.Hello guys,
i just downloaded the new intel compiler to see if it brings some improvement to my c++ code.
But before that i wanted to test if the zlib-dll compiles cleanly and the example prog runs without error.
After compilation i started the example.exe and received the following mesage:
This program was not built to run on your processor
and the app terminates with exit code 1.
So i used OllyDbg and debugged this little app - and finally found the following routine.
I am not very skilled at programming in assembly language and I would like to ask if someone can explain to me what exactly the routine does after my comments stop :)
My CPU is a AMD Athlon XP 3000+.
004026F4 /$ 50 PUSH EAX
004026F5 |. 52 PUSH EDX
004026F6 |. 51 PUSH ECX
004026F7 |. 53 PUSH EBX
004026F8 |. 57 PUSH EDI
004026F9 |. 56 PUSH ESI
004026FA |. 55 PUSH EBP
004026FB |. 8BEC MOV EBP,ESP
004026FD |. 83EC 50 SUB ESP,50
00402700 |. 9C PUSHFD
00402701 |. 58 POP EAX
00402702 |. 8BC8 MOV ECX,EAX
00402704 |. 35 00002000 XOR EAX,200000
00402709 |. 50 PUSH EAX
0040270A |. 9D POPFD
0040270B |. 9C PUSHFD
0040270C |. 58 POP EAX
0040270D |. 3BC1 CMP EAX,ECX
<< First question:
<< Why is ECX different to EAX on AMD CPU?
<< on my machine, EAX is 00200202 and ECX is 00000202
0040270F |. 0F84 2A000000 JE example.0040273F
00402715 |. 51 PUSH ECX
00402716 |. 9D POPFD
00402717 |. 33C0 XOR EAX,EAX << ask for vendor id
00402719 |. 0FA2 CPUID
0040271B |. 8945 FC MOV DWORD PTR SS:[EBP-4],EAX << store results in global var?
0040271E |. 895D F8 MOV DWORD PTR SS:[EBP-8],EBX
00402721 |. 894D E0 MOV DWORD PTR SS:[EBP-20],ECX
00402724 |. 8955 E4 MOV DWORD PTR SS:[EBP-1C],EDX
00402727 |. B8 01000000 MOV EAX,1
0040272C |. 0FA2 CPUID << ask for model, type, ...
0040272E |. 8945 F0 MOV DWORD PTR SS:[EBP-10],EAX
00402731 |. 895D F4 MOV DWORD PTR SS:[EBP-C],EBX
00402734 |. 894D EC MOV DWORD PTR SS:[EBP-14],ECX
00402737 |. 8955 E8 MOV DWORD PTR SS:[EBP-18],EDX
0040273A |. E9 1A000000 JMP example.00402759
0040273F |> 33C0 XOR EAX,EAX
00402741 |. 8945 FC MOV DWORD PTR SS:[EBP-4],EAX
00402744 |. 8945 F8 MOV DWORD PTR SS:[EBP-8],EAX
00402747 |. 8945 E0 MOV DWORD PTR SS:[EBP-20],EAX
0040274A |. 8945 E4 MOV DWORD PTR SS:[EBP-1C],EAX
0040274D |. 8945 F0 MOV DWORD PTR SS:[EBP-10],EAX
00402750 |. 8945 F4 MOV DWORD PTR SS:[EBP-C],EAX
00402753 |. 8945 EC MOV DWORD PTR SS:[EBP-14],EAX
00402756 |. 8945 E8 MOV DWORD PTR SS:[EBP-18],EAX
00402759 |> 8B45 F8 MOV EAX,DWORD PTR SS:[EBP-8]
0040275C |. 3D 47656E75 CMP EAX,756E6547 << compare if EAX is uneG
00402761 |. 75 1B JNZ SHORT example.0040277E
00402763 |. 8B45 E4 MOV EAX,DWORD PTR SS:[EBP-1C]
00402766 |. 3D 696E6549 CMP EAX,49656E69 << compare if EAX is Ieni
0040276B |. 75 11 JNZ SHORT example.0040277E
0040276D |. 8B45 E0 MOV EAX,DWORD PTR SS:[EBP-20]
00402770 |. 3D 6E74656C CMP EAX,6C65746E << compare if EAX is letn
00402775 |. 75 07 JNZ SHORT example.0040277E
00402777 |. BA 01000000 MOV EDX,1 << no clue from here on
0040277C |. EB 02 JMP SHORT example.00402780
0040277E |> 33D2 XOR EDX,EDX
00402780 |> 8B45 FC MOV EAX,DWORD PTR SS:[EBP-4]
00402783 |. 85C0 TEST EAX,EAX
00402785 |. 0F84 BA000000 JE example.00402845
0040278B |. 85D2 TEST EDX,EDX
0040278D |. 0F84 AB000000 JE example.0040283E
00402793 |. 8B45 F0 MOV EAX,DWORD PTR SS:[EBP-10]
00402796 |. C1E8 08 SHR EAX,8
00402799 |. 83E0 0F AND EAX,0F
0040279C |. 83F8 05 CMP EAX,5
0040279F |. 75 1E JNZ SHORT example.004027BF
004027A1 |. 8B45 E8 MOV EAX,DWORD PTR SS:[EBP-18]
004027A4 |. A9 00008000 TEST EAX,800000
004027A9 |. 74 0A JE SHORT example.004027B5
004027AB |. BA 08000000 MOV EDX,8
004027B0 |. E9 95000000 JMP example.0040284A
004027B5 |> BA 02000000 MOV EDX,2
004027BA |. E9 8B000000 JMP example.0040284A
004027BF |> 83F8 06 CMP EAX,6
004027C2 |. 75 4A JNZ SHORT example.0040280E
004027C4 |. 8B45 E8 MOV EAX,DWORD PTR SS:[EBP-18]
004027C7 |. A9 00008000 TEST EAX,800000
004027CC |. 74 07 JE SHORT example.004027D5
004027CE |. BA 10000000 MOV EDX,10
004027D3 |. EB 05 JMP SHORT example.004027DA
004027D5 |> BA 04000000 MOV EDX,4
004027DA |> A9 00000001 TEST EAX,1000000
004027DF |. 74 69 JE SHORT example.0040284A
004027E1 |. A9 00000002 TEST EAX,2000000
004027E6 |. 74 07 JE SHORT example.004027EF
004027E8 |. BA 80000000 MOV EDX,80
004027ED |. EB 05 JMP SHORT example.004027F4
004027EF |> BA 20000000 MOV EDX,20
004027F4 |> A9 00000004 TEST EAX,4000000
004027F9 |. 74 05 JE SHORT example.00402800
004027FB |. BA 00040000 MOV EDX,400
00402800 |> 8B45 EC MOV EAX,DWORD PTR SS:[EBP-14]
00402803 |. A8 01 TEST AL,1
00402805 |. 74 43 JE SHORT example.0040284A
00402807 |. BA 00080000 MOV EDX,800
0040280C |. EB 3C JMP SHORT example.0040284A
0040280E |> 83F8 0F CMP EAX,0F
00402811 |. 75 24 JNZ SHORT example.00402837
00402813 |. 8B45 E8 MOV EAX,DWORD PTR SS:[EBP-18]
00402816 |. A9 00000004 TEST EAX,4000000
0040281B |. 74 07 JE SHORT example.00402824
0040281D |. BA 00020000 MOV EDX,200
00402822 |. EB 05 JMP SHORT example.00402829
00402824 |> BA 01000000 MOV EDX,1
00402829 |> 8B45 EC MOV EAX,DWORD PTR SS:[EBP-14]
0040282C |. A8 01 TEST AL,1
0040282E |. 74 1A JE SHORT example.0040284A
00402830 |. BA 00080000 MOV EDX,800
00402835 |. EB 13 JMP SHORT example.0040284A
00402837 |> BA 01000000 MOV EDX,1
0040283C |. EB 0C JMP SHORT example.0040284A
0040283E |> BA 01000000 MOV EDX,1
00402843 |. EB 05 JMP SHORT example.0040284A
00402845 |> BA 01000000 MOV EDX,1
0040284A |> 8915 24404000 MOV DWORD PTR DS:[404024],EDX
00402850 |. 83C4 50 ADD ESP,50
00402853 |. 5D POP EBP
00402854 |. 5E POP ESI
00402855 |. 5F POP EDI
00402856 |. 5B POP EBX
00402857 |. 59 POP ECX
00402858 |. 5A POP EDX
00402859 |. 58 POP EAX
0040285A \. C3 RETN
Thank you for reading this far ;)
Chris
![[+] expand](/imagery/files/soysauce_blueprint.gif){kind=link}