAXW4align_val_t@std@@@Z +$cppxdata$??$_Delete_plain_internal@V?$allocator@U_Container_proxy@std@@@std@@@std@@YAXAEAV?$allocator@U_Container_proxy@std@@@0@QEAU_Container_proxy@0@@Z DB 060H + DD imagerel $ip2state$??$_Delete_plain_internal@V?$allocator@U_Container_proxy@std@@@std@@@std@@YAXAEAV?$allocator@U_Container_proxy@std@@@0@QEAU_Container_proxy@0@@Z xdata ENDS ; COMDAT xdata xdata SEGMENT -$unwind$?__empty_global_delete@@YAXPEAXW4align_val_t@std@@@Z DD 025052f19H +$unwind$??$_Delete_plain_internal@V?$allocator@U_Container_proxy@std@@@std@@@std@@YAXAEAV?$allocator@U_Container_proxy@std@@@0@QEAU_Container_proxy@0@@Z DD 025052f19H DD 01132318H DD 0700c001dH DD 0500bH DD imagerel __CxxFrameHandler4 - DD imagerel $cppxdata$?__empty_global_delete@@YAXPEAXW4align_val_t@std@@@Z + DD imagerel $cppxdata$??$_Delete_plain_internal@V?$allocator@U_Container_proxy@std@@@std@@@std@@YAXAEAV?$allocator@U_Container_proxy@std@@@0@QEAU_Container_proxy@0@@Z xdata ENDS ; COMDAT xdata xdata SEGMENT -$ip2state$?__empty_global_delete@@YAXPEAX_K@Z DB 02H +$ip2state$??$exchange@PEAU_Container_proxy@std@@$$T@std@@YAPEAU_Container_proxy@0@AEAPEAU10@$$QEA$$T@Z DB 02H DB 00H DB 00H xdata ENDS ; COMDAT xdata xdata SEGMENT -$cppxdata$?__empty_global_delete@@YAXPEAX_K@Z DB 060H - DD imagerel $ip2state$?__empty_global_delete@@YAXPEAX_K@Z +$cppxdata$??$exchange@PEAU_Container_proxy@std@@$$T@std@@YAPEAU_Container_proxy@0@AEAPEAU10@$$QEA$$T@Z DB 060H + DD imagerel $ip2state$??$exchange@PEAU_Container_proxy@std@@$$T@std@@YAPEAU_Container_proxy@0@AEAPEAU10@$$QEA$$T@Z xdata ENDS ; COMDAT xdata xdata SEGMENT -$unwind$?__empty_global_delete@@YAXPEAX_K@Z DD 025052f19H +$unwind$??$exchange@PEAU_Container_proxy@std@@$$T@std@@YAPEAU_Container_proxy@0@AEAPEAU10@$$QEA$$T@Z DD 025052f19H + DD 01132318H + DD 0700c0021H + DD 0500bH + DD imagerel __CxxFrameHandler4 + DD imagerel $cppxdata$??$exchange@PEAU_Container_proxy@std@@$$T@std@@YAPEAU_Container_proxy@0@AEAPEAU10@$$QEA$$T@Z +xdata ENDS +; COMDAT xdata +xdata SEGMENT +$ip2state$??$?0K@?$allocator@U_Container_proxy@std@@@std@@QEAA@AEBV?$allocator@K@1@@Z DB 02H + DB 00H + DB 00H +xdata ENDS +; COMDAT xdata +xdata SEGMENT +$cppxdata$??$?0K@?$allocator@U_Container_proxy@std@@@std@@QEAA@AEBV?$allocator@K@1@@Z DB 060H + DD imagerel $ip2state$??$?0K@?$allocator@U_Container_proxy@std@@@std@@QEAA@AEBV?$allocator@K@1@@Z +xdata ENDS +; COMDAT xdata +xdata SEGMENT +$unwind$??$?0K@?$allocator@U_Container_proxy@std@@@std@@QEAA@AEBV?$allocator@K@1@@Z DD 025052f19H DD 01132318H DD 0700c001dH DD 0500bH DD imagerel __CxxFrameHandler4 - DD imagerel $cppxdata$?__empty_global_delete@@YAXPEAX_K@Z + DD imagerel $cppxdata$??$?0K@?$allocator@U_Container_proxy@std@@@std@@QEAA@AEBV?$allocator@K@1@@Z xdata ENDS ; COMDAT xdata xdata SEGMENT -$ip2state$?__empty_global_delete@@YAXPEAX@Z DB 02H +$unwind$??$?6DU?$char_traits@D@std@@D@std@@YAAEAV?$basic_ostream@DU?$char_traits@D@std@@@0@AEAV10@AEBU?$_Fillobj@D@0@@Z DD 025052f01H + DD 01132318H + DD 0700c001fH + DD 0500bH +xdata ENDS +; COMDAT xdata +xdata SEGMENT +$unwind$??0?$_Fillobj@D@std@@QEAA@D@Z DD 025052e01H + DD 01122317H + DD 0700b001dH + DD 0500aH +xdata ENDS +; COMDAT xdata +xdata SEGMENT +$unwind$??$setfill@D@std@@YA?AU?$_Fillobj@D@0@D@Z DD 025052e01H + DD 01122317H + DD 0700b001dH + DD 0500aH +xdata ENDS +; COMDAT xdata +xdata SEGMENT +$unwind$??$?6DU?$char_traits@D@std@@_J@std@@YAAEAV?$basic_ostream@DU?$char_traits@D@std@@@0@AEAV10@AEBU?$_Smanip@_J@0@@Z DD 025052f01H + DD 01132318H + DD 0700c001fH + DD 0500bH +xdata ENDS +; COMDAT xdata +xdata SEGMENT +$unwind$?catch$1@?0???$?6U?$char_traits@D@std@@@std@@YAAEAV?$basic_ostream@DU?$char_traits@D@std@@@0@AEAV10@D@Z@4HA DD 031001H + DD 0700c4210H + DD 0500bH +xdata ENDS +; COMDAT xdata +xdata SEGMENT +$unwind$?dtor$0@?0???$?6U?$char_traits@D@std@@@std@@YAAEAV?$basic_ostream@DU?$char_traits@D@std@@@0@AEAV10@D@Z@4HA DD 031001H + DD 0700c4210H + DD 0500bH +xdata ENDS +; COMDAT xdata +xdata SEGMENT +$ip2state$??$?6U?$char_traits@D@std@@@std@@YAAEAV?$basic_ostream@DU?$char_traits@D@std@@@0@AEAV10@D@Z DB 0aH DB 00H DB 00H + DB 0c6H + DB 02H + DB 011H, 02H + DB 04H + DB 0adH, 0aH + DB 02H + DB 0ecH + DB 00H xdata ENDS ; COMDAT xdata xdata SEGMENT -$cppxdata$?__empty_global_delete@@YAXPEAX@Z DB 060H - DD imagerel $ip2state$?__empty_global_delete@@YAXPEAX@Z +$handlerMap$??$?6U?$char_traits@D@std@@@std@@YAAEAV?$basic_ostream@DU?$char_traits@D@std@@@0@AEAV10@D@Z DB 02H + DB 01H + DB 080H + DD imagerel ?catch$1@?0???$?6U?$char_traits@D@std@@@std@@YAAEAV?$basic_ostream@DU?$char_traits@D@std@@@0@AEAV10@D@Z@4HA xdata ENDS ; COMDAT xdata xdata SEGMENT -$unwind$?__empty_global_delete@@YAXPEAX@Z DD 025052a19H +$tryMap$??$?6U?$char_traits@D@std@@@std@@YAAEAV?$basic_ostream@DU?$char_traits@D@std@@@0@AEAV10@D@Z DB 02H + DB 02H + DB 02H + DB 04H + DD imagerel $handlerMap$??$?6U?$char_traits@D@std@@@std@@YAAEAV?$basic_ostream@DU?$char_traits@D@std@@@0@AEAV10@D@Z +xdata ENDS +; COMDAT xdata +xdata SEGMENT +$stateUnwindMap$??$?6U?$char_traits@D@std@@@std@@YAAEAV?$basic_ostream@DU?$char_traits@D@std@@@0@AEAV10@D@Z DB 06H + DB 0eH + DD imagerel ?dtor$0@?0???$?6U?$char_traits@D@std@@@std@@YAAEAV?$basic_ostream@DU?$char_traits@D@std@@@0@AEAV10@D@Z@4HA + DB 028H + DB 030H +xdata ENDS +; COMDAT xdata +xdata SEGMENT +$cppxdata$??$?6U?$char_traits@D@std@@@std@@YAAEAV?$basic_ostream@DU?$char_traits@D@std@@@0@AEAV10@D@Z DB 038H + DD imagerel $stateUnwindMap$??$?6U?$char_traits@D@std@@@std@@YAAEAV?$basic_ostream@DU?$char_traits@D@std@@@0@AEAV10@D@Z + DD imagerel $tryMap$??$?6U?$char_traits@D@std@@@std@@YAAEAV?$basic_ostream@DU?$char_traits@D@std@@@0@AEAV10@D@Z + DD imagerel $ip2state$??$?6U?$char_traits@D@std@@@std@@YAAEAV?$basic_ostream@DU?$char_traits@D@std@@@0@AEAV10@D@Z +xdata ENDS +; COMDAT xdata +xdata SEGMENT +$unwind$??$?6U?$char_traits@D@std@@@std@@YAAEAV?$basic_ostream@DU?$char_traits@D@std@@@0@AEAV10@D@Z DD 025053f19H + DD 01122317H + DD 0700b004bH + DD 0500aH + DD imagerel __GSHandlerCheck_EH4 + DD imagerel $cppxdata$??$?6U?$char_traits@D@std@@@std@@YAAEAV?$basic_ostream@DU?$char_traits@D@std@@@0@AEAV10@D@Z + DD 0243H +xdata ENDS +; COMDAT CONST +CONST SEGMENT +??$?6U?$char_traits@D@std@@@std@@YAAEAV?$basic_ostream@DU?$char_traits@D@std@@@0@AEAV10@D@Z$rtcName$0 DB 05fH ; std::operator<< > + DB 04fH + DB 06bH + DB 00H + ORG $+12 +??$?6U?$char_traits@D@std@@@std@@YAAEAV?$basic_ostream@DU?$char_traits@D@std@@@0@AEAV10@D@Z$rtcVarDesc DD 048H ; std::operator<< > + DD 010H + DQ FLAT:??$?6U?$char_traits@D@std@@@std@@YAAEAV?$basic_ostream@DU?$char_traits@D@std@@@0@AEAV10@D@Z$rtcName$0 + ORG $+48 +??$?6U?$char_traits@D@std@@@std@@YAAEAV?$basic_ostream@DU?$char_traits@D@std@@@0@AEAV10@D@Z$rtcFrameData DD 01H ; std::operator<< > + DD 00H + DQ FLAT:??$?6U?$char_traits@D@std@@@std@@YAAEAV?$basic_ostream@DU?$char_traits@D@std@@@0@AEAV10@D@Z$rtcVarDesc +CONST ENDS +; COMDAT xdata +xdata SEGMENT +$unwind$main$dtor$1 DD 031001H + DD 0700c4210H + DD 0500bH +xdata ENDS +; COMDAT xdata +xdata SEGMENT +$unwind$main$dtor$0 DD 031001H + DD 0700c4210H + DD 0500bH +xdata ENDS +; COMDAT xdata +xdata SEGMENT +$ip2state$main DB 0eH + DB 00H + DB 00H + DB 0b2H + DB 02H + DB 'P' + DB 04H + DB 094H + DB 02H + DB 0deH + DB 00H + DB '(' + DB 02H + DB 0e9H, 03H + DB 00H +xdata ENDS +; COMDAT xdata +xdata SEGMENT +$stateUnwindMap$main DB 04H + DB 0eH + DD imagerel main$dtor$0 + DB 02eH + DD imagerel main$dtor$1 +xdata ENDS +; COMDAT xdata +xdata SEGMENT +$cppxdata$main DB 028H + DD imagerel $stateUnwindMap$main + DD imagerel $ip2state$main +xdata ENDS +; COMDAT xdata +xdata SEGMENT +$unwind$main DD 025052f19H + DD 010a230fH + DD 070030057H + DD 05002H + DD imagerel __GSHandlerCheck_EH4 + DD imagerel $cppxdata$main + DD 02aaH +xdata ENDS +; COMDAT CONST +CONST SEGMENT +main$rtcName$0 DB 042H + DB 06cH + DB 06fH + DB 063H + DB 06bH + DB 00H + ORG $+2 +main$rtcName$1 DB 041H + DB 073H + DB 073H + DB 065H + DB 06dH + DB 062H + DB 06cH + DB 065H + DB 064H + DB 053H + DB 069H + DB 07aH + DB 065H + DB 00H + ORG $+10 +main$rtcVarDesc DD 094H + DD 04H + DQ FLAT:main$rtcName$1 + DD 028H + DD 030H + DQ FLAT:main$rtcName$0 + ORG $+96 +main$rtcFrameData DD 02H + DD 00H + DQ FLAT:main$rtcVarDesc +CONST ENDS +; COMDAT xdata +xdata SEGMENT +$unwind$?MakeExecutableBuffer@@YAPEAXPEAXK@Z DD 025052e01H + DD 01122317H + DD 0700b0021H + DD 0500aH +xdata ENDS +; COMDAT xdata +xdata SEGMENT +$unwind$??1_NATIVE_CODE_BLOCK@@QEAA@XZ DD 025052a01H + DD 010e2313H + DD 07007001dH + DD 05006H +xdata ENDS +; COMDAT xdata +xdata SEGMENT +$ip2state$?_Get_first@?$_Compressed_pair@V?$allocator@K@std@@V?$_Vector_val@U?$_Simple_types@K@std@@@2@$00@std@@QEAAAEAV?$allocator@K@2@XZ DB 02H + DB 00H + DB 00H +xdata ENDS +; COMDAT xdata +xdata SEGMENT +$cppxdata$?_Get_first@?$_Compressed_pair@V?$allocator@K@std@@V?$_Vector_val@U?$_Simple_types@K@std@@@2@$00@std@@QEAAAEAV?$allocator@K@2@XZ DB 060H + DD imagerel $ip2state$?_Get_first@?$_Compressed_pair@V?$allocator@K@std@@V?$_Vector_val@U?$_Simple_types@K@std@@@2@$00@std@@QEAAAEAV?$allocator@K@2@XZ +xdata ENDS +; COMDAT xdata +xdata SEGMENT +$unwind$?_Get_first@?$_Compressed_pair@V?$allocator@K@std@@V?$_Vector_val@U?$_Simple_types@K@std@@@2@$00@std@@QEAAAEAV?$allocator@K@2@XZ DD 025052a19H DD 010e2313H DD 07007001dH DD 05006H DD imagerel __CxxFrameHandler4 - DD imagerel $cppxdata$?__empty_global_delete@@YAXPEAX@Z + DD imagerel $cppxdata$?_Get_first@?$_Compressed_pair@V?$allocator@K@std@@V?$_Vector_val@U?$_Simple_types@K@std@@@2@$00@std@@QEAAAEAV?$allocator@K@2@XZ xdata ENDS -; Function compile flags: /Odt -; COMDAT __JustMyCode_Default -_TEXT SEGMENT -__JustMyCode_Default PROC ; COMDAT - 00000 c2 00 00 ret 0 -__JustMyCode_Default ENDP -_TEXT ENDS -; Function compile flags: /Odtp /RTCsu /ZI -; File C:\$Fanta\code-virtualizer\CodeVirtualizer\Main.cpp -; COMDAT main -_TEXT SEGMENT -T$ = 16 -Data$ = 280 -NewBlock$ = 328 -$T5 = 552 -__$ArrayPad$ = 568 -main PROC ; COMDAT - -; 32 : { - -$LN5: - 00000 40 55 push rbp - 00002 57 push rdi - 00003 48 81 ec 68 02 - 00 00 sub rsp, 616 ; 00000268H - 0000a 48 8d 6c 24 20 lea rbp, QWORD PTR [rsp+32] - 0000f 48 8b fc mov rdi, rsp - 00012 b9 9a 00 00 00 mov ecx, 154 ; 0000009aH - 00017 b8 cc cc cc cc mov eax, -858993460 ; ccccccccH - 0001c f3 ab rep stosd - 0001e 48 8b 05 00 00 - 00 00 mov rax, QWORD PTR __security_cookie - 00025 48 33 c5 xor rax, rbp - 00028 48 89 85 38 02 - 00 00 mov QWORD PTR __$ArrayPad$[rbp], rax - 0002f 48 8d 0d 00 00 - 00 00 lea rcx, OFFSET FLAT:__4031338C_Main@cpp - 00036 e8 00 00 00 00 call __CheckForDebuggerJustMyCode - -; 33 : XedTablesInit(); - - 0003b e8 00 00 00 00 call xed_tables_init - -; 34 : /*srand(time(NULL)); -; 35 : -; 36 : NATIVE_CODE_BLOCK Block; -; 37 : NcDisassemble(&Block, TestBuffer, TestBufferSize); -; 38 : PNATIVE_CODE_BLOCK OpaqueBranch = ObfGenOpaqueBranch(Block.Start, Block.End); -; 39 : NcDebugPrint(OpaqueBranch); -; 40 : system("pause");*/ -; 41 : -; 42 : -; 43 : -; 44 : -; 45 : NATIVE_CODE_LINK T; - - 00040 48 8d 4d 10 lea rcx, QWORD PTR T$[rbp] - 00044 e8 00 00 00 00 call ??0_NATIVE_CODE_LINK@@QEAA@XZ ; _NATIVE_CODE_LINK::_NATIVE_CODE_LINK - 00049 90 npad 1 - -; 46 : T.RawDataSize = 10; - - 0004a c7 45 38 0a 00 - 00 00 mov DWORD PTR T$[rbp+40], 10 - -; 47 : T.RawData = new UCHAR[10]; - - 00051 b9 0a 00 00 00 mov ecx, 10 - 00056 e8 00 00 00 00 call ??_U@YAPEAX_K@Z ; operator new[] - 0005b 48 89 85 28 02 - 00 00 mov QWORD PTR $T5[rbp], rax - 00062 48 8b 85 28 02 - 00 00 mov rax, QWORD PTR $T5[rbp] - 00069 48 89 45 30 mov QWORD PTR T$[rbp+32], rax - -; 48 : memset(T.RawData, 0xAA, 10); - - 0006d 41 b8 0a 00 00 - 00 mov r8d, 10 - 00073 ba aa 00 00 00 mov edx, 170 ; 000000aaH - 00078 48 8b 4d 30 mov rcx, QWORD PTR T$[rbp+32] - 0007c e8 00 00 00 00 call memset - -; 49 : JIT_BITWISE_DATA Data; -; 50 : RtlSecureZeroMemory(&Data, sizeof(JIT_BITWISE_DATA)); - - 00081 ba 14 00 00 00 mov edx, 20 - 00086 48 8d 8d 18 01 - 00 00 lea rcx, QWORD PTR Data$[rbp] - 0008d e8 00 00 00 00 call RtlSecureZeroMemory +; COMDAT xdata +xdata SEGMENT +$ip2state$?_Getal@?$vector@KV?$allocator@K@std@@@std@@AEAAAEAV?$allocator@K@2@XZ DB 02H + DB 00H + DB 00H +xdata ENDS +; COMDAT xdata +xdata SEGMENT +$cppxdata$?_Getal@?$vector@KV?$allocator@K@std@@@std@@AEAAAEAV?$allocator@K@2@XZ DB 060H + DD imagerel $ip2state$?_Getal@?$vector@KV?$allocator@K@std@@@std@@AEAAAEAV?$allocator@K@2@XZ +xdata ENDS +; COMDAT xdata +xdata SEGMENT +$unwind$?_Getal@?$vector@KV?$allocator@K@std@@@std@@AEAAAEAV?$allocator@K@2@XZ DD 025052a19H + DD 010e2313H + DD 07007001dH + DD 05006H + DD imagerel __CxxFrameHandler4 + DD imagerel $cppxdata$?_Getal@?$vector@KV?$allocator@K@std@@@std@@AEAAAEAV?$allocator@K@2@XZ +xdata ENDS +; COMDAT xdata +xdata SEGMENT +$ip2state$?_Tidy@?$vector@KV?$allocator@K@std@@@std@@AEAAXXZ DB 02H + DB 00H + DB 00H +xdata ENDS +; COMDAT xdata +xdata SEGMENT +$cppxdata$?_Tidy@?$vector@KV?$allocator@K@std@@@std@@AEAAXXZ DB 060H + DD imagerel $ip2state$?_Tidy@?$vector@KV?$allocator@K@std@@@std@@AEAAXXZ +xdata ENDS +; COMDAT xdata +xdata SEGMENT +$unwind$?_Tidy@?$vector@KV?$allocator@K@std@@@std@@AEAAXXZ DD 025052a19H + DD 010e2313H + DD 07007002fH + DD 05006H + DD imagerel __CxxFrameHandler4 + DD imagerel $cppxdata$?_Tidy@?$vector@KV?$allocator@K@std@@@std@@AEAAXXZ +xdata ENDS +; COMDAT xdata +xdata SEGMENT +$unwind$?_Destroy@?$vector@KV?$allocator@K@std@@@std@@AEAAXPEAK0@Z DD 025053401H + DD 0118231dH + DD 07011001dH + DD 05010H +xdata ENDS +; COMDAT xdata +xdata SEGMENT +$ip2state$??1?$vector@KV?$allocator@K@std@@@std@@QEAA@XZ DB 02H + DB 00H + DB 00H +xdata ENDS +; COMDAT xdata +xdata SEGMENT +$cppxdata$??1?$vector@KV?$allocator@K@std@@@std@@QEAA@XZ DB 060H + DD imagerel $ip2state$??1?$vector@KV?$allocator@K@std@@@std@@QEAA@XZ +xdata ENDS +; COMDAT xdata +xdata SEGMENT +$unwind$??1?$vector@KV?$allocator@K@std@@@std@@QEAA@XZ DD 025053b19H + DD 010e2313H + DD 070070029H + DD 05006H + DD imagerel __GSHandlerCheck_EH4 + DD imagerel $cppxdata$??1?$vector@KV?$allocator@K@std@@@std@@QEAA@XZ + DD 013bH +xdata ENDS +; COMDAT CONST +CONST SEGMENT +??1?$vector@KV?$allocator@K@std@@@std@@QEAA@XZ$rtcName$0 DB 024H ; std::vector >::~vector > + DB 053H + DB 031H + DB 00H + ORG $+12 +??1?$vector@KV?$allocator@K@std@@@std@@QEAA@XZ$rtcVarDesc DD 044H ; std::vector >::~vector > + DD 01H + DQ FLAT:??1?$vector@KV?$allocator@K@std@@@std@@QEAA@XZ$rtcName$0 + ORG $+48 +??1?$vector@KV?$allocator@K@std@@@std@@QEAA@XZ$rtcFrameData DD 01H ; std::vector >::~vector > + DD 00H + DQ FLAT:??1?$vector@KV?$allocator@K@std@@@std@@QEAA@XZ$rtcVarDesc +CONST ENDS +; COMDAT xdata +xdata SEGMENT +$unwind$?deallocate@?$allocator@K@std@@QEAAXQEAK_K@Z DD 025053401H + DD 0118231dH + DD 07011001dH + DD 05010H +xdata ENDS +; COMDAT xdata +xdata SEGMENT +$unwind$??$_Getvals@_W@?$time_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@IEAAX_WAEBV_Locinfo@1@@Z DD 025063501H + DD 0119231eH + DD 070120026H + DD 050106011H +xdata ENDS +; COMDAT xdata +xdata SEGMENT +$unwind$??$_Getvals@_W@?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@IEAAX_WAEBV_Locinfo@1@@Z DD 025063501H + DD 0119231eH + DD 070120026H + DD 050106011H +xdata ENDS +; COMDAT xdata +xdata SEGMENT +$unwind$time DD 025052a01H + DD 010e2313H + DD 07007001dH + DD 05006H +xdata ENDS +; COMDAT xdata +xdata SEGMENT +$unwind$?hex@std@@YAAEAVios_base@1@AEAV21@@Z DD 025052a01H + DD 010e2313H + DD 07007001dH + DD 05006H +xdata ENDS +; COMDAT xdata +xdata SEGMENT +$unwind$??$_Maklocstr@D@std@@YAPEADPEBDPEADAEBU_Cvtvec@@@Z DD 035053401H + DD 0118331dH + DD 07011002bH + DD 05010H +xdata ENDS +; COMDAT xdata +xdata SEGMENT +$unwind$?_Maklocwcs@std@@YAPEA_WPEB_W@Z DD 035052a01H + DD 010e3313H + DD 070070027H + DD 05006H +xdata ENDS +; COMDAT xdata +xdata SEGMENT +$unwind$??$_Maklocstr@_W@std@@YAPEA_WPEBDPEA_WAEBU_Cvtvec@@@Z DD 035054519H + DD 0118331dH + DD 070110047H + DD 05010H + DD imagerel __GSHandlerCheck + DD 0228H +xdata ENDS +; COMDAT CONST +CONST SEGMENT +??$_Maklocstr@_W@std@@YAPEA_WPEBDPEA_WAEBU_Cvtvec@@@Z$rtcName$0 DB 05fH ; std::_Maklocstr + DB 057H + DB 063H + DB 00H +??$_Maklocstr@_W@std@@YAPEA_WPEBDPEA_WAEBU_Cvtvec@@@Z$rtcName$1 DB 05fH ; std::_Maklocstr + DB 04dH + DB 062H + DB 073H + DB 074H + DB 031H + DB 00H + ORG $+1 +??$_Maklocstr@_W@std@@YAPEA_WPEBDPEA_WAEBU_Cvtvec@@@Z$rtcName$2 DB 05fH ; std::_Maklocstr + DB 04dH + DB 062H + DB 073H + DB 074H + DB 032H + DB 00H + ORG $+13 +??$_Maklocstr@_W@std@@YAPEA_WPEBDPEA_WAEBU_Cvtvec@@@Z$rtcVarDesc DD 0158H ; std::_Maklocstr + DD 08H + DQ FLAT:??$_Maklocstr@_W@std@@YAPEA_WPEBDPEA_WAEBU_Cvtvec@@@Z$rtcName$2 + DD 0f8H + DD 08H + DQ FLAT:??$_Maklocstr@_W@std@@YAPEA_WPEBDPEA_WAEBU_Cvtvec@@@Z$rtcName$1 + DD 0d4H + DD 02H + DQ FLAT:??$_Maklocstr@_W@std@@YAPEA_WPEBDPEA_WAEBU_Cvtvec@@@Z$rtcName$0 + ORG $+144 +??$_Maklocstr@_W@std@@YAPEA_WPEBDPEA_WAEBU_Cvtvec@@@Z$rtcFrameData DD 03H ; std::_Maklocstr + DD 00H + DQ FLAT:??$_Maklocstr@_W@std@@YAPEA_WPEBDPEA_WAEBU_Cvtvec@@@Z$rtcVarDesc +CONST ENDS +; COMDAT xdata +xdata SEGMENT +$ip2state$?eof@?$_Narrow_char_traits@DH@std@@SAHXZ DB 02H + DB 00H + DB 00H +xdata ENDS +; COMDAT xdata +xdata SEGMENT +$cppxdata$?eof@?$_Narrow_char_traits@DH@std@@SAHXZ DB 060H + DD imagerel $ip2state$?eof@?$_Narrow_char_traits@DH@std@@SAHXZ +xdata ENDS +; COMDAT xdata +xdata SEGMENT +$unwind$?eof@?$_Narrow_char_traits@DH@std@@SAHXZ DD 025051e19H + DD 010a230fH + DD 07003001dH + DD 05002H + DD imagerel __CxxFrameHandler4 + DD imagerel $cppxdata$?eof@?$_Narrow_char_traits@DH@std@@SAHXZ +xdata ENDS +; COMDAT xdata +xdata SEGMENT +$ip2state$?eq_int_type@?$_Narrow_char_traits@DH@std@@SA_NAEBH0@Z DB 02H + DB 00H + DB 00H +xdata ENDS +; COMDAT xdata +xdata SEGMENT +$cppxdata$?eq_int_type@?$_Narrow_char_traits@DH@std@@SA_NAEBH0@Z DB 060H + DD imagerel $ip2state$?eq_int_type@?$_Narrow_char_traits@DH@std@@SA_NAEBH0@Z +xdata ENDS +; COMDAT xdata +xdata SEGMENT +$unwind$?eq_int_type@?$_Narrow_char_traits@DH@std@@SA_NAEBH0@Z DD 025052f19H + DD 01132318H + DD 0700c001fH + DD 0500bH + DD imagerel __CxxFrameHandler4 + DD imagerel $cppxdata$?eq_int_type@?$_Narrow_char_traits@DH@std@@SA_NAEBH0@Z +xdata ENDS +; COMDAT xdata +xdata SEGMENT +$ip2state$?_Orphan_all@_Container_base12@std@@QEAAXXZ DB 02H + DB 00H + DB 00H +xdata ENDS +; COMDAT xdata +xdata SEGMENT +$cppxdata$?_Orphan_all@_Container_base12@std@@QEAAXXZ DB 060H + DD imagerel $ip2state$?_Orphan_all@_Container_base12@std@@QEAAXXZ +xdata ENDS +; COMDAT xdata +xdata SEGMENT +$unwind$?_Orphan_all@_Container_base12@std@@QEAAXXZ DD 025053b19H + DD 010e2313H + DD 070070025H + DD 05006H + DD imagerel __GSHandlerCheck_EH4 + DD imagerel $cppxdata$?_Orphan_all@_Container_base12@std@@QEAAXXZ + DD 011bH +xdata ENDS +; COMDAT CONST +CONST SEGMENT +?_Orphan_all@_Container_base12@std@@QEAAXXZ$rtcName$0 DB 05fH ; std::_Container_base12::_Orphan_all + DB 04cH + DB 06fH + DB 063H + DB 06bH + DB 00H + ORG $+10 +?_Orphan_all@_Container_base12@std@@QEAAXXZ$rtcVarDesc DD 024H ; std::_Container_base12::_Orphan_all + DD 04H + DQ FLAT:?_Orphan_all@_Container_base12@std@@QEAAXXZ$rtcName$0 + ORG $+48 +?_Orphan_all@_Container_base12@std@@QEAAXXZ$rtcFrameData DD 01H ; std::_Container_base12::_Orphan_all + DD 00H + DQ FLAT:?_Orphan_all@_Container_base12@std@@QEAAXXZ$rtcVarDesc +CONST ENDS +; COMDAT xdata +xdata SEGMENT +$unwind$?_Adjust_manually_vector_aligned@std@@YAXAEAPEAXAEA_K@Z DD 035052f01H + DD 01133318H + DD 0700c002fH + DD 0500bH +xdata ENDS +; COMDAT xdata +xdata SEGMENT +$unwind$wmemcpy DD 025053401H + DD 0118231dH + DD 07011001dH + DD 05010H +xdata ENDS +; COMDAT xdata +xdata SEGMENT +$unwind$printf DD 025054a19H + DD 011d2322H + DD 07016002bH + DD 05015H + DD imagerel __GSHandlerCheck + DD 0148H +xdata ENDS +; COMDAT CONST +CONST SEGMENT +printf$rtcName$0 DB 05fH + DB 041H + DB 072H + DB 067H + DB 04cH + DB 069H + DB 073H + DB 074H + DB 00H + ORG $+7 +printf$rtcVarDesc DD 048H + DD 08H + DQ FLAT:printf$rtcName$0 + ORG $+48 +printf$rtcFrameData DD 01H + DD 00H + DQ FLAT:printf$rtcVarDesc +CONST ENDS +; COMDAT xdata +xdata SEGMENT +$unwind$_vfprintf_l DD 035053901H + DD 011d3322H + DD 07016001fH + DD 05015H +xdata ENDS +; COMDAT xdata +xdata SEGMENT +$unwind$__local_stdio_printf_options DD 025051e01H + DD 010a230fH + DD 07003001dH + DD 05002H +xdata ENDS +; COMDAT xdata +xdata SEGMENT +$ip2state$?__empty_global_delete@@YAXPEAX_KW4align_val_t@std@@@Z DB 02H + DB 00H + DB 00H +xdata ENDS +; COMDAT xdata +xdata SEGMENT +$cppxdata$?__empty_global_delete@@YAXPEAX_KW4align_val_t@std@@@Z DB 060H + DD imagerel $ip2state$?__empty_global_delete@@YAXPEAX_KW4align_val_t@std@@@Z +xdata ENDS +; COMDAT xdata +xdata SEGMENT +$unwind$?__empty_global_delete@@YAXPEAX_KW4align_val_t@std@@@Z DD 025053419H + DD 0118231dH + DD 07011001dH + DD 05010H + DD imagerel __CxxFrameHandler4 + DD imagerel $cppxdata$?__empty_global_delete@@YAXPEAX_KW4align_val_t@std@@@Z +xdata ENDS +; COMDAT xdata +xdata SEGMENT +$ip2state$?__empty_global_delete@@YAXPEAXW4align_val_t@std@@@Z DB 02H + DB 00H + DB 00H +xdata ENDS +; COMDAT xdata +xdata SEGMENT +$cppxdata$?__empty_global_delete@@YAXPEAXW4align_val_t@std@@@Z DB 060H + DD imagerel $ip2state$?__empty_global_delete@@YAXPEAXW4align_val_t@std@@@Z +xdata ENDS +; COMDAT xdata +xdata SEGMENT +$unwind$?__empty_global_delete@@YAXPEAXW4align_val_t@std@@@Z DD 025052f19H + DD 01132318H + DD 0700c001dH + DD 0500bH + DD imagerel __CxxFrameHandler4 + DD imagerel $cppxdata$?__empty_global_delete@@YAXPEAXW4align_val_t@std@@@Z +xdata ENDS +; COMDAT xdata +xdata SEGMENT +$ip2state$?__empty_global_delete@@YAXPEAX_K@Z DB 02H + DB 00H + DB 00H +xdata ENDS +; COMDAT xdata +xdata SEGMENT +$cppxdata$?__empty_global_delete@@YAXPEAX_K@Z DB 060H + DD imagerel $ip2state$?__empty_global_delete@@YAXPEAX_K@Z +xdata ENDS +; COMDAT xdata +xdata SEGMENT +$unwind$?__empty_global_delete@@YAXPEAX_K@Z DD 025052f19H + DD 01132318H + DD 0700c001dH + DD 0500bH + DD imagerel __CxxFrameHandler4 + DD imagerel $cppxdata$?__empty_global_delete@@YAXPEAX_K@Z +xdata ENDS +; COMDAT xdata +xdata SEGMENT +$ip2state$?__empty_global_delete@@YAXPEAX@Z DB 02H + DB 00H + DB 00H +xdata ENDS +; COMDAT xdata +xdata SEGMENT +$cppxdata$?__empty_global_delete@@YAXPEAX@Z DB 060H + DD imagerel $ip2state$?__empty_global_delete@@YAXPEAX@Z +xdata ENDS +; COMDAT xdata +xdata SEGMENT +$unwind$?__empty_global_delete@@YAXPEAX@Z DD 025052a19H + DD 010e2313H + DD 07007001dH + DD 05006H + DD imagerel __CxxFrameHandler4 + DD imagerel $cppxdata$?__empty_global_delete@@YAXPEAX@Z +xdata ENDS +; Function compile flags: /Odt +; COMDAT __JustMyCode_Default +_TEXT SEGMENT +__JustMyCode_Default PROC ; COMDAT + 00000 c2 00 00 ret 0 +__JustMyCode_Default ENDP +_TEXT ENDS +; Function compile flags: /Odtp /RTCsu /ZI +; File C:\Program Files (x86)\Microsoft Visual Studio\2019\Community\VC\Tools\MSVC\14.27.29110\include\xmemory +; COMDAT ?deallocate@?$_Default_allocator_traits@V?$allocator@U_Container_proxy@std@@@std@@@std@@SAXAEAV?$allocator@U_Container_proxy@std@@@2@QEAU_Container_proxy@2@_K@Z +_TEXT SEGMENT +__formal$ = 224 +_Ptr$ = 232 +_Count$ = 240 +?deallocate@?$_Default_allocator_traits@V?$allocator@U_Container_proxy@std@@@std@@@std@@SAXAEAV?$allocator@U_Container_proxy@std@@@2@QEAU_Container_proxy@2@_K@Z PROC ; std::_Default_allocator_traits >::deallocate, COMDAT + +; 687 : static void deallocate(_Alloc&, const pointer _Ptr, const size_type _Count) { + +$LN3: + 00000 4c 89 44 24 18 mov QWORD PTR [rsp+24], r8 + 00005 48 89 54 24 10 mov QWORD PTR [rsp+16], rdx + 0000a 48 89 4c 24 08 mov QWORD PTR [rsp+8], rcx + 0000f 55 push rbp + 00010 57 push rdi + 00011 48 81 ec e8 00 + 00 00 sub rsp, 232 ; 000000e8H + 00018 48 8d 6c 24 20 lea rbp, QWORD PTR [rsp+32] + 0001d 48 8b fc mov rdi, rsp + 00020 b9 3a 00 00 00 mov ecx, 58 ; 0000003aH + 00025 b8 cc cc cc cc mov eax, -858993460 ; ccccccccH + 0002a f3 ab rep stosd + 0002c 48 8b 8c 24 08 + 01 00 00 mov rcx, QWORD PTR [rsp+264] + 00034 48 8d 0d 00 00 + 00 00 lea rcx, OFFSET FLAT:__A58979FC_xmemory + 0003b e8 00 00 00 00 call __CheckForDebuggerJustMyCode + +; 688 : // no overflow check on the following multiply; we assume _Allocate did that check +; 689 : _Deallocate<_New_alignof>(_Ptr, sizeof(value_type) * _Count); + + 00040 48 6b 85 f0 00 + 00 00 10 imul rax, QWORD PTR _Count$[rbp], 16 + 00048 48 8b d0 mov rdx, rax + 0004b 48 8b 8d e8 00 + 00 00 mov rcx, QWORD PTR _Ptr$[rbp] + 00052 e8 00 00 00 00 call ??$_Deallocate@$0BA@$0A@@std@@YAXPEAX_K@Z ; std::_Deallocate<16,0> + +; 690 : } + + 00057 48 8d a5 c8 00 + 00 00 lea rsp, QWORD PTR [rbp+200] + 0005e 5f pop rdi + 0005f 5d pop rbp + 00060 c3 ret 0 +?deallocate@?$_Default_allocator_traits@V?$allocator@U_Container_proxy@std@@@std@@@std@@SAXAEAV?$allocator@U_Container_proxy@std@@@2@QEAU_Container_proxy@2@_K@Z ENDP ; std::_Default_allocator_traits >::deallocate +_TEXT ENDS +; Function compile flags: /Odtp /RTCsu /ZI +; File C:\Program Files (x86)\Microsoft Visual Studio\2019\Community\VC\Tools\MSVC\14.27.29110\include\xmemory +; COMDAT ??$_Deallocate_plain@V?$allocator@U_Container_proxy@std@@@std@@@std@@YAXAEAV?$allocator@U_Container_proxy@std@@@0@QEAU_Container_proxy@0@@Z +_TEXT SEGMENT +_Al$ = 224 +_Ptr$ = 232 +??$_Deallocate_plain@V?$allocator@U_Container_proxy@std@@@std@@@std@@YAXAEAV?$allocator@U_Container_proxy@std@@@0@QEAU_Container_proxy@0@@Z PROC ; std::_Deallocate_plain >, COMDAT + +; 998 : void _Deallocate_plain(_Alloc& _Al, typename _Alloc::value_type* const _Ptr) noexcept { + +$LN3: + 00000 48 89 54 24 10 mov QWORD PTR [rsp+16], rdx + 00005 48 89 4c 24 08 mov QWORD PTR [rsp+8], rcx + 0000a 55 push rbp + 0000b 57 push rdi + 0000c 48 81 ec e8 00 + 00 00 sub rsp, 232 ; 000000e8H + 00013 48 8d 6c 24 20 lea rbp, QWORD PTR [rsp+32] + 00018 48 8b fc mov rdi, rsp + 0001b b9 3a 00 00 00 mov ecx, 58 ; 0000003aH + 00020 b8 cc cc cc cc mov eax, -858993460 ; ccccccccH + 00025 f3 ab rep stosd + 00027 48 8b 8c 24 08 + 01 00 00 mov rcx, QWORD PTR [rsp+264] + 0002f 48 8d 0d 00 00 + 00 00 lea rcx, OFFSET FLAT:__A58979FC_xmemory + 00036 e8 00 00 00 00 call __CheckForDebuggerJustMyCode + +; 999 : // deallocate a plain pointer using an allocator +; 1000 : using _Alloc_traits = allocator_traits<_Alloc>; +; 1001 : if constexpr (is_same_v<_Alloc_ptr_t<_Alloc>, typename _Alloc::value_type*>) { +; 1002 : _Alloc_traits::deallocate(_Al, _Ptr, 1); + + 0003b 41 b8 01 00 00 + 00 mov r8d, 1 + 00041 48 8b 95 e8 00 + 00 00 mov rdx, QWORD PTR _Ptr$[rbp] + 00048 48 8b 8d e0 00 + 00 00 mov rcx, QWORD PTR _Al$[rbp] + 0004f e8 00 00 00 00 call ?deallocate@?$_Default_allocator_traits@V?$allocator@U_Container_proxy@std@@@std@@@std@@SAXAEAV?$allocator@U_Container_proxy@std@@@2@QEAU_Container_proxy@2@_K@Z ; std::_Default_allocator_traits >::deallocate + 00054 90 npad 1 + +; 1003 : } else { +; 1004 : using _Ptr_traits = pointer_traits<_Alloc_ptr_t<_Alloc>>; +; 1005 : _Alloc_traits::deallocate(_Al, _Ptr_traits::pointer_to(*_Ptr), 1); +; 1006 : } +; 1007 : } + + 00055 48 8d a5 c8 00 + 00 00 lea rsp, QWORD PTR [rbp+200] + 0005c 5f pop rdi + 0005d 5d pop rbp + 0005e c3 ret 0 +??$_Deallocate_plain@V?$allocator@U_Container_proxy@std@@@std@@@std@@YAXAEAV?$allocator@U_Container_proxy@std@@@0@QEAU_Container_proxy@0@@Z ENDP ; std::_Deallocate_plain > +_TEXT ENDS +; Function compile flags: /Odtp /RTCsu /ZI +; File C:\Program Files (x86)\Microsoft Visual Studio\2019\Community\VC\Tools\MSVC\14.27.29110\include\xmemory +; COMDAT ??$_Deallocate@$0BA@$0A@@std@@YAXPEAX_K@Z +_TEXT SEGMENT +_Ptr$ = 224 +_Bytes$ = 232 +??$_Deallocate@$0BA@$0A@@std@@YAXPEAX_K@Z PROC ; std::_Deallocate<16,0>, COMDAT + +; 213 : void _Deallocate(void* _Ptr, size_t _Bytes) noexcept { + +$LN4: + 00000 48 89 54 24 10 mov QWORD PTR [rsp+16], rdx + 00005 48 89 4c 24 08 mov QWORD PTR [rsp+8], rcx + 0000a 55 push rbp + 0000b 57 push rdi + 0000c 48 81 ec e8 00 + 00 00 sub rsp, 232 ; 000000e8H + 00013 48 8d 6c 24 20 lea rbp, QWORD PTR [rsp+32] + 00018 48 8b fc mov rdi, rsp + 0001b b9 3a 00 00 00 mov ecx, 58 ; 0000003aH + 00020 b8 cc cc cc cc mov eax, -858993460 ; ccccccccH + 00025 f3 ab rep stosd + 00027 48 8b 8c 24 08 + 01 00 00 mov rcx, QWORD PTR [rsp+264] + 0002f 48 8d 0d 00 00 + 00 00 lea rcx, OFFSET FLAT:__A58979FC_xmemory + 00036 e8 00 00 00 00 call __CheckForDebuggerJustMyCode + +; 214 : // deallocate storage allocated by _Allocate when !_HAS_ALIGNED_NEW || _Align <= __STDCPP_DEFAULT_NEW_ALIGNMENT__ +; 215 : #if defined(_M_IX86) || defined(_M_X64) +; 216 : if (_Bytes >= _Big_allocation_threshold) { // boost the alignment of big allocations to help autovectorization + + 0003b 48 81 bd e8 00 + 00 00 00 10 00 + 00 cmp QWORD PTR _Bytes$[rbp], 4096 ; 00001000H + 00046 72 13 jb SHORT $LN2@Deallocate + +; 217 : _Adjust_manually_vector_aligned(_Ptr, _Bytes); + + 00048 48 8d 95 e8 00 + 00 00 lea rdx, QWORD PTR _Bytes$[rbp] + 0004f 48 8d 8d e0 00 + 00 00 lea rcx, QWORD PTR _Ptr$[rbp] + 00056 e8 00 00 00 00 call ?_Adjust_manually_vector_aligned@std@@YAXAEAPEAXAEA_K@Z ; std::_Adjust_manually_vector_aligned +$LN2@Deallocate: + +; 218 : } +; 219 : #endif // defined(_M_IX86) || defined(_M_X64) +; 220 : +; 221 : ::operator delete(_Ptr, _Bytes); + + 0005b 48 8b 95 e8 00 + 00 00 mov rdx, QWORD PTR _Bytes$[rbp] + 00062 48 8b 8d e0 00 + 00 00 mov rcx, QWORD PTR _Ptr$[rbp] + 00069 e8 00 00 00 00 call ??3@YAXPEAX_K@Z ; operator delete + 0006e 90 npad 1 + +; 222 : } + + 0006f 48 8d a5 c8 00 + 00 00 lea rsp, QWORD PTR [rbp+200] + 00076 5f pop rdi + 00077 5d pop rbp + 00078 c3 ret 0 +??$_Deallocate@$0BA@$0A@@std@@YAXPEAX_K@Z ENDP ; std::_Deallocate<16,0> +_TEXT ENDS +; Function compile flags: /Odtp /RTCsu /ZI +; File C:\Program Files (x86)\Microsoft Visual Studio\2019\Community\VC\Tools\MSVC\14.27.29110\include\xmemory +; COMDAT ??$_Destroy_range@V?$allocator@K@std@@@std@@YAXPEAKQEAKAEAV?$allocator@K@0@@Z +_TEXT SEGMENT +_First$ = 224 +_Last$ = 232 +_Al$ = 240 +??$_Destroy_range@V?$allocator@K@std@@@std@@YAXPEAKQEAKAEAV?$allocator@K@0@@Z PROC ; std::_Destroy_range >, COMDAT + +; 955 : void _Destroy_range(_Alloc_ptr_t<_Alloc> _First, const _Alloc_ptr_t<_Alloc> _Last, _Alloc& _Al) noexcept { + +$LN3: + 00000 4c 89 44 24 18 mov QWORD PTR [rsp+24], r8 + 00005 48 89 54 24 10 mov QWORD PTR [rsp+16], rdx + 0000a 48 89 4c 24 08 mov QWORD PTR [rsp+8], rcx + 0000f 55 push rbp + 00010 57 push rdi + 00011 48 81 ec e8 00 + 00 00 sub rsp, 232 ; 000000e8H + 00018 48 8d 6c 24 20 lea rbp, QWORD PTR [rsp+32] + 0001d 48 8b fc mov rdi, rsp + 00020 b9 3a 00 00 00 mov ecx, 58 ; 0000003aH + 00025 b8 cc cc cc cc mov eax, -858993460 ; ccccccccH + 0002a f3 ab rep stosd + 0002c 48 8b 8c 24 08 + 01 00 00 mov rcx, QWORD PTR [rsp+264] + 00034 48 8d 0d 00 00 + 00 00 lea rcx, OFFSET FLAT:__A58979FC_xmemory + 0003b e8 00 00 00 00 call __CheckForDebuggerJustMyCode + 00040 90 npad 1 + +; 956 : // note that this is an optimization for debug mode codegen; in release mode the BE removes all of this +; 957 : using _Ty = typename _Alloc::value_type; +; 958 : if _CONSTEXPR_IF (!conjunction_v, _Uses_default_destroy<_Alloc, _Ty*>>) { +; 959 : for (; _First != _Last; ++_First) { +; 960 : allocator_traits<_Alloc>::destroy(_Al, _Unfancy(_First)); +; 961 : } +; 962 : } +; 963 : } + + 00041 48 8d a5 c8 00 + 00 00 lea rsp, QWORD PTR [rbp+200] + 00048 5f pop rdi + 00049 5d pop rbp + 0004a c3 ret 0 +??$_Destroy_range@V?$allocator@K@std@@@std@@YAXPEAKQEAKAEAV?$allocator@K@0@@Z ENDP ; std::_Destroy_range > +_TEXT ENDS +; Function compile flags: /Odtp /RTCsu /ZI +; File C:\Program Files (x86)\Microsoft Visual Studio\2019\Community\VC\Tools\MSVC\14.27.29110\include\ostream +; COMDAT ??Bsentry@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEBA_NXZ +_TEXT SEGMENT +this$ = 224 +??Bsentry@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEBA_NXZ PROC ; std::basic_ostream >::sentry::operator bool, COMDAT + +; 125 : explicit __CLR_OR_THIS_CALL operator bool() const { + +$LN3: + 00000 48 89 4c 24 08 mov QWORD PTR [rsp+8], rcx + 00005 55 push rbp + 00006 57 push rdi + 00007 48 81 ec e8 00 + 00 00 sub rsp, 232 ; 000000e8H + 0000e 48 8d 6c 24 20 lea rbp, QWORD PTR [rsp+32] + 00013 48 8b fc mov rdi, rsp + 00016 b9 3a 00 00 00 mov ecx, 58 ; 0000003aH + 0001b b8 cc cc cc cc mov eax, -858993460 ; ccccccccH + 00020 f3 ab rep stosd + 00022 48 8b 8c 24 08 + 01 00 00 mov rcx, QWORD PTR [rsp+264] + 0002a 48 8d 0d 00 00 + 00 00 lea rcx, OFFSET FLAT:__1D745195_ostream + 00031 e8 00 00 00 00 call __CheckForDebuggerJustMyCode + +; 126 : return _Ok; + + 00036 48 8b 85 e0 00 + 00 00 mov rax, QWORD PTR this$[rbp] + 0003d 0f b6 40 08 movzx eax, BYTE PTR [rax+8] + +; 127 : } + + 00041 48 8d a5 c8 00 + 00 00 lea rsp, QWORD PTR [rbp+200] + 00048 5f pop rdi + 00049 5d pop rbp + 0004a c3 ret 0 +??Bsentry@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEBA_NXZ ENDP ; std::basic_ostream >::sentry::operator bool +_TEXT ENDS +; Function compile flags: /Odtp /RTCsu /ZI +; File C:\Program Files (x86)\Microsoft Visual Studio\2019\Community\VC\Tools\MSVC\14.27.29110\include\ostream +; COMDAT ??1sentry@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAA@XZ +_TEXT SEGMENT +_Zero_uncaught_exceptions$ = 4 +tv72 = 212 +this$ = 256 +??1sentry@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAA@XZ PROC ; std::basic_ostream >::sentry::~sentry, COMDAT + +; 110 : __CLR_OR_THIS_CALL ~sentry() noexcept { + +$LN6: + 00000 48 89 4c 24 08 mov QWORD PTR [rsp+8], rcx + 00005 55 push rbp + 00006 57 push rdi + 00007 48 81 ec 08 01 + 00 00 sub rsp, 264 ; 00000108H + 0000e 48 8d 6c 24 20 lea rbp, QWORD PTR [rsp+32] + 00013 48 8b fc mov rdi, rsp + 00016 b9 42 00 00 00 mov ecx, 66 ; 00000042H + 0001b b8 cc cc cc cc mov eax, -858993460 ; ccccccccH + 00020 f3 ab rep stosd + 00022 48 8b 8c 24 28 + 01 00 00 mov rcx, QWORD PTR [rsp+296] + 0002a 48 8d 0d 00 00 + 00 00 lea rcx, OFFSET FLAT:__1D745195_ostream + 00031 e8 00 00 00 00 call __CheckForDebuggerJustMyCode + +; 111 : #if !_HAS_EXCEPTIONS +; 112 : const bool _Zero_uncaught_exceptions = true; +; 113 : #elif _HAS_DEPRECATED_UNCAUGHT_EXCEPTION +; 114 : const bool _Zero_uncaught_exceptions = !_STD uncaught_exception(); // TRANSITION, ArchivedOS-12000909 + + 00036 e8 00 00 00 00 call ?uncaught_exception@std@@YA_NXZ ; std::uncaught_exception + 0003b 0f b6 c0 movzx eax, al + 0003e 85 c0 test eax, eax + 00040 75 09 jne SHORT $LN4@sentry + 00042 c6 85 d4 00 00 + 00 01 mov BYTE PTR tv72[rbp], 1 + 00049 eb 07 jmp SHORT $LN5@sentry +$LN4@sentry: + 0004b c6 85 d4 00 00 + 00 00 mov BYTE PTR tv72[rbp], 0 +$LN5@sentry: + 00052 0f b6 85 d4 00 + 00 00 movzx eax, BYTE PTR tv72[rbp] + 00059 88 45 04 mov BYTE PTR _Zero_uncaught_exceptions$[rbp], al + +; 115 : #else // ^^^ _HAS_DEPRECATED_UNCAUGHT_EXCEPTION / !_HAS_DEPRECATED_UNCAUGHT_EXCEPTION vvv +; 116 : const bool _Zero_uncaught_exceptions = _STD uncaught_exceptions() == 0; +; 117 : #endif // !_HAS_DEPRECATED_UNCAUGHT_EXCEPTION +; 118 : +; 119 : if (_Zero_uncaught_exceptions) { + + 0005c 0f b6 45 04 movzx eax, BYTE PTR _Zero_uncaught_exceptions$[rbp] + 00060 85 c0 test eax, eax + 00062 74 10 je SHORT $LN2@sentry + +; 120 : this->_Myostr._Osfx(); + + 00064 48 8b 85 00 01 + 00 00 mov rax, QWORD PTR this$[rbp] + 0006b 48 8b 08 mov rcx, QWORD PTR [rax] + 0006e ff 15 00 00 00 + 00 call QWORD PTR __imp_?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAXXZ +$LN2@sentry: + +; 121 : } +; 122 : } + + 00074 48 8b 8d 00 01 + 00 00 mov rcx, QWORD PTR this$[rbp] + 0007b e8 00 00 00 00 call ??1_Sentry_base@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAA@XZ ; std::basic_ostream >::_Sentry_base::~_Sentry_base + 00080 90 npad 1 + 00081 48 8d a5 e8 00 + 00 00 lea rsp, QWORD PTR [rbp+232] + 00088 5f pop rdi + 00089 5d pop rbp + 0008a c3 ret 0 +??1sentry@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAA@XZ ENDP ; std::basic_ostream >::sentry::~sentry +_TEXT ENDS +; Function compile flags: /Odtp /RTCsu /ZI +; File C:\Program Files (x86)\Microsoft Visual Studio\2019\Community\VC\Tools\MSVC\14.27.29110\include\ostream +; COMDAT ??0sentry@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAA@AEAV12@@Z +_TEXT SEGMENT +_Tied$ = 8 +this$ = 256 +_Ostr$ = 264 +??0sentry@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAA@AEAV12@@Z PROC ; std::basic_ostream >::sentry::sentry, COMDAT + +; 92 : explicit __CLR_OR_THIS_CALL sentry(basic_ostream& _Ostr) : _Sentry_base(_Ostr) { + +$LN7: + 00000 48 89 54 24 10 mov QWORD PTR [rsp+16], rdx + 00005 48 89 4c 24 08 mov QWORD PTR [rsp+8], rcx + 0000a 55 push rbp + 0000b 57 push rdi + 0000c 48 81 ec 08 01 + 00 00 sub rsp, 264 ; 00000108H + 00013 48 8d 6c 24 20 lea rbp, QWORD PTR [rsp+32] + 00018 48 8b fc mov rdi, rsp + 0001b b9 42 00 00 00 mov ecx, 66 ; 00000042H + 00020 b8 cc cc cc cc mov eax, -858993460 ; ccccccccH + 00025 f3 ab rep stosd + 00027 48 8b 8c 24 28 + 01 00 00 mov rcx, QWORD PTR [rsp+296] + 0002f 48 8d 0d 00 00 + 00 00 lea rcx, OFFSET FLAT:__1D745195_ostream + 00036 e8 00 00 00 00 call __CheckForDebuggerJustMyCode + 0003b 48 8b 95 08 01 + 00 00 mov rdx, QWORD PTR _Ostr$[rbp] + 00042 48 8b 8d 00 01 + 00 00 mov rcx, QWORD PTR this$[rbp] + 00049 e8 00 00 00 00 call ??0_Sentry_base@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAA@AEAV12@@Z ; std::basic_ostream >::_Sentry_base::_Sentry_base + 0004e 90 npad 1 + +; 93 : if (!_Ostr.good()) { + + 0004f 48 8b 85 08 01 + 00 00 mov rax, QWORD PTR _Ostr$[rbp] + 00056 48 8b 00 mov rax, QWORD PTR [rax] + 00059 48 63 40 04 movsxd rax, DWORD PTR [rax+4] + 0005d 48 8b 8d 08 01 + 00 00 mov rcx, QWORD PTR _Ostr$[rbp] + 00064 48 03 c8 add rcx, rax + 00067 48 8b c1 mov rax, rcx + 0006a 48 8b c8 mov rcx, rax + 0006d ff 15 00 00 00 + 00 call QWORD PTR __imp_?good@ios_base@std@@QEBA_NXZ + 00073 0f b6 c0 movzx eax, al + 00076 85 c0 test eax, eax + 00078 75 10 jne SHORT $LN2@sentry + +; 94 : _Ok = false; + + 0007a 48 8b 85 00 01 + 00 00 mov rax, QWORD PTR this$[rbp] + 00081 c6 40 08 00 mov BYTE PTR [rax+8], 0 + +; 95 : return; + + 00085 e9 81 00 00 00 jmp $LN1@sentry +$LN2@sentry: + +; 96 : } +; 97 : +; 98 : const auto _Tied = _Ostr.tie(); + + 0008a 48 8b 85 08 01 + 00 00 mov rax, QWORD PTR _Ostr$[rbp] + 00091 48 8b 00 mov rax, QWORD PTR [rax] + 00094 48 63 40 04 movsxd rax, DWORD PTR [rax+4] + 00098 48 8b 8d 08 01 + 00 00 mov rcx, QWORD PTR _Ostr$[rbp] + 0009f 48 03 c8 add rcx, rax + 000a2 48 8b c1 mov rax, rcx + 000a5 48 8b c8 mov rcx, rax + 000a8 ff 15 00 00 00 + 00 call QWORD PTR __imp_?tie@?$basic_ios@DU?$char_traits@D@std@@@std@@QEBAPEAV?$basic_ostream@DU?$char_traits@D@std@@@2@XZ + 000ae 48 89 45 08 mov QWORD PTR _Tied$[rbp], rax + +; 99 : if (!_Tied || _Tied == &_Ostr) { + + 000b2 48 83 7d 08 00 cmp QWORD PTR _Tied$[rbp], 0 + 000b7 74 0d je SHORT $LN4@sentry + 000b9 48 8b 85 08 01 + 00 00 mov rax, QWORD PTR _Ostr$[rbp] + 000c0 48 39 45 08 cmp QWORD PTR _Tied$[rbp], rax + 000c4 75 0d jne SHORT $LN3@sentry +$LN4@sentry: + +; 100 : _Ok = true; + + 000c6 48 8b 85 00 01 + 00 00 mov rax, QWORD PTR this$[rbp] + 000cd c6 40 08 01 mov BYTE PTR [rax+8], 1 + +; 101 : return; + + 000d1 eb 38 jmp SHORT $LN1@sentry +$LN3@sentry: + +; 102 : } +; 103 : +; 104 : +; 105 : _Tied->flush(); + + 000d3 48 8b 4d 08 mov rcx, QWORD PTR _Tied$[rbp] + 000d7 ff 15 00 00 00 + 00 call QWORD PTR __imp_?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@XZ + +; 106 : _Ok = _Ostr.good(); // store test only after flushing tie + + 000dd 48 8b 85 08 01 + 00 00 mov rax, QWORD PTR _Ostr$[rbp] + 000e4 48 8b 00 mov rax, QWORD PTR [rax] + 000e7 48 63 40 04 movsxd rax, DWORD PTR [rax+4] + 000eb 48 8b 8d 08 01 + 00 00 mov rcx, QWORD PTR _Ostr$[rbp] + 000f2 48 03 c8 add rcx, rax + 000f5 48 8b c1 mov rax, rcx + 000f8 48 8b c8 mov rcx, rax + 000fb ff 15 00 00 00 + 00 call QWORD PTR __imp_?good@ios_base@std@@QEBA_NXZ + 00101 48 8b 8d 00 01 + 00 00 mov rcx, QWORD PTR this$[rbp] + 00108 88 41 08 mov BYTE PTR [rcx+8], al +$LN1@sentry: + +; 107 : } + + 0010b 48 8b 85 00 01 + 00 00 mov rax, QWORD PTR this$[rbp] + 00112 48 8d a5 e8 00 + 00 00 lea rsp, QWORD PTR [rbp+232] + 00119 5f pop rdi + 0011a 5d pop rbp + 0011b c3 ret 0 +??0sentry@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAA@AEAV12@@Z ENDP ; std::basic_ostream >::sentry::sentry +_TEXT ENDS +; COMDAT text$x +text$x SEGMENT +_Tied$ = 8 +this$ = 256 +_Ostr$ = 264 +?dtor$0@?0???0sentry@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAA@AEAV12@@Z@4HA PROC ; `std::basic_ostream >::sentry::sentry'::`1'::dtor$0 + 00000 48 89 4c 24 08 mov QWORD PTR [rsp+8], rcx + 00005 48 89 54 24 10 mov QWORD PTR [rsp+16], rdx + 0000a 55 push rbp + 0000b 57 push rdi + 0000c 48 83 ec 28 sub rsp, 40 ; 00000028H + 00010 48 8d 6a 20 lea rbp, QWORD PTR [rdx+32] + 00014 48 8b 8d 00 01 + 00 00 mov rcx, QWORD PTR this$[rbp] + 0001b e8 00 00 00 00 call ??1_Sentry_base@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAA@XZ ; std::basic_ostream >::_Sentry_base::~_Sentry_base + 00020 48 83 c4 28 add rsp, 40 ; 00000028H + 00024 5f pop rdi + 00025 5d pop rbp + 00026 c3 ret 0 +?dtor$0@?0???0sentry@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAA@AEAV12@@Z@4HA ENDP ; `std::basic_ostream >::sentry::sentry'::`1'::dtor$0 +text$x ENDS +; Function compile flags: /Odtp /RTCsu /ZI +; COMDAT text$x +text$x SEGMENT +_Tied$ = 8 +this$ = 256 +_Ostr$ = 264 +?dtor$0@?0???0sentry@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAA@AEAV12@@Z@4HA PROC ; `std::basic_ostream >::sentry::sentry'::`1'::dtor$0 + 00000 48 89 4c 24 08 mov QWORD PTR [rsp+8], rcx + 00005 48 89 54 24 10 mov QWORD PTR [rsp+16], rdx + 0000a 55 push rbp + 0000b 57 push rdi + 0000c 48 83 ec 28 sub rsp, 40 ; 00000028H + 00010 48 8d 6a 20 lea rbp, QWORD PTR [rdx+32] + 00014 48 8b 8d 00 01 + 00 00 mov rcx, QWORD PTR this$[rbp] + 0001b e8 00 00 00 00 call ??1_Sentry_base@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAA@XZ ; std::basic_ostream >::_Sentry_base::~_Sentry_base + 00020 48 83 c4 28 add rsp, 40 ; 00000028H + 00024 5f pop rdi + 00025 5d pop rbp + 00026 c3 ret 0 +?dtor$0@?0???0sentry@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAA@AEAV12@@Z@4HA ENDP ; `std::basic_ostream >::sentry::sentry'::`1'::dtor$0 +text$x ENDS +; Function compile flags: /Odtp /RTCsu /ZI +; File C:\Program Files (x86)\Microsoft Visual Studio\2019\Community\VC\Tools\MSVC\14.27.29110\include\ostream +; COMDAT ??1_Sentry_base@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAA@XZ +_TEXT SEGMENT +_Rdbuf$ = 8 +tv72 = 216 +this$ = 256 +??1_Sentry_base@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAA@XZ PROC ; std::basic_ostream >::_Sentry_base::~_Sentry_base, COMDAT + +; 78 : __CLR_OR_THIS_CALL ~_Sentry_base() noexcept { // destroy after unlocking + +$LN4: + 00000 48 89 4c 24 08 mov QWORD PTR [rsp+8], rcx + 00005 55 push rbp + 00006 57 push rdi + 00007 48 81 ec 08 01 + 00 00 sub rsp, 264 ; 00000108H + 0000e 48 8d 6c 24 20 lea rbp, QWORD PTR [rsp+32] + 00013 48 8b fc mov rdi, rsp + 00016 b9 42 00 00 00 mov ecx, 66 ; 00000042H + 0001b b8 cc cc cc cc mov eax, -858993460 ; ccccccccH + 00020 f3 ab rep stosd + 00022 48 8b 8c 24 28 + 01 00 00 mov rcx, QWORD PTR [rsp+296] + 0002a 48 8d 0d 00 00 + 00 00 lea rcx, OFFSET FLAT:__1D745195_ostream + 00031 e8 00 00 00 00 call __CheckForDebuggerJustMyCode + +; 79 : const auto _Rdbuf = _Myostr.rdbuf(); + + 00036 48 8b 85 00 01 + 00 00 mov rax, QWORD PTR this$[rbp] + 0003d 48 8b 00 mov rax, QWORD PTR [rax] + 00040 48 89 85 d8 00 + 00 00 mov QWORD PTR tv72[rbp], rax + 00047 48 8b 85 d8 00 + 00 00 mov rax, QWORD PTR tv72[rbp] + 0004e 48 8b 00 mov rax, QWORD PTR [rax] + 00051 48 63 40 04 movsxd rax, DWORD PTR [rax+4] + 00055 48 8b 8d d8 00 + 00 00 mov rcx, QWORD PTR tv72[rbp] + 0005c 48 03 c8 add rcx, rax + 0005f 48 8b c1 mov rax, rcx + 00062 48 8b c8 mov rcx, rax + 00065 ff 15 00 00 00 + 00 call QWORD PTR __imp_?rdbuf@?$basic_ios@DU?$char_traits@D@std@@@std@@QEBAPEAV?$basic_streambuf@DU?$char_traits@D@std@@@2@XZ + 0006b 48 89 45 08 mov QWORD PTR _Rdbuf$[rbp], rax + +; 80 : if (_Rdbuf) { + + 0006f 48 83 7d 08 00 cmp QWORD PTR _Rdbuf$[rbp], 0 + 00074 74 0f je SHORT $LN2@Sentry_bas + +; 81 : _Rdbuf->_Unlock(); + + 00076 48 8b 45 08 mov rax, QWORD PTR _Rdbuf$[rbp] + 0007a 48 8b 00 mov rax, QWORD PTR [rax] + 0007d 48 8b 4d 08 mov rcx, QWORD PTR _Rdbuf$[rbp] + 00081 ff 50 10 call QWORD PTR [rax+16] + 00084 90 npad 1 +$LN2@Sentry_bas: + +; 82 : } +; 83 : } + + 00085 48 8d a5 e8 00 + 00 00 lea rsp, QWORD PTR [rbp+232] + 0008c 5f pop rdi + 0008d 5d pop rbp + 0008e c3 ret 0 +??1_Sentry_base@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAA@XZ ENDP ; std::basic_ostream >::_Sentry_base::~_Sentry_base +_TEXT ENDS +; Function compile flags: /Odtp /RTCsu /ZI +; File C:\Program Files (x86)\Microsoft Visual Studio\2019\Community\VC\Tools\MSVC\14.27.29110\include\ostream +; COMDAT ??0_Sentry_base@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAA@AEAV12@@Z +_TEXT SEGMENT +_Rdbuf$ = 8 +tv73 = 216 +this$ = 256 +_Ostr$ = 264 +??0_Sentry_base@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAA@AEAV12@@Z PROC ; std::basic_ostream >::_Sentry_base::_Sentry_base, COMDAT + +; 71 : __CLR_OR_THIS_CALL _Sentry_base(basic_ostream& _Ostr) : _Myostr(_Ostr) { // lock the stream buffer, if there + +$LN4: + 00000 48 89 54 24 10 mov QWORD PTR [rsp+16], rdx + 00005 48 89 4c 24 08 mov QWORD PTR [rsp+8], rcx + 0000a 55 push rbp + 0000b 57 push rdi + 0000c 48 81 ec 08 01 + 00 00 sub rsp, 264 ; 00000108H + 00013 48 8d 6c 24 20 lea rbp, QWORD PTR [rsp+32] + 00018 48 8b fc mov rdi, rsp + 0001b b9 42 00 00 00 mov ecx, 66 ; 00000042H + 00020 b8 cc cc cc cc mov eax, -858993460 ; ccccccccH + 00025 f3 ab rep stosd + 00027 48 8b 8c 24 28 + 01 00 00 mov rcx, QWORD PTR [rsp+296] + 0002f 48 8d 0d 00 00 + 00 00 lea rcx, OFFSET FLAT:__1D745195_ostream + 00036 e8 00 00 00 00 call __CheckForDebuggerJustMyCode + 0003b 48 8b 85 00 01 + 00 00 mov rax, QWORD PTR this$[rbp] + 00042 48 8b 8d 08 01 + 00 00 mov rcx, QWORD PTR _Ostr$[rbp] + 00049 48 89 08 mov QWORD PTR [rax], rcx + +; 72 : const auto _Rdbuf = _Myostr.rdbuf(); + + 0004c 48 8b 85 00 01 + 00 00 mov rax, QWORD PTR this$[rbp] + 00053 48 8b 00 mov rax, QWORD PTR [rax] + 00056 48 89 85 d8 00 + 00 00 mov QWORD PTR tv73[rbp], rax + 0005d 48 8b 85 d8 00 + 00 00 mov rax, QWORD PTR tv73[rbp] + 00064 48 8b 00 mov rax, QWORD PTR [rax] + 00067 48 63 40 04 movsxd rax, DWORD PTR [rax+4] + 0006b 48 8b 8d d8 00 + 00 00 mov rcx, QWORD PTR tv73[rbp] + 00072 48 03 c8 add rcx, rax + 00075 48 8b c1 mov rax, rcx + 00078 48 8b c8 mov rcx, rax + 0007b ff 15 00 00 00 + 00 call QWORD PTR __imp_?rdbuf@?$basic_ios@DU?$char_traits@D@std@@@std@@QEBAPEAV?$basic_streambuf@DU?$char_traits@D@std@@@2@XZ + 00081 48 89 45 08 mov QWORD PTR _Rdbuf$[rbp], rax + +; 73 : if (_Rdbuf) { + + 00085 48 83 7d 08 00 cmp QWORD PTR _Rdbuf$[rbp], 0 + 0008a 74 0e je SHORT $LN2@Sentry_bas + +; 74 : _Rdbuf->_Lock(); + + 0008c 48 8b 45 08 mov rax, QWORD PTR _Rdbuf$[rbp] + 00090 48 8b 00 mov rax, QWORD PTR [rax] + 00093 48 8b 4d 08 mov rcx, QWORD PTR _Rdbuf$[rbp] + 00097 ff 50 08 call QWORD PTR [rax+8] +$LN2@Sentry_bas: + +; 75 : } +; 76 : } + + 0009a 48 8b 85 00 01 + 00 00 mov rax, QWORD PTR this$[rbp] + 000a1 48 8d a5 e8 00 + 00 00 lea rsp, QWORD PTR [rbp+232] + 000a8 5f pop rdi + 000a9 5d pop rbp + 000aa c3 ret 0 +??0_Sentry_base@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAA@AEAV12@@Z ENDP ; std::basic_ostream >::_Sentry_base::_Sentry_base +_TEXT ENDS +; Function compile flags: /Odtp /RTCsu /ZI +; File C:\Program Files (x86)\Microsoft Visual Studio\2019\Community\VC\Tools\MSVC\14.27.29110\include\xmemory +; COMDAT ??$_Delete_plain_internal@V?$allocator@U_Container_proxy@std@@@std@@@std@@YAXAEAV?$allocator@U_Container_proxy@std@@@0@QEAU_Container_proxy@0@@Z +_TEXT SEGMENT +_Al$ = 224 +_Ptr$ = 232 +??$_Delete_plain_internal@V?$allocator@U_Container_proxy@std@@@std@@@std@@YAXAEAV?$allocator@U_Container_proxy@std@@@0@QEAU_Container_proxy@0@@Z PROC ; std::_Delete_plain_internal >, COMDAT + +; 1026 : void _Delete_plain_internal(_Alloc& _Al, typename _Alloc::value_type* const _Ptr) noexcept { + +$LN3: + 00000 48 89 54 24 10 mov QWORD PTR [rsp+16], rdx + 00005 48 89 4c 24 08 mov QWORD PTR [rsp+8], rcx + 0000a 55 push rbp + 0000b 57 push rdi + 0000c 48 81 ec e8 00 + 00 00 sub rsp, 232 ; 000000e8H + 00013 48 8d 6c 24 20 lea rbp, QWORD PTR [rsp+32] + 00018 48 8b fc mov rdi, rsp + 0001b b9 3a 00 00 00 mov ecx, 58 ; 0000003aH + 00020 b8 cc cc cc cc mov eax, -858993460 ; ccccccccH + 00025 f3 ab rep stosd + 00027 48 8b 8c 24 08 + 01 00 00 mov rcx, QWORD PTR [rsp+264] + 0002f 48 8d 0d 00 00 + 00 00 lea rcx, OFFSET FLAT:__A58979FC_xmemory + 00036 e8 00 00 00 00 call __CheckForDebuggerJustMyCode + +; 1027 : // destroy *_Ptr in place, then deallocate _Ptr using _Al; used for internal container types the user didn't name +; 1028 : using _Ty = typename _Alloc::value_type; +; 1029 : _Ptr->~_Ty(); +; 1030 : _Deallocate_plain(_Al, _Ptr); + + 0003b 48 8b 95 e8 00 + 00 00 mov rdx, QWORD PTR _Ptr$[rbp] + 00042 48 8b 8d e0 00 + 00 00 mov rcx, QWORD PTR _Al$[rbp] + 00049 e8 00 00 00 00 call ??$_Deallocate_plain@V?$allocator@U_Container_proxy@std@@@std@@@std@@YAXAEAV?$allocator@U_Container_proxy@std@@@0@QEAU_Container_proxy@0@@Z ; std::_Deallocate_plain > + 0004e 90 npad 1 + +; 1031 : } + + 0004f 48 8d a5 c8 00 + 00 00 lea rsp, QWORD PTR [rbp+200] + 00056 5f pop rdi + 00057 5d pop rbp + 00058 c3 ret 0 +??$_Delete_plain_internal@V?$allocator@U_Container_proxy@std@@@std@@@std@@YAXAEAV?$allocator@U_Container_proxy@std@@@0@QEAU_Container_proxy@0@@Z ENDP ; std::_Delete_plain_internal > +_TEXT ENDS +; Function compile flags: /Odtp /RTCsu /ZI +; File C:\Program Files (x86)\Microsoft Visual Studio\2019\Community\VC\Tools\MSVC\14.27.29110\include\utility +; COMDAT ??$exchange@PEAU_Container_proxy@std@@$$T@std@@YAPEAU_Container_proxy@0@AEAPEAU10@$$QEA$$T@Z +_TEXT SEGMENT +_Old_val$ = 8 +_Val$ = 256 +_New_val$ = 264 +??$exchange@PEAU_Container_proxy@std@@$$T@std@@YAPEAU_Container_proxy@0@AEAPEAU10@$$QEA$$T@Z PROC ; std::exchange, COMDAT + +; 597 : conjunction_v, is_nothrow_assignable<_Ty&, _Other>>) /* strengthened */ { + +$LN3: + 00000 48 89 54 24 10 mov QWORD PTR [rsp+16], rdx + 00005 48 89 4c 24 08 mov QWORD PTR [rsp+8], rcx + 0000a 55 push rbp + 0000b 57 push rdi + 0000c 48 81 ec 08 01 + 00 00 sub rsp, 264 ; 00000108H + 00013 48 8d 6c 24 20 lea rbp, QWORD PTR [rsp+32] + 00018 48 8b fc mov rdi, rsp + 0001b b9 42 00 00 00 mov ecx, 66 ; 00000042H + 00020 b8 cc cc cc cc mov eax, -858993460 ; ccccccccH + 00025 f3 ab rep stosd + 00027 48 8b 8c 24 28 + 01 00 00 mov rcx, QWORD PTR [rsp+296] + 0002f 48 8d 0d 00 00 + 00 00 lea rcx, OFFSET FLAT:__CF1C1A3F_utility + 00036 e8 00 00 00 00 call __CheckForDebuggerJustMyCode + +; 598 : // assign _New_val to _Val, return previous _Val +; 599 : _Ty _Old_val = static_cast<_Ty&&>(_Val); + + 0003b 48 8b 85 00 01 + 00 00 mov rax, QWORD PTR _Val$[rbp] + 00042 48 8b 00 mov rax, QWORD PTR [rax] + 00045 48 89 45 08 mov QWORD PTR _Old_val$[rbp], rax + +; 600 : _Val = static_cast<_Other&&>(_New_val); + + 00049 48 8b 85 00 01 + 00 00 mov rax, QWORD PTR _Val$[rbp] + 00050 48 8b 8d 08 01 + 00 00 mov rcx, QWORD PTR _New_val$[rbp] + 00057 48 8b 09 mov rcx, QWORD PTR [rcx] + 0005a 48 89 08 mov QWORD PTR [rax], rcx + +; 601 : return _Old_val; + + 0005d 48 8b 45 08 mov rax, QWORD PTR _Old_val$[rbp] + +; 602 : } + + 00061 48 8d a5 e8 00 + 00 00 lea rsp, QWORD PTR [rbp+232] + 00068 5f pop rdi + 00069 5d pop rbp + 0006a c3 ret 0 +??$exchange@PEAU_Container_proxy@std@@$$T@std@@YAPEAU_Container_proxy@0@AEAPEAU10@$$QEA$$T@Z ENDP ; std::exchange +_TEXT ENDS +; Function compile flags: /Odtp /RTCsu /ZI +; File C:\Program Files (x86)\Microsoft Visual Studio\2019\Community\VC\Tools\MSVC\14.27.29110\include\xmemory +; COMDAT ??$?0K@?$allocator@U_Container_proxy@std@@@std@@QEAA@AEBV?$allocator@K@1@@Z +_TEXT SEGMENT +this$ = 224 +__formal$ = 232 +??$?0K@?$allocator@U_Container_proxy@std@@@std@@QEAA@AEBV?$allocator@K@1@@Z PROC ; std::allocator::allocator, COMDAT + +; 799 : constexpr allocator(const allocator<_Other>&) noexcept {} + +$LN3: + 00000 48 89 54 24 10 mov QWORD PTR [rsp+16], rdx + 00005 48 89 4c 24 08 mov QWORD PTR [rsp+8], rcx + 0000a 55 push rbp + 0000b 57 push rdi + 0000c 48 81 ec e8 00 + 00 00 sub rsp, 232 ; 000000e8H + 00013 48 8d 6c 24 20 lea rbp, QWORD PTR [rsp+32] + 00018 48 8b fc mov rdi, rsp + 0001b b9 3a 00 00 00 mov ecx, 58 ; 0000003aH + 00020 b8 cc cc cc cc mov eax, -858993460 ; ccccccccH + 00025 f3 ab rep stosd + 00027 48 8b 8c 24 08 + 01 00 00 mov rcx, QWORD PTR [rsp+264] + 0002f 48 8d 0d 00 00 + 00 00 lea rcx, OFFSET FLAT:__A58979FC_xmemory + 00036 e8 00 00 00 00 call __CheckForDebuggerJustMyCode + 0003b 48 8b 85 e0 00 + 00 00 mov rax, QWORD PTR this$[rbp] + 00042 48 8d a5 c8 00 + 00 00 lea rsp, QWORD PTR [rbp+200] + 00049 5f pop rdi + 0004a 5d pop rbp + 0004b c3 ret 0 +??$?0K@?$allocator@U_Container_proxy@std@@@std@@QEAA@AEBV?$allocator@K@1@@Z ENDP ; std::allocator::allocator +_TEXT ENDS +; Function compile flags: /Odtp /RTCsu /ZI +; File C:\Program Files (x86)\Microsoft Visual Studio\2019\Community\VC\Tools\MSVC\14.27.29110\include\iomanip +; COMDAT ??$?6DU?$char_traits@D@std@@D@std@@YAAEAV?$basic_ostream@DU?$char_traits@D@std@@@0@AEAV10@AEBU?$_Fillobj@D@0@@Z +_TEXT SEGMENT +tv79 = 192 +_Ostr$ = 240 +_Manip$ = 248 +??$?6DU?$char_traits@D@std@@D@std@@YAAEAV?$basic_ostream@DU?$char_traits@D@std@@@0@AEAV10@AEBU?$_Fillobj@D@0@@Z PROC ; std::operator<<,char>, COMDAT + +; 49 : const _Fillobj<_Elem2>& _Manip) { // set fill character in output stream + +$LN3: + 00000 48 89 54 24 10 mov QWORD PTR [rsp+16], rdx + 00005 48 89 4c 24 08 mov QWORD PTR [rsp+8], rcx + 0000a 55 push rbp + 0000b 57 push rdi + 0000c 48 81 ec f8 00 + 00 00 sub rsp, 248 ; 000000f8H + 00013 48 8d 6c 24 20 lea rbp, QWORD PTR [rsp+32] + 00018 48 8b fc mov rdi, rsp + 0001b b9 3e 00 00 00 mov ecx, 62 ; 0000003eH + 00020 b8 cc cc cc cc mov eax, -858993460 ; ccccccccH + 00025 f3 ab rep stosd + 00027 48 8b 8c 24 18 + 01 00 00 mov rcx, QWORD PTR [rsp+280] + 0002f 48 8d 0d 00 00 + 00 00 lea rcx, OFFSET FLAT:__8266A2FD_iomanip + 00036 e8 00 00 00 00 call __CheckForDebuggerJustMyCode + +; 50 : static_assert(is_same_v<_Elem, _Elem2>, "wrong character type for setfill"); +; 51 : +; 52 : _Ostr.fill(_Manip._Fill); + + 0003b 48 8b 85 f0 00 + 00 00 mov rax, QWORD PTR _Ostr$[rbp] + 00042 48 8b 00 mov rax, QWORD PTR [rax] + 00045 48 63 40 04 movsxd rax, DWORD PTR [rax+4] + 00049 48 8b 8d f0 00 + 00 00 mov rcx, QWORD PTR _Ostr$[rbp] + 00050 48 03 c8 add rcx, rax + 00053 48 8b c1 mov rax, rcx + 00056 48 89 85 c0 00 + 00 00 mov QWORD PTR tv79[rbp], rax + 0005d 48 8b 85 f8 00 + 00 00 mov rax, QWORD PTR _Manip$[rbp] + 00064 0f b6 10 movzx edx, BYTE PTR [rax] + 00067 48 8b 8d c0 00 + 00 00 mov rcx, QWORD PTR tv79[rbp] + 0006e ff 15 00 00 00 + 00 call QWORD PTR __imp_?fill@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAADD@Z + +; 53 : return _Ostr; + + 00074 48 8b 85 f0 00 + 00 00 mov rax, QWORD PTR _Ostr$[rbp] + +; 54 : } + + 0007b 48 8d a5 d8 00 + 00 00 lea rsp, QWORD PTR [rbp+216] + 00082 5f pop rdi + 00083 5d pop rbp + 00084 c3 ret 0 +??$?6DU?$char_traits@D@std@@D@std@@YAAEAV?$basic_ostream@DU?$char_traits@D@std@@@0@AEAV10@AEBU?$_Fillobj@D@0@@Z ENDP ; std::operator<<,char> +_TEXT ENDS +; Function compile flags: /Odtp /RTCsu /ZI +; File C:\Program Files (x86)\Microsoft Visual Studio\2019\Community\VC\Tools\MSVC\14.27.29110\include\iomanip +; COMDAT ??0?$_Fillobj@D@std@@QEAA@D@Z +_TEXT SEGMENT +this$ = 224 +_Ch$ = 232 +??0?$_Fillobj@D@std@@QEAA@D@Z PROC ; std::_Fillobj::_Fillobj, COMDAT + +; 27 : _Fillobj(_Elem _Ch) : _Fill(_Ch) {} + +$LN3: + 00000 88 54 24 10 mov BYTE PTR [rsp+16], dl + 00004 48 89 4c 24 08 mov QWORD PTR [rsp+8], rcx + 00009 55 push rbp + 0000a 57 push rdi + 0000b 48 81 ec e8 00 + 00 00 sub rsp, 232 ; 000000e8H + 00012 48 8d 6c 24 20 lea rbp, QWORD PTR [rsp+32] + 00017 48 8b fc mov rdi, rsp + 0001a b9 3a 00 00 00 mov ecx, 58 ; 0000003aH + 0001f b8 cc cc cc cc mov eax, -858993460 ; ccccccccH + 00024 f3 ab rep stosd + 00026 48 8b 8c 24 08 + 01 00 00 mov rcx, QWORD PTR [rsp+264] + 0002e 48 8d 0d 00 00 + 00 00 lea rcx, OFFSET FLAT:__8266A2FD_iomanip + 00035 e8 00 00 00 00 call __CheckForDebuggerJustMyCode + 0003a 48 8b 85 e0 00 + 00 00 mov rax, QWORD PTR this$[rbp] + 00041 0f b6 8d e8 00 + 00 00 movzx ecx, BYTE PTR _Ch$[rbp] + 00048 88 08 mov BYTE PTR [rax], cl + 0004a 48 8b 85 e0 00 + 00 00 mov rax, QWORD PTR this$[rbp] + 00051 48 8d a5 c8 00 + 00 00 lea rsp, QWORD PTR [rbp+200] + 00058 5f pop rdi + 00059 5d pop rbp + 0005a c3 ret 0 +??0?$_Fillobj@D@std@@QEAA@D@Z ENDP ; std::_Fillobj::_Fillobj +_TEXT ENDS +; Function compile flags: /Odtp /RTCsu /ZI +; File C:\Program Files (x86)\Microsoft Visual Studio\2019\Community\VC\Tools\MSVC\14.27.29110\include\iomanip +; COMDAT ??$setfill@D@std@@YA?AU?$_Fillobj@D@0@D@Z +_TEXT SEGMENT +__$ReturnUdt$ = 224 +_Ch$ = 232 +??$setfill@D@std@@YA?AU?$_Fillobj@D@0@D@Z PROC ; std::setfill, COMDAT + +; 34 : _NODISCARD _Fillobj<_Elem> setfill(_Elem _Ch) { + +$LN3: + 00000 88 54 24 10 mov BYTE PTR [rsp+16], dl + 00004 48 89 4c 24 08 mov QWORD PTR [rsp+8], rcx + 00009 55 push rbp + 0000a 57 push rdi + 0000b 48 81 ec e8 00 + 00 00 sub rsp, 232 ; 000000e8H + 00012 48 8d 6c 24 20 lea rbp, QWORD PTR [rsp+32] + 00017 48 8b fc mov rdi, rsp + 0001a b9 3a 00 00 00 mov ecx, 58 ; 0000003aH + 0001f b8 cc cc cc cc mov eax, -858993460 ; ccccccccH + 00024 f3 ab rep stosd + 00026 48 8b 8c 24 08 + 01 00 00 mov rcx, QWORD PTR [rsp+264] + 0002e 48 8d 0d 00 00 + 00 00 lea rcx, OFFSET FLAT:__8266A2FD_iomanip + 00035 e8 00 00 00 00 call __CheckForDebuggerJustMyCode + +; 35 : return _Fillobj<_Elem>(_Ch); + + 0003a 0f b6 95 e8 00 + 00 00 movzx edx, BYTE PTR _Ch$[rbp] + 00041 48 8b 8d e0 00 + 00 00 mov rcx, QWORD PTR __$ReturnUdt$[rbp] + 00048 e8 00 00 00 00 call ??0?$_Fillobj@D@std@@QEAA@D@Z ; std::_Fillobj::_Fillobj + 0004d 48 8b 85 e0 00 + 00 00 mov rax, QWORD PTR __$ReturnUdt$[rbp] + +; 36 : } + + 00054 48 8d a5 c8 00 + 00 00 lea rsp, QWORD PTR [rbp+200] + 0005b 5f pop rdi + 0005c 5d pop rbp + 0005d c3 ret 0 +??$setfill@D@std@@YA?AU?$_Fillobj@D@0@D@Z ENDP ; std::setfill +_TEXT ENDS +; Function compile flags: /Odtp /RTCsu /ZI +; File C:\Program Files (x86)\Microsoft Visual Studio\2019\Community\VC\Tools\MSVC\14.27.29110\include\iomanip +; COMDAT ??$?6DU?$char_traits@D@std@@_J@std@@YAAEAV?$basic_ostream@DU?$char_traits@D@std@@@0@AEAV10@AEBU?$_Smanip@_J@0@@Z +_TEXT SEGMENT +tv79 = 192 +_Ostr$ = 240 +_Manip$ = 248 +??$?6DU?$char_traits@D@std@@_J@std@@YAAEAV?$basic_ostream@DU?$char_traits@D@std@@@0@AEAV10@AEBU?$_Smanip@_J@0@@Z PROC ; std::operator<<,__int64>, COMDAT + +; 423 : const _Smanip<_Arg>& _Manip) { // insert by calling function with output stream and argument + +$LN3: + 00000 48 89 54 24 10 mov QWORD PTR [rsp+16], rdx + 00005 48 89 4c 24 08 mov QWORD PTR [rsp+8], rcx + 0000a 55 push rbp + 0000b 57 push rdi + 0000c 48 81 ec f8 00 + 00 00 sub rsp, 248 ; 000000f8H + 00013 48 8d 6c 24 20 lea rbp, QWORD PTR [rsp+32] + 00018 48 8b fc mov rdi, rsp + 0001b b9 3e 00 00 00 mov ecx, 62 ; 0000003eH + 00020 b8 cc cc cc cc mov eax, -858993460 ; ccccccccH + 00025 f3 ab rep stosd + 00027 48 8b 8c 24 18 + 01 00 00 mov rcx, QWORD PTR [rsp+280] + 0002f 48 8d 0d 00 00 + 00 00 lea rcx, OFFSET FLAT:__8266A2FD_iomanip + 00036 e8 00 00 00 00 call __CheckForDebuggerJustMyCode + +; 424 : (*_Manip._Pfun)(_Ostr, _Manip._Manarg); + + 0003b 48 8b 85 f8 00 + 00 00 mov rax, QWORD PTR _Manip$[rbp] + 00042 48 8b 00 mov rax, QWORD PTR [rax] + 00045 48 89 85 c0 00 + 00 00 mov QWORD PTR tv79[rbp], rax + 0004c 48 8b 85 f0 00 + 00 00 mov rax, QWORD PTR _Ostr$[rbp] + 00053 48 8b 00 mov rax, QWORD PTR [rax] + 00056 48 63 40 04 movsxd rax, DWORD PTR [rax+4] + 0005a 48 8b 8d f0 00 + 00 00 mov rcx, QWORD PTR _Ostr$[rbp] + 00061 48 03 c8 add rcx, rax + 00064 48 8b c1 mov rax, rcx + 00067 48 8b 8d f8 00 + 00 00 mov rcx, QWORD PTR _Manip$[rbp] + 0006e 48 8b 51 08 mov rdx, QWORD PTR [rcx+8] + 00072 48 8b c8 mov rcx, rax + 00075 ff 95 c0 00 00 + 00 call QWORD PTR tv79[rbp] + +; 425 : return _Ostr; + + 0007b 48 8b 85 f0 00 + 00 00 mov rax, QWORD PTR _Ostr$[rbp] + +; 426 : } + + 00082 48 8d a5 d8 00 + 00 00 lea rsp, QWORD PTR [rbp+216] + 00089 5f pop rdi + 0008a 5d pop rbp + 0008b c3 ret 0 +??$?6DU?$char_traits@D@std@@_J@std@@YAAEAV?$basic_ostream@DU?$char_traits@D@std@@@0@AEAV10@AEBU?$_Smanip@_J@0@@Z ENDP ; std::operator<<,__int64> +_TEXT ENDS +; Function compile flags: /Odtp /RTCsu /ZI +; File C:\Program Files (x86)\Microsoft Visual Studio\2019\Community\VC\Tools\MSVC\14.27.29110\include\ostream +; COMDAT ??$?6U?$char_traits@D@std@@@std@@YAAEAV?$basic_ostream@DU?$char_traits@D@std@@@0@AEAV10@D@Z +_TEXT SEGMENT +_State$ = 4 +_Ok$ = 40 +_Pad$4 = 88 +$T5 = 308 +$T6 = 340 +$T7 = 372 +$T8 = 404 +$T9 = 436 +$T10 = 468 +$T11 = 504 +tv65 = 516 +tv305 = 520 +tv303 = 520 +tv300 = 520 +tv295 = 520 +tv281 = 520 +tv266 = 520 +tv130 = 520 +tv245 = 528 +tv204 = 528 +tv179 = 528 +tv306 = 536 +tv304 = 536 +tv301 = 536 +tv243 = 537 +tv177 = 537 +tv307 = 540 +tv302 = 540 +__$ArrayPad$ = 544 +_Ostr$ = 592 +_Ch$ = 600 +??$?6U?$char_traits@D@std@@@std@@YAAEAV?$basic_ostream@DU?$char_traits@D@std@@@0@AEAV10@D@Z PROC ; std::operator<< >, COMDAT + +; 780 : basic_ostream& _Ostr, char _Ch) { // insert a char into char stream + +$LN23: + 00000 88 54 24 10 mov BYTE PTR [rsp+16], dl + 00004 48 89 4c 24 08 mov QWORD PTR [rsp+8], rcx + 00009 55 push rbp + 0000a 57 push rdi + 0000b 48 81 ec 58 02 + 00 00 sub rsp, 600 ; 00000258H + 00012 48 8d 6c 24 20 lea rbp, QWORD PTR [rsp+32] + 00017 48 8b fc mov rdi, rsp + 0001a b9 96 00 00 00 mov ecx, 150 ; 00000096H + 0001f b8 cc cc cc cc mov eax, -858993460 ; ccccccccH + 00024 f3 ab rep stosd + 00026 48 8b 8c 24 78 + 02 00 00 mov rcx, QWORD PTR [rsp+632] + 0002e 48 8b 05 00 00 + 00 00 mov rax, QWORD PTR __security_cookie + 00035 48 33 c5 xor rax, rbp + 00038 48 89 85 20 02 + 00 00 mov QWORD PTR __$ArrayPad$[rbp], rax + 0003f 48 8d 0d 00 00 + 00 00 lea rcx, OFFSET FLAT:__1D745195_ostream + 00046 e8 00 00 00 00 call __CheckForDebuggerJustMyCode + +; 781 : using _Elem = char; +; 782 : using _Myos = basic_ostream<_Elem, _Traits>; +; 783 : +; 784 : ios_base::iostate _State = ios_base::goodbit; + + 0004b c7 45 04 00 00 + 00 00 mov DWORD PTR _State$[rbp], 0 + +; 785 : const typename _Myos::sentry _Ok(_Ostr); + + 00052 48 8b 95 50 02 + 00 00 mov rdx, QWORD PTR _Ostr$[rbp] + 00059 48 8d 4d 28 lea rcx, QWORD PTR _Ok$[rbp] + 0005d e8 00 00 00 00 call ??0sentry@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAA@AEAV12@@Z ; std::basic_ostream >::sentry::sentry + 00062 90 npad 1 + +; 786 : +; 787 : if (_Ok) { // state okay, insert + + 00063 48 8d 4d 28 lea rcx, QWORD PTR _Ok$[rbp] + 00067 e8 00 00 00 00 call ??Bsentry@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEBA_NXZ ; std::basic_ostream >::sentry::operator bool + 0006c 0f b6 c0 movzx eax, al + 0006f 85 c0 test eax, eax + 00071 0f 84 1d 03 00 + 00 je $LN8@operator + +; 788 : streamsize _Pad = _Ostr.width() <= 1 ? 0 : _Ostr.width() - 1; + + 00077 48 8b 85 50 02 + 00 00 mov rax, QWORD PTR _Ostr$[rbp] + 0007e 48 8b 00 mov rax, QWORD PTR [rax] + 00081 48 63 40 04 movsxd rax, DWORD PTR [rax+4] + 00085 48 8b 8d 50 02 + 00 00 mov rcx, QWORD PTR _Ostr$[rbp] + 0008c 48 03 c8 add rcx, rax + 0008f 48 8b c1 mov rax, rcx + 00092 48 8b c8 mov rcx, rax + 00095 ff 15 00 00 00 + 00 call QWORD PTR __imp_?width@ios_base@std@@QEBA_JXZ + 0009b 48 83 f8 01 cmp rax, 1 + 0009f 7f 0d jg SHORT $LN15@operator + 000a1 48 c7 85 08 02 + 00 00 00 00 00 + 00 mov QWORD PTR tv130[rbp], 0 + 000ac eb 2e jmp SHORT $LN16@operator +$LN15@operator: + 000ae 48 8b 85 50 02 + 00 00 mov rax, QWORD PTR _Ostr$[rbp] + 000b5 48 8b 00 mov rax, QWORD PTR [rax] + 000b8 48 63 40 04 movsxd rax, DWORD PTR [rax+4] + 000bc 48 8b 8d 50 02 + 00 00 mov rcx, QWORD PTR _Ostr$[rbp] + 000c3 48 03 c8 add rcx, rax + 000c6 48 8b c1 mov rax, rcx + 000c9 48 8b c8 mov rcx, rax + 000cc ff 15 00 00 00 + 00 call QWORD PTR __imp_?width@ios_base@std@@QEBA_JXZ + 000d2 48 ff c8 dec rax + 000d5 48 89 85 08 02 + 00 00 mov QWORD PTR tv130[rbp], rax +$LN16@operator: + 000dc 48 8b 85 08 02 + 00 00 mov rax, QWORD PTR tv130[rbp] + 000e3 48 89 45 58 mov QWORD PTR _Pad$4[rbp], rax + +; 789 : +; 790 : _TRY_IO_BEGIN +; 791 : if ((_Ostr.flags() & ios_base::adjustfield) != ios_base::left) { + + 000e7 48 8b 85 50 02 + 00 00 mov rax, QWORD PTR _Ostr$[rbp] + 000ee 48 8b 00 mov rax, QWORD PTR [rax] + 000f1 48 63 40 04 movsxd rax, DWORD PTR [rax+4] + 000f5 48 8b 8d 50 02 + 00 00 mov rcx, QWORD PTR _Ostr$[rbp] + 000fc 48 03 c8 add rcx, rax + 000ff 48 8b c1 mov rax, rcx + 00102 48 8b c8 mov rcx, rax + 00105 ff 15 00 00 00 + 00 call QWORD PTR __imp_?flags@ios_base@std@@QEBAHXZ + 0010b 89 85 04 02 00 + 00 mov DWORD PTR tv65[rbp], eax + 00111 8b 85 04 02 00 + 00 mov eax, DWORD PTR tv65[rbp] + 00117 25 c0 01 00 00 and eax, 448 ; 000001c0H + 0011c 83 f8 40 cmp eax, 64 ; 00000040H + 0011f 0f 84 eb 00 00 + 00 je $LN10@operator + +; 792 : for (; _State == ios_base::goodbit && 0 < _Pad; --_Pad) { // pad on left + + 00125 eb 0b jmp SHORT $LN4@operator +$LN2@operator: + 00127 48 8b 45 58 mov rax, QWORD PTR _Pad$4[rbp] + 0012b 48 ff c8 dec rax + 0012e 48 89 45 58 mov QWORD PTR _Pad$4[rbp], rax +$LN4@operator: + 00132 83 7d 04 00 cmp DWORD PTR _State$[rbp], 0 + 00136 0f 85 d4 00 00 + 00 jne $LN10@operator + 0013c 48 83 7d 58 00 cmp QWORD PTR _Pad$4[rbp], 0 + 00141 0f 8e c9 00 00 + 00 jle $LN10@operator + +; 793 : if (_Traits::eq_int_type(_Traits::eof(), _Ostr.rdbuf()->sputc(_Ostr.fill()))) { + + 00147 48 8b 85 50 02 + 00 00 mov rax, QWORD PTR _Ostr$[rbp] + 0014e 48 8b 00 mov rax, QWORD PTR [rax] + 00151 48 63 40 04 movsxd rax, DWORD PTR [rax+4] + 00155 48 8b 8d 50 02 + 00 00 mov rcx, QWORD PTR _Ostr$[rbp] + 0015c 48 03 c8 add rcx, rax + 0015f 48 8b c1 mov rax, rcx + 00162 48 8b c8 mov rcx, rax + 00165 ff 15 00 00 00 + 00 call QWORD PTR __imp_?rdbuf@?$basic_ios@DU?$char_traits@D@std@@@std@@QEBAPEAV?$basic_streambuf@DU?$char_traits@D@std@@@2@XZ + 0016b 48 89 85 08 02 + 00 00 mov QWORD PTR tv300[rbp], rax + 00172 48 8b 85 08 02 + 00 00 mov rax, QWORD PTR tv300[rbp] + 00179 48 89 85 10 02 + 00 00 mov QWORD PTR tv179[rbp], rax + 00180 48 8b 85 50 02 + 00 00 mov rax, QWORD PTR _Ostr$[rbp] + 00187 48 8b 00 mov rax, QWORD PTR [rax] + 0018a 48 63 40 04 movsxd rax, DWORD PTR [rax+4] + 0018e 48 8b 8d 50 02 + 00 00 mov rcx, QWORD PTR _Ostr$[rbp] + 00195 48 03 c8 add rcx, rax + 00198 48 8b c1 mov rax, rcx + 0019b 48 8b c8 mov rcx, rax + 0019e ff 15 00 00 00 + 00 call QWORD PTR __imp_?fill@?$basic_ios@DU?$char_traits@D@std@@@std@@QEBADXZ + 001a4 88 85 18 02 00 + 00 mov BYTE PTR tv301[rbp], al + 001aa 0f b6 85 18 02 + 00 00 movzx eax, BYTE PTR tv301[rbp] + 001b1 88 85 19 02 00 + 00 mov BYTE PTR tv177[rbp], al + 001b7 0f b6 95 19 02 + 00 00 movzx edx, BYTE PTR tv177[rbp] + 001be 48 8b 8d 10 02 + 00 00 mov rcx, QWORD PTR tv179[rbp] + 001c5 ff 15 00 00 00 + 00 call QWORD PTR __imp_?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHD@Z + 001cb 89 85 1c 02 00 + 00 mov DWORD PTR tv302[rbp], eax + 001d1 8b 85 1c 02 00 + 00 mov eax, DWORD PTR tv302[rbp] + 001d7 89 85 34 01 00 + 00 mov DWORD PTR $T5[rbp], eax + 001dd e8 00 00 00 00 call ?eof@?$_Narrow_char_traits@DH@std@@SAHXZ ; std::_Narrow_char_traits::eof + 001e2 89 85 54 01 00 + 00 mov DWORD PTR $T6[rbp], eax + 001e8 48 8d 95 34 01 + 00 00 lea rdx, QWORD PTR $T5[rbp] + 001ef 48 8d 8d 54 01 + 00 00 lea rcx, QWORD PTR $T6[rbp] + 001f6 e8 00 00 00 00 call ?eq_int_type@?$_Narrow_char_traits@DH@std@@SA_NAEBH0@Z ; std::_Narrow_char_traits::eq_int_type + 001fb 0f b6 c0 movzx eax, al + 001fe 85 c0 test eax, eax + 00200 74 09 je SHORT $LN11@operator + +; 794 : _State |= ios_base::badbit; + + 00202 8b 45 04 mov eax, DWORD PTR _State$[rbp] + 00205 83 c8 04 or eax, 4 + 00208 89 45 04 mov DWORD PTR _State$[rbp], eax +$LN11@operator: + +; 795 : } +; 796 : } + + 0020b e9 17 ff ff ff jmp $LN2@operator +$LN10@operator: + +; 797 : } +; 798 : +; 799 : if (_State == ios_base::goodbit && _Traits::eq_int_type(_Traits::eof(), _Ostr.rdbuf()->sputc(_Ch))) { + + 00210 83 7d 04 00 cmp DWORD PTR _State$[rbp], 0 + 00214 0f 85 8d 00 00 + 00 jne $LN12@operator + 0021a 48 8b 85 50 02 + 00 00 mov rax, QWORD PTR _Ostr$[rbp] + 00221 48 8b 00 mov rax, QWORD PTR [rax] + 00224 48 63 40 04 movsxd rax, DWORD PTR [rax+4] + 00228 48 8b 8d 50 02 + 00 00 mov rcx, QWORD PTR _Ostr$[rbp] + 0022f 48 03 c8 add rcx, rax + 00232 48 8b c1 mov rax, rcx + 00235 48 8b c8 mov rcx, rax + 00238 ff 15 00 00 00 + 00 call QWORD PTR __imp_?rdbuf@?$basic_ios@DU?$char_traits@D@std@@@std@@QEBAPEAV?$basic_streambuf@DU?$char_traits@D@std@@@2@XZ + 0023e 48 89 85 08 02 + 00 00 mov QWORD PTR tv303[rbp], rax + 00245 48 8b 85 08 02 + 00 00 mov rax, QWORD PTR tv303[rbp] + 0024c 48 89 85 10 02 + 00 00 mov QWORD PTR tv204[rbp], rax + 00253 0f b6 95 58 02 + 00 00 movzx edx, BYTE PTR _Ch$[rbp] + 0025a 48 8b 8d 10 02 + 00 00 mov rcx, QWORD PTR tv204[rbp] + 00261 ff 15 00 00 00 + 00 call QWORD PTR __imp_?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHD@Z + 00267 89 85 18 02 00 + 00 mov DWORD PTR tv304[rbp], eax + 0026d 8b 85 18 02 00 + 00 mov eax, DWORD PTR tv304[rbp] + 00273 89 85 74 01 00 + 00 mov DWORD PTR $T7[rbp], eax + 00279 e8 00 00 00 00 call ?eof@?$_Narrow_char_traits@DH@std@@SAHXZ ; std::_Narrow_char_traits::eof + 0027e 89 85 94 01 00 + 00 mov DWORD PTR $T8[rbp], eax + 00284 48 8d 95 74 01 + 00 00 lea rdx, QWORD PTR $T7[rbp] + 0028b 48 8d 8d 94 01 + 00 00 lea rcx, QWORD PTR $T8[rbp] + 00292 e8 00 00 00 00 call ?eq_int_type@?$_Narrow_char_traits@DH@std@@SA_NAEBH0@Z ; std::_Narrow_char_traits::eq_int_type + 00297 0f b6 c0 movzx eax, al + 0029a 85 c0 test eax, eax + 0029c 74 09 je SHORT $LN12@operator + +; 800 : _State |= ios_base::badbit; + + 0029e 8b 45 04 mov eax, DWORD PTR _State$[rbp] + 002a1 83 c8 04 or eax, 4 + 002a4 89 45 04 mov DWORD PTR _State$[rbp], eax +$LN12@operator: + +; 801 : } +; 802 : +; 803 : for (; _State == ios_base::goodbit && 0 < _Pad; --_Pad) { // pad on right + + 002a7 eb 0b jmp SHORT $LN7@operator +$LN5@operator: + 002a9 48 8b 45 58 mov rax, QWORD PTR _Pad$4[rbp] + 002ad 48 ff c8 dec rax + 002b0 48 89 45 58 mov QWORD PTR _Pad$4[rbp], rax +$LN7@operator: + 002b4 83 7d 04 00 cmp DWORD PTR _State$[rbp], 0 + 002b8 0f 85 d4 00 00 + 00 jne $LN6@operator + 002be 48 83 7d 58 00 cmp QWORD PTR _Pad$4[rbp], 0 + 002c3 0f 8e c9 00 00 + 00 jle $LN6@operator + +; 804 : if (_Traits::eq_int_type(_Traits::eof(), _Ostr.rdbuf()->sputc(_Ostr.fill()))) { + + 002c9 48 8b 85 50 02 + 00 00 mov rax, QWORD PTR _Ostr$[rbp] + 002d0 48 8b 00 mov rax, QWORD PTR [rax] + 002d3 48 63 40 04 movsxd rax, DWORD PTR [rax+4] + 002d7 48 8b 8d 50 02 + 00 00 mov rcx, QWORD PTR _Ostr$[rbp] + 002de 48 03 c8 add rcx, rax + 002e1 48 8b c1 mov rax, rcx + 002e4 48 8b c8 mov rcx, rax + 002e7 ff 15 00 00 00 + 00 call QWORD PTR __imp_?rdbuf@?$basic_ios@DU?$char_traits@D@std@@@std@@QEBAPEAV?$basic_streambuf@DU?$char_traits@D@std@@@2@XZ + 002ed 48 89 85 08 02 + 00 00 mov QWORD PTR tv305[rbp], rax + 002f4 48 8b 85 08 02 + 00 00 mov rax, QWORD PTR tv305[rbp] + 002fb 48 89 85 10 02 + 00 00 mov QWORD PTR tv245[rbp], rax + 00302 48 8b 85 50 02 + 00 00 mov rax, QWORD PTR _Ostr$[rbp] + 00309 48 8b 00 mov rax, QWORD PTR [rax] + 0030c 48 63 40 04 movsxd rax, DWORD PTR [rax+4] + 00310 48 8b 8d 50 02 + 00 00 mov rcx, QWORD PTR _Ostr$[rbp] + 00317 48 03 c8 add rcx, rax + 0031a 48 8b c1 mov rax, rcx + 0031d 48 8b c8 mov rcx, rax + 00320 ff 15 00 00 00 + 00 call QWORD PTR __imp_?fill@?$basic_ios@DU?$char_traits@D@std@@@std@@QEBADXZ + 00326 88 85 18 02 00 + 00 mov BYTE PTR tv306[rbp], al + 0032c 0f b6 85 18 02 + 00 00 movzx eax, BYTE PTR tv306[rbp] + 00333 88 85 19 02 00 + 00 mov BYTE PTR tv243[rbp], al + 00339 0f b6 95 19 02 + 00 00 movzx edx, BYTE PTR tv243[rbp] + 00340 48 8b 8d 10 02 + 00 00 mov rcx, QWORD PTR tv245[rbp] + 00347 ff 15 00 00 00 + 00 call QWORD PTR __imp_?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHD@Z + 0034d 89 85 1c 02 00 + 00 mov DWORD PTR tv307[rbp], eax + 00353 8b 85 1c 02 00 + 00 mov eax, DWORD PTR tv307[rbp] + 00359 89 85 b4 01 00 + 00 mov DWORD PTR $T9[rbp], eax + 0035f e8 00 00 00 00 call ?eof@?$_Narrow_char_traits@DH@std@@SAHXZ ; std::_Narrow_char_traits::eof + 00364 89 85 d4 01 00 + 00 mov DWORD PTR $T10[rbp], eax + 0036a 48 8d 95 b4 01 + 00 00 lea rdx, QWORD PTR $T9[rbp] + 00371 48 8d 8d d4 01 + 00 00 lea rcx, QWORD PTR $T10[rbp] + 00378 e8 00 00 00 00 call ?eq_int_type@?$_Narrow_char_traits@DH@std@@SA_NAEBH0@Z ; std::_Narrow_char_traits::eq_int_type + 0037d 0f b6 c0 movzx eax, al + 00380 85 c0 test eax, eax + 00382 74 09 je SHORT $LN13@operator + +; 805 : _State |= ios_base::badbit; + + 00384 8b 45 04 mov eax, DWORD PTR _State$[rbp] + 00387 83 c8 04 or eax, 4 + 0038a 89 45 04 mov DWORD PTR _State$[rbp], eax +$LN13@operator: + +; 806 : } +; 807 : } + + 0038d e9 17 ff ff ff jmp $LN5@operator +$LN6@operator: + 00392 eb 00 jmp SHORT $LN8@operator +$LN21@operator: +$LN8@operator: + +; 808 : _CATCH_IO_(ios_base, _Ostr) +; 809 : } +; 810 : +; 811 : _Ostr.width(0); + + 00394 48 8b 85 50 02 + 00 00 mov rax, QWORD PTR _Ostr$[rbp] + 0039b 48 8b 00 mov rax, QWORD PTR [rax] + 0039e 48 63 40 04 movsxd rax, DWORD PTR [rax+4] + 003a2 48 8b 8d 50 02 + 00 00 mov rcx, QWORD PTR _Ostr$[rbp] + 003a9 48 03 c8 add rcx, rax + 003ac 48 8b c1 mov rax, rcx + 003af 48 89 85 08 02 + 00 00 mov QWORD PTR tv281[rbp], rax + 003b6 33 d2 xor edx, edx + 003b8 48 8b 8d 08 02 + 00 00 mov rcx, QWORD PTR tv281[rbp] + 003bf ff 15 00 00 00 + 00 call QWORD PTR __imp_?width@ios_base@std@@QEAA_J_J@Z + +; 812 : _Ostr.setstate(_State); + + 003c5 48 8b 85 50 02 + 00 00 mov rax, QWORD PTR _Ostr$[rbp] + 003cc 48 8b 00 mov rax, QWORD PTR [rax] + 003cf 48 63 40 04 movsxd rax, DWORD PTR [rax+4] + 003d3 48 8b 8d 50 02 + 00 00 mov rcx, QWORD PTR _Ostr$[rbp] + 003da 48 03 c8 add rcx, rax + 003dd 48 8b c1 mov rax, rcx + 003e0 48 89 85 08 02 + 00 00 mov QWORD PTR tv295[rbp], rax + 003e7 45 33 c0 xor r8d, r8d + 003ea 8b 55 04 mov edx, DWORD PTR _State$[rbp] + 003ed 48 8b 8d 08 02 + 00 00 mov rcx, QWORD PTR tv295[rbp] + 003f4 ff 15 00 00 00 + 00 call QWORD PTR __imp_?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAAXH_N@Z + +; 813 : return _Ostr; + + 003fa 48 8b 85 50 02 + 00 00 mov rax, QWORD PTR _Ostr$[rbp] + 00401 48 89 85 f8 01 + 00 00 mov QWORD PTR $T11[rbp], rax + 00408 48 8d 4d 28 lea rcx, QWORD PTR _Ok$[rbp] + 0040c e8 00 00 00 00 call ??1sentry@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAA@XZ ; std::basic_ostream >::sentry::~sentry + 00411 48 8b 85 f8 01 + 00 00 mov rax, QWORD PTR $T11[rbp] + +; 814 : } + + 00418 48 8b f8 mov rdi, rax + 0041b 48 8d 4d e0 lea rcx, QWORD PTR [rbp-32] + 0041f 48 8d 15 00 00 + 00 00 lea rdx, OFFSET FLAT:??$?6U?$char_traits@D@std@@@std@@YAAEAV?$basic_ostream@DU?$char_traits@D@std@@@0@AEAV10@D@Z$rtcFrameData + 00426 e8 00 00 00 00 call _RTC_CheckStackVars + 0042b 48 8b c7 mov rax, rdi + 0042e 48 8b 8d 20 02 + 00 00 mov rcx, QWORD PTR __$ArrayPad$[rbp] + 00435 48 33 cd xor rcx, rbp + 00438 e8 00 00 00 00 call __security_check_cookie + 0043d 48 8d a5 38 02 + 00 00 lea rsp, QWORD PTR [rbp+568] + 00444 5f pop rdi + 00445 5d pop rbp + 00446 c3 ret 0 +??$?6U?$char_traits@D@std@@@std@@YAAEAV?$basic_ostream@DU?$char_traits@D@std@@@0@AEAV10@D@Z ENDP ; std::operator<< > +_TEXT ENDS +; COMDAT text$x +text$x SEGMENT +_State$ = 4 +_Ok$ = 40 +_Pad$4 = 88 +$T5 = 308 +$T6 = 340 +$T7 = 372 +$T8 = 404 +$T9 = 436 +$T10 = 468 +$T11 = 504 +tv65 = 516 +tv305 = 520 +tv303 = 520 +tv300 = 520 +tv295 = 520 +tv281 = 520 +tv266 = 520 +tv130 = 520 +tv245 = 528 +tv204 = 528 +tv179 = 528 +tv306 = 536 +tv304 = 536 +tv301 = 536 +tv243 = 537 +tv177 = 537 +tv307 = 540 +tv302 = 540 +__$ArrayPad$ = 544 +_Ostr$ = 592 +_Ch$ = 600 +?dtor$0@?0???$?6U?$char_traits@D@std@@@std@@YAAEAV?$basic_ostream@DU?$char_traits@D@std@@@0@AEAV10@D@Z@4HA PROC ; `std::operator<< >'::`1'::dtor$0 + 00000 48 89 4c 24 08 mov QWORD PTR [rsp+8], rcx + 00005 48 89 54 24 10 mov QWORD PTR [rsp+16], rdx + 0000a 55 push rbp + 0000b 57 push rdi + 0000c 48 83 ec 28 sub rsp, 40 ; 00000028H + 00010 48 8d 6a 20 lea rbp, QWORD PTR [rdx+32] + 00014 48 8d 4d 28 lea rcx, QWORD PTR _Ok$[rbp] + 00018 e8 00 00 00 00 call ??1sentry@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAA@XZ ; std::basic_ostream >::sentry::~sentry + 0001d 48 83 c4 28 add rsp, 40 ; 00000028H + 00021 5f pop rdi + 00022 5d pop rbp + 00023 c3 ret 0 +?dtor$0@?0???$?6U?$char_traits@D@std@@@std@@YAAEAV?$basic_ostream@DU?$char_traits@D@std@@@0@AEAV10@D@Z@4HA ENDP ; `std::operator<< >'::`1'::dtor$0 +text$x ENDS +; COMDAT text$x +text$x SEGMENT +_State$ = 4 +_Ok$ = 40 +_Pad$4 = 88 +$T5 = 308 +$T6 = 340 +$T7 = 372 +$T8 = 404 +$T9 = 436 +$T10 = 468 +$T11 = 504 +tv65 = 516 +tv305 = 520 +tv303 = 520 +tv300 = 520 +tv295 = 520 +tv281 = 520 +tv266 = 520 +tv130 = 520 +tv245 = 528 +tv204 = 528 +tv179 = 528 +tv306 = 536 +tv304 = 536 +tv301 = 536 +tv243 = 537 +tv177 = 537 +tv307 = 540 +tv302 = 540 +__$ArrayPad$ = 544 +_Ostr$ = 592 +_Ch$ = 600 +?catch$1@?0???$?6U?$char_traits@D@std@@@std@@YAAEAV?$basic_ostream@DU?$char_traits@D@std@@@0@AEAV10@D@Z@4HA PROC ; `std::operator<< >'::`1'::catch$1 + +; 808 : _CATCH_IO_(ios_base, _Ostr) + + 00000 48 89 4c 24 08 mov QWORD PTR [rsp+8], rcx + 00005 48 89 54 24 10 mov QWORD PTR [rsp+16], rdx + 0000a 55 push rbp + 0000b 57 push rdi + 0000c 48 83 ec 28 sub rsp, 40 ; 00000028H + 00010 48 8d 6a 20 lea rbp, QWORD PTR [rdx+32] +__catch$??$?6U?$char_traits@D@std@@@std@@YAAEAV?$basic_ostream@DU?$char_traits@D@std@@@0@AEAV10@D@Z$0: + 00014 48 8b 85 50 02 + 00 00 mov rax, QWORD PTR _Ostr$[rbp] + 0001b 48 8b 00 mov rax, QWORD PTR [rax] + 0001e 48 63 40 04 movsxd rax, DWORD PTR [rax+4] + 00022 48 8b 8d 50 02 + 00 00 mov rcx, QWORD PTR _Ostr$[rbp] + 00029 48 03 c8 add rcx, rax + 0002c 48 8b c1 mov rax, rcx + 0002f 48 89 85 08 02 + 00 00 mov QWORD PTR tv266[rbp], rax + 00036 41 b0 01 mov r8b, 1 + 00039 ba 04 00 00 00 mov edx, 4 + 0003e 48 8b 8d 08 02 + 00 00 mov rcx, QWORD PTR tv266[rbp] + 00045 ff 15 00 00 00 + 00 call QWORD PTR __imp_?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAAXH_N@Z + 0004b 90 npad 1 + 0004c 48 8d 05 00 00 + 00 00 lea rax, $LN21@catch$1 + 00053 48 83 c4 28 add rsp, 40 ; 00000028H + 00057 5f pop rdi + 00058 5d pop rbp + 00059 c3 ret 0 + 0005a cc int 3 +?catch$1@?0???$?6U?$char_traits@D@std@@@std@@YAAEAV?$basic_ostream@DU?$char_traits@D@std@@@0@AEAV10@D@Z@4HA ENDP ; `std::operator<< >'::`1'::catch$1 +text$x ENDS +; Function compile flags: /Odtp /RTCsu /ZI +; COMDAT text$x +text$x SEGMENT +_State$ = 4 +_Ok$ = 40 +_Pad$4 = 88 +$T5 = 308 +$T6 = 340 +$T7 = 372 +$T8 = 404 +$T9 = 436 +$T10 = 468 +$T11 = 504 +tv65 = 516 +tv305 = 520 +tv303 = 520 +tv300 = 520 +tv295 = 520 +tv281 = 520 +tv266 = 520 +tv130 = 520 +tv245 = 528 +tv204 = 528 +tv179 = 528 +tv306 = 536 +tv304 = 536 +tv301 = 536 +tv243 = 537 +tv177 = 537 +tv307 = 540 +tv302 = 540 +__$ArrayPad$ = 544 +_Ostr$ = 592 +_Ch$ = 600 +?dtor$0@?0???$?6U?$char_traits@D@std@@@std@@YAAEAV?$basic_ostream@DU?$char_traits@D@std@@@0@AEAV10@D@Z@4HA PROC ; `std::operator<< >'::`1'::dtor$0 + 00000 48 89 4c 24 08 mov QWORD PTR [rsp+8], rcx + 00005 48 89 54 24 10 mov QWORD PTR [rsp+16], rdx + 0000a 55 push rbp + 0000b 57 push rdi + 0000c 48 83 ec 28 sub rsp, 40 ; 00000028H + 00010 48 8d 6a 20 lea rbp, QWORD PTR [rdx+32] + 00014 48 8d 4d 28 lea rcx, QWORD PTR _Ok$[rbp] + 00018 e8 00 00 00 00 call ??1sentry@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAA@XZ ; std::basic_ostream >::sentry::~sentry + 0001d 48 83 c4 28 add rsp, 40 ; 00000028H + 00021 5f pop rdi + 00022 5d pop rbp + 00023 c3 ret 0 +?dtor$0@?0???$?6U?$char_traits@D@std@@@std@@YAAEAV?$basic_ostream@DU?$char_traits@D@std@@@0@AEAV10@D@Z@4HA ENDP ; `std::operator<< >'::`1'::dtor$0 +text$x ENDS +; Function compile flags: /Odtp /RTCsu /ZI +; COMDAT text$x +text$x SEGMENT +_State$ = 4 +_Ok$ = 40 +_Pad$4 = 88 +$T5 = 308 +$T6 = 340 +$T7 = 372 +$T8 = 404 +$T9 = 436 +$T10 = 468 +$T11 = 504 +tv65 = 516 +tv305 = 520 +tv303 = 520 +tv300 = 520 +tv295 = 520 +tv281 = 520 +tv266 = 520 +tv130 = 520 +tv245 = 528 +tv204 = 528 +tv179 = 528 +tv306 = 536 +tv304 = 536 +tv301 = 536 +tv243 = 537 +tv177 = 537 +tv307 = 540 +tv302 = 540 +__$ArrayPad$ = 544 +_Ostr$ = 592 +_Ch$ = 600 +?catch$1@?0???$?6U?$char_traits@D@std@@@std@@YAAEAV?$basic_ostream@DU?$char_traits@D@std@@@0@AEAV10@D@Z@4HA PROC ; `std::operator<< >'::`1'::catch$1 + +; 808 : _CATCH_IO_(ios_base, _Ostr) + + 00000 48 89 4c 24 08 mov QWORD PTR [rsp+8], rcx + 00005 48 89 54 24 10 mov QWORD PTR [rsp+16], rdx + 0000a 55 push rbp + 0000b 57 push rdi + 0000c 48 83 ec 28 sub rsp, 40 ; 00000028H + 00010 48 8d 6a 20 lea rbp, QWORD PTR [rdx+32] +__catch$??$?6U?$char_traits@D@std@@@std@@YAAEAV?$basic_ostream@DU?$char_traits@D@std@@@0@AEAV10@D@Z$0: + 00014 48 8b 85 50 02 + 00 00 mov rax, QWORD PTR _Ostr$[rbp] + 0001b 48 8b 00 mov rax, QWORD PTR [rax] + 0001e 48 63 40 04 movsxd rax, DWORD PTR [rax+4] + 00022 48 8b 8d 50 02 + 00 00 mov rcx, QWORD PTR _Ostr$[rbp] + 00029 48 03 c8 add rcx, rax + 0002c 48 8b c1 mov rax, rcx + 0002f 48 89 85 08 02 + 00 00 mov QWORD PTR tv266[rbp], rax + 00036 41 b0 01 mov r8b, 1 + 00039 ba 04 00 00 00 mov edx, 4 + 0003e 48 8b 8d 08 02 + 00 00 mov rcx, QWORD PTR tv266[rbp] + 00045 ff 15 00 00 00 + 00 call QWORD PTR __imp_?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAAXH_N@Z + 0004b 90 npad 1 + 0004c 48 8d 05 00 00 + 00 00 lea rax, $LN21@catch$1 + 00053 48 83 c4 28 add rsp, 40 ; 00000028H + 00057 5f pop rdi + 00058 5d pop rbp + 00059 c3 ret 0 + 0005a cc int 3 +?catch$1@?0???$?6U?$char_traits@D@std@@@std@@YAAEAV?$basic_ostream@DU?$char_traits@D@std@@@0@AEAV10@D@Z@4HA ENDP ; `std::operator<< >'::`1'::catch$1 +text$x ENDS +; Function compile flags: /Odtp /RTCsu /ZI +; File C:\$Fanta\code-virtualizer\CodeVirtualizer\Main.cpp +; COMDAT main +_TEXT SEGMENT +Block$ = 8 +NewLink$ = 88 +AssembledSize$ = 116 +AssembledBlock$ = 152 +Tb$ = 184 +i$5 = 212 +$T6 = 440 +$T7 = 472 +$T8 = 500 +$T9 = 532 +$T10 = 568 +tv152 = 600 +tv88 = 600 +tv154 = 608 +tv157 = 616 +tv159 = 624 +tv170 = 632 +tv168 = 640 +__$ArrayPad$ = 648 +main PROC ; COMDAT + +; 43 : { + +$LN14: + 00000 40 55 push rbp + 00002 57 push rdi + 00003 48 81 ec b8 02 + 00 00 sub rsp, 696 ; 000002b8H + 0000a 48 8d 6c 24 20 lea rbp, QWORD PTR [rsp+32] + 0000f 48 8b fc mov rdi, rsp + 00012 b9 ae 00 00 00 mov ecx, 174 ; 000000aeH + 00017 b8 cc cc cc cc mov eax, -858993460 ; ccccccccH + 0001c f3 ab rep stosd + 0001e 48 8b 05 00 00 + 00 00 mov rax, QWORD PTR __security_cookie + 00025 48 33 c5 xor rax, rbp + 00028 48 89 85 88 02 + 00 00 mov QWORD PTR __$ArrayPad$[rbp], rax + 0002f 48 8d 0d 00 00 + 00 00 lea rcx, OFFSET FLAT:__4031338C_Main@cpp + 00036 e8 00 00 00 00 call __CheckForDebuggerJustMyCode + +; 44 : XedTablesInit(); + + 0003b e8 00 00 00 00 call xed_tables_init + +; 45 : srand(time(NULL)); + + 00040 33 c9 xor ecx, ecx + 00042 e8 00 00 00 00 call time + 00047 8b c8 mov ecx, eax + 00049 ff 15 00 00 00 + 00 call QWORD PTR __imp_srand + +; 46 : +; 47 : +; 48 : NATIVE_CODE_BLOCK Block; + + 0004f 48 8d 4d 08 lea rcx, QWORD PTR Block$[rbp] + 00053 e8 00 00 00 00 call ??0_NATIVE_CODE_BLOCK@@QEAA@XZ ; _NATIVE_CODE_BLOCK::_NATIVE_CODE_BLOCK + 00058 90 npad 1 + +; 49 : NcDisassemble(&Block, TestBuffer, TestBufferSize); + + 00059 44 8b 05 00 00 + 00 00 mov r8d, DWORD PTR ?TestBufferSize@@3KA ; TestBufferSize + 00060 48 8d 15 00 00 + 00 00 lea rdx, OFFSET FLAT:?TestBuffer@@3PAEA ; TestBuffer + 00067 48 8d 4d 08 lea rcx, QWORD PTR Block$[rbp] + 0006b e8 00 00 00 00 call ?NcDisassemble@@YAHPEAU_NATIVE_CODE_BLOCK@@PEAXK@Z ; NcDisassemble + +; 50 : PNATIVE_CODE_LINK NewLink = new NATIVE_CODE_LINK(CODE_FLAG_IS_INST, meme1, sizeof(meme1)); + + 00070 b9 f0 00 00 00 mov ecx, 240 ; 000000f0H + 00075 e8 00 00 00 00 call ??2@YAPEAX_K@Z ; operator new + 0007a 48 89 85 d8 01 + 00 00 mov QWORD PTR $T7[rbp], rax + 00081 48 83 bd d8 01 + 00 00 00 cmp QWORD PTR $T7[rbp], 0 + 00089 74 27 je SHORT $LN8@main + 0008b 41 b9 02 00 00 + 00 mov r9d, 2 + 00091 4c 8d 05 00 00 + 00 00 lea r8, OFFSET FLAT:?meme1@@3PAEA ; meme1 + 00098 ba 04 00 00 00 mov edx, 4 + 0009d 48 8b 8d d8 01 + 00 00 mov rcx, QWORD PTR $T7[rbp] + 000a4 e8 00 00 00 00 call ??0_NATIVE_CODE_LINK@@QEAA@KPEAXK@Z ; _NATIVE_CODE_LINK::_NATIVE_CODE_LINK + 000a9 48 89 85 58 02 + 00 00 mov QWORD PTR tv88[rbp], rax + 000b0 eb 0b jmp SHORT $LN9@main +$LN8@main: + 000b2 48 c7 85 58 02 + 00 00 00 00 00 + 00 mov QWORD PTR tv88[rbp], 0 +$LN9@main: + 000bd 48 8b 85 58 02 + 00 00 mov rax, QWORD PTR tv88[rbp] + 000c4 48 89 85 b8 01 + 00 00 mov QWORD PTR $T6[rbp], rax + 000cb 48 8b 85 b8 01 + 00 00 mov rax, QWORD PTR $T6[rbp] + 000d2 48 89 45 58 mov QWORD PTR NewLink$[rbp], rax + +; 51 : +; 52 : NcInsertLinkBefore(Block.End->Prev->Prev->Prev->Prev, NewLink); + + 000d6 48 8b 45 10 mov rax, QWORD PTR Block$[rbp+8] + 000da 48 8b 40 08 mov rax, QWORD PTR [rax+8] + 000de 48 8b 40 08 mov rax, QWORD PTR [rax+8] + 000e2 48 8b 40 08 mov rax, QWORD PTR [rax+8] + 000e6 48 8b 55 58 mov rdx, QWORD PTR NewLink$[rbp] + 000ea 48 8b 48 08 mov rcx, QWORD PTR [rax+8] + 000ee e8 00 00 00 00 call ?NcInsertLinkBefore@@YAXPEAU_NATIVE_CODE_LINK@@0@Z ; NcInsertLinkBefore + +; 53 : +; 54 : +; 55 : ULONG AssembledSize; +; 56 : PVOID AssembledBlock = NcAssemble(&Block, &AssembledSize); + + 000f3 48 8d 55 74 lea rdx, QWORD PTR AssembledSize$[rbp] + 000f7 48 8d 4d 08 lea rcx, QWORD PTR Block$[rbp] + 000fb e8 00 00 00 00 call ?NcAssemble@@YAPEAXPEAU_NATIVE_CODE_BLOCK@@PEAK@Z ; NcAssemble + 00100 48 89 85 98 00 + 00 00 mov QWORD PTR AssembledBlock$[rbp], rax + +; 57 : if (!AssembledBlock || !AssembledSize) + + 00107 48 83 bd 98 00 + 00 00 00 cmp QWORD PTR AssembledBlock$[rbp], 0 + 0010f 74 06 je SHORT $LN6@main + 00111 83 7d 74 00 cmp DWORD PTR AssembledSize$[rbp], 0 + 00115 75 37 jne SHORT $LN5@main +$LN6@main: + +; 58 : { +; 59 : printf("Something failed nicka.\n"); + + 00117 48 8d 0d 00 00 + 00 00 lea rcx, OFFSET FLAT:??_C@_0BJ@LHKOPLNN@Something?5failed?5nicka?4?6@ + 0011e e8 00 00 00 00 call printf + +; 60 : system("pause"); + + 00123 48 8d 0d 00 00 + 00 00 lea rcx, OFFSET FLAT:??_C@_05PDJBBECF@pause@ + 0012a ff 15 00 00 00 + 00 call QWORD PTR __imp_system + +; 61 : return -1; + + 00130 c7 85 f4 01 00 + 00 ff ff ff ff mov DWORD PTR $T8[rbp], -1 + 0013a 48 8d 4d 08 lea rcx, QWORD PTR Block$[rbp] + 0013e e8 00 00 00 00 call ??1_NATIVE_CODE_BLOCK@@QEAA@XZ + 00143 8b 85 f4 01 00 + 00 mov eax, DWORD PTR $T8[rbp] + 00149 e9 09 01 00 00 jmp $LN12@main +$LN5@main: + +; 62 : } +; 63 : PUCHAR Tb = (PUCHAR)AssembledBlock; + + 0014e 48 8b 85 98 00 + 00 00 mov rax, QWORD PTR AssembledBlock$[rbp] + 00155 48 89 85 b8 00 + 00 00 mov QWORD PTR Tb$[rbp], rax + +; 64 : for (uint32_t i = 0; i < AssembledSize; i++) + + 0015c c7 85 d4 00 00 + 00 00 00 00 00 mov DWORD PTR i$5[rbp], 0 + 00166 eb 0e jmp SHORT $LN4@main +$LN2@main: + 00168 8b 85 d4 00 00 + 00 mov eax, DWORD PTR i$5[rbp] + 0016e ff c0 inc eax + 00170 89 85 d4 00 00 + 00 mov DWORD PTR i$5[rbp], eax +$LN4@main: + 00176 8b 45 74 mov eax, DWORD PTR AssembledSize$[rbp] + 00179 39 85 d4 00 00 + 00 cmp DWORD PTR i$5[rbp], eax + 0017f 0f 83 b5 00 00 + 00 jae $LN3@main + +; 65 : { +; 66 : std::cout << std::hex << std::setw(2) << std::setfill('0') << (int)Tb[i] << ' '; + + 00185 48 8d 15 00 00 + 00 00 lea rdx, OFFSET FLAT:?hex@std@@YAAEAVios_base@1@AEAV21@@Z ; std::hex + 0018c 48 8b 0d 00 00 + 00 00 mov rcx, QWORD PTR __imp_?cout@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A + 00193 ff 15 00 00 00 + 00 call QWORD PTR __imp_??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@P6AAEAVios_base@1@AEAV21@@Z@Z + 00199 48 89 85 58 02 + 00 00 mov QWORD PTR tv152[rbp], rax + 001a0 ba 02 00 00 00 mov edx, 2 + 001a5 48 8d 8d 38 02 + 00 00 lea rcx, QWORD PTR $T10[rbp] + 001ac e8 00 00 00 00 call ?setw@std@@YA?AU?$_Smanip@_J@1@_J@Z ; std::setw + 001b1 48 89 85 60 02 + 00 00 mov QWORD PTR tv154[rbp], rax + 001b8 48 8b 95 60 02 + 00 00 mov rdx, QWORD PTR tv154[rbp] + 001bf 48 8b 8d 58 02 + 00 00 mov rcx, QWORD PTR tv152[rbp] + 001c6 e8 00 00 00 00 call ??$?6DU?$char_traits@D@std@@_J@std@@YAAEAV?$basic_ostream@DU?$char_traits@D@std@@@0@AEAV10@AEBU?$_Smanip@_J@0@@Z ; std::operator<<,__int64> + 001cb 48 89 85 68 02 + 00 00 mov QWORD PTR tv157[rbp], rax + 001d2 b2 30 mov dl, 48 ; 00000030H + 001d4 48 8d 8d 14 02 + 00 00 lea rcx, QWORD PTR $T9[rbp] + 001db e8 00 00 00 00 call ??$setfill@D@std@@YA?AU?$_Fillobj@D@0@D@Z ; std::setfill + 001e0 48 89 85 70 02 + 00 00 mov QWORD PTR tv159[rbp], rax + 001e7 48 8b 95 70 02 + 00 00 mov rdx, QWORD PTR tv159[rbp] + 001ee 48 8b 8d 68 02 + 00 00 mov rcx, QWORD PTR tv157[rbp] + 001f5 e8 00 00 00 00 call ??$?6DU?$char_traits@D@std@@D@std@@YAAEAV?$basic_ostream@DU?$char_traits@D@std@@@0@AEAV10@AEBU?$_Fillobj@D@0@@Z ; std::operator<<,char> + 001fa 48 89 85 78 02 + 00 00 mov QWORD PTR tv170[rbp], rax + 00201 8b 85 d4 00 00 + 00 mov eax, DWORD PTR i$5[rbp] + 00207 48 8b 8d b8 00 + 00 00 mov rcx, QWORD PTR Tb$[rbp] + 0020e 0f b6 04 01 movzx eax, BYTE PTR [rcx+rax] + 00212 89 85 80 02 00 + 00 mov DWORD PTR tv168[rbp], eax + 00218 8b 95 80 02 00 + 00 mov edx, DWORD PTR tv168[rbp] + 0021e 48 8b 8d 78 02 + 00 00 mov rcx, QWORD PTR tv170[rbp] + 00225 ff 15 00 00 00 + 00 call QWORD PTR __imp_??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@H@Z + 0022b b2 20 mov dl, 32 ; 00000020H + 0022d 48 8b c8 mov rcx, rax + 00230 e8 00 00 00 00 call ??$?6U?$char_traits@D@std@@@std@@YAAEAV?$basic_ostream@DU?$char_traits@D@std@@@0@AEAV10@D@Z ; std::operator<< > + +; 67 : } + + 00235 e9 2e ff ff ff jmp $LN2@main +$LN3@main: + +; 68 : +; 69 : +; 70 : //PNATIVE_CODE_BLOCK OpaqueBranch = ObfGenOpaqueBranch(Block.Start, Block.End); +; 71 : //NcDebugPrint(OpaqueBranch); +; 72 : system("pause"); + + 0023a 48 8d 0d 00 00 + 00 00 lea rcx, OFFSET FLAT:??_C@_05PDJBBECF@pause@ + 00241 ff 15 00 00 00 + 00 call QWORD PTR __imp_system + 00247 90 npad 1 + +; 73 : +; 74 : +; 75 : +; 76 : +; 77 : /*NATIVE_CODE_LINK T; +; 78 : T.RawDataSize = 10; +; 79 : T.RawData = new UCHAR[10]; +; 80 : memset(T.RawData, 0xAA, 10); +; 81 : JIT_BITWISE_DATA Data; +; 82 : RtlSecureZeroMemory(&Data, sizeof(JIT_BITWISE_DATA)); +; 83 : PNATIVE_CODE_BLOCK NewBlock = JitEmitPreRipMov(&T); +; 84 : if (NewBlock) +; 85 : { +; 86 : printf("\n"); +; 87 : NcDebugPrint(NewBlock); +; 88 : printf("\n"); +; 89 : NcPrintBlockCode(NewBlock); +; 90 : } +; 91 : system("pause");*/ +; 92 : +; 93 : } + + 00248 48 8d 4d 08 lea rcx, QWORD PTR Block$[rbp] + 0024c e8 00 00 00 00 call ??1_NATIVE_CODE_BLOCK@@QEAA@XZ + 00251 eb 02 jmp SHORT $LN13@main + 00253 eb 02 jmp SHORT $LN12@main +$LN13@main: + 00255 33 c0 xor eax, eax +$LN12@main: + 00257 48 8b f8 mov rdi, rax + 0025a 48 8d 4d e0 lea rcx, QWORD PTR [rbp-32] + 0025e 48 8d 15 00 00 + 00 00 lea rdx, OFFSET FLAT:main$rtcFrameData + 00265 e8 00 00 00 00 call _RTC_CheckStackVars + 0026a 48 8b c7 mov rax, rdi + 0026d 48 8b 8d 88 02 + 00 00 mov rcx, QWORD PTR __$ArrayPad$[rbp] + 00274 48 33 cd xor rcx, rbp + 00277 e8 00 00 00 00 call __security_check_cookie + 0027c 48 8d a5 98 02 + 00 00 lea rsp, QWORD PTR [rbp+664] + 00283 5f pop rdi + 00284 5d pop rbp + 00285 c3 ret 0 +main ENDP +_TEXT ENDS +; COMDAT text$x +text$x SEGMENT +Block$ = 8 +NewLink$ = 88 +AssembledSize$ = 116 +AssembledBlock$ = 152 +Tb$ = 184 +i$5 = 212 +$T6 = 440 +$T7 = 472 +$T8 = 500 +$T9 = 532 +$T10 = 568 +tv152 = 600 +tv88 = 600 +tv154 = 608 +tv157 = 616 +tv159 = 624 +tv170 = 632 +tv168 = 640 +__$ArrayPad$ = 648 +main$dtor$0 PROC + 00000 48 89 4c 24 08 mov QWORD PTR [rsp+8], rcx + 00005 48 89 54 24 10 mov QWORD PTR [rsp+16], rdx + 0000a 55 push rbp + 0000b 57 push rdi + 0000c 48 83 ec 28 sub rsp, 40 ; 00000028H + 00010 48 8d 6a 20 lea rbp, QWORD PTR [rdx+32] + 00014 48 8d 4d 08 lea rcx, QWORD PTR Block$[rbp] + 00018 e8 00 00 00 00 call ??1_NATIVE_CODE_BLOCK@@QEAA@XZ + 0001d 48 83 c4 28 add rsp, 40 ; 00000028H + 00021 5f pop rdi + 00022 5d pop rbp + 00023 c3 ret 0 +main$dtor$0 ENDP +text$x ENDS +; COMDAT text$x +text$x SEGMENT +Block$ = 8 +NewLink$ = 88 +AssembledSize$ = 116 +AssembledBlock$ = 152 +Tb$ = 184 +i$5 = 212 +$T6 = 440 +$T7 = 472 +$T8 = 500 +$T9 = 532 +$T10 = 568 +tv152 = 600 +tv88 = 600 +tv154 = 608 +tv157 = 616 +tv159 = 624 +tv170 = 632 +tv168 = 640 +__$ArrayPad$ = 648 +main$dtor$1 PROC + 00000 48 89 4c 24 08 mov QWORD PTR [rsp+8], rcx + 00005 48 89 54 24 10 mov QWORD PTR [rsp+16], rdx + 0000a 55 push rbp + 0000b 57 push rdi + 0000c 48 83 ec 28 sub rsp, 40 ; 00000028H + 00010 48 8d 6a 20 lea rbp, QWORD PTR [rdx+32] + 00014 ba f0 00 00 00 mov edx, 240 ; 000000f0H + 00019 48 8b 8d d8 01 + 00 00 mov rcx, QWORD PTR $T7[rbp] + 00020 e8 00 00 00 00 call ??3@YAXPEAX_K@Z ; operator delete + 00025 48 83 c4 28 add rsp, 40 ; 00000028H + 00029 5f pop rdi + 0002a 5d pop rbp + 0002b c3 ret 0 +main$dtor$1 ENDP +text$x ENDS +; Function compile flags: /Odtp /RTCsu /ZI +; COMDAT text$x +text$x SEGMENT +Block$ = 8 +NewLink$ = 88 +AssembledSize$ = 116 +AssembledBlock$ = 152 +Tb$ = 184 +i$5 = 212 +$T6 = 440 +$T7 = 472 +$T8 = 500 +$T9 = 532 +$T10 = 568 +tv152 = 600 +tv88 = 600 +tv154 = 608 +tv157 = 616 +tv159 = 624 +tv170 = 632 +tv168 = 640 +__$ArrayPad$ = 648 +main$dtor$0 PROC + 00000 48 89 4c 24 08 mov QWORD PTR [rsp+8], rcx + 00005 48 89 54 24 10 mov QWORD PTR [rsp+16], rdx + 0000a 55 push rbp + 0000b 57 push rdi + 0000c 48 83 ec 28 sub rsp, 40 ; 00000028H + 00010 48 8d 6a 20 lea rbp, QWORD PTR [rdx+32] + 00014 48 8d 4d 08 lea rcx, QWORD PTR Block$[rbp] + 00018 e8 00 00 00 00 call ??1_NATIVE_CODE_BLOCK@@QEAA@XZ + 0001d 48 83 c4 28 add rsp, 40 ; 00000028H + 00021 5f pop rdi + 00022 5d pop rbp + 00023 c3 ret 0 +main$dtor$0 ENDP +text$x ENDS +; Function compile flags: /Odtp /RTCsu /ZI +; COMDAT text$x +text$x SEGMENT +Block$ = 8 +NewLink$ = 88 +AssembledSize$ = 116 +AssembledBlock$ = 152 +Tb$ = 184 +i$5 = 212 +$T6 = 440 +$T7 = 472 +$T8 = 500 +$T9 = 532 +$T10 = 568 +tv152 = 600 +tv88 = 600 +tv154 = 608 +tv157 = 616 +tv159 = 624 +tv170 = 632 +tv168 = 640 +__$ArrayPad$ = 648 +main$dtor$1 PROC + 00000 48 89 4c 24 08 mov QWORD PTR [rsp+8], rcx + 00005 48 89 54 24 10 mov QWORD PTR [rsp+16], rdx + 0000a 55 push rbp + 0000b 57 push rdi + 0000c 48 83 ec 28 sub rsp, 40 ; 00000028H + 00010 48 8d 6a 20 lea rbp, QWORD PTR [rdx+32] + 00014 ba f0 00 00 00 mov edx, 240 ; 000000f0H + 00019 48 8b 8d d8 01 + 00 00 mov rcx, QWORD PTR $T7[rbp] + 00020 e8 00 00 00 00 call ??3@YAXPEAX_K@Z ; operator delete + 00025 48 83 c4 28 add rsp, 40 ; 00000028H + 00029 5f pop rdi + 0002a 5d pop rbp + 0002b c3 ret 0 +main$dtor$1 ENDP +text$x ENDS +; Function compile flags: /Odtp /RTCsu /ZI +; File C:\$Fanta\code-virtualizer\CodeVirtualizer\Main.cpp +; COMDAT ?MakeExecutableBuffer@@YAPEAXPEAXK@Z +_TEXT SEGMENT +ExecBuffer$ = 8 +Buffer$ = 256 +BufferSize$ = 264 +?MakeExecutableBuffer@@YAPEAXPEAXK@Z PROC ; MakeExecutableBuffer, COMDAT + +; 14 : { + +$LN4: + 00000 89 54 24 10 mov DWORD PTR [rsp+16], edx + 00004 48 89 4c 24 08 mov QWORD PTR [rsp+8], rcx + 00009 55 push rbp + 0000a 57 push rdi + 0000b 48 81 ec 08 01 + 00 00 sub rsp, 264 ; 00000108H + 00012 48 8d 6c 24 20 lea rbp, QWORD PTR [rsp+32] + 00017 48 8b fc mov rdi, rsp + 0001a b9 42 00 00 00 mov ecx, 66 ; 00000042H + 0001f b8 cc cc cc cc mov eax, -858993460 ; ccccccccH + 00024 f3 ab rep stosd + 00026 48 8b 8c 24 28 + 01 00 00 mov rcx, QWORD PTR [rsp+296] + 0002e 48 8d 0d 00 00 + 00 00 lea rcx, OFFSET FLAT:__4031338C_Main@cpp + 00035 e8 00 00 00 00 call __CheckForDebuggerJustMyCode + +; 15 : PVOID ExecBuffer = VirtualAlloc(nullptr, BufferSize, MEM_COMMIT, PAGE_EXECUTE_READWRITE); + + 0003a 8b 85 08 01 00 + 00 mov eax, DWORD PTR BufferSize$[rbp] + 00040 41 b9 40 00 00 + 00 mov r9d, 64 ; 00000040H + 00046 41 b8 00 10 00 + 00 mov r8d, 4096 ; 00001000H + 0004c 8b d0 mov edx, eax + 0004e 33 c9 xor ecx, ecx + 00050 ff 15 00 00 00 + 00 call QWORD PTR __imp_VirtualAlloc + 00056 48 89 45 08 mov QWORD PTR ExecBuffer$[rbp], rax + +; 16 : if (!ExecBuffer) + + 0005a 48 83 7d 08 00 cmp QWORD PTR ExecBuffer$[rbp], 0 + 0005f 75 04 jne SHORT $LN2@MakeExecut + +; 17 : return NULL; + + 00061 33 c0 xor eax, eax + 00063 eb 19 jmp SHORT $LN1@MakeExecut +$LN2@MakeExecut: + +; 18 : RtlCopyMemory(ExecBuffer, Buffer, BufferSize); + + 00065 8b 85 08 01 00 + 00 mov eax, DWORD PTR BufferSize$[rbp] + 0006b 44 8b c0 mov r8d, eax + 0006e 48 8b 95 00 01 + 00 00 mov rdx, QWORD PTR Buffer$[rbp] + 00075 48 8b 4d 08 mov rcx, QWORD PTR ExecBuffer$[rbp] + 00079 e8 00 00 00 00 call memcpy +$LN1@MakeExecut: + +; 19 : } + + 0007e 48 8d a5 e8 00 + 00 00 lea rsp, QWORD PTR [rbp+232] + 00085 5f pop rdi + 00086 5d pop rbp + 00087 c3 ret 0 +?MakeExecutableBuffer@@YAPEAXPEAXK@Z ENDP ; MakeExecutableBuffer +_TEXT ENDS +; Function compile flags: /Odtp /RTCsu /ZI +; COMDAT ??1_NATIVE_CODE_BLOCK@@QEAA@XZ +_TEXT SEGMENT +this$ = 224 +??1_NATIVE_CODE_BLOCK@@QEAA@XZ PROC ; _NATIVE_CODE_BLOCK::~_NATIVE_CODE_BLOCK, COMDAT +$LN3: + 00000 48 89 4c 24 08 mov QWORD PTR [rsp+8], rcx + 00005 55 push rbp + 00006 57 push rdi + 00007 48 81 ec e8 00 + 00 00 sub rsp, 232 ; 000000e8H + 0000e 48 8d 6c 24 20 lea rbp, QWORD PTR [rsp+32] + 00013 48 8b fc mov rdi, rsp + 00016 b9 3a 00 00 00 mov ecx, 58 ; 0000003aH + 0001b b8 cc cc cc cc mov eax, -858993460 ; ccccccccH + 00020 f3 ab rep stosd + 00022 48 8b 8c 24 08 + 01 00 00 mov rcx, QWORD PTR [rsp+264] + 0002a 48 8b 85 e0 00 + 00 00 mov rax, QWORD PTR this$[rbp] + 00031 48 83 c0 10 add rax, 16 + 00035 48 8b c8 mov rcx, rax + 00038 e8 00 00 00 00 call ??1?$vector@KV?$allocator@K@std@@@std@@QEAA@XZ ; std::vector >::~vector > + 0003d 48 8d a5 c8 00 + 00 00 lea rsp, QWORD PTR [rbp+200] + 00044 5f pop rdi + 00045 5d pop rbp + 00046 c3 ret 0 +??1_NATIVE_CODE_BLOCK@@QEAA@XZ ENDP ; _NATIVE_CODE_BLOCK::~_NATIVE_CODE_BLOCK +_TEXT ENDS +; Function compile flags: /Odtp /RTCsu /ZI +; File C:\Program Files (x86)\Microsoft Visual Studio\2019\Community\VC\Tools\MSVC\14.27.29110\include\xmemory +; COMDAT ?_Get_first@?$_Compressed_pair@V?$allocator@K@std@@V?$_Vector_val@U?$_Simple_types@K@std@@@2@$00@std@@QEAAAEAV?$allocator@K@2@XZ +_TEXT SEGMENT +this$ = 224 +?_Get_first@?$_Compressed_pair@V?$allocator@K@std@@V?$_Vector_val@U?$_Simple_types@K@std@@@2@$00@std@@QEAAAEAV?$allocator@K@2@XZ PROC ; std::_Compressed_pair,std::_Vector_val >,1>::_Get_first, COMDAT + +; 1343 : constexpr _Ty1& _Get_first() noexcept { + +$LN3: + 00000 48 89 4c 24 08 mov QWORD PTR [rsp+8], rcx + 00005 55 push rbp + 00006 57 push rdi + 00007 48 81 ec e8 00 + 00 00 sub rsp, 232 ; 000000e8H + 0000e 48 8d 6c 24 20 lea rbp, QWORD PTR [rsp+32] + 00013 48 8b fc mov rdi, rsp + 00016 b9 3a 00 00 00 mov ecx, 58 ; 0000003aH + 0001b b8 cc cc cc cc mov eax, -858993460 ; ccccccccH + 00020 f3 ab rep stosd + 00022 48 8b 8c 24 08 + 01 00 00 mov rcx, QWORD PTR [rsp+264] + 0002a 48 8d 0d 00 00 + 00 00 lea rcx, OFFSET FLAT:__A58979FC_xmemory + 00031 e8 00 00 00 00 call __CheckForDebuggerJustMyCode + +; 1344 : return *this; + + 00036 48 8b 85 e0 00 + 00 00 mov rax, QWORD PTR this$[rbp] + +; 1345 : } + + 0003d 48 8d a5 c8 00 + 00 00 lea rsp, QWORD PTR [rbp+200] + 00044 5f pop rdi + 00045 5d pop rbp + 00046 c3 ret 0 +?_Get_first@?$_Compressed_pair@V?$allocator@K@std@@V?$_Vector_val@U?$_Simple_types@K@std@@@2@$00@std@@QEAAAEAV?$allocator@K@2@XZ ENDP ; std::_Compressed_pair,std::_Vector_val >,1>::_Get_first +_TEXT ENDS +; Function compile flags: /Odtp /RTCsu /ZI +; File C:\Program Files (x86)\Microsoft Visual Studio\2019\Community\VC\Tools\MSVC\14.27.29110\include\vector +; COMDAT ?_Getal@?$vector@KV?$allocator@K@std@@@std@@AEAAAEAV?$allocator@K@2@XZ +_TEXT SEGMENT +this$ = 224 +?_Getal@?$vector@KV?$allocator@K@std@@@std@@AEAAAEAV?$allocator@K@2@XZ PROC ; std::vector >::_Getal, COMDAT + +; 1731 : _Alty& _Getal() noexcept { + +$LN3: + 00000 48 89 4c 24 08 mov QWORD PTR [rsp+8], rcx + 00005 55 push rbp + 00006 57 push rdi + 00007 48 81 ec e8 00 + 00 00 sub rsp, 232 ; 000000e8H + 0000e 48 8d 6c 24 20 lea rbp, QWORD PTR [rsp+32] + 00013 48 8b fc mov rdi, rsp + 00016 b9 3a 00 00 00 mov ecx, 58 ; 0000003aH + 0001b b8 cc cc cc cc mov eax, -858993460 ; ccccccccH + 00020 f3 ab rep stosd + 00022 48 8b 8c 24 08 + 01 00 00 mov rcx, QWORD PTR [rsp+264] + 0002a 48 8d 0d 00 00 + 00 00 lea rcx, OFFSET FLAT:__BF2A7ACC_vector + 00031 e8 00 00 00 00 call __CheckForDebuggerJustMyCode + +; 1732 : return _Mypair._Get_first(); + + 00036 48 8b 85 e0 00 + 00 00 mov rax, QWORD PTR this$[rbp] + 0003d 48 8b c8 mov rcx, rax + 00040 e8 00 00 00 00 call ?_Get_first@?$_Compressed_pair@V?$allocator@K@std@@V?$_Vector_val@U?$_Simple_types@K@std@@@2@$00@std@@QEAAAEAV?$allocator@K@2@XZ ; std::_Compressed_pair,std::_Vector_val >,1>::_Get_first + 00045 90 npad 1 + +; 1733 : } + + 00046 48 8d a5 c8 00 + 00 00 lea rsp, QWORD PTR [rbp+200] + 0004d 5f pop rdi + 0004e 5d pop rbp + 0004f c3 ret 0 +?_Getal@?$vector@KV?$allocator@K@std@@@std@@AEAAAEAV?$allocator@K@2@XZ ENDP ; std::vector >::_Getal +_TEXT ENDS +; Function compile flags: /Odtp /RTCsu /ZI +; File C:\Program Files (x86)\Microsoft Visual Studio\2019\Community\VC\Tools\MSVC\14.27.29110\include\vector +; COMDAT ?_Tidy@?$vector@KV?$allocator@K@std@@@std@@AEAAXXZ +_TEXT SEGMENT +_My_data$ = 8 +_Myfirst$ = 40 +_Mylast$ = 72 +_Myend$ = 104 +tv90 = 312 +tv88 = 320 +tv86 = 328 +this$ = 368 +?_Tidy@?$vector@KV?$allocator@K@std@@@std@@AEAAXXZ PROC ; std::vector >::_Tidy, COMDAT + +; 1685 : void _Tidy() noexcept { // free all storage + +$LN4: + 00000 48 89 4c 24 08 mov QWORD PTR [rsp+8], rcx + 00005 55 push rbp + 00006 57 push rdi + 00007 48 81 ec 78 01 + 00 00 sub rsp, 376 ; 00000178H + 0000e 48 8d 6c 24 20 lea rbp, QWORD PTR [rsp+32] + 00013 48 8b fc mov rdi, rsp + 00016 b9 5e 00 00 00 mov ecx, 94 ; 0000005eH + 0001b b8 cc cc cc cc mov eax, -858993460 ; ccccccccH + 00020 f3 ab rep stosd + 00022 48 8b 8c 24 98 + 01 00 00 mov rcx, QWORD PTR [rsp+408] + 0002a 48 8d 0d 00 00 + 00 00 lea rcx, OFFSET FLAT:__BF2A7ACC_vector + 00031 e8 00 00 00 00 call __CheckForDebuggerJustMyCode + +; 1686 : auto& _My_data = _Mypair._Myval2; + + 00036 48 8b 85 70 01 + 00 00 mov rax, QWORD PTR this$[rbp] + 0003d 48 89 45 08 mov QWORD PTR _My_data$[rbp], rax + +; 1687 : pointer& _Myfirst = _My_data._Myfirst; + + 00041 48 8b 45 08 mov rax, QWORD PTR _My_data$[rbp] + 00045 48 83 c0 08 add rax, 8 + 00049 48 89 45 28 mov QWORD PTR _Myfirst$[rbp], rax + +; 1688 : pointer& _Mylast = _My_data._Mylast; + + 0004d 48 8b 45 08 mov rax, QWORD PTR _My_data$[rbp] + 00051 48 83 c0 10 add rax, 16 + 00055 48 89 45 48 mov QWORD PTR _Mylast$[rbp], rax + +; 1689 : pointer& _Myend = _My_data._Myend; + + 00059 48 8b 45 08 mov rax, QWORD PTR _My_data$[rbp] + 0005d 48 83 c0 18 add rax, 24 + 00061 48 89 45 68 mov QWORD PTR _Myend$[rbp], rax + +; 1690 : +; 1691 : _My_data._Orphan_all(); + + 00065 48 8b 4d 08 mov rcx, QWORD PTR _My_data$[rbp] + 00069 e8 00 00 00 00 call ?_Orphan_all@_Container_base12@std@@QEAAXXZ ; std::_Container_base12::_Orphan_all + +; 1692 : +; 1693 : if (_Myfirst) { // destroy and deallocate old array + + 0006e 48 8b 45 28 mov rax, QWORD PTR _Myfirst$[rbp] + 00072 48 83 38 00 cmp QWORD PTR [rax], 0 + 00076 0f 84 92 00 00 + 00 je $LN2@Tidy + +; 1694 : _Destroy(_Myfirst, _Mylast); + + 0007c 48 8b 45 48 mov rax, QWORD PTR _Mylast$[rbp] + 00080 4c 8b 00 mov r8, QWORD PTR [rax] + 00083 48 8b 45 28 mov rax, QWORD PTR _Myfirst$[rbp] + 00087 48 8b 10 mov rdx, QWORD PTR [rax] + 0008a 48 8b 8d 70 01 + 00 00 mov rcx, QWORD PTR this$[rbp] + 00091 e8 00 00 00 00 call ?_Destroy@?$vector@KV?$allocator@K@std@@@std@@AEAAXPEAK0@Z ; std::vector >::_Destroy + +; 1695 : _Getal().deallocate(_Myfirst, static_cast(_Myend - _Myfirst)); + + 00096 48 8b 8d 70 01 + 00 00 mov rcx, QWORD PTR this$[rbp] + 0009d e8 00 00 00 00 call ?_Getal@?$vector@KV?$allocator@K@std@@@std@@AEAAAEAV?$allocator@K@2@XZ ; std::vector >::_Getal + 000a2 48 89 85 38 01 + 00 00 mov QWORD PTR tv90[rbp], rax + 000a9 48 8b 45 68 mov rax, QWORD PTR _Myend$[rbp] + 000ad 48 8b 4d 28 mov rcx, QWORD PTR _Myfirst$[rbp] + 000b1 48 8b 09 mov rcx, QWORD PTR [rcx] + 000b4 48 8b 00 mov rax, QWORD PTR [rax] + 000b7 48 2b c1 sub rax, rcx + 000ba 48 c1 f8 02 sar rax, 2 + 000be 48 89 85 40 01 + 00 00 mov QWORD PTR tv88[rbp], rax + 000c5 48 8b 45 28 mov rax, QWORD PTR _Myfirst$[rbp] + 000c9 48 8b 00 mov rax, QWORD PTR [rax] + 000cc 48 89 85 48 01 + 00 00 mov QWORD PTR tv86[rbp], rax + 000d3 4c 8b 85 40 01 + 00 00 mov r8, QWORD PTR tv88[rbp] + 000da 48 8b 95 48 01 + 00 00 mov rdx, QWORD PTR tv86[rbp] + 000e1 48 8b 8d 38 01 + 00 00 mov rcx, QWORD PTR tv90[rbp] + 000e8 e8 00 00 00 00 call ?deallocate@?$allocator@K@std@@QEAAXQEAK_K@Z ; std::allocator::deallocate + +; 1696 : +; 1697 : _Myfirst = pointer(); + + 000ed 48 8b 45 28 mov rax, QWORD PTR _Myfirst$[rbp] + 000f1 48 c7 00 00 00 + 00 00 mov QWORD PTR [rax], 0 + +; 1698 : _Mylast = pointer(); + + 000f8 48 8b 45 48 mov rax, QWORD PTR _Mylast$[rbp] + 000fc 48 c7 00 00 00 + 00 00 mov QWORD PTR [rax], 0 + +; 1699 : _Myend = pointer(); + + 00103 48 8b 45 68 mov rax, QWORD PTR _Myend$[rbp] + 00107 48 c7 00 00 00 + 00 00 mov QWORD PTR [rax], 0 +$LN2@Tidy: + +; 1700 : } +; 1701 : } + + 0010e 48 8d a5 58 01 + 00 00 lea rsp, QWORD PTR [rbp+344] + 00115 5f pop rdi + 00116 5d pop rbp + 00117 c3 ret 0 +?_Tidy@?$vector@KV?$allocator@K@std@@@std@@AEAAXXZ ENDP ; std::vector >::_Tidy +_TEXT ENDS +; Function compile flags: /Odtp /RTCsu /ZI +; File C:\Program Files (x86)\Microsoft Visual Studio\2019\Community\VC\Tools\MSVC\14.27.29110\include\vector +; COMDAT ?_Destroy@?$vector@KV?$allocator@K@std@@@std@@AEAAXPEAK0@Z +_TEXT SEGMENT +this$ = 224 +_First$ = 232 +_Last$ = 240 +?_Destroy@?$vector@KV?$allocator@K@std@@@std@@AEAAXPEAK0@Z PROC ; std::vector >::_Destroy, COMDAT + +; 1611 : void _Destroy(pointer _First, pointer _Last) { // destroy [_First, _Last) using allocator + +$LN3: + 00000 4c 89 44 24 18 mov QWORD PTR [rsp+24], r8 + 00005 48 89 54 24 10 mov QWORD PTR [rsp+16], rdx + 0000a 48 89 4c 24 08 mov QWORD PTR [rsp+8], rcx + 0000f 55 push rbp + 00010 57 push rdi + 00011 48 81 ec e8 00 + 00 00 sub rsp, 232 ; 000000e8H + 00018 48 8d 6c 24 20 lea rbp, QWORD PTR [rsp+32] + 0001d 48 8b fc mov rdi, rsp + 00020 b9 3a 00 00 00 mov ecx, 58 ; 0000003aH + 00025 b8 cc cc cc cc mov eax, -858993460 ; ccccccccH + 0002a f3 ab rep stosd + 0002c 48 8b 8c 24 08 + 01 00 00 mov rcx, QWORD PTR [rsp+264] + 00034 48 8d 0d 00 00 + 00 00 lea rcx, OFFSET FLAT:__BF2A7ACC_vector + 0003b e8 00 00 00 00 call __CheckForDebuggerJustMyCode -; 51 : PNATIVE_CODE_BLOCK NewBlock = JitEmitPreRipMov(&T); +; 1612 : _Destroy_range(_First, _Last, _Getal()); - 00092 33 d2 xor edx, edx - 00094 48 8d 4d 10 lea rcx, QWORD PTR T$[rbp] - 00098 e8 00 00 00 00 call ?JitEmitPreRipMov@@YAPEAU_NATIVE_CODE_BLOCK@@PEAU_NATIVE_CODE_LINK@@H@Z ; JitEmitPreRipMov - 0009d 48 89 85 48 01 - 00 00 mov QWORD PTR NewBlock$[rbp], rax + 00040 48 8b 8d e0 00 + 00 00 mov rcx, QWORD PTR this$[rbp] + 00047 e8 00 00 00 00 call ?_Getal@?$vector@KV?$allocator@K@std@@@std@@AEAAAEAV?$allocator@K@2@XZ ; std::vector >::_Getal + 0004c 4c 8b c0 mov r8, rax + 0004f 48 8b 95 f0 00 + 00 00 mov rdx, QWORD PTR _Last$[rbp] + 00056 48 8b 8d e8 00 + 00 00 mov rcx, QWORD PTR _First$[rbp] + 0005d e8 00 00 00 00 call ??$_Destroy_range@V?$allocator@K@std@@@std@@YAXPEAKQEAKAEAV?$allocator@K@0@@Z ; std::_Destroy_range > -; 52 : if (NewBlock) +; 1613 : } - 000a4 48 83 bd 48 01 - 00 00 00 cmp QWORD PTR NewBlock$[rbp], 0 - 000ac 74 30 je SHORT $LN2@main + 00062 48 8d a5 c8 00 + 00 00 lea rsp, QWORD PTR [rbp+200] + 00069 5f pop rdi + 0006a 5d pop rbp + 0006b c3 ret 0 +?_Destroy@?$vector@KV?$allocator@K@std@@@std@@AEAAXPEAK0@Z ENDP ; std::vector >::_Destroy +_TEXT ENDS +; Function compile flags: /Odtp /RTCsu /ZI +; File C:\Program Files (x86)\Microsoft Visual Studio\2019\Community\VC\Tools\MSVC\14.27.29110\include\vector +; COMDAT ??1?$vector@KV?$allocator@K@std@@@std@@QEAA@XZ +_TEXT SEGMENT +_Alproxy$ = 8 +$S1$ = 36 +$T4 = 260 +__$ArrayPad$ = 280 +this$ = 320 +??1?$vector@KV?$allocator@K@std@@@std@@QEAA@XZ PROC ; std::vector >::~vector >, COMDAT -; 53 : { -; 54 : printf("\n"); +; 672 : ~vector() noexcept { - 000ae 48 8d 0d 00 00 - 00 00 lea rcx, OFFSET FLAT:??_C@_01EEMJAFIK@?6@ - 000b5 e8 00 00 00 00 call printf +$LN3: + 00000 48 89 4c 24 08 mov QWORD PTR [rsp+8], rcx + 00005 55 push rbp + 00006 57 push rdi + 00007 48 81 ec 48 01 + 00 00 sub rsp, 328 ; 00000148H + 0000e 48 8d 6c 24 20 lea rbp, QWORD PTR [rsp+32] + 00013 48 8b fc mov rdi, rsp + 00016 b9 52 00 00 00 mov ecx, 82 ; 00000052H + 0001b b8 cc cc cc cc mov eax, -858993460 ; ccccccccH + 00020 f3 ab rep stosd + 00022 48 8b 8c 24 68 + 01 00 00 mov rcx, QWORD PTR [rsp+360] + 0002a 48 8b 05 00 00 + 00 00 mov rax, QWORD PTR __security_cookie + 00031 48 33 c5 xor rax, rbp + 00034 48 89 85 18 01 + 00 00 mov QWORD PTR __$ArrayPad$[rbp], rax + 0003b 48 8d 0d 00 00 + 00 00 lea rcx, OFFSET FLAT:__BF2A7ACC_vector + 00042 e8 00 00 00 00 call __CheckForDebuggerJustMyCode -; 55 : NcDebugPrint(NewBlock); +; 673 : _Tidy(); - 000ba 48 8b 8d 48 01 - 00 00 mov rcx, QWORD PTR NewBlock$[rbp] - 000c1 e8 00 00 00 00 call ?NcDebugPrint@@YAXPEAU_NATIVE_CODE_BLOCK@@@Z ; NcDebugPrint + 00047 48 8b 8d 40 01 + 00 00 mov rcx, QWORD PTR this$[rbp] + 0004e e8 00 00 00 00 call ?_Tidy@?$vector@KV?$allocator@K@std@@@std@@AEAAXXZ ; std::vector >::_Tidy -; 56 : printf("\n"); +; 674 : #if _ITERATOR_DEBUG_LEVEL != 0 +; 675 : auto&& _Alproxy = _GET_PROXY_ALLOCATOR(_Alty, _Getal()); - 000c6 48 8d 0d 00 00 - 00 00 lea rcx, OFFSET FLAT:??_C@_01EEMJAFIK@?6@ - 000cd e8 00 00 00 00 call printf + 00053 48 8b 8d 40 01 + 00 00 mov rcx, QWORD PTR this$[rbp] + 0005a e8 00 00 00 00 call ?_Getal@?$vector@KV?$allocator@K@std@@@std@@AEAAAEAV?$allocator@K@2@XZ ; std::vector >::_Getal + 0005f 48 8b d0 mov rdx, rax + 00062 48 8d 4d 24 lea rcx, QWORD PTR $S1$[rbp] + 00066 e8 00 00 00 00 call ??$?0K@?$allocator@U_Container_proxy@std@@@std@@QEAA@AEBV?$allocator@K@1@@Z ; std::allocator::allocator + 0006b 48 8d 45 24 lea rax, QWORD PTR $S1$[rbp] + 0006f 48 89 45 08 mov QWORD PTR _Alproxy$[rbp], rax + +; 676 : _Delete_plain_internal(_Alproxy, _STD exchange(_Mypair._Myval2._Myproxy, nullptr)); + + 00073 48 c7 85 04 01 + 00 00 00 00 00 + 00 mov QWORD PTR $T4[rbp], 0 + 0007e 48 8b 85 40 01 + 00 00 mov rax, QWORD PTR this$[rbp] + 00085 48 8d 95 04 01 + 00 00 lea rdx, QWORD PTR $T4[rbp] + 0008c 48 8b c8 mov rcx, rax + 0008f e8 00 00 00 00 call ??$exchange@PEAU_Container_proxy@std@@$$T@std@@YAPEAU_Container_proxy@0@AEAPEAU10@$$QEA$$T@Z ; std::exchange + 00094 48 8b d0 mov rdx, rax + 00097 48 8b 4d 08 mov rcx, QWORD PTR _Alproxy$[rbp] + 0009b e8 00 00 00 00 call ??$_Delete_plain_internal@V?$allocator@U_Container_proxy@std@@@std@@@std@@YAXAEAV?$allocator@U_Container_proxy@std@@@0@QEAU_Container_proxy@0@@Z ; std::_Delete_plain_internal > + +; 677 : #endif // _ITERATOR_DEBUG_LEVEL != 0 +; 678 : } + + 000a0 48 8d 4d e0 lea rcx, QWORD PTR [rbp-32] + 000a4 48 8d 15 00 00 + 00 00 lea rdx, OFFSET FLAT:??1?$vector@KV?$allocator@K@std@@@std@@QEAA@XZ$rtcFrameData + 000ab e8 00 00 00 00 call _RTC_CheckStackVars + 000b0 90 npad 1 + 000b1 48 8b 8d 18 01 + 00 00 mov rcx, QWORD PTR __$ArrayPad$[rbp] + 000b8 48 33 cd xor rcx, rbp + 000bb e8 00 00 00 00 call __security_check_cookie + 000c0 48 8d a5 28 01 + 00 00 lea rsp, QWORD PTR [rbp+296] + 000c7 5f pop rdi + 000c8 5d pop rbp + 000c9 c3 ret 0 +??1?$vector@KV?$allocator@K@std@@@std@@QEAA@XZ ENDP ; std::vector >::~vector > +_TEXT ENDS +; Function compile flags: /Odtp /RTCsu /ZI +; File C:\Program Files (x86)\Microsoft Visual Studio\2019\Community\VC\Tools\MSVC\14.27.29110\include\xmemory +; COMDAT ?deallocate@?$allocator@K@std@@QEAAXQEAK_K@Z +_TEXT SEGMENT +this$ = 224 +_Ptr$ = 232 +_Count$ = 240 +?deallocate@?$allocator@K@std@@QEAAXQEAK_K@Z PROC ; std::allocator::deallocate, COMDAT -; 57 : NcPrintBlockCode(NewBlock); +; 801 : void deallocate(_Ty* const _Ptr, const size_t _Count) { - 000d2 48 8b 8d 48 01 - 00 00 mov rcx, QWORD PTR NewBlock$[rbp] - 000d9 e8 00 00 00 00 call ?NcPrintBlockCode@@YAXPEAU_NATIVE_CODE_BLOCK@@@Z ; NcPrintBlockCode -$LN2@main: +$LN3: + 00000 4c 89 44 24 18 mov QWORD PTR [rsp+24], r8 + 00005 48 89 54 24 10 mov QWORD PTR [rsp+16], rdx + 0000a 48 89 4c 24 08 mov QWORD PTR [rsp+8], rcx + 0000f 55 push rbp + 00010 57 push rdi + 00011 48 81 ec e8 00 + 00 00 sub rsp, 232 ; 000000e8H + 00018 48 8d 6c 24 20 lea rbp, QWORD PTR [rsp+32] + 0001d 48 8b fc mov rdi, rsp + 00020 b9 3a 00 00 00 mov ecx, 58 ; 0000003aH + 00025 b8 cc cc cc cc mov eax, -858993460 ; ccccccccH + 0002a f3 ab rep stosd + 0002c 48 8b 8c 24 08 + 01 00 00 mov rcx, QWORD PTR [rsp+264] + 00034 48 8d 0d 00 00 + 00 00 lea rcx, OFFSET FLAT:__A58979FC_xmemory + 0003b e8 00 00 00 00 call __CheckForDebuggerJustMyCode -; 58 : } -; 59 : system("pause"); +; 802 : // no overflow check on the following multiply; we assume _Allocate did that check +; 803 : _Deallocate<_New_alignof<_Ty>>(_Ptr, sizeof(_Ty) * _Count); - 000de 48 8d 0d 00 00 - 00 00 lea rcx, OFFSET FLAT:??_C@_05PDJBBECF@pause@ - 000e5 ff 15 00 00 00 - 00 call QWORD PTR __imp_system - 000eb 90 npad 1 + 00040 48 8b 85 f0 00 + 00 00 mov rax, QWORD PTR _Count$[rbp] + 00047 48 c1 e0 02 shl rax, 2 + 0004b 48 8b d0 mov rdx, rax + 0004e 48 8b 8d e8 00 + 00 00 mov rcx, QWORD PTR _Ptr$[rbp] + 00055 e8 00 00 00 00 call ??$_Deallocate@$0BA@$0A@@std@@YAXPEAX_K@Z ; std::_Deallocate<16,0> -; 60 : -; 61 : } +; 804 : } - 000ec 48 8d 4d 10 lea rcx, QWORD PTR T$[rbp] - 000f0 e8 00 00 00 00 call ??1_NATIVE_CODE_LINK@@QEAA@XZ ; _NATIVE_CODE_LINK::~_NATIVE_CODE_LINK - 000f5 33 c0 xor eax, eax - 000f7 8b f8 mov edi, eax - 000f9 48 8d 4d e0 lea rcx, QWORD PTR [rbp-32] - 000fd 48 8d 15 00 00 - 00 00 lea rdx, OFFSET FLAT:main$rtcFrameData - 00104 e8 00 00 00 00 call _RTC_CheckStackVars - 00109 8b c7 mov eax, edi - 0010b 48 8b 8d 38 02 - 00 00 mov rcx, QWORD PTR __$ArrayPad$[rbp] - 00112 48 33 cd xor rcx, rbp - 00115 e8 00 00 00 00 call __security_check_cookie - 0011a 48 8d a5 48 02 - 00 00 lea rsp, QWORD PTR [rbp+584] - 00121 5f pop rdi - 00122 5d pop rbp - 00123 c3 ret 0 -main ENDP + 0005a 48 8d a5 c8 00 + 00 00 lea rsp, QWORD PTR [rbp+200] + 00061 5f pop rdi + 00062 5d pop rbp + 00063 c3 ret 0 +?deallocate@?$allocator@K@std@@QEAAXQEAK_K@Z ENDP ; std::allocator::deallocate _TEXT ENDS -; COMDAT text$x -text$x SEGMENT -T$ = 16 -Data$ = 280 -NewBlock$ = 328 -$T5 = 552 -__$ArrayPad$ = 568 -main$dtor$0 PROC - 00000 48 89 4c 24 08 mov QWORD PTR [rsp+8], rcx - 00005 48 89 54 24 10 mov QWORD PTR [rsp+16], rdx - 0000a 55 push rbp - 0000b 57 push rdi - 0000c 48 83 ec 28 sub rsp, 40 ; 00000028H - 00010 48 8d 6a 20 lea rbp, QWORD PTR [rdx+32] - 00014 48 8d 4d 10 lea rcx, QWORD PTR T$[rbp] - 00018 e8 00 00 00 00 call ??1_NATIVE_CODE_LINK@@QEAA@XZ ; _NATIVE_CODE_LINK::~_NATIVE_CODE_LINK - 0001d 48 83 c4 28 add rsp, 40 ; 00000028H - 00021 5f pop rdi - 00022 5d pop rbp - 00023 c3 ret 0 -main$dtor$0 ENDP -text$x ENDS -; Function compile flags: /Odtp /RTCsu /ZI -; COMDAT text$x -text$x SEGMENT -T$ = 16 -Data$ = 280 -NewBlock$ = 328 -$T5 = 552 -__$ArrayPad$ = 568 -main$dtor$0 PROC - 00000 48 89 4c 24 08 mov QWORD PTR [rsp+8], rcx - 00005 48 89 54 24 10 mov QWORD PTR [rsp+16], rdx - 0000a 55 push rbp - 0000b 57 push rdi - 0000c 48 83 ec 28 sub rsp, 40 ; 00000028H - 00010 48 8d 6a 20 lea rbp, QWORD PTR [rdx+32] - 00014 48 8d 4d 10 lea rcx, QWORD PTR T$[rbp] - 00018 e8 00 00 00 00 call ??1_NATIVE_CODE_LINK@@QEAA@XZ ; _NATIVE_CODE_LINK::~_NATIVE_CODE_LINK - 0001d 48 83 c4 28 add rsp, 40 ; 00000028H - 00021 5f pop rdi - 00022 5d pop rbp - 00023 c3 ret 0 -main$dtor$0 ENDP -text$x ENDS ; Function compile flags: /Odtp /RTCsu /ZI ; File C:\Program Files (x86)\Microsoft Visual Studio\2019\Community\VC\Tools\MSVC\14.27.29110\include\xloctime ; COMDAT ??$_Getvals@_W@?$time_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@IEAAX_WAEBV_Locinfo@1@@Z @@ -1137,6 +4535,97 @@ $LN3@Getvals: ??$_Getvals@_W@?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@IEAAX_WAEBV_Locinfo@1@@Z ENDP ; std::time_get > >::_Getvals _TEXT ENDS ; Function compile flags: /Odtp /RTCsu /ZI +; File C:\Program Files (x86)\Windows Kits\10\Include\10.0.19041.0\ucrt\time.h +; COMDAT time +_TEXT SEGMENT +_Time$ = 224 +time PROC ; COMDAT + +; 521 : { + + 00000 48 89 4c 24 08 mov QWORD PTR [rsp+8], rcx + 00005 55 push rbp + 00006 57 push rdi + 00007 48 81 ec e8 00 + 00 00 sub rsp, 232 ; 000000e8H + 0000e 48 8d 6c 24 20 lea rbp, QWORD PTR [rsp+32] + 00013 48 8b fc mov rdi, rsp + 00016 b9 3a 00 00 00 mov ecx, 58 ; 0000003aH + 0001b b8 cc cc cc cc mov eax, -858993460 ; ccccccccH + 00020 f3 ab rep stosd + 00022 48 8b 8c 24 08 + 01 00 00 mov rcx, QWORD PTR [rsp+264] + 0002a 48 8d 0d 00 00 + 00 00 lea rcx, OFFSET FLAT:__A0B61CF9_time@h + 00031 e8 00 00 00 00 call __CheckForDebuggerJustMyCode + +; 522 : return _time64(_Time); + + 00036 48 8b 8d e0 00 + 00 00 mov rcx, QWORD PTR _Time$[rbp] + 0003d ff 15 00 00 00 + 00 call QWORD PTR __imp__time64 + +; 523 : } + + 00043 48 8d a5 c8 00 + 00 00 lea rsp, QWORD PTR [rbp+200] + 0004a 5f pop rdi + 0004b 5d pop rbp + 0004c c3 ret 0 +time ENDP +_TEXT ENDS +; Function compile flags: /Odtp /RTCsu /ZI +; File C:\Program Files (x86)\Microsoft Visual Studio\2019\Community\VC\Tools\MSVC\14.27.29110\include\ios +; COMDAT ?hex@std@@YAAEAVios_base@1@AEAV21@@Z +_TEXT SEGMENT +_Iosbase$ = 224 +?hex@std@@YAAEAVios_base@1@AEAV21@@Z PROC ; std::hex, COMDAT + +; 206 : inline ios_base& __CLRCALL_OR_CDECL hex(ios_base& _Iosbase) { // set basefield to hex + +$LN3: + 00000 48 89 4c 24 08 mov QWORD PTR [rsp+8], rcx + 00005 55 push rbp + 00006 57 push rdi + 00007 48 81 ec e8 00 + 00 00 sub rsp, 232 ; 000000e8H + 0000e 48 8d 6c 24 20 lea rbp, QWORD PTR [rsp+32] + 00013 48 8b fc mov rdi, rsp + 00016 b9 3a 00 00 00 mov ecx, 58 ; 0000003aH + 0001b b8 cc cc cc cc mov eax, -858993460 ; ccccccccH + 00020 f3 ab rep stosd + 00022 48 8b 8c 24 08 + 01 00 00 mov rcx, QWORD PTR [rsp+264] + 0002a 48 8d 0d 00 00 + 00 00 lea rcx, OFFSET FLAT:__165C22CB_ios + 00031 e8 00 00 00 00 call __CheckForDebuggerJustMyCode + +; 207 : _Iosbase.setf(ios_base::hex, ios_base::basefield); + + 00036 41 b8 00 0e 00 + 00 mov r8d, 3584 ; 00000e00H + 0003c ba 00 08 00 00 mov edx, 2048 ; 00000800H + 00041 48 8b 8d e0 00 + 00 00 mov rcx, QWORD PTR _Iosbase$[rbp] + 00048 ff 15 00 00 00 + 00 call QWORD PTR __imp_?setf@ios_base@std@@QEAAHHH@Z + +; 208 : return _Iosbase; + + 0004e 48 8b 85 e0 00 + 00 00 mov rax, QWORD PTR _Iosbase$[rbp] + +; 209 : } + + 00055 48 8d a5 c8 00 + 00 00 lea rsp, QWORD PTR [rbp+200] + 0005c 5f pop rdi + 0005d 5d pop rbp + 0005e c3 ret 0 +?hex@std@@YAAEAVios_base@1@AEAV21@@Z ENDP ; std::hex +_TEXT ENDS +; Function compile flags: /Odtp /RTCsu /ZI ; File C:\Program Files (x86)\Microsoft Visual Studio\2019\Community\VC\Tools\MSVC\14.27.29110\include\xlocale ; COMDAT ??$_Maklocstr@D@std@@YAPEADPEBDPEADAEBU_Cvtvec@@@Z _TEXT SEGMENT @@ -1623,6 +5112,424 @@ $LN11@Maklocstr: ??$_Maklocstr@_W@std@@YAPEA_WPEBDPEA_WAEBU_Cvtvec@@@Z ENDP ; std::_Maklocstr _TEXT ENDS ; Function compile flags: /Odtp /RTCsu /ZI +; File C:\Program Files (x86)\Microsoft Visual Studio\2019\Community\VC\Tools\MSVC\14.27.29110\include\xstring +; COMDAT ?eof@?$_Narrow_char_traits@DH@std@@SAHXZ +_TEXT SEGMENT +?eof@?$_Narrow_char_traits@DH@std@@SAHXZ PROC ; std::_Narrow_char_traits::eof, COMDAT + +; 400 : _NODISCARD static constexpr int_type eof() noexcept { + +$LN3: + 00000 40 55 push rbp + 00002 57 push rdi + 00003 48 81 ec e8 00 + 00 00 sub rsp, 232 ; 000000e8H + 0000a 48 8d 6c 24 20 lea rbp, QWORD PTR [rsp+32] + 0000f 48 8b fc mov rdi, rsp + 00012 b9 3a 00 00 00 mov ecx, 58 ; 0000003aH + 00017 b8 cc cc cc cc mov eax, -858993460 ; ccccccccH + 0001c f3 ab rep stosd + 0001e 48 8d 0d 00 00 + 00 00 lea rcx, OFFSET FLAT:__D15AFF60_xstring + 00025 e8 00 00 00 00 call __CheckForDebuggerJustMyCode + +; 401 : return static_cast(EOF); + + 0002a b8 ff ff ff ff mov eax, -1 + +; 402 : } + + 0002f 48 8d a5 c8 00 + 00 00 lea rsp, QWORD PTR [rbp+200] + 00036 5f pop rdi + 00037 5d pop rbp + 00038 c3 ret 0 +?eof@?$_Narrow_char_traits@DH@std@@SAHXZ ENDP ; std::_Narrow_char_traits::eof +_TEXT ENDS +; Function compile flags: /Odtp /RTCsu /ZI +; File C:\Program Files (x86)\Microsoft Visual Studio\2019\Community\VC\Tools\MSVC\14.27.29110\include\xstring +; COMDAT ?eq_int_type@?$_Narrow_char_traits@DH@std@@SA_NAEBH0@Z +_TEXT SEGMENT +tv65 = 192 +_Left$ = 240 +_Right$ = 248 +?eq_int_type@?$_Narrow_char_traits@DH@std@@SA_NAEBH0@Z PROC ; std::_Narrow_char_traits::eq_int_type, COMDAT + +; 392 : _NODISCARD static constexpr bool eq_int_type(const int_type& _Left, const int_type& _Right) noexcept { + +$LN5: + 00000 48 89 54 24 10 mov QWORD PTR [rsp+16], rdx + 00005 48 89 4c 24 08 mov QWORD PTR [rsp+8], rcx + 0000a 55 push rbp + 0000b 57 push rdi + 0000c 48 81 ec f8 00 + 00 00 sub rsp, 248 ; 000000f8H + 00013 48 8d 6c 24 20 lea rbp, QWORD PTR [rsp+32] + 00018 48 8b fc mov rdi, rsp + 0001b b9 3e 00 00 00 mov ecx, 62 ; 0000003eH + 00020 b8 cc cc cc cc mov eax, -858993460 ; ccccccccH + 00025 f3 ab rep stosd + 00027 48 8b 8c 24 18 + 01 00 00 mov rcx, QWORD PTR [rsp+280] + 0002f 48 8d 0d 00 00 + 00 00 lea rcx, OFFSET FLAT:__D15AFF60_xstring + 00036 e8 00 00 00 00 call __CheckForDebuggerJustMyCode + +; 393 : return _Left == _Right; + + 0003b 48 8b 85 f0 00 + 00 00 mov rax, QWORD PTR _Left$[rbp] + 00042 48 8b 8d f8 00 + 00 00 mov rcx, QWORD PTR _Right$[rbp] + 00049 8b 09 mov ecx, DWORD PTR [rcx] + 0004b 39 08 cmp DWORD PTR [rax], ecx + 0004d 75 0c jne SHORT $LN3@eq_int_typ + 0004f c7 85 c0 00 00 + 00 01 00 00 00 mov DWORD PTR tv65[rbp], 1 + 00059 eb 0a jmp SHORT $LN4@eq_int_typ +$LN3@eq_int_typ: + 0005b c7 85 c0 00 00 + 00 00 00 00 00 mov DWORD PTR tv65[rbp], 0 +$LN4@eq_int_typ: + 00065 0f b6 85 c0 00 + 00 00 movzx eax, BYTE PTR tv65[rbp] + +; 394 : } + + 0006c 48 8d a5 d8 00 + 00 00 lea rsp, QWORD PTR [rbp+216] + 00073 5f pop rdi + 00074 5d pop rbp + 00075 c3 ret 0 +?eq_int_type@?$_Narrow_char_traits@DH@std@@SA_NAEBH0@Z ENDP ; std::_Narrow_char_traits::eq_int_type +_TEXT ENDS +; Function compile flags: /Odtp /RTCsu /ZI +; File C:\Program Files (x86)\Microsoft Visual Studio\2019\Community\VC\Tools\MSVC\14.27.29110\include\xmemory +; COMDAT ?_Orphan_all@_Container_base12@std@@QEAAXXZ +_TEXT SEGMENT +_Lock$4 = 4 +_Pnext$5 = 40 +__$ArrayPad$ = 248 +this$ = 288 +?_Orphan_all@_Container_base12@std@@QEAAXXZ PROC ; std::_Container_base12::_Orphan_all, COMDAT + +; 1205 : inline void _Container_base12::_Orphan_all() noexcept { + +$LN7: + 00000 48 89 4c 24 08 mov QWORD PTR [rsp+8], rcx + 00005 55 push rbp + 00006 57 push rdi + 00007 48 81 ec 28 01 + 00 00 sub rsp, 296 ; 00000128H + 0000e 48 8d 6c 24 20 lea rbp, QWORD PTR [rsp+32] + 00013 48 8b fc mov rdi, rsp + 00016 b9 4a 00 00 00 mov ecx, 74 ; 0000004aH + 0001b b8 cc cc cc cc mov eax, -858993460 ; ccccccccH + 00020 f3 ab rep stosd + 00022 48 8b 8c 24 48 + 01 00 00 mov rcx, QWORD PTR [rsp+328] + 0002a 48 8b 05 00 00 + 00 00 mov rax, QWORD PTR __security_cookie + 00031 48 33 c5 xor rax, rbp + 00034 48 89 85 f8 00 + 00 00 mov QWORD PTR __$ArrayPad$[rbp], rax + 0003b 48 8d 0d 00 00 + 00 00 lea rcx, OFFSET FLAT:__A58979FC_xmemory + 00042 e8 00 00 00 00 call __CheckForDebuggerJustMyCode + +; 1206 : #if _ITERATOR_DEBUG_LEVEL == 2 +; 1207 : if (_Myproxy) { // proxy allocated, drain it + + 00047 48 8b 85 20 01 + 00 00 mov rax, QWORD PTR this$[rbp] + 0004e 48 83 38 00 cmp QWORD PTR [rax], 0 + 00052 74 6b je SHORT $LN5@Orphan_all + +; 1208 : _Lockit _Lock(_LOCK_DEBUG); + + 00054 ba 03 00 00 00 mov edx, 3 + 00059 48 8d 4d 04 lea rcx, QWORD PTR _Lock$4[rbp] + 0005d ff 15 00 00 00 + 00 call QWORD PTR __imp_??0_Lockit@std@@QEAA@H@Z + +; 1209 : +; 1210 : for (auto _Pnext = &_Myproxy->_Myfirstiter; *_Pnext; *_Pnext = (*_Pnext)->_Mynextiter) { + + 00063 48 8b 85 20 01 + 00 00 mov rax, QWORD PTR this$[rbp] + 0006a 48 8b 00 mov rax, QWORD PTR [rax] + 0006d 48 83 c0 08 add rax, 8 + 00071 48 89 45 28 mov QWORD PTR _Pnext$5[rbp], rax + 00075 eb 12 jmp SHORT $LN4@Orphan_all +$LN2@Orphan_all: + 00077 48 8b 45 28 mov rax, QWORD PTR _Pnext$5[rbp] + 0007b 48 8b 00 mov rax, QWORD PTR [rax] + 0007e 48 8b 4d 28 mov rcx, QWORD PTR _Pnext$5[rbp] + 00082 48 8b 40 08 mov rax, QWORD PTR [rax+8] + 00086 48 89 01 mov QWORD PTR [rcx], rax +$LN4@Orphan_all: + 00089 48 8b 45 28 mov rax, QWORD PTR _Pnext$5[rbp] + 0008d 48 83 38 00 cmp QWORD PTR [rax], 0 + 00091 74 10 je SHORT $LN3@Orphan_all + +; 1211 : (*_Pnext)->_Myproxy = nullptr; + + 00093 48 8b 45 28 mov rax, QWORD PTR _Pnext$5[rbp] + 00097 48 8b 00 mov rax, QWORD PTR [rax] + 0009a 48 c7 00 00 00 + 00 00 mov QWORD PTR [rax], 0 + +; 1212 : } + + 000a1 eb d4 jmp SHORT $LN2@Orphan_all +$LN3@Orphan_all: + +; 1213 : +; 1214 : _Myproxy->_Myfirstiter = nullptr; + + 000a3 48 8b 85 20 01 + 00 00 mov rax, QWORD PTR this$[rbp] + 000aa 48 8b 00 mov rax, QWORD PTR [rax] + 000ad 48 c7 40 08 00 + 00 00 00 mov QWORD PTR [rax+8], 0 + +; 1215 : } + + 000b5 48 8d 4d 04 lea rcx, QWORD PTR _Lock$4[rbp] + 000b9 ff 15 00 00 00 + 00 call QWORD PTR __imp_??1_Lockit@std@@QEAA@XZ +$LN5@Orphan_all: + +; 1216 : #endif // _ITERATOR_DEBUG_LEVEL == 2 +; 1217 : } + + 000bf 48 8d 4d e0 lea rcx, QWORD PTR [rbp-32] + 000c3 48 8d 15 00 00 + 00 00 lea rdx, OFFSET FLAT:?_Orphan_all@_Container_base12@std@@QEAAXXZ$rtcFrameData + 000ca e8 00 00 00 00 call _RTC_CheckStackVars + 000cf 90 npad 1 + 000d0 48 8b 8d f8 00 + 00 00 mov rcx, QWORD PTR __$ArrayPad$[rbp] + 000d7 48 33 cd xor rcx, rbp + 000da e8 00 00 00 00 call __security_check_cookie + 000df 48 8d a5 08 01 + 00 00 lea rsp, QWORD PTR [rbp+264] + 000e6 5f pop rdi + 000e7 5d pop rbp + 000e8 c3 ret 0 +?_Orphan_all@_Container_base12@std@@QEAAXXZ ENDP ; std::_Container_base12::_Orphan_all +_TEXT ENDS +; Function compile flags: /Odtp /RTCsu /ZI +; File C:\Program Files (x86)\Microsoft Visual Studio\2019\Community\VC\Tools\MSVC\14.27.29110\include\xmemory +; COMDAT ?_Adjust_manually_vector_aligned@std@@YAXAEAPEAXAEA_K@Z +_TEXT SEGMENT +_Ptr_user$ = 8 +_Ptr_container$ = 40 +_Min_back_shift$ = 72 +_Back_shift$ = 104 +_Ptr$ = 352 +_Bytes$ = 360 +?_Adjust_manually_vector_aligned@std@@YAXAEAPEAXAEA_K@Z PROC ; std::_Adjust_manually_vector_aligned, COMDAT + +; 132 : inline void _Adjust_manually_vector_aligned(void*& _Ptr, size_t& _Bytes) { + +$LN21: + 00000 48 89 54 24 10 mov QWORD PTR [rsp+16], rdx + 00005 48 89 4c 24 08 mov QWORD PTR [rsp+8], rcx + 0000a 55 push rbp + 0000b 57 push rdi + 0000c 48 81 ec 78 01 + 00 00 sub rsp, 376 ; 00000178H + 00013 48 8d 6c 24 30 lea rbp, QWORD PTR [rsp+48] + 00018 48 8b fc mov rdi, rsp + 0001b b9 5e 00 00 00 mov ecx, 94 ; 0000005eH + 00020 b8 cc cc cc cc mov eax, -858993460 ; ccccccccH + 00025 f3 ab rep stosd + 00027 48 8b 8c 24 98 + 01 00 00 mov rcx, QWORD PTR [rsp+408] + 0002f 48 8d 0d 00 00 + 00 00 lea rcx, OFFSET FLAT:__A58979FC_xmemory + 00036 e8 00 00 00 00 call __CheckForDebuggerJustMyCode + +; 133 : // adjust parameters from _Allocate_manually_vector_aligned to pass to operator delete +; 134 : _Bytes += _Non_user_size; + + 0003b 48 8b 85 68 01 + 00 00 mov rax, QWORD PTR _Bytes$[rbp] + 00042 48 8b 00 mov rax, QWORD PTR [rax] + 00045 48 83 c0 2f add rax, 47 ; 0000002fH + 00049 48 8b 8d 68 01 + 00 00 mov rcx, QWORD PTR _Bytes$[rbp] + 00050 48 89 01 mov QWORD PTR [rcx], rax + +; 135 : +; 136 : const uintptr_t* const _Ptr_user = reinterpret_cast(_Ptr); + + 00053 48 8b 85 60 01 + 00 00 mov rax, QWORD PTR _Ptr$[rbp] + 0005a 48 8b 00 mov rax, QWORD PTR [rax] + 0005d 48 89 45 08 mov QWORD PTR _Ptr_user$[rbp], rax + +; 137 : const uintptr_t _Ptr_container = _Ptr_user[-1]; + + 00061 b8 08 00 00 00 mov eax, 8 + 00066 48 6b c0 ff imul rax, rax, -1 + 0006a 48 8b 4d 08 mov rcx, QWORD PTR _Ptr_user$[rbp] + 0006e 48 8b 04 01 mov rax, QWORD PTR [rcx+rax] + 00072 48 89 45 28 mov QWORD PTR _Ptr_container$[rbp], rax +$LN4@Adjust_man: + +; 138 : +; 139 : // If the following asserts, it likely means that we are performing +; 140 : // an aligned delete on memory coming from an unaligned allocation. +; 141 : _STL_ASSERT(_Ptr_user[-2] == _Big_allocation_sentinel, "invalid argument"); + + 00076 b8 08 00 00 00 mov eax, 8 + 0007b 48 6b c0 fe imul rax, rax, -2 + 0007f 48 8b 4d 08 mov rcx, QWORD PTR _Ptr_user$[rbp] + 00083 48 ba fa fa fa + fa fa fa fa fa mov rdx, -361700864190383366 ; fafafafafafafafaH + 0008d 48 39 14 01 cmp QWORD PTR [rcx+rax], rdx + 00091 75 02 jne SHORT $LN14@Adjust_man + 00093 eb 77 jmp SHORT $LN15@Adjust_man +$LN14@Adjust_man: +$LN7@Adjust_man: + 00095 8b 05 00 00 00 + 00 mov eax, DWORD PTR ?__LINE__Var@?0??_Adjust_manually_vector_aligned@std@@YAXAEAPEAXAEA_K@Z@4JA + 0009b 83 c0 09 add eax, 9 + 0009e 48 8d 0d 00 00 + 00 00 lea rcx, OFFSET FLAT:??_C@_0BB@FCMFBGOM@invalid?5argument@ + 000a5 48 89 4c 24 28 mov QWORD PTR [rsp+40], rcx + 000aa 48 8d 0d 00 00 + 00 00 lea rcx, OFFSET FLAT:??_C@_02DKCKIIND@?$CFs@ + 000b1 48 89 4c 24 20 mov QWORD PTR [rsp+32], rcx + 000b6 45 33 c9 xor r9d, r9d + 000b9 44 8b c0 mov r8d, eax + 000bc 48 8d 15 00 00 + 00 00 lea rdx, OFFSET FLAT:??_C@_0GI@JMEOMKJO@C?3?2Program?5Files?5?$CIx86?$CJ?2Microsof@ + 000c3 b9 02 00 00 00 mov ecx, 2 + 000c8 ff 15 00 00 00 + 00 call QWORD PTR __imp__CrtDbgReport + 000ce 83 f8 01 cmp eax, 1 + 000d1 75 03 jne SHORT $LN19@Adjust_man + 000d3 cc int 3 + 000d4 33 c0 xor eax, eax +$LN19@Adjust_man: + 000d6 8b 05 00 00 00 + 00 mov eax, DWORD PTR ?__LINE__Var@?0??_Adjust_manually_vector_aligned@std@@YAXAEAPEAXAEA_K@Z@4JA + 000dc 83 c0 09 add eax, 9 + 000df 48 c7 44 24 20 + 00 00 00 00 mov QWORD PTR [rsp+32], 0 + 000e8 44 8b c8 mov r9d, eax + 000eb 4c 8d 05 00 00 + 00 00 lea r8, OFFSET FLAT:??_C@_1NA@FEEOBALC@?$AAC?$AA?3?$AA?2?$AAP?$AAr?$AAo?$AAg?$AAr?$AAa?$AAm?$AA?5?$AAF?$AAi?$AAl?$AAe@ + 000f2 48 8d 15 00 00 + 00 00 lea rdx, OFFSET FLAT:??_C@_1EK@NIFDJFDG@?$AAs?$AAt?$AAd?$AA?3?$AA?3?$AA_?$AAA?$AAd?$AAj?$AAu?$AAs?$AAt?$AA_?$AAm?$AAa@ + 000f9 48 8d 0d 00 00 + 00 00 lea rcx, OFFSET FLAT:??_C@_1CG@JNLFBNGN@?$AA?$CC?$AAi?$AAn?$AAv?$AAa?$AAl?$AAi?$AAd?$AA?5?$AAa?$AAr?$AAg?$AAu?$AAm?$AAe@ + 00100 ff 15 00 00 00 + 00 call QWORD PTR __imp__invalid_parameter + 00106 33 c0 xor eax, eax + 00108 85 c0 test eax, eax + 0010a 75 89 jne SHORT $LN7@Adjust_man +$LN15@Adjust_man: + 0010c 33 c0 xor eax, eax + 0010e 85 c0 test eax, eax + 00110 0f 85 60 ff ff + ff jne $LN4@Adjust_man + +; 142 : +; 143 : // Extra paranoia on aligned allocation/deallocation; ensure _Ptr_container is +; 144 : // in range [_Min_back_shift, _Non_user_size] +; 145 : #ifdef _DEBUG +; 146 : constexpr uintptr_t _Min_back_shift = 2 * sizeof(void*); + + 00116 48 c7 45 48 10 + 00 00 00 mov QWORD PTR _Min_back_shift$[rbp], 16 + +; 147 : #else // ^^^ _DEBUG ^^^ // vvv !_DEBUG vvv +; 148 : constexpr uintptr_t _Min_back_shift = sizeof(void*); +; 149 : #endif // _DEBUG +; 150 : const uintptr_t _Back_shift = reinterpret_cast(_Ptr) - _Ptr_container; + + 0011e 48 8b 85 60 01 + 00 00 mov rax, QWORD PTR _Ptr$[rbp] + 00125 48 8b 4d 28 mov rcx, QWORD PTR _Ptr_container$[rbp] + 00129 48 8b 00 mov rax, QWORD PTR [rax] + 0012c 48 2b c1 sub rax, rcx + 0012f 48 89 45 68 mov QWORD PTR _Back_shift$[rbp], rax +$LN10@Adjust_man: + +; 151 : _STL_VERIFY(_Back_shift >= _Min_back_shift && _Back_shift <= _Non_user_size, "invalid argument"); + + 00133 48 83 7d 68 10 cmp QWORD PTR _Back_shift$[rbp], 16 + 00138 72 09 jb SHORT $LN16@Adjust_man + 0013a 48 83 7d 68 2f cmp QWORD PTR _Back_shift$[rbp], 47 ; 0000002fH + 0013f 77 02 ja SHORT $LN16@Adjust_man + 00141 eb 77 jmp SHORT $LN17@Adjust_man +$LN16@Adjust_man: +$LN13@Adjust_man: + 00143 8b 05 00 00 00 + 00 mov eax, DWORD PTR ?__LINE__Var@?0??_Adjust_manually_vector_aligned@std@@YAXAEAPEAXAEA_K@Z@4JA + 00149 83 c0 13 add eax, 19 + 0014c 48 8d 0d 00 00 + 00 00 lea rcx, OFFSET FLAT:??_C@_0BB@FCMFBGOM@invalid?5argument@ + 00153 48 89 4c 24 28 mov QWORD PTR [rsp+40], rcx + 00158 48 8d 0d 00 00 + 00 00 lea rcx, OFFSET FLAT:??_C@_02DKCKIIND@?$CFs@ + 0015f 48 89 4c 24 20 mov QWORD PTR [rsp+32], rcx + 00164 45 33 c9 xor r9d, r9d + 00167 44 8b c0 mov r8d, eax + 0016a 48 8d 15 00 00 + 00 00 lea rdx, OFFSET FLAT:??_C@_0GI@JMEOMKJO@C?3?2Program?5Files?5?$CIx86?$CJ?2Microsof@ + 00171 b9 02 00 00 00 mov ecx, 2 + 00176 ff 15 00 00 00 + 00 call QWORD PTR __imp__CrtDbgReport + 0017c 83 f8 01 cmp eax, 1 + 0017f 75 03 jne SHORT $LN20@Adjust_man + 00181 cc int 3 + 00182 33 c0 xor eax, eax +$LN20@Adjust_man: + 00184 8b 05 00 00 00 + 00 mov eax, DWORD PTR ?__LINE__Var@?0??_Adjust_manually_vector_aligned@std@@YAXAEAPEAXAEA_K@Z@4JA + 0018a 83 c0 13 add eax, 19 + 0018d 48 c7 44 24 20 + 00 00 00 00 mov QWORD PTR [rsp+32], 0 + 00196 44 8b c8 mov r9d, eax + 00199 4c 8d 05 00 00 + 00 00 lea r8, OFFSET FLAT:??_C@_1NA@FEEOBALC@?$AAC?$AA?3?$AA?2?$AAP?$AAr?$AAo?$AAg?$AAr?$AAa?$AAm?$AA?5?$AAF?$AAi?$AAl?$AAe@ + 001a0 48 8d 15 00 00 + 00 00 lea rdx, OFFSET FLAT:??_C@_1EK@NIFDJFDG@?$AAs?$AAt?$AAd?$AA?3?$AA?3?$AA_?$AAA?$AAd?$AAj?$AAu?$AAs?$AAt?$AA_?$AAm?$AAa@ + 001a7 48 8d 0d 00 00 + 00 00 lea rcx, OFFSET FLAT:??_C@_1CG@JNLFBNGN@?$AA?$CC?$AAi?$AAn?$AAv?$AAa?$AAl?$AAi?$AAd?$AA?5?$AAa?$AAr?$AAg?$AAu?$AAm?$AAe@ + 001ae ff 15 00 00 00 + 00 call QWORD PTR __imp__invalid_parameter + 001b4 33 c0 xor eax, eax + 001b6 85 c0 test eax, eax + 001b8 75 89 jne SHORT $LN13@Adjust_man +$LN17@Adjust_man: + 001ba 33 c0 xor eax, eax + 001bc 85 c0 test eax, eax + 001be 0f 85 6f ff ff + ff jne $LN10@Adjust_man + +; 152 : _Ptr = reinterpret_cast(_Ptr_container); + + 001c4 48 8b 85 60 01 + 00 00 mov rax, QWORD PTR _Ptr$[rbp] + 001cb 48 8b 4d 28 mov rcx, QWORD PTR _Ptr_container$[rbp] + 001cf 48 89 08 mov QWORD PTR [rax], rcx + +; 153 : } + + 001d2 48 8d a5 48 01 + 00 00 lea rsp, QWORD PTR [rbp+328] + 001d9 5f pop rdi + 001da 5d pop rbp + 001db c3 ret 0 +?_Adjust_manually_vector_aligned@std@@YAXAEAPEAXAEA_K@Z ENDP ; std::_Adjust_manually_vector_aligned +_TEXT ENDS +; Function compile flags: /Odtp /RTCsu /ZI ; File C:\Program Files (x86)\Windows Kits\10\Include\10.0.19041.0\ucrt\wchar.h ; COMDAT wmemcpy _TEXT SEGMENT @@ -1864,87 +5771,6 @@ $LN3: __local_stdio_printf_options ENDP _TEXT ENDS ; Function compile flags: /Odtp /RTCsu /ZI -; File C:\Program Files (x86)\Windows Kits\10\Include\10.0.19041.0\um\winnt.h -; COMDAT RtlSecureZeroMemory -_TEXT SEGMENT -vptr$ = 8 -ptr$ = 256 -cnt$ = 264 -RtlSecureZeroMemory PROC ; COMDAT - -; 20277: { - -$LN3: - 00000 48 89 54 24 10 mov QWORD PTR [rsp+16], rdx - 00005 48 89 4c 24 08 mov QWORD PTR [rsp+8], rcx - 0000a 55 push rbp - 0000b 57 push rdi - 0000c 48 81 ec 08 01 - 00 00 sub rsp, 264 ; 00000108H - 00013 48 8d 6c 24 20 lea rbp, QWORD PTR [rsp+32] - 00018 48 8b fc mov rdi, rsp - 0001b b9 42 00 00 00 mov ecx, 66 ; 00000042H - 00020 b8 cc cc cc cc mov eax, -858993460 ; ccccccccH - 00025 f3 ab rep stosd - 00027 48 8b 8c 24 28 - 01 00 00 mov rcx, QWORD PTR [rsp+296] - 0002f 48 8d 0d 00 00 - 00 00 lea rcx, OFFSET FLAT:__D5DDFBF3_winnt@h - 00036 e8 00 00 00 00 call __CheckForDebuggerJustMyCode - -; 20278: volatile char *vptr = (volatile char *)ptr; - - 0003b 48 8b 85 00 01 - 00 00 mov rax, QWORD PTR ptr$[rbp] - 00042 48 89 45 08 mov QWORD PTR vptr$[rbp], rax - -; 20279: -; 20280: #if defined(_M_AMD64) -; 20281: -; 20282: __stosb((PBYTE )((DWORD64)vptr), 0, cnt); - - 00046 48 8b 7d 08 mov rdi, QWORD PTR vptr$[rbp] - 0004a 33 c0 xor eax, eax - 0004c 48 8b 8d 08 01 - 00 00 mov rcx, QWORD PTR cnt$[rbp] - 00053 f3 aa rep stosb - -; 20283: -; 20284: #else -; 20285: -; 20286: while (cnt) { -; 20287: -; 20288: #if !defined(_M_CEE) && (defined(_M_ARM) || defined(_M_ARM64)) -; 20289: -; 20290: __iso_volatile_store8(vptr, 0); -; 20291: -; 20292: #else -; 20293: -; 20294: *vptr = 0; -; 20295: -; 20296: #endif -; 20297: -; 20298: vptr++; -; 20299: cnt--; -; 20300: } -; 20301: -; 20302: #endif // _M_AMD64 -; 20303: -; 20304: return ptr; - - 00055 48 8b 85 00 01 - 00 00 mov rax, QWORD PTR ptr$[rbp] - -; 20305: } - - 0005c 48 8d a5 e8 00 - 00 00 lea rsp, QWORD PTR [rbp+232] - 00063 5f pop rdi - 00064 5d pop rbp - 00065 c3 ret 0 -RtlSecureZeroMemory ENDP -_TEXT ENDS -; Function compile flags: /Odtp /RTCsu /ZI ; File C:\$Fanta\code-virtualizer\CodeVirtualizer\Main.cpp ; COMDAT ?__empty_global_delete@@YAXPEAX_KW4align_val_t@std@@@Z _TEXT SEGMENT diff --git a/CodeVirtualizer/x64/Debug/NativeCode.cod b/CodeVirtualizer/x64/Debug/NativeCode.cod index 467e956..54f3d19 100644 --- a/CodeVirtualizer/x64/Debug/NativeCode.cod +++ b/CodeVirtualizer/x64/Debug/NativeCode.cod @@ -184,8 +184,10 @@ PUBLIC ?NcValidateJmp@@YAPEAU_NATIVE_CODE_LINK@@PEAU1@H@Z ; NcValidateJmp PUBLIC ?NcDeepCopyLink@@YAPEAU_NATIVE_CODE_LINK@@PEAU1@@Z ; NcDeepCopyLink PUBLIC ?NcDeepCopyPartialBlock@@YAPEAU_NATIVE_CODE_BLOCK@@PEAU_NATIVE_CODE_LINK@@0@Z ; NcDeepCopyPartialBlock PUBLIC ?NcDeepCopyBlock@@YAPEAU_NATIVE_CODE_BLOCK@@PEAU1@@Z ; NcDeepCopyBlock +PUBLIC ?NcGetDeltaToLabel@@YAHPEAU_NATIVE_CODE_LINK@@PEAH@Z ; NcGetDeltaToLabel +PUBLIC ?NcFixRelJmps@@YAHPEAU_NATIVE_CODE_BLOCK@@@Z ; NcFixRelJmps PUBLIC ?NcDisassemble@@YAHPEAU_NATIVE_CODE_BLOCK@@PEAXK@Z ; NcDisassemble -PUBLIC ?NcAssemble@@YAPEAXPEAU_NATIVE_CODE_BLOCK@@@Z ; NcAssemble +PUBLIC ?NcAssemble@@YAPEAXPEAU_NATIVE_CODE_BLOCK@@PEAK@Z ; NcAssemble PUBLIC ?NcDeleteBlock@@YAXPEAU_NATIVE_CODE_BLOCK@@@Z ; NcDeleteBlock PUBLIC ?NcDebugPrint@@YAXPEAU_NATIVE_CODE_BLOCK@@@Z ; NcDebugPrint PUBLIC ?NcPrintBlockCode@@YAXPEAU_NATIVE_CODE_BLOCK@@@Z ; NcPrintBlockCode @@ -202,6 +204,7 @@ PUBLIC ??1?$_Vector_iterator@V?$_Vector_val@U?$_Simple_types@K@std@@@std@@@std@@ PUBLIC ??0?$_Vector_iterator@V?$_Vector_val@U?$_Simple_types@K@std@@@std@@@std@@QEAA@$$QEAV01@@Z ; std::_Vector_iterator > >::_Vector_iterator > > PUBLIC ??0?$_Vector_iterator@V?$_Vector_val@U?$_Simple_types@K@std@@@std@@@std@@QEAA@PEAKPEBU_Container_base12@1@@Z ; std::_Vector_iterator > >::_Vector_iterator > > PUBLIC ??$find@V?$_Vector_iterator@V?$_Vector_val@U?$_Simple_types@K@std@@@std@@@std@@K@std@@YA?AV?$_Vector_iterator@V?$_Vector_val@U?$_Simple_types@K@std@@@std@@@0@V10@V10@AEBK@Z ; std::find > >,unsigned long> +PUBLIC ??$log2@H$0A@@@YANH@Z ; log2 PUBLIC ??$?6U?$char_traits@D@std@@@std@@YAAEAV?$basic_ostream@DU?$char_traits@D@std@@@0@AEAV10@D@Z ; std::operator<< > PUBLIC ??$?6DU?$char_traits@D@std@@_J@std@@YAAEAV?$basic_ostream@DU?$char_traits@D@std@@@0@AEAV10@AEBU?$_Smanip@_J@0@@Z ; std::operator<<,__int64> PUBLIC ??$setfill@D@std@@YA?AU?$_Fillobj@D@0@D@Z ; std::setfill @@ -307,9 +310,11 @@ PUBLIC ??_R4bad_array_new_length@std@@6B@ ; std::bad_array_new_length::`RTTI Co PUBLIC ??_R3bad_array_new_length@std@@8 ; std::bad_array_new_length::`RTTI Class Hierarchy Descriptor' PUBLIC ??_R2bad_array_new_length@std@@8 ; std::bad_array_new_length::`RTTI Base Class Array' PUBLIC ??_R1A@?0A@EA@bad_array_new_length@std@@8 ; std::bad_array_new_length::`RTTI Base Class Descriptor at (0,-1,0,64)' +PUBLIC __real@3ff0000000000000 EXTRN ??2@YAPEAX_K@Z:PROC ; operator new EXTRN ??3@YAXPEAX_K@Z:PROC ; operator delete EXTRN ??_U@YAPEAX_K@Z:PROC ; operator new[] +EXTRN ??_V@YAXPEAX@Z:PROC ; operator delete[] EXTRN __imp__invalid_parameter:PROC EXTRN memcpy:PROC EXTRN memmove:PROC @@ -317,6 +322,8 @@ EXTRN __imp_wcslen:PROC EXTRN strlen:PROC EXTRN __imp_GetStdHandle:PROC EXTRN __imp_SetConsoleTextAttribute:PROC +EXTRN __imp_malloc:PROC +EXTRN abs:PROC EXTRN __imp_rand:PROC EXTRN __imp__calloc_dbg:PROC EXTRN __imp__CrtDbgReport:PROC @@ -324,6 +331,7 @@ EXTRN __imp_??0_Lockit@std@@QEAA@H@Z:PROC EXTRN __imp_??1_Lockit@std@@QEAA@XZ:PROC EXTRN __imp___acrt_iob_func:PROC EXTRN __imp___stdio_common_vfprintf:PROC +EXTRN __imp_log2:PROC EXTRN ?uncaught_exception@std@@YA_NXZ:PROC ; std::uncaught_exception EXTRN __std_exception_copy:PROC EXTRN __std_exception_destroy:PROC @@ -362,8 +370,14 @@ EXTRN xed_inst_operand:PROC EXTRN xed_error_enum_t2str:PROC EXTRN xed_decode:PROC EXTRN xed_operand_values_set_mode:PROC +EXTRN xed_encoder_request_zero_set_mode:PROC +EXTRN xed_encode:PROC +EXTRN xed_convert_to_encoder_request:PROC +EXTRN xed_decoded_inst_zero_set_mode:PROC EXTRN xed_decoded_inst_zero:PROC EXTRN xed_decoded_inst_get_branch_displacement:PROC +EXTRN xed_decoded_inst_get_branch_displacement_width:PROC +EXTRN xed_decoded_inst_get_branch_displacement_width_bits:PROC EXTRN _CxxThrowException:PROC EXTRN _RTC_CheckStackVars:PROC EXTRN _RTC_InitBase:PROC @@ -376,6 +390,7 @@ EXTRN __security_check_cookie:PROC EXTRN ??_7type_info@@6B@:BYTE ; type_info::`vftable' EXTRN __imp_?cout@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A:BYTE EXTRN __security_cookie:QWORD +EXTRN _fltused:DWORD ; COMDAT ?_OptionsStorage@?1??__local_stdio_printf_options@@9@4_KA _BSS SEGMENT ?_OptionsStorage@?1??__local_stdio_printf_options@@9@4_KA DQ 01H DUP (?) ; `__local_stdio_printf_options'::`2'::_OptionsStorage @@ -688,6 +703,18 @@ $pdata$xed_inst_noperands DD imagerel xed_inst_noperands pdata ENDS ; COMDAT pdata pdata SEGMENT +$pdata$xed_relbr DD imagerel xed_relbr + DD imagerel xed_relbr+182 + DD imagerel $unwind$xed_relbr +pdata ENDS +; COMDAT pdata +pdata SEGMENT +$pdata$xed_inst1 DD imagerel xed_inst1 + DD imagerel xed_inst1+207 + DD imagerel $unwind$xed_inst1 +pdata ENDS +; COMDAT pdata +pdata SEGMENT $pdata$xed_decoded_inst_inst DD imagerel xed_decoded_inst_inst DD imagerel xed_decoded_inst_inst+78 DD imagerel $unwind$xed_decoded_inst_inst @@ -1096,6 +1123,18 @@ $pdata$?NcDeepCopyBlock@@YAPEAU_NATIVE_CODE_BLOCK@@PEAU1@@Z DD imagerel $LN3 pdata ENDS ; COMDAT pdata pdata SEGMENT +$pdata$?NcGetDeltaToLabel@@YAHPEAU_NATIVE_CODE_LINK@@PEAH@Z DD imagerel $LN13 + DD imagerel $LN13+300 + DD imagerel $unwind$?NcGetDeltaToLabel@@YAHPEAU_NATIVE_CODE_LINK@@PEAH@Z +pdata ENDS +; COMDAT pdata +pdata SEGMENT +$pdata$?NcFixRelJmps@@YAHPEAU_NATIVE_CODE_BLOCK@@@Z DD imagerel $LN21 + DD imagerel $LN21+935 + DD imagerel $unwind$?NcFixRelJmps@@YAHPEAU_NATIVE_CODE_BLOCK@@@Z +pdata ENDS +; COMDAT pdata +pdata SEGMENT $pdata$?NcDisassemble@@YAHPEAU_NATIVE_CODE_BLOCK@@PEAXK@Z DD imagerel $LN13 DD imagerel $LN13+564 DD imagerel $unwind$?NcDisassemble@@YAHPEAU_NATIVE_CODE_BLOCK@@PEAXK@Z @@ -1108,9 +1147,9 @@ $pdata$?dtor$0@?0??NcDisassemble@@YAHPEAU_NATIVE_CODE_BLOCK@@PEAXK@Z@4HA DD imag pdata ENDS ; COMDAT pdata pdata SEGMENT -$pdata$?NcAssemble@@YAPEAXPEAU_NATIVE_CODE_BLOCK@@@Z DD imagerel $LN3 - DD imagerel $LN3+66 - DD imagerel $unwind$?NcAssemble@@YAPEAXPEAU_NATIVE_CODE_BLOCK@@@Z +$pdata$?NcAssemble@@YAPEAXPEAU_NATIVE_CODE_BLOCK@@PEAK@Z DD imagerel $LN9 + DD imagerel $LN9+270 + DD imagerel $unwind$?NcAssemble@@YAPEAXPEAU_NATIVE_CODE_BLOCK@@PEAK@Z pdata ENDS ; COMDAT pdata pdata SEGMENT @@ -1222,6 +1261,12 @@ $pdata$?dtor$1@?0???$find@V?$_Vector_iterator@V?$_Vector_val@U?$_Simple_types@K@ pdata ENDS ; COMDAT pdata pdata SEGMENT +$pdata$??$log2@H$0A@@@YANH@Z DD imagerel $LN3 + DD imagerel $LN3+77 + DD imagerel $unwind$??$log2@H$0A@@@YANH@Z +pdata ENDS +; COMDAT pdata +pdata SEGMENT $pdata$??$?6U?$char_traits@D@std@@@std@@YAAEAV?$basic_ostream@DU?$char_traits@D@std@@@0@AEAV10@D@Z DD imagerel $LN23 DD imagerel $LN23+1095 DD imagerel $unwind$??$?6U?$char_traits@D@std@@@std@@YAAEAV?$basic_ostream@DU?$char_traits@D@std@@@0@AEAV10@D@Z @@ -1514,6 +1559,10 @@ $pdata$??$_Refancy@PEAK$0A@@std@@YAPEAKPEAK@Z DD imagerel $LN3 DD imagerel $LN3+71 DD imagerel $unwind$??$_Refancy@PEAK$0A@@std@@YAPEAKPEAK@Z pdata ENDS +; COMDAT __real@3ff0000000000000 +CONST SEGMENT +__real@3ff0000000000000 DQ 03ff0000000000000r ; 1 +CONST ENDS ; COMDAT rtc$TMZ rtc$TMZ SEGMENT _RTC_Shutdown.rtc$TMZ DQ FLAT:_RTC_Shutdown @@ -2641,6 +2690,26 @@ CONST SEGMENT CONST ENDS ; COMDAT xdata xdata SEGMENT +$ip2state$??$log2@H$0A@@@YANH@Z DB 02H + DB 00H + DB 00H +xdata ENDS +; COMDAT xdata +xdata SEGMENT +$cppxdata$??$log2@H$0A@@@YANH@Z DB 060H + DD imagerel $ip2state$??$log2@H$0A@@@YANH@Z +xdata ENDS +; COMDAT xdata +xdata SEGMENT +$unwind$??$log2@H$0A@@@YANH@Z DD 035052819H + DD 010d3312H + DD 07006001fH + DD 05005H + DD imagerel __CxxFrameHandler4 + DD imagerel $cppxdata$??$log2@H$0A@@@YANH@Z +xdata ENDS +; COMDAT xdata +xdata SEGMENT $unwind$?dtor$1@?0???$find@V?$_Vector_iterator@V?$_Vector_val@U?$_Simple_types@K@std@@@std@@@std@@K@std@@YA?AV?$_Vector_iterator@V?$_Vector_val@U?$_Simple_types@K@std@@@std@@@0@V10@V10@AEBK@Z@4HA DD 031001H DD 0700c4210H DD 0500bH @@ -2806,10 +2875,10 @@ $unwind$?NcDeleteBlock@@YAXPEAU_NATIVE_CODE_BLOCK@@@Z DD 025052a01H xdata ENDS ; COMDAT xdata xdata SEGMENT -$unwind$?NcAssemble@@YAPEAXPEAU_NATIVE_CODE_BLOCK@@@Z DD 025052a01H - DD 010e2313H - DD 07007001dH - DD 05006H +$unwind$?NcAssemble@@YAPEAXPEAU_NATIVE_CODE_BLOCK@@PEAK@Z DD 025052f01H + DD 01132318H + DD 0700c0029H + DD 0500bH xdata ENDS ; COMDAT xdata xdata SEGMENT @@ -2850,6 +2919,137 @@ $unwind$?NcDisassemble@@YAHPEAU_NATIVE_CODE_BLOCK@@PEAXK@Z DD 025053411H xdata ENDS ; COMDAT xdata xdata SEGMENT +$unwind$?NcFixRelJmps@@YAHPEAU_NATIVE_CODE_BLOCK@@@Z DD 035063c19H + DD 010f3314H + DD 0700800e6H + DD 050066007H + DD imagerel __GSHandlerCheck + DD 0728H +xdata ENDS +; COMDAT CONST +CONST SEGMENT +?NcFixRelJmps@@YAHPEAU_NATIVE_CODE_BLOCK@@@Z$rtcName$0 DB 042H ; NcFixRelJmps + DB 072H + DB 061H + DB 06eH + DB 063H + DB 068H + DB 044H + DB 069H + DB 073H + DB 070H + DB 00H + ORG $+5 +?NcFixRelJmps@@YAHPEAU_NATIVE_CODE_BLOCK@@@Z$rtcName$1 DB 04dH ; NcFixRelJmps + DB 061H + DB 063H + DB 068H + DB 069H + DB 06eH + DB 065H + DB 053H + DB 074H + DB 061H + DB 074H + DB 065H + DB 00H + ORG $+3 +?NcFixRelJmps@@YAHPEAU_NATIVE_CODE_BLOCK@@@Z$rtcName$2 DB 045H ; NcFixRelJmps + DB 06eH + DB 063H + DB 06fH + DB 064H + DB 065H + DB 072H + DB 049H + DB 06eH + DB 073H + DB 074H + DB 072H + DB 075H + DB 063H + DB 074H + DB 069H + DB 06fH + DB 06eH + DB 00H + ORG $+5 +?NcFixRelJmps@@YAHPEAU_NATIVE_CODE_BLOCK@@@Z$rtcName$3 DB 045H ; NcFixRelJmps + DB 06eH + DB 063H + DB 06fH + DB 064H + DB 065H + DB 072H + DB 052H + DB 065H + DB 071H + DB 075H + DB 065H + DB 073H + DB 074H + DB 00H + ORG $+1 +?NcFixRelJmps@@YAHPEAU_NATIVE_CODE_BLOCK@@@Z$rtcName$4 DB 045H ; NcFixRelJmps + DB 06eH + DB 063H + DB 06fH + DB 064H + DB 065H + DB 042H + DB 075H + DB 066H + DB 066H + DB 065H + DB 072H + DB 00H + ORG $+3 +?NcFixRelJmps@@YAHPEAU_NATIVE_CODE_BLOCK@@@Z$rtcName$5 DB 052H ; NcFixRelJmps + DB 065H + DB 074H + DB 075H + DB 072H + DB 06eH + DB 065H + DB 064H + DB 053H + DB 069H + DB 07aH + DB 065H + DB 00H + ORG $+11 +?NcFixRelJmps@@YAHPEAU_NATIVE_CODE_BLOCK@@@Z$rtcVarDesc DD 0384H ; NcFixRelJmps + DD 04H + DQ FLAT:?NcFixRelJmps@@YAHPEAU_NATIVE_CODE_BLOCK@@@Z$rtcName$5 + DD 0358H + DD 0fH + DQ FLAT:?NcFixRelJmps@@YAHPEAU_NATIVE_CODE_BLOCK@@@Z$rtcName$4 + DD 0280H + DD 0c0H + DQ FLAT:?NcFixRelJmps@@YAHPEAU_NATIVE_CODE_BLOCK@@@Z$rtcName$3 + DD 0c0H + DD 01a0H + DQ FLAT:?NcFixRelJmps@@YAHPEAU_NATIVE_CODE_BLOCK@@@Z$rtcName$2 + DD 098H + DD 08H + DQ FLAT:?NcFixRelJmps@@YAHPEAU_NATIVE_CODE_BLOCK@@@Z$rtcName$1 + DD 054H + DD 04H + DQ FLAT:?NcFixRelJmps@@YAHPEAU_NATIVE_CODE_BLOCK@@@Z$rtcName$0 + ORG $+288 +?NcFixRelJmps@@YAHPEAU_NATIVE_CODE_BLOCK@@@Z$rtcFrameData DD 06H ; NcFixRelJmps + DD 00H + DQ FLAT:?NcFixRelJmps@@YAHPEAU_NATIVE_CODE_BLOCK@@@Z$rtcVarDesc +CONST ENDS +; COMDAT xdata +xdata SEGMENT +$unwind$?NcGetDeltaToLabel@@YAHPEAU_NATIVE_CODE_LINK@@PEAH@Z DD 025052f01H + DD 01132318H + DD 0700c0029H + DD 0500bH +xdata ENDS +; COMDAT xdata +xdata SEGMENT $unwind$?NcDeepCopyBlock@@YAPEAU_NATIVE_CODE_BLOCK@@PEAU1@@Z DD 025052a01H DD 010e2313H DD 07007001dH @@ -3864,6 +4064,35 @@ $unwind$xed_decoded_inst_inst DD 025052a01H xdata ENDS ; COMDAT xdata xdata SEGMENT +$unwind$xed_inst1 DD 025063a01H + DD 011e2323H + DD 07017001cH + DD 050156016H +xdata ENDS +; COMDAT xdata +xdata SEGMENT +$unwind$xed_relbr DD 025064519H + DD 0118231dH + DD 070110026H + DD 0500f6010H + DD imagerel __GSHandlerCheck + DD 0128H +xdata ENDS +; COMDAT CONST +CONST SEGMENT +xed_relbr$rtcName$0 DB 06fH + DB 00H + ORG $+14 +xed_relbr$rtcVarDesc DD 028H + DD 030H + DQ FLAT:xed_relbr$rtcName$0 + ORG $+48 +xed_relbr$rtcFrameData DD 01H + DD 00H + DQ FLAT:xed_relbr$rtcVarDesc +CONST ENDS +; COMDAT xdata +xdata SEGMENT $unwind$xed_inst_noperands DD 025052a01H DD 010e2313H DD 07007001dH @@ -8569,6 +8798,43 @@ __catch$??$?6U?$char_traits@D@std@@@std@@YAAEAV?$basic_ostream@DU?$char_traits@D ?catch$1@?0???$?6U?$char_traits@D@std@@@std@@YAAEAV?$basic_ostream@DU?$char_traits@D@std@@@0@AEAV10@D@Z@4HA ENDP ; `std::operator<< >'::`1'::catch$1 text$x ENDS ; Function compile flags: /Odtp /RTCsu /ZI +; File C:\Program Files (x86)\Microsoft Visual Studio\2019\Community\VC\Tools\MSVC\14.27.29110\include\cmath +; COMDAT ??$log2@H$0A@@@YANH@Z +_TEXT SEGMENT +_Left$ = 224 +??$log2@H$0A@@@YANH@Z PROC ; log2, COMDAT + +; 636 : _GENERIC_MATH1(log2) + +$LN3: + 00000 89 4c 24 08 mov DWORD PTR [rsp+8], ecx + 00004 55 push rbp + 00005 57 push rdi + 00006 48 81 ec f8 00 + 00 00 sub rsp, 248 ; 000000f8H + 0000d 48 8d 6c 24 30 lea rbp, QWORD PTR [rsp+48] + 00012 48 8b fc mov rdi, rsp + 00015 b9 3e 00 00 00 mov ecx, 62 ; 0000003eH + 0001a b8 cc cc cc cc mov eax, -858993460 ; ccccccccH + 0001f f3 ab rep stosd + 00021 8b 8c 24 18 01 + 00 00 mov ecx, DWORD PTR [rsp+280] + 00028 48 8d 0d 00 00 + 00 00 lea rcx, OFFSET FLAT:__0A4FAB91_cmath + 0002f e8 00 00 00 00 call __CheckForDebuggerJustMyCode + 00034 f2 0f 2a 85 e0 + 00 00 00 cvtsi2sd xmm0, DWORD PTR _Left$[rbp] + 0003c ff 15 00 00 00 + 00 call QWORD PTR __imp_log2 + 00042 90 npad 1 + 00043 48 8d a5 c8 00 + 00 00 lea rsp, QWORD PTR [rbp+200] + 0004a 5f pop rdi + 0004b 5d pop rbp + 0004c c3 ret 0 +??$log2@H$0A@@@YANH@Z ENDP ; log2 +_TEXT ENDS +; Function compile flags: /Odtp /RTCsu /ZI ; File C:\Program Files (x86)\Microsoft Visual Studio\2019\Community\VC\Tools\MSVC\14.27.29110\include\xutility ; COMDAT ??$find@V?$_Vector_iterator@V?$_Vector_val@U?$_Simple_types@K@std@@@std@@@std@@K@std@@YA?AV?$_Vector_iterator@V?$_Vector_val@U?$_Simple_types@K@std@@@std@@@0@V10@V10@AEBK@Z _TEXT SEGMENT @@ -9480,7 +9746,7 @@ tv139 = 368 Block$ = 416 ?NcPrintBlockCode@@YAXPEAU_NATIVE_CODE_BLOCK@@@Z PROC ; NcPrintBlockCode, COMDAT -; 428 : { +; 563 : { $LN10: 00000 48 89 4c 24 08 mov QWORD PTR [rsp+8], rcx @@ -9499,7 +9765,7 @@ $LN10: 00 00 lea rcx, OFFSET FLAT:__84EFCFFB_NativeCode@cpp 00031 e8 00 00 00 00 call __CheckForDebuggerJustMyCode -; 429 : for (PNATIVE_CODE_LINK T = Block->Start; T; T = T->Next) +; 564 : for (PNATIVE_CODE_LINK T = Block->Start; T; T = T->Next) 00036 48 8b 85 a0 01 00 00 mov rax, QWORD PTR Block$[rbp] @@ -9515,8 +9781,8 @@ $LN4@NcPrintBlo: 00056 0f 84 eb 00 00 00 je $LN3@NcPrintBlo -; 430 : { -; 431 : if (!(T->Flags & CODE_FLAG_IS_LABEL)) +; 565 : { +; 566 : if (!(T->Flags & CODE_FLAG_IS_LABEL)) 0005c 48 8b 45 08 mov rax, QWORD PTR T$1[rbp] 00060 8b 40 18 mov eax, DWORD PTR [rax+24] @@ -9525,8 +9791,8 @@ $LN4@NcPrintBlo: 00068 0f 85 d4 00 00 00 jne $LN8@NcPrintBlo -; 432 : { -; 433 : for (uint32_t i = 0; i < T->RawDataSize; i++) +; 567 : { +; 568 : for (uint32_t i = 0; i < T->RawDataSize; i++) 0006e c7 45 24 00 00 00 00 mov DWORD PTR i$2[rbp], 0 @@ -9542,8 +9808,8 @@ $LN7@NcPrintBlo: 00089 0f 83 b3 00 00 00 jae $LN6@NcPrintBlo -; 434 : { -; 435 : std::cout << std::hex << std::setw(2) << std::setfill('0') << (int)T->RawData[i] << ' '; +; 569 : { +; 570 : std::cout << std::hex << std::setw(2) << std::setfill('0') << (int)T->RawData[i] << ' '; 0008f 48 8d 15 00 00 00 00 lea rdx, OFFSET FLAT:?hex@std@@YAAEAVios_base@1@AEAV21@@Z ; std::hex @@ -9595,19 +9861,19 @@ $LN7@NcPrintBlo: 00135 48 8b c8 mov rcx, rax 00138 e8 00 00 00 00 call ??$?6U?$char_traits@D@std@@@std@@YAAEAV?$basic_ostream@DU?$char_traits@D@std@@@0@AEAV10@D@Z ; std::operator<< > -; 436 : } +; 571 : } 0013d e9 35 ff ff ff jmp $LN5@NcPrintBlo $LN6@NcPrintBlo: $LN8@NcPrintBlo: -; 437 : } -; 438 : } +; 572 : } +; 573 : } 00142 e9 ff fe ff ff jmp $LN2@NcPrintBlo $LN3@NcPrintBlo: -; 439 : } +; 574 : } 00147 48 8d a5 88 01 00 00 lea rsp, QWORD PTR [rbp+392] @@ -9628,7 +9894,7 @@ tv94 = 280 Block$ = 320 ?NcDebugPrint@@YAXPEAU_NATIVE_CODE_BLOCK@@@Z PROC ; NcDebugPrint, COMDAT -; 398 : { +; 533 : { $LN11: 00000 48 89 4c 24 08 mov QWORD PTR [rsp+8], rcx @@ -9647,25 +9913,25 @@ $LN11: 00 00 lea rcx, OFFSET FLAT:__84EFCFFB_NativeCode@cpp 00031 e8 00 00 00 00 call __CheckForDebuggerJustMyCode -; 399 : HANDLE ConsoleHandle = GetStdHandle(STD_OUTPUT_HANDLE); +; 534 : HANDLE ConsoleHandle = GetStdHandle(STD_OUTPUT_HANDLE); 00036 b9 f5 ff ff ff mov ecx, -11 ; fffffff5H 0003b ff 15 00 00 00 00 call QWORD PTR __imp_GetStdHandle 00041 48 89 45 08 mov QWORD PTR ConsoleHandle$[rbp], rax -; 400 : if (!ConsoleHandle) +; 535 : if (!ConsoleHandle) 00045 48 83 7d 08 00 cmp QWORD PTR ConsoleHandle$[rbp], 0 0004a 75 05 jne SHORT $LN5@NcDebugPri -; 401 : return; +; 536 : return; 0004c e9 eb 00 00 00 jmp $LN1@NcDebugPri $LN5@NcDebugPri: -; 402 : -; 403 : for (PNATIVE_CODE_LINK T = Block->Start; T; T = T->Next) +; 537 : +; 538 : for (PNATIVE_CODE_LINK T = Block->Start; T; T = T->Next) 00051 48 8b 85 40 01 00 00 mov rax, QWORD PTR Block$[rbp] @@ -9681,8 +9947,8 @@ $LN4@NcDebugPri: 00071 0f 84 c5 00 00 00 je $LN3@NcDebugPri -; 404 : { -; 405 : if (T->Flags & CODE_FLAG_IS_LABEL) +; 539 : { +; 540 : if (T->Flags & CODE_FLAG_IS_LABEL) 00077 48 8b 45 28 mov rax, QWORD PTR T$1[rbp] 0007b 8b 40 18 mov eax, DWORD PTR [rax+24] @@ -9690,15 +9956,15 @@ $LN4@NcDebugPri: 00081 85 c0 test eax, eax 00083 74 26 je SHORT $LN6@NcDebugPri -; 406 : { -; 407 : SetConsoleTextAttribute(ConsoleHandle, FOREGROUND_GREEN | FOREGROUND_RED); +; 541 : { +; 542 : SetConsoleTextAttribute(ConsoleHandle, FOREGROUND_GREEN | FOREGROUND_RED); 00085 66 ba 06 00 mov dx, 6 00089 48 8b 4d 08 mov rcx, QWORD PTR ConsoleHandle$[rbp] 0008d ff 15 00 00 00 00 call QWORD PTR __imp_SetConsoleTextAttribute -; 408 : printf("Label: %u\n", T->Label); +; 543 : printf("Label: %u\n", T->Label); 00093 48 8b 45 28 mov rax, QWORD PTR T$1[rbp] 00097 8b 50 1c mov edx, DWORD PTR [rax+28] @@ -9706,14 +9972,14 @@ $LN4@NcDebugPri: 00 00 lea rcx, OFFSET FLAT:??_C@_0L@ILJOJNOL@Label?3?5?$CFu?6@ 000a1 e8 00 00 00 00 call printf -; 409 : } +; 544 : } 000a6 e9 8c 00 00 00 jmp $LN7@NcDebugPri $LN6@NcDebugPri: -; 410 : else -; 411 : { -; 412 : XED_ICLASS_ENUM IClass = XedDecodedInstGetIClass(&T->XedInstruction); +; 545 : else +; 546 : { +; 547 : XED_ICLASS_ENUM IClass = XedDecodedInstGetIClass(&T->XedInstruction); 000ab 48 8b 45 28 mov rax, QWORD PTR T$1[rbp] 000af 48 83 c0 30 add rax, 48 ; 00000030H @@ -9721,7 +9987,7 @@ $LN6@NcDebugPri: 000b6 e8 00 00 00 00 call xed_decoded_inst_get_iclass 000bb 89 45 44 mov DWORD PTR IClass$2[rbp], eax -; 413 : if (T->Flags & CODE_FLAG_IS_REL_JMP) +; 548 : if (T->Flags & CODE_FLAG_IS_REL_JMP) 000be 48 8b 45 28 mov rax, QWORD PTR T$1[rbp] 000c2 8b 40 18 mov eax, DWORD PTR [rax+24] @@ -9729,15 +9995,15 @@ $LN6@NcDebugPri: 000c8 85 c0 test eax, eax 000ca 74 46 je SHORT $LN8@NcDebugPri -; 414 : { -; 415 : SetConsoleTextAttribute(ConsoleHandle, FOREGROUND_GREEN | FOREGROUND_RED); +; 549 : { +; 550 : SetConsoleTextAttribute(ConsoleHandle, FOREGROUND_GREEN | FOREGROUND_RED); 000cc 66 ba 06 00 mov dx, 6 000d0 48 8b 4d 08 mov rcx, QWORD PTR ConsoleHandle$[rbp] 000d4 ff 15 00 00 00 00 call QWORD PTR __imp_SetConsoleTextAttribute -; 416 : printf("%s: %u\n", XedIClassEnumToString(IClass), T->Label); +; 551 : printf("%s: %u\n", XedIClassEnumToString(IClass), T->Label); 000da 48 8b 45 28 mov rax, QWORD PTR T$1[rbp] 000de 8b 40 1c mov eax, DWORD PTR [rax+28] @@ -9755,21 +10021,21 @@ $LN6@NcDebugPri: 00 00 lea rcx, OFFSET FLAT:??_C@_07KNNCJAOA@?$CFs?3?5?$CFu?6@ 0010b e8 00 00 00 00 call printf -; 417 : } +; 552 : } 00110 eb 25 jmp SHORT $LN9@NcDebugPri $LN8@NcDebugPri: -; 418 : else -; 419 : { -; 420 : SetConsoleTextAttribute(ConsoleHandle, FOREGROUND_GREEN | FOREGROUND_BLUE); +; 553 : else +; 554 : { +; 555 : SetConsoleTextAttribute(ConsoleHandle, FOREGROUND_GREEN | FOREGROUND_BLUE); 00112 66 ba 03 00 mov dx, 3 00116 48 8b 4d 08 mov rcx, QWORD PTR ConsoleHandle$[rbp] 0011a ff 15 00 00 00 00 call QWORD PTR __imp_SetConsoleTextAttribute -; 421 : printf("%s\n", XedIClassEnumToString(IClass)); +; 556 : printf("%s\n", XedIClassEnumToString(IClass)); 00120 8b 4d 44 mov ecx, DWORD PTR IClass$2[rbp] 00123 e8 00 00 00 00 call xed_iclass_enum_t2str @@ -9780,15 +10046,15 @@ $LN8@NcDebugPri: $LN9@NcDebugPri: $LN7@NcDebugPri: -; 422 : } -; 423 : } -; 424 : } +; 557 : } +; 558 : } +; 559 : } 00137 e9 25 ff ff ff jmp $LN2@NcDebugPri $LN3@NcDebugPri: $LN1@NcDebugPri: -; 425 : } +; 560 : } 0013c 48 8d a5 28 01 00 00 lea rsp, QWORD PTR [rbp+296] @@ -9808,7 +10074,7 @@ tv77 = 280 Block$ = 320 ?NcDeleteBlock@@YAXPEAU_NATIVE_CODE_BLOCK@@@Z PROC ; NcDeleteBlock, COMDAT -; 385 : { +; 520 : { $LN10: 00000 48 89 4c 24 08 mov QWORD PTR [rsp+8], rcx @@ -9827,7 +10093,7 @@ $LN10: 00 00 lea rcx, OFFSET FLAT:__84EFCFFB_NativeCode@cpp 00031 e8 00 00 00 00 call __CheckForDebuggerJustMyCode -; 386 : if (!Block->Start || !Block->End) +; 521 : if (!Block->Start || !Block->End) 00036 48 8b 85 40 01 00 00 mov rax, QWORD PTR Block$[rbp] @@ -9839,13 +10105,13 @@ $LN10: 0004f 75 02 jne SHORT $LN5@NcDeleteBl $LN6@NcDeleteBl: -; 387 : return; +; 522 : return; 00051 eb 71 jmp SHORT $LN1@NcDeleteBl $LN5@NcDeleteBl: -; 388 : -; 389 : for (PNATIVE_CODE_LINK T = Block->Start; T != Block->End->Next;) +; 523 : +; 524 : for (PNATIVE_CODE_LINK T = Block->Start; T != Block->End->Next;) 00053 48 8b 85 40 01 00 00 mov rax, QWORD PTR Block$[rbp] @@ -9859,14 +10125,14 @@ $LN2@NcDeleteBl: 0006f 48 39 45 08 cmp QWORD PTR T$1[rbp], rax 00073 74 4f je SHORT $LN3@NcDeleteBl -; 390 : { -; 391 : PNATIVE_CODE_LINK Next = T->Next; +; 525 : { +; 526 : PNATIVE_CODE_LINK Next = T->Next; 00075 48 8b 45 08 mov rax, QWORD PTR T$1[rbp] 00079 48 8b 00 mov rax, QWORD PTR [rax] 0007c 48 89 45 28 mov QWORD PTR Next$2[rbp], rax -; 392 : delete T; +; 527 : delete T; 00080 48 8b 45 08 mov rax, QWORD PTR T$1[rbp] 00084 48 89 85 08 01 @@ -9887,18 +10153,18 @@ $LN8@NcDeleteBl: 00 mov QWORD PTR tv77[rbp], 0 $LN9@NcDeleteBl: -; 393 : T = Next; +; 528 : T = Next; 000ba 48 8b 45 28 mov rax, QWORD PTR Next$2[rbp] 000be 48 89 45 08 mov QWORD PTR T$1[rbp], rax -; 394 : } +; 529 : } 000c2 eb 9d jmp SHORT $LN2@NcDeleteBl $LN3@NcDeleteBl: $LN1@NcDeleteBl: -; 395 : } +; 530 : } 000c4 48 8d a5 28 01 00 00 lea rsp, QWORD PTR [rbp+296] @@ -9909,43 +10175,160 @@ $LN1@NcDeleteBl: _TEXT ENDS ; Function compile flags: /Odtp /RTCsu /ZI ; File C:\$Fanta\code-virtualizer\CodeVirtualizer\NativeCode.cpp -; COMDAT ?NcAssemble@@YAPEAXPEAU_NATIVE_CODE_BLOCK@@@Z +; COMDAT ?NcAssemble@@YAPEAXPEAU_NATIVE_CODE_BLOCK@@PEAK@Z _TEXT SEGMENT -Block$ = 224 -?NcAssemble@@YAPEAXPEAU_NATIVE_CODE_BLOCK@@@Z PROC ; NcAssemble, COMDAT +Buffer$ = 8 +BufferOffset$ = 40 +T$1 = 72 +Block$ = 320 +OutSize$ = 328 +?NcAssemble@@YAPEAXPEAU_NATIVE_CODE_BLOCK@@PEAK@Z PROC ; NcAssemble, COMDAT -; 379 : { +; 495 : { -$LN3: - 00000 48 89 4c 24 08 mov QWORD PTR [rsp+8], rcx - 00005 55 push rbp - 00006 57 push rdi - 00007 48 81 ec e8 00 - 00 00 sub rsp, 232 ; 000000e8H - 0000e 48 8d 6c 24 20 lea rbp, QWORD PTR [rsp+32] - 00013 48 8b fc mov rdi, rsp - 00016 b9 3a 00 00 00 mov ecx, 58 ; 0000003aH - 0001b b8 cc cc cc cc mov eax, -858993460 ; ccccccccH - 00020 f3 ab rep stosd - 00022 48 8b 8c 24 08 - 01 00 00 mov rcx, QWORD PTR [rsp+264] - 0002a 48 8d 0d 00 00 +$LN9: + 00000 48 89 54 24 10 mov QWORD PTR [rsp+16], rdx + 00005 48 89 4c 24 08 mov QWORD PTR [rsp+8], rcx + 0000a 55 push rbp + 0000b 57 push rdi + 0000c 48 81 ec 48 01 + 00 00 sub rsp, 328 ; 00000148H + 00013 48 8d 6c 24 20 lea rbp, QWORD PTR [rsp+32] + 00018 48 8b fc mov rdi, rsp + 0001b b9 52 00 00 00 mov ecx, 82 ; 00000052H + 00020 b8 cc cc cc cc mov eax, -858993460 ; ccccccccH + 00025 f3 ab rep stosd + 00027 48 8b 8c 24 68 + 01 00 00 mov rcx, QWORD PTR [rsp+360] + 0002f 48 8d 0d 00 00 00 00 lea rcx, OFFSET FLAT:__84EFCFFB_NativeCode@cpp - 00031 e8 00 00 00 00 call __CheckForDebuggerJustMyCode + 00036 e8 00 00 00 00 call __CheckForDebuggerJustMyCode -; 380 : //TODO: handle post assembly editing for Jit obfuscation types(maybe a vector of post assembly processing traits inside of NATIVE_CODE_LINK) -; 381 : return NULL; +; 496 : if (!NcFixRelJmps(Block)) - 00036 33 c0 xor eax, eax + 0003b 48 8b 8d 40 01 + 00 00 mov rcx, QWORD PTR Block$[rbp] + 00042 e8 00 00 00 00 call ?NcFixRelJmps@@YAHPEAU_NATIVE_CODE_BLOCK@@@Z ; NcFixRelJmps + 00047 85 c0 test eax, eax + 00049 75 07 jne SHORT $LN5@NcAssemble -; 382 : } +; 497 : return NULL; - 00038 48 8d a5 c8 00 - 00 00 lea rsp, QWORD PTR [rbp+200] - 0003f 5f pop rdi - 00040 5d pop rbp - 00041 c3 ret 0 -?NcAssemble@@YAPEAXPEAU_NATIVE_CODE_BLOCK@@@Z ENDP ; NcAssemble + 0004b 33 c0 xor eax, eax + 0004d e9 b2 00 00 00 jmp $LN1@NcAssemble +$LN5@NcAssemble: + +; 498 : +; 499 : *OutSize = NcCalcBlockSize(Block); + + 00052 48 8b 8d 40 01 + 00 00 mov rcx, QWORD PTR Block$[rbp] + 00059 e8 00 00 00 00 call ?NcCalcBlockSize@@YAKPEAU_NATIVE_CODE_BLOCK@@@Z ; NcCalcBlockSize + 0005e 48 8b 8d 48 01 + 00 00 mov rcx, QWORD PTR OutSize$[rbp] + 00065 89 01 mov DWORD PTR [rcx], eax + +; 500 : +; 501 : PUCHAR Buffer = (PUCHAR)malloc(*OutSize); + + 00067 48 8b 85 48 01 + 00 00 mov rax, QWORD PTR OutSize$[rbp] + 0006e 8b 00 mov eax, DWORD PTR [rax] + 00070 8b c8 mov ecx, eax + 00072 ff 15 00 00 00 + 00 call QWORD PTR __imp_malloc + 00078 48 89 45 08 mov QWORD PTR Buffer$[rbp], rax + +; 502 : if (!Buffer) + + 0007c 48 83 7d 08 00 cmp QWORD PTR Buffer$[rbp], 0 + 00081 75 04 jne SHORT $LN6@NcAssemble + +; 503 : return NULL; + + 00083 33 c0 xor eax, eax + 00085 eb 7d jmp SHORT $LN1@NcAssemble +$LN6@NcAssemble: + +; 504 : +; 505 : PUCHAR BufferOffset = Buffer; + + 00087 48 8b 45 08 mov rax, QWORD PTR Buffer$[rbp] + 0008b 48 89 45 28 mov QWORD PTR BufferOffset$[rbp], rax + +; 506 : +; 507 : for (PNATIVE_CODE_LINK T = Block->Start; T != Block->End->Next; T = T->Next) + + 0008f 48 8b 85 40 01 + 00 00 mov rax, QWORD PTR Block$[rbp] + 00096 48 8b 00 mov rax, QWORD PTR [rax] + 00099 48 89 45 48 mov QWORD PTR T$1[rbp], rax + 0009d eb 0b jmp SHORT $LN4@NcAssemble +$LN2@NcAssemble: + 0009f 48 8b 45 48 mov rax, QWORD PTR T$1[rbp] + 000a3 48 8b 00 mov rax, QWORD PTR [rax] + 000a6 48 89 45 48 mov QWORD PTR T$1[rbp], rax +$LN4@NcAssemble: + 000aa 48 8b 85 40 01 + 00 00 mov rax, QWORD PTR Block$[rbp] + 000b1 48 8b 40 08 mov rax, QWORD PTR [rax+8] + 000b5 48 8b 00 mov rax, QWORD PTR [rax] + 000b8 48 39 45 48 cmp QWORD PTR T$1[rbp], rax + 000bc 74 42 je SHORT $LN3@NcAssemble + +; 508 : { +; 509 : if (T->Flags & CODE_FLAG_IS_LABEL) + + 000be 48 8b 45 48 mov rax, QWORD PTR T$1[rbp] + 000c2 8b 40 18 mov eax, DWORD PTR [rax+24] + 000c5 83 e0 01 and eax, 1 + 000c8 85 c0 test eax, eax + 000ca 74 02 je SHORT $LN7@NcAssemble + +; 510 : continue; + + 000cc eb d1 jmp SHORT $LN2@NcAssemble +$LN7@NcAssemble: + +; 511 : +; 512 : RtlCopyMemory(BufferOffset, T->RawData, T->RawDataSize); + + 000ce 48 8b 45 48 mov rax, QWORD PTR T$1[rbp] + 000d2 8b 40 28 mov eax, DWORD PTR [rax+40] + 000d5 44 8b c0 mov r8d, eax + 000d8 48 8b 45 48 mov rax, QWORD PTR T$1[rbp] + 000dc 48 8b 50 20 mov rdx, QWORD PTR [rax+32] + 000e0 48 8b 4d 28 mov rcx, QWORD PTR BufferOffset$[rbp] + 000e4 e8 00 00 00 00 call memcpy + +; 513 : BufferOffset += T->RawDataSize; + + 000e9 48 8b 45 48 mov rax, QWORD PTR T$1[rbp] + 000ed 8b 40 28 mov eax, DWORD PTR [rax+40] + 000f0 48 8b 4d 28 mov rcx, QWORD PTR BufferOffset$[rbp] + 000f4 48 03 c8 add rcx, rax + 000f7 48 8b c1 mov rax, rcx + 000fa 48 89 45 28 mov QWORD PTR BufferOffset$[rbp], rax + +; 514 : } + + 000fe eb 9f jmp SHORT $LN2@NcAssemble +$LN3@NcAssemble: + +; 515 : +; 516 : return Buffer; + + 00100 48 8b 45 08 mov rax, QWORD PTR Buffer$[rbp] +$LN1@NcAssemble: + +; 517 : } + + 00104 48 8d a5 28 01 + 00 00 lea rsp, QWORD PTR [rbp+296] + 0010b 5f pop rdi + 0010c 5d pop rbp + 0010d c3 ret 0 +?NcAssemble@@YAPEAXPEAU_NATIVE_CODE_BLOCK@@PEAK@Z ENDP ; NcAssemble _TEXT ENDS ; Function compile flags: /Odtp /RTCsu /ZI ; File C:\$Fanta\code-virtualizer\CodeVirtualizer\NativeCode.cpp @@ -9968,7 +10351,7 @@ Buffer$ = 520 BufferSize$ = 528 ?NcDisassemble@@YAHPEAU_NATIVE_CODE_BLOCK@@PEAXK@Z PROC ; NcDisassemble, COMDAT -; 347 : { +; 463 : { $LN13: 00000 44 89 44 24 18 mov DWORD PTR [rsp+24], r8d @@ -9989,20 +10372,20 @@ $LN13: 00 00 lea rcx, OFFSET FLAT:__84EFCFFB_NativeCode@cpp 0003b e8 00 00 00 00 call __CheckForDebuggerJustMyCode -; 348 : PUCHAR Buf = (PUCHAR)Buffer; +; 464 : PUCHAR Buf = (PUCHAR)Buffer; 00040 48 8b 85 08 02 00 00 mov rax, QWORD PTR Buffer$[rbp] 00047 48 89 45 08 mov QWORD PTR Buf$[rbp], rax -; 349 : ULONG Offset = 0; +; 465 : ULONG Offset = 0; 0004b c7 45 24 00 00 00 00 mov DWORD PTR Offset$[rbp], 0 $LN2@NcDisassem: -; 350 : -; 351 : while (Offset < BufferSize) +; 466 : +; 467 : while (Offset < BufferSize) 00052 8b 85 10 02 00 00 mov eax, DWORD PTR BufferSize$[rbp] @@ -10010,8 +10393,8 @@ $LN2@NcDisassem: 0005b 0f 83 b8 01 00 00 jae $LN3@NcDisassem -; 352 : { -; 353 : PNATIVE_CODE_LINK Link = new NATIVE_CODE_LINK; +; 468 : { +; 469 : PNATIVE_CODE_LINK Link = new NATIVE_CODE_LINK; 00061 b9 f0 00 00 00 mov ecx, 240 ; 000000f0H 00066 e8 00 00 00 00 call ??2@YAPEAX_K@Z ; operator new @@ -10039,13 +10422,13 @@ $LN7@NcDisassem: 00 00 mov rax, QWORD PTR $T4[rbp] 000b1 48 89 45 48 mov QWORD PTR Link$1[rbp], rax -; 354 : Link->Flags = CODE_FLAG_IS_INST; +; 470 : Link->Flags = CODE_FLAG_IS_INST; 000b5 48 8b 45 48 mov rax, QWORD PTR Link$1[rbp] 000b9 c7 40 18 04 00 00 00 mov DWORD PTR [rax+24], 4 -; 355 : ULONG PossibleSize = min(15, BufferSize - Offset); +; 471 : ULONG PossibleSize = min(15, BufferSize - Offset); 000c0 8b 45 24 mov eax, DWORD PTR Offset$[rbp] 000c3 8b 8d 10 02 00 @@ -10070,7 +10453,7 @@ $LN9@NcDisassem: 00 mov eax, DWORD PTR tv80[rbp] 000f7 89 45 64 mov DWORD PTR PossibleSize$2[rbp], eax -; 356 : XED_ERROR_ENUM DecodeError = XedDecode(&Link->XedInstruction, (Buf + Offset), PossibleSize); +; 472 : XED_ERROR_ENUM DecodeError = XedDecode(&Link->XedInstruction, (Buf + Offset), PossibleSize); 000fa 8b 45 24 mov eax, DWORD PTR Offset$[rbp] 000fd 48 8b 4d 08 mov rcx, QWORD PTR Buf$[rbp] @@ -10084,14 +10467,14 @@ $LN9@NcDisassem: 0011b 89 85 84 00 00 00 mov DWORD PTR DecodeError$3[rbp], eax -; 357 : if (DecodeError != XED_ERROR_NONE) +; 473 : if (DecodeError != XED_ERROR_NONE) 00121 83 bd 84 00 00 00 00 cmp DWORD PTR DecodeError$3[rbp], 0 00128 74 67 je SHORT $LN4@NcDisassem -; 358 : { -; 359 : printf("XedDecode failed with error %s\n", XedErrorEnumToString(DecodeError)); +; 474 : { +; 475 : printf("XedDecode failed with error %s\n", XedErrorEnumToString(DecodeError)); 0012a 8b 8d 84 00 00 00 mov ecx, DWORD PTR DecodeError$3[rbp] @@ -10101,13 +10484,13 @@ $LN9@NcDisassem: 00 00 lea rcx, OFFSET FLAT:??_C@_0CA@KDIENFLL@XedDecode?5failed?5with?5error?5?$CFs?6@ 0013f e8 00 00 00 00 call printf -; 360 : NcDeleteBlock(Block); +; 476 : NcDeleteBlock(Block); 00144 48 8b 8d 00 02 00 00 mov rcx, QWORD PTR Block$[rbp] 0014b e8 00 00 00 00 call ?NcDeleteBlock@@YAXPEAU_NATIVE_CODE_BLOCK@@@Z ; NcDeleteBlock -; 361 : delete Link; +; 477 : delete Link; 00150 48 8b 45 48 mov rax, QWORD PTR Link$1[rbp] 00154 48 89 85 a8 01 @@ -10128,14 +10511,14 @@ $LN10@NcDisassem: 00 mov QWORD PTR tv130[rbp], 0 $LN11@NcDisassem: -; 362 : return FALSE; +; 478 : return FALSE; 0018a 33 c0 xor eax, eax 0018c e9 99 00 00 00 jmp $LN1@NcDisassem $LN4@NcDisassem: -; 363 : } -; 364 : Link->RawDataSize = XedDecodedInstGetLength(&Link->XedInstruction); +; 479 : } +; 480 : Link->RawDataSize = XedDecodedInstGetLength(&Link->XedInstruction); 00191 48 8b 45 48 mov rax, QWORD PTR Link$1[rbp] 00195 48 83 c0 30 add rax, 48 ; 00000030H @@ -10144,7 +10527,7 @@ $LN4@NcDisassem: 001a1 48 8b 4d 48 mov rcx, QWORD PTR Link$1[rbp] 001a5 89 41 28 mov DWORD PTR [rcx+40], eax -; 365 : Link->RawData = new UCHAR[Link->RawDataSize]; +; 481 : Link->RawData = new UCHAR[Link->RawDataSize]; 001a8 48 8b 45 48 mov rax, QWORD PTR Link$1[rbp] 001ac 8b 40 28 mov eax, DWORD PTR [rax+40] @@ -10157,7 +10540,7 @@ $LN4@NcDisassem: 00 00 mov rcx, QWORD PTR $T7[rbp] 001c8 48 89 48 20 mov QWORD PTR [rax+32], rcx -; 366 : memcpy(Link->RawData, (Buf + Offset), Link->RawDataSize); +; 482 : RtlCopyMemory(Link->RawData, (Buf + Offset), Link->RawDataSize); 001cc 48 8b 45 48 mov rax, QWORD PTR Link$1[rbp] 001d0 8b 40 28 mov eax, DWORD PTR [rax+40] @@ -10171,16 +10554,16 @@ $LN4@NcDisassem: 001ea 48 8b 48 20 mov rcx, QWORD PTR [rax+32] 001ee e8 00 00 00 00 call memcpy -; 367 : -; 368 : NcAppendToBlock(Block, Link); +; 483 : +; 484 : NcAppendToBlock(Block, Link); 001f3 48 8b 55 48 mov rdx, QWORD PTR Link$1[rbp] 001f7 48 8b 8d 00 02 00 00 mov rcx, QWORD PTR Block$[rbp] 001fe e8 00 00 00 00 call ?NcAppendToBlock@@YAXPEAU_NATIVE_CODE_BLOCK@@PEAU_NATIVE_CODE_LINK@@@Z ; NcAppendToBlock -; 369 : -; 370 : Offset += Link->RawDataSize; +; 485 : +; 486 : Offset += Link->RawDataSize; 00203 48 8b 45 48 mov rax, QWORD PTR Link$1[rbp] 00207 8b 40 28 mov eax, DWORD PTR [rax+40] @@ -10189,25 +10572,25 @@ $LN4@NcDisassem: 0020f 8b c1 mov eax, ecx 00211 89 45 24 mov DWORD PTR Offset$[rbp], eax -; 371 : } +; 487 : } 00214 e9 39 fe ff ff jmp $LN2@NcDisassem $LN3@NcDisassem: -; 372 : -; 373 : NcCreateLabels(Block); +; 488 : +; 489 : NcCreateLabels(Block); 00219 48 8b 8d 00 02 00 00 mov rcx, QWORD PTR Block$[rbp] 00220 e8 00 00 00 00 call ?NcCreateLabels@@YAHPEAU_NATIVE_CODE_BLOCK@@@Z ; NcCreateLabels -; 374 : -; 375 : return TRUE; +; 490 : +; 491 : return TRUE; 00225 b8 01 00 00 00 mov eax, 1 $LN1@NcDisassem: -; 376 : } +; 492 : } 0022a 48 8d a5 e8 01 00 00 lea rsp, QWORD PTR [rbp+488] @@ -10287,6 +10670,679 @@ BufferSize$ = 528 text$x ENDS ; Function compile flags: /Odtp /RTCsu /ZI ; File C:\$Fanta\code-virtualizer\CodeVirtualizer\NativeCode.cpp +; COMDAT ?NcFixRelJmps@@YAHPEAU_NATIVE_CODE_BLOCK@@@Z +_TEXT SEGMENT +T$9 = 8 +BranchDisp$10 = 36 +DispWidth$11 = 68 +MachineState$12 = 104 +EncoderInstruction$13 = 144 +EncoderRequest$14 = 592 +EncodeBuffer$15 = 808 +ReturnedSize$16 = 852 +IClass$17 = 884 +$T18 = 1496 +$T19 = 1576 +$T20 = 1656 +$T21 = 1688 +$T22 = 1728 +tv183 = 1780 +__$ArrayPad$ = 1784 +Block$ = 1824 +?NcFixRelJmps@@YAHPEAU_NATIVE_CODE_BLOCK@@@Z PROC ; NcFixRelJmps, COMDAT + +; 383 : { + +$LN21: + 00000 48 89 4c 24 08 mov QWORD PTR [rsp+8], rcx + 00005 55 push rbp + 00006 56 push rsi + 00007 57 push rdi + 00008 48 81 ec 30 07 + 00 00 sub rsp, 1840 ; 00000730H + 0000f 48 8d 6c 24 30 lea rbp, QWORD PTR [rsp+48] + 00014 48 8b fc mov rdi, rsp + 00017 b9 cc 01 00 00 mov ecx, 460 ; 000001ccH + 0001c b8 cc cc cc cc mov eax, -858993460 ; ccccccccH + 00021 f3 ab rep stosd + 00023 48 8b 8c 24 58 + 07 00 00 mov rcx, QWORD PTR [rsp+1880] + 0002b 48 8b 05 00 00 + 00 00 mov rax, QWORD PTR __security_cookie + 00032 48 33 c5 xor rax, rbp + 00035 48 89 85 f8 06 + 00 00 mov QWORD PTR __$ArrayPad$[rbp], rax + 0003c 48 8d 0d 00 00 + 00 00 lea rcx, OFFSET FLAT:__84EFCFFB_NativeCode@cpp + 00043 e8 00 00 00 00 call __CheckForDebuggerJustMyCode + +; 384 : for (PNATIVE_CODE_LINK T = Block->Start; T != Block->End->Next;) + + 00048 48 8b 85 20 07 + 00 00 mov rax, QWORD PTR Block$[rbp] + 0004f 48 8b 00 mov rax, QWORD PTR [rax] + 00052 48 89 45 08 mov QWORD PTR T$9[rbp], rax +$LN2@NcFixRelJm: + 00056 48 8b 85 20 07 + 00 00 mov rax, QWORD PTR Block$[rbp] + 0005d 48 8b 40 08 mov rax, QWORD PTR [rax+8] + 00061 48 8b 00 mov rax, QWORD PTR [rax] + 00064 48 39 45 08 cmp QWORD PTR T$9[rbp], rax + 00068 0f 84 04 03 00 + 00 je $LN3@NcFixRelJm + +; 385 : { +; 386 : if (T->Flags & CODE_FLAG_IS_REL_JMP) + + 0006e 48 8b 45 08 mov rax, QWORD PTR T$9[rbp] + 00072 8b 40 18 mov eax, DWORD PTR [rax+24] + 00075 83 e0 02 and eax, 2 + 00078 85 c0 test eax, eax + 0007a 0f 84 e2 02 00 + 00 je $LN7@NcFixRelJm + +; 387 : { +; 388 : INT32 BranchDisp = 0; + + 00080 c7 45 24 00 00 + 00 00 mov DWORD PTR BranchDisp$10[rbp], 0 + +; 389 : if (!NcGetDeltaToLabel(T, &BranchDisp)) + + 00087 48 8d 55 24 lea rdx, QWORD PTR BranchDisp$10[rbp] + 0008b 48 8b 4d 08 mov rcx, QWORD PTR T$9[rbp] + 0008f e8 00 00 00 00 call ?NcGetDeltaToLabel@@YAHPEAU_NATIVE_CODE_LINK@@PEAH@Z ; NcGetDeltaToLabel + 00094 85 c0 test eax, eax + 00096 75 07 jne SHORT $LN8@NcFixRelJm + +; 390 : return FALSE; + + 00098 33 c0 xor eax, eax + 0009a e9 d8 02 00 00 jmp $LN1@NcFixRelJm +$LN8@NcFixRelJm: + +; 391 : +; 392 : ULONG DispWidth = XedDecodedInstGetBranchDisplacementWidthBits(&T->XedInstruction); + + 0009f 48 8b 45 08 mov rax, QWORD PTR T$9[rbp] + 000a3 48 83 c0 30 add rax, 48 ; 00000030H + 000a7 48 8b c8 mov rcx, rax + 000aa e8 00 00 00 00 call xed_decoded_inst_get_branch_displacement_width_bits + 000af 89 45 44 mov DWORD PTR DispWidth$11[rbp], eax + +; 393 : if (log2(abs(BranchDisp)) + 1 > DispWidth) + + 000b2 8b 4d 24 mov ecx, DWORD PTR BranchDisp$10[rbp] + 000b5 e8 00 00 00 00 call abs + 000ba 8b c8 mov ecx, eax + 000bc e8 00 00 00 00 call ??$log2@H$0A@@@YANH@Z ; log2 + 000c1 f2 0f 58 05 00 + 00 00 00 addsd xmm0, QWORD PTR __real@3ff0000000000000 + 000c9 8b 45 44 mov eax, DWORD PTR DispWidth$11[rbp] + 000cc f2 48 0f 2a c8 cvtsi2sd xmm1, rax + 000d1 66 0f 2f c1 comisd xmm0, xmm1 + 000d5 0f 86 f3 01 00 + 00 jbe $LN9@NcFixRelJm + +; 394 : { +; 395 : //duh oh +; 396 : if (DispWidth == 32) + + 000db 83 7d 44 20 cmp DWORD PTR DispWidth$11[rbp], 32 ; 00000020H + 000df 75 07 jne SHORT $LN11@NcFixRelJm + +; 397 : return FALSE; + + 000e1 33 c0 xor eax, eax + 000e3 e9 8f 02 00 00 jmp $LN1@NcFixRelJm +$LN11@NcFixRelJm: + +; 398 : +; 399 : //Grow displacement width to required size +; 400 : DispWidth *= 2; + + 000e8 8b 45 44 mov eax, DWORD PTR DispWidth$11[rbp] + 000eb d1 e0 shl eax, 1 + 000ed 89 45 44 mov DWORD PTR DispWidth$11[rbp], eax + +; 401 : +; 402 : //Check again +; 403 : if (log2(abs(BranchDisp)) + 1 > DispWidth) + + 000f0 8b 4d 24 mov ecx, DWORD PTR BranchDisp$10[rbp] + 000f3 e8 00 00 00 00 call abs + 000f8 8b c8 mov ecx, eax + 000fa e8 00 00 00 00 call ??$log2@H$0A@@@YANH@Z ; log2 + 000ff f2 0f 58 05 00 + 00 00 00 addsd xmm0, QWORD PTR __real@3ff0000000000000 + 00107 8b 45 44 mov eax, DWORD PTR DispWidth$11[rbp] + 0010a f2 48 0f 2a c8 cvtsi2sd xmm1, rax + 0010f 66 0f 2f c1 comisd xmm0, xmm1 + 00113 76 15 jbe SHORT $LN12@NcFixRelJm + +; 404 : { +; 405 : if (DispWidth == 32) + + 00115 83 7d 44 20 cmp DWORD PTR DispWidth$11[rbp], 32 ; 00000020H + 00119 75 07 jne SHORT $LN13@NcFixRelJm + +; 406 : return FALSE; + + 0011b 33 c0 xor eax, eax + 0011d e9 55 02 00 00 jmp $LN1@NcFixRelJm +$LN13@NcFixRelJm: + +; 407 : +; 408 : //Grow once more if not already at 32 +; 409 : DispWidth *= 2; + + 00122 8b 45 44 mov eax, DWORD PTR DispWidth$11[rbp] + 00125 d1 e0 shl eax, 1 + 00127 89 45 44 mov DWORD PTR DispWidth$11[rbp], eax +$LN12@NcFixRelJm: + +; 410 : } +; 411 : +; 412 : //Encode new instruction +; 413 : XED_STATE MachineState; +; 414 : MachineState.mmode = XED_MACHINE_MODE_LONG_64; + + 0012a c7 45 68 01 00 + 00 00 mov DWORD PTR MachineState$12[rbp], 1 + +; 415 : MachineState.stack_addr_width = XED_ADDRESS_WIDTH_64b; + + 00131 c7 45 6c 08 00 + 00 00 mov DWORD PTR MachineState$12[rbp+4], 8 + +; 416 : XED_ENCODER_INSTRUCTION EncoderInstruction; +; 417 : XED_ENCODER_REQUEST EncoderRequest; +; 418 : UCHAR EncodeBuffer[15]; +; 419 : UINT ReturnedSize; +; 420 : XED_ICLASS_ENUM IClass = XedDecodedInstGetIClass(&T->XedInstruction); + + 00138 48 8b 45 08 mov rax, QWORD PTR T$9[rbp] + 0013c 48 83 c0 30 add rax, 48 ; 00000030H + 00140 48 8b c8 mov rcx, rax + 00143 e8 00 00 00 00 call xed_decoded_inst_get_iclass + 00148 89 85 74 03 00 + 00 mov DWORD PTR IClass$17[rbp], eax + +; 421 : +; 422 : //Do the encoding +; 423 : XedInst1(&EncoderInstruction, MachineState, IClass, DispWidth, XedRelBr(0, DispWidth)); + + 0014e 44 8b 45 44 mov r8d, DWORD PTR DispWidth$11[rbp] + 00152 33 d2 xor edx, edx + 00154 48 8d 8d 28 06 + 00 00 lea rcx, QWORD PTR $T19[rbp] + 0015b e8 00 00 00 00 call xed_relbr + 00160 48 8d 8d d8 05 + 00 00 lea rcx, QWORD PTR $T18[rbp] + 00167 48 8b f9 mov rdi, rcx + 0016a 48 8b f0 mov rsi, rax + 0016d b9 30 00 00 00 mov ecx, 48 ; 00000030H + 00172 f3 a4 rep movsb + 00174 48 8d 85 c0 06 + 00 00 lea rax, QWORD PTR $T22[rbp] + 0017b 48 8d 8d d8 05 + 00 00 lea rcx, QWORD PTR $T18[rbp] + 00182 48 8b f8 mov rdi, rax + 00185 48 8b f1 mov rsi, rcx + 00188 b9 30 00 00 00 mov ecx, 48 ; 00000030H + 0018d f3 a4 rep movsb + 0018f 48 8d 85 c0 06 + 00 00 lea rax, QWORD PTR $T22[rbp] + 00196 48 89 44 24 20 mov QWORD PTR [rsp+32], rax + 0019b 44 8b 4d 44 mov r9d, DWORD PTR DispWidth$11[rbp] + 0019f 44 8b 85 74 03 + 00 00 mov r8d, DWORD PTR IClass$17[rbp] + 001a6 48 8b 55 68 mov rdx, QWORD PTR MachineState$12[rbp] + 001aa 48 8d 8d 90 00 + 00 00 lea rcx, QWORD PTR EncoderInstruction$13[rbp] + 001b1 e8 00 00 00 00 call xed_inst1 + +; 424 : XedEncoderRequestZeroSetMode(&EncoderRequest, &MachineState); + + 001b6 48 8d 55 68 lea rdx, QWORD PTR MachineState$12[rbp] + 001ba 48 8d 8d 50 02 + 00 00 lea rcx, QWORD PTR EncoderRequest$14[rbp] + 001c1 e8 00 00 00 00 call xed_encoder_request_zero_set_mode + +; 425 : if (!XedConvertToEncoderRequest(&EncoderRequest, &EncoderInstruction)) + + 001c6 48 8d 95 90 00 + 00 00 lea rdx, QWORD PTR EncoderInstruction$13[rbp] + 001cd 48 8d 8d 50 02 + 00 00 lea rcx, QWORD PTR EncoderRequest$14[rbp] + 001d4 e8 00 00 00 00 call xed_convert_to_encoder_request + 001d9 85 c0 test eax, eax + 001db 75 07 jne SHORT $LN14@NcFixRelJm + +; 426 : return FALSE; + + 001dd 33 c0 xor eax, eax + 001df e9 93 01 00 00 jmp $LN1@NcFixRelJm +$LN14@NcFixRelJm: + +; 427 : if (XED_ERROR_NONE != XedEncode(&EncoderRequest, EncodeBuffer, 15, &ReturnedSize)) + + 001e4 4c 8d 8d 54 03 + 00 00 lea r9, QWORD PTR ReturnedSize$16[rbp] + 001eb 41 b8 0f 00 00 + 00 mov r8d, 15 + 001f1 48 8d 95 28 03 + 00 00 lea rdx, QWORD PTR EncodeBuffer$15[rbp] + 001f8 48 8d 8d 50 02 + 00 00 lea rcx, QWORD PTR EncoderRequest$14[rbp] + 001ff e8 00 00 00 00 call xed_encode + 00204 85 c0 test eax, eax + 00206 74 07 je SHORT $LN15@NcFixRelJm + +; 428 : return FALSE; + + 00208 33 c0 xor eax, eax + 0020a e9 68 01 00 00 jmp $LN1@NcFixRelJm +$LN15@NcFixRelJm: + +; 429 : +; 430 : //fixup T->RawData +; 431 : delete[] T->RawData; + + 0020f 48 8b 45 08 mov rax, QWORD PTR T$9[rbp] + 00213 48 8b 40 20 mov rax, QWORD PTR [rax+32] + 00217 48 89 85 78 06 + 00 00 mov QWORD PTR $T20[rbp], rax + 0021e 48 8b 8d 78 06 + 00 00 mov rcx, QWORD PTR $T20[rbp] + 00225 e8 00 00 00 00 call ??_V@YAXPEAX@Z ; operator delete[] + +; 432 : T->RawDataSize = ReturnedSize; + + 0022a 48 8b 45 08 mov rax, QWORD PTR T$9[rbp] + 0022e 8b 8d 54 03 00 + 00 mov ecx, DWORD PTR ReturnedSize$16[rbp] + 00234 89 48 28 mov DWORD PTR [rax+40], ecx + +; 433 : T->RawData = new UCHAR[ReturnedSize]; + + 00237 8b 85 54 03 00 + 00 mov eax, DWORD PTR ReturnedSize$16[rbp] + 0023d 8b c8 mov ecx, eax + 0023f e8 00 00 00 00 call ??_U@YAPEAX_K@Z ; operator new[] + 00244 48 89 85 98 06 + 00 00 mov QWORD PTR $T21[rbp], rax + 0024b 48 8b 45 08 mov rax, QWORD PTR T$9[rbp] + 0024f 48 8b 8d 98 06 + 00 00 mov rcx, QWORD PTR $T21[rbp] + 00256 48 89 48 20 mov QWORD PTR [rax+32], rcx + +; 434 : RtlCopyMemory(T->RawData, EncodeBuffer, ReturnedSize); + + 0025a 8b 85 54 03 00 + 00 mov eax, DWORD PTR ReturnedSize$16[rbp] + 00260 44 8b c0 mov r8d, eax + 00263 48 8d 95 28 03 + 00 00 lea rdx, QWORD PTR EncodeBuffer$15[rbp] + 0026a 48 8b 45 08 mov rax, QWORD PTR T$9[rbp] + 0026e 48 8b 48 20 mov rcx, QWORD PTR [rax+32] + 00272 e8 00 00 00 00 call memcpy + +; 435 : +; 436 : //Decode instruction so its proper and all that +; 437 : XedDecodedInstZeroSetMode(&T->XedInstruction, &MachineState); + + 00277 48 8b 45 08 mov rax, QWORD PTR T$9[rbp] + 0027b 48 83 c0 30 add rax, 48 ; 00000030H + 0027f 48 8d 55 68 lea rdx, QWORD PTR MachineState$12[rbp] + 00283 48 8b c8 mov rcx, rax + 00286 e8 00 00 00 00 call xed_decoded_inst_zero_set_mode + +; 438 : if (XED_ERROR_NONE != XedDecode(&T->XedInstruction, T->RawData, T->RawDataSize)) + + 0028b 48 8b 45 08 mov rax, QWORD PTR T$9[rbp] + 0028f 48 83 c0 30 add rax, 48 ; 00000030H + 00293 48 8b 4d 08 mov rcx, QWORD PTR T$9[rbp] + 00297 44 8b 41 28 mov r8d, DWORD PTR [rcx+40] + 0029b 48 8b 4d 08 mov rcx, QWORD PTR T$9[rbp] + 0029f 48 8b 51 20 mov rdx, QWORD PTR [rcx+32] + 002a3 48 8b c8 mov rcx, rax + 002a6 e8 00 00 00 00 call xed_decode + 002ab 85 c0 test eax, eax + 002ad 74 07 je SHORT $LN16@NcFixRelJm + +; 439 : return FALSE; + + 002af 33 c0 xor eax, eax + 002b1 e9 c1 00 00 00 jmp $LN1@NcFixRelJm +$LN16@NcFixRelJm: + +; 440 : +; 441 : //Go back to the start and loop through all labels again because now this instruction is larger :)))) +; 442 : T = Block->Start; + + 002b6 48 8b 85 20 07 + 00 00 mov rax, QWORD PTR Block$[rbp] + 002bd 48 8b 00 mov rax, QWORD PTR [rax] + 002c0 48 89 45 08 mov QWORD PTR T$9[rbp], rax + +; 443 : continue; + + 002c4 e9 8d fd ff ff jmp $LN2@NcFixRelJm + +; 444 : } + + 002c9 e9 94 00 00 00 jmp $LN10@NcFixRelJm +$LN9@NcFixRelJm: + +; 445 : else +; 446 : { +; 447 : DispWidth = XedDecodedInstGetBranchDisplacementWidth(&T->XedInstruction); + + 002ce 48 8b 45 08 mov rax, QWORD PTR T$9[rbp] + 002d2 48 83 c0 30 add rax, 48 ; 00000030H + 002d6 48 8b c8 mov rcx, rax + 002d9 e8 00 00 00 00 call xed_decoded_inst_get_branch_displacement_width + 002de 89 45 44 mov DWORD PTR DispWidth$11[rbp], eax + +; 448 : switch (DispWidth) + + 002e1 8b 45 44 mov eax, DWORD PTR DispWidth$11[rbp] + 002e4 89 85 f4 06 00 + 00 mov DWORD PTR tv183[rbp], eax + 002ea 83 bd f4 06 00 + 00 01 cmp DWORD PTR tv183[rbp], 1 + 002f1 74 14 je SHORT $LN17@NcFixRelJm + 002f3 83 bd f4 06 00 + 00 02 cmp DWORD PTR tv183[rbp], 2 + 002fa 74 2a je SHORT $LN18@NcFixRelJm + 002fc 83 bd f4 06 00 + 00 04 cmp DWORD PTR tv183[rbp], 4 + 00303 74 41 je SHORT $LN19@NcFixRelJm + 00305 eb 5b jmp SHORT $LN5@NcFixRelJm +$LN17@NcFixRelJm: + +; 449 : { +; 450 : case 1: *(PINT8)&T->RawData[T->RawDataSize - DispWidth] = (INT8)BranchDisp; break; + + 00307 48 8b 45 08 mov rax, QWORD PTR T$9[rbp] + 0030b 8b 4d 44 mov ecx, DWORD PTR DispWidth$11[rbp] + 0030e 8b 40 28 mov eax, DWORD PTR [rax+40] + 00311 2b c1 sub eax, ecx + 00313 8b c0 mov eax, eax + 00315 48 8b 4d 08 mov rcx, QWORD PTR T$9[rbp] + 00319 48 8b 49 20 mov rcx, QWORD PTR [rcx+32] + 0031d 0f b6 55 24 movzx edx, BYTE PTR BranchDisp$10[rbp] + 00321 88 14 01 mov BYTE PTR [rcx+rax], dl + 00324 eb 3c jmp SHORT $LN5@NcFixRelJm +$LN18@NcFixRelJm: + +; 451 : case 2: *(PINT16)&T->RawData[T->RawDataSize - DispWidth] = (INT16)BranchDisp; break; + + 00326 48 8b 45 08 mov rax, QWORD PTR T$9[rbp] + 0032a 8b 4d 44 mov ecx, DWORD PTR DispWidth$11[rbp] + 0032d 8b 40 28 mov eax, DWORD PTR [rax+40] + 00330 2b c1 sub eax, ecx + 00332 8b c0 mov eax, eax + 00334 48 8b 4d 08 mov rcx, QWORD PTR T$9[rbp] + 00338 48 8b 49 20 mov rcx, QWORD PTR [rcx+32] + 0033c 0f b7 55 24 movzx edx, WORD PTR BranchDisp$10[rbp] + 00340 66 89 14 01 mov WORD PTR [rcx+rax], dx + 00344 eb 1c jmp SHORT $LN5@NcFixRelJm +$LN19@NcFixRelJm: + +; 452 : case 4: *(PINT32)&T->RawData[T->RawDataSize - DispWidth] = (INT32)BranchDisp; break; + + 00346 48 8b 45 08 mov rax, QWORD PTR T$9[rbp] + 0034a 8b 4d 44 mov ecx, DWORD PTR DispWidth$11[rbp] + 0034d 8b 40 28 mov eax, DWORD PTR [rax+40] + 00350 2b c1 sub eax, ecx + 00352 8b c0 mov eax, eax + 00354 48 8b 4d 08 mov rcx, QWORD PTR T$9[rbp] + 00358 48 8b 49 20 mov rcx, QWORD PTR [rcx+32] + 0035c 8b 55 24 mov edx, DWORD PTR BranchDisp$10[rbp] + 0035f 89 14 01 mov DWORD PTR [rcx+rax], edx +$LN5@NcFixRelJm: +$LN10@NcFixRelJm: +$LN7@NcFixRelJm: + +; 453 : } +; 454 : } +; 455 : } +; 456 : +; 457 : T = T->Next; + + 00362 48 8b 45 08 mov rax, QWORD PTR T$9[rbp] + 00366 48 8b 00 mov rax, QWORD PTR [rax] + 00369 48 89 45 08 mov QWORD PTR T$9[rbp], rax + +; 458 : } + + 0036d e9 e4 fc ff ff jmp $LN2@NcFixRelJm +$LN3@NcFixRelJm: + +; 459 : return TRUE; + + 00372 b8 01 00 00 00 mov eax, 1 +$LN1@NcFixRelJm: + +; 460 : } + + 00377 48 8b f8 mov rdi, rax + 0037a 48 8d 4d d0 lea rcx, QWORD PTR [rbp-48] + 0037e 48 8d 15 00 00 + 00 00 lea rdx, OFFSET FLAT:?NcFixRelJmps@@YAHPEAU_NATIVE_CODE_BLOCK@@@Z$rtcFrameData + 00385 e8 00 00 00 00 call _RTC_CheckStackVars + 0038a 48 8b c7 mov rax, rdi + 0038d 48 8b 8d f8 06 + 00 00 mov rcx, QWORD PTR __$ArrayPad$[rbp] + 00394 48 33 cd xor rcx, rbp + 00397 e8 00 00 00 00 call __security_check_cookie + 0039c 48 8d a5 00 07 + 00 00 lea rsp, QWORD PTR [rbp+1792] + 003a3 5f pop rdi + 003a4 5e pop rsi + 003a5 5d pop rbp + 003a6 c3 ret 0 +?NcFixRelJmps@@YAHPEAU_NATIVE_CODE_BLOCK@@@Z ENDP ; NcFixRelJmps +_TEXT ENDS +; Function compile flags: /Odtp /RTCsu /ZI +; File C:\$Fanta\code-virtualizer\CodeVirtualizer\NativeCode.cpp +; COMDAT ?NcGetDeltaToLabel@@YAHPEAU_NATIVE_CODE_LINK@@PEAH@Z +_TEXT SEGMENT +Delta$ = 4 +T$1 = 40 +T$2 = 72 +Link$ = 320 +DeltaOut$ = 328 +?NcGetDeltaToLabel@@YAHPEAU_NATIVE_CODE_LINK@@PEAH@Z PROC ; NcGetDeltaToLabel, COMDAT + +; 347 : { + +$LN13: + 00000 48 89 54 24 10 mov QWORD PTR [rsp+16], rdx + 00005 48 89 4c 24 08 mov QWORD PTR [rsp+8], rcx + 0000a 55 push rbp + 0000b 57 push rdi + 0000c 48 81 ec 48 01 + 00 00 sub rsp, 328 ; 00000148H + 00013 48 8d 6c 24 20 lea rbp, QWORD PTR [rsp+32] + 00018 48 8b fc mov rdi, rsp + 0001b b9 52 00 00 00 mov ecx, 82 ; 00000052H + 00020 b8 cc cc cc cc mov eax, -858993460 ; ccccccccH + 00025 f3 ab rep stosd + 00027 48 8b 8c 24 68 + 01 00 00 mov rcx, QWORD PTR [rsp+360] + 0002f 48 8d 0d 00 00 + 00 00 lea rcx, OFFSET FLAT:__84EFCFFB_NativeCode@cpp + 00036 e8 00 00 00 00 call __CheckForDebuggerJustMyCode + +; 348 : INT32 Delta = 0; + + 0003b c7 45 04 00 00 + 00 00 mov DWORD PTR Delta$[rbp], 0 + +; 349 : //First checking backwards because I feel like thats the direction most jmps are in +; 350 : for (PNATIVE_CODE_LINK T = Link; T; T = T->Prev) + + 00042 48 8b 85 40 01 + 00 00 mov rax, QWORD PTR Link$[rbp] + 00049 48 89 45 28 mov QWORD PTR T$1[rbp], rax + 0004d eb 0c jmp SHORT $LN4@NcGetDelta +$LN2@NcGetDelta: + 0004f 48 8b 45 28 mov rax, QWORD PTR T$1[rbp] + 00053 48 8b 40 08 mov rax, QWORD PTR [rax+8] + 00057 48 89 45 28 mov QWORD PTR T$1[rbp], rax +$LN4@NcGetDelta: + 0005b 48 83 7d 28 00 cmp QWORD PTR T$1[rbp], 0 + 00060 74 4c je SHORT $LN3@NcGetDelta + +; 351 : { +; 352 : if (T->Flags & CODE_FLAG_IS_LABEL) + + 00062 48 8b 45 28 mov rax, QWORD PTR T$1[rbp] + 00066 8b 40 18 mov eax, DWORD PTR [rax+24] + 00069 83 e0 01 and eax, 1 + 0006c 85 c0 test eax, eax + 0006e 74 2b je SHORT $LN8@NcGetDelta + +; 353 : { +; 354 : if (T->Label == Link->Label) + + 00070 48 8b 45 28 mov rax, QWORD PTR T$1[rbp] + 00074 48 8b 8d 40 01 + 00 00 mov rcx, QWORD PTR Link$[rbp] + 0007b 8b 49 1c mov ecx, DWORD PTR [rcx+28] + 0007e 39 48 1c cmp DWORD PTR [rax+28], ecx + 00081 75 16 jne SHORT $LN9@NcGetDelta + +; 355 : { +; 356 : *DeltaOut = Delta; + + 00083 48 8b 85 48 01 + 00 00 mov rax, QWORD PTR DeltaOut$[rbp] + 0008a 8b 4d 04 mov ecx, DWORD PTR Delta$[rbp] + 0008d 89 08 mov DWORD PTR [rax], ecx + +; 357 : return TRUE; + + 0008f b8 01 00 00 00 mov eax, 1 + 00094 e9 89 00 00 00 jmp $LN1@NcGetDelta +$LN9@NcGetDelta: + +; 358 : } +; 359 : continue; + + 00099 eb b4 jmp SHORT $LN2@NcGetDelta +$LN8@NcGetDelta: + +; 360 : } +; 361 : Delta -= T->RawDataSize; + + 0009b 48 8b 45 28 mov rax, QWORD PTR T$1[rbp] + 0009f 8b 40 28 mov eax, DWORD PTR [rax+40] + 000a2 8b 4d 04 mov ecx, DWORD PTR Delta$[rbp] + 000a5 2b c8 sub ecx, eax + 000a7 8b c1 mov eax, ecx + 000a9 89 45 04 mov DWORD PTR Delta$[rbp], eax + +; 362 : } + + 000ac eb a1 jmp SHORT $LN2@NcGetDelta +$LN3@NcGetDelta: + +; 363 : +; 364 : //Now check forwards +; 365 : Delta = 0; + + 000ae c7 45 04 00 00 + 00 00 mov DWORD PTR Delta$[rbp], 0 + +; 366 : for (PNATIVE_CODE_LINK T = Link->Next; T; T = T->Next) + + 000b5 48 8b 85 40 01 + 00 00 mov rax, QWORD PTR Link$[rbp] + 000bc 48 8b 00 mov rax, QWORD PTR [rax] + 000bf 48 89 45 48 mov QWORD PTR T$2[rbp], rax + 000c3 eb 0b jmp SHORT $LN7@NcGetDelta +$LN5@NcGetDelta: + 000c5 48 8b 45 48 mov rax, QWORD PTR T$2[rbp] + 000c9 48 8b 00 mov rax, QWORD PTR [rax] + 000cc 48 89 45 48 mov QWORD PTR T$2[rbp], rax +$LN7@NcGetDelta: + 000d0 48 83 7d 48 00 cmp QWORD PTR T$2[rbp], 0 + 000d5 74 49 je SHORT $LN6@NcGetDelta + +; 367 : { +; 368 : if (T->Flags & CODE_FLAG_IS_LABEL) + + 000d7 48 8b 45 48 mov rax, QWORD PTR T$2[rbp] + 000db 8b 40 18 mov eax, DWORD PTR [rax+24] + 000de 83 e0 01 and eax, 1 + 000e1 85 c0 test eax, eax + 000e3 74 28 je SHORT $LN10@NcGetDelta + +; 369 : { +; 370 : if (T->Label == Link->Label) + + 000e5 48 8b 45 48 mov rax, QWORD PTR T$2[rbp] + 000e9 48 8b 8d 40 01 + 00 00 mov rcx, QWORD PTR Link$[rbp] + 000f0 8b 49 1c mov ecx, DWORD PTR [rcx+28] + 000f3 39 48 1c cmp DWORD PTR [rax+28], ecx + 000f6 75 13 jne SHORT $LN11@NcGetDelta + +; 371 : { +; 372 : *DeltaOut = Delta; + + 000f8 48 8b 85 48 01 + 00 00 mov rax, QWORD PTR DeltaOut$[rbp] + 000ff 8b 4d 04 mov ecx, DWORD PTR Delta$[rbp] + 00102 89 08 mov DWORD PTR [rax], ecx + +; 373 : return TRUE; + + 00104 b8 01 00 00 00 mov eax, 1 + 00109 eb 17 jmp SHORT $LN1@NcGetDelta +$LN11@NcGetDelta: + +; 374 : } +; 375 : continue; + + 0010b eb b8 jmp SHORT $LN5@NcGetDelta +$LN10@NcGetDelta: + +; 376 : } +; 377 : Delta += T->RawDataSize; + + 0010d 48 8b 45 48 mov rax, QWORD PTR T$2[rbp] + 00111 8b 40 28 mov eax, DWORD PTR [rax+40] + 00114 8b 4d 04 mov ecx, DWORD PTR Delta$[rbp] + 00117 03 c8 add ecx, eax + 00119 8b c1 mov eax, ecx + 0011b 89 45 04 mov DWORD PTR Delta$[rbp], eax + +; 378 : } + + 0011e eb a5 jmp SHORT $LN5@NcGetDelta +$LN6@NcGetDelta: + +; 379 : return FALSE; + + 00120 33 c0 xor eax, eax +$LN1@NcGetDelta: + +; 380 : } + + 00122 48 8d a5 28 01 + 00 00 lea rsp, QWORD PTR [rbp+296] + 00129 5f pop rdi + 0012a 5d pop rbp + 0012b c3 ret 0 +?NcGetDeltaToLabel@@YAHPEAU_NATIVE_CODE_LINK@@PEAH@Z ENDP ; NcGetDeltaToLabel +_TEXT ENDS +; Function compile flags: /Odtp /RTCsu /ZI +; File C:\$Fanta\code-virtualizer\CodeVirtualizer\NativeCode.cpp ; COMDAT ?NcDeepCopyBlock@@YAPEAU_NATIVE_CODE_BLOCK@@PEAU1@@Z _TEXT SEGMENT Block$ = 224 @@ -15729,7 +16785,7 @@ $LN5: 00 00 00 cmp QWORD PTR Rd$[rbp], 0 0009f 74 21 je SHORT $LN2@NATIVE_COD -; 30 : memcpy(RawData, Rd, Rds); +; 30 : RtlCopyMemory(RawData, Rd, Rds); 000a1 8b 85 18 01 00 00 mov eax, DWORD PTR Rds$[rbp] @@ -16275,6 +17331,193 @@ xed_decoded_inst_inst PROC ; COMDAT xed_decoded_inst_inst ENDP _TEXT ENDS ; Function compile flags: /Odtp /RTCsu /ZI +; File C:\$Fanta\IntelXED\build\obj\wkit\include\xed\xed-encoder-hl.h +; COMDAT xed_inst1 +_TEXT SEGMENT +inst$ = 224 +mode$ = 232 +iclass$ = 240 +effective_operand_width$ = 248 +op0$ = 256 +xed_inst1 PROC ; COMDAT + +; 490 : xed_encoder_operand_t op0) { + + 00000 44 89 4c 24 20 mov DWORD PTR [rsp+32], r9d + 00005 44 89 44 24 18 mov DWORD PTR [rsp+24], r8d + 0000a 48 89 54 24 10 mov QWORD PTR [rsp+16], rdx + 0000f 48 89 4c 24 08 mov QWORD PTR [rsp+8], rcx + 00014 55 push rbp + 00015 56 push rsi + 00016 57 push rdi + 00017 48 81 ec e0 00 + 00 00 sub rsp, 224 ; 000000e0H + 0001e 48 8d 6c 24 20 lea rbp, QWORD PTR [rsp+32] + 00023 48 8b fc mov rdi, rsp + 00026 b9 38 00 00 00 mov ecx, 56 ; 00000038H + 0002b b8 cc cc cc cc mov eax, -858993460 ; ccccccccH + 00030 f3 ab rep stosd + 00032 48 8b 8c 24 08 + 01 00 00 mov rcx, QWORD PTR [rsp+264] + 0003a 48 8d 0d 00 00 + 00 00 lea rcx, OFFSET FLAT:__21860875_xed-encoder-hl@h + 00041 e8 00 00 00 00 call __CheckForDebuggerJustMyCode + +; 491 : +; 492 : inst->mode=mode; + + 00046 48 8b 85 e0 00 + 00 00 mov rax, QWORD PTR inst$[rbp] + 0004d 48 8b 8d e8 00 + 00 00 mov rcx, QWORD PTR mode$[rbp] + 00054 48 89 08 mov QWORD PTR [rax], rcx + +; 493 : inst->iclass = iclass; + + 00057 48 8b 85 e0 00 + 00 00 mov rax, QWORD PTR inst$[rbp] + 0005e 8b 8d f0 00 00 + 00 mov ecx, DWORD PTR iclass$[rbp] + 00064 89 48 08 mov DWORD PTR [rax+8], ecx + +; 494 : inst->effective_operand_width = effective_operand_width; + + 00067 48 8b 85 e0 00 + 00 00 mov rax, QWORD PTR inst$[rbp] + 0006e 8b 8d f8 00 00 + 00 mov ecx, DWORD PTR effective_operand_width$[rbp] + 00074 89 48 0c mov DWORD PTR [rax+12], ecx + +; 495 : inst->effective_address_width = 0; + + 00077 48 8b 85 e0 00 + 00 00 mov rax, QWORD PTR inst$[rbp] + 0007e c7 40 10 00 00 + 00 00 mov DWORD PTR [rax+16], 0 + +; 496 : inst->prefixes.i = 0; + + 00085 48 8b 85 e0 00 + 00 00 mov rax, QWORD PTR inst$[rbp] + 0008c c7 40 14 00 00 + 00 00 mov DWORD PTR [rax+20], 0 + +; 497 : inst->operands[0] = op0; + + 00093 b8 30 00 00 00 mov eax, 48 ; 00000030H + 00098 48 6b c0 00 imul rax, rax, 0 + 0009c 48 8b 8d e0 00 + 00 00 mov rcx, QWORD PTR inst$[rbp] + 000a3 48 8d 7c 01 20 lea rdi, QWORD PTR [rcx+rax+32] + 000a8 48 8b b5 00 01 + 00 00 mov rsi, QWORD PTR op0$[rbp] + 000af b9 30 00 00 00 mov ecx, 48 ; 00000030H + 000b4 f3 a4 rep movsb + +; 498 : inst->noperands = 1; + + 000b6 48 8b 85 e0 00 + 00 00 mov rax, QWORD PTR inst$[rbp] + 000bd c7 40 18 01 00 + 00 00 mov DWORD PTR [rax+24], 1 + +; 499 : } + + 000c4 48 8d a5 c0 00 + 00 00 lea rsp, QWORD PTR [rbp+192] + 000cb 5f pop rdi + 000cc 5e pop rsi + 000cd 5d pop rbp + 000ce c3 ret 0 +xed_inst1 ENDP +_TEXT ENDS +; Function compile flags: /Odtp /RTCsu /ZI +; File C:\$Fanta\IntelXED\build\obj\wkit\include\xed\xed-encoder-hl.h +; COMDAT xed_relbr +_TEXT SEGMENT +o$ = 8 +__$ArrayPad$ = 264 +$T4 = 304 +brdisp$ = 312 +width_bits$ = 320 +xed_relbr PROC ; COMDAT + +; 105 : xed_uint_t width_bits) { + + 00000 44 89 44 24 18 mov DWORD PTR [rsp+24], r8d + 00005 89 54 24 10 mov DWORD PTR [rsp+16], edx + 00009 48 89 4c 24 08 mov QWORD PTR [rsp+8], rcx + 0000e 55 push rbp + 0000f 56 push rsi + 00010 57 push rdi + 00011 48 81 ec 30 01 + 00 00 sub rsp, 304 ; 00000130H + 00018 48 8d 6c 24 20 lea rbp, QWORD PTR [rsp+32] + 0001d 48 8b fc mov rdi, rsp + 00020 b9 4c 00 00 00 mov ecx, 76 ; 0000004cH + 00025 b8 cc cc cc cc mov eax, -858993460 ; ccccccccH + 0002a f3 ab rep stosd + 0002c 48 8b 8c 24 58 + 01 00 00 mov rcx, QWORD PTR [rsp+344] + 00034 48 8b 05 00 00 + 00 00 mov rax, QWORD PTR __security_cookie + 0003b 48 33 c5 xor rax, rbp + 0003e 48 89 85 08 01 + 00 00 mov QWORD PTR __$ArrayPad$[rbp], rax + 00045 48 8d 0d 00 00 + 00 00 lea rcx, OFFSET FLAT:__21860875_xed-encoder-hl@h + 0004c e8 00 00 00 00 call __CheckForDebuggerJustMyCode + +; 106 : xed_encoder_operand_t o; +; 107 : o.type = XED_ENCODER_OPERAND_TYPE_BRDISP; + + 00051 c7 45 08 01 00 + 00 00 mov DWORD PTR o$[rbp], 1 + +; 108 : o.u.brdisp = brdisp; + + 00058 8b 85 38 01 00 + 00 mov eax, DWORD PTR brdisp$[rbp] + 0005e 89 45 10 mov DWORD PTR o$[rbp+8], eax + +; 109 : o.width_bits = width_bits; + + 00061 8b 85 40 01 00 + 00 mov eax, DWORD PTR width_bits$[rbp] + 00067 89 45 30 mov DWORD PTR o$[rbp+40], eax + +; 110 : return o; + + 0006a 48 8d 45 08 lea rax, QWORD PTR o$[rbp] + 0006e 48 8b bd 30 01 + 00 00 mov rdi, QWORD PTR $T4[rbp] + 00075 48 8b f0 mov rsi, rax + 00078 b9 30 00 00 00 mov ecx, 48 ; 00000030H + 0007d f3 a4 rep movsb + 0007f 48 8b 85 30 01 + 00 00 mov rax, QWORD PTR $T4[rbp] + +; 111 : } + + 00086 48 8b f8 mov rdi, rax + 00089 48 8d 4d e0 lea rcx, QWORD PTR [rbp-32] + 0008d 48 8d 15 00 00 + 00 00 lea rdx, OFFSET FLAT:xed_relbr$rtcFrameData + 00094 e8 00 00 00 00 call _RTC_CheckStackVars + 00099 48 8b c7 mov rax, rdi + 0009c 48 8b 8d 08 01 + 00 00 mov rcx, QWORD PTR __$ArrayPad$[rbp] + 000a3 48 33 cd xor rcx, rbp + 000a6 e8 00 00 00 00 call __security_check_cookie + 000ab 48 8d a5 10 01 + 00 00 lea rsp, QWORD PTR [rbp+272] + 000b2 5f pop rdi + 000b3 5e pop rsi + 000b4 5d pop rbp + 000b5 c3 ret 0 +xed_relbr ENDP +_TEXT ENDS +; Function compile flags: /Odtp /RTCsu /ZI ; File C:\$Fanta\IntelXED\build\obj\wkit\include\xed\xed-inst.h ; COMDAT xed_inst_noperands _TEXT SEGMENT diff --git a/CodeVirtualizer/x64/Debug/RipAndInst.cod b/CodeVirtualizer/x64/Debug/RipAndInst.cod new file mode 100644 index 0000000..63061a7 --- /dev/null +++ b/CodeVirtualizer/x64/Debug/RipAndInst.cod @@ -0,0 +1,2205 @@ +; Listing generated by Microsoft (R) Optimizing Compiler Version 19.27.29111.0 + +include listing.inc + +INCLUDELIB MSVCRTD +INCLUDELIB OLDNAMES + +msvcjmc SEGMENT +__B2D2BA86_ctype@h DB 01H +__79C7FC57_basetsd@h DB 01H +__1FEB9909_corecrt_memcpy_s@h DB 01H +__A751F051_corecrt_memory@h DB 01H +__9200769A_corecrt_wstring@h DB 01H +__32E5F013_string@h DB 01H +__D545DD43_guiddef@h DB 01H +__D5DDFBF3_winnt@h DB 01H +__439612F0_processthreadsapi@h DB 01H +__5733279A_memoryapi@h DB 01H +__D4435474_winerror@h DB 01H +__B3ED30D4_winbase@h DB 01H +__DB057BA3_winuser@h DB 01H +__A7113148_winioctl@h DB 01H +__B49664B7_stdlib@h DB 01H +__EC5BC72C_propidl@h DB 01H +__6DA674A0_oleauto@h DB 01H +__A118E6DC_stralign@h DB 01H +__8906660C_vcruntime_new@h DB 01H +__A2143F22_corecrt_stdio_config@h DB 01H +__829E1958_corecrt_wstdio@h DB 01H +__6DFAE8B8_stdio@h DB 01H +__C6E16F6F_corecrt_wconio@h DB 01H +__6D390390_corecrt_wio@h DB 01H +__1157D6BA_corecrt_wtime@h DB 01H +__1DC1E279_stat@h DB 01H +__93DC0B45_wchar@h DB 01H +__5DDA4519_cstddef DB 01H +__741AE07E_corecrt_math@h DB 01H +__F8119FB4_cstdlib DB 01H +__F2870A2C_limits DB 01H +__85A9AA98_type_traits DB 01H +__20BB4341_malloc@h DB 01H +__E75714E4_vcruntime_exception@h DB 01H +__E4152856_exception DB 01H +__4324C6B3_xutility DB 01H +__A58979FC_xmemory DB 01H +__AC6CB2D0_tuple DB 01H +__E0552A5D_xpolymorphic_allocator@h DB 01H +__D15AFF60_xstring DB 01H +__3AFA803E_string DB 01H +__0A4FAB91_cmath DB 01H +__6D5B120B_stdexcept DB 01H +__160863A3_xcall_once@h DB 01H +__99B256EE_atomic DB 01H +__A9557183_system_error DB 01H +__FB364CBD_vcruntime_typeinfo@h DB 01H +__33FB35AA_typeinfo DB 01H +__4E2906A2_memory DB 01H +__626C51AD_xfacet DB 01H +__2C72D662_xlocinfo DB 01H +__0E648B51_xlocale DB 01H +__1597A171_xiosbase DB 01H +__90E3ED46_xlocnum DB 01H +__165C22CB_ios DB 01H +__BB81F87E_xlocmon DB 01H +__A0B61CF9_time@h DB 01H +__886F7F70_xloctime DB 01H +__3DD0E9E9_xed-util@h DB 01H +__209FD46F_xed-iform-map@h DB 01H +__4E05E119_xed-inst@h DB 01H +__0607FC5A_xed-flags@h DB 01H +__B4910D57_xed-operand-accessors@h DB 01H +__8663E876_xed-state@h DB 01H +__BB5B4FF8_xed-encode@h DB 01H +__21860875_xed-encoder-hl@h DB 01H +__F7815311_xed-decoded-inst-api@h DB 01H +__FA14AA08_RipAndInst@cpp DB 01H +__7EA464AF_istream DB 01H +__1D745195_ostream DB 01H +__6FFBAAB7_streambuf DB 01H +__528871F3_iterator DB 01H +__3E6EDFAA_iosfwd DB 01H +__CF1C1A3F_utility DB 01H +__38038D2D_xstddef DB 01H +__EE19A480_xatomic@h DB 01H +msvcjmc ENDS +PUBLIC ?__empty_global_delete@@YAXPEAX@Z ; __empty_global_delete +PUBLIC ?__empty_global_delete@@YAXPEAX_K@Z ; __empty_global_delete +PUBLIC ?__empty_global_delete@@YAXPEAXW4align_val_t@std@@@Z ; __empty_global_delete +PUBLIC ?__empty_global_delete@@YAXPEAX_KW4align_val_t@std@@@Z ; __empty_global_delete +PUBLIC wmemcpy +PUBLIC ??$_Maklocstr@_W@std@@YAPEA_WPEBDPEA_WAEBU_Cvtvec@@@Z ; std::_Maklocstr +PUBLIC ?_Maklocwcs@std@@YAPEA_WPEB_W@Z ; std::_Maklocwcs +PUBLIC ??$_Maklocstr@D@std@@YAPEADPEBDPEADAEBU_Cvtvec@@@Z ; std::_Maklocstr +PUBLIC ??$_Getvals@_W@?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@IEAAX_WAEBV_Locinfo@1@@Z ; std::time_get > >::_Getvals +PUBLIC ??$_Getvals@_W@?$time_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@IEAAX_WAEBV_Locinfo@1@@Z ; std::time_get > >::_Getvals +PUBLIC ?JitEmitRipRelativeAndD@@YAHPEAU_NATIVE_CODE_BLOCK@@HK@Z ; JitEmitRipRelativeAndD +PUBLIC ?JitEmitRipRelativeAndW@@YAHPEAU_NATIVE_CODE_BLOCK@@HK@Z ; JitEmitRipRelativeAndW +PUBLIC ?JitEmitRipRelativeAndB@@YAHPEAU_NATIVE_CODE_BLOCK@@HK@Z ; JitEmitRipRelativeAndB +PUBLIC __JustMyCode_Default +PUBLIC ??_C@_0GI@DEICPIDJ@C?3?2Program?5Files?5?$CIx86?$CJ?2Microsof@ ; `string' +PUBLIC ?__LINE__Var@?0??_Maklocwcs@std@@YAPEA_WPEB_W@Z@4JA ; `std::_Maklocwcs'::`1'::__LINE__Var +PUBLIC ??_C@_0GI@LHMPPKJI@C?3?2Program?5Files?5?$CIx86?$CJ?2Microsof@ ; `string' +PUBLIC ??_C@_0N@LPFKKEBD@?3AM?3am?3PM?3pm@ ; `string' +PUBLIC ??_C@_1BK@MHIKGOKE@?$AA?3?$AAA?$AAM?$AA?3?$AAa?$AAm?$AA?3?$AAP?$AAM?$AA?3?$AAp?$AAm@ ; `string' +EXTRN ??2@YAPEAX_K@Z:PROC ; operator new +EXTRN ??3@YAXPEAX_K@Z:PROC ; operator delete +EXTRN memcpy:PROC +EXTRN __imp_wcslen:PROC +EXTRN strlen:PROC +EXTRN __imp__calloc_dbg:PROC +EXTRN ?_Xbad_alloc@std@@YAXXZ:PROC ; std::_Xbad_alloc +EXTRN _Mbrtowc:PROC +EXTRN __imp_?_Getcvt@_Locinfo@std@@QEBA?AU_Cvtvec@@XZ:PROC +EXTRN __imp_?_Getdays@_Locinfo@std@@QEBAPEBDXZ:PROC +EXTRN __imp_?_Getmonths@_Locinfo@std@@QEBAPEBDXZ:PROC +EXTRN __imp_?_W_Getdays@_Locinfo@std@@QEBAPEBGXZ:PROC +EXTRN __imp_?_W_Getmonths@_Locinfo@std@@QEBAPEBGXZ:PROC +EXTRN xed_decode:PROC +EXTRN ??0_NATIVE_CODE_LINK@@QEAA@KPEAXK@Z:PROC ; _NATIVE_CODE_LINK::_NATIVE_CODE_LINK +EXTRN ?NcAppendToBlock@@YAXPEAU_NATIVE_CODE_BLOCK@@PEAU_NATIVE_CODE_LINK@@@Z:PROC ; NcAppendToBlock +EXTRN _RTC_CheckStackVars:PROC +EXTRN _RTC_InitBase:PROC +EXTRN _RTC_Shutdown:PROC +EXTRN __CheckForDebuggerJustMyCode:PROC +EXTRN __CxxFrameHandler4:PROC +EXTRN __GSHandlerCheck:PROC +EXTRN __GSHandlerCheck_EH4:PROC +EXTRN __security_check_cookie:PROC +EXTRN __security_cookie:QWORD +; COMDAT pdata +pdata SEGMENT +$pdata$?__empty_global_delete@@YAXPEAX@Z DD imagerel $LN3 + DD imagerel $LN3+65 + DD imagerel $unwind$?__empty_global_delete@@YAXPEAX@Z +pdata ENDS +; COMDAT pdata +pdata SEGMENT +$pdata$?__empty_global_delete@@YAXPEAX_K@Z DD imagerel $LN3 + DD imagerel $LN3+70 + DD imagerel $unwind$?__empty_global_delete@@YAXPEAX_K@Z +pdata ENDS +; COMDAT pdata +pdata SEGMENT +$pdata$?__empty_global_delete@@YAXPEAXW4align_val_t@std@@@Z DD imagerel $LN3 + DD imagerel $LN3+70 + DD imagerel $unwind$?__empty_global_delete@@YAXPEAXW4align_val_t@std@@@Z +pdata ENDS +; COMDAT pdata +pdata SEGMENT +$pdata$?__empty_global_delete@@YAXPEAX_KW4align_val_t@std@@@Z DD imagerel $LN3 + DD imagerel $LN3+75 + DD imagerel $unwind$?__empty_global_delete@@YAXPEAX_KW4align_val_t@std@@@Z +pdata ENDS +; COMDAT pdata +pdata SEGMENT +$pdata$wmemcpy DD imagerel $LN3 + DD imagerel $LN3+106 + DD imagerel $unwind$wmemcpy +pdata ENDS +; COMDAT pdata +pdata SEGMENT +$pdata$??$_Maklocstr@_W@std@@YAPEA_WPEBDPEA_WAEBU_Cvtvec@@@Z DD imagerel $LN12 + DD imagerel $LN12+584 + DD imagerel $unwind$??$_Maklocstr@_W@std@@YAPEA_WPEBDPEA_WAEBU_Cvtvec@@@Z +pdata ENDS +; COMDAT pdata +pdata SEGMENT +$pdata$?_Maklocwcs@std@@YAPEA_WPEB_W@Z DD imagerel $LN4 + DD imagerel $LN4+165 + DD imagerel $unwind$?_Maklocwcs@std@@YAPEA_WPEB_W@Z +pdata ENDS +; COMDAT pdata +pdata SEGMENT +$pdata$??$_Maklocstr@D@std@@YAPEADPEBDPEADAEBU_Cvtvec@@@Z DD imagerel $LN7 + DD imagerel $LN7+223 + DD imagerel $unwind$??$_Maklocstr@D@std@@YAPEADPEBDPEADAEBU_Cvtvec@@@Z +pdata ENDS +; COMDAT pdata +pdata SEGMENT +$pdata$??$_Getvals@_W@?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@IEAAX_WAEBV_Locinfo@1@@Z DD imagerel $LN5 + DD imagerel $LN5+379 + DD imagerel $unwind$??$_Getvals@_W@?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@IEAAX_WAEBV_Locinfo@1@@Z +pdata ENDS +; COMDAT pdata +pdata SEGMENT +$pdata$??$_Getvals@_W@?$time_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@IEAAX_WAEBV_Locinfo@1@@Z DD imagerel $LN5 + DD imagerel $LN5+379 + DD imagerel $unwind$??$_Getvals@_W@?$time_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@IEAAX_WAEBV_Locinfo@1@@Z +pdata ENDS +; COMDAT pdata +pdata SEGMENT +$pdata$?JitEmitRipRelativeAndD@@YAHPEAU_NATIVE_CODE_BLOCK@@HK@Z DD imagerel $LN6 + DD imagerel $LN6+369 + DD imagerel $unwind$?JitEmitRipRelativeAndD@@YAHPEAU_NATIVE_CODE_BLOCK@@HK@Z +pdata ENDS +; COMDAT pdata +pdata SEGMENT +$pdata$?dtor$0@?0??JitEmitRipRelativeAndD@@YAHPEAU_NATIVE_CODE_BLOCK@@HK@Z@4HA DD imagerel ?dtor$0@?0??JitEmitRipRelativeAndD@@YAHPEAU_NATIVE_CODE_BLOCK@@HK@Z@4HA + DD imagerel ?dtor$0@?0??JitEmitRipRelativeAndD@@YAHPEAU_NATIVE_CODE_BLOCK@@HK@Z@4HA+44 + DD imagerel $unwind$?dtor$0@?0??JitEmitRipRelativeAndD@@YAHPEAU_NATIVE_CODE_BLOCK@@HK@Z@4HA +pdata ENDS +; COMDAT pdata +pdata SEGMENT +$pdata$?JitEmitRipRelativeAndW@@YAHPEAU_NATIVE_CODE_BLOCK@@HK@Z DD imagerel $LN6 + DD imagerel $LN6+367 + DD imagerel $unwind$?JitEmitRipRelativeAndW@@YAHPEAU_NATIVE_CODE_BLOCK@@HK@Z +pdata ENDS +; COMDAT pdata +pdata SEGMENT +$pdata$?dtor$0@?0??JitEmitRipRelativeAndW@@YAHPEAU_NATIVE_CODE_BLOCK@@HK@Z@4HA DD imagerel ?dtor$0@?0??JitEmitRipRelativeAndW@@YAHPEAU_NATIVE_CODE_BLOCK@@HK@Z@4HA + DD imagerel ?dtor$0@?0??JitEmitRipRelativeAndW@@YAHPEAU_NATIVE_CODE_BLOCK@@HK@Z@4HA+44 + DD imagerel $unwind$?dtor$0@?0??JitEmitRipRelativeAndW@@YAHPEAU_NATIVE_CODE_BLOCK@@HK@Z@4HA +pdata ENDS +; COMDAT pdata +pdata SEGMENT +$pdata$?JitEmitRipRelativeAndB@@YAHPEAU_NATIVE_CODE_BLOCK@@HK@Z DD imagerel $LN6 + DD imagerel $LN6+358 + DD imagerel $unwind$?JitEmitRipRelativeAndB@@YAHPEAU_NATIVE_CODE_BLOCK@@HK@Z +pdata ENDS +; COMDAT pdata +pdata SEGMENT +$pdata$?dtor$0@?0??JitEmitRipRelativeAndB@@YAHPEAU_NATIVE_CODE_BLOCK@@HK@Z@4HA DD imagerel ?dtor$0@?0??JitEmitRipRelativeAndB@@YAHPEAU_NATIVE_CODE_BLOCK@@HK@Z@4HA + DD imagerel ?dtor$0@?0??JitEmitRipRelativeAndB@@YAHPEAU_NATIVE_CODE_BLOCK@@HK@Z@4HA+44 + DD imagerel $unwind$?dtor$0@?0??JitEmitRipRelativeAndB@@YAHPEAU_NATIVE_CODE_BLOCK@@HK@Z@4HA +pdata ENDS +; COMDAT rtc$TMZ +rtc$TMZ SEGMENT +_RTC_Shutdown.rtc$TMZ DQ FLAT:_RTC_Shutdown +rtc$TMZ ENDS +; COMDAT rtc$IMZ +rtc$IMZ SEGMENT +_RTC_InitBase.rtc$IMZ DQ FLAT:_RTC_InitBase +rtc$IMZ ENDS +; COMDAT ??_C@_1BK@MHIKGOKE@?$AA?3?$AAA?$AAM?$AA?3?$AAa?$AAm?$AA?3?$AAP?$AAM?$AA?3?$AAp?$AAm@ +CONST SEGMENT +??_C@_1BK@MHIKGOKE@?$AA?3?$AAA?$AAM?$AA?3?$AAa?$AAm?$AA?3?$AAP?$AAM?$AA?3?$AAp?$AAm@ DB ':' + DB 00H, 'A', 00H, 'M', 00H, ':', 00H, 'a', 00H, 'm', 00H, ':', 00H + DB 'P', 00H, 'M', 00H, ':', 00H, 'p', 00H, 'm', 00H, 00H, 00H ; `string' +CONST ENDS +; COMDAT ??_C@_0N@LPFKKEBD@?3AM?3am?3PM?3pm@ +CONST SEGMENT +??_C@_0N@LPFKKEBD@?3AM?3am?3PM?3pm@ DB ':AM:am:PM:pm', 00H ; `string' +CONST ENDS +; COMDAT ??_C@_0GI@LHMPPKJI@C?3?2Program?5Files?5?$CIx86?$CJ?2Microsof@ +CONST SEGMENT +??_C@_0GI@LHMPPKJI@C?3?2Program?5Files?5?$CIx86?$CJ?2Microsof@ DB 'C:\Pro' + DB 'gram Files (x86)\Microsoft Visual Studio\2019\Community\VC\To' + DB 'ols\MSVC\14.27.29110\include\xlocnum', 00H ; `string' +CONST ENDS +; COMDAT ?__LINE__Var@?0??_Maklocwcs@std@@YAPEA_WPEB_W@Z@4JA +_DATA SEGMENT +?__LINE__Var@?0??_Maklocwcs@std@@YAPEA_WPEB_W@Z@4JA DD 05aH ; `std::_Maklocwcs'::`1'::__LINE__Var +_DATA ENDS +; COMDAT ??_C@_0GI@DEICPIDJ@C?3?2Program?5Files?5?$CIx86?$CJ?2Microsof@ +CONST SEGMENT +??_C@_0GI@DEICPIDJ@C?3?2Program?5Files?5?$CIx86?$CJ?2Microsof@ DB 'C:\Pro' + DB 'gram Files (x86)\Microsoft Visual Studio\2019\Community\VC\To' + DB 'ols\MSVC\14.27.29110\include\xlocale', 00H ; `string' +CONST ENDS +; COMDAT xdata +xdata SEGMENT +$unwind$?dtor$0@?0??JitEmitRipRelativeAndB@@YAHPEAU_NATIVE_CODE_BLOCK@@HK@Z@4HA DD 031001H + DD 0700c4210H + DD 0500bH +xdata ENDS +; COMDAT xdata +xdata SEGMENT +$ip2state$?JitEmitRipRelativeAndB@@YAHPEAU_NATIVE_CODE_BLOCK@@HK@Z DB 06H + DB 00H + DB 00H + DB 0faH + DB 02H + DB 08eH + DB 00H +xdata ENDS +; COMDAT xdata +xdata SEGMENT +$stateUnwindMap$?JitEmitRipRelativeAndB@@YAHPEAU_NATIVE_CODE_BLOCK@@HK@Z DB 02H + DB 0eH + DD imagerel ?dtor$0@?0??JitEmitRipRelativeAndB@@YAHPEAU_NATIVE_CODE_BLOCK@@HK@Z@4HA +xdata ENDS +; COMDAT xdata +xdata SEGMENT +$cppxdata$?JitEmitRipRelativeAndB@@YAHPEAU_NATIVE_CODE_BLOCK@@HK@Z DB 028H + DD imagerel $stateUnwindMap$?JitEmitRipRelativeAndB@@YAHPEAU_NATIVE_CODE_BLOCK@@HK@Z + DD imagerel $ip2state$?JitEmitRipRelativeAndB@@YAHPEAU_NATIVE_CODE_BLOCK@@HK@Z +xdata ENDS +; COMDAT xdata +xdata SEGMENT +$unwind$?JitEmitRipRelativeAndB@@YAHPEAU_NATIVE_CODE_BLOCK@@HK@Z DD 025054419H + DD 0117231cH + DD 07010002fH + DD 0500fH + DD imagerel __GSHandlerCheck_EH4 + DD imagerel $cppxdata$?JitEmitRipRelativeAndB@@YAHPEAU_NATIVE_CODE_BLOCK@@HK@Z + DD 0162H +xdata ENDS +; COMDAT CONST +CONST SEGMENT +?JitEmitRipRelativeAndB@@YAHPEAU_NATIVE_CODE_BLOCK@@HK@Z$rtcName$0 DB 052H ; JitEmitRipRelativeAndB + DB 061H + DB 077H + DB 044H + DB 061H + DB 074H + DB 061H + DB 00H + ORG $+8 +?JitEmitRipRelativeAndB@@YAHPEAU_NATIVE_CODE_BLOCK@@HK@Z$rtcVarDesc DD 024H ; JitEmitRipRelativeAndB + DD 07H + DQ FLAT:?JitEmitRipRelativeAndB@@YAHPEAU_NATIVE_CODE_BLOCK@@HK@Z$rtcName$0 + ORG $+48 +?JitEmitRipRelativeAndB@@YAHPEAU_NATIVE_CODE_BLOCK@@HK@Z$rtcFrameData DD 01H ; JitEmitRipRelativeAndB + DD 00H + DQ FLAT:?JitEmitRipRelativeAndB@@YAHPEAU_NATIVE_CODE_BLOCK@@HK@Z$rtcVarDesc +CONST ENDS +; COMDAT xdata +xdata SEGMENT +$unwind$?dtor$0@?0??JitEmitRipRelativeAndW@@YAHPEAU_NATIVE_CODE_BLOCK@@HK@Z@4HA DD 031001H + DD 0700c4210H + DD 0500bH +xdata ENDS +; COMDAT xdata +xdata SEGMENT +$ip2state$?JitEmitRipRelativeAndW@@YAHPEAU_NATIVE_CODE_BLOCK@@HK@Z DB 06H + DB 00H + DB 00H + DB 015H, 02H + DB 02H + DB 08eH + DB 00H +xdata ENDS +; COMDAT xdata +xdata SEGMENT +$stateUnwindMap$?JitEmitRipRelativeAndW@@YAHPEAU_NATIVE_CODE_BLOCK@@HK@Z DB 02H + DB 0eH + DD imagerel ?dtor$0@?0??JitEmitRipRelativeAndW@@YAHPEAU_NATIVE_CODE_BLOCK@@HK@Z@4HA +xdata ENDS +; COMDAT xdata +xdata SEGMENT +$cppxdata$?JitEmitRipRelativeAndW@@YAHPEAU_NATIVE_CODE_BLOCK@@HK@Z DB 028H + DD imagerel $stateUnwindMap$?JitEmitRipRelativeAndW@@YAHPEAU_NATIVE_CODE_BLOCK@@HK@Z + DD imagerel $ip2state$?JitEmitRipRelativeAndW@@YAHPEAU_NATIVE_CODE_BLOCK@@HK@Z +xdata ENDS +; COMDAT xdata +xdata SEGMENT +$unwind$?JitEmitRipRelativeAndW@@YAHPEAU_NATIVE_CODE_BLOCK@@HK@Z DD 025054419H + DD 0117231cH + DD 070100031H + DD 0500fH + DD imagerel __GSHandlerCheck_EH4 + DD imagerel $cppxdata$?JitEmitRipRelativeAndW@@YAHPEAU_NATIVE_CODE_BLOCK@@HK@Z + DD 0172H +xdata ENDS +; COMDAT CONST +CONST SEGMENT +?JitEmitRipRelativeAndW@@YAHPEAU_NATIVE_CODE_BLOCK@@HK@Z$rtcName$0 DB 052H ; JitEmitRipRelativeAndW + DB 061H + DB 077H + DB 044H + DB 061H + DB 074H + DB 061H + DB 00H + ORG $+8 +?JitEmitRipRelativeAndW@@YAHPEAU_NATIVE_CODE_BLOCK@@HK@Z$rtcVarDesc DD 028H ; JitEmitRipRelativeAndW + DD 09H + DQ FLAT:?JitEmitRipRelativeAndW@@YAHPEAU_NATIVE_CODE_BLOCK@@HK@Z$rtcName$0 + ORG $+48 +?JitEmitRipRelativeAndW@@YAHPEAU_NATIVE_CODE_BLOCK@@HK@Z$rtcFrameData DD 01H ; JitEmitRipRelativeAndW + DD 00H + DQ FLAT:?JitEmitRipRelativeAndW@@YAHPEAU_NATIVE_CODE_BLOCK@@HK@Z$rtcVarDesc +CONST ENDS +; COMDAT xdata +xdata SEGMENT +$unwind$?dtor$0@?0??JitEmitRipRelativeAndD@@YAHPEAU_NATIVE_CODE_BLOCK@@HK@Z@4HA DD 031001H + DD 0700c4210H + DD 0500bH +xdata ENDS +; COMDAT xdata +xdata SEGMENT +$ip2state$?JitEmitRipRelativeAndD@@YAHPEAU_NATIVE_CODE_BLOCK@@HK@Z DB 06H + DB 00H + DB 00H + DB '%', 02H + DB 02H + DB 08eH + DB 00H +xdata ENDS +; COMDAT xdata +xdata SEGMENT +$stateUnwindMap$?JitEmitRipRelativeAndD@@YAHPEAU_NATIVE_CODE_BLOCK@@HK@Z DB 02H + DB 0eH + DD imagerel ?dtor$0@?0??JitEmitRipRelativeAndD@@YAHPEAU_NATIVE_CODE_BLOCK@@HK@Z@4HA +xdata ENDS +; COMDAT xdata +xdata SEGMENT +$cppxdata$?JitEmitRipRelativeAndD@@YAHPEAU_NATIVE_CODE_BLOCK@@HK@Z DB 028H + DD imagerel $stateUnwindMap$?JitEmitRipRelativeAndD@@YAHPEAU_NATIVE_CODE_BLOCK@@HK@Z + DD imagerel $ip2state$?JitEmitRipRelativeAndD@@YAHPEAU_NATIVE_CODE_BLOCK@@HK@Z +xdata ENDS +; COMDAT xdata +xdata SEGMENT +$unwind$?JitEmitRipRelativeAndD@@YAHPEAU_NATIVE_CODE_BLOCK@@HK@Z DD 025054419H + DD 0117231cH + DD 070100031H + DD 0500fH + DD imagerel __GSHandlerCheck_EH4 + DD imagerel $cppxdata$?JitEmitRipRelativeAndD@@YAHPEAU_NATIVE_CODE_BLOCK@@HK@Z + DD 0172H +xdata ENDS +; COMDAT CONST +CONST SEGMENT +?JitEmitRipRelativeAndD@@YAHPEAU_NATIVE_CODE_BLOCK@@HK@Z$rtcName$0 DB 052H ; JitEmitRipRelativeAndD + DB 061H + DB 077H + DB 044H + DB 061H + DB 074H + DB 061H + DB 00H + ORG $+8 +?JitEmitRipRelativeAndD@@YAHPEAU_NATIVE_CODE_BLOCK@@HK@Z$rtcVarDesc DD 028H ; JitEmitRipRelativeAndD + DD 0aH + DQ FLAT:?JitEmitRipRelativeAndD@@YAHPEAU_NATIVE_CODE_BLOCK@@HK@Z$rtcName$0 + ORG $+48 +?JitEmitRipRelativeAndD@@YAHPEAU_NATIVE_CODE_BLOCK@@HK@Z$rtcFrameData DD 01H ; JitEmitRipRelativeAndD + DD 00H + DQ FLAT:?JitEmitRipRelativeAndD@@YAHPEAU_NATIVE_CODE_BLOCK@@HK@Z$rtcVarDesc +CONST ENDS +; COMDAT xdata +xdata SEGMENT +$unwind$??$_Getvals@_W@?$time_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@IEAAX_WAEBV_Locinfo@1@@Z DD 025063501H + DD 0119231eH + DD 070120026H + DD 050106011H +xdata ENDS +; COMDAT xdata +xdata SEGMENT +$unwind$??$_Getvals@_W@?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@IEAAX_WAEBV_Locinfo@1@@Z DD 025063501H + DD 0119231eH + DD 070120026H + DD 050106011H +xdata ENDS +; COMDAT xdata +xdata SEGMENT +$unwind$??$_Maklocstr@D@std@@YAPEADPEBDPEADAEBU_Cvtvec@@@Z DD 035053401H + DD 0118331dH + DD 07011002bH + DD 05010H +xdata ENDS +; COMDAT xdata +xdata SEGMENT +$unwind$?_Maklocwcs@std@@YAPEA_WPEB_W@Z DD 035052a01H + DD 010e3313H + DD 070070027H + DD 05006H +xdata ENDS +; COMDAT xdata +xdata SEGMENT +$unwind$??$_Maklocstr@_W@std@@YAPEA_WPEBDPEA_WAEBU_Cvtvec@@@Z DD 035054519H + DD 0118331dH + DD 070110047H + DD 05010H + DD imagerel __GSHandlerCheck + DD 0228H +xdata ENDS +; COMDAT CONST +CONST SEGMENT +??$_Maklocstr@_W@std@@YAPEA_WPEBDPEA_WAEBU_Cvtvec@@@Z$rtcName$0 DB 05fH ; std::_Maklocstr + DB 057H + DB 063H + DB 00H +??$_Maklocstr@_W@std@@YAPEA_WPEBDPEA_WAEBU_Cvtvec@@@Z$rtcName$1 DB 05fH ; std::_Maklocstr + DB 04dH + DB 062H + DB 073H + DB 074H + DB 031H + DB 00H + ORG $+1 +??$_Maklocstr@_W@std@@YAPEA_WPEBDPEA_WAEBU_Cvtvec@@@Z$rtcName$2 DB 05fH ; std::_Maklocstr + DB 04dH + DB 062H + DB 073H + DB 074H + DB 032H + DB 00H + ORG $+13 +??$_Maklocstr@_W@std@@YAPEA_WPEBDPEA_WAEBU_Cvtvec@@@Z$rtcVarDesc DD 0158H ; std::_Maklocstr + DD 08H + DQ FLAT:??$_Maklocstr@_W@std@@YAPEA_WPEBDPEA_WAEBU_Cvtvec@@@Z$rtcName$2 + DD 0f8H + DD 08H + DQ FLAT:??$_Maklocstr@_W@std@@YAPEA_WPEBDPEA_WAEBU_Cvtvec@@@Z$rtcName$1 + DD 0d4H + DD 02H + DQ FLAT:??$_Maklocstr@_W@std@@YAPEA_WPEBDPEA_WAEBU_Cvtvec@@@Z$rtcName$0 + ORG $+144 +??$_Maklocstr@_W@std@@YAPEA_WPEBDPEA_WAEBU_Cvtvec@@@Z$rtcFrameData DD 03H ; std::_Maklocstr + DD 00H + DQ FLAT:??$_Maklocstr@_W@std@@YAPEA_WPEBDPEA_WAEBU_Cvtvec@@@Z$rtcVarDesc +CONST ENDS +; COMDAT xdata +xdata SEGMENT +$unwind$wmemcpy DD 025053401H + DD 0118231dH + DD 07011001dH + DD 05010H +xdata ENDS +; COMDAT xdata +xdata SEGMENT +$ip2state$?__empty_global_delete@@YAXPEAX_KW4align_val_t@std@@@Z DB 02H + DB 00H + DB 00H +xdata ENDS +; COMDAT xdata +xdata SEGMENT +$cppxdata$?__empty_global_delete@@YAXPEAX_KW4align_val_t@std@@@Z DB 060H + DD imagerel $ip2state$?__empty_global_delete@@YAXPEAX_KW4align_val_t@std@@@Z +xdata ENDS +; COMDAT xdata +xdata SEGMENT +$unwind$?__empty_global_delete@@YAXPEAX_KW4align_val_t@std@@@Z DD 025053419H + DD 0118231dH + DD 07011001dH + DD 05010H + DD imagerel __CxxFrameHandler4 + DD imagerel $cppxdata$?__empty_global_delete@@YAXPEAX_KW4align_val_t@std@@@Z +xdata ENDS +; COMDAT xdata +xdata SEGMENT +$ip2state$?__empty_global_delete@@YAXPEAXW4align_val_t@std@@@Z DB 02H + DB 00H + DB 00H +xdata ENDS +; COMDAT xdata +xdata SEGMENT +$cppxdata$?__empty_global_delete@@YAXPEAXW4align_val_t@std@@@Z DB 060H + DD imagerel $ip2state$?__empty_global_delete@@YAXPEAXW4align_val_t@std@@@Z +xdata ENDS +; COMDAT xdata +xdata SEGMENT +$unwind$?__empty_global_delete@@YAXPEAXW4align_val_t@std@@@Z DD 025052f19H + DD 01132318H + DD 0700c001dH + DD 0500bH + DD imagerel __CxxFrameHandler4 + DD imagerel $cppxdata$?__empty_global_delete@@YAXPEAXW4align_val_t@std@@@Z +xdata ENDS +; COMDAT xdata +xdata SEGMENT +$ip2state$?__empty_global_delete@@YAXPEAX_K@Z DB 02H + DB 00H + DB 00H +xdata ENDS +; COMDAT xdata +xdata SEGMENT +$cppxdata$?__empty_global_delete@@YAXPEAX_K@Z DB 060H + DD imagerel $ip2state$?__empty_global_delete@@YAXPEAX_K@Z +xdata ENDS +; COMDAT xdata +xdata SEGMENT +$unwind$?__empty_global_delete@@YAXPEAX_K@Z DD 025052f19H + DD 01132318H + DD 0700c001dH + DD 0500bH + DD imagerel __CxxFrameHandler4 + DD imagerel $cppxdata$?__empty_global_delete@@YAXPEAX_K@Z +xdata ENDS +; COMDAT xdata +xdata SEGMENT +$ip2state$?__empty_global_delete@@YAXPEAX@Z DB 02H + DB 00H + DB 00H +xdata ENDS +; COMDAT xdata +xdata SEGMENT +$cppxdata$?__empty_global_delete@@YAXPEAX@Z DB 060H + DD imagerel $ip2state$?__empty_global_delete@@YAXPEAX@Z +xdata ENDS +; COMDAT xdata +xdata SEGMENT +$unwind$?__empty_global_delete@@YAXPEAX@Z DD 025052a19H + DD 010e2313H + DD 07007001dH + DD 05006H + DD imagerel __CxxFrameHandler4 + DD imagerel $cppxdata$?__empty_global_delete@@YAXPEAX@Z +xdata ENDS +; Function compile flags: /Odt +; COMDAT __JustMyCode_Default +_TEXT SEGMENT +__JustMyCode_Default PROC ; COMDAT + 00000 c2 00 00 ret 0 +__JustMyCode_Default ENDP +_TEXT ENDS +; Function compile flags: /Odtp /RTCsu /ZI +; File C:\$Fanta\code-virtualizer\CodeVirtualizer\RipAndInst.cpp +; COMDAT ?JitEmitRipRelativeAndB@@YAHPEAU_NATIVE_CODE_BLOCK@@HK@Z +_TEXT SEGMENT +RawData$ = 4 +Link$ = 40 +$T4 = 264 +$T5 = 296 +tv78 = 312 +__$ArrayPad$ = 320 +Block$ = 368 +RipDelta$ = 376 +Value$ = 384 +?JitEmitRipRelativeAndB@@YAHPEAU_NATIVE_CODE_BLOCK@@HK@Z PROC ; JitEmitRipRelativeAndB, COMDAT + +; 28 : { + +$LN6: + 00000 44 89 44 24 18 mov DWORD PTR [rsp+24], r8d + 00005 89 54 24 10 mov DWORD PTR [rsp+16], edx + 00009 48 89 4c 24 08 mov QWORD PTR [rsp+8], rcx + 0000e 55 push rbp + 0000f 57 push rdi + 00010 48 81 ec 78 01 + 00 00 sub rsp, 376 ; 00000178H + 00017 48 8d 6c 24 20 lea rbp, QWORD PTR [rsp+32] + 0001c 48 8b fc mov rdi, rsp + 0001f b9 5e 00 00 00 mov ecx, 94 ; 0000005eH + 00024 b8 cc cc cc cc mov eax, -858993460 ; ccccccccH + 00029 f3 ab rep stosd + 0002b 48 8b 8c 24 98 + 01 00 00 mov rcx, QWORD PTR [rsp+408] + 00033 48 8b 05 00 00 + 00 00 mov rax, QWORD PTR __security_cookie + 0003a 48 33 c5 xor rax, rbp + 0003d 48 89 85 40 01 + 00 00 mov QWORD PTR __$ArrayPad$[rbp], rax + 00044 48 8d 0d 00 00 + 00 00 lea rcx, OFFSET FLAT:__FA14AA08_RipAndInst@cpp + 0004b e8 00 00 00 00 call __CheckForDebuggerJustMyCode + +; 29 : UCHAR RawData[] = { 0x80, 0x25, 0x00, 0x00, 0x00, 0x00, 0x00 }; + + 00050 c6 45 04 80 mov BYTE PTR RawData$[rbp], 128 ; 00000080H + 00054 c6 45 05 25 mov BYTE PTR RawData$[rbp+1], 37 ; 00000025H + 00058 c6 45 06 00 mov BYTE PTR RawData$[rbp+2], 0 + 0005c c6 45 07 00 mov BYTE PTR RawData$[rbp+3], 0 + 00060 c6 45 08 00 mov BYTE PTR RawData$[rbp+4], 0 + 00064 c6 45 09 00 mov BYTE PTR RawData$[rbp+5], 0 + 00068 c6 45 0a 00 mov BYTE PTR RawData$[rbp+6], 0 + +; 30 : +; 31 : PNATIVE_CODE_LINK Link = new NATIVE_CODE_LINK(CODE_FLAG_IS_INST | CODE_FLAG_DO_NOT_DIVIDE, RawData, sizeof(RawData)); + + 0006c b9 f0 00 00 00 mov ecx, 240 ; 000000f0H + 00071 e8 00 00 00 00 call ??2@YAPEAX_K@Z ; operator new + 00076 48 89 85 28 01 + 00 00 mov QWORD PTR $T5[rbp], rax + 0007d 48 83 bd 28 01 + 00 00 00 cmp QWORD PTR $T5[rbp], 0 + 00085 74 24 je SHORT $LN3@JitEmitRip + 00087 41 b9 07 00 00 + 00 mov r9d, 7 + 0008d 4c 8d 45 04 lea r8, QWORD PTR RawData$[rbp] + 00091 ba 0c 00 00 00 mov edx, 12 + 00096 48 8b 8d 28 01 + 00 00 mov rcx, QWORD PTR $T5[rbp] + 0009d e8 00 00 00 00 call ??0_NATIVE_CODE_LINK@@QEAA@KPEAXK@Z ; _NATIVE_CODE_LINK::_NATIVE_CODE_LINK + 000a2 48 89 85 38 01 + 00 00 mov QWORD PTR tv78[rbp], rax + 000a9 eb 0b jmp SHORT $LN4@JitEmitRip +$LN3@JitEmitRip: + 000ab 48 c7 85 38 01 + 00 00 00 00 00 + 00 mov QWORD PTR tv78[rbp], 0 +$LN4@JitEmitRip: + 000b6 48 8b 85 38 01 + 00 00 mov rax, QWORD PTR tv78[rbp] + 000bd 48 89 85 08 01 + 00 00 mov QWORD PTR $T4[rbp], rax + 000c4 48 8b 85 08 01 + 00 00 mov rax, QWORD PTR $T4[rbp] + 000cb 48 89 45 28 mov QWORD PTR Link$[rbp], rax + +; 32 : *(PINT32)&Link->RawData[2] = RipDelta; + + 000cf b8 01 00 00 00 mov eax, 1 + 000d4 48 6b c0 02 imul rax, rax, 2 + 000d8 48 8b 4d 28 mov rcx, QWORD PTR Link$[rbp] + 000dc 48 8b 49 20 mov rcx, QWORD PTR [rcx+32] + 000e0 8b 95 78 01 00 + 00 mov edx, DWORD PTR RipDelta$[rbp] + 000e6 89 14 08 mov DWORD PTR [rax+rcx], edx + +; 33 : *(PUCHAR)&Link->RawData[6] = (UCHAR)Value; + + 000e9 b8 01 00 00 00 mov eax, 1 + 000ee 48 6b c0 06 imul rax, rax, 6 + 000f2 48 8b 4d 28 mov rcx, QWORD PTR Link$[rbp] + 000f6 48 8b 49 20 mov rcx, QWORD PTR [rcx+32] + 000fa 0f b6 95 80 01 + 00 00 movzx edx, BYTE PTR Value$[rbp] + 00101 88 14 08 mov BYTE PTR [rax+rcx], dl + +; 34 : XedDecode(&Link->XedInstruction, Link->RawData, Link->RawDataSize); + + 00104 48 8b 45 28 mov rax, QWORD PTR Link$[rbp] + 00108 48 83 c0 30 add rax, 48 ; 00000030H + 0010c 48 8b 4d 28 mov rcx, QWORD PTR Link$[rbp] + 00110 44 8b 41 28 mov r8d, DWORD PTR [rcx+40] + 00114 48 8b 4d 28 mov rcx, QWORD PTR Link$[rbp] + 00118 48 8b 51 20 mov rdx, QWORD PTR [rcx+32] + 0011c 48 8b c8 mov rcx, rax + 0011f e8 00 00 00 00 call xed_decode + +; 35 : NcAppendToBlock(Block, Link); + + 00124 48 8b 55 28 mov rdx, QWORD PTR Link$[rbp] + 00128 48 8b 8d 70 01 + 00 00 mov rcx, QWORD PTR Block$[rbp] + 0012f e8 00 00 00 00 call ?NcAppendToBlock@@YAXPEAU_NATIVE_CODE_BLOCK@@PEAU_NATIVE_CODE_LINK@@@Z ; NcAppendToBlock + +; 36 : return TRUE; + + 00134 b8 01 00 00 00 mov eax, 1 + +; 37 : } + + 00139 8b f8 mov edi, eax + 0013b 48 8d 4d e0 lea rcx, QWORD PTR [rbp-32] + 0013f 48 8d 15 00 00 + 00 00 lea rdx, OFFSET FLAT:?JitEmitRipRelativeAndB@@YAHPEAU_NATIVE_CODE_BLOCK@@HK@Z$rtcFrameData + 00146 e8 00 00 00 00 call _RTC_CheckStackVars + 0014b 8b c7 mov eax, edi + 0014d 48 8b 8d 40 01 + 00 00 mov rcx, QWORD PTR __$ArrayPad$[rbp] + 00154 48 33 cd xor rcx, rbp + 00157 e8 00 00 00 00 call __security_check_cookie + 0015c 48 8d a5 58 01 + 00 00 lea rsp, QWORD PTR [rbp+344] + 00163 5f pop rdi + 00164 5d pop rbp + 00165 c3 ret 0 +?JitEmitRipRelativeAndB@@YAHPEAU_NATIVE_CODE_BLOCK@@HK@Z ENDP ; JitEmitRipRelativeAndB +_TEXT ENDS +; COMDAT text$x +text$x SEGMENT +RawData$ = 4 +Link$ = 40 +$T4 = 264 +$T5 = 296 +tv78 = 312 +__$ArrayPad$ = 320 +Block$ = 368 +RipDelta$ = 376 +Value$ = 384 +?dtor$0@?0??JitEmitRipRelativeAndB@@YAHPEAU_NATIVE_CODE_BLOCK@@HK@Z@4HA PROC ; `JitEmitRipRelativeAndB'::`1'::dtor$0 + 00000 48 89 4c 24 08 mov QWORD PTR [rsp+8], rcx + 00005 48 89 54 24 10 mov QWORD PTR [rsp+16], rdx + 0000a 55 push rbp + 0000b 57 push rdi + 0000c 48 83 ec 28 sub rsp, 40 ; 00000028H + 00010 48 8d 6a 20 lea rbp, QWORD PTR [rdx+32] + 00014 ba f0 00 00 00 mov edx, 240 ; 000000f0H + 00019 48 8b 8d 28 01 + 00 00 mov rcx, QWORD PTR $T5[rbp] + 00020 e8 00 00 00 00 call ??3@YAXPEAX_K@Z ; operator delete + 00025 48 83 c4 28 add rsp, 40 ; 00000028H + 00029 5f pop rdi + 0002a 5d pop rbp + 0002b c3 ret 0 +?dtor$0@?0??JitEmitRipRelativeAndB@@YAHPEAU_NATIVE_CODE_BLOCK@@HK@Z@4HA ENDP ; `JitEmitRipRelativeAndB'::`1'::dtor$0 +text$x ENDS +; Function compile flags: /Odtp /RTCsu /ZI +; COMDAT text$x +text$x SEGMENT +RawData$ = 4 +Link$ = 40 +$T4 = 264 +$T5 = 296 +tv78 = 312 +__$ArrayPad$ = 320 +Block$ = 368 +RipDelta$ = 376 +Value$ = 384 +?dtor$0@?0??JitEmitRipRelativeAndB@@YAHPEAU_NATIVE_CODE_BLOCK@@HK@Z@4HA PROC ; `JitEmitRipRelativeAndB'::`1'::dtor$0 + 00000 48 89 4c 24 08 mov QWORD PTR [rsp+8], rcx + 00005 48 89 54 24 10 mov QWORD PTR [rsp+16], rdx + 0000a 55 push rbp + 0000b 57 push rdi + 0000c 48 83 ec 28 sub rsp, 40 ; 00000028H + 00010 48 8d 6a 20 lea rbp, QWORD PTR [rdx+32] + 00014 ba f0 00 00 00 mov edx, 240 ; 000000f0H + 00019 48 8b 8d 28 01 + 00 00 mov rcx, QWORD PTR $T5[rbp] + 00020 e8 00 00 00 00 call ??3@YAXPEAX_K@Z ; operator delete + 00025 48 83 c4 28 add rsp, 40 ; 00000028H + 00029 5f pop rdi + 0002a 5d pop rbp + 0002b c3 ret 0 +?dtor$0@?0??JitEmitRipRelativeAndB@@YAHPEAU_NATIVE_CODE_BLOCK@@HK@Z@4HA ENDP ; `JitEmitRipRelativeAndB'::`1'::dtor$0 +text$x ENDS +; Function compile flags: /Odtp /RTCsu /ZI +; File C:\$Fanta\code-virtualizer\CodeVirtualizer\RipAndInst.cpp +; COMDAT ?JitEmitRipRelativeAndW@@YAHPEAU_NATIVE_CODE_BLOCK@@HK@Z +_TEXT SEGMENT +RawData$ = 8 +Link$ = 56 +$T4 = 280 +$T5 = 312 +tv78 = 328 +__$ArrayPad$ = 336 +Block$ = 384 +RipDelta$ = 392 +Value$ = 400 +?JitEmitRipRelativeAndW@@YAHPEAU_NATIVE_CODE_BLOCK@@HK@Z PROC ; JitEmitRipRelativeAndW, COMDAT + +; 16 : { + +$LN6: + 00000 44 89 44 24 18 mov DWORD PTR [rsp+24], r8d + 00005 89 54 24 10 mov DWORD PTR [rsp+16], edx + 00009 48 89 4c 24 08 mov QWORD PTR [rsp+8], rcx + 0000e 55 push rbp + 0000f 57 push rdi + 00010 48 81 ec 88 01 + 00 00 sub rsp, 392 ; 00000188H + 00017 48 8d 6c 24 20 lea rbp, QWORD PTR [rsp+32] + 0001c 48 8b fc mov rdi, rsp + 0001f b9 62 00 00 00 mov ecx, 98 ; 00000062H + 00024 b8 cc cc cc cc mov eax, -858993460 ; ccccccccH + 00029 f3 ab rep stosd + 0002b 48 8b 8c 24 a8 + 01 00 00 mov rcx, QWORD PTR [rsp+424] + 00033 48 8b 05 00 00 + 00 00 mov rax, QWORD PTR __security_cookie + 0003a 48 33 c5 xor rax, rbp + 0003d 48 89 85 50 01 + 00 00 mov QWORD PTR __$ArrayPad$[rbp], rax + 00044 48 8d 0d 00 00 + 00 00 lea rcx, OFFSET FLAT:__FA14AA08_RipAndInst@cpp + 0004b e8 00 00 00 00 call __CheckForDebuggerJustMyCode + +; 17 : UCHAR RawData[] = { 0x66, 0x83, 0x25, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }; + + 00050 c6 45 08 66 mov BYTE PTR RawData$[rbp], 102 ; 00000066H + 00054 c6 45 09 83 mov BYTE PTR RawData$[rbp+1], 131 ; 00000083H + 00058 c6 45 0a 25 mov BYTE PTR RawData$[rbp+2], 37 ; 00000025H + 0005c c6 45 0b 00 mov BYTE PTR RawData$[rbp+3], 0 + 00060 c6 45 0c 00 mov BYTE PTR RawData$[rbp+4], 0 + 00064 c6 45 0d 00 mov BYTE PTR RawData$[rbp+5], 0 + 00068 c6 45 0e 00 mov BYTE PTR RawData$[rbp+6], 0 + 0006c c6 45 0f 00 mov BYTE PTR RawData$[rbp+7], 0 + 00070 c6 45 10 00 mov BYTE PTR RawData$[rbp+8], 0 + +; 18 : +; 19 : PNATIVE_CODE_LINK Link = new NATIVE_CODE_LINK(CODE_FLAG_IS_INST | CODE_FLAG_DO_NOT_DIVIDE, RawData, sizeof(RawData)); + + 00074 b9 f0 00 00 00 mov ecx, 240 ; 000000f0H + 00079 e8 00 00 00 00 call ??2@YAPEAX_K@Z ; operator new + 0007e 48 89 85 38 01 + 00 00 mov QWORD PTR $T5[rbp], rax + 00085 48 83 bd 38 01 + 00 00 00 cmp QWORD PTR $T5[rbp], 0 + 0008d 74 24 je SHORT $LN3@JitEmitRip + 0008f 41 b9 09 00 00 + 00 mov r9d, 9 + 00095 4c 8d 45 08 lea r8, QWORD PTR RawData$[rbp] + 00099 ba 0c 00 00 00 mov edx, 12 + 0009e 48 8b 8d 38 01 + 00 00 mov rcx, QWORD PTR $T5[rbp] + 000a5 e8 00 00 00 00 call ??0_NATIVE_CODE_LINK@@QEAA@KPEAXK@Z ; _NATIVE_CODE_LINK::_NATIVE_CODE_LINK + 000aa 48 89 85 48 01 + 00 00 mov QWORD PTR tv78[rbp], rax + 000b1 eb 0b jmp SHORT $LN4@JitEmitRip +$LN3@JitEmitRip: + 000b3 48 c7 85 48 01 + 00 00 00 00 00 + 00 mov QWORD PTR tv78[rbp], 0 +$LN4@JitEmitRip: + 000be 48 8b 85 48 01 + 00 00 mov rax, QWORD PTR tv78[rbp] + 000c5 48 89 85 18 01 + 00 00 mov QWORD PTR $T4[rbp], rax + 000cc 48 8b 85 18 01 + 00 00 mov rax, QWORD PTR $T4[rbp] + 000d3 48 89 45 38 mov QWORD PTR Link$[rbp], rax + +; 20 : *(PINT32)&Link->RawData[3] = RipDelta; + + 000d7 b8 01 00 00 00 mov eax, 1 + 000dc 48 6b c0 03 imul rax, rax, 3 + 000e0 48 8b 4d 38 mov rcx, QWORD PTR Link$[rbp] + 000e4 48 8b 49 20 mov rcx, QWORD PTR [rcx+32] + 000e8 8b 95 88 01 00 + 00 mov edx, DWORD PTR RipDelta$[rbp] + 000ee 89 14 08 mov DWORD PTR [rax+rcx], edx + +; 21 : *(PUSHORT)&Link->RawData[7] = (USHORT)Value; + + 000f1 b8 01 00 00 00 mov eax, 1 + 000f6 48 6b c0 07 imul rax, rax, 7 + 000fa 48 8b 4d 38 mov rcx, QWORD PTR Link$[rbp] + 000fe 48 8b 49 20 mov rcx, QWORD PTR [rcx+32] + 00102 0f b7 95 90 01 + 00 00 movzx edx, WORD PTR Value$[rbp] + 00109 66 89 14 08 mov WORD PTR [rax+rcx], dx + +; 22 : XedDecode(&Link->XedInstruction, Link->RawData, Link->RawDataSize); + + 0010d 48 8b 45 38 mov rax, QWORD PTR Link$[rbp] + 00111 48 83 c0 30 add rax, 48 ; 00000030H + 00115 48 8b 4d 38 mov rcx, QWORD PTR Link$[rbp] + 00119 44 8b 41 28 mov r8d, DWORD PTR [rcx+40] + 0011d 48 8b 4d 38 mov rcx, QWORD PTR Link$[rbp] + 00121 48 8b 51 20 mov rdx, QWORD PTR [rcx+32] + 00125 48 8b c8 mov rcx, rax + 00128 e8 00 00 00 00 call xed_decode + +; 23 : NcAppendToBlock(Block, Link); + + 0012d 48 8b 55 38 mov rdx, QWORD PTR Link$[rbp] + 00131 48 8b 8d 80 01 + 00 00 mov rcx, QWORD PTR Block$[rbp] + 00138 e8 00 00 00 00 call ?NcAppendToBlock@@YAXPEAU_NATIVE_CODE_BLOCK@@PEAU_NATIVE_CODE_LINK@@@Z ; NcAppendToBlock + +; 24 : return TRUE; + + 0013d b8 01 00 00 00 mov eax, 1 + +; 25 : } + + 00142 8b f8 mov edi, eax + 00144 48 8d 4d e0 lea rcx, QWORD PTR [rbp-32] + 00148 48 8d 15 00 00 + 00 00 lea rdx, OFFSET FLAT:?JitEmitRipRelativeAndW@@YAHPEAU_NATIVE_CODE_BLOCK@@HK@Z$rtcFrameData + 0014f e8 00 00 00 00 call _RTC_CheckStackVars + 00154 8b c7 mov eax, edi + 00156 48 8b 8d 50 01 + 00 00 mov rcx, QWORD PTR __$ArrayPad$[rbp] + 0015d 48 33 cd xor rcx, rbp + 00160 e8 00 00 00 00 call __security_check_cookie + 00165 48 8d a5 68 01 + 00 00 lea rsp, QWORD PTR [rbp+360] + 0016c 5f pop rdi + 0016d 5d pop rbp + 0016e c3 ret 0 +?JitEmitRipRelativeAndW@@YAHPEAU_NATIVE_CODE_BLOCK@@HK@Z ENDP ; JitEmitRipRelativeAndW +_TEXT ENDS +; COMDAT text$x +text$x SEGMENT +RawData$ = 8 +Link$ = 56 +$T4 = 280 +$T5 = 312 +tv78 = 328 +__$ArrayPad$ = 336 +Block$ = 384 +RipDelta$ = 392 +Value$ = 400 +?dtor$0@?0??JitEmitRipRelativeAndW@@YAHPEAU_NATIVE_CODE_BLOCK@@HK@Z@4HA PROC ; `JitEmitRipRelativeAndW'::`1'::dtor$0 + 00000 48 89 4c 24 08 mov QWORD PTR [rsp+8], rcx + 00005 48 89 54 24 10 mov QWORD PTR [rsp+16], rdx + 0000a 55 push rbp + 0000b 57 push rdi + 0000c 48 83 ec 28 sub rsp, 40 ; 00000028H + 00010 48 8d 6a 20 lea rbp, QWORD PTR [rdx+32] + 00014 ba f0 00 00 00 mov edx, 240 ; 000000f0H + 00019 48 8b 8d 38 01 + 00 00 mov rcx, QWORD PTR $T5[rbp] + 00020 e8 00 00 00 00 call ??3@YAXPEAX_K@Z ; operator delete + 00025 48 83 c4 28 add rsp, 40 ; 00000028H + 00029 5f pop rdi + 0002a 5d pop rbp + 0002b c3 ret 0 +?dtor$0@?0??JitEmitRipRelativeAndW@@YAHPEAU_NATIVE_CODE_BLOCK@@HK@Z@4HA ENDP ; `JitEmitRipRelativeAndW'::`1'::dtor$0 +text$x ENDS +; Function compile flags: /Odtp /RTCsu /ZI +; COMDAT text$x +text$x SEGMENT +RawData$ = 8 +Link$ = 56 +$T4 = 280 +$T5 = 312 +tv78 = 328 +__$ArrayPad$ = 336 +Block$ = 384 +RipDelta$ = 392 +Value$ = 400 +?dtor$0@?0??JitEmitRipRelativeAndW@@YAHPEAU_NATIVE_CODE_BLOCK@@HK@Z@4HA PROC ; `JitEmitRipRelativeAndW'::`1'::dtor$0 + 00000 48 89 4c 24 08 mov QWORD PTR [rsp+8], rcx + 00005 48 89 54 24 10 mov QWORD PTR [rsp+16], rdx + 0000a 55 push rbp + 0000b 57 push rdi + 0000c 48 83 ec 28 sub rsp, 40 ; 00000028H + 00010 48 8d 6a 20 lea rbp, QWORD PTR [rdx+32] + 00014 ba f0 00 00 00 mov edx, 240 ; 000000f0H + 00019 48 8b 8d 38 01 + 00 00 mov rcx, QWORD PTR $T5[rbp] + 00020 e8 00 00 00 00 call ??3@YAXPEAX_K@Z ; operator delete + 00025 48 83 c4 28 add rsp, 40 ; 00000028H + 00029 5f pop rdi + 0002a 5d pop rbp + 0002b c3 ret 0 +?dtor$0@?0??JitEmitRipRelativeAndW@@YAHPEAU_NATIVE_CODE_BLOCK@@HK@Z@4HA ENDP ; `JitEmitRipRelativeAndW'::`1'::dtor$0 +text$x ENDS +; Function compile flags: /Odtp /RTCsu /ZI +; File C:\$Fanta\code-virtualizer\CodeVirtualizer\RipAndInst.cpp +; COMDAT ?JitEmitRipRelativeAndD@@YAHPEAU_NATIVE_CODE_BLOCK@@HK@Z +_TEXT SEGMENT +RawData$ = 8 +Link$ = 56 +$T4 = 280 +$T5 = 312 +tv78 = 328 +__$ArrayPad$ = 336 +Block$ = 384 +RipDelta$ = 392 +Value$ = 400 +?JitEmitRipRelativeAndD@@YAHPEAU_NATIVE_CODE_BLOCK@@HK@Z PROC ; JitEmitRipRelativeAndD, COMDAT + +; 4 : { + +$LN6: + 00000 44 89 44 24 18 mov DWORD PTR [rsp+24], r8d + 00005 89 54 24 10 mov DWORD PTR [rsp+16], edx + 00009 48 89 4c 24 08 mov QWORD PTR [rsp+8], rcx + 0000e 55 push rbp + 0000f 57 push rdi + 00010 48 81 ec 88 01 + 00 00 sub rsp, 392 ; 00000188H + 00017 48 8d 6c 24 20 lea rbp, QWORD PTR [rsp+32] + 0001c 48 8b fc mov rdi, rsp + 0001f b9 62 00 00 00 mov ecx, 98 ; 00000062H + 00024 b8 cc cc cc cc mov eax, -858993460 ; ccccccccH + 00029 f3 ab rep stosd + 0002b 48 8b 8c 24 a8 + 01 00 00 mov rcx, QWORD PTR [rsp+424] + 00033 48 8b 05 00 00 + 00 00 mov rax, QWORD PTR __security_cookie + 0003a 48 33 c5 xor rax, rbp + 0003d 48 89 85 50 01 + 00 00 mov QWORD PTR __$ArrayPad$[rbp], rax + 00044 48 8d 0d 00 00 + 00 00 lea rcx, OFFSET FLAT:__FA14AA08_RipAndInst@cpp + 0004b e8 00 00 00 00 call __CheckForDebuggerJustMyCode + +; 5 : UCHAR RawData[] = { 0x81, 0x25, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }; + + 00050 c6 45 08 81 mov BYTE PTR RawData$[rbp], 129 ; 00000081H + 00054 c6 45 09 25 mov BYTE PTR RawData$[rbp+1], 37 ; 00000025H + 00058 c6 45 0a 00 mov BYTE PTR RawData$[rbp+2], 0 + 0005c c6 45 0b 00 mov BYTE PTR RawData$[rbp+3], 0 + 00060 c6 45 0c 00 mov BYTE PTR RawData$[rbp+4], 0 + 00064 c6 45 0d 00 mov BYTE PTR RawData$[rbp+5], 0 + 00068 c6 45 0e 00 mov BYTE PTR RawData$[rbp+6], 0 + 0006c c6 45 0f 00 mov BYTE PTR RawData$[rbp+7], 0 + 00070 c6 45 10 00 mov BYTE PTR RawData$[rbp+8], 0 + 00074 c6 45 11 00 mov BYTE PTR RawData$[rbp+9], 0 + +; 6 : +; 7 : PNATIVE_CODE_LINK Link = new NATIVE_CODE_LINK(CODE_FLAG_IS_INST | CODE_FLAG_DO_NOT_DIVIDE, RawData, sizeof(RawData)); + + 00078 b9 f0 00 00 00 mov ecx, 240 ; 000000f0H + 0007d e8 00 00 00 00 call ??2@YAPEAX_K@Z ; operator new + 00082 48 89 85 38 01 + 00 00 mov QWORD PTR $T5[rbp], rax + 00089 48 83 bd 38 01 + 00 00 00 cmp QWORD PTR $T5[rbp], 0 + 00091 74 24 je SHORT $LN3@JitEmitRip + 00093 41 b9 0a 00 00 + 00 mov r9d, 10 + 00099 4c 8d 45 08 lea r8, QWORD PTR RawData$[rbp] + 0009d ba 0c 00 00 00 mov edx, 12 + 000a2 48 8b 8d 38 01 + 00 00 mov rcx, QWORD PTR $T5[rbp] + 000a9 e8 00 00 00 00 call ??0_NATIVE_CODE_LINK@@QEAA@KPEAXK@Z ; _NATIVE_CODE_LINK::_NATIVE_CODE_LINK + 000ae 48 89 85 48 01 + 00 00 mov QWORD PTR tv78[rbp], rax + 000b5 eb 0b jmp SHORT $LN4@JitEmitRip +$LN3@JitEmitRip: + 000b7 48 c7 85 48 01 + 00 00 00 00 00 + 00 mov QWORD PTR tv78[rbp], 0 +$LN4@JitEmitRip: + 000c2 48 8b 85 48 01 + 00 00 mov rax, QWORD PTR tv78[rbp] + 000c9 48 89 85 18 01 + 00 00 mov QWORD PTR $T4[rbp], rax + 000d0 48 8b 85 18 01 + 00 00 mov rax, QWORD PTR $T4[rbp] + 000d7 48 89 45 38 mov QWORD PTR Link$[rbp], rax + +; 8 : *(PINT32)&Link->RawData[2] = RipDelta; + + 000db b8 01 00 00 00 mov eax, 1 + 000e0 48 6b c0 02 imul rax, rax, 2 + 000e4 48 8b 4d 38 mov rcx, QWORD PTR Link$[rbp] + 000e8 48 8b 49 20 mov rcx, QWORD PTR [rcx+32] + 000ec 8b 95 88 01 00 + 00 mov edx, DWORD PTR RipDelta$[rbp] + 000f2 89 14 08 mov DWORD PTR [rax+rcx], edx + +; 9 : *(PULONG)&Link->RawData[6] = Value; + + 000f5 b8 01 00 00 00 mov eax, 1 + 000fa 48 6b c0 06 imul rax, rax, 6 + 000fe 48 8b 4d 38 mov rcx, QWORD PTR Link$[rbp] + 00102 48 8b 49 20 mov rcx, QWORD PTR [rcx+32] + 00106 8b 95 90 01 00 + 00 mov edx, DWORD PTR Value$[rbp] + 0010c 89 14 08 mov DWORD PTR [rax+rcx], edx + +; 10 : XedDecode(&Link->XedInstruction, Link->RawData, Link->RawDataSize); + + 0010f 48 8b 45 38 mov rax, QWORD PTR Link$[rbp] + 00113 48 83 c0 30 add rax, 48 ; 00000030H + 00117 48 8b 4d 38 mov rcx, QWORD PTR Link$[rbp] + 0011b 44 8b 41 28 mov r8d, DWORD PTR [rcx+40] + 0011f 48 8b 4d 38 mov rcx, QWORD PTR Link$[rbp] + 00123 48 8b 51 20 mov rdx, QWORD PTR [rcx+32] + 00127 48 8b c8 mov rcx, rax + 0012a e8 00 00 00 00 call xed_decode + +; 11 : NcAppendToBlock(Block, Link); + + 0012f 48 8b 55 38 mov rdx, QWORD PTR Link$[rbp] + 00133 48 8b 8d 80 01 + 00 00 mov rcx, QWORD PTR Block$[rbp] + 0013a e8 00 00 00 00 call ?NcAppendToBlock@@YAXPEAU_NATIVE_CODE_BLOCK@@PEAU_NATIVE_CODE_LINK@@@Z ; NcAppendToBlock + +; 12 : return TRUE; + + 0013f b8 01 00 00 00 mov eax, 1 + +; 13 : } + + 00144 8b f8 mov edi, eax + 00146 48 8d 4d e0 lea rcx, QWORD PTR [rbp-32] + 0014a 48 8d 15 00 00 + 00 00 lea rdx, OFFSET FLAT:?JitEmitRipRelativeAndD@@YAHPEAU_NATIVE_CODE_BLOCK@@HK@Z$rtcFrameData + 00151 e8 00 00 00 00 call _RTC_CheckStackVars + 00156 8b c7 mov eax, edi + 00158 48 8b 8d 50 01 + 00 00 mov rcx, QWORD PTR __$ArrayPad$[rbp] + 0015f 48 33 cd xor rcx, rbp + 00162 e8 00 00 00 00 call __security_check_cookie + 00167 48 8d a5 68 01 + 00 00 lea rsp, QWORD PTR [rbp+360] + 0016e 5f pop rdi + 0016f 5d pop rbp + 00170 c3 ret 0 +?JitEmitRipRelativeAndD@@YAHPEAU_NATIVE_CODE_BLOCK@@HK@Z ENDP ; JitEmitRipRelativeAndD +_TEXT ENDS +; COMDAT text$x +text$x SEGMENT +RawData$ = 8 +Link$ = 56 +$T4 = 280 +$T5 = 312 +tv78 = 328 +__$ArrayPad$ = 336 +Block$ = 384 +RipDelta$ = 392 +Value$ = 400 +?dtor$0@?0??JitEmitRipRelativeAndD@@YAHPEAU_NATIVE_CODE_BLOCK@@HK@Z@4HA PROC ; `JitEmitRipRelativeAndD'::`1'::dtor$0 + 00000 48 89 4c 24 08 mov QWORD PTR [rsp+8], rcx + 00005 48 89 54 24 10 mov QWORD PTR [rsp+16], rdx + 0000a 55 push rbp + 0000b 57 push rdi + 0000c 48 83 ec 28 sub rsp, 40 ; 00000028H + 00010 48 8d 6a 20 lea rbp, QWORD PTR [rdx+32] + 00014 ba f0 00 00 00 mov edx, 240 ; 000000f0H + 00019 48 8b 8d 38 01 + 00 00 mov rcx, QWORD PTR $T5[rbp] + 00020 e8 00 00 00 00 call ??3@YAXPEAX_K@Z ; operator delete + 00025 48 83 c4 28 add rsp, 40 ; 00000028H + 00029 5f pop rdi + 0002a 5d pop rbp + 0002b c3 ret 0 +?dtor$0@?0??JitEmitRipRelativeAndD@@YAHPEAU_NATIVE_CODE_BLOCK@@HK@Z@4HA ENDP ; `JitEmitRipRelativeAndD'::`1'::dtor$0 +text$x ENDS +; Function compile flags: /Odtp /RTCsu /ZI +; COMDAT text$x +text$x SEGMENT +RawData$ = 8 +Link$ = 56 +$T4 = 280 +$T5 = 312 +tv78 = 328 +__$ArrayPad$ = 336 +Block$ = 384 +RipDelta$ = 392 +Value$ = 400 +?dtor$0@?0??JitEmitRipRelativeAndD@@YAHPEAU_NATIVE_CODE_BLOCK@@HK@Z@4HA PROC ; `JitEmitRipRelativeAndD'::`1'::dtor$0 + 00000 48 89 4c 24 08 mov QWORD PTR [rsp+8], rcx + 00005 48 89 54 24 10 mov QWORD PTR [rsp+16], rdx + 0000a 55 push rbp + 0000b 57 push rdi + 0000c 48 83 ec 28 sub rsp, 40 ; 00000028H + 00010 48 8d 6a 20 lea rbp, QWORD PTR [rdx+32] + 00014 ba f0 00 00 00 mov edx, 240 ; 000000f0H + 00019 48 8b 8d 38 01 + 00 00 mov rcx, QWORD PTR $T5[rbp] + 00020 e8 00 00 00 00 call ??3@YAXPEAX_K@Z ; operator delete + 00025 48 83 c4 28 add rsp, 40 ; 00000028H + 00029 5f pop rdi + 0002a 5d pop rbp + 0002b c3 ret 0 +?dtor$0@?0??JitEmitRipRelativeAndD@@YAHPEAU_NATIVE_CODE_BLOCK@@HK@Z@4HA ENDP ; `JitEmitRipRelativeAndD'::`1'::dtor$0 +text$x ENDS +; Function compile flags: /Odtp /RTCsu /ZI +; File C:\Program Files (x86)\Microsoft Visual Studio\2019\Community\VC\Tools\MSVC\14.27.29110\include\xloctime +; COMDAT ??$_Getvals@_W@?$time_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@IEAAX_WAEBV_Locinfo@1@@Z +_TEXT SEGMENT +$T1 = 200 +tv93 = 264 +tv85 = 264 +this$ = 304 +__formal$ = 312 +_Lobj$ = 320 +??$_Getvals@_W@?$time_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@IEAAX_WAEBV_Locinfo@1@@Z PROC ; std::time_get > >::_Getvals, COMDAT + +; 176 : void __CLR_OR_THIS_CALL _Getvals(_Elem2, const _Locinfo& _Lobj) { // get values + +$LN5: + 00000 4c 89 44 24 18 mov QWORD PTR [rsp+24], r8 + 00005 66 89 54 24 10 mov WORD PTR [rsp+16], dx + 0000a 48 89 4c 24 08 mov QWORD PTR [rsp+8], rcx + 0000f 55 push rbp + 00010 56 push rsi + 00011 57 push rdi + 00012 48 81 ec 30 01 + 00 00 sub rsp, 304 ; 00000130H + 00019 48 8d 6c 24 20 lea rbp, QWORD PTR [rsp+32] + 0001e 48 8b fc mov rdi, rsp + 00021 b9 4c 00 00 00 mov ecx, 76 ; 0000004cH + 00026 b8 cc cc cc cc mov eax, -858993460 ; ccccccccH + 0002b f3 ab rep stosd + 0002d 48 8b 8c 24 58 + 01 00 00 mov rcx, QWORD PTR [rsp+344] + 00035 48 8d 0d 00 00 + 00 00 lea rcx, OFFSET FLAT:__886F7F70_xloctime + 0003c e8 00 00 00 00 call __CheckForDebuggerJustMyCode + +; 177 : _Cvt = _Lobj._Getcvt(); + + 00041 48 8d 95 c8 00 + 00 00 lea rdx, QWORD PTR $T1[rbp] + 00048 48 8b 8d 40 01 + 00 00 mov rcx, QWORD PTR _Lobj$[rbp] + 0004f ff 15 00 00 00 + 00 call QWORD PTR __imp_?_Getcvt@_Locinfo@std@@QEBA?AU_Cvtvec@@XZ + 00055 48 8b 8d 30 01 + 00 00 mov rcx, QWORD PTR this$[rbp] + 0005c 48 8d 79 2c lea rdi, QWORD PTR [rcx+44] + 00060 48 8b f0 mov rsi, rax + 00063 b9 2c 00 00 00 mov ecx, 44 ; 0000002cH + 00068 f3 a4 rep movsb + +; 178 : +; 179 : if (is_same_v<_Elem2, wchar_t>) { + + 0006a 33 c0 xor eax, eax + 0006c 83 f8 01 cmp eax, 1 + 0006f 74 5c je SHORT $LN2@Getvals + +; 180 : _Days = reinterpret_cast(_Maklocwcs(reinterpret_cast(_Lobj._W_Getdays()))); + + 00071 48 8b 8d 40 01 + 00 00 mov rcx, QWORD PTR _Lobj$[rbp] + 00078 ff 15 00 00 00 + 00 call QWORD PTR __imp_?_W_Getdays@_Locinfo@std@@QEBAPEBGXZ + 0007e 48 8b c8 mov rcx, rax + 00081 e8 00 00 00 00 call ?_Maklocwcs@std@@YAPEA_WPEB_W@Z ; std::_Maklocwcs + 00086 48 8b 8d 30 01 + 00 00 mov rcx, QWORD PTR this$[rbp] + 0008d 48 89 41 10 mov QWORD PTR [rcx+16], rax + +; 181 : _Months = + + 00091 48 8b 8d 40 01 + 00 00 mov rcx, QWORD PTR _Lobj$[rbp] + 00098 ff 15 00 00 00 + 00 call QWORD PTR __imp_?_W_Getmonths@_Locinfo@std@@QEBAPEBGXZ + 0009e 48 8b c8 mov rcx, rax + 000a1 e8 00 00 00 00 call ?_Maklocwcs@std@@YAPEA_WPEB_W@Z ; std::_Maklocwcs + 000a6 48 8b 8d 30 01 + 00 00 mov rcx, QWORD PTR this$[rbp] + 000ad 48 89 41 18 mov QWORD PTR [rcx+24], rax + +; 182 : reinterpret_cast(_Maklocwcs(reinterpret_cast(_Lobj._W_Getmonths()))); +; 183 : _Ampm = reinterpret_cast(_Maklocwcs(L":AM:am:PM:pm")); + + 000b1 48 8d 0d 00 00 + 00 00 lea rcx, OFFSET FLAT:??_C@_1BK@MHIKGOKE@?$AA?3?$AAA?$AAM?$AA?3?$AAa?$AAm?$AA?3?$AAP?$AAM?$AA?3?$AAp?$AAm@ + 000b8 e8 00 00 00 00 call ?_Maklocwcs@std@@YAPEA_WPEB_W@Z ; std::_Maklocwcs + 000bd 48 8b 8d 30 01 + 00 00 mov rcx, QWORD PTR this$[rbp] + 000c4 48 89 41 20 mov QWORD PTR [rcx+32], rax + +; 184 : } else { + + 000c8 e9 a3 00 00 00 jmp $LN3@Getvals +$LN2@Getvals: + +; 185 : _Days = _Maklocstr(_Lobj._Getdays(), static_cast<_Elem*>(nullptr), _Cvt); + + 000cd 48 8b 85 30 01 + 00 00 mov rax, QWORD PTR this$[rbp] + 000d4 48 83 c0 2c add rax, 44 ; 0000002cH + 000d8 48 89 85 08 01 + 00 00 mov QWORD PTR tv85[rbp], rax + 000df 48 8b 8d 40 01 + 00 00 mov rcx, QWORD PTR _Lobj$[rbp] + 000e6 ff 15 00 00 00 + 00 call QWORD PTR __imp_?_Getdays@_Locinfo@std@@QEBAPEBDXZ + 000ec 48 8b 8d 08 01 + 00 00 mov rcx, QWORD PTR tv85[rbp] + 000f3 4c 8b c1 mov r8, rcx + 000f6 33 d2 xor edx, edx + 000f8 48 8b c8 mov rcx, rax + 000fb e8 00 00 00 00 call ??$_Maklocstr@_W@std@@YAPEA_WPEBDPEA_WAEBU_Cvtvec@@@Z ; std::_Maklocstr + 00100 48 8b 8d 30 01 + 00 00 mov rcx, QWORD PTR this$[rbp] + 00107 48 89 41 10 mov QWORD PTR [rcx+16], rax + +; 186 : _Months = _Maklocstr(_Lobj._Getmonths(), static_cast<_Elem*>(nullptr), _Cvt); + + 0010b 48 8b 85 30 01 + 00 00 mov rax, QWORD PTR this$[rbp] + 00112 48 83 c0 2c add rax, 44 ; 0000002cH + 00116 48 89 85 08 01 + 00 00 mov QWORD PTR tv93[rbp], rax + 0011d 48 8b 8d 40 01 + 00 00 mov rcx, QWORD PTR _Lobj$[rbp] + 00124 ff 15 00 00 00 + 00 call QWORD PTR __imp_?_Getmonths@_Locinfo@std@@QEBAPEBDXZ + 0012a 48 8b 8d 08 01 + 00 00 mov rcx, QWORD PTR tv93[rbp] + 00131 4c 8b c1 mov r8, rcx + 00134 33 d2 xor edx, edx + 00136 48 8b c8 mov rcx, rax + 00139 e8 00 00 00 00 call ??$_Maklocstr@_W@std@@YAPEA_WPEBDPEA_WAEBU_Cvtvec@@@Z ; std::_Maklocstr + 0013e 48 8b 8d 30 01 + 00 00 mov rcx, QWORD PTR this$[rbp] + 00145 48 89 41 18 mov QWORD PTR [rcx+24], rax + +; 187 : _Ampm = _Maklocstr(":AM:am:PM:pm", static_cast<_Elem*>(nullptr), _Cvt); + + 00149 48 8b 85 30 01 + 00 00 mov rax, QWORD PTR this$[rbp] + 00150 48 83 c0 2c add rax, 44 ; 0000002cH + 00154 4c 8b c0 mov r8, rax + 00157 33 d2 xor edx, edx + 00159 48 8d 0d 00 00 + 00 00 lea rcx, OFFSET FLAT:??_C@_0N@LPFKKEBD@?3AM?3am?3PM?3pm@ + 00160 e8 00 00 00 00 call ??$_Maklocstr@_W@std@@YAPEA_WPEBDPEA_WAEBU_Cvtvec@@@Z ; std::_Maklocstr + 00165 48 8b 8d 30 01 + 00 00 mov rcx, QWORD PTR this$[rbp] + 0016c 48 89 41 20 mov QWORD PTR [rcx+32], rax +$LN3@Getvals: + +; 188 : } +; 189 : } + + 00170 48 8d a5 10 01 + 00 00 lea rsp, QWORD PTR [rbp+272] + 00177 5f pop rdi + 00178 5e pop rsi + 00179 5d pop rbp + 0017a c3 ret 0 +??$_Getvals@_W@?$time_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@IEAAX_WAEBV_Locinfo@1@@Z ENDP ; std::time_get > >::_Getvals +_TEXT ENDS +; Function compile flags: /Odtp /RTCsu /ZI +; File C:\Program Files (x86)\Microsoft Visual Studio\2019\Community\VC\Tools\MSVC\14.27.29110\include\xloctime +; COMDAT ??$_Getvals@_W@?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@IEAAX_WAEBV_Locinfo@1@@Z +_TEXT SEGMENT +$T1 = 200 +tv93 = 264 +tv85 = 264 +this$ = 304 +__formal$ = 312 +_Lobj$ = 320 +??$_Getvals@_W@?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@IEAAX_WAEBV_Locinfo@1@@Z PROC ; std::time_get > >::_Getvals, COMDAT + +; 176 : void __CLR_OR_THIS_CALL _Getvals(_Elem2, const _Locinfo& _Lobj) { // get values + +$LN5: + 00000 4c 89 44 24 18 mov QWORD PTR [rsp+24], r8 + 00005 66 89 54 24 10 mov WORD PTR [rsp+16], dx + 0000a 48 89 4c 24 08 mov QWORD PTR [rsp+8], rcx + 0000f 55 push rbp + 00010 56 push rsi + 00011 57 push rdi + 00012 48 81 ec 30 01 + 00 00 sub rsp, 304 ; 00000130H + 00019 48 8d 6c 24 20 lea rbp, QWORD PTR [rsp+32] + 0001e 48 8b fc mov rdi, rsp + 00021 b9 4c 00 00 00 mov ecx, 76 ; 0000004cH + 00026 b8 cc cc cc cc mov eax, -858993460 ; ccccccccH + 0002b f3 ab rep stosd + 0002d 48 8b 8c 24 58 + 01 00 00 mov rcx, QWORD PTR [rsp+344] + 00035 48 8d 0d 00 00 + 00 00 lea rcx, OFFSET FLAT:__886F7F70_xloctime + 0003c e8 00 00 00 00 call __CheckForDebuggerJustMyCode + +; 177 : _Cvt = _Lobj._Getcvt(); + + 00041 48 8d 95 c8 00 + 00 00 lea rdx, QWORD PTR $T1[rbp] + 00048 48 8b 8d 40 01 + 00 00 mov rcx, QWORD PTR _Lobj$[rbp] + 0004f ff 15 00 00 00 + 00 call QWORD PTR __imp_?_Getcvt@_Locinfo@std@@QEBA?AU_Cvtvec@@XZ + 00055 48 8b 8d 30 01 + 00 00 mov rcx, QWORD PTR this$[rbp] + 0005c 48 8d 79 2c lea rdi, QWORD PTR [rcx+44] + 00060 48 8b f0 mov rsi, rax + 00063 b9 2c 00 00 00 mov ecx, 44 ; 0000002cH + 00068 f3 a4 rep movsb + +; 178 : +; 179 : if (is_same_v<_Elem2, wchar_t>) { + + 0006a 33 c0 xor eax, eax + 0006c 83 f8 01 cmp eax, 1 + 0006f 74 5c je SHORT $LN2@Getvals + +; 180 : _Days = reinterpret_cast(_Maklocwcs(reinterpret_cast(_Lobj._W_Getdays()))); + + 00071 48 8b 8d 40 01 + 00 00 mov rcx, QWORD PTR _Lobj$[rbp] + 00078 ff 15 00 00 00 + 00 call QWORD PTR __imp_?_W_Getdays@_Locinfo@std@@QEBAPEBGXZ + 0007e 48 8b c8 mov rcx, rax + 00081 e8 00 00 00 00 call ?_Maklocwcs@std@@YAPEA_WPEB_W@Z ; std::_Maklocwcs + 00086 48 8b 8d 30 01 + 00 00 mov rcx, QWORD PTR this$[rbp] + 0008d 48 89 41 10 mov QWORD PTR [rcx+16], rax + +; 181 : _Months = + + 00091 48 8b 8d 40 01 + 00 00 mov rcx, QWORD PTR _Lobj$[rbp] + 00098 ff 15 00 00 00 + 00 call QWORD PTR __imp_?_W_Getmonths@_Locinfo@std@@QEBAPEBGXZ + 0009e 48 8b c8 mov rcx, rax + 000a1 e8 00 00 00 00 call ?_Maklocwcs@std@@YAPEA_WPEB_W@Z ; std::_Maklocwcs + 000a6 48 8b 8d 30 01 + 00 00 mov rcx, QWORD PTR this$[rbp] + 000ad 48 89 41 18 mov QWORD PTR [rcx+24], rax + +; 182 : reinterpret_cast(_Maklocwcs(reinterpret_cast(_Lobj._W_Getmonths()))); +; 183 : _Ampm = reinterpret_cast(_Maklocwcs(L":AM:am:PM:pm")); + + 000b1 48 8d 0d 00 00 + 00 00 lea rcx, OFFSET FLAT:??_C@_1BK@MHIKGOKE@?$AA?3?$AAA?$AAM?$AA?3?$AAa?$AAm?$AA?3?$AAP?$AAM?$AA?3?$AAp?$AAm@ + 000b8 e8 00 00 00 00 call ?_Maklocwcs@std@@YAPEA_WPEB_W@Z ; std::_Maklocwcs + 000bd 48 8b 8d 30 01 + 00 00 mov rcx, QWORD PTR this$[rbp] + 000c4 48 89 41 20 mov QWORD PTR [rcx+32], rax + +; 184 : } else { + + 000c8 e9 a3 00 00 00 jmp $LN3@Getvals +$LN2@Getvals: + +; 185 : _Days = _Maklocstr(_Lobj._Getdays(), static_cast<_Elem*>(nullptr), _Cvt); + + 000cd 48 8b 85 30 01 + 00 00 mov rax, QWORD PTR this$[rbp] + 000d4 48 83 c0 2c add rax, 44 ; 0000002cH + 000d8 48 89 85 08 01 + 00 00 mov QWORD PTR tv85[rbp], rax + 000df 48 8b 8d 40 01 + 00 00 mov rcx, QWORD PTR _Lobj$[rbp] + 000e6 ff 15 00 00 00 + 00 call QWORD PTR __imp_?_Getdays@_Locinfo@std@@QEBAPEBDXZ + 000ec 48 8b 8d 08 01 + 00 00 mov rcx, QWORD PTR tv85[rbp] + 000f3 4c 8b c1 mov r8, rcx + 000f6 33 d2 xor edx, edx + 000f8 48 8b c8 mov rcx, rax + 000fb e8 00 00 00 00 call ??$_Maklocstr@D@std@@YAPEADPEBDPEADAEBU_Cvtvec@@@Z ; std::_Maklocstr + 00100 48 8b 8d 30 01 + 00 00 mov rcx, QWORD PTR this$[rbp] + 00107 48 89 41 10 mov QWORD PTR [rcx+16], rax + +; 186 : _Months = _Maklocstr(_Lobj._Getmonths(), static_cast<_Elem*>(nullptr), _Cvt); + + 0010b 48 8b 85 30 01 + 00 00 mov rax, QWORD PTR this$[rbp] + 00112 48 83 c0 2c add rax, 44 ; 0000002cH + 00116 48 89 85 08 01 + 00 00 mov QWORD PTR tv93[rbp], rax + 0011d 48 8b 8d 40 01 + 00 00 mov rcx, QWORD PTR _Lobj$[rbp] + 00124 ff 15 00 00 00 + 00 call QWORD PTR __imp_?_Getmonths@_Locinfo@std@@QEBAPEBDXZ + 0012a 48 8b 8d 08 01 + 00 00 mov rcx, QWORD PTR tv93[rbp] + 00131 4c 8b c1 mov r8, rcx + 00134 33 d2 xor edx, edx + 00136 48 8b c8 mov rcx, rax + 00139 e8 00 00 00 00 call ??$_Maklocstr@D@std@@YAPEADPEBDPEADAEBU_Cvtvec@@@Z ; std::_Maklocstr + 0013e 48 8b 8d 30 01 + 00 00 mov rcx, QWORD PTR this$[rbp] + 00145 48 89 41 18 mov QWORD PTR [rcx+24], rax + +; 187 : _Ampm = _Maklocstr(":AM:am:PM:pm", static_cast<_Elem*>(nullptr), _Cvt); + + 00149 48 8b 85 30 01 + 00 00 mov rax, QWORD PTR this$[rbp] + 00150 48 83 c0 2c add rax, 44 ; 0000002cH + 00154 4c 8b c0 mov r8, rax + 00157 33 d2 xor edx, edx + 00159 48 8d 0d 00 00 + 00 00 lea rcx, OFFSET FLAT:??_C@_0N@LPFKKEBD@?3AM?3am?3PM?3pm@ + 00160 e8 00 00 00 00 call ??$_Maklocstr@D@std@@YAPEADPEBDPEADAEBU_Cvtvec@@@Z ; std::_Maklocstr + 00165 48 8b 8d 30 01 + 00 00 mov rcx, QWORD PTR this$[rbp] + 0016c 48 89 41 20 mov QWORD PTR [rcx+32], rax +$LN3@Getvals: + +; 188 : } +; 189 : } + + 00170 48 8d a5 10 01 + 00 00 lea rsp, QWORD PTR [rbp+272] + 00177 5f pop rdi + 00178 5e pop rsi + 00179 5d pop rbp + 0017a c3 ret 0 +??$_Getvals@_W@?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@IEAAX_WAEBV_Locinfo@1@@Z ENDP ; std::time_get > >::_Getvals +_TEXT ENDS +; Function compile flags: /Odtp /RTCsu /ZI +; File C:\Program Files (x86)\Microsoft Visual Studio\2019\Community\VC\Tools\MSVC\14.27.29110\include\xlocale +; COMDAT ??$_Maklocstr@D@std@@YAPEADPEBDPEADAEBU_Cvtvec@@@Z +_TEXT SEGMENT +_Count$ = 8 +_Ptrdest$ = 40 +_Ptrnext$1 = 72 +_Ptr$ = 320 +__formal$ = 328 +__formal$ = 336 +??$_Maklocstr@D@std@@YAPEADPEBDPEADAEBU_Cvtvec@@@Z PROC ; std::_Maklocstr, COMDAT + +; 563 : _Elem* __CRTDECL _Maklocstr(const char* _Ptr, _Elem*, const _Locinfo::_Cvtvec&) { + +$LN7: + 00000 4c 89 44 24 18 mov QWORD PTR [rsp+24], r8 + 00005 48 89 54 24 10 mov QWORD PTR [rsp+16], rdx + 0000a 48 89 4c 24 08 mov QWORD PTR [rsp+8], rcx + 0000f 55 push rbp + 00010 57 push rdi + 00011 48 81 ec 58 01 + 00 00 sub rsp, 344 ; 00000158H + 00018 48 8d 6c 24 30 lea rbp, QWORD PTR [rsp+48] + 0001d 48 8b fc mov rdi, rsp + 00020 b9 56 00 00 00 mov ecx, 86 ; 00000056H + 00025 b8 cc cc cc cc mov eax, -858993460 ; ccccccccH + 0002a f3 ab rep stosd + 0002c 48 8b 8c 24 78 + 01 00 00 mov rcx, QWORD PTR [rsp+376] + 00034 48 8d 0d 00 00 + 00 00 lea rcx, OFFSET FLAT:__0E648B51_xlocale + 0003b e8 00 00 00 00 call __CheckForDebuggerJustMyCode + +; 564 : // convert C string to _Elem sequence using _Cvtvec +; 565 : size_t _Count = _CSTD strlen(_Ptr) + 1; + + 00040 48 8b 8d 40 01 + 00 00 mov rcx, QWORD PTR _Ptr$[rbp] + 00047 e8 00 00 00 00 call strlen + 0004c 48 ff c0 inc rax + 0004f 48 89 45 08 mov QWORD PTR _Count$[rbp], rax + +; 566 : +; 567 : _Elem* _Ptrdest = static_cast<_Elem*>(_calloc_dbg(_Count, sizeof(_Elem), _CRT_BLOCK, __FILE__, __LINE__)); + + 00053 c7 44 24 20 37 + 02 00 00 mov DWORD PTR [rsp+32], 567 ; 00000237H + 0005b 4c 8d 0d 00 00 + 00 00 lea r9, OFFSET FLAT:??_C@_0GI@DEICPIDJ@C?3?2Program?5Files?5?$CIx86?$CJ?2Microsof@ + 00062 41 b8 02 00 00 + 00 mov r8d, 2 + 00068 ba 01 00 00 00 mov edx, 1 + 0006d 48 8b 4d 08 mov rcx, QWORD PTR _Count$[rbp] + 00071 ff 15 00 00 00 + 00 call QWORD PTR __imp__calloc_dbg + 00077 48 89 45 28 mov QWORD PTR _Ptrdest$[rbp], rax + +; 568 : +; 569 : if (!_Ptrdest) { + + 0007b 48 83 7d 28 00 cmp QWORD PTR _Ptrdest$[rbp], 0 + 00080 75 05 jne SHORT $LN5@Maklocstr + +; 570 : _Xbad_alloc(); + + 00082 e8 00 00 00 00 call ?_Xbad_alloc@std@@YAXXZ ; std::_Xbad_alloc +$LN5@Maklocstr: + +; 571 : } +; 572 : +; 573 : for (_Elem* _Ptrnext = _Ptrdest; 0 < _Count; --_Count, ++_Ptrnext, ++_Ptr) { + + 00087 48 8b 45 28 mov rax, QWORD PTR _Ptrdest$[rbp] + 0008b 48 89 45 48 mov QWORD PTR _Ptrnext$1[rbp], rax + 0008f eb 27 jmp SHORT $LN4@Maklocstr +$LN2@Maklocstr: + 00091 48 8b 45 08 mov rax, QWORD PTR _Count$[rbp] + 00095 48 ff c8 dec rax + 00098 48 89 45 08 mov QWORD PTR _Count$[rbp], rax + 0009c 48 8b 45 48 mov rax, QWORD PTR _Ptrnext$1[rbp] + 000a0 48 ff c0 inc rax + 000a3 48 89 45 48 mov QWORD PTR _Ptrnext$1[rbp], rax + 000a7 48 8b 85 40 01 + 00 00 mov rax, QWORD PTR _Ptr$[rbp] + 000ae 48 ff c0 inc rax + 000b1 48 89 85 40 01 + 00 00 mov QWORD PTR _Ptr$[rbp], rax +$LN4@Maklocstr: + 000b8 48 83 7d 08 00 cmp QWORD PTR _Count$[rbp], 0 + 000bd 76 12 jbe SHORT $LN3@Maklocstr + +; 574 : *_Ptrnext = static_cast<_Elem>(static_cast(*_Ptr)); + + 000bf 48 8b 45 48 mov rax, QWORD PTR _Ptrnext$1[rbp] + 000c3 48 8b 8d 40 01 + 00 00 mov rcx, QWORD PTR _Ptr$[rbp] + 000ca 0f b6 09 movzx ecx, BYTE PTR [rcx] + 000cd 88 08 mov BYTE PTR [rax], cl + +; 575 : } + + 000cf eb c0 jmp SHORT $LN2@Maklocstr +$LN3@Maklocstr: + +; 576 : +; 577 : return _Ptrdest; + + 000d1 48 8b 45 28 mov rax, QWORD PTR _Ptrdest$[rbp] +$LN6@Maklocstr: + +; 578 : } + + 000d5 48 8d a5 28 01 + 00 00 lea rsp, QWORD PTR [rbp+296] + 000dc 5f pop rdi + 000dd 5d pop rbp + 000de c3 ret 0 +??$_Maklocstr@D@std@@YAPEADPEBDPEADAEBU_Cvtvec@@@Z ENDP ; std::_Maklocstr +_TEXT ENDS +; Function compile flags: /Odtp /RTCsu /ZI +; File C:\Program Files (x86)\Microsoft Visual Studio\2019\Community\VC\Tools\MSVC\14.27.29110\include\xlocnum +; COMDAT ?_Maklocwcs@std@@YAPEA_WPEB_W@Z +_TEXT SEGMENT +_Count$ = 8 +_Ptrdest$ = 40 +_Ptr$ = 288 +?_Maklocwcs@std@@YAPEA_WPEB_W@Z PROC ; std::_Maklocwcs, COMDAT + +; 90 : inline wchar_t* _Maklocwcs(const wchar_t* _Ptr) { // copy NTWCS to allocated storage + +$LN4: + 00000 48 89 4c 24 08 mov QWORD PTR [rsp+8], rcx + 00005 55 push rbp + 00006 57 push rdi + 00007 48 81 ec 38 01 + 00 00 sub rsp, 312 ; 00000138H + 0000e 48 8d 6c 24 30 lea rbp, QWORD PTR [rsp+48] + 00013 48 8b fc mov rdi, rsp + 00016 b9 4e 00 00 00 mov ecx, 78 ; 0000004eH + 0001b b8 cc cc cc cc mov eax, -858993460 ; ccccccccH + 00020 f3 ab rep stosd + 00022 48 8b 8c 24 58 + 01 00 00 mov rcx, QWORD PTR [rsp+344] + 0002a 48 8d 0d 00 00 + 00 00 lea rcx, OFFSET FLAT:__90E3ED46_xlocnum + 00031 e8 00 00 00 00 call __CheckForDebuggerJustMyCode + +; 91 : const size_t _Count = _CSTD wcslen(_Ptr) + 1; + + 00036 48 8b 8d 20 01 + 00 00 mov rcx, QWORD PTR _Ptr$[rbp] + 0003d ff 15 00 00 00 + 00 call QWORD PTR __imp_wcslen + 00043 48 ff c0 inc rax + 00046 48 89 45 08 mov QWORD PTR _Count$[rbp], rax + +; 92 : +; 93 : wchar_t* _Ptrdest = static_cast(_calloc_dbg(_Count, sizeof(wchar_t), _CRT_BLOCK, __FILE__, __LINE__)); + + 0004a 8b 05 00 00 00 + 00 mov eax, DWORD PTR ?__LINE__Var@?0??_Maklocwcs@std@@YAPEA_WPEB_W@Z@4JA + 00050 83 c0 03 add eax, 3 + 00053 89 44 24 20 mov DWORD PTR [rsp+32], eax + 00057 4c 8d 0d 00 00 + 00 00 lea r9, OFFSET FLAT:??_C@_0GI@LHMPPKJI@C?3?2Program?5Files?5?$CIx86?$CJ?2Microsof@ + 0005e 41 b8 02 00 00 + 00 mov r8d, 2 + 00064 ba 02 00 00 00 mov edx, 2 + 00069 48 8b 4d 08 mov rcx, QWORD PTR _Count$[rbp] + 0006d ff 15 00 00 00 + 00 call QWORD PTR __imp__calloc_dbg + 00073 48 89 45 28 mov QWORD PTR _Ptrdest$[rbp], rax + +; 94 : +; 95 : if (!_Ptrdest) { + + 00077 48 83 7d 28 00 cmp QWORD PTR _Ptrdest$[rbp], 0 + 0007c 75 05 jne SHORT $LN2@Maklocwcs + +; 96 : _Xbad_alloc(); + + 0007e e8 00 00 00 00 call ?_Xbad_alloc@std@@YAXXZ ; std::_Xbad_alloc +$LN2@Maklocwcs: + +; 97 : } +; 98 : +; 99 : _CSTD wmemcpy(_Ptrdest, _Ptr, _Count); + + 00083 4c 8b 45 08 mov r8, QWORD PTR _Count$[rbp] + 00087 48 8b 95 20 01 + 00 00 mov rdx, QWORD PTR _Ptr$[rbp] + 0008e 48 8b 4d 28 mov rcx, QWORD PTR _Ptrdest$[rbp] + 00092 e8 00 00 00 00 call wmemcpy + +; 100 : return _Ptrdest; + + 00097 48 8b 45 28 mov rax, QWORD PTR _Ptrdest$[rbp] +$LN3@Maklocwcs: + +; 101 : } + + 0009b 48 8d a5 08 01 + 00 00 lea rsp, QWORD PTR [rbp+264] + 000a2 5f pop rdi + 000a3 5d pop rbp + 000a4 c3 ret 0 +?_Maklocwcs@std@@YAPEA_WPEB_W@Z ENDP ; std::_Maklocwcs +_TEXT ENDS +; Function compile flags: /Odtp /RTCsu /ZI +; File C:\Program Files (x86)\Microsoft Visual Studio\2019\Community\VC\Tools\MSVC\14.27.29110\include\xlocale +; COMDAT ??$_Maklocstr@_W@std@@YAPEA_WPEBDPEA_WAEBU_Cvtvec@@@Z +_TEXT SEGMENT +_Count$ = 8 +_Count1$ = 40 +_Wchars$ = 72 +_Ptr1$ = 104 +_Bytes$ = 132 +_Wc$ = 164 +_Mbst1$ = 200 +_Ptrdest$ = 232 +_Ptrnext$ = 264 +_Mbst2$ = 296 +__$ArrayPad$ = 504 +_Ptr$ = 544 +__formal$ = 552 +_Cvt$ = 560 +??$_Maklocstr@_W@std@@YAPEA_WPEBDPEA_WAEBU_Cvtvec@@@Z PROC ; std::_Maklocstr, COMDAT + +; 581 : inline wchar_t* __CRTDECL _Maklocstr(const char* _Ptr, wchar_t*, const _Locinfo::_Cvtvec& _Cvt) { + +$LN12: + 00000 4c 89 44 24 18 mov QWORD PTR [rsp+24], r8 + 00005 48 89 54 24 10 mov QWORD PTR [rsp+16], rdx + 0000a 48 89 4c 24 08 mov QWORD PTR [rsp+8], rcx + 0000f 55 push rbp + 00010 57 push rdi + 00011 48 81 ec 38 02 + 00 00 sub rsp, 568 ; 00000238H + 00018 48 8d 6c 24 30 lea rbp, QWORD PTR [rsp+48] + 0001d 48 8b fc mov rdi, rsp + 00020 b9 8e 00 00 00 mov ecx, 142 ; 0000008eH + 00025 b8 cc cc cc cc mov eax, -858993460 ; ccccccccH + 0002a f3 ab rep stosd + 0002c 48 8b 8c 24 58 + 02 00 00 mov rcx, QWORD PTR [rsp+600] + 00034 48 8b 05 00 00 + 00 00 mov rax, QWORD PTR __security_cookie + 0003b 48 33 c5 xor rax, rbp + 0003e 48 89 85 f8 01 + 00 00 mov QWORD PTR __$ArrayPad$[rbp], rax + 00045 48 8d 0d 00 00 + 00 00 lea rcx, OFFSET FLAT:__0E648B51_xlocale + 0004c e8 00 00 00 00 call __CheckForDebuggerJustMyCode + +; 582 : // convert C string to wchar_t sequence using _Cvtvec +; 583 : size_t _Count; +; 584 : size_t _Count1; +; 585 : size_t _Wchars; +; 586 : const char* _Ptr1; +; 587 : int _Bytes; +; 588 : wchar_t _Wc; +; 589 : mbstate_t _Mbst1 = {}; + + 00051 48 8d 85 c8 00 + 00 00 lea rax, QWORD PTR _Mbst1$[rbp] + 00058 48 8b f8 mov rdi, rax + 0005b 33 c0 xor eax, eax + 0005d b9 08 00 00 00 mov ecx, 8 + 00062 f3 aa rep stosb + +; 590 : +; 591 : _Count1 = _CSTD strlen(_Ptr) + 1; + + 00064 48 8b 8d 20 02 + 00 00 mov rcx, QWORD PTR _Ptr$[rbp] + 0006b e8 00 00 00 00 call strlen + 00070 48 ff c0 inc rax + 00073 48 89 45 28 mov QWORD PTR _Count1$[rbp], rax + +; 592 : for (_Count = _Count1, _Wchars = 0, _Ptr1 = _Ptr; 0 < _Count; _Count -= _Bytes, _Ptr1 += _Bytes, ++_Wchars) { + + 00077 48 8b 45 28 mov rax, QWORD PTR _Count1$[rbp] + 0007b 48 89 45 08 mov QWORD PTR _Count$[rbp], rax + 0007f 48 c7 45 48 00 + 00 00 00 mov QWORD PTR _Wchars$[rbp], 0 + 00087 48 8b 85 20 02 + 00 00 mov rax, QWORD PTR _Ptr$[rbp] + 0008e 48 89 45 68 mov QWORD PTR _Ptr1$[rbp], rax + 00092 eb 35 jmp SHORT $LN4@Maklocstr +$LN2@Maklocstr: + 00094 48 63 85 84 00 + 00 00 movsxd rax, DWORD PTR _Bytes$[rbp] + 0009b 48 8b 4d 08 mov rcx, QWORD PTR _Count$[rbp] + 0009f 48 2b c8 sub rcx, rax + 000a2 48 8b c1 mov rax, rcx + 000a5 48 89 45 08 mov QWORD PTR _Count$[rbp], rax + 000a9 48 63 85 84 00 + 00 00 movsxd rax, DWORD PTR _Bytes$[rbp] + 000b0 48 8b 4d 68 mov rcx, QWORD PTR _Ptr1$[rbp] + 000b4 48 03 c8 add rcx, rax + 000b7 48 8b c1 mov rax, rcx + 000ba 48 89 45 68 mov QWORD PTR _Ptr1$[rbp], rax + 000be 48 8b 45 48 mov rax, QWORD PTR _Wchars$[rbp] + 000c2 48 ff c0 inc rax + 000c5 48 89 45 48 mov QWORD PTR _Wchars$[rbp], rax +$LN4@Maklocstr: + 000c9 48 83 7d 08 00 cmp QWORD PTR _Count$[rbp], 0 + 000ce 76 3a jbe SHORT $LN3@Maklocstr + +; 593 : if ((_Bytes = _Mbrtowc(&_Wc, _Ptr1, _Count, &_Mbst1, &_Cvt)) <= 0) { + + 000d0 48 8b 85 30 02 + 00 00 mov rax, QWORD PTR _Cvt$[rbp] + 000d7 48 89 44 24 20 mov QWORD PTR [rsp+32], rax + 000dc 4c 8d 8d c8 00 + 00 00 lea r9, QWORD PTR _Mbst1$[rbp] + 000e3 4c 8b 45 08 mov r8, QWORD PTR _Count$[rbp] + 000e7 48 8b 55 68 mov rdx, QWORD PTR _Ptr1$[rbp] + 000eb 48 8d 8d a4 00 + 00 00 lea rcx, QWORD PTR _Wc$[rbp] + 000f2 e8 00 00 00 00 call _Mbrtowc + 000f7 89 85 84 00 00 + 00 mov DWORD PTR _Bytes$[rbp], eax + 000fd 83 bd 84 00 00 + 00 00 cmp DWORD PTR _Bytes$[rbp], 0 + 00104 7f 02 jg SHORT $LN8@Maklocstr + +; 594 : break; + + 00106 eb 02 jmp SHORT $LN3@Maklocstr +$LN8@Maklocstr: + +; 595 : } +; 596 : } + + 00108 eb 8a jmp SHORT $LN2@Maklocstr +$LN3@Maklocstr: + +; 597 : +; 598 : ++_Wchars; // count terminating nul + + 0010a 48 8b 45 48 mov rax, QWORD PTR _Wchars$[rbp] + 0010e 48 ff c0 inc rax + 00111 48 89 45 48 mov QWORD PTR _Wchars$[rbp], rax + +; 599 : +; 600 : wchar_t* _Ptrdest = static_cast(_calloc_dbg(_Wchars, sizeof(wchar_t), _CRT_BLOCK, __FILE__, __LINE__)); + + 00115 c7 44 24 20 58 + 02 00 00 mov DWORD PTR [rsp+32], 600 ; 00000258H + 0011d 4c 8d 0d 00 00 + 00 00 lea r9, OFFSET FLAT:??_C@_0GI@DEICPIDJ@C?3?2Program?5Files?5?$CIx86?$CJ?2Microsof@ + 00124 41 b8 02 00 00 + 00 mov r8d, 2 + 0012a ba 02 00 00 00 mov edx, 2 + 0012f 48 8b 4d 48 mov rcx, QWORD PTR _Wchars$[rbp] + 00133 ff 15 00 00 00 + 00 call QWORD PTR __imp__calloc_dbg + 00139 48 89 85 e8 00 + 00 00 mov QWORD PTR _Ptrdest$[rbp], rax + +; 601 : +; 602 : if (!_Ptrdest) { + + 00140 48 83 bd e8 00 + 00 00 00 cmp QWORD PTR _Ptrdest$[rbp], 0 + 00148 75 05 jne SHORT $LN9@Maklocstr + +; 603 : _Xbad_alloc(); + + 0014a e8 00 00 00 00 call ?_Xbad_alloc@std@@YAXXZ ; std::_Xbad_alloc +$LN9@Maklocstr: + +; 604 : } +; 605 : +; 606 : wchar_t* _Ptrnext = _Ptrdest; + + 0014f 48 8b 85 e8 00 + 00 00 mov rax, QWORD PTR _Ptrdest$[rbp] + 00156 48 89 85 08 01 + 00 00 mov QWORD PTR _Ptrnext$[rbp], rax + +; 607 : mbstate_t _Mbst2 = {}; + + 0015d 48 8d 85 28 01 + 00 00 lea rax, QWORD PTR _Mbst2$[rbp] + 00164 48 8b f8 mov rdi, rax + 00167 33 c0 xor eax, eax + 00169 b9 08 00 00 00 mov ecx, 8 + 0016e f3 aa rep stosb + +; 608 : +; 609 : for (; 0 < _Wchars; _Count -= _Bytes, _Ptr += _Bytes, --_Wchars, ++_Ptrnext) { + + 00170 eb 4d jmp SHORT $LN7@Maklocstr +$LN5@Maklocstr: + 00172 48 63 85 84 00 + 00 00 movsxd rax, DWORD PTR _Bytes$[rbp] + 00179 48 8b 4d 08 mov rcx, QWORD PTR _Count$[rbp] + 0017d 48 2b c8 sub rcx, rax + 00180 48 8b c1 mov rax, rcx + 00183 48 89 45 08 mov QWORD PTR _Count$[rbp], rax + 00187 48 63 85 84 00 + 00 00 movsxd rax, DWORD PTR _Bytes$[rbp] + 0018e 48 8b 8d 20 02 + 00 00 mov rcx, QWORD PTR _Ptr$[rbp] + 00195 48 03 c8 add rcx, rax + 00198 48 8b c1 mov rax, rcx + 0019b 48 89 85 20 02 + 00 00 mov QWORD PTR _Ptr$[rbp], rax + 001a2 48 8b 45 48 mov rax, QWORD PTR _Wchars$[rbp] + 001a6 48 ff c8 dec rax + 001a9 48 89 45 48 mov QWORD PTR _Wchars$[rbp], rax + 001ad 48 8b 85 08 01 + 00 00 mov rax, QWORD PTR _Ptrnext$[rbp] + 001b4 48 83 c0 02 add rax, 2 + 001b8 48 89 85 08 01 + 00 00 mov QWORD PTR _Ptrnext$[rbp], rax +$LN7@Maklocstr: + 001bf 48 83 7d 48 00 cmp QWORD PTR _Wchars$[rbp], 0 + 001c4 76 40 jbe SHORT $LN6@Maklocstr + +; 610 : if ((_Bytes = _Mbrtowc(_Ptrnext, _Ptr, _Count1, &_Mbst2, &_Cvt)) <= 0) { + + 001c6 48 8b 85 30 02 + 00 00 mov rax, QWORD PTR _Cvt$[rbp] + 001cd 48 89 44 24 20 mov QWORD PTR [rsp+32], rax + 001d2 4c 8d 8d 28 01 + 00 00 lea r9, QWORD PTR _Mbst2$[rbp] + 001d9 4c 8b 45 28 mov r8, QWORD PTR _Count1$[rbp] + 001dd 48 8b 95 20 02 + 00 00 mov rdx, QWORD PTR _Ptr$[rbp] + 001e4 48 8b 8d 08 01 + 00 00 mov rcx, QWORD PTR _Ptrnext$[rbp] + 001eb e8 00 00 00 00 call _Mbrtowc + 001f0 89 85 84 00 00 + 00 mov DWORD PTR _Bytes$[rbp], eax + 001f6 83 bd 84 00 00 + 00 00 cmp DWORD PTR _Bytes$[rbp], 0 + 001fd 7f 02 jg SHORT $LN10@Maklocstr + +; 611 : break; + + 001ff eb 05 jmp SHORT $LN6@Maklocstr +$LN10@Maklocstr: + +; 612 : } +; 613 : } + + 00201 e9 6c ff ff ff jmp $LN5@Maklocstr +$LN6@Maklocstr: + +; 614 : +; 615 : *_Ptrnext = L'\0'; + + 00206 33 c0 xor eax, eax + 00208 48 8b 8d 08 01 + 00 00 mov rcx, QWORD PTR _Ptrnext$[rbp] + 0020f 66 89 01 mov WORD PTR [rcx], ax + +; 616 : +; 617 : return _Ptrdest; + + 00212 48 8b 85 e8 00 + 00 00 mov rax, QWORD PTR _Ptrdest$[rbp] +$LN11@Maklocstr: + +; 618 : } + + 00219 48 8b f8 mov rdi, rax + 0021c 48 8d 4d d0 lea rcx, QWORD PTR [rbp-48] + 00220 48 8d 15 00 00 + 00 00 lea rdx, OFFSET FLAT:??$_Maklocstr@_W@std@@YAPEA_WPEBDPEA_WAEBU_Cvtvec@@@Z$rtcFrameData + 00227 e8 00 00 00 00 call _RTC_CheckStackVars + 0022c 48 8b c7 mov rax, rdi + 0022f 48 8b 8d f8 01 + 00 00 mov rcx, QWORD PTR __$ArrayPad$[rbp] + 00236 48 33 cd xor rcx, rbp + 00239 e8 00 00 00 00 call __security_check_cookie + 0023e 48 8d a5 08 02 + 00 00 lea rsp, QWORD PTR [rbp+520] + 00245 5f pop rdi + 00246 5d pop rbp + 00247 c3 ret 0 +??$_Maklocstr@_W@std@@YAPEA_WPEBDPEA_WAEBU_Cvtvec@@@Z ENDP ; std::_Maklocstr +_TEXT ENDS +; Function compile flags: /Odtp /RTCsu /ZI +; File C:\Program Files (x86)\Windows Kits\10\Include\10.0.19041.0\ucrt\wchar.h +; COMDAT wmemcpy +_TEXT SEGMENT +_S1$ = 224 +_S2$ = 232 +_N$ = 240 +wmemcpy PROC ; COMDAT + +; 234 : { + +$LN3: + 00000 4c 89 44 24 18 mov QWORD PTR [rsp+24], r8 + 00005 48 89 54 24 10 mov QWORD PTR [rsp+16], rdx + 0000a 48 89 4c 24 08 mov QWORD PTR [rsp+8], rcx + 0000f 55 push rbp + 00010 57 push rdi + 00011 48 81 ec e8 00 + 00 00 sub rsp, 232 ; 000000e8H + 00018 48 8d 6c 24 20 lea rbp, QWORD PTR [rsp+32] + 0001d 48 8b fc mov rdi, rsp + 00020 b9 3a 00 00 00 mov ecx, 58 ; 0000003aH + 00025 b8 cc cc cc cc mov eax, -858993460 ; ccccccccH + 0002a f3 ab rep stosd + 0002c 48 8b 8c 24 08 + 01 00 00 mov rcx, QWORD PTR [rsp+264] + 00034 48 8d 0d 00 00 + 00 00 lea rcx, OFFSET FLAT:__93DC0B45_wchar@h + 0003b e8 00 00 00 00 call __CheckForDebuggerJustMyCode + +; 235 : #pragma warning(suppress: 6386) // Buffer overrun +; 236 : return (wchar_t*)memcpy(_S1, _S2, _N*sizeof(wchar_t)); + + 00040 48 8b 85 f0 00 + 00 00 mov rax, QWORD PTR _N$[rbp] + 00047 48 d1 e0 shl rax, 1 + 0004a 4c 8b c0 mov r8, rax + 0004d 48 8b 95 e8 00 + 00 00 mov rdx, QWORD PTR _S2$[rbp] + 00054 48 8b 8d e0 00 + 00 00 mov rcx, QWORD PTR _S1$[rbp] + 0005b e8 00 00 00 00 call memcpy + +; 237 : } + + 00060 48 8d a5 c8 00 + 00 00 lea rsp, QWORD PTR [rbp+200] + 00067 5f pop rdi + 00068 5d pop rbp + 00069 c3 ret 0 +wmemcpy ENDP +_TEXT ENDS +; Function compile flags: /Odtp /RTCsu /ZI +; File C:\$Fanta\code-virtualizer\CodeVirtualizer\RipAndInst.cpp +; COMDAT ?__empty_global_delete@@YAXPEAX_KW4align_val_t@std@@@Z +_TEXT SEGMENT +__formal$ = 224 +__formal$ = 232 +__formal$ = 240 +?__empty_global_delete@@YAXPEAX_KW4align_val_t@std@@@Z PROC ; __empty_global_delete, COMDAT + +$LN3: + 00000 4c 89 44 24 18 mov QWORD PTR [rsp+24], r8 + 00005 48 89 54 24 10 mov QWORD PTR [rsp+16], rdx + 0000a 48 89 4c 24 08 mov QWORD PTR [rsp+8], rcx + 0000f 55 push rbp + 00010 57 push rdi + 00011 48 81 ec e8 00 + 00 00 sub rsp, 232 ; 000000e8H + 00018 48 8d 6c 24 20 lea rbp, QWORD PTR [rsp+32] + 0001d 48 8b fc mov rdi, rsp + 00020 b9 3a 00 00 00 mov ecx, 58 ; 0000003aH + 00025 b8 cc cc cc cc mov eax, -858993460 ; ccccccccH + 0002a f3 ab rep stosd + 0002c 48 8b 8c 24 08 + 01 00 00 mov rcx, QWORD PTR [rsp+264] + 00034 48 8d 0d 00 00 + 00 00 lea rcx, OFFSET FLAT:__FA14AA08_RipAndInst@cpp + 0003b e8 00 00 00 00 call __CheckForDebuggerJustMyCode + 00040 90 npad 1 + 00041 48 8d a5 c8 00 + 00 00 lea rsp, QWORD PTR [rbp+200] + 00048 5f pop rdi + 00049 5d pop rbp + 0004a c3 ret 0 +?__empty_global_delete@@YAXPEAX_KW4align_val_t@std@@@Z ENDP ; __empty_global_delete +_TEXT ENDS +; Function compile flags: /Odtp /RTCsu /ZI +; File C:\$Fanta\code-virtualizer\CodeVirtualizer\RipAndInst.cpp +; COMDAT ?__empty_global_delete@@YAXPEAXW4align_val_t@std@@@Z +_TEXT SEGMENT +__formal$ = 224 +__formal$ = 232 +?__empty_global_delete@@YAXPEAXW4align_val_t@std@@@Z PROC ; __empty_global_delete, COMDAT + +$LN3: + 00000 48 89 54 24 10 mov QWORD PTR [rsp+16], rdx + 00005 48 89 4c 24 08 mov QWORD PTR [rsp+8], rcx + 0000a 55 push rbp + 0000b 57 push rdi + 0000c 48 81 ec e8 00 + 00 00 sub rsp, 232 ; 000000e8H + 00013 48 8d 6c 24 20 lea rbp, QWORD PTR [rsp+32] + 00018 48 8b fc mov rdi, rsp + 0001b b9 3a 00 00 00 mov ecx, 58 ; 0000003aH + 00020 b8 cc cc cc cc mov eax, -858993460 ; ccccccccH + 00025 f3 ab rep stosd + 00027 48 8b 8c 24 08 + 01 00 00 mov rcx, QWORD PTR [rsp+264] + 0002f 48 8d 0d 00 00 + 00 00 lea rcx, OFFSET FLAT:__FA14AA08_RipAndInst@cpp + 00036 e8 00 00 00 00 call __CheckForDebuggerJustMyCode + 0003b 90 npad 1 + 0003c 48 8d a5 c8 00 + 00 00 lea rsp, QWORD PTR [rbp+200] + 00043 5f pop rdi + 00044 5d pop rbp + 00045 c3 ret 0 +?__empty_global_delete@@YAXPEAXW4align_val_t@std@@@Z ENDP ; __empty_global_delete +_TEXT ENDS +; Function compile flags: /Odtp /RTCsu /ZI +; File C:\$Fanta\code-virtualizer\CodeVirtualizer\RipAndInst.cpp +; COMDAT ?__empty_global_delete@@YAXPEAX_K@Z +_TEXT SEGMENT +__formal$ = 224 +__formal$ = 232 +?__empty_global_delete@@YAXPEAX_K@Z PROC ; __empty_global_delete, COMDAT + +$LN3: + 00000 48 89 54 24 10 mov QWORD PTR [rsp+16], rdx + 00005 48 89 4c 24 08 mov QWORD PTR [rsp+8], rcx + 0000a 55 push rbp + 0000b 57 push rdi + 0000c 48 81 ec e8 00 + 00 00 sub rsp, 232 ; 000000e8H + 00013 48 8d 6c 24 20 lea rbp, QWORD PTR [rsp+32] + 00018 48 8b fc mov rdi, rsp + 0001b b9 3a 00 00 00 mov ecx, 58 ; 0000003aH + 00020 b8 cc cc cc cc mov eax, -858993460 ; ccccccccH + 00025 f3 ab rep stosd + 00027 48 8b 8c 24 08 + 01 00 00 mov rcx, QWORD PTR [rsp+264] + 0002f 48 8d 0d 00 00 + 00 00 lea rcx, OFFSET FLAT:__FA14AA08_RipAndInst@cpp + 00036 e8 00 00 00 00 call __CheckForDebuggerJustMyCode + 0003b 90 npad 1 + 0003c 48 8d a5 c8 00 + 00 00 lea rsp, QWORD PTR [rbp+200] + 00043 5f pop rdi + 00044 5d pop rbp + 00045 c3 ret 0 +?__empty_global_delete@@YAXPEAX_K@Z ENDP ; __empty_global_delete +_TEXT ENDS +; Function compile flags: /Odtp /RTCsu /ZI +; File C:\$Fanta\code-virtualizer\CodeVirtualizer\RipAndInst.cpp +; COMDAT ?__empty_global_delete@@YAXPEAX@Z +_TEXT SEGMENT +__formal$ = 224 +?__empty_global_delete@@YAXPEAX@Z PROC ; __empty_global_delete, COMDAT + +$LN3: + 00000 48 89 4c 24 08 mov QWORD PTR [rsp+8], rcx + 00005 55 push rbp + 00006 57 push rdi + 00007 48 81 ec e8 00 + 00 00 sub rsp, 232 ; 000000e8H + 0000e 48 8d 6c 24 20 lea rbp, QWORD PTR [rsp+32] + 00013 48 8b fc mov rdi, rsp + 00016 b9 3a 00 00 00 mov ecx, 58 ; 0000003aH + 0001b b8 cc cc cc cc mov eax, -858993460 ; ccccccccH + 00020 f3 ab rep stosd + 00022 48 8b 8c 24 08 + 01 00 00 mov rcx, QWORD PTR [rsp+264] + 0002a 48 8d 0d 00 00 + 00 00 lea rcx, OFFSET FLAT:__FA14AA08_RipAndInst@cpp + 00031 e8 00 00 00 00 call __CheckForDebuggerJustMyCode + 00036 90 npad 1 + 00037 48 8d a5 c8 00 + 00 00 lea rsp, QWORD PTR [rbp+200] + 0003e 5f pop rdi + 0003f 5d pop rbp + 00040 c3 ret 0 +?__empty_global_delete@@YAXPEAX@Z ENDP ; __empty_global_delete +_TEXT ENDS +END diff --git a/CodeVirtualizer/x64/Debug/RipMovInst.cod b/CodeVirtualizer/x64/Debug/RipMovInst.cod index 866fa08..6d58029 100644 --- a/CodeVirtualizer/x64/Debug/RipMovInst.cod +++ b/CodeVirtualizer/x64/Debug/RipMovInst.cod @@ -87,9 +87,6 @@ PUBLIC ?__empty_global_delete@@YAXPEAX@Z ; __empty_global_delete PUBLIC ?__empty_global_delete@@YAXPEAX_K@Z ; __empty_global_delete PUBLIC ?__empty_global_delete@@YAXPEAXW4align_val_t@std@@@Z ; __empty_global_delete PUBLIC ?__empty_global_delete@@YAXPEAX_KW4align_val_t@std@@@Z ; __empty_global_delete -PUBLIC __local_stdio_printf_options -PUBLIC _vfprintf_l -PUBLIC printf PUBLIC wmemcpy PUBLIC ??$_Maklocstr@_W@std@@YAPEA_WPEBDPEA_WAEBU_Cvtvec@@@Z ; std::_Maklocstr PUBLIC ?_Maklocwcs@std@@YAPEA_WPEB_W@Z ; std::_Maklocwcs @@ -100,11 +97,9 @@ PUBLIC ?JitEmitRipRelativeMovD@@YAHPEAU_NATIVE_CODE_BLOCK@@HPEAE@Z ; JitEmitRipR PUBLIC ?JitEmitRipRelativeMovW@@YAHPEAU_NATIVE_CODE_BLOCK@@HPEAE@Z ; JitEmitRipRelativeMovW PUBLIC ?JitEmitRipRelativeMovB@@YAHPEAU_NATIVE_CODE_BLOCK@@HPEAE@Z ; JitEmitRipRelativeMovB PUBLIC __JustMyCode_Default -PUBLIC ?_OptionsStorage@?1??__local_stdio_printf_options@@9@4_KA ; `__local_stdio_printf_options'::`2'::_OptionsStorage PUBLIC ??_C@_0GI@DEICPIDJ@C?3?2Program?5Files?5?$CIx86?$CJ?2Microsof@ ; `string' PUBLIC ?__LINE__Var@?0??_Maklocwcs@std@@YAPEA_WPEB_W@Z@4JA ; `std::_Maklocwcs'::`1'::__LINE__Var PUBLIC ??_C@_0GI@LHMPPKJI@C?3?2Program?5Files?5?$CIx86?$CJ?2Microsof@ ; `string' -PUBLIC ??_C@_09MPIOMHBM@?$CFp?5memes?6@ ; `string' PUBLIC ??_C@_0N@LPFKKEBD@?3AM?3am?3PM?3pm@ ; `string' PUBLIC ??_C@_1BK@MHIKGOKE@?$AA?3?$AAA?$AAM?$AA?3?$AAa?$AAm?$AA?3?$AAP?$AAM?$AA?3?$AAp?$AAm@ ; `string' EXTRN ??2@YAPEAX_K@Z:PROC ; operator new @@ -113,8 +108,6 @@ EXTRN memcpy:PROC EXTRN __imp_wcslen:PROC EXTRN strlen:PROC EXTRN __imp__calloc_dbg:PROC -EXTRN __imp___acrt_iob_func:PROC -EXTRN __imp___stdio_common_vfprintf:PROC EXTRN ?_Xbad_alloc@std@@YAXXZ:PROC ; std::_Xbad_alloc EXTRN _Mbrtowc:PROC EXTRN __imp_?_Getcvt@_Locinfo@std@@QEBA?AU_Cvtvec@@XZ:PROC @@ -134,10 +127,6 @@ EXTRN __GSHandlerCheck:PROC EXTRN __GSHandlerCheck_EH4:PROC EXTRN __security_check_cookie:PROC EXTRN __security_cookie:QWORD -; COMDAT ?_OptionsStorage@?1??__local_stdio_printf_options@@9@4_KA -_BSS SEGMENT -?_OptionsStorage@?1??__local_stdio_printf_options@@9@4_KA DQ 01H DUP (?) ; `__local_stdio_printf_options'::`2'::_OptionsStorage -_BSS ENDS ; COMDAT pdata pdata SEGMENT $pdata$?__empty_global_delete@@YAXPEAX@Z DD imagerel $LN3 @@ -164,24 +153,6 @@ $pdata$?__empty_global_delete@@YAXPEAX_KW4align_val_t@std@@@Z DD imagerel $LN3 pdata ENDS ; COMDAT pdata pdata SEGMENT -$pdata$__local_stdio_printf_options DD imagerel $LN3 - DD imagerel $LN3+59 - DD imagerel $unwind$__local_stdio_printf_options -pdata ENDS -; COMDAT pdata -pdata SEGMENT -$pdata$_vfprintf_l DD imagerel $LN3 - DD imagerel $LN3+126 - DD imagerel $unwind$_vfprintf_l -pdata ENDS -; COMDAT pdata -pdata SEGMENT -$pdata$printf DD imagerel $LN3 - DD imagerel $LN3+214 - DD imagerel $unwind$printf -pdata ENDS -; COMDAT pdata -pdata SEGMENT $pdata$wmemcpy DD imagerel $LN3 DD imagerel $LN3+106 DD imagerel $unwind$wmemcpy @@ -219,7 +190,7 @@ pdata ENDS ; COMDAT pdata pdata SEGMENT $pdata$?JitEmitRipRelativeMovD@@YAHPEAU_NATIVE_CODE_BLOCK@@HPEAE@Z DD imagerel $LN6 - DD imagerel $LN6+397 + DD imagerel $LN6+381 DD imagerel $unwind$?JitEmitRipRelativeMovD@@YAHPEAU_NATIVE_CODE_BLOCK@@HPEAE@Z pdata ENDS ; COMDAT pdata @@ -270,10 +241,6 @@ CONST ENDS CONST SEGMENT ??_C@_0N@LPFKKEBD@?3AM?3am?3PM?3pm@ DB ':AM:am:PM:pm', 00H ; `string' CONST ENDS -; COMDAT ??_C@_09MPIOMHBM@?$CFp?5memes?6@ -CONST SEGMENT -??_C@_09MPIOMHBM@?$CFp?5memes?6@ DB '%p memes', 0aH, 00H ; `string' -CONST ENDS ; COMDAT ??_C@_0GI@LHMPPKJI@C?3?2Program?5Files?5?$CIx86?$CJ?2Microsof@ CONST SEGMENT ??_C@_0GI@LHMPPKJI@C?3?2Program?5Files?5?$CIx86?$CJ?2Microsof@ DB 'C:\Pro' @@ -543,49 +510,6 @@ $unwind$wmemcpy DD 025053401H xdata ENDS ; COMDAT xdata xdata SEGMENT -$unwind$printf DD 025054a19H - DD 011d2322H - DD 07016002bH - DD 05015H - DD imagerel __GSHandlerCheck - DD 0148H -xdata ENDS -; COMDAT CONST -CONST SEGMENT -printf$rtcName$0 DB 05fH - DB 041H - DB 072H - DB 067H - DB 04cH - DB 069H - DB 073H - DB 074H - DB 00H - ORG $+7 -printf$rtcVarDesc DD 048H - DD 08H - DQ FLAT:printf$rtcName$0 - ORG $+48 -printf$rtcFrameData DD 01H - DD 00H - DQ FLAT:printf$rtcVarDesc -CONST ENDS -; COMDAT xdata -xdata SEGMENT -$unwind$_vfprintf_l DD 035053901H - DD 011d3322H - DD 07016001fH - DD 05015H -xdata ENDS -; COMDAT xdata -xdata SEGMENT -$unwind$__local_stdio_printf_options DD 025051e01H - DD 010a230fH - DD 07003001dH - DD 05002H -xdata ENDS -; COMDAT xdata -xdata SEGMENT $ip2state$?__empty_global_delete@@YAXPEAX_KW4align_val_t@std@@@Z DB 02H DB 00H DB 00H @@ -686,7 +610,7 @@ RipDelta$ = 376 Data$ = 384 ?JitEmitRipRelativeMovB@@YAHPEAU_NATIVE_CODE_BLOCK@@HPEAE@Z PROC ; JitEmitRipRelativeMovB, COMDAT -; 29 : { +; 28 : { $LN6: 00000 4c 89 44 24 18 mov QWORD PTR [rsp+24], r8 @@ -712,7 +636,7 @@ $LN6: 00 00 lea rcx, OFFSET FLAT:__9DFA3906_RipMovInst@cpp 0004b e8 00 00 00 00 call __CheckForDebuggerJustMyCode -; 30 : UCHAR RawData[] = { 0xC6, 0x05, 0x00, 0x00, 0x00, 0x00, 0x00 }; +; 29 : UCHAR RawData[] = { 0xC6, 0x05, 0x00, 0x00, 0x00, 0x00, 0x00 }; 00050 c6 45 04 c6 mov BYTE PTR RawData$[rbp], 198 ; 000000c6H 00054 c6 45 05 05 mov BYTE PTR RawData$[rbp+1], 5 @@ -722,8 +646,8 @@ $LN6: 00064 c6 45 09 00 mov BYTE PTR RawData$[rbp+5], 0 00068 c6 45 0a 00 mov BYTE PTR RawData$[rbp+6], 0 -; 31 : -; 32 : PNATIVE_CODE_LINK Link = new NATIVE_CODE_LINK(CODE_FLAG_IS_INST, RawData, sizeof(RawData)); +; 30 : +; 31 : PNATIVE_CODE_LINK Link = new NATIVE_CODE_LINK(CODE_FLAG_IS_INST | CODE_FLAG_DO_NOT_DIVIDE, RawData, sizeof(RawData)); 0006c b9 f0 00 00 00 mov ecx, 240 ; 000000f0H 00071 e8 00 00 00 00 call ??2@YAPEAX_K@Z ; operator new @@ -735,7 +659,7 @@ $LN6: 00087 41 b9 07 00 00 00 mov r9d, 7 0008d 4c 8d 45 04 lea r8, QWORD PTR RawData$[rbp] - 00091 ba 04 00 00 00 mov edx, 4 + 00091 ba 0c 00 00 00 mov edx, 12 00096 48 8b 8d 28 01 00 00 mov rcx, QWORD PTR $T5[rbp] 0009d e8 00 00 00 00 call ??0_NATIVE_CODE_LINK@@QEAA@KPEAXK@Z ; _NATIVE_CODE_LINK::_NATIVE_CODE_LINK @@ -755,7 +679,7 @@ $LN4@JitEmitRip: 00 00 mov rax, QWORD PTR $T4[rbp] 000cb 48 89 45 28 mov QWORD PTR Link$[rbp], rax -; 33 : *(PINT32)&Link->RawData[2] = RipDelta; +; 32 : *(PINT32)&Link->RawData[2] = RipDelta; 000cf b8 01 00 00 00 mov eax, 1 000d4 48 6b c0 02 imul rax, rax, 2 @@ -765,7 +689,7 @@ $LN4@JitEmitRip: 00 mov edx, DWORD PTR RipDelta$[rbp] 000e6 89 14 08 mov DWORD PTR [rax+rcx], edx -; 34 : Link->RawData[6] = *Data; +; 33 : Link->RawData[6] = *Data; 000e9 b8 01 00 00 00 mov eax, 1 000ee 48 6b c0 06 imul rax, rax, 6 @@ -776,7 +700,7 @@ $LN4@JitEmitRip: 00101 0f b6 12 movzx edx, BYTE PTR [rdx] 00104 88 14 08 mov BYTE PTR [rax+rcx], dl -; 35 : XedDecode(&Link->XedInstruction, Link->RawData, Link->RawDataSize); +; 34 : XedDecode(&Link->XedInstruction, Link->RawData, Link->RawDataSize); 00107 48 8b 45 28 mov rax, QWORD PTR Link$[rbp] 0010b 48 83 c0 30 add rax, 48 ; 00000030H @@ -787,18 +711,18 @@ $LN4@JitEmitRip: 0011f 48 8b c8 mov rcx, rax 00122 e8 00 00 00 00 call xed_decode -; 36 : NcAppendToBlock(Block, Link); +; 35 : NcAppendToBlock(Block, Link); 00127 48 8b 55 28 mov rdx, QWORD PTR Link$[rbp] 0012b 48 8b 8d 70 01 00 00 mov rcx, QWORD PTR Block$[rbp] 00132 e8 00 00 00 00 call ?NcAppendToBlock@@YAXPEAU_NATIVE_CODE_BLOCK@@PEAU_NATIVE_CODE_LINK@@@Z ; NcAppendToBlock -; 37 : return TRUE; +; 36 : return TRUE; 00137 b8 01 00 00 00 mov eax, 1 -; 38 : } +; 37 : } 0013c 8b f8 mov edi, eax 0013e 48 8d 4d e0 lea rcx, QWORD PTR [rbp-32] @@ -889,7 +813,7 @@ RipDelta$ = 392 Data$ = 400 ?JitEmitRipRelativeMovW@@YAHPEAU_NATIVE_CODE_BLOCK@@HPEAE@Z PROC ; JitEmitRipRelativeMovW, COMDAT -; 17 : { +; 16 : { $LN6: 00000 4c 89 44 24 18 mov QWORD PTR [rsp+24], r8 @@ -915,7 +839,7 @@ $LN6: 00 00 lea rcx, OFFSET FLAT:__9DFA3906_RipMovInst@cpp 0004b e8 00 00 00 00 call __CheckForDebuggerJustMyCode -; 18 : UCHAR RawData[] = { 0x66, 0xC7, 0x05, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }; +; 17 : UCHAR RawData[] = { 0x66, 0xC7, 0x05, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }; 00050 c6 45 08 66 mov BYTE PTR RawData$[rbp], 102 ; 00000066H 00054 c6 45 09 c7 mov BYTE PTR RawData$[rbp+1], 199 ; 000000c7H @@ -927,8 +851,8 @@ $LN6: 0006c c6 45 0f 00 mov BYTE PTR RawData$[rbp+7], 0 00070 c6 45 10 00 mov BYTE PTR RawData$[rbp+8], 0 -; 19 : -; 20 : PNATIVE_CODE_LINK Link = new NATIVE_CODE_LINK(CODE_FLAG_IS_INST, RawData, sizeof(RawData)); +; 18 : +; 19 : PNATIVE_CODE_LINK Link = new NATIVE_CODE_LINK(CODE_FLAG_IS_INST | CODE_FLAG_DO_NOT_DIVIDE, RawData, sizeof(RawData)); 00074 b9 f0 00 00 00 mov ecx, 240 ; 000000f0H 00079 e8 00 00 00 00 call ??2@YAPEAX_K@Z ; operator new @@ -940,7 +864,7 @@ $LN6: 0008f 41 b9 09 00 00 00 mov r9d, 9 00095 4c 8d 45 08 lea r8, QWORD PTR RawData$[rbp] - 00099 ba 04 00 00 00 mov edx, 4 + 00099 ba 0c 00 00 00 mov edx, 12 0009e 48 8b 8d 38 01 00 00 mov rcx, QWORD PTR $T5[rbp] 000a5 e8 00 00 00 00 call ??0_NATIVE_CODE_LINK@@QEAA@KPEAXK@Z ; _NATIVE_CODE_LINK::_NATIVE_CODE_LINK @@ -960,7 +884,7 @@ $LN4@JitEmitRip: 00 00 mov rax, QWORD PTR $T4[rbp] 000d3 48 89 45 38 mov QWORD PTR Link$[rbp], rax -; 21 : *(PINT32)&Link->RawData[3] = RipDelta; +; 20 : *(PINT32)&Link->RawData[3] = RipDelta; 000d7 b8 01 00 00 00 mov eax, 1 000dc 48 6b c0 03 imul rax, rax, 3 @@ -970,7 +894,7 @@ $LN4@JitEmitRip: 00 mov edx, DWORD PTR RipDelta$[rbp] 000ee 89 14 08 mov DWORD PTR [rax+rcx], edx -; 22 : memcpy(&Link->RawData[7], Data, 2); +; 21 : RtlCopyMemory(&Link->RawData[7], Data, 2); 000f1 b8 01 00 00 00 mov eax, 1 000f6 48 6b c0 07 imul rax, rax, 7 @@ -983,7 +907,7 @@ $LN4@JitEmitRip: 0010f 48 8b c8 mov rcx, rax 00112 e8 00 00 00 00 call memcpy -; 23 : XedDecode(&Link->XedInstruction, Link->RawData, Link->RawDataSize); +; 22 : XedDecode(&Link->XedInstruction, Link->RawData, Link->RawDataSize); 00117 48 8b 45 38 mov rax, QWORD PTR Link$[rbp] 0011b 48 83 c0 30 add rax, 48 ; 00000030H @@ -994,18 +918,18 @@ $LN4@JitEmitRip: 0012f 48 8b c8 mov rcx, rax 00132 e8 00 00 00 00 call xed_decode -; 24 : NcAppendToBlock(Block, Link); +; 23 : NcAppendToBlock(Block, Link); 00137 48 8b 55 38 mov rdx, QWORD PTR Link$[rbp] 0013b 48 8b 8d 80 01 00 00 mov rcx, QWORD PTR Block$[rbp] 00142 e8 00 00 00 00 call ?NcAppendToBlock@@YAXPEAU_NATIVE_CODE_BLOCK@@PEAU_NATIVE_CODE_LINK@@@Z ; NcAppendToBlock -; 25 : return TRUE; +; 24 : return TRUE; 00147 b8 01 00 00 00 mov eax, 1 -; 26 : } +; 25 : } 0014c 8b f8 mov edi, eax 0014e 48 8d 4d e0 lea rcx, QWORD PTR [rbp-32] @@ -1136,7 +1060,7 @@ $LN6: 00074 c6 45 11 00 mov BYTE PTR RawData$[rbp+9], 0 ; 6 : -; 7 : PNATIVE_CODE_LINK Link = new NATIVE_CODE_LINK(CODE_FLAG_IS_INST, RawData, sizeof(RawData)); +; 7 : PNATIVE_CODE_LINK Link = new NATIVE_CODE_LINK(CODE_FLAG_IS_INST | CODE_FLAG_DO_NOT_DIVIDE, RawData, sizeof(RawData)); 00078 b9 f0 00 00 00 mov ecx, 240 ; 000000f0H 0007d e8 00 00 00 00 call ??2@YAPEAX_K@Z ; operator new @@ -1148,7 +1072,7 @@ $LN6: 00093 41 b9 0a 00 00 00 mov r9d, 10 00099 4c 8d 45 08 lea r8, QWORD PTR RawData$[rbp] - 0009d ba 04 00 00 00 mov edx, 4 + 0009d ba 0c 00 00 00 mov edx, 12 000a2 48 8b 8d 38 01 00 00 mov rcx, QWORD PTR $T5[rbp] 000a9 e8 00 00 00 00 call ??0_NATIVE_CODE_LINK@@QEAA@KPEAXK@Z ; _NATIVE_CODE_LINK::_NATIVE_CODE_LINK @@ -1178,7 +1102,7 @@ $LN4@JitEmitRip: 00 mov edx, DWORD PTR RipDelta$[rbp] 000f2 89 14 08 mov DWORD PTR [rax+rcx], edx -; 9 : memcpy(&Link->RawData[6], Data, 4); +; 9 : RtlCopyMemory(&Link->RawData[6], Data, 4); 000f5 b8 01 00 00 00 mov eax, 1 000fa 48 6b c0 06 imul rax, rax, 6 @@ -1191,52 +1115,45 @@ $LN4@JitEmitRip: 00113 48 8b c8 mov rcx, rax 00116 e8 00 00 00 00 call memcpy -; 10 : printf("%p memes\n", Link); - - 0011b 48 8b 55 38 mov rdx, QWORD PTR Link$[rbp] - 0011f 48 8d 0d 00 00 - 00 00 lea rcx, OFFSET FLAT:??_C@_09MPIOMHBM@?$CFp?5memes?6@ - 00126 e8 00 00 00 00 call printf +; 10 : XedDecode(&Link->XedInstruction, Link->RawData, Link->RawDataSize); -; 11 : XedDecode(&Link->XedInstruction, Link->RawData, Link->RawDataSize); + 0011b 48 8b 45 38 mov rax, QWORD PTR Link$[rbp] + 0011f 48 83 c0 30 add rax, 48 ; 00000030H + 00123 48 8b 4d 38 mov rcx, QWORD PTR Link$[rbp] + 00127 44 8b 41 28 mov r8d, DWORD PTR [rcx+40] + 0012b 48 8b 4d 38 mov rcx, QWORD PTR Link$[rbp] + 0012f 48 8b 51 20 mov rdx, QWORD PTR [rcx+32] + 00133 48 8b c8 mov rcx, rax + 00136 e8 00 00 00 00 call xed_decode - 0012b 48 8b 45 38 mov rax, QWORD PTR Link$[rbp] - 0012f 48 83 c0 30 add rax, 48 ; 00000030H - 00133 48 8b 4d 38 mov rcx, QWORD PTR Link$[rbp] - 00137 44 8b 41 28 mov r8d, DWORD PTR [rcx+40] - 0013b 48 8b 4d 38 mov rcx, QWORD PTR Link$[rbp] - 0013f 48 8b 51 20 mov rdx, QWORD PTR [rcx+32] - 00143 48 8b c8 mov rcx, rax - 00146 e8 00 00 00 00 call xed_decode +; 11 : NcAppendToBlock(Block, Link); -; 12 : NcAppendToBlock(Block, Link); - - 0014b 48 8b 55 38 mov rdx, QWORD PTR Link$[rbp] - 0014f 48 8b 8d 80 01 + 0013b 48 8b 55 38 mov rdx, QWORD PTR Link$[rbp] + 0013f 48 8b 8d 80 01 00 00 mov rcx, QWORD PTR Block$[rbp] - 00156 e8 00 00 00 00 call ?NcAppendToBlock@@YAXPEAU_NATIVE_CODE_BLOCK@@PEAU_NATIVE_CODE_LINK@@@Z ; NcAppendToBlock + 00146 e8 00 00 00 00 call ?NcAppendToBlock@@YAXPEAU_NATIVE_CODE_BLOCK@@PEAU_NATIVE_CODE_LINK@@@Z ; NcAppendToBlock -; 13 : return TRUE; +; 12 : return TRUE; - 0015b b8 01 00 00 00 mov eax, 1 + 0014b b8 01 00 00 00 mov eax, 1 -; 14 : } +; 13 : } - 00160 8b f8 mov edi, eax - 00162 48 8d 4d e0 lea rcx, QWORD PTR [rbp-32] - 00166 48 8d 15 00 00 + 00150 8b f8 mov edi, eax + 00152 48 8d 4d e0 lea rcx, QWORD PTR [rbp-32] + 00156 48 8d 15 00 00 00 00 lea rdx, OFFSET FLAT:?JitEmitRipRelativeMovD@@YAHPEAU_NATIVE_CODE_BLOCK@@HPEAE@Z$rtcFrameData - 0016d e8 00 00 00 00 call _RTC_CheckStackVars - 00172 8b c7 mov eax, edi - 00174 48 8b 8d 50 01 + 0015d e8 00 00 00 00 call _RTC_CheckStackVars + 00162 8b c7 mov eax, edi + 00164 48 8b 8d 50 01 00 00 mov rcx, QWORD PTR __$ArrayPad$[rbp] - 0017b 48 33 cd xor rcx, rbp - 0017e e8 00 00 00 00 call __security_check_cookie - 00183 48 8d a5 68 01 + 0016b 48 33 cd xor rcx, rbp + 0016e e8 00 00 00 00 call __security_check_cookie + 00173 48 8d a5 68 01 00 00 lea rsp, QWORD PTR [rbp+360] - 0018a 5f pop rdi - 0018b 5d pop rbp - 0018c c3 ret 0 + 0017a 5f pop rdi + 0017b 5d pop rbp + 0017c c3 ret 0 ?JitEmitRipRelativeMovD@@YAHPEAU_NATIVE_CODE_BLOCK@@HPEAE@Z ENDP ; JitEmitRipRelativeMovD _TEXT ENDS ; COMDAT text$x @@ -2161,195 +2078,6 @@ $LN3: wmemcpy ENDP _TEXT ENDS ; Function compile flags: /Odtp /RTCsu /ZI -; File C:\Program Files (x86)\Windows Kits\10\Include\10.0.19041.0\ucrt\stdio.h -; COMDAT printf -_TEXT SEGMENT -_Result$ = 4 -_ArgList$ = 40 -tv77 = 280 -tv75 = 288 -__$ArrayPad$ = 296 -_Format$ = 336 -printf PROC ; COMDAT - -; 956 : { - -$LN3: - 00000 48 89 4c 24 08 mov QWORD PTR [rsp+8], rcx - 00005 48 89 54 24 10 mov QWORD PTR [rsp+16], rdx - 0000a 4c 89 44 24 18 mov QWORD PTR [rsp+24], r8 - 0000f 4c 89 4c 24 20 mov QWORD PTR [rsp+32], r9 - 00014 55 push rbp - 00015 57 push rdi - 00016 48 81 ec 58 01 - 00 00 sub rsp, 344 ; 00000158H - 0001d 48 8d 6c 24 20 lea rbp, QWORD PTR [rsp+32] - 00022 48 8b fc mov rdi, rsp - 00025 b9 56 00 00 00 mov ecx, 86 ; 00000056H - 0002a b8 cc cc cc cc mov eax, -858993460 ; ccccccccH - 0002f f3 ab rep stosd - 00031 48 8b 8c 24 78 - 01 00 00 mov rcx, QWORD PTR [rsp+376] - 00039 48 8b 05 00 00 - 00 00 mov rax, QWORD PTR __security_cookie - 00040 48 33 c5 xor rax, rbp - 00043 48 89 85 28 01 - 00 00 mov QWORD PTR __$ArrayPad$[rbp], rax - 0004a 48 8d 0d 00 00 - 00 00 lea rcx, OFFSET FLAT:__6DFAE8B8_stdio@h - 00051 e8 00 00 00 00 call __CheckForDebuggerJustMyCode - -; 957 : int _Result; -; 958 : va_list _ArgList; -; 959 : __crt_va_start(_ArgList, _Format); - - 00056 48 8d 85 58 01 - 00 00 lea rax, QWORD PTR _Format$[rbp+8] - 0005d 48 89 45 28 mov QWORD PTR _ArgList$[rbp], rax - -; 960 : _Result = _vfprintf_l(stdout, _Format, NULL, _ArgList); - - 00061 48 8b 45 28 mov rax, QWORD PTR _ArgList$[rbp] - 00065 48 89 85 18 01 - 00 00 mov QWORD PTR tv77[rbp], rax - 0006c b9 01 00 00 00 mov ecx, 1 - 00071 ff 15 00 00 00 - 00 call QWORD PTR __imp___acrt_iob_func - 00077 48 89 85 20 01 - 00 00 mov QWORD PTR tv75[rbp], rax - 0007e 4c 8b 8d 18 01 - 00 00 mov r9, QWORD PTR tv77[rbp] - 00085 45 33 c0 xor r8d, r8d - 00088 48 8b 95 50 01 - 00 00 mov rdx, QWORD PTR _Format$[rbp] - 0008f 48 8b 8d 20 01 - 00 00 mov rcx, QWORD PTR tv75[rbp] - 00096 e8 00 00 00 00 call _vfprintf_l - 0009b 89 45 04 mov DWORD PTR _Result$[rbp], eax - -; 961 : __crt_va_end(_ArgList); - - 0009e 48 c7 45 28 00 - 00 00 00 mov QWORD PTR _ArgList$[rbp], 0 - -; 962 : return _Result; - - 000a6 8b 45 04 mov eax, DWORD PTR _Result$[rbp] - -; 963 : } - - 000a9 8b f8 mov edi, eax - 000ab 48 8d 4d e0 lea rcx, QWORD PTR [rbp-32] - 000af 48 8d 15 00 00 - 00 00 lea rdx, OFFSET FLAT:printf$rtcFrameData - 000b6 e8 00 00 00 00 call _RTC_CheckStackVars - 000bb 8b c7 mov eax, edi - 000bd 48 8b 8d 28 01 - 00 00 mov rcx, QWORD PTR __$ArrayPad$[rbp] - 000c4 48 33 cd xor rcx, rbp - 000c7 e8 00 00 00 00 call __security_check_cookie - 000cc 48 8d a5 38 01 - 00 00 lea rsp, QWORD PTR [rbp+312] - 000d3 5f pop rdi - 000d4 5d pop rbp - 000d5 c3 ret 0 -printf ENDP -_TEXT ENDS -; Function compile flags: /Odtp /RTCsu /ZI -; File C:\Program Files (x86)\Windows Kits\10\Include\10.0.19041.0\ucrt\stdio.h -; COMDAT _vfprintf_l -_TEXT SEGMENT -_Stream$ = 224 -_Format$ = 232 -_Locale$ = 240 -_ArgList$ = 248 -_vfprintf_l PROC ; COMDAT - -; 644 : { - -$LN3: - 00000 4c 89 4c 24 20 mov QWORD PTR [rsp+32], r9 - 00005 4c 89 44 24 18 mov QWORD PTR [rsp+24], r8 - 0000a 48 89 54 24 10 mov QWORD PTR [rsp+16], rdx - 0000f 48 89 4c 24 08 mov QWORD PTR [rsp+8], rcx - 00014 55 push rbp - 00015 57 push rdi - 00016 48 81 ec f8 00 - 00 00 sub rsp, 248 ; 000000f8H - 0001d 48 8d 6c 24 30 lea rbp, QWORD PTR [rsp+48] - 00022 48 8b fc mov rdi, rsp - 00025 b9 3e 00 00 00 mov ecx, 62 ; 0000003eH - 0002a b8 cc cc cc cc mov eax, -858993460 ; ccccccccH - 0002f f3 ab rep stosd - 00031 48 8b 8c 24 18 - 01 00 00 mov rcx, QWORD PTR [rsp+280] - 00039 48 8d 0d 00 00 - 00 00 lea rcx, OFFSET FLAT:__6DFAE8B8_stdio@h - 00040 e8 00 00 00 00 call __CheckForDebuggerJustMyCode - -; 645 : return __stdio_common_vfprintf(_CRT_INTERNAL_LOCAL_PRINTF_OPTIONS, _Stream, _Format, _Locale, _ArgList); - - 00045 e8 00 00 00 00 call __local_stdio_printf_options - 0004a 48 8b 8d f8 00 - 00 00 mov rcx, QWORD PTR _ArgList$[rbp] - 00051 48 89 4c 24 20 mov QWORD PTR [rsp+32], rcx - 00056 4c 8b 8d f0 00 - 00 00 mov r9, QWORD PTR _Locale$[rbp] - 0005d 4c 8b 85 e8 00 - 00 00 mov r8, QWORD PTR _Format$[rbp] - 00064 48 8b 95 e0 00 - 00 00 mov rdx, QWORD PTR _Stream$[rbp] - 0006b 48 8b 08 mov rcx, QWORD PTR [rax] - 0006e ff 15 00 00 00 - 00 call QWORD PTR __imp___stdio_common_vfprintf - -; 646 : } - - 00074 48 8d a5 c8 00 - 00 00 lea rsp, QWORD PTR [rbp+200] - 0007b 5f pop rdi - 0007c 5d pop rbp - 0007d c3 ret 0 -_vfprintf_l ENDP -_TEXT ENDS -; Function compile flags: /Odtp /RTCsu /ZI -; File C:\Program Files (x86)\Windows Kits\10\Include\10.0.19041.0\ucrt\corecrt_stdio_config.h -; COMDAT __local_stdio_printf_options -_TEXT SEGMENT -__local_stdio_printf_options PROC ; COMDAT - -; 90 : { - -$LN3: - 00000 40 55 push rbp - 00002 57 push rdi - 00003 48 81 ec e8 00 - 00 00 sub rsp, 232 ; 000000e8H - 0000a 48 8d 6c 24 20 lea rbp, QWORD PTR [rsp+32] - 0000f 48 8b fc mov rdi, rsp - 00012 b9 3a 00 00 00 mov ecx, 58 ; 0000003aH - 00017 b8 cc cc cc cc mov eax, -858993460 ; ccccccccH - 0001c f3 ab rep stosd - 0001e 48 8d 0d 00 00 - 00 00 lea rcx, OFFSET FLAT:__A2143F22_corecrt_stdio_config@h - 00025 e8 00 00 00 00 call __CheckForDebuggerJustMyCode - -; 91 : static unsigned __int64 _OptionsStorage; -; 92 : return &_OptionsStorage; - - 0002a 48 8d 05 00 00 - 00 00 lea rax, OFFSET FLAT:?_OptionsStorage@?1??__local_stdio_printf_options@@9@4_KA ; `__local_stdio_printf_options'::`2'::_OptionsStorage - -; 93 : } - - 00031 48 8d a5 c8 00 - 00 00 lea rsp, QWORD PTR [rbp+200] - 00038 5f pop rdi - 00039 5d pop rbp - 0003a c3 ret 0 -__local_stdio_printf_options ENDP -_TEXT ENDS -; Function compile flags: /Odtp /RTCsu /ZI ; File C:\$Fanta\code-virtualizer\CodeVirtualizer\RipMovInst.cpp ; COMDAT ?__empty_global_delete@@YAXPEAX_KW4align_val_t@std@@@Z _TEXT SEGMENT diff --git a/CodeVirtualizer/x64/Debug/RipOrInst.cod b/CodeVirtualizer/x64/Debug/RipOrInst.cod new file mode 100644 index 0000000..25ff648 --- /dev/null +++ b/CodeVirtualizer/x64/Debug/RipOrInst.cod @@ -0,0 +1,2205 @@ +; Listing generated by Microsoft (R) Optimizing Compiler Version 19.27.29111.0 + +include listing.inc + +INCLUDELIB MSVCRTD +INCLUDELIB OLDNAMES + +msvcjmc SEGMENT +__B2D2BA86_ctype@h DB 01H +__79C7FC57_basetsd@h DB 01H +__1FEB9909_corecrt_memcpy_s@h DB 01H +__A751F051_corecrt_memory@h DB 01H +__9200769A_corecrt_wstring@h DB 01H +__32E5F013_string@h DB 01H +__D545DD43_guiddef@h DB 01H +__D5DDFBF3_winnt@h DB 01H +__439612F0_processthreadsapi@h DB 01H +__5733279A_memoryapi@h DB 01H +__D4435474_winerror@h DB 01H +__B3ED30D4_winbase@h DB 01H +__DB057BA3_winuser@h DB 01H +__A7113148_winioctl@h DB 01H +__B49664B7_stdlib@h DB 01H +__EC5BC72C_propidl@h DB 01H +__6DA674A0_oleauto@h DB 01H +__A118E6DC_stralign@h DB 01H +__8906660C_vcruntime_new@h DB 01H +__A2143F22_corecrt_stdio_config@h DB 01H +__829E1958_corecrt_wstdio@h DB 01H +__6DFAE8B8_stdio@h DB 01H +__C6E16F6F_corecrt_wconio@h DB 01H +__6D390390_corecrt_wio@h DB 01H +__1157D6BA_corecrt_wtime@h DB 01H +__1DC1E279_stat@h DB 01H +__93DC0B45_wchar@h DB 01H +__5DDA4519_cstddef DB 01H +__741AE07E_corecrt_math@h DB 01H +__F8119FB4_cstdlib DB 01H +__F2870A2C_limits DB 01H +__85A9AA98_type_traits DB 01H +__20BB4341_malloc@h DB 01H +__E75714E4_vcruntime_exception@h DB 01H +__E4152856_exception DB 01H +__4324C6B3_xutility DB 01H +__A58979FC_xmemory DB 01H +__AC6CB2D0_tuple DB 01H +__E0552A5D_xpolymorphic_allocator@h DB 01H +__D15AFF60_xstring DB 01H +__3AFA803E_string DB 01H +__0A4FAB91_cmath DB 01H +__6D5B120B_stdexcept DB 01H +__160863A3_xcall_once@h DB 01H +__99B256EE_atomic DB 01H +__A9557183_system_error DB 01H +__FB364CBD_vcruntime_typeinfo@h DB 01H +__33FB35AA_typeinfo DB 01H +__4E2906A2_memory DB 01H +__626C51AD_xfacet DB 01H +__2C72D662_xlocinfo DB 01H +__0E648B51_xlocale DB 01H +__1597A171_xiosbase DB 01H +__90E3ED46_xlocnum DB 01H +__165C22CB_ios DB 01H +__BB81F87E_xlocmon DB 01H +__A0B61CF9_time@h DB 01H +__886F7F70_xloctime DB 01H +__3DD0E9E9_xed-util@h DB 01H +__209FD46F_xed-iform-map@h DB 01H +__4E05E119_xed-inst@h DB 01H +__0607FC5A_xed-flags@h DB 01H +__B4910D57_xed-operand-accessors@h DB 01H +__8663E876_xed-state@h DB 01H +__BB5B4FF8_xed-encode@h DB 01H +__21860875_xed-encoder-hl@h DB 01H +__F7815311_xed-decoded-inst-api@h DB 01H +__97B6E7BF_RipOrInst@cpp DB 01H +__7EA464AF_istream DB 01H +__1D745195_ostream DB 01H +__6FFBAAB7_streambuf DB 01H +__528871F3_iterator DB 01H +__3E6EDFAA_iosfwd DB 01H +__CF1C1A3F_utility DB 01H +__38038D2D_xstddef DB 01H +__EE19A480_xatomic@h DB 01H +msvcjmc ENDS +PUBLIC ?__empty_global_delete@@YAXPEAX@Z ; __empty_global_delete +PUBLIC ?__empty_global_delete@@YAXPEAX_K@Z ; __empty_global_delete +PUBLIC ?__empty_global_delete@@YAXPEAXW4align_val_t@std@@@Z ; __empty_global_delete +PUBLIC ?__empty_global_delete@@YAXPEAX_KW4align_val_t@std@@@Z ; __empty_global_delete +PUBLIC wmemcpy +PUBLIC ??$_Maklocstr@_W@std@@YAPEA_WPEBDPEA_WAEBU_Cvtvec@@@Z ; std::_Maklocstr +PUBLIC ?_Maklocwcs@std@@YAPEA_WPEB_W@Z ; std::_Maklocwcs +PUBLIC ??$_Maklocstr@D@std@@YAPEADPEBDPEADAEBU_Cvtvec@@@Z ; std::_Maklocstr +PUBLIC ??$_Getvals@_W@?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@IEAAX_WAEBV_Locinfo@1@@Z ; std::time_get > >::_Getvals +PUBLIC ??$_Getvals@_W@?$time_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@IEAAX_WAEBV_Locinfo@1@@Z ; std::time_get > >::_Getvals +PUBLIC ?JitEmitRipRelativeOrD@@YAHPEAU_NATIVE_CODE_BLOCK@@HK@Z ; JitEmitRipRelativeOrD +PUBLIC ?JitEmitRipRelativeOrW@@YAHPEAU_NATIVE_CODE_BLOCK@@HK@Z ; JitEmitRipRelativeOrW +PUBLIC ?JitEmitRipRelativeOrB@@YAHPEAU_NATIVE_CODE_BLOCK@@HK@Z ; JitEmitRipRelativeOrB +PUBLIC __JustMyCode_Default +PUBLIC ??_C@_0GI@DEICPIDJ@C?3?2Program?5Files?5?$CIx86?$CJ?2Microsof@ ; `string' +PUBLIC ?__LINE__Var@?0??_Maklocwcs@std@@YAPEA_WPEB_W@Z@4JA ; `std::_Maklocwcs'::`1'::__LINE__Var +PUBLIC ??_C@_0GI@LHMPPKJI@C?3?2Program?5Files?5?$CIx86?$CJ?2Microsof@ ; `string' +PUBLIC ??_C@_0N@LPFKKEBD@?3AM?3am?3PM?3pm@ ; `string' +PUBLIC ??_C@_1BK@MHIKGOKE@?$AA?3?$AAA?$AAM?$AA?3?$AAa?$AAm?$AA?3?$AAP?$AAM?$AA?3?$AAp?$AAm@ ; `string' +EXTRN ??2@YAPEAX_K@Z:PROC ; operator new +EXTRN ??3@YAXPEAX_K@Z:PROC ; operator delete +EXTRN memcpy:PROC +EXTRN __imp_wcslen:PROC +EXTRN strlen:PROC +EXTRN __imp__calloc_dbg:PROC +EXTRN ?_Xbad_alloc@std@@YAXXZ:PROC ; std::_Xbad_alloc +EXTRN _Mbrtowc:PROC +EXTRN __imp_?_Getcvt@_Locinfo@std@@QEBA?AU_Cvtvec@@XZ:PROC +EXTRN __imp_?_Getdays@_Locinfo@std@@QEBAPEBDXZ:PROC +EXTRN __imp_?_Getmonths@_Locinfo@std@@QEBAPEBDXZ:PROC +EXTRN __imp_?_W_Getdays@_Locinfo@std@@QEBAPEBGXZ:PROC +EXTRN __imp_?_W_Getmonths@_Locinfo@std@@QEBAPEBGXZ:PROC +EXTRN xed_decode:PROC +EXTRN ??0_NATIVE_CODE_LINK@@QEAA@KPEAXK@Z:PROC ; _NATIVE_CODE_LINK::_NATIVE_CODE_LINK +EXTRN ?NcAppendToBlock@@YAXPEAU_NATIVE_CODE_BLOCK@@PEAU_NATIVE_CODE_LINK@@@Z:PROC ; NcAppendToBlock +EXTRN _RTC_CheckStackVars:PROC +EXTRN _RTC_InitBase:PROC +EXTRN _RTC_Shutdown:PROC +EXTRN __CheckForDebuggerJustMyCode:PROC +EXTRN __CxxFrameHandler4:PROC +EXTRN __GSHandlerCheck:PROC +EXTRN __GSHandlerCheck_EH4:PROC +EXTRN __security_check_cookie:PROC +EXTRN __security_cookie:QWORD +; COMDAT pdata +pdata SEGMENT +$pdata$?__empty_global_delete@@YAXPEAX@Z DD imagerel $LN3 + DD imagerel $LN3+65 + DD imagerel $unwind$?__empty_global_delete@@YAXPEAX@Z +pdata ENDS +; COMDAT pdata +pdata SEGMENT +$pdata$?__empty_global_delete@@YAXPEAX_K@Z DD imagerel $LN3 + DD imagerel $LN3+70 + DD imagerel $unwind$?__empty_global_delete@@YAXPEAX_K@Z +pdata ENDS +; COMDAT pdata +pdata SEGMENT +$pdata$?__empty_global_delete@@YAXPEAXW4align_val_t@std@@@Z DD imagerel $LN3 + DD imagerel $LN3+70 + DD imagerel $unwind$?__empty_global_delete@@YAXPEAXW4align_val_t@std@@@Z +pdata ENDS +; COMDAT pdata +pdata SEGMENT +$pdata$?__empty_global_delete@@YAXPEAX_KW4align_val_t@std@@@Z DD imagerel $LN3 + DD imagerel $LN3+75 + DD imagerel $unwind$?__empty_global_delete@@YAXPEAX_KW4align_val_t@std@@@Z +pdata ENDS +; COMDAT pdata +pdata SEGMENT +$pdata$wmemcpy DD imagerel $LN3 + DD imagerel $LN3+106 + DD imagerel $unwind$wmemcpy +pdata ENDS +; COMDAT pdata +pdata SEGMENT +$pdata$??$_Maklocstr@_W@std@@YAPEA_WPEBDPEA_WAEBU_Cvtvec@@@Z DD imagerel $LN12 + DD imagerel $LN12+584 + DD imagerel $unwind$??$_Maklocstr@_W@std@@YAPEA_WPEBDPEA_WAEBU_Cvtvec@@@Z +pdata ENDS +; COMDAT pdata +pdata SEGMENT +$pdata$?_Maklocwcs@std@@YAPEA_WPEB_W@Z DD imagerel $LN4 + DD imagerel $LN4+165 + DD imagerel $unwind$?_Maklocwcs@std@@YAPEA_WPEB_W@Z +pdata ENDS +; COMDAT pdata +pdata SEGMENT +$pdata$??$_Maklocstr@D@std@@YAPEADPEBDPEADAEBU_Cvtvec@@@Z DD imagerel $LN7 + DD imagerel $LN7+223 + DD imagerel $unwind$??$_Maklocstr@D@std@@YAPEADPEBDPEADAEBU_Cvtvec@@@Z +pdata ENDS +; COMDAT pdata +pdata SEGMENT +$pdata$??$_Getvals@_W@?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@IEAAX_WAEBV_Locinfo@1@@Z DD imagerel $LN5 + DD imagerel $LN5+379 + DD imagerel $unwind$??$_Getvals@_W@?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@IEAAX_WAEBV_Locinfo@1@@Z +pdata ENDS +; COMDAT pdata +pdata SEGMENT +$pdata$??$_Getvals@_W@?$time_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@IEAAX_WAEBV_Locinfo@1@@Z DD imagerel $LN5 + DD imagerel $LN5+379 + DD imagerel $unwind$??$_Getvals@_W@?$time_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@IEAAX_WAEBV_Locinfo@1@@Z +pdata ENDS +; COMDAT pdata +pdata SEGMENT +$pdata$?JitEmitRipRelativeOrD@@YAHPEAU_NATIVE_CODE_BLOCK@@HK@Z DD imagerel $LN6 + DD imagerel $LN6+369 + DD imagerel $unwind$?JitEmitRipRelativeOrD@@YAHPEAU_NATIVE_CODE_BLOCK@@HK@Z +pdata ENDS +; COMDAT pdata +pdata SEGMENT +$pdata$?dtor$0@?0??JitEmitRipRelativeOrD@@YAHPEAU_NATIVE_CODE_BLOCK@@HK@Z@4HA DD imagerel ?dtor$0@?0??JitEmitRipRelativeOrD@@YAHPEAU_NATIVE_CODE_BLOCK@@HK@Z@4HA + DD imagerel ?dtor$0@?0??JitEmitRipRelativeOrD@@YAHPEAU_NATIVE_CODE_BLOCK@@HK@Z@4HA+44 + DD imagerel $unwind$?dtor$0@?0??JitEmitRipRelativeOrD@@YAHPEAU_NATIVE_CODE_BLOCK@@HK@Z@4HA +pdata ENDS +; COMDAT pdata +pdata SEGMENT +$pdata$?JitEmitRipRelativeOrW@@YAHPEAU_NATIVE_CODE_BLOCK@@HK@Z DD imagerel $LN6 + DD imagerel $LN6+367 + DD imagerel $unwind$?JitEmitRipRelativeOrW@@YAHPEAU_NATIVE_CODE_BLOCK@@HK@Z +pdata ENDS +; COMDAT pdata +pdata SEGMENT +$pdata$?dtor$0@?0??JitEmitRipRelativeOrW@@YAHPEAU_NATIVE_CODE_BLOCK@@HK@Z@4HA DD imagerel ?dtor$0@?0??JitEmitRipRelativeOrW@@YAHPEAU_NATIVE_CODE_BLOCK@@HK@Z@4HA + DD imagerel ?dtor$0@?0??JitEmitRipRelativeOrW@@YAHPEAU_NATIVE_CODE_BLOCK@@HK@Z@4HA+44 + DD imagerel $unwind$?dtor$0@?0??JitEmitRipRelativeOrW@@YAHPEAU_NATIVE_CODE_BLOCK@@HK@Z@4HA +pdata ENDS +; COMDAT pdata +pdata SEGMENT +$pdata$?JitEmitRipRelativeOrB@@YAHPEAU_NATIVE_CODE_BLOCK@@HK@Z DD imagerel $LN6 + DD imagerel $LN6+358 + DD imagerel $unwind$?JitEmitRipRelativeOrB@@YAHPEAU_NATIVE_CODE_BLOCK@@HK@Z +pdata ENDS +; COMDAT pdata +pdata SEGMENT +$pdata$?dtor$0@?0??JitEmitRipRelativeOrB@@YAHPEAU_NATIVE_CODE_BLOCK@@HK@Z@4HA DD imagerel ?dtor$0@?0??JitEmitRipRelativeOrB@@YAHPEAU_NATIVE_CODE_BLOCK@@HK@Z@4HA + DD imagerel ?dtor$0@?0??JitEmitRipRelativeOrB@@YAHPEAU_NATIVE_CODE_BLOCK@@HK@Z@4HA+44 + DD imagerel $unwind$?dtor$0@?0??JitEmitRipRelativeOrB@@YAHPEAU_NATIVE_CODE_BLOCK@@HK@Z@4HA +pdata ENDS +; COMDAT rtc$TMZ +rtc$TMZ SEGMENT +_RTC_Shutdown.rtc$TMZ DQ FLAT:_RTC_Shutdown +rtc$TMZ ENDS +; COMDAT rtc$IMZ +rtc$IMZ SEGMENT +_RTC_InitBase.rtc$IMZ DQ FLAT:_RTC_InitBase +rtc$IMZ ENDS +; COMDAT ??_C@_1BK@MHIKGOKE@?$AA?3?$AAA?$AAM?$AA?3?$AAa?$AAm?$AA?3?$AAP?$AAM?$AA?3?$AAp?$AAm@ +CONST SEGMENT +??_C@_1BK@MHIKGOKE@?$AA?3?$AAA?$AAM?$AA?3?$AAa?$AAm?$AA?3?$AAP?$AAM?$AA?3?$AAp?$AAm@ DB ':' + DB 00H, 'A', 00H, 'M', 00H, ':', 00H, 'a', 00H, 'm', 00H, ':', 00H + DB 'P', 00H, 'M', 00H, ':', 00H, 'p', 00H, 'm', 00H, 00H, 00H ; `string' +CONST ENDS +; COMDAT ??_C@_0N@LPFKKEBD@?3AM?3am?3PM?3pm@ +CONST SEGMENT +??_C@_0N@LPFKKEBD@?3AM?3am?3PM?3pm@ DB ':AM:am:PM:pm', 00H ; `string' +CONST ENDS +; COMDAT ??_C@_0GI@LHMPPKJI@C?3?2Program?5Files?5?$CIx86?$CJ?2Microsof@ +CONST SEGMENT +??_C@_0GI@LHMPPKJI@C?3?2Program?5Files?5?$CIx86?$CJ?2Microsof@ DB 'C:\Pro' + DB 'gram Files (x86)\Microsoft Visual Studio\2019\Community\VC\To' + DB 'ols\MSVC\14.27.29110\include\xlocnum', 00H ; `string' +CONST ENDS +; COMDAT ?__LINE__Var@?0??_Maklocwcs@std@@YAPEA_WPEB_W@Z@4JA +_DATA SEGMENT +?__LINE__Var@?0??_Maklocwcs@std@@YAPEA_WPEB_W@Z@4JA DD 05aH ; `std::_Maklocwcs'::`1'::__LINE__Var +_DATA ENDS +; COMDAT ??_C@_0GI@DEICPIDJ@C?3?2Program?5Files?5?$CIx86?$CJ?2Microsof@ +CONST SEGMENT +??_C@_0GI@DEICPIDJ@C?3?2Program?5Files?5?$CIx86?$CJ?2Microsof@ DB 'C:\Pro' + DB 'gram Files (x86)\Microsoft Visual Studio\2019\Community\VC\To' + DB 'ols\MSVC\14.27.29110\include\xlocale', 00H ; `string' +CONST ENDS +; COMDAT xdata +xdata SEGMENT +$unwind$?dtor$0@?0??JitEmitRipRelativeOrB@@YAHPEAU_NATIVE_CODE_BLOCK@@HK@Z@4HA DD 031001H + DD 0700c4210H + DD 0500bH +xdata ENDS +; COMDAT xdata +xdata SEGMENT +$ip2state$?JitEmitRipRelativeOrB@@YAHPEAU_NATIVE_CODE_BLOCK@@HK@Z DB 06H + DB 00H + DB 00H + DB 0faH + DB 02H + DB 08eH + DB 00H +xdata ENDS +; COMDAT xdata +xdata SEGMENT +$stateUnwindMap$?JitEmitRipRelativeOrB@@YAHPEAU_NATIVE_CODE_BLOCK@@HK@Z DB 02H + DB 0eH + DD imagerel ?dtor$0@?0??JitEmitRipRelativeOrB@@YAHPEAU_NATIVE_CODE_BLOCK@@HK@Z@4HA +xdata ENDS +; COMDAT xdata +xdata SEGMENT +$cppxdata$?JitEmitRipRelativeOrB@@YAHPEAU_NATIVE_CODE_BLOCK@@HK@Z DB 028H + DD imagerel $stateUnwindMap$?JitEmitRipRelativeOrB@@YAHPEAU_NATIVE_CODE_BLOCK@@HK@Z + DD imagerel $ip2state$?JitEmitRipRelativeOrB@@YAHPEAU_NATIVE_CODE_BLOCK@@HK@Z +xdata ENDS +; COMDAT xdata +xdata SEGMENT +$unwind$?JitEmitRipRelativeOrB@@YAHPEAU_NATIVE_CODE_BLOCK@@HK@Z DD 025054419H + DD 0117231cH + DD 07010002fH + DD 0500fH + DD imagerel __GSHandlerCheck_EH4 + DD imagerel $cppxdata$?JitEmitRipRelativeOrB@@YAHPEAU_NATIVE_CODE_BLOCK@@HK@Z + DD 0162H +xdata ENDS +; COMDAT CONST +CONST SEGMENT +?JitEmitRipRelativeOrB@@YAHPEAU_NATIVE_CODE_BLOCK@@HK@Z$rtcName$0 DB 052H ; JitEmitRipRelativeOrB + DB 061H + DB 077H + DB 044H + DB 061H + DB 074H + DB 061H + DB 00H + ORG $+8 +?JitEmitRipRelativeOrB@@YAHPEAU_NATIVE_CODE_BLOCK@@HK@Z$rtcVarDesc DD 024H ; JitEmitRipRelativeOrB + DD 07H + DQ FLAT:?JitEmitRipRelativeOrB@@YAHPEAU_NATIVE_CODE_BLOCK@@HK@Z$rtcName$0 + ORG $+48 +?JitEmitRipRelativeOrB@@YAHPEAU_NATIVE_CODE_BLOCK@@HK@Z$rtcFrameData DD 01H ; JitEmitRipRelativeOrB + DD 00H + DQ FLAT:?JitEmitRipRelativeOrB@@YAHPEAU_NATIVE_CODE_BLOCK@@HK@Z$rtcVarDesc +CONST ENDS +; COMDAT xdata +xdata SEGMENT +$unwind$?dtor$0@?0??JitEmitRipRelativeOrW@@YAHPEAU_NATIVE_CODE_BLOCK@@HK@Z@4HA DD 031001H + DD 0700c4210H + DD 0500bH +xdata ENDS +; COMDAT xdata +xdata SEGMENT +$ip2state$?JitEmitRipRelativeOrW@@YAHPEAU_NATIVE_CODE_BLOCK@@HK@Z DB 06H + DB 00H + DB 00H + DB 015H, 02H + DB 02H + DB 08eH + DB 00H +xdata ENDS +; COMDAT xdata +xdata SEGMENT +$stateUnwindMap$?JitEmitRipRelativeOrW@@YAHPEAU_NATIVE_CODE_BLOCK@@HK@Z DB 02H + DB 0eH + DD imagerel ?dtor$0@?0??JitEmitRipRelativeOrW@@YAHPEAU_NATIVE_CODE_BLOCK@@HK@Z@4HA +xdata ENDS +; COMDAT xdata +xdata SEGMENT +$cppxdata$?JitEmitRipRelativeOrW@@YAHPEAU_NATIVE_CODE_BLOCK@@HK@Z DB 028H + DD imagerel $stateUnwindMap$?JitEmitRipRelativeOrW@@YAHPEAU_NATIVE_CODE_BLOCK@@HK@Z + DD imagerel $ip2state$?JitEmitRipRelativeOrW@@YAHPEAU_NATIVE_CODE_BLOCK@@HK@Z +xdata ENDS +; COMDAT xdata +xdata SEGMENT +$unwind$?JitEmitRipRelativeOrW@@YAHPEAU_NATIVE_CODE_BLOCK@@HK@Z DD 025054419H + DD 0117231cH + DD 070100031H + DD 0500fH + DD imagerel __GSHandlerCheck_EH4 + DD imagerel $cppxdata$?JitEmitRipRelativeOrW@@YAHPEAU_NATIVE_CODE_BLOCK@@HK@Z + DD 0172H +xdata ENDS +; COMDAT CONST +CONST SEGMENT +?JitEmitRipRelativeOrW@@YAHPEAU_NATIVE_CODE_BLOCK@@HK@Z$rtcName$0 DB 052H ; JitEmitRipRelativeOrW + DB 061H + DB 077H + DB 044H + DB 061H + DB 074H + DB 061H + DB 00H + ORG $+8 +?JitEmitRipRelativeOrW@@YAHPEAU_NATIVE_CODE_BLOCK@@HK@Z$rtcVarDesc DD 028H ; JitEmitRipRelativeOrW + DD 09H + DQ FLAT:?JitEmitRipRelativeOrW@@YAHPEAU_NATIVE_CODE_BLOCK@@HK@Z$rtcName$0 + ORG $+48 +?JitEmitRipRelativeOrW@@YAHPEAU_NATIVE_CODE_BLOCK@@HK@Z$rtcFrameData DD 01H ; JitEmitRipRelativeOrW + DD 00H + DQ FLAT:?JitEmitRipRelativeOrW@@YAHPEAU_NATIVE_CODE_BLOCK@@HK@Z$rtcVarDesc +CONST ENDS +; COMDAT xdata +xdata SEGMENT +$unwind$?dtor$0@?0??JitEmitRipRelativeOrD@@YAHPEAU_NATIVE_CODE_BLOCK@@HK@Z@4HA DD 031001H + DD 0700c4210H + DD 0500bH +xdata ENDS +; COMDAT xdata +xdata SEGMENT +$ip2state$?JitEmitRipRelativeOrD@@YAHPEAU_NATIVE_CODE_BLOCK@@HK@Z DB 06H + DB 00H + DB 00H + DB '%', 02H + DB 02H + DB 08eH + DB 00H +xdata ENDS +; COMDAT xdata +xdata SEGMENT +$stateUnwindMap$?JitEmitRipRelativeOrD@@YAHPEAU_NATIVE_CODE_BLOCK@@HK@Z DB 02H + DB 0eH + DD imagerel ?dtor$0@?0??JitEmitRipRelativeOrD@@YAHPEAU_NATIVE_CODE_BLOCK@@HK@Z@4HA +xdata ENDS +; COMDAT xdata +xdata SEGMENT +$cppxdata$?JitEmitRipRelativeOrD@@YAHPEAU_NATIVE_CODE_BLOCK@@HK@Z DB 028H + DD imagerel $stateUnwindMap$?JitEmitRipRelativeOrD@@YAHPEAU_NATIVE_CODE_BLOCK@@HK@Z + DD imagerel $ip2state$?JitEmitRipRelativeOrD@@YAHPEAU_NATIVE_CODE_BLOCK@@HK@Z +xdata ENDS +; COMDAT xdata +xdata SEGMENT +$unwind$?JitEmitRipRelativeOrD@@YAHPEAU_NATIVE_CODE_BLOCK@@HK@Z DD 025054419H + DD 0117231cH + DD 070100031H + DD 0500fH + DD imagerel __GSHandlerCheck_EH4 + DD imagerel $cppxdata$?JitEmitRipRelativeOrD@@YAHPEAU_NATIVE_CODE_BLOCK@@HK@Z + DD 0172H +xdata ENDS +; COMDAT CONST +CONST SEGMENT +?JitEmitRipRelativeOrD@@YAHPEAU_NATIVE_CODE_BLOCK@@HK@Z$rtcName$0 DB 052H ; JitEmitRipRelativeOrD + DB 061H + DB 077H + DB 044H + DB 061H + DB 074H + DB 061H + DB 00H + ORG $+8 +?JitEmitRipRelativeOrD@@YAHPEAU_NATIVE_CODE_BLOCK@@HK@Z$rtcVarDesc DD 028H ; JitEmitRipRelativeOrD + DD 0aH + DQ FLAT:?JitEmitRipRelativeOrD@@YAHPEAU_NATIVE_CODE_BLOCK@@HK@Z$rtcName$0 + ORG $+48 +?JitEmitRipRelativeOrD@@YAHPEAU_NATIVE_CODE_BLOCK@@HK@Z$rtcFrameData DD 01H ; JitEmitRipRelativeOrD + DD 00H + DQ FLAT:?JitEmitRipRelativeOrD@@YAHPEAU_NATIVE_CODE_BLOCK@@HK@Z$rtcVarDesc +CONST ENDS +; COMDAT xdata +xdata SEGMENT +$unwind$??$_Getvals@_W@?$time_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@IEAAX_WAEBV_Locinfo@1@@Z DD 025063501H + DD 0119231eH + DD 070120026H + DD 050106011H +xdata ENDS +; COMDAT xdata +xdata SEGMENT +$unwind$??$_Getvals@_W@?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@IEAAX_WAEBV_Locinfo@1@@Z DD 025063501H + DD 0119231eH + DD 070120026H + DD 050106011H +xdata ENDS +; COMDAT xdata +xdata SEGMENT +$unwind$??$_Maklocstr@D@std@@YAPEADPEBDPEADAEBU_Cvtvec@@@Z DD 035053401H + DD 0118331dH + DD 07011002bH + DD 05010H +xdata ENDS +; COMDAT xdata +xdata SEGMENT +$unwind$?_Maklocwcs@std@@YAPEA_WPEB_W@Z DD 035052a01H + DD 010e3313H + DD 070070027H + DD 05006H +xdata ENDS +; COMDAT xdata +xdata SEGMENT +$unwind$??$_Maklocstr@_W@std@@YAPEA_WPEBDPEA_WAEBU_Cvtvec@@@Z DD 035054519H + DD 0118331dH + DD 070110047H + DD 05010H + DD imagerel __GSHandlerCheck + DD 0228H +xdata ENDS +; COMDAT CONST +CONST SEGMENT +??$_Maklocstr@_W@std@@YAPEA_WPEBDPEA_WAEBU_Cvtvec@@@Z$rtcName$0 DB 05fH ; std::_Maklocstr + DB 057H + DB 063H + DB 00H +??$_Maklocstr@_W@std@@YAPEA_WPEBDPEA_WAEBU_Cvtvec@@@Z$rtcName$1 DB 05fH ; std::_Maklocstr + DB 04dH + DB 062H + DB 073H + DB 074H + DB 031H + DB 00H + ORG $+1 +??$_Maklocstr@_W@std@@YAPEA_WPEBDPEA_WAEBU_Cvtvec@@@Z$rtcName$2 DB 05fH ; std::_Maklocstr + DB 04dH + DB 062H + DB 073H + DB 074H + DB 032H + DB 00H + ORG $+13 +??$_Maklocstr@_W@std@@YAPEA_WPEBDPEA_WAEBU_Cvtvec@@@Z$rtcVarDesc DD 0158H ; std::_Maklocstr + DD 08H + DQ FLAT:??$_Maklocstr@_W@std@@YAPEA_WPEBDPEA_WAEBU_Cvtvec@@@Z$rtcName$2 + DD 0f8H + DD 08H + DQ FLAT:??$_Maklocstr@_W@std@@YAPEA_WPEBDPEA_WAEBU_Cvtvec@@@Z$rtcName$1 + DD 0d4H + DD 02H + DQ FLAT:??$_Maklocstr@_W@std@@YAPEA_WPEBDPEA_WAEBU_Cvtvec@@@Z$rtcName$0 + ORG $+144 +??$_Maklocstr@_W@std@@YAPEA_WPEBDPEA_WAEBU_Cvtvec@@@Z$rtcFrameData DD 03H ; std::_Maklocstr + DD 00H + DQ FLAT:??$_Maklocstr@_W@std@@YAPEA_WPEBDPEA_WAEBU_Cvtvec@@@Z$rtcVarDesc +CONST ENDS +; COMDAT xdata +xdata SEGMENT +$unwind$wmemcpy DD 025053401H + DD 0118231dH + DD 07011001dH + DD 05010H +xdata ENDS +; COMDAT xdata +xdata SEGMENT +$ip2state$?__empty_global_delete@@YAXPEAX_KW4align_val_t@std@@@Z DB 02H + DB 00H + DB 00H +xdata ENDS +; COMDAT xdata +xdata SEGMENT +$cppxdata$?__empty_global_delete@@YAXPEAX_KW4align_val_t@std@@@Z DB 060H + DD imagerel $ip2state$?__empty_global_delete@@YAXPEAX_KW4align_val_t@std@@@Z +xdata ENDS +; COMDAT xdata +xdata SEGMENT +$unwind$?__empty_global_delete@@YAXPEAX_KW4align_val_t@std@@@Z DD 025053419H + DD 0118231dH + DD 07011001dH + DD 05010H + DD imagerel __CxxFrameHandler4 + DD imagerel $cppxdata$?__empty_global_delete@@YAXPEAX_KW4align_val_t@std@@@Z +xdata ENDS +; COMDAT xdata +xdata SEGMENT +$ip2state$?__empty_global_delete@@YAXPEAXW4align_val_t@std@@@Z DB 02H + DB 00H + DB 00H +xdata ENDS +; COMDAT xdata +xdata SEGMENT +$cppxdata$?__empty_global_delete@@YAXPEAXW4align_val_t@std@@@Z DB 060H + DD imagerel $ip2state$?__empty_global_delete@@YAXPEAXW4align_val_t@std@@@Z +xdata ENDS +; COMDAT xdata +xdata SEGMENT +$unwind$?__empty_global_delete@@YAXPEAXW4align_val_t@std@@@Z DD 025052f19H + DD 01132318H + DD 0700c001dH + DD 0500bH + DD imagerel __CxxFrameHandler4 + DD imagerel $cppxdata$?__empty_global_delete@@YAXPEAXW4align_val_t@std@@@Z +xdata ENDS +; COMDAT xdata +xdata SEGMENT +$ip2state$?__empty_global_delete@@YAXPEAX_K@Z DB 02H + DB 00H + DB 00H +xdata ENDS +; COMDAT xdata +xdata SEGMENT +$cppxdata$?__empty_global_delete@@YAXPEAX_K@Z DB 060H + DD imagerel $ip2state$?__empty_global_delete@@YAXPEAX_K@Z +xdata ENDS +; COMDAT xdata +xdata SEGMENT +$unwind$?__empty_global_delete@@YAXPEAX_K@Z DD 025052f19H + DD 01132318H + DD 0700c001dH + DD 0500bH + DD imagerel __CxxFrameHandler4 + DD imagerel $cppxdata$?__empty_global_delete@@YAXPEAX_K@Z +xdata ENDS +; COMDAT xdata +xdata SEGMENT +$ip2state$?__empty_global_delete@@YAXPEAX@Z DB 02H + DB 00H + DB 00H +xdata ENDS +; COMDAT xdata +xdata SEGMENT +$cppxdata$?__empty_global_delete@@YAXPEAX@Z DB 060H + DD imagerel $ip2state$?__empty_global_delete@@YAXPEAX@Z +xdata ENDS +; COMDAT xdata +xdata SEGMENT +$unwind$?__empty_global_delete@@YAXPEAX@Z DD 025052a19H + DD 010e2313H + DD 07007001dH + DD 05006H + DD imagerel __CxxFrameHandler4 + DD imagerel $cppxdata$?__empty_global_delete@@YAXPEAX@Z +xdata ENDS +; Function compile flags: /Odt +; COMDAT __JustMyCode_Default +_TEXT SEGMENT +__JustMyCode_Default PROC ; COMDAT + 00000 c2 00 00 ret 0 +__JustMyCode_Default ENDP +_TEXT ENDS +; Function compile flags: /Odtp /RTCsu /ZI +; File C:\$Fanta\code-virtualizer\CodeVirtualizer\RipOrInst.cpp +; COMDAT ?JitEmitRipRelativeOrB@@YAHPEAU_NATIVE_CODE_BLOCK@@HK@Z +_TEXT SEGMENT +RawData$ = 4 +Link$ = 40 +$T4 = 264 +$T5 = 296 +tv78 = 312 +__$ArrayPad$ = 320 +Block$ = 368 +RipDelta$ = 376 +Value$ = 384 +?JitEmitRipRelativeOrB@@YAHPEAU_NATIVE_CODE_BLOCK@@HK@Z PROC ; JitEmitRipRelativeOrB, COMDAT + +; 28 : { + +$LN6: + 00000 44 89 44 24 18 mov DWORD PTR [rsp+24], r8d + 00005 89 54 24 10 mov DWORD PTR [rsp+16], edx + 00009 48 89 4c 24 08 mov QWORD PTR [rsp+8], rcx + 0000e 55 push rbp + 0000f 57 push rdi + 00010 48 81 ec 78 01 + 00 00 sub rsp, 376 ; 00000178H + 00017 48 8d 6c 24 20 lea rbp, QWORD PTR [rsp+32] + 0001c 48 8b fc mov rdi, rsp + 0001f b9 5e 00 00 00 mov ecx, 94 ; 0000005eH + 00024 b8 cc cc cc cc mov eax, -858993460 ; ccccccccH + 00029 f3 ab rep stosd + 0002b 48 8b 8c 24 98 + 01 00 00 mov rcx, QWORD PTR [rsp+408] + 00033 48 8b 05 00 00 + 00 00 mov rax, QWORD PTR __security_cookie + 0003a 48 33 c5 xor rax, rbp + 0003d 48 89 85 40 01 + 00 00 mov QWORD PTR __$ArrayPad$[rbp], rax + 00044 48 8d 0d 00 00 + 00 00 lea rcx, OFFSET FLAT:__97B6E7BF_RipOrInst@cpp + 0004b e8 00 00 00 00 call __CheckForDebuggerJustMyCode + +; 29 : UCHAR RawData[] = { 0x80, 0x0D, 0x00, 0x00, 0x00, 0x00, 0x00 }; + + 00050 c6 45 04 80 mov BYTE PTR RawData$[rbp], 128 ; 00000080H + 00054 c6 45 05 0d mov BYTE PTR RawData$[rbp+1], 13 + 00058 c6 45 06 00 mov BYTE PTR RawData$[rbp+2], 0 + 0005c c6 45 07 00 mov BYTE PTR RawData$[rbp+3], 0 + 00060 c6 45 08 00 mov BYTE PTR RawData$[rbp+4], 0 + 00064 c6 45 09 00 mov BYTE PTR RawData$[rbp+5], 0 + 00068 c6 45 0a 00 mov BYTE PTR RawData$[rbp+6], 0 + +; 30 : +; 31 : PNATIVE_CODE_LINK Link = new NATIVE_CODE_LINK(CODE_FLAG_IS_INST | CODE_FLAG_DO_NOT_DIVIDE, RawData, sizeof(RawData)); + + 0006c b9 f0 00 00 00 mov ecx, 240 ; 000000f0H + 00071 e8 00 00 00 00 call ??2@YAPEAX_K@Z ; operator new + 00076 48 89 85 28 01 + 00 00 mov QWORD PTR $T5[rbp], rax + 0007d 48 83 bd 28 01 + 00 00 00 cmp QWORD PTR $T5[rbp], 0 + 00085 74 24 je SHORT $LN3@JitEmitRip + 00087 41 b9 07 00 00 + 00 mov r9d, 7 + 0008d 4c 8d 45 04 lea r8, QWORD PTR RawData$[rbp] + 00091 ba 0c 00 00 00 mov edx, 12 + 00096 48 8b 8d 28 01 + 00 00 mov rcx, QWORD PTR $T5[rbp] + 0009d e8 00 00 00 00 call ??0_NATIVE_CODE_LINK@@QEAA@KPEAXK@Z ; _NATIVE_CODE_LINK::_NATIVE_CODE_LINK + 000a2 48 89 85 38 01 + 00 00 mov QWORD PTR tv78[rbp], rax + 000a9 eb 0b jmp SHORT $LN4@JitEmitRip +$LN3@JitEmitRip: + 000ab 48 c7 85 38 01 + 00 00 00 00 00 + 00 mov QWORD PTR tv78[rbp], 0 +$LN4@JitEmitRip: + 000b6 48 8b 85 38 01 + 00 00 mov rax, QWORD PTR tv78[rbp] + 000bd 48 89 85 08 01 + 00 00 mov QWORD PTR $T4[rbp], rax + 000c4 48 8b 85 08 01 + 00 00 mov rax, QWORD PTR $T4[rbp] + 000cb 48 89 45 28 mov QWORD PTR Link$[rbp], rax + +; 32 : *(PINT32)&Link->RawData[2] = RipDelta; + + 000cf b8 01 00 00 00 mov eax, 1 + 000d4 48 6b c0 02 imul rax, rax, 2 + 000d8 48 8b 4d 28 mov rcx, QWORD PTR Link$[rbp] + 000dc 48 8b 49 20 mov rcx, QWORD PTR [rcx+32] + 000e0 8b 95 78 01 00 + 00 mov edx, DWORD PTR RipDelta$[rbp] + 000e6 89 14 08 mov DWORD PTR [rax+rcx], edx + +; 33 : *(PUCHAR)&Link->RawData[6] = (UCHAR)Value; + + 000e9 b8 01 00 00 00 mov eax, 1 + 000ee 48 6b c0 06 imul rax, rax, 6 + 000f2 48 8b 4d 28 mov rcx, QWORD PTR Link$[rbp] + 000f6 48 8b 49 20 mov rcx, QWORD PTR [rcx+32] + 000fa 0f b6 95 80 01 + 00 00 movzx edx, BYTE PTR Value$[rbp] + 00101 88 14 08 mov BYTE PTR [rax+rcx], dl + +; 34 : XedDecode(&Link->XedInstruction, Link->RawData, Link->RawDataSize); + + 00104 48 8b 45 28 mov rax, QWORD PTR Link$[rbp] + 00108 48 83 c0 30 add rax, 48 ; 00000030H + 0010c 48 8b 4d 28 mov rcx, QWORD PTR Link$[rbp] + 00110 44 8b 41 28 mov r8d, DWORD PTR [rcx+40] + 00114 48 8b 4d 28 mov rcx, QWORD PTR Link$[rbp] + 00118 48 8b 51 20 mov rdx, QWORD PTR [rcx+32] + 0011c 48 8b c8 mov rcx, rax + 0011f e8 00 00 00 00 call xed_decode + +; 35 : NcAppendToBlock(Block, Link); + + 00124 48 8b 55 28 mov rdx, QWORD PTR Link$[rbp] + 00128 48 8b 8d 70 01 + 00 00 mov rcx, QWORD PTR Block$[rbp] + 0012f e8 00 00 00 00 call ?NcAppendToBlock@@YAXPEAU_NATIVE_CODE_BLOCK@@PEAU_NATIVE_CODE_LINK@@@Z ; NcAppendToBlock + +; 36 : return TRUE; + + 00134 b8 01 00 00 00 mov eax, 1 + +; 37 : } + + 00139 8b f8 mov edi, eax + 0013b 48 8d 4d e0 lea rcx, QWORD PTR [rbp-32] + 0013f 48 8d 15 00 00 + 00 00 lea rdx, OFFSET FLAT:?JitEmitRipRelativeOrB@@YAHPEAU_NATIVE_CODE_BLOCK@@HK@Z$rtcFrameData + 00146 e8 00 00 00 00 call _RTC_CheckStackVars + 0014b 8b c7 mov eax, edi + 0014d 48 8b 8d 40 01 + 00 00 mov rcx, QWORD PTR __$ArrayPad$[rbp] + 00154 48 33 cd xor rcx, rbp + 00157 e8 00 00 00 00 call __security_check_cookie + 0015c 48 8d a5 58 01 + 00 00 lea rsp, QWORD PTR [rbp+344] + 00163 5f pop rdi + 00164 5d pop rbp + 00165 c3 ret 0 +?JitEmitRipRelativeOrB@@YAHPEAU_NATIVE_CODE_BLOCK@@HK@Z ENDP ; JitEmitRipRelativeOrB +_TEXT ENDS +; COMDAT text$x +text$x SEGMENT +RawData$ = 4 +Link$ = 40 +$T4 = 264 +$T5 = 296 +tv78 = 312 +__$ArrayPad$ = 320 +Block$ = 368 +RipDelta$ = 376 +Value$ = 384 +?dtor$0@?0??JitEmitRipRelativeOrB@@YAHPEAU_NATIVE_CODE_BLOCK@@HK@Z@4HA PROC ; `JitEmitRipRelativeOrB'::`1'::dtor$0 + 00000 48 89 4c 24 08 mov QWORD PTR [rsp+8], rcx + 00005 48 89 54 24 10 mov QWORD PTR [rsp+16], rdx + 0000a 55 push rbp + 0000b 57 push rdi + 0000c 48 83 ec 28 sub rsp, 40 ; 00000028H + 00010 48 8d 6a 20 lea rbp, QWORD PTR [rdx+32] + 00014 ba f0 00 00 00 mov edx, 240 ; 000000f0H + 00019 48 8b 8d 28 01 + 00 00 mov rcx, QWORD PTR $T5[rbp] + 00020 e8 00 00 00 00 call ??3@YAXPEAX_K@Z ; operator delete + 00025 48 83 c4 28 add rsp, 40 ; 00000028H + 00029 5f pop rdi + 0002a 5d pop rbp + 0002b c3 ret 0 +?dtor$0@?0??JitEmitRipRelativeOrB@@YAHPEAU_NATIVE_CODE_BLOCK@@HK@Z@4HA ENDP ; `JitEmitRipRelativeOrB'::`1'::dtor$0 +text$x ENDS +; Function compile flags: /Odtp /RTCsu /ZI +; COMDAT text$x +text$x SEGMENT +RawData$ = 4 +Link$ = 40 +$T4 = 264 +$T5 = 296 +tv78 = 312 +__$ArrayPad$ = 320 +Block$ = 368 +RipDelta$ = 376 +Value$ = 384 +?dtor$0@?0??JitEmitRipRelativeOrB@@YAHPEAU_NATIVE_CODE_BLOCK@@HK@Z@4HA PROC ; `JitEmitRipRelativeOrB'::`1'::dtor$0 + 00000 48 89 4c 24 08 mov QWORD PTR [rsp+8], rcx + 00005 48 89 54 24 10 mov QWORD PTR [rsp+16], rdx + 0000a 55 push rbp + 0000b 57 push rdi + 0000c 48 83 ec 28 sub rsp, 40 ; 00000028H + 00010 48 8d 6a 20 lea rbp, QWORD PTR [rdx+32] + 00014 ba f0 00 00 00 mov edx, 240 ; 000000f0H + 00019 48 8b 8d 28 01 + 00 00 mov rcx, QWORD PTR $T5[rbp] + 00020 e8 00 00 00 00 call ??3@YAXPEAX_K@Z ; operator delete + 00025 48 83 c4 28 add rsp, 40 ; 00000028H + 00029 5f pop rdi + 0002a 5d pop rbp + 0002b c3 ret 0 +?dtor$0@?0??JitEmitRipRelativeOrB@@YAHPEAU_NATIVE_CODE_BLOCK@@HK@Z@4HA ENDP ; `JitEmitRipRelativeOrB'::`1'::dtor$0 +text$x ENDS +; Function compile flags: /Odtp /RTCsu /ZI +; File C:\$Fanta\code-virtualizer\CodeVirtualizer\RipOrInst.cpp +; COMDAT ?JitEmitRipRelativeOrW@@YAHPEAU_NATIVE_CODE_BLOCK@@HK@Z +_TEXT SEGMENT +RawData$ = 8 +Link$ = 56 +$T4 = 280 +$T5 = 312 +tv78 = 328 +__$ArrayPad$ = 336 +Block$ = 384 +RipDelta$ = 392 +Value$ = 400 +?JitEmitRipRelativeOrW@@YAHPEAU_NATIVE_CODE_BLOCK@@HK@Z PROC ; JitEmitRipRelativeOrW, COMDAT + +; 16 : { + +$LN6: + 00000 44 89 44 24 18 mov DWORD PTR [rsp+24], r8d + 00005 89 54 24 10 mov DWORD PTR [rsp+16], edx + 00009 48 89 4c 24 08 mov QWORD PTR [rsp+8], rcx + 0000e 55 push rbp + 0000f 57 push rdi + 00010 48 81 ec 88 01 + 00 00 sub rsp, 392 ; 00000188H + 00017 48 8d 6c 24 20 lea rbp, QWORD PTR [rsp+32] + 0001c 48 8b fc mov rdi, rsp + 0001f b9 62 00 00 00 mov ecx, 98 ; 00000062H + 00024 b8 cc cc cc cc mov eax, -858993460 ; ccccccccH + 00029 f3 ab rep stosd + 0002b 48 8b 8c 24 a8 + 01 00 00 mov rcx, QWORD PTR [rsp+424] + 00033 48 8b 05 00 00 + 00 00 mov rax, QWORD PTR __security_cookie + 0003a 48 33 c5 xor rax, rbp + 0003d 48 89 85 50 01 + 00 00 mov QWORD PTR __$ArrayPad$[rbp], rax + 00044 48 8d 0d 00 00 + 00 00 lea rcx, OFFSET FLAT:__97B6E7BF_RipOrInst@cpp + 0004b e8 00 00 00 00 call __CheckForDebuggerJustMyCode + +; 17 : UCHAR RawData[] = { 0x66, 0x83, 0x0D, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }; + + 00050 c6 45 08 66 mov BYTE PTR RawData$[rbp], 102 ; 00000066H + 00054 c6 45 09 83 mov BYTE PTR RawData$[rbp+1], 131 ; 00000083H + 00058 c6 45 0a 0d mov BYTE PTR RawData$[rbp+2], 13 + 0005c c6 45 0b 00 mov BYTE PTR RawData$[rbp+3], 0 + 00060 c6 45 0c 00 mov BYTE PTR RawData$[rbp+4], 0 + 00064 c6 45 0d 00 mov BYTE PTR RawData$[rbp+5], 0 + 00068 c6 45 0e 00 mov BYTE PTR RawData$[rbp+6], 0 + 0006c c6 45 0f 00 mov BYTE PTR RawData$[rbp+7], 0 + 00070 c6 45 10 00 mov BYTE PTR RawData$[rbp+8], 0 + +; 18 : +; 19 : PNATIVE_CODE_LINK Link = new NATIVE_CODE_LINK(CODE_FLAG_IS_INST | CODE_FLAG_DO_NOT_DIVIDE, RawData, sizeof(RawData)); + + 00074 b9 f0 00 00 00 mov ecx, 240 ; 000000f0H + 00079 e8 00 00 00 00 call ??2@YAPEAX_K@Z ; operator new + 0007e 48 89 85 38 01 + 00 00 mov QWORD PTR $T5[rbp], rax + 00085 48 83 bd 38 01 + 00 00 00 cmp QWORD PTR $T5[rbp], 0 + 0008d 74 24 je SHORT $LN3@JitEmitRip + 0008f 41 b9 09 00 00 + 00 mov r9d, 9 + 00095 4c 8d 45 08 lea r8, QWORD PTR RawData$[rbp] + 00099 ba 0c 00 00 00 mov edx, 12 + 0009e 48 8b 8d 38 01 + 00 00 mov rcx, QWORD PTR $T5[rbp] + 000a5 e8 00 00 00 00 call ??0_NATIVE_CODE_LINK@@QEAA@KPEAXK@Z ; _NATIVE_CODE_LINK::_NATIVE_CODE_LINK + 000aa 48 89 85 48 01 + 00 00 mov QWORD PTR tv78[rbp], rax + 000b1 eb 0b jmp SHORT $LN4@JitEmitRip +$LN3@JitEmitRip: + 000b3 48 c7 85 48 01 + 00 00 00 00 00 + 00 mov QWORD PTR tv78[rbp], 0 +$LN4@JitEmitRip: + 000be 48 8b 85 48 01 + 00 00 mov rax, QWORD PTR tv78[rbp] + 000c5 48 89 85 18 01 + 00 00 mov QWORD PTR $T4[rbp], rax + 000cc 48 8b 85 18 01 + 00 00 mov rax, QWORD PTR $T4[rbp] + 000d3 48 89 45 38 mov QWORD PTR Link$[rbp], rax + +; 20 : *(PINT32)&Link->RawData[3] = RipDelta; + + 000d7 b8 01 00 00 00 mov eax, 1 + 000dc 48 6b c0 03 imul rax, rax, 3 + 000e0 48 8b 4d 38 mov rcx, QWORD PTR Link$[rbp] + 000e4 48 8b 49 20 mov rcx, QWORD PTR [rcx+32] + 000e8 8b 95 88 01 00 + 00 mov edx, DWORD PTR RipDelta$[rbp] + 000ee 89 14 08 mov DWORD PTR [rax+rcx], edx + +; 21 : *(PUSHORT)&Link->RawData[7] = (USHORT)Value; + + 000f1 b8 01 00 00 00 mov eax, 1 + 000f6 48 6b c0 07 imul rax, rax, 7 + 000fa 48 8b 4d 38 mov rcx, QWORD PTR Link$[rbp] + 000fe 48 8b 49 20 mov rcx, QWORD PTR [rcx+32] + 00102 0f b7 95 90 01 + 00 00 movzx edx, WORD PTR Value$[rbp] + 00109 66 89 14 08 mov WORD PTR [rax+rcx], dx + +; 22 : XedDecode(&Link->XedInstruction, Link->RawData, Link->RawDataSize); + + 0010d 48 8b 45 38 mov rax, QWORD PTR Link$[rbp] + 00111 48 83 c0 30 add rax, 48 ; 00000030H + 00115 48 8b 4d 38 mov rcx, QWORD PTR Link$[rbp] + 00119 44 8b 41 28 mov r8d, DWORD PTR [rcx+40] + 0011d 48 8b 4d 38 mov rcx, QWORD PTR Link$[rbp] + 00121 48 8b 51 20 mov rdx, QWORD PTR [rcx+32] + 00125 48 8b c8 mov rcx, rax + 00128 e8 00 00 00 00 call xed_decode + +; 23 : NcAppendToBlock(Block, Link); + + 0012d 48 8b 55 38 mov rdx, QWORD PTR Link$[rbp] + 00131 48 8b 8d 80 01 + 00 00 mov rcx, QWORD PTR Block$[rbp] + 00138 e8 00 00 00 00 call ?NcAppendToBlock@@YAXPEAU_NATIVE_CODE_BLOCK@@PEAU_NATIVE_CODE_LINK@@@Z ; NcAppendToBlock + +; 24 : return TRUE; + + 0013d b8 01 00 00 00 mov eax, 1 + +; 25 : } + + 00142 8b f8 mov edi, eax + 00144 48 8d 4d e0 lea rcx, QWORD PTR [rbp-32] + 00148 48 8d 15 00 00 + 00 00 lea rdx, OFFSET FLAT:?JitEmitRipRelativeOrW@@YAHPEAU_NATIVE_CODE_BLOCK@@HK@Z$rtcFrameData + 0014f e8 00 00 00 00 call _RTC_CheckStackVars + 00154 8b c7 mov eax, edi + 00156 48 8b 8d 50 01 + 00 00 mov rcx, QWORD PTR __$ArrayPad$[rbp] + 0015d 48 33 cd xor rcx, rbp + 00160 e8 00 00 00 00 call __security_check_cookie + 00165 48 8d a5 68 01 + 00 00 lea rsp, QWORD PTR [rbp+360] + 0016c 5f pop rdi + 0016d 5d pop rbp + 0016e c3 ret 0 +?JitEmitRipRelativeOrW@@YAHPEAU_NATIVE_CODE_BLOCK@@HK@Z ENDP ; JitEmitRipRelativeOrW +_TEXT ENDS +; COMDAT text$x +text$x SEGMENT +RawData$ = 8 +Link$ = 56 +$T4 = 280 +$T5 = 312 +tv78 = 328 +__$ArrayPad$ = 336 +Block$ = 384 +RipDelta$ = 392 +Value$ = 400 +?dtor$0@?0??JitEmitRipRelativeOrW@@YAHPEAU_NATIVE_CODE_BLOCK@@HK@Z@4HA PROC ; `JitEmitRipRelativeOrW'::`1'::dtor$0 + 00000 48 89 4c 24 08 mov QWORD PTR [rsp+8], rcx + 00005 48 89 54 24 10 mov QWORD PTR [rsp+16], rdx + 0000a 55 push rbp + 0000b 57 push rdi + 0000c 48 83 ec 28 sub rsp, 40 ; 00000028H + 00010 48 8d 6a 20 lea rbp, QWORD PTR [rdx+32] + 00014 ba f0 00 00 00 mov edx, 240 ; 000000f0H + 00019 48 8b 8d 38 01 + 00 00 mov rcx, QWORD PTR $T5[rbp] + 00020 e8 00 00 00 00 call ??3@YAXPEAX_K@Z ; operator delete + 00025 48 83 c4 28 add rsp, 40 ; 00000028H + 00029 5f pop rdi + 0002a 5d pop rbp + 0002b c3 ret 0 +?dtor$0@?0??JitEmitRipRelativeOrW@@YAHPEAU_NATIVE_CODE_BLOCK@@HK@Z@4HA ENDP ; `JitEmitRipRelativeOrW'::`1'::dtor$0 +text$x ENDS +; Function compile flags: /Odtp /RTCsu /ZI +; COMDAT text$x +text$x SEGMENT +RawData$ = 8 +Link$ = 56 +$T4 = 280 +$T5 = 312 +tv78 = 328 +__$ArrayPad$ = 336 +Block$ = 384 +RipDelta$ = 392 +Value$ = 400 +?dtor$0@?0??JitEmitRipRelativeOrW@@YAHPEAU_NATIVE_CODE_BLOCK@@HK@Z@4HA PROC ; `JitEmitRipRelativeOrW'::`1'::dtor$0 + 00000 48 89 4c 24 08 mov QWORD PTR [rsp+8], rcx + 00005 48 89 54 24 10 mov QWORD PTR [rsp+16], rdx + 0000a 55 push rbp + 0000b 57 push rdi + 0000c 48 83 ec 28 sub rsp, 40 ; 00000028H + 00010 48 8d 6a 20 lea rbp, QWORD PTR [rdx+32] + 00014 ba f0 00 00 00 mov edx, 240 ; 000000f0H + 00019 48 8b 8d 38 01 + 00 00 mov rcx, QWORD PTR $T5[rbp] + 00020 e8 00 00 00 00 call ??3@YAXPEAX_K@Z ; operator delete + 00025 48 83 c4 28 add rsp, 40 ; 00000028H + 00029 5f pop rdi + 0002a 5d pop rbp + 0002b c3 ret 0 +?dtor$0@?0??JitEmitRipRelativeOrW@@YAHPEAU_NATIVE_CODE_BLOCK@@HK@Z@4HA ENDP ; `JitEmitRipRelativeOrW'::`1'::dtor$0 +text$x ENDS +; Function compile flags: /Odtp /RTCsu /ZI +; File C:\$Fanta\code-virtualizer\CodeVirtualizer\RipOrInst.cpp +; COMDAT ?JitEmitRipRelativeOrD@@YAHPEAU_NATIVE_CODE_BLOCK@@HK@Z +_TEXT SEGMENT +RawData$ = 8 +Link$ = 56 +$T4 = 280 +$T5 = 312 +tv78 = 328 +__$ArrayPad$ = 336 +Block$ = 384 +RipDelta$ = 392 +Value$ = 400 +?JitEmitRipRelativeOrD@@YAHPEAU_NATIVE_CODE_BLOCK@@HK@Z PROC ; JitEmitRipRelativeOrD, COMDAT + +; 4 : { + +$LN6: + 00000 44 89 44 24 18 mov DWORD PTR [rsp+24], r8d + 00005 89 54 24 10 mov DWORD PTR [rsp+16], edx + 00009 48 89 4c 24 08 mov QWORD PTR [rsp+8], rcx + 0000e 55 push rbp + 0000f 57 push rdi + 00010 48 81 ec 88 01 + 00 00 sub rsp, 392 ; 00000188H + 00017 48 8d 6c 24 20 lea rbp, QWORD PTR [rsp+32] + 0001c 48 8b fc mov rdi, rsp + 0001f b9 62 00 00 00 mov ecx, 98 ; 00000062H + 00024 b8 cc cc cc cc mov eax, -858993460 ; ccccccccH + 00029 f3 ab rep stosd + 0002b 48 8b 8c 24 a8 + 01 00 00 mov rcx, QWORD PTR [rsp+424] + 00033 48 8b 05 00 00 + 00 00 mov rax, QWORD PTR __security_cookie + 0003a 48 33 c5 xor rax, rbp + 0003d 48 89 85 50 01 + 00 00 mov QWORD PTR __$ArrayPad$[rbp], rax + 00044 48 8d 0d 00 00 + 00 00 lea rcx, OFFSET FLAT:__97B6E7BF_RipOrInst@cpp + 0004b e8 00 00 00 00 call __CheckForDebuggerJustMyCode + +; 5 : UCHAR RawData[] = { 0x81, 0x0D, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }; + + 00050 c6 45 08 81 mov BYTE PTR RawData$[rbp], 129 ; 00000081H + 00054 c6 45 09 0d mov BYTE PTR RawData$[rbp+1], 13 + 00058 c6 45 0a 00 mov BYTE PTR RawData$[rbp+2], 0 + 0005c c6 45 0b 00 mov BYTE PTR RawData$[rbp+3], 0 + 00060 c6 45 0c 00 mov BYTE PTR RawData$[rbp+4], 0 + 00064 c6 45 0d 00 mov BYTE PTR RawData$[rbp+5], 0 + 00068 c6 45 0e 00 mov BYTE PTR RawData$[rbp+6], 0 + 0006c c6 45 0f 00 mov BYTE PTR RawData$[rbp+7], 0 + 00070 c6 45 10 00 mov BYTE PTR RawData$[rbp+8], 0 + 00074 c6 45 11 00 mov BYTE PTR RawData$[rbp+9], 0 + +; 6 : +; 7 : PNATIVE_CODE_LINK Link = new NATIVE_CODE_LINK(CODE_FLAG_IS_INST | CODE_FLAG_DO_NOT_DIVIDE, RawData, sizeof(RawData)); + + 00078 b9 f0 00 00 00 mov ecx, 240 ; 000000f0H + 0007d e8 00 00 00 00 call ??2@YAPEAX_K@Z ; operator new + 00082 48 89 85 38 01 + 00 00 mov QWORD PTR $T5[rbp], rax + 00089 48 83 bd 38 01 + 00 00 00 cmp QWORD PTR $T5[rbp], 0 + 00091 74 24 je SHORT $LN3@JitEmitRip + 00093 41 b9 0a 00 00 + 00 mov r9d, 10 + 00099 4c 8d 45 08 lea r8, QWORD PTR RawData$[rbp] + 0009d ba 0c 00 00 00 mov edx, 12 + 000a2 48 8b 8d 38 01 + 00 00 mov rcx, QWORD PTR $T5[rbp] + 000a9 e8 00 00 00 00 call ??0_NATIVE_CODE_LINK@@QEAA@KPEAXK@Z ; _NATIVE_CODE_LINK::_NATIVE_CODE_LINK + 000ae 48 89 85 48 01 + 00 00 mov QWORD PTR tv78[rbp], rax + 000b5 eb 0b jmp SHORT $LN4@JitEmitRip +$LN3@JitEmitRip: + 000b7 48 c7 85 48 01 + 00 00 00 00 00 + 00 mov QWORD PTR tv78[rbp], 0 +$LN4@JitEmitRip: + 000c2 48 8b 85 48 01 + 00 00 mov rax, QWORD PTR tv78[rbp] + 000c9 48 89 85 18 01 + 00 00 mov QWORD PTR $T4[rbp], rax + 000d0 48 8b 85 18 01 + 00 00 mov rax, QWORD PTR $T4[rbp] + 000d7 48 89 45 38 mov QWORD PTR Link$[rbp], rax + +; 8 : *(PINT32)&Link->RawData[2] = RipDelta; + + 000db b8 01 00 00 00 mov eax, 1 + 000e0 48 6b c0 02 imul rax, rax, 2 + 000e4 48 8b 4d 38 mov rcx, QWORD PTR Link$[rbp] + 000e8 48 8b 49 20 mov rcx, QWORD PTR [rcx+32] + 000ec 8b 95 88 01 00 + 00 mov edx, DWORD PTR RipDelta$[rbp] + 000f2 89 14 08 mov DWORD PTR [rax+rcx], edx + +; 9 : *(PULONG)&Link->RawData[6] = Value; + + 000f5 b8 01 00 00 00 mov eax, 1 + 000fa 48 6b c0 06 imul rax, rax, 6 + 000fe 48 8b 4d 38 mov rcx, QWORD PTR Link$[rbp] + 00102 48 8b 49 20 mov rcx, QWORD PTR [rcx+32] + 00106 8b 95 90 01 00 + 00 mov edx, DWORD PTR Value$[rbp] + 0010c 89 14 08 mov DWORD PTR [rax+rcx], edx + +; 10 : XedDecode(&Link->XedInstruction, Link->RawData, Link->RawDataSize); + + 0010f 48 8b 45 38 mov rax, QWORD PTR Link$[rbp] + 00113 48 83 c0 30 add rax, 48 ; 00000030H + 00117 48 8b 4d 38 mov rcx, QWORD PTR Link$[rbp] + 0011b 44 8b 41 28 mov r8d, DWORD PTR [rcx+40] + 0011f 48 8b 4d 38 mov rcx, QWORD PTR Link$[rbp] + 00123 48 8b 51 20 mov rdx, QWORD PTR [rcx+32] + 00127 48 8b c8 mov rcx, rax + 0012a e8 00 00 00 00 call xed_decode + +; 11 : NcAppendToBlock(Block, Link); + + 0012f 48 8b 55 38 mov rdx, QWORD PTR Link$[rbp] + 00133 48 8b 8d 80 01 + 00 00 mov rcx, QWORD PTR Block$[rbp] + 0013a e8 00 00 00 00 call ?NcAppendToBlock@@YAXPEAU_NATIVE_CODE_BLOCK@@PEAU_NATIVE_CODE_LINK@@@Z ; NcAppendToBlock + +; 12 : return TRUE; + + 0013f b8 01 00 00 00 mov eax, 1 + +; 13 : } + + 00144 8b f8 mov edi, eax + 00146 48 8d 4d e0 lea rcx, QWORD PTR [rbp-32] + 0014a 48 8d 15 00 00 + 00 00 lea rdx, OFFSET FLAT:?JitEmitRipRelativeOrD@@YAHPEAU_NATIVE_CODE_BLOCK@@HK@Z$rtcFrameData + 00151 e8 00 00 00 00 call _RTC_CheckStackVars + 00156 8b c7 mov eax, edi + 00158 48 8b 8d 50 01 + 00 00 mov rcx, QWORD PTR __$ArrayPad$[rbp] + 0015f 48 33 cd xor rcx, rbp + 00162 e8 00 00 00 00 call __security_check_cookie + 00167 48 8d a5 68 01 + 00 00 lea rsp, QWORD PTR [rbp+360] + 0016e 5f pop rdi + 0016f 5d pop rbp + 00170 c3 ret 0 +?JitEmitRipRelativeOrD@@YAHPEAU_NATIVE_CODE_BLOCK@@HK@Z ENDP ; JitEmitRipRelativeOrD +_TEXT ENDS +; COMDAT text$x +text$x SEGMENT +RawData$ = 8 +Link$ = 56 +$T4 = 280 +$T5 = 312 +tv78 = 328 +__$ArrayPad$ = 336 +Block$ = 384 +RipDelta$ = 392 +Value$ = 400 +?dtor$0@?0??JitEmitRipRelativeOrD@@YAHPEAU_NATIVE_CODE_BLOCK@@HK@Z@4HA PROC ; `JitEmitRipRelativeOrD'::`1'::dtor$0 + 00000 48 89 4c 24 08 mov QWORD PTR [rsp+8], rcx + 00005 48 89 54 24 10 mov QWORD PTR [rsp+16], rdx + 0000a 55 push rbp + 0000b 57 push rdi + 0000c 48 83 ec 28 sub rsp, 40 ; 00000028H + 00010 48 8d 6a 20 lea rbp, QWORD PTR [rdx+32] + 00014 ba f0 00 00 00 mov edx, 240 ; 000000f0H + 00019 48 8b 8d 38 01 + 00 00 mov rcx, QWORD PTR $T5[rbp] + 00020 e8 00 00 00 00 call ??3@YAXPEAX_K@Z ; operator delete + 00025 48 83 c4 28 add rsp, 40 ; 00000028H + 00029 5f pop rdi + 0002a 5d pop rbp + 0002b c3 ret 0 +?dtor$0@?0??JitEmitRipRelativeOrD@@YAHPEAU_NATIVE_CODE_BLOCK@@HK@Z@4HA ENDP ; `JitEmitRipRelativeOrD'::`1'::dtor$0 +text$x ENDS +; Function compile flags: /Odtp /RTCsu /ZI +; COMDAT text$x +text$x SEGMENT +RawData$ = 8 +Link$ = 56 +$T4 = 280 +$T5 = 312 +tv78 = 328 +__$ArrayPad$ = 336 +Block$ = 384 +RipDelta$ = 392 +Value$ = 400 +?dtor$0@?0??JitEmitRipRelativeOrD@@YAHPEAU_NATIVE_CODE_BLOCK@@HK@Z@4HA PROC ; `JitEmitRipRelativeOrD'::`1'::dtor$0 + 00000 48 89 4c 24 08 mov QWORD PTR [rsp+8], rcx + 00005 48 89 54 24 10 mov QWORD PTR [rsp+16], rdx + 0000a 55 push rbp + 0000b 57 push rdi + 0000c 48 83 ec 28 sub rsp, 40 ; 00000028H + 00010 48 8d 6a 20 lea rbp, QWORD PTR [rdx+32] + 00014 ba f0 00 00 00 mov edx, 240 ; 000000f0H + 00019 48 8b 8d 38 01 + 00 00 mov rcx, QWORD PTR $T5[rbp] + 00020 e8 00 00 00 00 call ??3@YAXPEAX_K@Z ; operator delete + 00025 48 83 c4 28 add rsp, 40 ; 00000028H + 00029 5f pop rdi + 0002a 5d pop rbp + 0002b c3 ret 0 +?dtor$0@?0??JitEmitRipRelativeOrD@@YAHPEAU_NATIVE_CODE_BLOCK@@HK@Z@4HA ENDP ; `JitEmitRipRelativeOrD'::`1'::dtor$0 +text$x ENDS +; Function compile flags: /Odtp /RTCsu /ZI +; File C:\Program Files (x86)\Microsoft Visual Studio\2019\Community\VC\Tools\MSVC\14.27.29110\include\xloctime +; COMDAT ??$_Getvals@_W@?$time_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@IEAAX_WAEBV_Locinfo@1@@Z +_TEXT SEGMENT +$T1 = 200 +tv93 = 264 +tv85 = 264 +this$ = 304 +__formal$ = 312 +_Lobj$ = 320 +??$_Getvals@_W@?$time_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@IEAAX_WAEBV_Locinfo@1@@Z PROC ; std::time_get > >::_Getvals, COMDAT + +; 176 : void __CLR_OR_THIS_CALL _Getvals(_Elem2, const _Locinfo& _Lobj) { // get values + +$LN5: + 00000 4c 89 44 24 18 mov QWORD PTR [rsp+24], r8 + 00005 66 89 54 24 10 mov WORD PTR [rsp+16], dx + 0000a 48 89 4c 24 08 mov QWORD PTR [rsp+8], rcx + 0000f 55 push rbp + 00010 56 push rsi + 00011 57 push rdi + 00012 48 81 ec 30 01 + 00 00 sub rsp, 304 ; 00000130H + 00019 48 8d 6c 24 20 lea rbp, QWORD PTR [rsp+32] + 0001e 48 8b fc mov rdi, rsp + 00021 b9 4c 00 00 00 mov ecx, 76 ; 0000004cH + 00026 b8 cc cc cc cc mov eax, -858993460 ; ccccccccH + 0002b f3 ab rep stosd + 0002d 48 8b 8c 24 58 + 01 00 00 mov rcx, QWORD PTR [rsp+344] + 00035 48 8d 0d 00 00 + 00 00 lea rcx, OFFSET FLAT:__886F7F70_xloctime + 0003c e8 00 00 00 00 call __CheckForDebuggerJustMyCode + +; 177 : _Cvt = _Lobj._Getcvt(); + + 00041 48 8d 95 c8 00 + 00 00 lea rdx, QWORD PTR $T1[rbp] + 00048 48 8b 8d 40 01 + 00 00 mov rcx, QWORD PTR _Lobj$[rbp] + 0004f ff 15 00 00 00 + 00 call QWORD PTR __imp_?_Getcvt@_Locinfo@std@@QEBA?AU_Cvtvec@@XZ + 00055 48 8b 8d 30 01 + 00 00 mov rcx, QWORD PTR this$[rbp] + 0005c 48 8d 79 2c lea rdi, QWORD PTR [rcx+44] + 00060 48 8b f0 mov rsi, rax + 00063 b9 2c 00 00 00 mov ecx, 44 ; 0000002cH + 00068 f3 a4 rep movsb + +; 178 : +; 179 : if (is_same_v<_Elem2, wchar_t>) { + + 0006a 33 c0 xor eax, eax + 0006c 83 f8 01 cmp eax, 1 + 0006f 74 5c je SHORT $LN2@Getvals + +; 180 : _Days = reinterpret_cast(_Maklocwcs(reinterpret_cast(_Lobj._W_Getdays()))); + + 00071 48 8b 8d 40 01 + 00 00 mov rcx, QWORD PTR _Lobj$[rbp] + 00078 ff 15 00 00 00 + 00 call QWORD PTR __imp_?_W_Getdays@_Locinfo@std@@QEBAPEBGXZ + 0007e 48 8b c8 mov rcx, rax + 00081 e8 00 00 00 00 call ?_Maklocwcs@std@@YAPEA_WPEB_W@Z ; std::_Maklocwcs + 00086 48 8b 8d 30 01 + 00 00 mov rcx, QWORD PTR this$[rbp] + 0008d 48 89 41 10 mov QWORD PTR [rcx+16], rax + +; 181 : _Months = + + 00091 48 8b 8d 40 01 + 00 00 mov rcx, QWORD PTR _Lobj$[rbp] + 00098 ff 15 00 00 00 + 00 call QWORD PTR __imp_?_W_Getmonths@_Locinfo@std@@QEBAPEBGXZ + 0009e 48 8b c8 mov rcx, rax + 000a1 e8 00 00 00 00 call ?_Maklocwcs@std@@YAPEA_WPEB_W@Z ; std::_Maklocwcs + 000a6 48 8b 8d 30 01 + 00 00 mov rcx, QWORD PTR this$[rbp] + 000ad 48 89 41 18 mov QWORD PTR [rcx+24], rax + +; 182 : reinterpret_cast(_Maklocwcs(reinterpret_cast(_Lobj._W_Getmonths()))); +; 183 : _Ampm = reinterpret_cast(_Maklocwcs(L":AM:am:PM:pm")); + + 000b1 48 8d 0d 00 00 + 00 00 lea rcx, OFFSET FLAT:??_C@_1BK@MHIKGOKE@?$AA?3?$AAA?$AAM?$AA?3?$AAa?$AAm?$AA?3?$AAP?$AAM?$AA?3?$AAp?$AAm@ + 000b8 e8 00 00 00 00 call ?_Maklocwcs@std@@YAPEA_WPEB_W@Z ; std::_Maklocwcs + 000bd 48 8b 8d 30 01 + 00 00 mov rcx, QWORD PTR this$[rbp] + 000c4 48 89 41 20 mov QWORD PTR [rcx+32], rax + +; 184 : } else { + + 000c8 e9 a3 00 00 00 jmp $LN3@Getvals +$LN2@Getvals: + +; 185 : _Days = _Maklocstr(_Lobj._Getdays(), static_cast<_Elem*>(nullptr), _Cvt); + + 000cd 48 8b 85 30 01 + 00 00 mov rax, QWORD PTR this$[rbp] + 000d4 48 83 c0 2c add rax, 44 ; 0000002cH + 000d8 48 89 85 08 01 + 00 00 mov QWORD PTR tv85[rbp], rax + 000df 48 8b 8d 40 01 + 00 00 mov rcx, QWORD PTR _Lobj$[rbp] + 000e6 ff 15 00 00 00 + 00 call QWORD PTR __imp_?_Getdays@_Locinfo@std@@QEBAPEBDXZ + 000ec 48 8b 8d 08 01 + 00 00 mov rcx, QWORD PTR tv85[rbp] + 000f3 4c 8b c1 mov r8, rcx + 000f6 33 d2 xor edx, edx + 000f8 48 8b c8 mov rcx, rax + 000fb e8 00 00 00 00 call ??$_Maklocstr@_W@std@@YAPEA_WPEBDPEA_WAEBU_Cvtvec@@@Z ; std::_Maklocstr + 00100 48 8b 8d 30 01 + 00 00 mov rcx, QWORD PTR this$[rbp] + 00107 48 89 41 10 mov QWORD PTR [rcx+16], rax + +; 186 : _Months = _Maklocstr(_Lobj._Getmonths(), static_cast<_Elem*>(nullptr), _Cvt); + + 0010b 48 8b 85 30 01 + 00 00 mov rax, QWORD PTR this$[rbp] + 00112 48 83 c0 2c add rax, 44 ; 0000002cH + 00116 48 89 85 08 01 + 00 00 mov QWORD PTR tv93[rbp], rax + 0011d 48 8b 8d 40 01 + 00 00 mov rcx, QWORD PTR _Lobj$[rbp] + 00124 ff 15 00 00 00 + 00 call QWORD PTR __imp_?_Getmonths@_Locinfo@std@@QEBAPEBDXZ + 0012a 48 8b 8d 08 01 + 00 00 mov rcx, QWORD PTR tv93[rbp] + 00131 4c 8b c1 mov r8, rcx + 00134 33 d2 xor edx, edx + 00136 48 8b c8 mov rcx, rax + 00139 e8 00 00 00 00 call ??$_Maklocstr@_W@std@@YAPEA_WPEBDPEA_WAEBU_Cvtvec@@@Z ; std::_Maklocstr + 0013e 48 8b 8d 30 01 + 00 00 mov rcx, QWORD PTR this$[rbp] + 00145 48 89 41 18 mov QWORD PTR [rcx+24], rax + +; 187 : _Ampm = _Maklocstr(":AM:am:PM:pm", static_cast<_Elem*>(nullptr), _Cvt); + + 00149 48 8b 85 30 01 + 00 00 mov rax, QWORD PTR this$[rbp] + 00150 48 83 c0 2c add rax, 44 ; 0000002cH + 00154 4c 8b c0 mov r8, rax + 00157 33 d2 xor edx, edx + 00159 48 8d 0d 00 00 + 00 00 lea rcx, OFFSET FLAT:??_C@_0N@LPFKKEBD@?3AM?3am?3PM?3pm@ + 00160 e8 00 00 00 00 call ??$_Maklocstr@_W@std@@YAPEA_WPEBDPEA_WAEBU_Cvtvec@@@Z ; std::_Maklocstr + 00165 48 8b 8d 30 01 + 00 00 mov rcx, QWORD PTR this$[rbp] + 0016c 48 89 41 20 mov QWORD PTR [rcx+32], rax +$LN3@Getvals: + +; 188 : } +; 189 : } + + 00170 48 8d a5 10 01 + 00 00 lea rsp, QWORD PTR [rbp+272] + 00177 5f pop rdi + 00178 5e pop rsi + 00179 5d pop rbp + 0017a c3 ret 0 +??$_Getvals@_W@?$time_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@IEAAX_WAEBV_Locinfo@1@@Z ENDP ; std::time_get > >::_Getvals +_TEXT ENDS +; Function compile flags: /Odtp /RTCsu /ZI +; File C:\Program Files (x86)\Microsoft Visual Studio\2019\Community\VC\Tools\MSVC\14.27.29110\include\xloctime +; COMDAT ??$_Getvals@_W@?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@IEAAX_WAEBV_Locinfo@1@@Z +_TEXT SEGMENT +$T1 = 200 +tv93 = 264 +tv85 = 264 +this$ = 304 +__formal$ = 312 +_Lobj$ = 320 +??$_Getvals@_W@?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@IEAAX_WAEBV_Locinfo@1@@Z PROC ; std::time_get > >::_Getvals, COMDAT + +; 176 : void __CLR_OR_THIS_CALL _Getvals(_Elem2, const _Locinfo& _Lobj) { // get values + +$LN5: + 00000 4c 89 44 24 18 mov QWORD PTR [rsp+24], r8 + 00005 66 89 54 24 10 mov WORD PTR [rsp+16], dx + 0000a 48 89 4c 24 08 mov QWORD PTR [rsp+8], rcx + 0000f 55 push rbp + 00010 56 push rsi + 00011 57 push rdi + 00012 48 81 ec 30 01 + 00 00 sub rsp, 304 ; 00000130H + 00019 48 8d 6c 24 20 lea rbp, QWORD PTR [rsp+32] + 0001e 48 8b fc mov rdi, rsp + 00021 b9 4c 00 00 00 mov ecx, 76 ; 0000004cH + 00026 b8 cc cc cc cc mov eax, -858993460 ; ccccccccH + 0002b f3 ab rep stosd + 0002d 48 8b 8c 24 58 + 01 00 00 mov rcx, QWORD PTR [rsp+344] + 00035 48 8d 0d 00 00 + 00 00 lea rcx, OFFSET FLAT:__886F7F70_xloctime + 0003c e8 00 00 00 00 call __CheckForDebuggerJustMyCode + +; 177 : _Cvt = _Lobj._Getcvt(); + + 00041 48 8d 95 c8 00 + 00 00 lea rdx, QWORD PTR $T1[rbp] + 00048 48 8b 8d 40 01 + 00 00 mov rcx, QWORD PTR _Lobj$[rbp] + 0004f ff 15 00 00 00 + 00 call QWORD PTR __imp_?_Getcvt@_Locinfo@std@@QEBA?AU_Cvtvec@@XZ + 00055 48 8b 8d 30 01 + 00 00 mov rcx, QWORD PTR this$[rbp] + 0005c 48 8d 79 2c lea rdi, QWORD PTR [rcx+44] + 00060 48 8b f0 mov rsi, rax + 00063 b9 2c 00 00 00 mov ecx, 44 ; 0000002cH + 00068 f3 a4 rep movsb + +; 178 : +; 179 : if (is_same_v<_Elem2, wchar_t>) { + + 0006a 33 c0 xor eax, eax + 0006c 83 f8 01 cmp eax, 1 + 0006f 74 5c je SHORT $LN2@Getvals + +; 180 : _Days = reinterpret_cast(_Maklocwcs(reinterpret_cast(_Lobj._W_Getdays()))); + + 00071 48 8b 8d 40 01 + 00 00 mov rcx, QWORD PTR _Lobj$[rbp] + 00078 ff 15 00 00 00 + 00 call QWORD PTR __imp_?_W_Getdays@_Locinfo@std@@QEBAPEBGXZ + 0007e 48 8b c8 mov rcx, rax + 00081 e8 00 00 00 00 call ?_Maklocwcs@std@@YAPEA_WPEB_W@Z ; std::_Maklocwcs + 00086 48 8b 8d 30 01 + 00 00 mov rcx, QWORD PTR this$[rbp] + 0008d 48 89 41 10 mov QWORD PTR [rcx+16], rax + +; 181 : _Months = + + 00091 48 8b 8d 40 01 + 00 00 mov rcx, QWORD PTR _Lobj$[rbp] + 00098 ff 15 00 00 00 + 00 call QWORD PTR __imp_?_W_Getmonths@_Locinfo@std@@QEBAPEBGXZ + 0009e 48 8b c8 mov rcx, rax + 000a1 e8 00 00 00 00 call ?_Maklocwcs@std@@YAPEA_WPEB_W@Z ; std::_Maklocwcs + 000a6 48 8b 8d 30 01 + 00 00 mov rcx, QWORD PTR this$[rbp] + 000ad 48 89 41 18 mov QWORD PTR [rcx+24], rax + +; 182 : reinterpret_cast(_Maklocwcs(reinterpret_cast(_Lobj._W_Getmonths()))); +; 183 : _Ampm = reinterpret_cast(_Maklocwcs(L":AM:am:PM:pm")); + + 000b1 48 8d 0d 00 00 + 00 00 lea rcx, OFFSET FLAT:??_C@_1BK@MHIKGOKE@?$AA?3?$AAA?$AAM?$AA?3?$AAa?$AAm?$AA?3?$AAP?$AAM?$AA?3?$AAp?$AAm@ + 000b8 e8 00 00 00 00 call ?_Maklocwcs@std@@YAPEA_WPEB_W@Z ; std::_Maklocwcs + 000bd 48 8b 8d 30 01 + 00 00 mov rcx, QWORD PTR this$[rbp] + 000c4 48 89 41 20 mov QWORD PTR [rcx+32], rax + +; 184 : } else { + + 000c8 e9 a3 00 00 00 jmp $LN3@Getvals +$LN2@Getvals: + +; 185 : _Days = _Maklocstr(_Lobj._Getdays(), static_cast<_Elem*>(nullptr), _Cvt); + + 000cd 48 8b 85 30 01 + 00 00 mov rax, QWORD PTR this$[rbp] + 000d4 48 83 c0 2c add rax, 44 ; 0000002cH + 000d8 48 89 85 08 01 + 00 00 mov QWORD PTR tv85[rbp], rax + 000df 48 8b 8d 40 01 + 00 00 mov rcx, QWORD PTR _Lobj$[rbp] + 000e6 ff 15 00 00 00 + 00 call QWORD PTR __imp_?_Getdays@_Locinfo@std@@QEBAPEBDXZ + 000ec 48 8b 8d 08 01 + 00 00 mov rcx, QWORD PTR tv85[rbp] + 000f3 4c 8b c1 mov r8, rcx + 000f6 33 d2 xor edx, edx + 000f8 48 8b c8 mov rcx, rax + 000fb e8 00 00 00 00 call ??$_Maklocstr@D@std@@YAPEADPEBDPEADAEBU_Cvtvec@@@Z ; std::_Maklocstr + 00100 48 8b 8d 30 01 + 00 00 mov rcx, QWORD PTR this$[rbp] + 00107 48 89 41 10 mov QWORD PTR [rcx+16], rax + +; 186 : _Months = _Maklocstr(_Lobj._Getmonths(), static_cast<_Elem*>(nullptr), _Cvt); + + 0010b 48 8b 85 30 01 + 00 00 mov rax, QWORD PTR this$[rbp] + 00112 48 83 c0 2c add rax, 44 ; 0000002cH + 00116 48 89 85 08 01 + 00 00 mov QWORD PTR tv93[rbp], rax + 0011d 48 8b 8d 40 01 + 00 00 mov rcx, QWORD PTR _Lobj$[rbp] + 00124 ff 15 00 00 00 + 00 call QWORD PTR __imp_?_Getmonths@_Locinfo@std@@QEBAPEBDXZ + 0012a 48 8b 8d 08 01 + 00 00 mov rcx, QWORD PTR tv93[rbp] + 00131 4c 8b c1 mov r8, rcx + 00134 33 d2 xor edx, edx + 00136 48 8b c8 mov rcx, rax + 00139 e8 00 00 00 00 call ??$_Maklocstr@D@std@@YAPEADPEBDPEADAEBU_Cvtvec@@@Z ; std::_Maklocstr + 0013e 48 8b 8d 30 01 + 00 00 mov rcx, QWORD PTR this$[rbp] + 00145 48 89 41 18 mov QWORD PTR [rcx+24], rax + +; 187 : _Ampm = _Maklocstr(":AM:am:PM:pm", static_cast<_Elem*>(nullptr), _Cvt); + + 00149 48 8b 85 30 01 + 00 00 mov rax, QWORD PTR this$[rbp] + 00150 48 83 c0 2c add rax, 44 ; 0000002cH + 00154 4c 8b c0 mov r8, rax + 00157 33 d2 xor edx, edx + 00159 48 8d 0d 00 00 + 00 00 lea rcx, OFFSET FLAT:??_C@_0N@LPFKKEBD@?3AM?3am?3PM?3pm@ + 00160 e8 00 00 00 00 call ??$_Maklocstr@D@std@@YAPEADPEBDPEADAEBU_Cvtvec@@@Z ; std::_Maklocstr + 00165 48 8b 8d 30 01 + 00 00 mov rcx, QWORD PTR this$[rbp] + 0016c 48 89 41 20 mov QWORD PTR [rcx+32], rax +$LN3@Getvals: + +; 188 : } +; 189 : } + + 00170 48 8d a5 10 01 + 00 00 lea rsp, QWORD PTR [rbp+272] + 00177 5f pop rdi + 00178 5e pop rsi + 00179 5d pop rbp + 0017a c3 ret 0 +??$_Getvals@_W@?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@IEAAX_WAEBV_Locinfo@1@@Z ENDP ; std::time_get > >::_Getvals +_TEXT ENDS +; Function compile flags: /Odtp /RTCsu /ZI +; File C:\Program Files (x86)\Microsoft Visual Studio\2019\Community\VC\Tools\MSVC\14.27.29110\include\xlocale +; COMDAT ??$_Maklocstr@D@std@@YAPEADPEBDPEADAEBU_Cvtvec@@@Z +_TEXT SEGMENT +_Count$ = 8 +_Ptrdest$ = 40 +_Ptrnext$1 = 72 +_Ptr$ = 320 +__formal$ = 328 +__formal$ = 336 +??$_Maklocstr@D@std@@YAPEADPEBDPEADAEBU_Cvtvec@@@Z PROC ; std::_Maklocstr, COMDAT + +; 563 : _Elem* __CRTDECL _Maklocstr(const char* _Ptr, _Elem*, const _Locinfo::_Cvtvec&) { + +$LN7: + 00000 4c 89 44 24 18 mov QWORD PTR [rsp+24], r8 + 00005 48 89 54 24 10 mov QWORD PTR [rsp+16], rdx + 0000a 48 89 4c 24 08 mov QWORD PTR [rsp+8], rcx + 0000f 55 push rbp + 00010 57 push rdi + 00011 48 81 ec 58 01 + 00 00 sub rsp, 344 ; 00000158H + 00018 48 8d 6c 24 30 lea rbp, QWORD PTR [rsp+48] + 0001d 48 8b fc mov rdi, rsp + 00020 b9 56 00 00 00 mov ecx, 86 ; 00000056H + 00025 b8 cc cc cc cc mov eax, -858993460 ; ccccccccH + 0002a f3 ab rep stosd + 0002c 48 8b 8c 24 78 + 01 00 00 mov rcx, QWORD PTR [rsp+376] + 00034 48 8d 0d 00 00 + 00 00 lea rcx, OFFSET FLAT:__0E648B51_xlocale + 0003b e8 00 00 00 00 call __CheckForDebuggerJustMyCode + +; 564 : // convert C string to _Elem sequence using _Cvtvec +; 565 : size_t _Count = _CSTD strlen(_Ptr) + 1; + + 00040 48 8b 8d 40 01 + 00 00 mov rcx, QWORD PTR _Ptr$[rbp] + 00047 e8 00 00 00 00 call strlen + 0004c 48 ff c0 inc rax + 0004f 48 89 45 08 mov QWORD PTR _Count$[rbp], rax + +; 566 : +; 567 : _Elem* _Ptrdest = static_cast<_Elem*>(_calloc_dbg(_Count, sizeof(_Elem), _CRT_BLOCK, __FILE__, __LINE__)); + + 00053 c7 44 24 20 37 + 02 00 00 mov DWORD PTR [rsp+32], 567 ; 00000237H + 0005b 4c 8d 0d 00 00 + 00 00 lea r9, OFFSET FLAT:??_C@_0GI@DEICPIDJ@C?3?2Program?5Files?5?$CIx86?$CJ?2Microsof@ + 00062 41 b8 02 00 00 + 00 mov r8d, 2 + 00068 ba 01 00 00 00 mov edx, 1 + 0006d 48 8b 4d 08 mov rcx, QWORD PTR _Count$[rbp] + 00071 ff 15 00 00 00 + 00 call QWORD PTR __imp__calloc_dbg + 00077 48 89 45 28 mov QWORD PTR _Ptrdest$[rbp], rax + +; 568 : +; 569 : if (!_Ptrdest) { + + 0007b 48 83 7d 28 00 cmp QWORD PTR _Ptrdest$[rbp], 0 + 00080 75 05 jne SHORT $LN5@Maklocstr + +; 570 : _Xbad_alloc(); + + 00082 e8 00 00 00 00 call ?_Xbad_alloc@std@@YAXXZ ; std::_Xbad_alloc +$LN5@Maklocstr: + +; 571 : } +; 572 : +; 573 : for (_Elem* _Ptrnext = _Ptrdest; 0 < _Count; --_Count, ++_Ptrnext, ++_Ptr) { + + 00087 48 8b 45 28 mov rax, QWORD PTR _Ptrdest$[rbp] + 0008b 48 89 45 48 mov QWORD PTR _Ptrnext$1[rbp], rax + 0008f eb 27 jmp SHORT $LN4@Maklocstr +$LN2@Maklocstr: + 00091 48 8b 45 08 mov rax, QWORD PTR _Count$[rbp] + 00095 48 ff c8 dec rax + 00098 48 89 45 08 mov QWORD PTR _Count$[rbp], rax + 0009c 48 8b 45 48 mov rax, QWORD PTR _Ptrnext$1[rbp] + 000a0 48 ff c0 inc rax + 000a3 48 89 45 48 mov QWORD PTR _Ptrnext$1[rbp], rax + 000a7 48 8b 85 40 01 + 00 00 mov rax, QWORD PTR _Ptr$[rbp] + 000ae 48 ff c0 inc rax + 000b1 48 89 85 40 01 + 00 00 mov QWORD PTR _Ptr$[rbp], rax +$LN4@Maklocstr: + 000b8 48 83 7d 08 00 cmp QWORD PTR _Count$[rbp], 0 + 000bd 76 12 jbe SHORT $LN3@Maklocstr + +; 574 : *_Ptrnext = static_cast<_Elem>(static_cast(*_Ptr)); + + 000bf 48 8b 45 48 mov rax, QWORD PTR _Ptrnext$1[rbp] + 000c3 48 8b 8d 40 01 + 00 00 mov rcx, QWORD PTR _Ptr$[rbp] + 000ca 0f b6 09 movzx ecx, BYTE PTR [rcx] + 000cd 88 08 mov BYTE PTR [rax], cl + +; 575 : } + + 000cf eb c0 jmp SHORT $LN2@Maklocstr +$LN3@Maklocstr: + +; 576 : +; 577 : return _Ptrdest; + + 000d1 48 8b 45 28 mov rax, QWORD PTR _Ptrdest$[rbp] +$LN6@Maklocstr: + +; 578 : } + + 000d5 48 8d a5 28 01 + 00 00 lea rsp, QWORD PTR [rbp+296] + 000dc 5f pop rdi + 000dd 5d pop rbp + 000de c3 ret 0 +??$_Maklocstr@D@std@@YAPEADPEBDPEADAEBU_Cvtvec@@@Z ENDP ; std::_Maklocstr +_TEXT ENDS +; Function compile flags: /Odtp /RTCsu /ZI +; File C:\Program Files (x86)\Microsoft Visual Studio\2019\Community\VC\Tools\MSVC\14.27.29110\include\xlocnum +; COMDAT ?_Maklocwcs@std@@YAPEA_WPEB_W@Z +_TEXT SEGMENT +_Count$ = 8 +_Ptrdest$ = 40 +_Ptr$ = 288 +?_Maklocwcs@std@@YAPEA_WPEB_W@Z PROC ; std::_Maklocwcs, COMDAT + +; 90 : inline wchar_t* _Maklocwcs(const wchar_t* _Ptr) { // copy NTWCS to allocated storage + +$LN4: + 00000 48 89 4c 24 08 mov QWORD PTR [rsp+8], rcx + 00005 55 push rbp + 00006 57 push rdi + 00007 48 81 ec 38 01 + 00 00 sub rsp, 312 ; 00000138H + 0000e 48 8d 6c 24 30 lea rbp, QWORD PTR [rsp+48] + 00013 48 8b fc mov rdi, rsp + 00016 b9 4e 00 00 00 mov ecx, 78 ; 0000004eH + 0001b b8 cc cc cc cc mov eax, -858993460 ; ccccccccH + 00020 f3 ab rep stosd + 00022 48 8b 8c 24 58 + 01 00 00 mov rcx, QWORD PTR [rsp+344] + 0002a 48 8d 0d 00 00 + 00 00 lea rcx, OFFSET FLAT:__90E3ED46_xlocnum + 00031 e8 00 00 00 00 call __CheckForDebuggerJustMyCode + +; 91 : const size_t _Count = _CSTD wcslen(_Ptr) + 1; + + 00036 48 8b 8d 20 01 + 00 00 mov rcx, QWORD PTR _Ptr$[rbp] + 0003d ff 15 00 00 00 + 00 call QWORD PTR __imp_wcslen + 00043 48 ff c0 inc rax + 00046 48 89 45 08 mov QWORD PTR _Count$[rbp], rax + +; 92 : +; 93 : wchar_t* _Ptrdest = static_cast(_calloc_dbg(_Count, sizeof(wchar_t), _CRT_BLOCK, __FILE__, __LINE__)); + + 0004a 8b 05 00 00 00 + 00 mov eax, DWORD PTR ?__LINE__Var@?0??_Maklocwcs@std@@YAPEA_WPEB_W@Z@4JA + 00050 83 c0 03 add eax, 3 + 00053 89 44 24 20 mov DWORD PTR [rsp+32], eax + 00057 4c 8d 0d 00 00 + 00 00 lea r9, OFFSET FLAT:??_C@_0GI@LHMPPKJI@C?3?2Program?5Files?5?$CIx86?$CJ?2Microsof@ + 0005e 41 b8 02 00 00 + 00 mov r8d, 2 + 00064 ba 02 00 00 00 mov edx, 2 + 00069 48 8b 4d 08 mov rcx, QWORD PTR _Count$[rbp] + 0006d ff 15 00 00 00 + 00 call QWORD PTR __imp__calloc_dbg + 00073 48 89 45 28 mov QWORD PTR _Ptrdest$[rbp], rax + +; 94 : +; 95 : if (!_Ptrdest) { + + 00077 48 83 7d 28 00 cmp QWORD PTR _Ptrdest$[rbp], 0 + 0007c 75 05 jne SHORT $LN2@Maklocwcs + +; 96 : _Xbad_alloc(); + + 0007e e8 00 00 00 00 call ?_Xbad_alloc@std@@YAXXZ ; std::_Xbad_alloc +$LN2@Maklocwcs: + +; 97 : } +; 98 : +; 99 : _CSTD wmemcpy(_Ptrdest, _Ptr, _Count); + + 00083 4c 8b 45 08 mov r8, QWORD PTR _Count$[rbp] + 00087 48 8b 95 20 01 + 00 00 mov rdx, QWORD PTR _Ptr$[rbp] + 0008e 48 8b 4d 28 mov rcx, QWORD PTR _Ptrdest$[rbp] + 00092 e8 00 00 00 00 call wmemcpy + +; 100 : return _Ptrdest; + + 00097 48 8b 45 28 mov rax, QWORD PTR _Ptrdest$[rbp] +$LN3@Maklocwcs: + +; 101 : } + + 0009b 48 8d a5 08 01 + 00 00 lea rsp, QWORD PTR [rbp+264] + 000a2 5f pop rdi + 000a3 5d pop rbp + 000a4 c3 ret 0 +?_Maklocwcs@std@@YAPEA_WPEB_W@Z ENDP ; std::_Maklocwcs +_TEXT ENDS +; Function compile flags: /Odtp /RTCsu /ZI +; File C:\Program Files (x86)\Microsoft Visual Studio\2019\Community\VC\Tools\MSVC\14.27.29110\include\xlocale +; COMDAT ??$_Maklocstr@_W@std@@YAPEA_WPEBDPEA_WAEBU_Cvtvec@@@Z +_TEXT SEGMENT +_Count$ = 8 +_Count1$ = 40 +_Wchars$ = 72 +_Ptr1$ = 104 +_Bytes$ = 132 +_Wc$ = 164 +_Mbst1$ = 200 +_Ptrdest$ = 232 +_Ptrnext$ = 264 +_Mbst2$ = 296 +__$ArrayPad$ = 504 +_Ptr$ = 544 +__formal$ = 552 +_Cvt$ = 560 +??$_Maklocstr@_W@std@@YAPEA_WPEBDPEA_WAEBU_Cvtvec@@@Z PROC ; std::_Maklocstr, COMDAT + +; 581 : inline wchar_t* __CRTDECL _Maklocstr(const char* _Ptr, wchar_t*, const _Locinfo::_Cvtvec& _Cvt) { + +$LN12: + 00000 4c 89 44 24 18 mov QWORD PTR [rsp+24], r8 + 00005 48 89 54 24 10 mov QWORD PTR [rsp+16], rdx + 0000a 48 89 4c 24 08 mov QWORD PTR [rsp+8], rcx + 0000f 55 push rbp + 00010 57 push rdi + 00011 48 81 ec 38 02 + 00 00 sub rsp, 568 ; 00000238H + 00018 48 8d 6c 24 30 lea rbp, QWORD PTR [rsp+48] + 0001d 48 8b fc mov rdi, rsp + 00020 b9 8e 00 00 00 mov ecx, 142 ; 0000008eH + 00025 b8 cc cc cc cc mov eax, -858993460 ; ccccccccH + 0002a f3 ab rep stosd + 0002c 48 8b 8c 24 58 + 02 00 00 mov rcx, QWORD PTR [rsp+600] + 00034 48 8b 05 00 00 + 00 00 mov rax, QWORD PTR __security_cookie + 0003b 48 33 c5 xor rax, rbp + 0003e 48 89 85 f8 01 + 00 00 mov QWORD PTR __$ArrayPad$[rbp], rax + 00045 48 8d 0d 00 00 + 00 00 lea rcx, OFFSET FLAT:__0E648B51_xlocale + 0004c e8 00 00 00 00 call __CheckForDebuggerJustMyCode + +; 582 : // convert C string to wchar_t sequence using _Cvtvec +; 583 : size_t _Count; +; 584 : size_t _Count1; +; 585 : size_t _Wchars; +; 586 : const char* _Ptr1; +; 587 : int _Bytes; +; 588 : wchar_t _Wc; +; 589 : mbstate_t _Mbst1 = {}; + + 00051 48 8d 85 c8 00 + 00 00 lea rax, QWORD PTR _Mbst1$[rbp] + 00058 48 8b f8 mov rdi, rax + 0005b 33 c0 xor eax, eax + 0005d b9 08 00 00 00 mov ecx, 8 + 00062 f3 aa rep stosb + +; 590 : +; 591 : _Count1 = _CSTD strlen(_Ptr) + 1; + + 00064 48 8b 8d 20 02 + 00 00 mov rcx, QWORD PTR _Ptr$[rbp] + 0006b e8 00 00 00 00 call strlen + 00070 48 ff c0 inc rax + 00073 48 89 45 28 mov QWORD PTR _Count1$[rbp], rax + +; 592 : for (_Count = _Count1, _Wchars = 0, _Ptr1 = _Ptr; 0 < _Count; _Count -= _Bytes, _Ptr1 += _Bytes, ++_Wchars) { + + 00077 48 8b 45 28 mov rax, QWORD PTR _Count1$[rbp] + 0007b 48 89 45 08 mov QWORD PTR _Count$[rbp], rax + 0007f 48 c7 45 48 00 + 00 00 00 mov QWORD PTR _Wchars$[rbp], 0 + 00087 48 8b 85 20 02 + 00 00 mov rax, QWORD PTR _Ptr$[rbp] + 0008e 48 89 45 68 mov QWORD PTR _Ptr1$[rbp], rax + 00092 eb 35 jmp SHORT $LN4@Maklocstr +$LN2@Maklocstr: + 00094 48 63 85 84 00 + 00 00 movsxd rax, DWORD PTR _Bytes$[rbp] + 0009b 48 8b 4d 08 mov rcx, QWORD PTR _Count$[rbp] + 0009f 48 2b c8 sub rcx, rax + 000a2 48 8b c1 mov rax, rcx + 000a5 48 89 45 08 mov QWORD PTR _Count$[rbp], rax + 000a9 48 63 85 84 00 + 00 00 movsxd rax, DWORD PTR _Bytes$[rbp] + 000b0 48 8b 4d 68 mov rcx, QWORD PTR _Ptr1$[rbp] + 000b4 48 03 c8 add rcx, rax + 000b7 48 8b c1 mov rax, rcx + 000ba 48 89 45 68 mov QWORD PTR _Ptr1$[rbp], rax + 000be 48 8b 45 48 mov rax, QWORD PTR _Wchars$[rbp] + 000c2 48 ff c0 inc rax + 000c5 48 89 45 48 mov QWORD PTR _Wchars$[rbp], rax +$LN4@Maklocstr: + 000c9 48 83 7d 08 00 cmp QWORD PTR _Count$[rbp], 0 + 000ce 76 3a jbe SHORT $LN3@Maklocstr + +; 593 : if ((_Bytes = _Mbrtowc(&_Wc, _Ptr1, _Count, &_Mbst1, &_Cvt)) <= 0) { + + 000d0 48 8b 85 30 02 + 00 00 mov rax, QWORD PTR _Cvt$[rbp] + 000d7 48 89 44 24 20 mov QWORD PTR [rsp+32], rax + 000dc 4c 8d 8d c8 00 + 00 00 lea r9, QWORD PTR _Mbst1$[rbp] + 000e3 4c 8b 45 08 mov r8, QWORD PTR _Count$[rbp] + 000e7 48 8b 55 68 mov rdx, QWORD PTR _Ptr1$[rbp] + 000eb 48 8d 8d a4 00 + 00 00 lea rcx, QWORD PTR _Wc$[rbp] + 000f2 e8 00 00 00 00 call _Mbrtowc + 000f7 89 85 84 00 00 + 00 mov DWORD PTR _Bytes$[rbp], eax + 000fd 83 bd 84 00 00 + 00 00 cmp DWORD PTR _Bytes$[rbp], 0 + 00104 7f 02 jg SHORT $LN8@Maklocstr + +; 594 : break; + + 00106 eb 02 jmp SHORT $LN3@Maklocstr +$LN8@Maklocstr: + +; 595 : } +; 596 : } + + 00108 eb 8a jmp SHORT $LN2@Maklocstr +$LN3@Maklocstr: + +; 597 : +; 598 : ++_Wchars; // count terminating nul + + 0010a 48 8b 45 48 mov rax, QWORD PTR _Wchars$[rbp] + 0010e 48 ff c0 inc rax + 00111 48 89 45 48 mov QWORD PTR _Wchars$[rbp], rax + +; 599 : +; 600 : wchar_t* _Ptrdest = static_cast(_calloc_dbg(_Wchars, sizeof(wchar_t), _CRT_BLOCK, __FILE__, __LINE__)); + + 00115 c7 44 24 20 58 + 02 00 00 mov DWORD PTR [rsp+32], 600 ; 00000258H + 0011d 4c 8d 0d 00 00 + 00 00 lea r9, OFFSET FLAT:??_C@_0GI@DEICPIDJ@C?3?2Program?5Files?5?$CIx86?$CJ?2Microsof@ + 00124 41 b8 02 00 00 + 00 mov r8d, 2 + 0012a ba 02 00 00 00 mov edx, 2 + 0012f 48 8b 4d 48 mov rcx, QWORD PTR _Wchars$[rbp] + 00133 ff 15 00 00 00 + 00 call QWORD PTR __imp__calloc_dbg + 00139 48 89 85 e8 00 + 00 00 mov QWORD PTR _Ptrdest$[rbp], rax + +; 601 : +; 602 : if (!_Ptrdest) { + + 00140 48 83 bd e8 00 + 00 00 00 cmp QWORD PTR _Ptrdest$[rbp], 0 + 00148 75 05 jne SHORT $LN9@Maklocstr + +; 603 : _Xbad_alloc(); + + 0014a e8 00 00 00 00 call ?_Xbad_alloc@std@@YAXXZ ; std::_Xbad_alloc +$LN9@Maklocstr: + +; 604 : } +; 605 : +; 606 : wchar_t* _Ptrnext = _Ptrdest; + + 0014f 48 8b 85 e8 00 + 00 00 mov rax, QWORD PTR _Ptrdest$[rbp] + 00156 48 89 85 08 01 + 00 00 mov QWORD PTR _Ptrnext$[rbp], rax + +; 607 : mbstate_t _Mbst2 = {}; + + 0015d 48 8d 85 28 01 + 00 00 lea rax, QWORD PTR _Mbst2$[rbp] + 00164 48 8b f8 mov rdi, rax + 00167 33 c0 xor eax, eax + 00169 b9 08 00 00 00 mov ecx, 8 + 0016e f3 aa rep stosb + +; 608 : +; 609 : for (; 0 < _Wchars; _Count -= _Bytes, _Ptr += _Bytes, --_Wchars, ++_Ptrnext) { + + 00170 eb 4d jmp SHORT $LN7@Maklocstr +$LN5@Maklocstr: + 00172 48 63 85 84 00 + 00 00 movsxd rax, DWORD PTR _Bytes$[rbp] + 00179 48 8b 4d 08 mov rcx, QWORD PTR _Count$[rbp] + 0017d 48 2b c8 sub rcx, rax + 00180 48 8b c1 mov rax, rcx + 00183 48 89 45 08 mov QWORD PTR _Count$[rbp], rax + 00187 48 63 85 84 00 + 00 00 movsxd rax, DWORD PTR _Bytes$[rbp] + 0018e 48 8b 8d 20 02 + 00 00 mov rcx, QWORD PTR _Ptr$[rbp] + 00195 48 03 c8 add rcx, rax + 00198 48 8b c1 mov rax, rcx + 0019b 48 89 85 20 02 + 00 00 mov QWORD PTR _Ptr$[rbp], rax + 001a2 48 8b 45 48 mov rax, QWORD PTR _Wchars$[rbp] + 001a6 48 ff c8 dec rax + 001a9 48 89 45 48 mov QWORD PTR _Wchars$[rbp], rax + 001ad 48 8b 85 08 01 + 00 00 mov rax, QWORD PTR _Ptrnext$[rbp] + 001b4 48 83 c0 02 add rax, 2 + 001b8 48 89 85 08 01 + 00 00 mov QWORD PTR _Ptrnext$[rbp], rax +$LN7@Maklocstr: + 001bf 48 83 7d 48 00 cmp QWORD PTR _Wchars$[rbp], 0 + 001c4 76 40 jbe SHORT $LN6@Maklocstr + +; 610 : if ((_Bytes = _Mbrtowc(_Ptrnext, _Ptr, _Count1, &_Mbst2, &_Cvt)) <= 0) { + + 001c6 48 8b 85 30 02 + 00 00 mov rax, QWORD PTR _Cvt$[rbp] + 001cd 48 89 44 24 20 mov QWORD PTR [rsp+32], rax + 001d2 4c 8d 8d 28 01 + 00 00 lea r9, QWORD PTR _Mbst2$[rbp] + 001d9 4c 8b 45 28 mov r8, QWORD PTR _Count1$[rbp] + 001dd 48 8b 95 20 02 + 00 00 mov rdx, QWORD PTR _Ptr$[rbp] + 001e4 48 8b 8d 08 01 + 00 00 mov rcx, QWORD PTR _Ptrnext$[rbp] + 001eb e8 00 00 00 00 call _Mbrtowc + 001f0 89 85 84 00 00 + 00 mov DWORD PTR _Bytes$[rbp], eax + 001f6 83 bd 84 00 00 + 00 00 cmp DWORD PTR _Bytes$[rbp], 0 + 001fd 7f 02 jg SHORT $LN10@Maklocstr + +; 611 : break; + + 001ff eb 05 jmp SHORT $LN6@Maklocstr +$LN10@Maklocstr: + +; 612 : } +; 613 : } + + 00201 e9 6c ff ff ff jmp $LN5@Maklocstr +$LN6@Maklocstr: + +; 614 : +; 615 : *_Ptrnext = L'\0'; + + 00206 33 c0 xor eax, eax + 00208 48 8b 8d 08 01 + 00 00 mov rcx, QWORD PTR _Ptrnext$[rbp] + 0020f 66 89 01 mov WORD PTR [rcx], ax + +; 616 : +; 617 : return _Ptrdest; + + 00212 48 8b 85 e8 00 + 00 00 mov rax, QWORD PTR _Ptrdest$[rbp] +$LN11@Maklocstr: + +; 618 : } + + 00219 48 8b f8 mov rdi, rax + 0021c 48 8d 4d d0 lea rcx, QWORD PTR [rbp-48] + 00220 48 8d 15 00 00 + 00 00 lea rdx, OFFSET FLAT:??$_Maklocstr@_W@std@@YAPEA_WPEBDPEA_WAEBU_Cvtvec@@@Z$rtcFrameData + 00227 e8 00 00 00 00 call _RTC_CheckStackVars + 0022c 48 8b c7 mov rax, rdi + 0022f 48 8b 8d f8 01 + 00 00 mov rcx, QWORD PTR __$ArrayPad$[rbp] + 00236 48 33 cd xor rcx, rbp + 00239 e8 00 00 00 00 call __security_check_cookie + 0023e 48 8d a5 08 02 + 00 00 lea rsp, QWORD PTR [rbp+520] + 00245 5f pop rdi + 00246 5d pop rbp + 00247 c3 ret 0 +??$_Maklocstr@_W@std@@YAPEA_WPEBDPEA_WAEBU_Cvtvec@@@Z ENDP ; std::_Maklocstr +_TEXT ENDS +; Function compile flags: /Odtp /RTCsu /ZI +; File C:\Program Files (x86)\Windows Kits\10\Include\10.0.19041.0\ucrt\wchar.h +; COMDAT wmemcpy +_TEXT SEGMENT +_S1$ = 224 +_S2$ = 232 +_N$ = 240 +wmemcpy PROC ; COMDAT + +; 234 : { + +$LN3: + 00000 4c 89 44 24 18 mov QWORD PTR [rsp+24], r8 + 00005 48 89 54 24 10 mov QWORD PTR [rsp+16], rdx + 0000a 48 89 4c 24 08 mov QWORD PTR [rsp+8], rcx + 0000f 55 push rbp + 00010 57 push rdi + 00011 48 81 ec e8 00 + 00 00 sub rsp, 232 ; 000000e8H + 00018 48 8d 6c 24 20 lea rbp, QWORD PTR [rsp+32] + 0001d 48 8b fc mov rdi, rsp + 00020 b9 3a 00 00 00 mov ecx, 58 ; 0000003aH + 00025 b8 cc cc cc cc mov eax, -858993460 ; ccccccccH + 0002a f3 ab rep stosd + 0002c 48 8b 8c 24 08 + 01 00 00 mov rcx, QWORD PTR [rsp+264] + 00034 48 8d 0d 00 00 + 00 00 lea rcx, OFFSET FLAT:__93DC0B45_wchar@h + 0003b e8 00 00 00 00 call __CheckForDebuggerJustMyCode + +; 235 : #pragma warning(suppress: 6386) // Buffer overrun +; 236 : return (wchar_t*)memcpy(_S1, _S2, _N*sizeof(wchar_t)); + + 00040 48 8b 85 f0 00 + 00 00 mov rax, QWORD PTR _N$[rbp] + 00047 48 d1 e0 shl rax, 1 + 0004a 4c 8b c0 mov r8, rax + 0004d 48 8b 95 e8 00 + 00 00 mov rdx, QWORD PTR _S2$[rbp] + 00054 48 8b 8d e0 00 + 00 00 mov rcx, QWORD PTR _S1$[rbp] + 0005b e8 00 00 00 00 call memcpy + +; 237 : } + + 00060 48 8d a5 c8 00 + 00 00 lea rsp, QWORD PTR [rbp+200] + 00067 5f pop rdi + 00068 5d pop rbp + 00069 c3 ret 0 +wmemcpy ENDP +_TEXT ENDS +; Function compile flags: /Odtp /RTCsu /ZI +; File C:\$Fanta\code-virtualizer\CodeVirtualizer\RipOrInst.cpp +; COMDAT ?__empty_global_delete@@YAXPEAX_KW4align_val_t@std@@@Z +_TEXT SEGMENT +__formal$ = 224 +__formal$ = 232 +__formal$ = 240 +?__empty_global_delete@@YAXPEAX_KW4align_val_t@std@@@Z PROC ; __empty_global_delete, COMDAT + +$LN3: + 00000 4c 89 44 24 18 mov QWORD PTR [rsp+24], r8 + 00005 48 89 54 24 10 mov QWORD PTR [rsp+16], rdx + 0000a 48 89 4c 24 08 mov QWORD PTR [rsp+8], rcx + 0000f 55 push rbp + 00010 57 push rdi + 00011 48 81 ec e8 00 + 00 00 sub rsp, 232 ; 000000e8H + 00018 48 8d 6c 24 20 lea rbp, QWORD PTR [rsp+32] + 0001d 48 8b fc mov rdi, rsp + 00020 b9 3a 00 00 00 mov ecx, 58 ; 0000003aH + 00025 b8 cc cc cc cc mov eax, -858993460 ; ccccccccH + 0002a f3 ab rep stosd + 0002c 48 8b 8c 24 08 + 01 00 00 mov rcx, QWORD PTR [rsp+264] + 00034 48 8d 0d 00 00 + 00 00 lea rcx, OFFSET FLAT:__97B6E7BF_RipOrInst@cpp + 0003b e8 00 00 00 00 call __CheckForDebuggerJustMyCode + 00040 90 npad 1 + 00041 48 8d a5 c8 00 + 00 00 lea rsp, QWORD PTR [rbp+200] + 00048 5f pop rdi + 00049 5d pop rbp + 0004a c3 ret 0 +?__empty_global_delete@@YAXPEAX_KW4align_val_t@std@@@Z ENDP ; __empty_global_delete +_TEXT ENDS +; Function compile flags: /Odtp /RTCsu /ZI +; File C:\$Fanta\code-virtualizer\CodeVirtualizer\RipOrInst.cpp +; COMDAT ?__empty_global_delete@@YAXPEAXW4align_val_t@std@@@Z +_TEXT SEGMENT +__formal$ = 224 +__formal$ = 232 +?__empty_global_delete@@YAXPEAXW4align_val_t@std@@@Z PROC ; __empty_global_delete, COMDAT + +$LN3: + 00000 48 89 54 24 10 mov QWORD PTR [rsp+16], rdx + 00005 48 89 4c 24 08 mov QWORD PTR [rsp+8], rcx + 0000a 55 push rbp + 0000b 57 push rdi + 0000c 48 81 ec e8 00 + 00 00 sub rsp, 232 ; 000000e8H + 00013 48 8d 6c 24 20 lea rbp, QWORD PTR [rsp+32] + 00018 48 8b fc mov rdi, rsp + 0001b b9 3a 00 00 00 mov ecx, 58 ; 0000003aH + 00020 b8 cc cc cc cc mov eax, -858993460 ; ccccccccH + 00025 f3 ab rep stosd + 00027 48 8b 8c 24 08 + 01 00 00 mov rcx, QWORD PTR [rsp+264] + 0002f 48 8d 0d 00 00 + 00 00 lea rcx, OFFSET FLAT:__97B6E7BF_RipOrInst@cpp + 00036 e8 00 00 00 00 call __CheckForDebuggerJustMyCode + 0003b 90 npad 1 + 0003c 48 8d a5 c8 00 + 00 00 lea rsp, QWORD PTR [rbp+200] + 00043 5f pop rdi + 00044 5d pop rbp + 00045 c3 ret 0 +?__empty_global_delete@@YAXPEAXW4align_val_t@std@@@Z ENDP ; __empty_global_delete +_TEXT ENDS +; Function compile flags: /Odtp /RTCsu /ZI +; File C:\$Fanta\code-virtualizer\CodeVirtualizer\RipOrInst.cpp +; COMDAT ?__empty_global_delete@@YAXPEAX_K@Z +_TEXT SEGMENT +__formal$ = 224 +__formal$ = 232 +?__empty_global_delete@@YAXPEAX_K@Z PROC ; __empty_global_delete, COMDAT + +$LN3: + 00000 48 89 54 24 10 mov QWORD PTR [rsp+16], rdx + 00005 48 89 4c 24 08 mov QWORD PTR [rsp+8], rcx + 0000a 55 push rbp + 0000b 57 push rdi + 0000c 48 81 ec e8 00 + 00 00 sub rsp, 232 ; 000000e8H + 00013 48 8d 6c 24 20 lea rbp, QWORD PTR [rsp+32] + 00018 48 8b fc mov rdi, rsp + 0001b b9 3a 00 00 00 mov ecx, 58 ; 0000003aH + 00020 b8 cc cc cc cc mov eax, -858993460 ; ccccccccH + 00025 f3 ab rep stosd + 00027 48 8b 8c 24 08 + 01 00 00 mov rcx, QWORD PTR [rsp+264] + 0002f 48 8d 0d 00 00 + 00 00 lea rcx, OFFSET FLAT:__97B6E7BF_RipOrInst@cpp + 00036 e8 00 00 00 00 call __CheckForDebuggerJustMyCode + 0003b 90 npad 1 + 0003c 48 8d a5 c8 00 + 00 00 lea rsp, QWORD PTR [rbp+200] + 00043 5f pop rdi + 00044 5d pop rbp + 00045 c3 ret 0 +?__empty_global_delete@@YAXPEAX_K@Z ENDP ; __empty_global_delete +_TEXT ENDS +; Function compile flags: /Odtp /RTCsu /ZI +; File C:\$Fanta\code-virtualizer\CodeVirtualizer\RipOrInst.cpp +; COMDAT ?__empty_global_delete@@YAXPEAX@Z +_TEXT SEGMENT +__formal$ = 224 +?__empty_global_delete@@YAXPEAX@Z PROC ; __empty_global_delete, COMDAT + +$LN3: + 00000 48 89 4c 24 08 mov QWORD PTR [rsp+8], rcx + 00005 55 push rbp + 00006 57 push rdi + 00007 48 81 ec e8 00 + 00 00 sub rsp, 232 ; 000000e8H + 0000e 48 8d 6c 24 20 lea rbp, QWORD PTR [rsp+32] + 00013 48 8b fc mov rdi, rsp + 00016 b9 3a 00 00 00 mov ecx, 58 ; 0000003aH + 0001b b8 cc cc cc cc mov eax, -858993460 ; ccccccccH + 00020 f3 ab rep stosd + 00022 48 8b 8c 24 08 + 01 00 00 mov rcx, QWORD PTR [rsp+264] + 0002a 48 8d 0d 00 00 + 00 00 lea rcx, OFFSET FLAT:__97B6E7BF_RipOrInst@cpp + 00031 e8 00 00 00 00 call __CheckForDebuggerJustMyCode + 00036 90 npad 1 + 00037 48 8d a5 c8 00 + 00 00 lea rsp, QWORD PTR [rbp+200] + 0003e 5f pop rdi + 0003f 5d pop rbp + 00040 c3 ret 0 +?__empty_global_delete@@YAXPEAX@Z ENDP ; __empty_global_delete +_TEXT ENDS +END diff --git a/CodeVirtualizer/x64/Debug/RipXorInst.cod b/CodeVirtualizer/x64/Debug/RipXorInst.cod index 1601315..e5caf51 100644 --- a/CodeVirtualizer/x64/Debug/RipXorInst.cod +++ b/CodeVirtualizer/x64/Debug/RipXorInst.cod @@ -647,7 +647,7 @@ $LN6: 00068 c6 45 0a 00 mov BYTE PTR RawData$[rbp+6], 0 ; 30 : -; 31 : PNATIVE_CODE_LINK Link = new NATIVE_CODE_LINK(CODE_FLAG_IS_INST, RawData, sizeof(RawData)); +; 31 : PNATIVE_CODE_LINK Link = new NATIVE_CODE_LINK(CODE_FLAG_IS_INST | CODE_FLAG_DO_NOT_DIVIDE, RawData, sizeof(RawData)); 0006c b9 f0 00 00 00 mov ecx, 240 ; 000000f0H 00071 e8 00 00 00 00 call ??2@YAPEAX_K@Z ; operator new @@ -659,7 +659,7 @@ $LN6: 00087 41 b9 07 00 00 00 mov r9d, 7 0008d 4c 8d 45 04 lea r8, QWORD PTR RawData$[rbp] - 00091 ba 04 00 00 00 mov edx, 4 + 00091 ba 0c 00 00 00 mov edx, 12 00096 48 8b 8d 28 01 00 00 mov rcx, QWORD PTR $T5[rbp] 0009d e8 00 00 00 00 call ??0_NATIVE_CODE_LINK@@QEAA@KPEAXK@Z ; _NATIVE_CODE_LINK::_NATIVE_CODE_LINK @@ -851,7 +851,7 @@ $LN6: 00070 c6 45 10 00 mov BYTE PTR RawData$[rbp+8], 0 ; 18 : -; 19 : PNATIVE_CODE_LINK Link = new NATIVE_CODE_LINK(CODE_FLAG_IS_INST, RawData, sizeof(RawData)); +; 19 : PNATIVE_CODE_LINK Link = new NATIVE_CODE_LINK(CODE_FLAG_IS_INST | CODE_FLAG_DO_NOT_DIVIDE, RawData, sizeof(RawData)); 00074 b9 f0 00 00 00 mov ecx, 240 ; 000000f0H 00079 e8 00 00 00 00 call ??2@YAPEAX_K@Z ; operator new @@ -863,7 +863,7 @@ $LN6: 0008f 41 b9 09 00 00 00 mov r9d, 9 00095 4c 8d 45 08 lea r8, QWORD PTR RawData$[rbp] - 00099 ba 04 00 00 00 mov edx, 4 + 00099 ba 0c 00 00 00 mov edx, 12 0009e 48 8b 8d 38 01 00 00 mov rcx, QWORD PTR $T5[rbp] 000a5 e8 00 00 00 00 call ??0_NATIVE_CODE_LINK@@QEAA@KPEAXK@Z ; _NATIVE_CODE_LINK::_NATIVE_CODE_LINK @@ -1056,7 +1056,7 @@ $LN6: 00074 c6 45 11 00 mov BYTE PTR RawData$[rbp+9], 0 ; 6 : -; 7 : PNATIVE_CODE_LINK Link = new NATIVE_CODE_LINK(CODE_FLAG_IS_INST, RawData, sizeof(RawData)); +; 7 : PNATIVE_CODE_LINK Link = new NATIVE_CODE_LINK(CODE_FLAG_IS_INST | CODE_FLAG_DO_NOT_DIVIDE, RawData, sizeof(RawData)); 00078 b9 f0 00 00 00 mov ecx, 240 ; 000000f0H 0007d e8 00 00 00 00 call ??2@YAPEAX_K@Z ; operator new @@ -1068,7 +1068,7 @@ $LN6: 00093 41 b9 0a 00 00 00 mov r9d, 10 00099 4c 8d 45 08 lea r8, QWORD PTR RawData$[rbp] - 0009d ba 04 00 00 00 mov edx, 4 + 0009d ba 0c 00 00 00 mov edx, 12 000a2 48 8b 8d 38 01 00 00 mov rcx, QWORD PTR $T5[rbp] 000a9 e8 00 00 00 00 call ??0_NATIVE_CODE_LINK@@QEAA@KPEAXK@Z ; _NATIVE_CODE_LINK::_NATIVE_CODE_LINK diff --git a/x64/Debug/CodeVirtualizer.ilk b/x64/Debug/CodeVirtualizer.ilk index 6437973..824e7a6 100644 Binary files a/x64/Debug/CodeVirtualizer.ilk and b/x64/Debug/CodeVirtualizer.ilk differ