[ros-dev] crash on ROS vmware install
Gedi
gedi at ntlworld.com
Thu Apr 14 01:25:40 CEST 2005
Source taken from HEAD just before Casper took it down for the rebuild.
Initially it was hanging just after the splash so I rebuilt with DGB to
see if I could glean more info.
Now it crashes upon install, just before it goes to the GUI config.
Here is a sceenshot of the crash
http://homepage.ntlworld.com/gedmurphy/crash.jpg
I have attached the map files for smss. I would have stuck on one for
ntoskrnl too, but it's a little large.
I can stick it on the along with anything else if someone wants it.
Regards,
Ged.
-------------- next part --------------
smss.nostrip.exe: file format pei-i386
Disassembly of section .text:
00401000 <_NtProcessStartup at 4>:
/* Native image's entry point */
VOID STDCALL
NtProcessStartup(PPEB Peb)
{
401000: 55 push %ebp
401001: 89 e5 mov %esp,%ebp
401003: 57 push %edi
401004: 83 ec 34 sub $0x34,%esp
NTSTATUS Status;
PROCESS_BASIC_INFORMATION PBI = {0};
401007: 8d 7d c8 lea 0xffffffc8(%ebp),%edi
40100a: fc cld
40100b: ba 00 00 00 00 mov $0x0,%edx
401010: b8 06 00 00 00 mov $0x6,%eax
401015: 89 c1 mov %eax,%ecx
401017: 89 d0 mov %edx,%eax
401019: f3 ab repz stos %eax,%es:(%edi)
PrintString("ReactOS Session Manager %s (Build %s)\n",
40101b: 83 ec 04 sub $0x4,%esp
40101e: 68 00 50 40 00 push $0x405000
401023: 68 10 50 40 00 push $0x405010
401028: 68 20 50 40 00 push $0x405020
40102d: e8 79 26 00 00 call 4036ab <_PrintString at 0>
401032: 83 c4 10 add $0x10,%esp
KERNEL_RELEASE_STR,
KERNEL_VERSION_BUILD_STR);
/* Lookup yourself */
Status = NtQueryInformationProcess (NtCurrentProcess(),
401035: 83 ec 0c sub $0xc,%esp
401038: 6a 00 push $0x0
40103a: 6a 18 push $0x18
40103c: 8d 45 c8 lea 0xffffffc8(%ebp),%eax
40103f: 50 push %eax
401040: 6a 00 push $0x0
401042: 6a ff push $0xffffffff
401044: e8 27 29 00 00 call 403970 <_NtQueryInformationProcess at 20>
401049: 83 c4 0c add $0xc,%esp
40104c: 89 45 f4 mov %eax,0xfffffff4(%ebp)
ProcessBasicInformation,
& PBI,
sizeof PBI,
NULL);
if(NT_SUCCESS(Status))
40104f: 83 7d f4 00 cmpl $0x0,0xfffffff4(%ebp)
401053: 78 08 js 40105d <_NtProcessStartup at 4+0x5d>
{
SmSsProcessId = PBI.UniqueProcessId;
401055: 8b 45 d8 mov 0xffffffd8(%ebp),%eax
401058: a3 00 60 40 00 mov %eax,0x406000
}
/* Initialize the system */
Status = InitSessionManager();
40105d: e8 24 01 00 00 call 401186 <_InitSessionManager>
401062: 89 45 f4 mov %eax,0xfffffff4(%ebp)
#if 0
if (!NT_SUCCESS(Status))
{
int i;
for (i=0; i < (sizeof Children / sizeof Children[0]); i++)
{
if (Children[i])
{
NtTerminateProcess(Children[i],0);
}
}
DPRINT1("SM: Initialization failed!\n");
goto ByeBye;
}
Status = NtWaitForMultipleObjects(((LONG) sizeof(Children) / sizeof(HANDLE)),
Children,
WaitAny,
TRUE, /* alertable */
NULL); /* NULL for infinite */
if (!NT_SUCCESS(Status))
{
DPRINT1("SM: NtWaitForMultipleObjects failed! (Status=0x%08lx)\n", Status);
}
else
{
DPRINT1("SM: Process terminated!\n");
}
ByeBye:
/* Raise a hard error (crash the system/BSOD) */
NtRaiseHardError(STATUS_SYSTEM_PROCESS_TERMINATED,
0,0,0,0,0);
// NtTerminateProcess(NtCurrentProcess(), 0);
#endif
NtTerminateThread(NtCurrentThread(), Status);
401065: 83 ec 08 sub $0x8,%esp
401068: ff 75 f4 pushl 0xfffffff4(%ebp)
40106b: 6a fe push $0xfffffffe
40106d: e8 0e 29 00 00 call 403980 <_NtTerminateThread at 8>
401072: 83 c4 08 add $0x8,%esp
}
401075: 8b 7d fc mov 0xfffffffc(%ebp),%edi
401078: c9 leave
401079: c2 04 00 ret $0x4
40107c: 90 nop
40107d: 90 nop
40107e: 90 nop
40107f: 90 nop
00401080 <_SmpSignalInitEvent>:
401080: 55 push %ebp
401081: 89 e5 mov %esp,%ebp
401083: 57 push %edi
401084: 83 ec 54 sub $0x54,%esp
401087: c7 45 f4 00 00 00 00 movl $0x0,0xfffffff4(%ebp)
40108e: 8d 7d c8 lea 0xffffffc8(%ebp),%edi
401091: fc cld
401092: ba 00 00 00 00 mov $0x0,%edx
401097: b8 06 00 00 00 mov $0x6,%eax
40109c: 89 c1 mov %eax,%ecx
40109e: 89 d0 mov %edx,%eax
4010a0: f3 ab repz stos %eax,%es:(%edi)
4010a2: c7 45 c0 00 00 00 00 movl $0x0,0xffffffc0(%ebp)
4010a9: c7 45 c4 00 00 00 00 movl $0x0,0xffffffc4(%ebp)
4010b0: c7 45 bc 00 00 00 00 movl $0x0,0xffffffbc(%ebp)
4010b7: 83 ec 08 sub $0x8,%esp
4010ba: 68 60 50 40 00 push $0x405060
4010bf: 8d 45 c0 lea 0xffffffc0(%ebp),%eax
4010c2: 50 push %eax
4010c3: e8 c8 28 00 00 call 403990 <_RtlInitUnicodeString at 8>
4010c8: 83 c4 08 add $0x8,%esp
4010cb: c7 45 c8 18 00 00 00 movl $0x18,0xffffffc8(%ebp)
4010d2: 8d 45 c0 lea 0xffffffc0(%ebp),%eax
4010d5: 89 45 d0 mov %eax,0xffffffd0(%ebp)
4010d8: c7 45 d4 03 00 1f 00 movl $0x1f0003,0xffffffd4(%ebp)
4010df: c7 45 cc 00 00 00 00 movl $0x0,0xffffffcc(%ebp)
4010e6: c7 45 d8 00 00 00 00 movl $0x0,0xffffffd8(%ebp)
4010ed: c7 45 dc 00 00 00 00 movl $0x0,0xffffffdc(%ebp)
4010f4: 83 ec 04 sub $0x4,%esp
4010f7: 8d 45 c8 lea 0xffffffc8(%ebp),%eax
4010fa: 50 push %eax
4010fb: 68 03 00 1f 00 push $0x1f0003
401100: 8d 45 bc lea 0xffffffbc(%ebp),%eax
401103: 50 push %eax
401104: e8 97 28 00 00 call 4039a0 <_NtOpenEvent at 12>
401109: 83 c4 04 add $0x4,%esp
40110c: 89 45 f4 mov %eax,0xfffffff4(%ebp)
40110f: 83 7d f4 00 cmpl $0x0,0xfffffff4(%ebp)
401113: 78 42 js 401157 <_SmpSignalInitEvent+0xd7>
401115: 83 ec 08 sub $0x8,%esp
401118: 6a 00 push $0x0
40111a: ff 75 bc pushl 0xffffffbc(%ebp)
40111d: e8 8e 28 00 00 call 4039b0 <_NtPulseEvent at 8>
401122: 83 c4 08 add $0x8,%esp
401125: c7 45 b0 80 0f 05 fd movl $0xfd050f80,0xffffffb0(%ebp)
40112c: c7 45 b4 ff ff ff ff movl $0xffffffff,0xffffffb4(%ebp)
401133: 83 ec 04 sub $0x4,%esp
401136: 8d 45 b0 lea 0xffffffb0(%ebp),%eax
401139: 50 push %eax
40113a: 6a 00 push $0x0
40113c: ff 75 bc pushl 0xffffffbc(%ebp)
40113f: e8 7c 28 00 00 call 4039c0 <_NtWaitForSingleObject at 12>
401144: 83 c4 04 add $0x4,%esp
401147: 83 ec 0c sub $0xc,%esp
40114a: ff 75 bc pushl 0xffffffbc(%ebp)
40114d: e8 7e 28 00 00 call 4039d0 <_NtClose at 4>
401152: 83 c4 0c add $0xc,%esp
401155: eb 27 jmp 40117e <_SmpSignalInitEvent+0xfe>
401157: 83 ec 04 sub $0x4,%esp
40115a: 6a 44 push $0x44
40115c: 68 82 50 40 00 push $0x405082
401161: 68 89 50 40 00 push $0x405089
401166: e8 75 28 00 00 call 4039e0 <_DbgPrint>
40116b: 83 c4 10 add $0x10,%esp
40116e: 83 ec 0c sub $0xc,%esp
401171: 68 a0 50 40 00 push $0x4050a0
401176: e8 65 28 00 00 call 4039e0 <_DbgPrint>
40117b: 83 c4 10 add $0x10,%esp
40117e: 8b 45 f4 mov 0xfffffff4(%ebp),%eax
401181: 8b 7d fc mov 0xfffffffc(%ebp),%edi
401184: c9 leave
401185: c3 ret
00401186 <_InitSessionManager>:
/* EOF */
401186: 55 push %ebp
401187: 89 e5 mov %esp,%ebp
401189: 83 ec 18 sub $0x18,%esp
40118c: c7 45 fc 00 00 00 00 movl $0x0,0xfffffffc(%ebp)
401193: c7 45 f8 00 00 00 00 movl $0x0,0xfffffff8(%ebp)
40119a: c7 45 fc 00 00 00 00 movl $0x0,0xfffffffc(%ebp)
4011a1: 83 7d fc 0e cmpl $0xe,0xfffffffc(%ebp)
4011a5: 76 05 jbe 4011ac <_InitSessionManager+0x26>
4011a7: e9 82 00 00 00 jmp 40122e <_InitSessionManager+0xa8>
4011ac: 8b 55 fc mov 0xfffffffc(%ebp),%edx
4011af: 89 d0 mov %edx,%eax
4011b1: 01 c0 add %eax,%eax
4011b3: 01 d0 add %edx,%eax
4011b5: c1 e0 02 shl $0x2,%eax
4011b8: 8b 80 04 40 40 00 mov 0x404004(%eax),%eax
4011be: ff d0 call *%eax
4011c0: 89 45 f8 mov %eax,0xfffffff8(%ebp)
4011c3: 83 7d f8 00 cmpl $0x0,0xfffffff8(%ebp)
4011c7: 79 5b jns 401224 <_InitSessionManager+0x9e>
4011c9: 83 ec 04 sub $0x4,%esp
4011cc: 6a 6c push $0x6c
4011ce: 68 82 50 40 00 push $0x405082
4011d3: 68 89 50 40 00 push $0x405089
4011d8: e8 03 28 00 00 call 4039e0 <_DbgPrint>
4011dd: 83 c4 10 add $0x10,%esp
4011e0: ff 75 f8 pushl 0xfffffff8(%ebp)
4011e3: 8b 55 fc mov 0xfffffffc(%ebp),%edx
4011e6: 89 d0 mov %edx,%eax
4011e8: 01 c0 add %eax,%eax
4011ea: 01 d0 add %edx,%eax
4011ec: c1 e0 02 shl $0x2,%eax
4011ef: ff b0 08 40 40 00 pushl 0x404008(%eax)
4011f5: 68 65 52 40 00 push $0x405265
4011fa: 68 80 52 40 00 push $0x405280
4011ff: e8 dc 27 00 00 call 4039e0 <_DbgPrint>
401204: 83 c4 10 add $0x10,%esp
401207: 8b 55 fc mov 0xfffffffc(%ebp),%edx
40120a: 89 d0 mov %edx,%eax
40120c: 01 c0 add %eax,%eax
40120e: 01 d0 add %edx,%eax
401210: c1 e0 02 shl $0x2,%eax
401213: 83 b8 00 40 40 00 00 cmpl $0x0,0x404000(%eax)
40121a: 74 08 je 401224 <_InitSessionManager+0x9e>
40121c: 8b 45 f8 mov 0xfffffff8(%ebp),%eax
40121f: 89 45 f4 mov %eax,0xfffffff4(%ebp)
401222: eb 11 jmp 401235 <_InitSessionManager+0xaf>
401224: 8d 45 fc lea 0xfffffffc(%ebp),%eax
401227: ff 00 incl (%eax)
401229: e9 73 ff ff ff jmp 4011a1 <_InitSessionManager+0x1b>
40122e: c7 45 f4 00 00 00 00 movl $0x0,0xfffffff4(%ebp)
401235: 8b 45 f4 mov 0xfffffff4(%ebp),%eax
401238: c9 leave
401239: c3 ret
40123a: 90 nop
40123b: 90 nop
40123c: 90 nop
40123d: 90 nop
40123e: 90 nop
40123f: 90 nop
00401240 <_SmCreateHeap>:
HANDLE SmpHeap = NULL;
NTSTATUS
SmCreateHeap(VOID)
{
401240: 55 push %ebp
401241: 89 e5 mov %esp,%ebp
401243: 83 ec 08 sub $0x8,%esp
/* Create our own heap */
SmpHeap = RtlCreateHeap(HEAP_GROWABLE,
401246: 83 ec 08 sub $0x8,%esp
401249: 6a 00 push $0x0
40124b: 6a 00 push $0x0
40124d: 68 00 00 01 00 push $0x10000
401252: 68 00 00 01 00 push $0x10000
401257: 6a 00 push $0x0
401259: 6a 02 push $0x2
40125b: e8 90 27 00 00 call 4039f0 <_RtlCreateHeap at 24>
401260: 83 c4 08 add $0x8,%esp
401263: a3 10 60 40 00 mov %eax,0x406010
NULL,
65536,
65536,
NULL,
NULL);
return (NULL == SmpHeap) ? STATUS_UNSUCCESSFUL : STATUS_SUCCESS;
401268: 83 3d 10 60 40 00 00 cmpl $0x0,0x406010
40126f: 75 09 jne 40127a <_SmCreateHeap+0x3a>
401271: c7 45 fc 01 00 00 c0 movl $0xc0000001,0xfffffffc(%ebp)
401278: eb 07 jmp 401281 <_SmCreateHeap+0x41>
40127a: c7 45 fc 00 00 00 00 movl $0x0,0xfffffffc(%ebp)
401281: 8b 45 fc mov 0xfffffffc(%ebp),%eax
}
401284: c9 leave
401285: c3 ret
401286: 90 nop
401287: 90 nop
401288: 90 nop
401289: 90 nop
40128a: 90 nop
40128b: 90 nop
40128c: 90 nop
40128d: 90 nop
40128e: 90 nop
40128f: 90 nop
00401290 <_SmCreateEnvironment>:
401290: 55 push %ebp
401291: 89 e5 mov %esp,%ebp
401293: 83 ec 08 sub $0x8,%esp
401296: 83 ec 08 sub $0x8,%esp
401299: 68 20 60 40 00 push $0x406020
40129e: 6a 00 push $0x0
4012a0: e8 5b 27 00 00 call 403a00 <_RtlCreateEnvironment at 8>
4012a5: 83 c4 08 add $0x8,%esp
4012a8: c9 leave
4012a9: c3 ret
004012aa <_SmpSetEnvironmentVariable>:
4012aa: 55 push %ebp
4012ab: 89 e5 mov %esp,%ebp
4012ad: 83 ec 18 sub $0x18,%esp
4012b0: 83 ec 08 sub $0x8,%esp
4012b3: ff 75 0c pushl 0xc(%ebp)
4012b6: 8d 45 f8 lea 0xfffffff8(%ebp),%eax
4012b9: 50 push %eax
4012ba: e8 d1 26 00 00 call 403990 <_RtlInitUnicodeString at 8>
4012bf: 83 c4 08 add $0x8,%esp
4012c2: 83 ec 08 sub $0x8,%esp
4012c5: ff 75 10 pushl 0x10(%ebp)
4012c8: 8d 45 f0 lea 0xfffffff0(%ebp),%eax
4012cb: 50 push %eax
4012cc: e8 bf 26 00 00 call 403990 <_RtlInitUnicodeString at 8>
4012d1: 83 c4 08 add $0x8,%esp
4012d4: 83 ec 04 sub $0x4,%esp
4012d7: 8d 45 f0 lea 0xfffffff0(%ebp),%eax
4012da: 50 push %eax
4012db: 8d 45 f8 lea 0xfffffff8(%ebp),%eax
4012de: 50 push %eax
4012df: ff 75 08 pushl 0x8(%ebp)
4012e2: e8 29 27 00 00 call 403a10 <_RtlSetEnvironmentVariable at 12>
4012e7: 83 c4 04 add $0x4,%esp
4012ea: b8 00 00 00 00 mov $0x0,%eax
4012ef: c9 leave
4012f0: c3 ret
004012f1 <_SmpEnvironmentQueryRoutine at 24>:
4012f1: 55 push %ebp
4012f2: 89 e5 mov %esp,%ebp
4012f4: 83 ec 08 sub $0x8,%esp
4012f7: 83 7d 0c 01 cmpl $0x1,0xc(%ebp)
4012fb: 74 09 je 401306 <_SmpEnvironmentQueryRoutine at 24+0x15>
4012fd: c7 45 fc 00 00 00 00 movl $0x0,0xfffffffc(%ebp)
401304: eb 17 jmp 40131d <_SmpEnvironmentQueryRoutine at 24+0x2c>
401306: 83 ec 04 sub $0x4,%esp
401309: ff 75 10 pushl 0x10(%ebp)
40130c: ff 75 08 pushl 0x8(%ebp)
40130f: ff 75 18 pushl 0x18(%ebp)
401312: e8 93 ff ff ff call 4012aa <_SmpSetEnvironmentVariable>
401317: 83 c4 10 add $0x10,%esp
40131a: 89 45 fc mov %eax,0xfffffffc(%ebp)
40131d: 8b 45 fc mov 0xfffffffc(%ebp),%eax
401320: c9 leave
401321: c2 18 00 ret $0x18
00401324 <_SmSetEnvironmentVariables>:
401324: 55 push %ebp
401325: 89 e5 mov %esp,%ebp
401327: 81 ec 68 02 00 00 sub $0x268,%esp
*/
/* Copy system root into value buffer */
wcscpy(ValueBuffer,
40132d: 83 ec 08 sub $0x8,%esp
401330: 68 30 00 fe 7f push $0x7ffe0030
401335: 8d 85 a8 fd ff ff lea 0xfffffda8(%ebp),%eax
40133b: 50 push %eax
40133c: e8 ff 26 00 00 call 403a40 <_wcscpy>
401341: 83 c4 10 add $0x10,%esp
SharedUserData->NtSystemRoot);
/* Set SystemRoot = "C:\reactos" */
SmpSetEnvironmentVariable(&SmSystemEnvironment,L"SystemRoot",ValueBuffer);
401344: 83 ec 04 sub $0x4,%esp
401347: 8d 85 a8 fd ff ff lea 0xfffffda8(%ebp),%eax
40134d: 50 push %eax
40134e: 68 c0 52 40 00 push $0x4052c0
401353: 68 20 60 40 00 push $0x406020
401358: e8 4d ff ff ff call 4012aa <_SmpSetEnvironmentVariable>
40135d: 83 c4 10 add $0x10,%esp
/* Cut off trailing path */
ValueBuffer[2] = 0;
401360: 66 c7 85 ac fd ff ff movw $0x0,0xfffffdac(%ebp)
401367: 00 00
/* Set SystemDrive = "C:" */
SmpSetEnvironmentVariable(&SmSystemEnvironment,L"SystemDrive",ValueBuffer);
401369: 83 ec 04 sub $0x4,%esp
40136c: 8d 85 a8 fd ff ff lea 0xfffffda8(%ebp),%eax
401372: 50 push %eax
401373: 68 d6 52 40 00 push $0x4052d6
401378: 68 20 60 40 00 push $0x406020
40137d: e8 28 ff ff ff call 4012aa <_SmpSetEnvironmentVariable>
401382: 83 c4 10 add $0x10,%esp
/* Read system environment from the registry. */
RtlZeroMemory(&QueryTable,
401385: 83 ec 08 sub $0x8,%esp
401388: 6a 38 push $0x38
40138a: 8d 45 b8 lea 0xffffffb8(%ebp),%eax
40138d: 50 push %eax
40138e: e8 8d 26 00 00 call 403a20 <_RtlZeroMemory at 8>
401393: 83 c4 08 add $0x8,%esp
sizeof(QueryTable));
QueryTable[0].QueryRoutine = SmpEnvironmentQueryRoutine;
401396: c7 45 b8 f1 12 40 00 movl $0x4012f1,0xffffffb8(%ebp)
Status = RtlQueryRegistryValues(RTL_REGISTRY_CONTROL,
40139d: 83 ec 0c sub $0xc,%esp
4013a0: ff 35 20 60 40 00 pushl 0x406020
4013a6: 68 20 60 40 00 push $0x406020
4013ab: 8d 45 b8 lea 0xffffffb8(%ebp),%eax
4013ae: 50 push %eax
4013af: 68 00 53 40 00 push $0x405300
4013b4: 6a 02 push $0x2
4013b6: e8 75 26 00 00 call 403a30 <_RtlQueryRegistryValues at 20>
4013bb: 83 c4 0c add $0xc,%esp
4013be: 89 85 a4 fd ff ff mov %eax,0xfffffda4(%ebp)
L"\\Session Manager\\Environment",
QueryTable,
&SmSystemEnvironment,
SmSystemEnvironment);
return(Status);
4013c4: 8b 85 a4 fd ff ff mov 0xfffffda4(%ebp),%eax
}
4013ca: c9 leave
4013cb: c3 ret
004013cc <_SmUpdateEnvironment>:
/**********************************************************************
* Set environment variables from registry
*/
NTSTATUS
SmUpdateEnvironment(VOID)
{
4013cc: 55 push %ebp
4013cd: 89 e5 mov %esp,%ebp
/* TODO */
return STATUS_SUCCESS;
4013cf: b8 00 00 00 00 mov $0x0,%eax
}
4013d4: 5d pop %ebp
4013d5: c3 ret
4013d6: 90 nop
4013d7: 90 nop
4013d8: 90 nop
4013d9: 90 nop
4013da: 90 nop
4013db: 90 nop
4013dc: 90 nop
4013dd: 90 nop
4013de: 90 nop
4013df: 90 nop
004013e0 <_SmpObjectDirectoryQueryRoutine at 24>:
4013e0: 55 push %ebp
4013e1: 89 e5 mov %esp,%ebp
4013e3: 83 ec 48 sub $0x48,%esp
4013e6: c7 45 c8 00 00 00 00 movl $0x0,0xffffffc8(%ebp)
DbgPrint("ValueData '%S'\n", (PWSTR)ValueData);
#endif
if (ValueType != REG_SZ)
4013ed: 83 7d 0c 01 cmpl $0x1,0xc(%ebp)
4013f1: 74 09 je 4013fc <_SmpObjectDirectoryQueryRoutine at 24+0x1c>
{
return(STATUS_SUCCESS);
4013f3: c7 45 c4 00 00 00 00 movl $0x0,0xffffffc4(%ebp)
4013fa: eb 59 jmp 401455 <_SmpObjectDirectoryQueryRoutine at 24+0x75>
}
RtlInitUnicodeString(&UnicodeString,
4013fc: 83 ec 08 sub $0x8,%esp
4013ff: ff 75 10 pushl 0x10(%ebp)
401402: 8d 45 d0 lea 0xffffffd0(%ebp),%eax
401405: 50 push %eax
401406: e8 85 25 00 00 call 403990 <_RtlInitUnicodeString at 8>
40140b: 83 c4 08 add $0x8,%esp
(PWSTR)ValueData);
InitializeObjectAttributes(&ObjectAttributes,
40140e: c7 45 d8 18 00 00 00 movl $0x18,0xffffffd8(%ebp)
401415: 8d 45 d0 lea 0xffffffd0(%ebp),%eax
401418: 89 45 e0 mov %eax,0xffffffe0(%ebp)
40141b: c7 45 e4 00 00 00 00 movl $0x0,0xffffffe4(%ebp)
401422: c7 45 dc 00 00 00 00 movl $0x0,0xffffffdc(%ebp)
401429: c7 45 e8 00 00 00 00 movl $0x0,0xffffffe8(%ebp)
401430: c7 45 ec 00 00 00 00 movl $0x0,0xffffffec(%ebp)
&UnicodeString,
0,
NULL,
NULL);
Status = ZwCreateDirectoryObject(&WindowsDirectory,
401437: 83 ec 04 sub $0x4,%esp
40143a: 8d 45 d8 lea 0xffffffd8(%ebp),%eax
40143d: 50 push %eax
40143e: 6a 00 push $0x0
401440: 8d 45 cc lea 0xffffffcc(%ebp),%eax
401443: 50 push %eax
401444: e8 07 26 00 00 call 403a50 <_ZwCreateDirectoryObject at 12>
401449: 83 c4 04 add $0x4,%esp
40144c: 89 45 c8 mov %eax,0xffffffc8(%ebp)
0,
&ObjectAttributes);
return(Status);
40144f: 8b 45 c8 mov 0xffffffc8(%ebp),%eax
401452: 89 45 c4 mov %eax,0xffffffc4(%ebp)
}
401455: 8b 45 c4 mov 0xffffffc4(%ebp),%eax
401458: c9 leave
401459: c2 18 00 ret $0x18
0040145c <_SmCreateObjectDirectories>:
NTSTATUS
SmCreateObjectDirectories(VOID)
{
40145c: 55 push %ebp
40145d: 89 e5 mov %esp,%ebp
40145f: 83 ec 58 sub $0x58,%esp
RTL_QUERY_REGISTRY_TABLE QueryTable[2];
NTSTATUS Status;
RtlZeroMemory(&QueryTable,
401462: 83 ec 08 sub $0x8,%esp
401465: 6a 38 push $0x38
401467: 8d 45 b8 lea 0xffffffb8(%ebp),%eax
40146a: 50 push %eax
40146b: e8 b0 25 00 00 call 403a20 <_RtlZeroMemory at 8>
401470: 83 c4 08 add $0x8,%esp
sizeof(QueryTable));
QueryTable[0].Name = L"ObjectDirectories";
401473: c7 45 c0 40 53 40 00 movl $0x405340,0xffffffc0(%ebp)
QueryTable[0].QueryRoutine = SmpObjectDirectoryQueryRoutine;
40147a: c7 45 b8 e0 13 40 00 movl $0x4013e0,0xffffffb8(%ebp)
Status = RtlQueryRegistryValues(RTL_REGISTRY_CONTROL,
401481: 83 ec 0c sub $0xc,%esp
401484: 6a 00 push $0x0
401486: 6a 00 push $0x0
401488: 8d 45 b8 lea 0xffffffb8(%ebp),%eax
40148b: 50 push %eax
40148c: 68 80 53 40 00 push $0x405380
401491: 6a 02 push $0x2
401493: e8 98 25 00 00 call 403a30 <_RtlQueryRegistryValues at 20>
401498: 83 c4 0c add $0xc,%esp
40149b: 89 45 b4 mov %eax,0xffffffb4(%ebp)
SM_REGISTRY_ROOT_NAME,
QueryTable,
NULL,
NULL);
return(Status);
40149e: 8b 45 b4 mov 0xffffffb4(%ebp),%eax
}
4014a1: c9 leave
4014a2: c3 ret
4014a3: 90 nop
4014a4: 90 nop
4014a5: 90 nop
4014a6: 90 nop
4014a7: 90 nop
4014a8: 90 nop
4014a9: 90 nop
4014aa: 90 nop
4014ab: 90 nop
4014ac: 90 nop
4014ad: 90 nop
4014ae: 90 nop
4014af: 90 nop
004014b0 <_SmpDosDevicesQueryRoutine at 24>:
4014b0: 55 push %ebp
4014b1: 89 e5 mov %esp,%ebp
4014b3: 81 ec f8 00 00 00 sub $0xf8,%esp
4014b9: 83 7d 0c 01 cmpl $0x1,0xc(%ebp)
4014bd: 74 0f je 4014ce <_SmpDosDevicesQueryRoutine at 24+0x1e>
4014bf: c7 85 10 ff ff ff 00 movl $0x0,0xffffff10(%ebp)
4014c6: 00 00 00
4014c9: e9 db 00 00 00 jmp 4015a9 <_SmpDosDevicesQueryRoutine at 24+0xf9>
4014ce: 83 ec 04 sub $0x4,%esp
4014d1: ff 75 08 pushl 0x8(%ebp)
4014d4: 68 c0 53 40 00 push $0x4053c0
4014d9: 8d 85 18 ff ff ff lea 0xffffff18(%ebp),%eax
4014df: 50 push %eax
4014e0: e8 8b 25 00 00 call 403a70 <_swprintf>
4014e5: 83 c4 10 add $0x10,%esp
4014e8: 83 ec 08 sub $0x8,%esp
4014eb: 8d 85 18 ff ff ff lea 0xffffff18(%ebp),%eax
4014f1: 50 push %eax
4014f2: 8d 45 c8 lea 0xffffffc8(%ebp),%eax
4014f5: 50 push %eax
4014f6: e8 95 24 00 00 call 403990 <_RtlInitUnicodeString at 8>
4014fb: 83 c4 08 add $0x8,%esp
4014fe: 83 ec 08 sub $0x8,%esp
401501: ff 75 10 pushl 0x10(%ebp)
401504: 8d 45 d0 lea 0xffffffd0(%ebp),%eax
401507: 50 push %eax
401508: e8 83 24 00 00 call 403990 <_RtlInitUnicodeString at 8>
40150d: 83 c4 08 add $0x8,%esp
401510: c7 45 d8 18 00 00 00 movl $0x18,0xffffffd8(%ebp)
401517: 8d 45 c8 lea 0xffffffc8(%ebp),%eax
40151a: 89 45 e0 mov %eax,0xffffffe0(%ebp)
40151d: c7 45 e4 10 00 00 00 movl $0x10,0xffffffe4(%ebp)
401524: c7 45 dc 00 00 00 00 movl $0x0,0xffffffdc(%ebp)
40152b: c7 45 e8 00 00 00 00 movl $0x0,0xffffffe8(%ebp)
401532: c7 45 ec 00 00 00 00 movl $0x0,0xffffffec(%ebp)
401539: 8d 45 d0 lea 0xffffffd0(%ebp),%eax
40153c: 50 push %eax
40153d: 8d 45 d8 lea 0xffffffd8(%ebp),%eax
401540: 50 push %eax
401541: 68 01 00 0f 00 push $0xf0001
401546: 8d 45 c4 lea 0xffffffc4(%ebp),%eax
401549: 50 push %eax
40154a: e8 11 25 00 00 call 403a60 <_NtCreateSymbolicLinkObject at 16>
40154f: 89 85 14 ff ff ff mov %eax,0xffffff14(%ebp)
401555: 83 bd 14 ff ff ff 00 cmpl $0x0,0xffffff14(%ebp)
40155c: 79 31 jns 40158f <_SmpDosDevicesQueryRoutine at 24+0xdf>
40155e: 83 ec 04 sub $0x4,%esp
401561: 6a 4f push $0x4f
401563: 68 ce 53 40 00 push $0x4053ce
401568: 68 db 53 40 00 push $0x4053db
40156d: e8 6e 24 00 00 call 4039e0 <_DbgPrint>
401572: 83 c4 10 add $0x10,%esp
401575: 8d 45 d0 lea 0xffffffd0(%ebp),%eax
401578: 50 push %eax
401579: 8d 45 c8 lea 0xffffffc8(%ebp),%eax
40157c: 50 push %eax
40157d: 68 e4 53 40 00 push $0x4053e4
401582: 68 00 54 40 00 push $0x405400
401587: e8 54 24 00 00 call 4039e0 <_DbgPrint>
40158c: 83 c4 10 add $0x10,%esp
40158f: 83 ec 0c sub $0xc,%esp
401592: ff 75 c4 pushl 0xffffffc4(%ebp)
401595: e8 36 24 00 00 call 4039d0 <_NtClose at 4>
40159a: 83 c4 0c add $0xc,%esp
40159d: 8b 85 14 ff ff ff mov 0xffffff14(%ebp),%eax
4015a3: 89 85 10 ff ff ff mov %eax,0xffffff10(%ebp)
4015a9: 8b 85 10 ff ff ff mov 0xffffff10(%ebp),%eax
4015af: c9 leave
4015b0: c2 18 00 ret $0x18
004015b3 <_SmInitDosDevices>:
/* EOF */
4015b3: 55 push %ebp
4015b4: 89 e5 mov %esp,%ebp
4015b6: 83 ec 58 sub $0x58,%esp
4015b9: 83 ec 08 sub $0x8,%esp
4015bc: 6a 38 push $0x38
4015be: 8d 45 b8 lea 0xffffffb8(%ebp),%eax
4015c1: 50 push %eax
4015c2: e8 59 24 00 00 call 403a20 <_RtlZeroMemory at 8>
4015c7: 83 c4 08 add $0x8,%esp
4015ca: c7 45 b8 b0 14 40 00 movl $0x4014b0,0xffffffb8(%ebp)
4015d1: 83 ec 0c sub $0xc,%esp
4015d4: 6a 00 push $0x0
4015d6: 6a 00 push $0x0
4015d8: 8d 45 b8 lea 0xffffffb8(%ebp),%eax
4015db: 50 push %eax
4015dc: 68 40 54 40 00 push $0x405440
4015e1: 6a 02 push $0x2
4015e3: e8 48 24 00 00 call 403a30 <_RtlQueryRegistryValues at 20>
4015e8: 83 c4 0c add $0xc,%esp
4015eb: 89 45 b4 mov %eax,0xffffffb4(%ebp)
4015ee: 8b 45 b4 mov 0xffffffb4(%ebp),%eax
4015f1: c9 leave
4015f2: c3 ret
4015f3: 90 nop
4015f4: 90 nop
4015f5: 90 nop
4015f6: 90 nop
4015f7: 90 nop
4015f8: 90 nop
4015f9: 90 nop
4015fa: 90 nop
4015fb: 90 nop
4015fc: 90 nop
4015fd: 90 nop
4015fe: 90 nop
4015ff: 90 nop
00401600 <_SmpRunBootAppsQueryRoutine at 24>:
401600: 55 push %ebp
401601: 89 e5 mov %esp,%ebp
401603: 81 ec 68 08 00 00 sub $0x868,%esp
401609: 83 7d 0c 01 cmpl $0x1,0xc(%ebp)
40160d: 74 0f je 40161e <_SmpRunBootAppsQueryRoutine at 24+0x1e>
40160f: c7 85 a4 f7 ff ff 00 movl $0x0,0xfffff7a4(%ebp)
401616: 00 00 00
401619: e9 8f 01 00 00 jmp 4017ad <_SmpRunBootAppsQueryRoutine at 24+0x1ad>
40161e: 83 ec 08 sub $0x8,%esp
401621: 6a 20 push $0x20
401623: ff 75 10 pushl 0x10(%ebp)
401626: e8 85 24 00 00 call 403ab0 <_wcschr>
40162b: 83 c4 10 add $0x10,%esp
40162e: 89 85 b4 f7 ff ff mov %eax,0xfffff7b4(%ebp)
401634: 8b 55 10 mov 0x10(%ebp),%edx
401637: 8b 85 b4 f7 ff ff mov 0xfffff7b4(%ebp),%eax
40163d: 29 d0 sub %edx,%eax
40163f: d1 f8 sar %eax
401641: 89 85 ac f7 ff ff mov %eax,0xfffff7ac(%ebp)
401647: 83 ec 04 sub $0x4,%esp
40164a: 8b 85 ac f7 ff ff mov 0xfffff7ac(%ebp),%eax
401650: 01 c0 add %eax,%eax
401652: 50 push %eax
401653: ff 75 10 pushl 0x10(%ebp)
401656: 8d 85 e8 fd ff ff lea 0xfffffde8(%ebp),%eax
40165c: 50 push %eax
40165d: e8 3e 24 00 00 call 403aa0 <_memcpy>
401662: 83 c4 10 add $0x10,%esp
401665: 8b 85 ac f7 ff ff mov 0xfffff7ac(%ebp),%eax
40166b: 66 c7 84 45 e8 fd ff movw $0x0,0xfffffde8(%ebp,%eax,2)
401672: ff 00 00
401675: 8d 85 b4 f7 ff ff lea 0xfffff7b4(%ebp),%eax
40167b: 83 00 02 addl $0x2,(%eax)
40167e: 83 ec 08 sub $0x8,%esp
401681: 6a 20 push $0x20
401683: ff b5 b4 f7 ff ff pushl 0xfffff7b4(%ebp)
401689: e8 22 24 00 00 call 403ab0 <_wcschr>
40168e: 83 c4 10 add $0x10,%esp
401691: 89 85 b0 f7 ff ff mov %eax,0xfffff7b0(%ebp)
401697: 83 bd b0 f7 ff ff 00 cmpl $0x0,0xfffff7b0(%ebp)
40169e: 74 18 je 4016b8 <_SmpRunBootAppsQueryRoutine at 24+0xb8>
4016a0: 8b 95 b4 f7 ff ff mov 0xfffff7b4(%ebp),%edx
4016a6: 8b 85 b0 f7 ff ff mov 0xfffff7b0(%ebp),%eax
4016ac: 29 d0 sub %edx,%eax
4016ae: d1 f8 sar %eax
4016b0: 89 85 ac f7 ff ff mov %eax,0xfffff7ac(%ebp)
4016b6: eb 17 jmp 4016cf <_SmpRunBootAppsQueryRoutine at 24+0xcf>
4016b8: 83 ec 0c sub $0xc,%esp
4016bb: ff b5 b4 f7 ff ff pushl 0xfffff7b4(%ebp)
4016c1: e8 ca 23 00 00 call 403a90 <_wcslen>
4016c6: 83 c4 10 add $0x10,%esp
4016c9: 89 85 ac f7 ff ff mov %eax,0xfffff7ac(%ebp)
4016cf: 83 ec 04 sub $0x4,%esp
4016d2: 8b 85 ac f7 ff ff mov 0xfffff7ac(%ebp),%eax
4016d8: 01 c0 add %eax,%eax
4016da: 50 push %eax
4016db: ff b5 b4 f7 ff ff pushl 0xfffff7b4(%ebp)
4016e1: 8d 85 d8 fb ff ff lea 0xfffffbd8(%ebp),%eax
4016e7: 50 push %eax
4016e8: e8 b3 23 00 00 call 403aa0 <_memcpy>
4016ed: 83 c4 10 add $0x10,%esp
4016f0: 8b 85 ac f7 ff ff mov 0xfffff7ac(%ebp),%eax
4016f6: 66 c7 84 45 d8 fb ff movw $0x0,0xfffffbd8(%ebp,%eax,2)
4016fd: ff 00 00
401700: 83 bd b0 f7 ff ff 00 cmpl $0x0,0xfffff7b0(%ebp)
401707: 75 0b jne 401714 <_SmpRunBootAppsQueryRoutine at 24+0x114>
401709: 66 c7 85 b8 f7 ff ff movw $0x0,0xfffff7b8(%ebp)
401710: 00 00
401712: eb 21 jmp 401735 <_SmpRunBootAppsQueryRoutine at 24+0x135>
401714: 8d 85 b0 f7 ff ff lea 0xfffff7b0(%ebp),%eax
40171a: 83 00 02 addl $0x2,(%eax)
40171d: 83 ec 08 sub $0x8,%esp
401720: ff b5 b0 f7 ff ff pushl 0xfffff7b0(%ebp)
401726: 8d 85 b8 f7 ff ff lea 0xfffff7b8(%ebp),%eax
40172c: 50 push %eax
40172d: e8 0e 23 00 00 call 403a40 <_wcscpy>
401732: 83 c4 10 add $0x10,%esp
401735: 83 ec 08 sub $0x8,%esp
401738: 68 80 54 40 00 push $0x405480
40173d: 8d 85 c8 f9 ff ff lea 0xfffff9c8(%ebp),%eax
401743: 50 push %eax
401744: e8 f7 22 00 00 call 403a40 <_wcscpy>
401749: 83 c4 10 add $0x10,%esp
40174c: 83 ec 08 sub $0x8,%esp
40174f: 8d 85 d8 fb ff ff lea 0xfffffbd8(%ebp),%eax
401755: 50 push %eax
401756: 8d 85 c8 f9 ff ff lea 0xfffff9c8(%ebp),%eax
40175c: 50 push %eax
40175d: e8 1e 23 00 00 call 403a80 <_wcscat>
401762: 83 c4 10 add $0x10,%esp
401765: 83 ec 08 sub $0x8,%esp
401768: 68 ac 54 40 00 push $0x4054ac
40176d: 8d 85 c8 f9 ff ff lea 0xfffff9c8(%ebp),%eax
401773: 50 push %eax
401774: e8 07 23 00 00 call 403a80 <_wcscat>
401779: 83 c4 10 add $0x10,%esp
40177c: 83 ec 08 sub $0x8,%esp
40177f: 6a 00 push $0x0
401781: 6a 01 push $0x1
401783: 6a 00 push $0x0
401785: 6a 01 push $0x1
401787: 8d 85 b8 f7 ff ff lea 0xfffff7b8(%ebp),%eax
40178d: 50 push %eax
40178e: 8d 85 c8 f9 ff ff lea 0xfffff9c8(%ebp),%eax
401794: 50 push %eax
401795: e8 26 11 00 00 call 4028c0 <_SmCreateUserProcess at 24>
40179a: 83 c4 08 add $0x8,%esp
40179d: 89 85 a8 f7 ff ff mov %eax,0xfffff7a8(%ebp)
4017a3: c7 85 a4 f7 ff ff 00 movl $0x0,0xfffff7a4(%ebp)
4017aa: 00 00 00
4017ad: 8b 85 a4 f7 ff ff mov 0xfffff7a4(%ebp),%eax
4017b3: c9 leave
4017b4: c2 18 00 ret $0x18
004017b7 <_SmRunBootApplications>:
4017b7: 55 push %ebp
4017b8: 89 e5 mov %esp,%ebp
4017ba: 83 ec 58 sub $0x58,%esp
4017bd: 83 ec 08 sub $0x8,%esp
4017c0: 6a 38 push $0x38
4017c2: 8d 45 b8 lea 0xffffffb8(%ebp),%eax
4017c5: 50 push %eax
4017c6: e8 55 22 00 00 call 403a20 <_RtlZeroMemory at 8>
4017cb: 83 c4 08 add $0x8,%esp
4017ce: c7 45 c0 b6 54 40 00 movl $0x4054b6,0xffffffc0(%ebp)
4017d5: c7 45 b8 00 16 40 00 movl $0x401600,0xffffffb8(%ebp)
4017dc: 83 ec 0c sub $0xc,%esp
4017df: 6a 00 push $0x0
4017e1: 6a 00 push $0x0
4017e3: 8d 45 b8 lea 0xffffffb8(%ebp),%eax
4017e6: 50 push %eax
4017e7: 68 e0 54 40 00 push $0x4054e0
4017ec: 6a 02 push $0x2
4017ee: e8 3d 22 00 00 call 403a30 <_RtlQueryRegistryValues at 20>
4017f3: 83 c4 0c add $0xc,%esp
4017f6: 89 45 b4 mov %eax,0xffffffb4(%ebp)
NULL,
NULL);
if (!NT_SUCCESS(Status))
4017f9: 83 7d b4 00 cmpl $0x0,0xffffffb4(%ebp)
4017fd: 79 32 jns 401831 <_SmRunBootApplications+0x7a>
{
DPRINT1("%s: RtlQueryRegistryValues() failed! (Status %lx)\n",
4017ff: 83 ec 04 sub $0x4,%esp
401802: 68 8e 00 00 00 push $0x8e
401807: 68 02 55 40 00 push $0x405502
40180c: 68 0c 55 40 00 push $0x40550c
401811: e8 ca 21 00 00 call 4039e0 <_DbgPrint>
401816: 83 c4 10 add $0x10,%esp
401819: 83 ec 04 sub $0x4,%esp
40181c: ff 75 b4 pushl 0xffffffb4(%ebp)
40181f: 68 15 55 40 00 push $0x405515
401824: 68 40 55 40 00 push $0x405540
401829: e8 b2 21 00 00 call 4039e0 <_DbgPrint>
40182e: 83 c4 10 add $0x10,%esp
__FUNCTION__,
Status);
}
return(Status);
401831: 8b 45 b4 mov 0xffffffb4(%ebp),%eax
}
401834: c9 leave
401835: c3 ret
401836: 90 nop
401837: 90 nop
401838: 90 nop
401839: 90 nop
40183a: 90 nop
40183b: 90 nop
40183c: 90 nop
40183d: 90 nop
40183e: 90 nop
40183f: 90 nop
00401840 <_SmProcessFileRenameList>:
401840: 55 push %ebp
401841: 89 e5 mov %esp,%ebp
401843: b8 00 00 00 00 mov $0x0,%eax
401848: 5d pop %ebp
401849: c3 ret
40184a: 90 nop
40184b: 90 nop
40184c: 90 nop
40184d: 90 nop
40184e: 90 nop
40184f: 90 nop
00401850 <_SmpKnownDllsQueryRoutine at 24>:
401850: 55 push %ebp
401851: 89 e5 mov %esp,%ebp
401853: 83 ec 48 sub $0x48,%esp
401856: 83 ec 08 sub $0x8,%esp
401859: 68 80 55 40 00 push $0x405580
40185e: ff 75 08 pushl 0x8(%ebp)
401861: e8 ba 22 00 00 call 403b20 <__wcsicmp>
401866: 83 c4 10 add $0x10,%esp
401869: 85 c0 test %eax,%eax
40186b: 75 0c jne 401879 <_SmpKnownDllsQueryRoutine at 24+0x29>
40186d: c7 45 b8 00 00 00 00 movl $0x0,0xffffffb8(%ebp)
401874: e9 97 01 00 00 jmp 401a10 <_SmpKnownDllsQueryRoutine at 24+0x1c0>
401879: 83 ec 08 sub $0x8,%esp
40187c: ff 75 10 pushl 0x10(%ebp)
40187f: 8d 45 c8 lea 0xffffffc8(%ebp),%eax
401882: 50 push %eax
401883: e8 08 21 00 00 call 403990 <_RtlInitUnicodeString at 8>
401888: 83 c4 08 add $0x8,%esp
40188b: c7 45 d8 18 00 00 00 movl $0x18,0xffffffd8(%ebp)
401892: 8d 45 c8 lea 0xffffffc8(%ebp),%eax
401895: 89 45 e0 mov %eax,0xffffffe0(%ebp)
401898: c7 45 e4 40 00 00 00 movl $0x40,0xffffffe4(%ebp)
40189f: 8b 45 18 mov 0x18(%ebp),%eax
4018a2: 89 45 dc mov %eax,0xffffffdc(%ebp)
4018a5: c7 45 e8 00 00 00 00 movl $0x0,0xffffffe8(%ebp)
4018ac: c7 45 ec 00 00 00 00 movl $0x0,0xffffffec(%ebp)
4018b3: 83 ec 08 sub $0x8,%esp
4018b6: 6a 60 push $0x60
4018b8: 6a 01 push $0x1
4018ba: 8d 45 d0 lea 0xffffffd0(%ebp),%eax
4018bd: 50 push %eax
4018be: 8d 45 d8 lea 0xffffffd8(%ebp),%eax
4018c1: 50 push %eax
4018c2: 68 21 00 10 00 push $0x100021
4018c7: 8d 45 c4 lea 0xffffffc4(%ebp),%eax
4018ca: 50 push %eax
4018cb: e8 f0 21 00 00 call 403ac0 <_NtOpenFile at 24>
4018d0: 83 c4 08 add $0x8,%esp
4018d3: 89 45 bc mov %eax,0xffffffbc(%ebp)
4018d6: 83 7d bc 00 cmpl $0x0,0xffffffbc(%ebp)
4018da: 79 36 jns 401912 <_SmpKnownDllsQueryRoutine at 24+0xc2>
4018dc: 83 ec 04 sub $0x4,%esp
4018df: 6a 46 push $0x46
4018e1: 68 9a 55 40 00 push $0x40559a
4018e6: 68 a6 55 40 00 push $0x4055a6
4018eb: e8 f0 20 00 00 call 4039e0 <_DbgPrint>
4018f0: 83 c4 10 add $0x10,%esp
4018f3: 83 ec 08 sub $0x8,%esp
4018f6: ff 75 bc pushl 0xffffffbc(%ebp)
4018f9: 68 c0 55 40 00 push $0x4055c0
4018fe: e8 dd 20 00 00 call 4039e0 <_DbgPrint>
401903: 83 c4 10 add $0x10,%esp
401906: c7 45 b8 00 00 00 00 movl $0x0,0xffffffb8(%ebp)
40190d: e9 fe 00 00 00 jmp 401a10 <_SmpKnownDllsQueryRoutine at 24+0x1c0>
401912: 6a 00 push $0x0
401914: 6a 00 push $0x0
401916: 6a 00 push $0x0
401918: ff 75 c4 pushl 0xffffffc4(%ebp)
40191b: e8 b0 21 00 00 call 403ad0 <_LdrVerifyImageMatchesChecksum at 16>
401920: 89 45 bc mov %eax,0xffffffbc(%ebp)
401923: 81 7d bc 21 02 00 c0 cmpl $0xc0000221,0xffffffbc(%ebp)
40192a: 75 1a jne 401946 <_SmpKnownDllsQueryRoutine at 24+0xf6>
40192c: 83 ec 08 sub $0x8,%esp
40192f: 6a 00 push $0x0
401931: 6a 00 push $0x0
401933: 6a 00 push $0x0
401935: 6a 00 push $0x0
401937: 6a 00 push $0x0
401939: ff 75 bc pushl 0xffffffbc(%ebp)
40193c: e8 9f 21 00 00 call 403ae0 <_NtRaiseHardError at 24>
401941: 83 c4 08 add $0x8,%esp
401944: eb 52 jmp 401998 <_SmpKnownDllsQueryRoutine at 24+0x148>
401946: 83 7d bc 00 cmpl $0x0,0xffffffbc(%ebp)
40194a: 79 4c jns 401998 <_SmpKnownDllsQueryRoutine at 24+0x148>
{
DPRINT1("Failed to check the image checksum\n");
40194c: 83 ec 04 sub $0x4,%esp
40194f: 6a 5d push $0x5d
401951: 68 9a 55 40 00 push $0x40559a
401956: 68 a6 55 40 00 push $0x4055a6
40195b: e8 80 20 00 00 call 4039e0 <_DbgPrint>
401960: 83 c4 10 add $0x10,%esp
401963: 83 ec 0c sub $0xc,%esp
401966: 68 00 56 40 00 push $0x405600
40196b: e8 70 20 00 00 call 4039e0 <_DbgPrint>
401970: 83 c4 10 add $0x10,%esp
NtClose(SectionHandle);
401973: 83 ec 0c sub $0xc,%esp
401976: ff 75 c0 pushl 0xffffffc0(%ebp)
401979: e8 52 20 00 00 call 4039d0 <_NtClose at 4>
40197e: 83 c4 0c add $0xc,%esp
NtClose(FileHandle);
401981: 83 ec 0c sub $0xc,%esp
401984: ff 75 c4 pushl 0xffffffc4(%ebp)
401987: e8 44 20 00 00 call 4039d0 <_NtClose at 4>
40198c: 83 c4 0c add $0xc,%esp
return STATUS_SUCCESS;
40198f: c7 45 b8 00 00 00 00 movl $0x0,0xffffffb8(%ebp)
401996: eb 78 jmp 401a10 <_SmpKnownDllsQueryRoutine at 24+0x1c0>
}
InitializeObjectAttributes(&ObjectAttributes,
401998: c7 45 d8 18 00 00 00 movl $0x18,0xffffffd8(%ebp)
40199f: 8d 45 c8 lea 0xffffffc8(%ebp),%eax
4019a2: 89 45 e0 mov %eax,0xffffffe0(%ebp)
4019a5: c7 45 e4 50 00 00 00 movl $0x50,0xffffffe4(%ebp)
4019ac: 8b 45 1c mov 0x1c(%ebp),%eax
4019af: 89 45 dc mov %eax,0xffffffdc(%ebp)
4019b2: c7 45 e8 00 00 00 00 movl $0x0,0xffffffe8(%ebp)
4019b9: c7 45 ec 00 00 00 00 movl $0x0,0xffffffec(%ebp)
&ImageName,
OBJ_CASE_INSENSITIVE | OBJ_PERMANENT,
(HANDLE)EntryContext,
NULL);
Status = NtCreateSection(&SectionHandle,
4019c0: 83 ec 04 sub $0x4,%esp
4019c3: ff 75 c4 pushl 0xffffffc4(%ebp)
4019c6: 68 00 00 00 01 push $0x1000000
4019cb: 6a 10 push $0x10
4019cd: 6a 00 push $0x0
4019cf: 8d 45 d8 lea 0xffffffd8(%ebp),%eax
4019d2: 50 push %eax
4019d3: 68 1f 00 0f 00 push $0xf001f
4019d8: 8d 45 c0 lea 0xffffffc0(%ebp),%eax
4019db: 50 push %eax
4019dc: e8 0f 21 00 00 call 403af0 <_NtCreateSection at 28>
4019e1: 83 c4 04 add $0x4,%esp
4019e4: 89 45 bc mov %eax,0xffffffbc(%ebp)
SECTION_ALL_ACCESS,
&ObjectAttributes,
NULL,
PAGE_EXECUTE,
SEC_IMAGE,
FileHandle);
if (NT_SUCCESS(Status))
4019e7: 83 7d bc 00 cmpl $0x0,0xffffffbc(%ebp)
4019eb: 78 0e js 4019fb <_SmpKnownDllsQueryRoutine at 24+0x1ab>
{
DPRINT("Created section successfully\n");
NtClose(SectionHandle);
4019ed: 83 ec 0c sub $0xc,%esp
4019f0: ff 75 c0 pushl 0xffffffc0(%ebp)
4019f3: e8 d8 1f 00 00 call 4039d0 <_NtClose at 4>
4019f8: 83 c4 0c add $0xc,%esp
}
NtClose(FileHandle);
4019fb: 83 ec 0c sub $0xc,%esp
4019fe: ff 75 c4 pushl 0xffffffc4(%ebp)
401a01: e8 ca 1f 00 00 call 4039d0 <_NtClose at 4>
401a06: 83 c4 0c add $0xc,%esp
return STATUS_SUCCESS;
401a09: c7 45 b8 00 00 00 00 movl $0x0,0xffffffb8(%ebp)
}
401a10: 8b 45 b8 mov 0xffffffb8(%ebp),%eax
401a13: c9 leave
401a14: c2 18 00 ret $0x18
00401a17 <_SmLoadKnownDlls>:
NTSTATUS
SmLoadKnownDlls(VOID)
{
401a17: 55 push %ebp
401a18: 89 e5 mov %esp,%ebp
401a1a: 81 ec a8 00 00 00 sub $0xa8,%esp
RTL_QUERY_REGISTRY_TABLE QueryTable[2];
OBJECT_ATTRIBUTES ObjectAttributes;
IO_STATUS_BLOCK IoStatusBlock;
UNICODE_STRING DllDosPath;
UNICODE_STRING DllNtPath;
UNICODE_STRING Name;
HANDLE ObjectDirHandle;
HANDLE FileDirHandle;
HANDLE SymlinkHandle;
NTSTATUS Status;
DPRINT("SM: loading well-known DLLs\n");
DPRINT("SmLoadKnownDlls() called\n");
/* Create 'KnownDlls' object directory */
RtlInitUnicodeString(&Name,
401a20: 83 ec 08 sub $0x8,%esp
401a23: 68 24 56 40 00 push $0x405624
401a28: 8d 85 78 ff ff ff lea 0xffffff78(%ebp),%eax
401a2e: 50 push %eax
401a2f: e8 5c 1f 00 00 call 403990 <_RtlInitUnicodeString at 8>
401a34: 83 c4 08 add $0x8,%esp
L"\\KnownDlls");
InitializeObjectAttributes(&ObjectAttributes,
401a37: c7 45 98 18 00 00 00 movl $0x18,0xffffff98(%ebp)
401a3e: 8d 85 78 ff ff ff lea 0xffffff78(%ebp),%eax
401a44: 89 45 a0 mov %eax,0xffffffa0(%ebp)
401a47: c7 45 a4 d0 00 00 00 movl $0xd0,0xffffffa4(%ebp)
401a4e: c7 45 9c 00 00 00 00 movl $0x0,0xffffff9c(%ebp)
401a55: c7 45 a8 00 00 00 00 movl $0x0,0xffffffa8(%ebp)
401a5c: c7 45 ac 00 00 00 00 movl $0x0,0xffffffac(%ebp)
&Name,
OBJ_PERMANENT | OBJ_CASE_INSENSITIVE | OBJ_OPENIF,
NULL,
NULL);
Status = NtCreateDirectoryObject(&ObjectDirHandle,
401a63: 83 ec 04 sub $0x4,%esp
401a66: 8d 45 98 lea 0xffffff98(%ebp),%eax
401a69: 50 push %eax
401a6a: 68 0f 00 0f 00 push $0xf000f
401a6f: 8d 85 74 ff ff ff lea 0xffffff74(%ebp),%eax
401a75: 50 push %eax
401a76: e8 85 20 00 00 call 403b00 <_NtCreateDirectoryObject at 12>
401a7b: 83 c4 04 add $0x4,%esp
401a7e: 89 85 68 ff ff ff mov %eax,0xffffff68(%ebp)
DIRECTORY_ALL_ACCESS,
&ObjectAttributes);
if (!NT_SUCCESS(Status))
401a84: 83 bd 68 ff ff ff 00 cmpl $0x0,0xffffff68(%ebp)
401a8b: 79 41 jns 401ace <_SmLoadKnownDlls+0xb7>
{
DPRINT1("NtCreateDirectoryObject() failed (Status %lx)\n", Status);
401a8d: 83 ec 04 sub $0x4,%esp
401a90: 68 9d 00 00 00 push $0x9d
401a95: 68 9a 55 40 00 push $0x40559a
401a9a: 68 a6 55 40 00 push $0x4055a6
401a9f: e8 3c 1f 00 00 call 4039e0 <_DbgPrint>
401aa4: 83 c4 10 add $0x10,%esp
401aa7: 83 ec 08 sub $0x8,%esp
401aaa: ff b5 68 ff ff ff pushl 0xffffff68(%ebp)
401ab0: 68 40 56 40 00 push $0x405640
401ab5: e8 26 1f 00 00 call 4039e0 <_DbgPrint>
401aba: 83 c4 10 add $0x10,%esp
return Status;
401abd: 8b 85 68 ff ff ff mov 0xffffff68(%ebp),%eax
401ac3: 89 85 64 ff ff ff mov %eax,0xffffff64(%ebp)
401ac9: e9 da 02 00 00 jmp 401da8 <_SmLoadKnownDlls+0x391>
}
RtlInitUnicodeString(&DllDosPath, NULL);
401ace: 83 ec 08 sub $0x8,%esp
401ad1: 6a 00 push $0x0
401ad3: 8d 45 88 lea 0xffffff88(%ebp),%eax
401ad6: 50 push %eax
401ad7: e8 b4 1e 00 00 call 403990 <_RtlInitUnicodeString at 8>
401adc: 83 c4 08 add $0x8,%esp
RtlZeroMemory(&QueryTable,
401adf: 83 ec 08 sub $0x8,%esp
401ae2: 6a 38 push $0x38
401ae4: 8d 45 b8 lea 0xffffffb8(%ebp),%eax
401ae7: 50 push %eax
401ae8: e8 33 1f 00 00 call 403a20 <_RtlZeroMemory at 8>
401aed: 83 c4 08 add $0x8,%esp
sizeof(QueryTable));
QueryTable[0].Name = L"DllDirectory";
401af0: c7 45 c0 80 55 40 00 movl $0x405580,0xffffffc0(%ebp)
QueryTable[0].Flags = RTL_QUERY_REGISTRY_DIRECT;
401af7: c7 45 bc 20 00 00 00 movl $0x20,0xffffffbc(%ebp)
QueryTable[0].EntryContext = &DllDosPath;
401afe: 8d 45 88 lea 0xffffff88(%ebp),%eax
401b01: 89 45 c4 mov %eax,0xffffffc4(%ebp)
Status = RtlQueryRegistryValues(RTL_REGISTRY_CONTROL,
401b04: 83 ec 0c sub $0xc,%esp
401b07: ff 35 20 60 40 00 pushl 0x406020
401b0d: 6a 00 push $0x0
401b0f: 8d 45 b8 lea 0xffffffb8(%ebp),%eax
401b12: 50 push %eax
401b13: 68 80 56 40 00 push $0x405680
401b18: 6a 02 push $0x2
401b1a: e8 11 1f 00 00 call 403a30 <_RtlQueryRegistryValues at 20>
401b1f: 83 c4 0c add $0xc,%esp
401b22: 89 85 68 ff ff ff mov %eax,0xffffff68(%ebp)
L"\\Session Manager\\KnownDlls",
QueryTable,
NULL,
SmSystemEnvironment);
if (!NT_SUCCESS(Status))
401b28: 83 bd 68 ff ff ff 00 cmpl $0x0,0xffffff68(%ebp)
401b2f: 79 41 jns 401b72 <_SmLoadKnownDlls+0x15b>
{
DPRINT1("RtlQueryRegistryValues() failed (Status %lx)\n", Status);
401b31: 83 ec 04 sub $0x4,%esp
401b34: 68 b1 00 00 00 push $0xb1
401b39: 68 9a 55 40 00 push $0x40559a
401b3e: 68 a6 55 40 00 push $0x4055a6
401b43: e8 98 1e 00 00 call 4039e0 <_DbgPrint>
401b48: 83 c4 10 add $0x10,%esp
401b4b: 83 ec 08 sub $0x8,%esp
401b4e: ff b5 68 ff ff ff pushl 0xffffff68(%ebp)
401b54: 68 c0 56 40 00 push $0x4056c0
401b59: e8 82 1e 00 00 call 4039e0 <_DbgPrint>
401b5e: 83 c4 10 add $0x10,%esp
return Status;
401b61: 8b 85 68 ff ff ff mov 0xffffff68(%ebp),%eax
401b67: 89 85 64 ff ff ff mov %eax,0xffffff64(%ebp)
401b6d: e9 36 02 00 00 jmp 401da8 <_SmLoadKnownDlls+0x391>
}
DPRINT("DllDosPath: '%wZ'\n", &DllDosPath);
if (!RtlDosPathNameToNtPathName_U(DllDosPath.Buffer,
401b72: 6a 00 push $0x0
401b74: 6a 00 push $0x0
401b76: 8d 45 80 lea 0xffffff80(%ebp),%eax
401b79: 50 push %eax
401b7a: ff 75 8c pushl 0xffffff8c(%ebp)
401b7d: e8 8e 1f 00 00 call 403b10 <_RtlDosPathNameToNtPathName_U at 16>
401b82: 84 c0 test %al,%al
401b84: 75 39 jne 401bbf <_SmLoadKnownDlls+0x1a8>
&DllNtPath,
NULL,
NULL))
{
DPRINT1("RtlDosPathNameToNtPathName_U() failed\n");
401b86: 83 ec 04 sub $0x4,%esp
401b89: 68 bc 00 00 00 push $0xbc
401b8e: 68 9a 55 40 00 push $0x40559a
401b93: 68 a6 55 40 00 push $0x4055a6
401b98: e8 43 1e 00 00 call 4039e0 <_DbgPrint>
401b9d: 83 c4 10 add $0x10,%esp
401ba0: 83 ec 0c sub $0xc,%esp
401ba3: 68 00 57 40 00 push $0x405700
401ba8: e8 33 1e 00 00 call 4039e0 <_DbgPrint>
401bad: 83 c4 10 add $0x10,%esp
return STATUS_OBJECT_NAME_INVALID;
401bb0: c7 85 64 ff ff ff 33 movl $0xc0000033,0xffffff64(%ebp)
401bb7: 00 00 c0
401bba: e9 e9 01 00 00 jmp 401da8 <_SmLoadKnownDlls+0x391>
}
DPRINT("DllNtPath: '%wZ'\n", &DllNtPath);
/* Open the dll path directory */
InitializeObjectAttributes(&ObjectAttributes,
401bbf: c7 45 98 18 00 00 00 movl $0x18,0xffffff98(%ebp)
401bc6: 8d 45 80 lea 0xffffff80(%ebp),%eax
401bc9: 89 45 a0 mov %eax,0xffffffa0(%ebp)
401bcc: c7 45 a4 40 00 00 00 movl $0x40,0xffffffa4(%ebp)
401bd3: c7 45 9c 00 00 00 00 movl $0x0,0xffffff9c(%ebp)
401bda: c7 45 a8 00 00 00 00 movl $0x0,0xffffffa8(%ebp)
401be1: c7 45 ac 00 00 00 00 movl $0x0,0xffffffac(%ebp)
&DllNtPath,
OBJ_CASE_INSENSITIVE,
NULL,
NULL);
Status = NtOpenFile(&FileDirHandle,
401be8: 83 ec 08 sub $0x8,%esp
401beb: 6a 21 push $0x21
401bed: 6a 03 push $0x3
401bef: 8d 45 90 lea 0xffffff90(%ebp),%eax
401bf2: 50 push %eax
401bf3: 8d 45 98 lea 0xffffff98(%ebp),%eax
401bf6: 50 push %eax
401bf7: 68 01 00 10 00 push $0x100001
401bfc: 8d 85 70 ff ff ff lea 0xffffff70(%ebp),%eax
401c02: 50 push %eax
401c03: e8 b8 1e 00 00 call 403ac0 <_NtOpenFile at 24>
401c08: 83 c4 08 add $0x8,%esp
401c0b: 89 85 68 ff ff ff mov %eax,0xffffff68(%ebp)
SYNCHRONIZE | FILE_READ_DATA,
&ObjectAttributes,
&IoStatusBlock,
FILE_SHARE_READ | FILE_SHARE_WRITE,
FILE_SYNCHRONOUS_IO_NONALERT | FILE_DIRECTORY_FILE);
if (!NT_SUCCESS(Status))
401c11: 83 bd 68 ff ff ff 00 cmpl $0x0,0xffffff68(%ebp)
401c18: 79 45 jns 401c5f <_SmLoadKnownDlls+0x248>
{
DPRINT1("NtOpenFile(%wZ) failed (Status %lx)\n", &DllNtPath, Status);
401c1a: 83 ec 04 sub $0x4,%esp
401c1d: 68 d0 00 00 00 push $0xd0
401c22: 68 9a 55 40 00 push $0x40559a
401c27: 68 a6 55 40 00 push $0x4055a6
401c2c: e8 af 1d 00 00 call 4039e0 <_DbgPrint>
401c31: 83 c4 10 add $0x10,%esp
401c34: 83 ec 04 sub $0x4,%esp
401c37: ff b5 68 ff ff ff pushl 0xffffff68(%ebp)
401c3d: 8d 45 80 lea 0xffffff80(%ebp),%eax
401c40: 50 push %eax
401c41: 68 40 57 40 00 push $0x405740
401c46: e8 95 1d 00 00 call 4039e0 <_DbgPrint>
401c4b: 83 c4 10 add $0x10,%esp
return Status;
401c4e: 8b 85 68 ff ff ff mov 0xffffff68(%ebp),%eax
401c54: 89 85 64 ff ff ff mov %eax,0xffffff64(%ebp)
401c5a: e9 49 01 00 00 jmp 401da8 <_SmLoadKnownDlls+0x391>
}
/* Link 'KnownDllPath' the dll path directory */
RtlInitUnicodeString(&Name,
401c5f: 83 ec 08 sub $0x8,%esp
401c62: 68 66 57 40 00 push $0x405766
401c67: 8d 85 78 ff ff ff lea 0xffffff78(%ebp),%eax
401c6d: 50 push %eax
401c6e: e8 1d 1d 00 00 call 403990 <_RtlInitUnicodeString at 8>
401c73: 83 c4 08 add $0x8,%esp
L"KnownDllPath");
InitializeObjectAttributes(&ObjectAttributes,
401c76: c7 45 98 18 00 00 00 movl $0x18,0xffffff98(%ebp)
401c7d: 8d 85 78 ff ff ff lea 0xffffff78(%ebp),%eax
401c83: 89 45 a0 mov %eax,0xffffffa0(%ebp)
401c86: c7 45 a4 d0 00 00 00 movl $0xd0,0xffffffa4(%ebp)
401c8d: 8b 85 74 ff ff ff mov 0xffffff74(%ebp),%eax
401c93: 89 45 9c mov %eax,0xffffff9c(%ebp)
401c96: c7 45 a8 00 00 00 00 movl $0x0,0xffffffa8(%ebp)
401c9d: c7 45 ac 00 00 00 00 movl $0x0,0xffffffac(%ebp)
&Name,
OBJ_PERMANENT | OBJ_CASE_INSENSITIVE | OBJ_OPENIF,
ObjectDirHandle,
NULL);
Status = NtCreateSymbolicLinkObject(&SymlinkHandle,
401ca4: 8d 45 88 lea 0xffffff88(%ebp),%eax
401ca7: 50 push %eax
401ca8: 8d 45 98 lea 0xffffff98(%ebp),%eax
401cab: 50 push %eax
401cac: 68 01 00 0f 00 push $0xf0001
401cb1: 8d 85 6c ff ff ff lea 0xffffff6c(%ebp),%eax
401cb7: 50 push %eax
401cb8: e8 a3 1d 00 00 call 403a60 <_NtCreateSymbolicLinkObject at 16>
401cbd: 89 85 68 ff ff ff mov %eax,0xffffff68(%ebp)
SYMBOLIC_LINK_ALL_ACCESS,
&ObjectAttributes,
&DllDosPath);
if (!NT_SUCCESS(Status))
401cc3: 83 bd 68 ff ff ff 00 cmpl $0x0,0xffffff68(%ebp)
401cca: 79 41 jns 401d0d <_SmLoadKnownDlls+0x2f6>
{
DPRINT1("NtCreateSymbolicLink() failed (Status %lx)\n", Status);
401ccc: 83 ec 04 sub $0x4,%esp
401ccf: 68 e2 00 00 00 push $0xe2
401cd4: 68 9a 55 40 00 push $0x40559a
401cd9: 68 a6 55 40 00 push $0x4055a6
401cde: e8 fd 1c 00 00 call 4039e0 <_DbgPrint>
401ce3: 83 c4 10 add $0x10,%esp
401ce6: 83 ec 08 sub $0x8,%esp
401ce9: ff b5 68 ff ff ff pushl 0xffffff68(%ebp)
401cef: 68 80 57 40 00 push $0x405780
401cf4: e8 e7 1c 00 00 call 4039e0 <_DbgPrint>
401cf9: 83 c4 10 add $0x10,%esp
return Status;
401cfc: 8b 85 68 ff ff ff mov 0xffffff68(%ebp),%eax
401d02: 89 85 64 ff ff ff mov %eax,0xffffff64(%ebp)
401d08: e9 9b 00 00 00 jmp 401da8 <_SmLoadKnownDlls+0x391>
}
NtClose(SymlinkHandle);
401d0d: 83 ec 0c sub $0xc,%esp
401d10: ff b5 6c ff ff ff pushl 0xffffff6c(%ebp)
401d16: e8 b5 1c 00 00 call 4039d0 <_NtClose at 4>
401d1b: 83 c4 0c add $0xc,%esp
RtlZeroMemory(&QueryTable,
401d1e: 83 ec 08 sub $0x8,%esp
401d21: 6a 38 push $0x38
401d23: 8d 45 b8 lea 0xffffffb8(%ebp),%eax
401d26: 50 push %eax
401d27: e8 f4 1c 00 00 call 403a20 <_RtlZeroMemory at 8>
401d2c: 83 c4 08 add $0x8,%esp
sizeof(QueryTable));
QueryTable[0].QueryRoutine = SmpKnownDllsQueryRoutine;
401d2f: c7 45 b8 50 18 40 00 movl $0x401850,0xffffffb8(%ebp)
QueryTable[0].EntryContext = ObjectDirHandle;
401d36: 8b 85 74 ff ff ff mov 0xffffff74(%ebp),%eax
401d3c: 89 45 c4 mov %eax,0xffffffc4(%ebp)
Status = RtlQueryRegistryValues(RTL_REGISTRY_CONTROL,
401d3f: 83 ec 0c sub $0xc,%esp
401d42: 6a 00 push $0x0
401d44: ff b5 70 ff ff ff pushl 0xffffff70(%ebp)
401d4a: 8d 45 b8 lea 0xffffffb8(%ebp),%eax
401d4d: 50 push %eax
401d4e: 68 80 56 40 00 push $0x405680
401d53: 6a 02 push $0x2
401d55: e8 d6 1c 00 00 call 403a30 <_RtlQueryRegistryValues at 20>
401d5a: 83 c4 0c add $0xc,%esp
401d5d: 89 85 68 ff ff ff mov %eax,0xffffff68(%ebp)
L"\\Session Manager\\KnownDlls",
QueryTable,
(PVOID)FileDirHandle,
NULL);
if (!NT_SUCCESS(Status))
401d63: 83 bd 68 ff ff ff 00 cmpl $0x0,0xffffff68(%ebp)
401d6a: 79 30 jns 401d9c <_SmLoadKnownDlls+0x385>
{
DPRINT1("RtlQueryRegistryValues() failed (Status %lx)\n", Status);
401d6c: 83 ec 04 sub $0x4,%esp
401d6f: 68 f5 00 00 00 push $0xf5
401d74: 68 9a 55 40 00 push $0x40559a
401d79: 68 a6 55 40 00 push $0x4055a6
401d7e: e8 5d 1c 00 00 call 4039e0 <_DbgPrint>
401d83: 83 c4 10 add $0x10,%esp
401d86: 83 ec 08 sub $0x8,%esp
401d89: ff b5 68 ff ff ff pushl 0xffffff68(%ebp)
401d8f: 68 c0 56 40 00 push $0x4056c0
401d94: e8 47 1c 00 00 call 4039e0 <_DbgPrint>
401d99: 83 c4 10 add $0x10,%esp
}
DPRINT("SmLoadKnownDlls() done\n");
return Status;
401d9c: 8b 85 68 ff ff ff mov 0xffffff68(%ebp),%eax
401da2: 89 85 64 ff ff ff mov %eax,0xffffff64(%ebp)
}
401da8: 8b 85 64 ff ff ff mov 0xffffff64(%ebp),%eax
401dae: c9 leave
401daf: c3 ret
00401db0 <_SmpPagingFilesQueryRoutine at 24>:
401db0: 55 push %ebp
401db1: 89 e5 mov %esp,%ebp
401db3: 83 ec 28 sub $0x28,%esp
401db6: 83 7d 0c 01 cmpl $0x1,0xc(%ebp)
401dba: 74 0c je 401dc8 <_SmpPagingFilesQueryRoutine at 24+0x18>
401dbc: c7 45 dc 00 00 00 00 movl $0x0,0xffffffdc(%ebp)
401dc3: e9 e9 00 00 00 jmp 401eb1 <_SmpPagingFilesQueryRoutine at 24+0x101>
401dc8: 83 ec 08 sub $0x8,%esp
401dcb: 6a 20 push $0x20
401dcd: ff 75 10 pushl 0x10(%ebp)
401dd0: e8 db 1c 00 00 call 403ab0 <_wcschr>
401dd5: 83 c4 10 add $0x10,%esp
401dd8: 89 45 e0 mov %eax,0xffffffe0(%ebp)
401ddb: 83 7d e0 00 cmpl $0x0,0xffffffe0(%ebp)
401ddf: 74 6b je 401e4c <_SmpPagingFilesQueryRoutine at 24+0x9c>
401de1: 8b 45 e0 mov 0xffffffe0(%ebp),%eax
401de4: 66 c7 00 00 00 movw $0x0,(%eax)
401de9: 83 ec 04 sub $0x4,%esp
401dec: 6a 00 push $0x0
401dee: 8d 45 e0 lea 0xffffffe0(%ebp),%eax
401df1: 50 push %eax
401df2: 8b 45 e0 mov 0xffffffe0(%ebp),%eax
401df5: 83 c0 02 add $0x2,%eax
401df8: 50 push %eax
401df9: e8 62 1d 00 00 call 403b60 <_wcstoul>
401dfe: 83 c4 10 add $0x10,%esp
401e01: c1 e0 14 shl $0x14,%eax
401e04: ba 00 00 00 00 mov $0x0,%edx
401e09: 89 45 f0 mov %eax,0xfffffff0(%ebp)
401e0c: 89 55 f4 mov %edx,0xfffffff4(%ebp)
401e0f: 8b 45 e0 mov 0xffffffe0(%ebp),%eax
401e12: 66 83 38 20 cmpw $0x20,(%eax)
401e16: 75 26 jne 401e3e <_SmpPagingFilesQueryRoutine at 24+0x8e>
401e18: 83 ec 04 sub $0x4,%esp
401e1b: 6a 00 push $0x0
401e1d: 6a 00 push $0x0
401e1f: 8b 45 e0 mov 0xffffffe0(%ebp),%eax
401e22: 83 c0 02 add $0x2,%eax
401e25: 50 push %eax
401e26: e8 35 1d 00 00 call 403b60 <_wcstoul>
401e2b: 83 c4 10 add $0x10,%esp
401e2e: c1 e0 14 shl $0x14,%eax
401e31: ba 00 00 00 00 mov $0x0,%edx
401e36: 89 45 e8 mov %eax,0xffffffe8(%ebp)
401e39: 89 55 ec mov %edx,0xffffffec(%ebp)
401e3c: eb 2a jmp 401e68 <_SmpPagingFilesQueryRoutine at 24+0xb8>
401e3e: 8b 45 f0 mov 0xfffffff0(%ebp),%eax
401e41: 8b 55 f4 mov 0xfffffff4(%ebp),%edx
401e44: 89 45 e8 mov %eax,0xffffffe8(%ebp)
401e47: 89 55 ec mov %edx,0xffffffec(%ebp)
401e4a: eb 1c jmp 401e68 <_SmpPagingFilesQueryRoutine at 24+0xb8>
401e4c: c7 45 f0 00 20 03 00 movl $0x32000,0xfffffff0(%ebp)
401e53: c7 45 f4 00 00 00 00 movl $0x0,0xfffffff4(%ebp)
401e5a: c7 45 e8 00 00 05 00 movl $0x50000,0xffffffe8(%ebp)
401e61: c7 45 ec 00 00 00 00 movl $0x0,0xffffffec(%ebp)
401e68: 6a 00 push $0x0
401e6a: 6a 00 push $0x0
401e6c: 8d 45 f8 lea 0xfffffff8(%ebp),%eax
401e6f: 50 push %eax
401e70: ff 75 10 pushl 0x10(%ebp)
401e73: e8 98 1c 00 00 call 403b10 <_RtlDosPathNameToNtPathName_U at 16>
401e78: 84 c0 test %al,%al
401e7a: 75 09 jne 401e85 <_SmpPagingFilesQueryRoutine at 24+0xd5>
401e7c: c7 45 dc 00 00 00 00 movl $0x0,0xffffffdc(%ebp)
401e83: eb 2c jmp 401eb1 <_SmpPagingFilesQueryRoutine at 24+0x101>
401e85: 6a 00 push $0x0
401e87: 8d 45 e8 lea 0xffffffe8(%ebp),%eax
401e8a: 50 push %eax
401e8b: 8d 45 f0 lea 0xfffffff0(%ebp),%eax
401e8e: 50 push %eax
401e8f: 8d 45 f8 lea 0xfffffff8(%ebp),%eax
401e92: 50 push %eax
401e93: e8 98 1c 00 00 call 403b30 <_NtCreatePagingFile at 16>
401e98: 89 45 e4 mov %eax,0xffffffe4(%ebp)
401e9b: 83 ec 0c sub $0xc,%esp
401e9e: 8d 45 f8 lea 0xfffffff8(%ebp),%eax
401ea1: 50 push %eax
401ea2: e8 99 1c 00 00 call 403b40 <_RtlFreeUnicodeString at 4>
401ea7: 83 c4 0c add $0xc,%esp
401eaa: c7 45 dc 00 00 00 00 movl $0x0,0xffffffdc(%ebp)
401eb1: 8b 45 dc mov 0xffffffdc(%ebp),%eax
401eb4: c9 leave
401eb5: c2 18 00 ret $0x18
00401eb8 <_SmCreatePagingFiles>:
401eb8: 55 push %ebp
401eb9: 89 e5 mov %esp,%ebp
401ebb: 83 ec 58 sub $0x58,%esp
401ebe: 83 ec 08 sub $0x8,%esp
401ec1: 68 c0 57 40 00 push $0x4057c0
401ec6: 6a 02 push $0x2
401ec8: e8 83 1c 00 00 call 403b50 <_RtlCheckRegistryKey at 8>
401ecd: 83 c4 08 add $0x8,%esp
401ed0: 85 c0 test %eax,%eax
401ed2: 75 09 jne 401edd <_SmCreatePagingFiles+0x25>
401ed4: c7 45 b0 00 00 00 00 movl $0x0,0xffffffb0(%ebp)
401edb: eb 42 jmp 401f1f <_SmCreatePagingFiles+0x67>
401edd: 83 ec 08 sub $0x8,%esp
401ee0: 6a 38 push $0x38
401ee2: 8d 45 b8 lea 0xffffffb8(%ebp),%eax
401ee5: 50 push %eax
401ee6: e8 35 1b 00 00 call 403a20 <_RtlZeroMemory at 8>
401eeb: 83 c4 08 add $0x8,%esp
401eee: c7 45 c0 ce 57 40 00 movl $0x4057ce,0xffffffc0(%ebp)
401ef5: c7 45 b8 b0 1d 40 00 movl $0x401db0,0xffffffb8(%ebp)
401efc: 83 ec 0c sub $0xc,%esp
401eff: 6a 00 push $0x0
401f01: 6a 00 push $0x0
401f03: 8d 45 b8 lea 0xffffffb8(%ebp),%eax
401f06: 50 push %eax
401f07: 68 00 58 40 00 push $0x405800
401f0c: 6a 02 push $0x2
401f0e: e8 1d 1b 00 00 call 403a30 <_RtlQueryRegistryValues at 20>
401f13: 83 c4 0c add $0xc,%esp
401f16: 89 45 b4 mov %eax,0xffffffb4(%ebp)
401f19: 8b 45 b4 mov 0xffffffb4(%ebp),%eax
401f1c: 89 45 b0 mov %eax,0xffffffb0(%ebp)
401f1f: 8b 45 b0 mov 0xffffffb0(%ebp),%eax
401f22: c9 leave
401f23: c3 ret
401f24: 90 nop
401f25: 90 nop
401f26: 90 nop
401f27: 90 nop
401f28: 90 nop
401f29: 90 nop
401f2a: 90 nop
401f2b: 90 nop
401f2c: 90 nop
401f2d: 90 nop
401f2e: 90 nop
401f2f: 90 nop
00401f30 <_SmpRegisterSmss>:
401f30: 55 push %ebp
401f31: 89 e5 mov %esp,%ebp
401f33: 83 ec 18 sub $0x18,%esp
401f36: c7 45 fc 00 00 00 00 movl $0x0,0xfffffffc(%ebp)
401f3d: c7 45 f0 00 00 00 00 movl $0x0,0xfffffff0(%ebp)
401f44: c7 45 f4 00 00 00 00 movl $0x0,0xfffffff4(%ebp)
401f4b: 83 ec 08 sub $0x8,%esp
401f4e: 68 60 58 40 00 push $0x405860
401f53: 8d 45 f0 lea 0xfffffff0(%ebp),%eax
401f56: 50 push %eax
401f57: e8 34 1a 00 00 call 403990 <_RtlInitUnicodeString at 8>
401f5c: 83 c4 08 add $0x8,%esp
401f5f: 68 40 60 40 00 push $0x406040
401f64: 6a 01 push $0x1
401f66: 6a ff push $0xffffffff
401f68: 8d 45 f0 lea 0xfffffff0(%ebp),%eax
401f6b: 50 push %eax
401f6c: e8 cf 17 00 00 call 403740 <_SmConnectApiPort at 16>
401f71: 89 45 fc mov %eax,0xfffffffc(%ebp)
401f74: 83 7d fc 00 cmpl $0x0,0xfffffffc(%ebp)
401f78: 79 08 jns 401f82 <_SmpRegisterSmss+0x52>
401f7a: 8b 45 fc mov 0xfffffffc(%ebp),%eax
401f7d: 89 45 ec mov %eax,0xffffffec(%ebp)
401f80: eb 06 jmp 401f88 <_SmpRegisterSmss+0x58>
401f82: 8b 45 fc mov 0xfffffffc(%ebp),%eax
401f85: 89 45 ec mov %eax,0xffffffec(%ebp)
401f88: 8b 45 ec mov 0xffffffec(%ebp),%eax
401f8b: c9 leave
401f8c: c3 ret
00401f8d <_SmpLoadKernelModeSubsystem>:
401f8d: 55 push %ebp
401f8e: 89 e5 mov %esp,%ebp
401f90: 57 push %edi
401f91: 81 ec 54 04 00 00 sub $0x454,%esp
401f97: c7 45 f4 00 00 00 00 movl $0x0,0xfffffff4(%ebp)
401f9e: c7 85 d4 fd ff ff 0a movl $0x20a,0xfffffdd4(%ebp)
401fa5: 02 00 00
401fa8: c7 85 d0 fd ff ff 00 movl $0x0,0xfffffdd0(%ebp)
401faf: 00 00 00
401fb2: 83 ec 0c sub $0xc,%esp
401fb5: 6a 01 push $0x1
401fb7: 8d 85 d0 fd ff ff lea 0xfffffdd0(%ebp),%eax
401fbd: 50 push %eax
401fbe: 8d 85 d4 fd ff ff lea 0xfffffdd4(%ebp),%eax
401fc4: 50 push %eax
401fc5: 8d 85 d8 fd ff ff lea 0xfffffdd8(%ebp),%eax
401fcb: 50 push %eax
401fcc: 68 62 58 40 00 push $0x405862
401fd1: e8 7f 0a 00 00 call 402a55 <_SmLookupSubsystem at 20>
401fd6: 83 c4 0c add $0xc,%esp
401fd9: 89 45 f4 mov %eax,0xfffffff4(%ebp)
401fdc: 83 7d f4 00 cmpl $0x0,0xfffffff4(%ebp)
401fe0: 0f 85 93 00 00 00 jne 402079 <_SmpLoadKernelModeSubsystem+0xec>
401fe6: 83 bd d4 fd ff ff 02 cmpl $0x2,0xfffffdd4(%ebp)
401fed: 0f 86 86 00 00 00 jbe 402079 <_SmpLoadKernelModeSubsystem+0xec>
401ff3: 8d bd b8 fb ff ff lea 0xfffffbb8(%ebp),%edi
401ff9: fc cld
401ffa: b9 0a 02 00 00 mov $0x20a,%ecx
401fff: b0 00 mov $0x0,%al
402001: f3 aa repz stos %al,%es:(%edi)
402003: 83 ec 08 sub $0x8,%esp
402006: 68 6e 58 40 00 push $0x40586e
40200b: 8d 85 b8 fb ff ff lea 0xfffffbb8(%ebp),%eax
402011: 50 push %eax
402012: e8 29 1a 00 00 call 403a40 <_wcscpy>
402017: 83 c4 10 add $0x10,%esp
40201a: 83 ec 08 sub $0x8,%esp
40201d: 8d 85 d8 fd ff ff lea 0xfffffdd8(%ebp),%eax
402023: 50 push %eax
402024: 8d 85 b8 fb ff ff lea 0xfffffbb8(%ebp),%eax
40202a: 50 push %eax
40202b: e8 50 1a 00 00 call 403a80 <_wcscat>
402030: 83 c4 10 add $0x10,%esp
402033: 83 ec 08 sub $0x8,%esp
402036: 6a 08 push $0x8
402038: 8d 85 b0 fb ff ff lea 0xfffffbb0(%ebp),%eax
40203e: 50 push %eax
40203f: e8 dc 19 00 00 call 403a20 <_RtlZeroMemory at 8>
402044: 83 c4 08 add $0x8,%esp
402047: 83 ec 08 sub $0x8,%esp
40204a: 8d 85 b8 fb ff ff lea 0xfffffbb8(%ebp),%eax
402050: 50 push %eax
402051: 8d 85 b0 fb ff ff lea 0xfffffbb0(%ebp),%eax
402057: 50 push %eax
402058: e8 33 19 00 00 call 403990 <_RtlInitUnicodeString at 8>
40205d: 83 c4 08 add $0x8,%esp
402060: 83 ec 04 sub $0x4,%esp
402063: 6a 08 push $0x8
402065: 8d 85 b0 fb ff ff lea 0xfffffbb0(%ebp),%eax
40206b: 50 push %eax
40206c: 6a 26 push $0x26
40206e: e8 fd 1a 00 00 call 403b70 <_NtSetSystemInformation at 12>
402073: 83 c4 04 add $0x4,%esp
402076: 89 45 f4 mov %eax,0xfffffff4(%ebp)
402079: 8b 45 f4 mov 0xfffffff4(%ebp),%eax
40207c: 8b 7d fc mov 0xfffffffc(%ebp),%edi
40207f: c9 leave
402080: c3 ret
00402081 <_SmpLoadRequiredSubsystems>:
402081: 55 push %ebp
402082: 89 e5 mov %esp,%ebp
402084: 81 ec 48 02 00 00 sub $0x248,%esp
40208a: c7 45 f4 00 00 00 00 movl $0x0,0xfffffff4(%ebp)
402091: c7 85 d4 fd ff ff 0a movl $0x20a,0xfffffdd4(%ebp)
402098: 02 00 00
40209b: c7 85 d0 fd ff ff 00 movl $0x0,0xfffffdd0(%ebp)
4020a2: 00 00 00
4020a5: 83 ec 08 sub $0x8,%esp
4020a8: ff b5 d4 fd ff ff pushl 0xfffffdd4(%ebp)
4020ae: 8d 85 d8 fd ff ff lea 0xfffffdd8(%ebp),%eax
4020b4: 50 push %eax
4020b5: e8 66 19 00 00 call 403a20 <_RtlZeroMemory at 8>
4020ba: 83 c4 08 add $0x8,%esp
4020bd: 83 ec 0c sub $0xc,%esp
4020c0: 6a 00 push $0x0
4020c2: 8d 85 d0 fd ff ff lea 0xfffffdd0(%ebp),%eax
4020c8: 50 push %eax
4020c9: 8d 85 d4 fd ff ff lea 0xfffffdd4(%ebp),%eax
4020cf: 50 push %eax
4020d0: 8d 85 d8 fd ff ff lea 0xfffffdd8(%ebp),%eax
4020d6: 50 push %eax
4020d7: 68 78 58 40 00 push $0x405878
4020dc: e8 74 09 00 00 call 402a55 <_SmLookupSubsystem at 20>
4020e1: 83 c4 0c add $0xc,%esp
4020e4: 89 45 f4 mov %eax,0xfffffff4(%ebp)
4020e7: 83 7d f4 00 cmpl $0x0,0xfffffff4(%ebp)
4020eb: 0f 85 04 01 00 00 jne 4021f5 <_SmpLoadRequiredSubsystems+0x174>
4020f1: 83 bd d4 fd ff ff 02 cmpl $0x2,0xfffffdd4(%ebp)
4020f8: 0f 86 f7 00 00 00 jbe 4021f5 <_SmpLoadRequiredSubsystems+0x174>
4020fe: c7 85 cc fd ff ff 00 movl $0x0,0xfffffdcc(%ebp)
402105: 00 00 00
402108: c7 85 c8 fd ff ff 00 movl $0x0,0xfffffdc8(%ebp)
40210f: 00 00 00
for (Name = Data; (Offset < DataLength); )
402112: 8d 85 d8 fd ff ff lea 0xfffffdd8(%ebp),%eax
402118: 89 85 cc fd ff ff mov %eax,0xfffffdcc(%ebp)
40211e: 8b 85 c8 fd ff ff mov 0xfffffdc8(%ebp),%eax
402124: 3b 85 d4 fd ff ff cmp 0xfffffdd4(%ebp),%eax
40212a: 72 05 jb 402131 <_SmpLoadRequiredSubsystems+0xb0>
40212c: e9 c4 00 00 00 jmp 4021f5 <_SmpLoadRequiredSubsystems+0x174>
{
if(L'\0' != *Name)
402131: 8b 85 cc fd ff ff mov 0xfffffdcc(%ebp),%eax
402137: 66 83 38 00 cmpw $0x0,(%eax)
40213b: 0f 84 9e 00 00 00 je 4021df <_SmpLoadRequiredSubsystems+0x15e>
{
UNICODE_STRING Program;
/* Run the current program */
RtlInitUnicodeString (& Program, Name);
402141: 83 ec 08 sub $0x8,%esp
402144: ff b5 cc fd ff ff pushl 0xfffffdcc(%ebp)
40214a: 8d 85 c0 fd ff ff lea 0xfffffdc0(%ebp),%eax
402150: 50 push %eax
402151: e8 3a 18 00 00 call 403990 <_RtlInitUnicodeString at 8>
402156: 83 c4 08 add $0x8,%esp
Status = SmExecuteProgram (hSmApiPort, & Program);
402159: 83 ec 08 sub $0x8,%esp
40215c: 8d 85 c0 fd ff ff lea 0xfffffdc0(%ebp),%eax
402162: 50 push %eax
402163: ff 35 40 60 40 00 pushl 0x406040
402169: e8 32 17 00 00 call 4038a0 <_SmExecuteProgram at 8>
40216e: 83 c4 08 add $0x8,%esp
402171: 89 45 f4 mov %eax,0xfffffff4(%ebp)
if(!NT_SUCCESS(Status))
402174: 83 7d f4 00 cmpl $0x0,0xfffffff4(%ebp)
402178: 79 35 jns 4021af <_SmpLoadRequiredSubsystems+0x12e>
{
DPRINT1("SM: %s failed to run '%S' program (Status=0x%08lx)\n",
40217a: 83 ec 04 sub $0x4,%esp
40217d: 68 a0 00 00 00 push $0xa0
402182: 68 8a 58 40 00 push $0x40588a
402187: 68 93 58 40 00 push $0x405893
40218c: e8 4f 18 00 00 call 4039e0 <_DbgPrint>
402191: 83 c4 10 add $0x10,%esp
402194: ff 75 f4 pushl 0xfffffff4(%ebp)
402197: ff b5 cc fd ff ff pushl 0xfffffdcc(%ebp)
40219d: 68 9c 58 40 00 push $0x40589c
4021a2: 68 c0 58 40 00 push $0x4058c0
4021a7: e8 34 18 00 00 call 4039e0 <_DbgPrint>
4021ac: 83 c4 10 add $0x10,%esp
4021af: 90 nop
__FUNCTION__, Name, Status);
}
/* Look for the next program */
while ((L'\0' != *Name) && (Offset < DataLength))
4021b0: 8b 85 cc fd ff ff mov 0xfffffdcc(%ebp),%eax
4021b6: 66 83 38 00 cmpw $0x0,(%eax)
4021ba: 74 23 je 4021df <_SmpLoadRequiredSubsystems+0x15e>
4021bc: 8b 85 c8 fd ff ff mov 0xfffffdc8(%ebp),%eax
4021c2: 3b 85 d4 fd ff ff cmp 0xfffffdd4(%ebp),%eax
4021c8: 72 02 jb 4021cc <_SmpLoadRequiredSubsystems+0x14b>
4021ca: eb 13 jmp 4021df <_SmpLoadRequiredSubsystems+0x15e>
{
++ Name;
4021cc: 8d 85 cc fd ff ff lea 0xfffffdcc(%ebp),%eax
4021d2: 83 00 02 addl $0x2,(%eax)
++ Offset;
4021d5: 8d 85 c8 fd ff ff lea 0xfffffdc8(%ebp),%eax
4021db: ff 00 incl (%eax)
4021dd: eb d1 jmp 4021b0 <_SmpLoadRequiredSubsystems+0x12f>
}
}
++ Name;
4021df: 8d 85 cc fd ff ff lea 0xfffffdcc(%ebp),%eax
4021e5: 83 00 02 addl $0x2,(%eax)
++ Offset;
4021e8: 8d 85 c8 fd ff ff lea 0xfffffdc8(%ebp),%eax
4021ee: ff 00 incl (%eax)
4021f0: e9 29 ff ff ff jmp 40211e <_SmpLoadRequiredSubsystems+0x9d>
}
}
return Status;
4021f5: 8b 45 f4 mov 0xfffffff4(%ebp),%eax
}
4021f8: c9 leave
4021f9: c3 ret
004021fa <_SmLoadSubsystems>:
/**********************************************************************
* SmLoadSubsystems/0
*/
NTSTATUS
SmLoadSubsystems(VOID)
{
4021fa: 55 push %ebp
4021fb: 89 e5 mov %esp,%ebp
4021fd: 83 ec 08 sub $0x8,%esp
NTSTATUS Status = STATUS_SUCCESS;
402200: c7 45 fc 00 00 00 00 movl $0x0,0xfffffffc(%ebp)
DPRINT("SM: loading subsystems\n");
/* SM self registers */
Status = SmpRegisterSmss();
402207: e8 24 fd ff ff call 401f30 <_SmpRegisterSmss>
40220c: 89 45 fc mov %eax,0xfffffffc(%ebp)
if(!NT_SUCCESS(Status)) return Status;
40220f: 83 7d fc 00 cmpl $0x0,0xfffffffc(%ebp)
402213: 79 08 jns 40221d <_SmLoadSubsystems+0x23>
402215: 8b 45 fc mov 0xfffffffc(%ebp),%eax
402218: 89 45 f8 mov %eax,0xfffffff8(%ebp)
40221b: eb 32 jmp 40224f <_SmLoadSubsystems+0x55>
/* Load Kmode subsystem (aka win32k.sys) */
Status = SmpLoadKernelModeSubsystem();
40221d: e8 6b fd ff ff call 401f8d <_SmpLoadKernelModeSubsystem>
402222: 89 45 fc mov %eax,0xfffffffc(%ebp)
if(!NT_SUCCESS(Status)) return Status;
402225: 83 7d fc 00 cmpl $0x0,0xfffffffc(%ebp)
402229: 79 08 jns 402233 <_SmLoadSubsystems+0x39>
40222b: 8b 45 fc mov 0xfffffffc(%ebp),%eax
40222e: 89 45 f8 mov %eax,0xfffffff8(%ebp)
402231: eb 1c jmp 40224f <_SmLoadSubsystems+0x55>
/* Load Required subsystems (Debug Windows) */
Status = SmpLoadRequiredSubsystems();
402233: e8 49 fe ff ff call 402081 <_SmpLoadRequiredSubsystems>
402238: 89 45 fc mov %eax,0xfffffffc(%ebp)
if(!NT_SUCCESS(Status)) return Status;
40223b: 83 7d fc 00 cmpl $0x0,0xfffffffc(%ebp)
40223f: 79 08 jns 402249 <_SmLoadSubsystems+0x4f>
402241: 8b 45 fc mov 0xfffffffc(%ebp),%eax
402244: 89 45 f8 mov %eax,0xfffffff8(%ebp)
402247: eb 06 jmp 40224f <_SmLoadSubsystems+0x55>
/* done */
return Status;
402249: 8b 45 fc mov 0xfffffffc(%ebp),%eax
40224c: 89 45 f8 mov %eax,0xfffffff8(%ebp)
}
40224f: 8b 45 f8 mov 0xfffffff8(%ebp),%eax
402252: c9 leave
402253: c3 ret
402254: 90 nop
402255: 90 nop
402256: 90 nop
402257: 90 nop
402258: 90 nop
402259: 90 nop
40225a: 90 nop
40225b: 90 nop
40225c: 90 nop
40225d: 90 nop
40225e: 90 nop
40225f: 90 nop
00402260 <_SmInitializeRegistry>:
402260: 55 push %ebp
402261: 89 e5 mov %esp,%ebp
402263: 83 ec 08 sub $0x8,%esp
402266: 83 ec 0c sub $0xc,%esp
402269: 6a 00 push $0x0
40226b: e8 10 19 00 00 call 403b80 <_NtInitializeRegistry at 4>
402270: 83 c4 0c add $0xc,%esp
402273: c9 leave
402274: c3 ret
402275: 90 nop
402276: 90 nop
402277: 90 nop
402278: 90 nop
402279: 90 nop
40227a: 90 nop
40227b: 90 nop
40227c: 90 nop
40227d: 90 nop
40227e: 90 nop
40227f: 90 nop
00402280 <@SmInvalid at 4>:
402280: 55 push %ebp
402281: 89 e5 mov %esp,%ebp
402283: 83 ec 04 sub $0x4,%esp
402286: 89 4d fc mov %ecx,0xfffffffc(%ebp)
402289: 8b 45 fc mov 0xfffffffc(%ebp),%eax
40228c: c7 40 1c 02 00 00 c0 movl $0xc0000002,0x1c(%eax)
402293: b8 00 00 00 00 mov $0x0,%eax
402298: c9 leave
402299: c3 ret
0040229a <@SmpGetConnectData at 4>:
40229a: 55 push %ebp
40229b: 89 e5 mov %esp,%ebp
40229d: 83 ec 08 sub $0x8,%esp
4022a0: 89 4d fc mov %ecx,0xfffffffc(%ebp)
4022a3: 8b 45 fc mov 0xfffffffc(%ebp),%eax
4022a6: 89 45 f8 mov %eax,0xfffffff8(%ebp)
4022a9: 8b 45 f8 mov 0xfffffff8(%ebp),%eax
4022ac: 83 c0 18 add $0x18,%eax
4022af: c9 leave
4022b0: c3 ret
004022b1 <_SmpCallbackServer>:
4022b1: 55 push %ebp
4022b2: 89 e5 mov %esp,%ebp
4022b4: 83 ec 28 sub $0x28,%esp
4022b7: c7 45 fc 00 00 00 00 movl $0x0,0xfffffffc(%ebp)
4022be: 8b 4d 08 mov 0x8(%ebp),%ecx
4022c1: e8 d4 ff ff ff call 40229a <@SmpGetConnectData at 4>
4022c6: 89 45 f8 mov %eax,0xfffffff8(%ebp)
4022c9: c7 45 ec 78 00 00 00 movl $0x78,0xffffffec(%ebp)
4022d0: c7 45 e4 04 00 00 00 movl $0x4,0xffffffe4(%ebp)
4022d7: 8b 45 f8 mov 0xfffffff8(%ebp),%eax
4022da: 66 83 38 01 cmpw $0x1,(%eax)
4022de: 75 09 jne 4022e9 <_SmpCallbackServer+0x38>
4022e0: c7 45 e0 00 00 00 00 movl $0x0,0xffffffe0(%ebp)
4022e7: eb 62 jmp 40234b <_SmpCallbackServer+0x9a>
4022e9: 83 ec 04 sub $0x4,%esp
4022ec: ff 75 ec pushl 0xffffffec(%ebp)
4022ef: 8b 45 f8 mov 0xfffffff8(%ebp),%eax
4022f2: 83 c0 04 add $0x4,%eax
4022f5: 50 push %eax
4022f6: 8b 45 0c mov 0xc(%ebp),%eax
4022f9: 83 c0 18 add $0x18,%eax
4022fc: 50 push %eax
4022fd: e8 9e 17 00 00 call 403aa0 <_memcpy>
402302: 83 c4 10 add $0x10,%esp
402305: 83 ec 08 sub $0x8,%esp
402308: 8b 45 0c mov 0xc(%ebp),%eax
40230b: 83 c0 18 add $0x18,%eax
40230e: 50 push %eax
40230f: 8d 45 f0 lea 0xfffffff0(%ebp),%eax
402312: 50 push %eax
402313: e8 78 16 00 00 call 403990 <_RtlInitUnicodeString at 8>
402318: 83 c4 08 add $0x8,%esp
40231b: c7 45 e8 06 00 00 00 movl $0x6,0xffffffe8(%ebp)
402322: 8d 45 e4 lea 0xffffffe4(%ebp),%eax
402325: 50 push %eax
402326: 8d 45 e8 lea 0xffffffe8(%ebp),%eax
402329: 50 push %eax
40232a: 6a 00 push $0x0
40232c: 6a 00 push $0x0
40232e: 6a 00 push $0x0
402330: 6a 00 push $0x0
402332: 8d 45 f0 lea 0xfffffff0(%ebp),%eax
402335: 50 push %eax
402336: 8b 45 0c mov 0xc(%ebp),%eax
402339: 83 c0 14 add $0x14,%eax
40233c: 50 push %eax
40233d: e8 4e 18 00 00 call 403b90 <_NtConnectPort at 32>
402342: 89 45 fc mov %eax,0xfffffffc(%ebp)
402345: 8b 45 fc mov 0xfffffffc(%ebp),%eax
402348: 89 45 e0 mov %eax,0xffffffe0(%ebp)
40234b: 8b 45 e0 mov 0xffffffe0(%ebp),%eax
40234e: c9 leave
40234f: c3 ret
00402350 <_SmpApiConnectedThread at 4>:
402350: 55 push %ebp
402351: 89 e5 mov %esp,%ebp
402353: 57 push %edi
402354: 81 ec 94 00 00 00 sub $0x94,%esp
40235a: c7 45 f4 00 00 00 00 movl $0x0,0xfffffff4(%ebp)
402361: c7 45 f0 00 00 00 00 movl $0x0,0xfffffff0(%ebp)
402368: c7 45 ec 00 00 00 00 movl $0x0,0xffffffec(%ebp)
40236f: 8d bd 78 ff ff ff lea 0xffffff78(%ebp),%edi
402375: fc cld
402376: ba 00 00 00 00 mov $0x0,%edx
40237b: b8 1b 00 00 00 mov $0x1b,%eax
402380: 89 c1 mov %eax,%ecx
402382: 89 d0 mov %edx,%eax
402384: f3 ab repz stos %eax,%es:(%edi)
402386: 8b 45 08 mov 0x8(%ebp),%eax
402389: 8b 00 mov (%eax),%eax
40238b: 89 85 74 ff ff ff mov %eax,0xffffff74(%ebp)
402391: 8d 85 78 ff ff ff lea 0xffffff78(%ebp),%eax
402397: 50 push %eax
402398: ff 75 ec pushl 0xffffffec(%ebp)
40239b: 8d 45 f0 lea 0xfffffff0(%ebp),%eax
40239e: 50 push %eax
40239f: ff b5 74 ff ff ff pushl 0xffffff74(%ebp)
4023a5: e8 f6 17 00 00 call 403ba0 <_NtReplyWaitReceivePort at 16>
4023aa: 89 45 f4 mov %eax,0xfffffff4(%ebp)
4023ad: 83 7d f4 00 cmpl $0x0,0xfffffff4(%ebp)
4023b1: 0f 88 b3 00 00 00 js 40246a <_SmpApiConnectedThread at 4+0x11a>
4023b7: 8b 85 7c ff ff ff mov 0xffffff7c(%ebp),%eax
4023bd: 89 c2 mov %eax,%edx
4023bf: 81 e2 ff ff 00 00 and $0xffff,%edx
4023c5: 89 95 70 ff ff ff mov %edx,0xffffff70(%ebp)
4023cb: 83 bd 70 ff ff ff 08 cmpl $0x8,0xffffff70(%ebp)
4023d2: 74 3a je 40240e <_SmpApiConnectedThread at 4+0xbe>
4023d4: 83 bd 70 ff ff ff 08 cmpl $0x8,0xffffff70(%ebp)
4023db: 7f 0b jg 4023e8 <_SmpApiConnectedThread at 4+0x98>
4023dd: 83 bd 70 ff ff ff 05 cmpl $0x5,0xffffff70(%ebp)
4023e4: 74 34 je 40241a <_SmpApiConnectedThread at 4+0xca>
4023e6: eb 3e jmp 402426 <_SmpApiConnectedThread at 4+0xd6>
4023e8: 83 bd 70 ff ff ff 0a cmpl $0xa,0xffffff70(%ebp)
4023ef: 74 02 je 4023f3 <_SmpApiConnectedThread at 4+0xa3>
4023f1: eb 33 jmp 402426 <_SmpApiConnectedThread at 4+0xd6>
4023f3: 83 ec 0c sub $0xc,%esp
4023f6: 8d 85 78 ff ff ff lea 0xffffff78(%ebp),%eax
4023fc: 50 push %eax
4023fd: e8 90 00 00 00 call 402492 <_SmpHandleConnectionRequest at 4>
402402: 83 c4 0c add $0xc,%esp
402405: c7 45 ec 00 00 00 00 movl $0x0,0xffffffec(%ebp)
40240c: eb 83 jmp 402391 <_SmpApiConnectedThread at 4+0x41>
40240e: c7 45 ec 00 00 00 00 movl $0x0,0xffffffec(%ebp)
402415: e9 77 ff ff ff jmp 402391 <_SmpApiConnectedThread at 4+0x41>
40241a: c7 45 ec 00 00 00 00 movl $0x0,0xffffffec(%ebp)
402421: e9 6b ff ff ff jmp 402391 <_SmpApiConnectedThread at 4+0x41>
402426: 83 7d 90 00 cmpl $0x0,0xffffff90(%ebp)
40242a: 74 29 je 402455 <_SmpApiConnectedThread at 4+0x105>
40242c: 83 7d 90 05 cmpl $0x5,0xffffff90(%ebp)
402430: 77 23 ja 402455 <_SmpApiConnectedThread at 4+0x105>
402432: 8b 45 90 mov 0xffffff90(%ebp),%eax
402435: 8d 8d 78 ff ff ff lea 0xffffff78(%ebp),%ecx
40243b: 8b 04 85 c4 40 40 00 mov 0x4040c4(,%eax,4),%eax
402442: ff d0 call *%eax
402444: 89 45 f4 mov %eax,0xfffffff4(%ebp)
402447: 8d 85 78 ff ff ff lea 0xffffff78(%ebp),%eax
40244d: 89 45 ec mov %eax,0xffffffec(%ebp)
402450: e9 3c ff ff ff jmp 402391 <_SmpApiConnectedThread at 4+0x41>
402455: c7 45 94 02 00 00 c0 movl $0xc0000002,0xffffff94(%ebp)
40245c: 8d 85 78 ff ff ff lea 0xffffff78(%ebp),%eax
402462: 89 45 ec mov %eax,0xffffffec(%ebp)
402465: e9 27 ff ff ff jmp 402391 <_SmpApiConnectedThread at 4+0x41>
40246a: 83 ec 0c sub $0xc,%esp
40246d: ff b5 74 ff ff ff pushl 0xffffff74(%ebp)
402473: e8 58 15 00 00 call 4039d0 <_NtClose at 4>
402478: 83 c4 0c add $0xc,%esp
40247b: 83 ec 08 sub $0x8,%esp
40247e: ff 75 f4 pushl 0xfffffff4(%ebp)
402481: 6a fe push $0xfffffffe
402483: e8 f8 14 00 00 call 403980 <_NtTerminateThread at 8>
402488: 83 c4 08 add $0x8,%esp
40248b: 8b 7d fc mov 0xfffffffc(%ebp),%edi
40248e: c9 leave
40248f: c2 04 00 ret $0x4
00402492 <_SmpHandleConnectionRequest at 4>:
402492: 55 push %ebp
402493: 89 e5 mov %esp,%ebp
402495: 83 ec 28 sub $0x28,%esp
402498: 8b 4d 08 mov 0x8(%ebp),%ecx
40249b: e8 fa fd ff ff call 40229a <@SmpGetConnectData at 4>
4024a0: 89 45 fc mov %eax,0xfffffffc(%ebp)
4024a3: c7 45 f8 00 00 00 00 movl $0x0,0xfffffff8(%ebp)
4024aa: c7 45 f4 00 00 00 00 movl $0x0,0xfffffff4(%ebp)
4024b1: c7 45 f0 00 00 00 00 movl $0x0,0xfffffff0(%ebp)
4024b8: c7 45 ec 00 00 00 00 movl $0x0,0xffffffec(%ebp)
4024bf: 8d 45 ec lea 0xffffffec(%ebp),%eax
4024c2: 89 45 e8 mov %eax,0xffffffe8(%ebp)
4024c5: c7 45 e4 00 00 00 00 movl $0x0,0xffffffe4(%ebp)
4024cc: 8d 45 e4 lea 0xffffffe4(%ebp),%eax
4024cf: 89 45 e0 mov %eax,0xffffffe0(%ebp)
4024d2: c7 45 dc 00 00 00 00 movl $0x0,0xffffffdc(%ebp)
4024d9: 8b 45 08 mov 0x8(%ebp),%eax
4024dc: 66 81 38 f4 00 cmpw $0xf4,(%eax)
4024e1: 0f 85 97 00 00 00 jne 40257e <_SmpHandleConnectionRequest at 4+0xec>
4024e7: 8b 45 fc mov 0xfffffffc(%ebp),%eax
4024ea: 66 83 38 00 cmpw $0x0,(%eax)
4024ee: 75 15 jne 402505 <_SmpHandleConnectionRequest at 4+0x73>
4024f0: 8d 45 ec lea 0xffffffec(%ebp),%eax
4024f3: 89 45 e8 mov %eax,0xffffffe8(%ebp)
4024f6: 8d 45 e4 lea 0xffffffe4(%ebp),%eax
4024f9: 89 45 e0 mov %eax,0xffffffe0(%ebp)
/* EOF */
4024fc: c7 45 f4 01 00 00 00 movl $0x1,0xfffffff4(%ebp)
402503: eb 79 jmp 40257e <_SmpHandleConnectionRequest at 4+0xec>
402505: 8b 45 fc mov 0xfffffffc(%ebp),%eax
402508: 66 8b 00 mov (%eax),%ax
40250b: 83 e0 01 and $0x1,%eax
40250e: 66 83 f8 01 cmp $0x1,%ax
402512: 75 6a jne 40257e <_SmpHandleConnectionRequest at 4+0xec>
402514: 83 ec 08 sub $0x8,%esp
402517: 8d 45 f0 lea 0xfffffff0(%ebp),%eax
40251a: 50 push %eax
40251b: ff 75 08 pushl 0x8(%ebp)
40251e: e8 33 0c 00 00 call 403156 <_SmCreateClient at 8>
402523: 83 c4 08 add $0x8,%esp
402526: 89 45 f8 mov %eax,0xfffffff8(%ebp)
402529: 83 7d f8 00 cmpl $0x0,0xfffffff8(%ebp)
40252d: 75 4f jne 40257e <_SmpHandleConnectionRequest at 4+0xec>
40252f: 8b 45 f0 mov 0xfffffff0(%ebp),%eax
402532: 83 c0 0c add $0xc,%eax
402535: 89 45 e8 mov %eax,0xffffffe8(%ebp)
402538: 8b 45 f0 mov 0xfffffff0(%ebp),%eax
40253b: 83 c0 10 add $0x10,%eax
40253e: 89 45 e0 mov %eax,0xffffffe0(%ebp)
402541: 83 ec 08 sub $0x8,%esp
402544: ff 75 f0 pushl 0xfffffff0(%ebp)
402547: ff 75 08 pushl 0x8(%ebp)
40254a: e8 62 fd ff ff call 4022b1 <_SmpCallbackServer>
40254f: 83 c4 10 add $0x10,%esp
402552: 89 45 f8 mov %eax,0xfffffff8(%ebp)
402555: 83 7d f8 00 cmpl $0x0,0xfffffff8(%ebp)
402559: 78 09 js 402564 <_SmpHandleConnectionRequest at 4+0xd2>
40255b: c7 45 f4 01 00 00 00 movl $0x1,0xfffffff4(%ebp)
402562: eb 1a jmp 40257e <_SmpHandleConnectionRequest at 4+0xec>
402564: 83 ec 0c sub $0xc,%esp
402567: 8b 45 fc mov 0xfffffffc(%ebp),%eax
40256a: 66 8b 00 mov (%eax),%ax
40256d: 25 ff ff 00 00 and $0xffff,%eax
402572: 50 push %eax
402573: e8 27 0d 00 00 call 40329f <_SmDestroyClient at 4>
402578: 83 c4 0c add $0xc,%esp
40257b: 89 45 f8 mov %eax,0xfffffff8(%ebp)
40257e: 83 ec 08 sub $0x8,%esp
402581: 6a 00 push $0x0
402583: 6a 00 push $0x0
402585: b8 00 00 00 00 mov $0x0,%eax
40258a: 8a 45 f4 mov 0xfffffff4(%ebp),%al
40258d: 50 push %eax
40258e: ff 75 dc pushl 0xffffffdc(%ebp)
402591: ff 35 c0 40 40 00 pushl 0x4040c0
402597: ff 75 e8 pushl 0xffffffe8(%ebp)
40259a: e8 11 16 00 00 call 403bb0 <_NtAcceptConnectPort at 24>
40259f: 83 c4 08 add $0x8,%esp
4025a2: 89 45 f8 mov %eax,0xfffffff8(%ebp)
4025a5: 83 7d f4 00 cmpl $0x0,0xfffffff4(%ebp)
4025a9: 0f 84 04 01 00 00 je 4026b3 <_SmpHandleConnectionRequest at 4+0x221>
4025af: 83 7d f8 00 cmpl $0x0,0xfffffff8(%ebp)
4025b3: 79 3d jns 4025f2 <_SmpHandleConnectionRequest at 4+0x160>
4025b5: 83 ec 04 sub $0x4,%esp
4025b8: 68 0d 01 00 00 push $0x10d
4025bd: 68 00 59 40 00 push $0x405900
4025c2: 68 08 59 40 00 push $0x405908
4025c7: e8 14 14 00 00 call 4039e0 <_DbgPrint>
4025cc: 83 c4 10 add $0x10,%esp
4025cf: 83 ec 04 sub $0x4,%esp
4025d2: ff 75 f8 pushl 0xfffffff8(%ebp)
4025d5: 68 11 59 40 00 push $0x405911
4025da: 68 40 59 40 00 push $0x405940
4025df: e8 fc 13 00 00 call 4039e0 <_DbgPrint>
4025e4: 83 c4 10 add $0x10,%esp
4025e7: 8b 45 f8 mov 0xfffffff8(%ebp),%eax
4025ea: 89 45 d8 mov %eax,0xffffffd8(%ebp)
4025ed: e9 c7 00 00 00 jmp 4026b9 <_SmpHandleConnectionRequest at 4+0x227>
4025f2: 83 ec 0c sub $0xc,%esp
4025f5: 8b 45 e8 mov 0xffffffe8(%ebp),%eax
4025f8: ff 30 pushl (%eax)
4025fa: e8 c1 15 00 00 call 403bc0 <_NtCompleteConnectPort at 4>
4025ff: 83 c4 0c add $0xc,%esp
402602: 89 45 f8 mov %eax,0xfffffff8(%ebp)
402605: 83 7d f8 00 cmpl $0x0,0xfffffff8(%ebp)
402609: 79 3a jns 402645 <_SmpHandleConnectionRequest at 4+0x1b3>
40260b: 83 ec 04 sub $0x4,%esp
40260e: 68 15 01 00 00 push $0x115
402613: 68 00 59 40 00 push $0x405900
402618: 68 08 59 40 00 push $0x405908
40261d: e8 be 13 00 00 call 4039e0 <_DbgPrint>
402622: 83 c4 10 add $0x10,%esp
402625: 83 ec 04 sub $0x4,%esp
402628: ff 75 f8 pushl 0xfffffff8(%ebp)
40262b: 68 11 59 40 00 push $0x405911
402630: 68 80 59 40 00 push $0x405980
402635: e8 a6 13 00 00 call 4039e0 <_DbgPrint>
40263a: 83 c4 10 add $0x10,%esp
40263d: 8b 45 f8 mov 0xfffffff8(%ebp),%eax
402640: 89 45 d8 mov %eax,0xffffffd8(%ebp)
402643: eb 74 jmp 4026b9 <_SmpHandleConnectionRequest at 4+0x227>
402645: 83 ec 08 sub $0x8,%esp
402648: 6a 00 push $0x0
40264a: ff 75 e0 pushl 0xffffffe0(%ebp)
40264d: ff 75 e8 pushl 0xffffffe8(%ebp)
402650: 68 50 23 40 00 push $0x402350
402655: 6a 00 push $0x0
402657: 6a 00 push $0x0
402659: 6a 00 push $0x0
40265b: 6a 00 push $0x0
40265d: 6a 00 push $0x0
40265f: 6a ff push $0xffffffff
402661: e8 6a 15 00 00 call 403bd0 <_RtlCreateUserThread at 40>
402666: 83 c4 08 add $0x8,%esp
402669: 89 45 f8 mov %eax,0xfffffff8(%ebp)
40266c: 83 7d f8 00 cmpl $0x0,0xfffffff8(%ebp)
402670: 79 3a jns 4026ac <_SmpHandleConnectionRequest at 4+0x21a>
402672: 83 ec 04 sub $0x4,%esp
402675: 68 27 01 00 00 push $0x127
40267a: 68 00 59 40 00 push $0x405900
40267f: 68 08 59 40 00 push $0x405908
402684: e8 57 13 00 00 call 4039e0 <_DbgPrint>
402689: 83 c4 10 add $0x10,%esp
40268c: 83 ec 04 sub $0x4,%esp
40268f: ff 75 f8 pushl 0xfffffff8(%ebp)
402692: 68 11 59 40 00 push $0x405911
402697: 68 c0 59 40 00 push $0x4059c0
40269c: e8 3f 13 00 00 call 4039e0 <_DbgPrint>
4026a1: 83 c4 10 add $0x10,%esp
4026a4: 8b 45 f8 mov 0xfffffff8(%ebp),%eax
4026a7: 89 45 d8 mov %eax,0xffffffd8(%ebp)
4026aa: eb 0d jmp 4026b9 <_SmpHandleConnectionRequest at 4+0x227>
4026ac: c7 45 f8 00 00 00 00 movl $0x0,0xfffffff8(%ebp)
4026b3: 8b 45 f8 mov 0xfffffff8(%ebp),%eax
4026b6: 89 45 d8 mov %eax,0xffffffd8(%ebp)
4026b9: 8b 45 d8 mov 0xffffffd8(%ebp),%eax
4026bc: c9 leave
4026bd: c2 04 00 ret $0x4
004026c0 <_SmpApiThread at 4>:
4026c0: 55 push %ebp
4026c1: 89 e5 mov %esp,%ebp
4026c3: 57 push %edi
4026c4: 81 ec 64 01 00 00 sub $0x164,%esp
4026ca: c7 45 f4 00 00 00 00 movl $0x0,0xfffffff4(%ebp)
4026d1: 8d bd 98 fe ff ff lea 0xfffffe98(%ebp),%edi
4026d7: fc cld
4026d8: ba 00 00 00 00 mov $0x0,%edx
4026dd: b8 52 00 00 00 mov $0x52,%eax
4026e2: 89 c1 mov %eax,%ecx
4026e4: 89 d0 mov %edx,%eax
4026e6: f3 ab repz stos %eax,%es:(%edi)
4026e8: 83 ec 08 sub $0x8,%esp
4026eb: 8d 85 98 fe ff ff lea 0xfffffe98(%ebp),%eax
4026f1: 50 push %eax
4026f2: ff 75 08 pushl 0x8(%ebp)
4026f5: e8 e6 14 00 00 call 403be0 <_NtListenPort at 8>
4026fa: 83 c4 08 add $0x8,%esp
4026fd: 89 45 f4 mov %eax,0xfffffff4(%ebp)
402700: 83 7d f4 00 cmpl $0x0,0xfffffff4(%ebp)
402704: 79 34 jns 40273a <_SmpApiThread at 4+0x7a>
402706: 83 ec 04 sub $0x4,%esp
402709: 68 4b 01 00 00 push $0x14b
40270e: 68 00 59 40 00 push $0x405900
402713: 68 08 59 40 00 push $0x405908
402718: e8 c3 12 00 00 call 4039e0 <_DbgPrint>
40271d: 83 c4 10 add $0x10,%esp
402720: 83 ec 04 sub $0x4,%esp
402723: ff 75 f4 pushl 0xfffffff4(%ebp)
402726: 68 f9 59 40 00 push $0x4059f9
40272b: 68 20 5a 40 00 push $0x405a20
402730: e8 ab 12 00 00 call 4039e0 <_DbgPrint>
402735: 83 c4 10 add $0x10,%esp
402738: eb 4d jmp 402787 <_SmpApiThread at 4+0xc7>
40273a: 83 ec 0c sub $0xc,%esp
40273d: 8d 85 98 fe ff ff lea 0xfffffe98(%ebp),%eax
402743: 50 push %eax
402744: e8 49 fd ff ff call 402492 <_SmpHandleConnectionRequest at 4>
402749: 83 c4 0c add $0xc,%esp
40274c: 89 45 f4 mov %eax,0xfffffff4(%ebp)
40274f: 83 7d f4 00 cmpl $0x0,0xfffffff4(%ebp)
402753: 79 93 jns 4026e8 <_SmpApiThread at 4+0x28>
402755: 83 ec 04 sub $0x4,%esp
402758: 68 51 01 00 00 push $0x151
40275d: 68 00 59 40 00 push $0x405900
402762: 68 08 59 40 00 push $0x405908
402767: e8 74 12 00 00 call 4039e0 <_DbgPrint>
40276c: 83 c4 10 add $0x10,%esp
40276f: 83 ec 04 sub $0x4,%esp
402772: ff 75 f4 pushl 0xfffffff4(%ebp)
402775: 68 f9 59 40 00 push $0x4059f9
40277a: 68 60 5a 40 00 push $0x405a60
40277f: e8 5c 12 00 00 call 4039e0 <_DbgPrint>
402784: 83 c4 10 add $0x10,%esp
402787: 83 ec 0c sub $0xc,%esp
40278a: ff 75 08 pushl 0x8(%ebp)
40278d: e8 3e 12 00 00 call 4039d0 <_NtClose at 4>
402792: 83 c4 0c add $0xc,%esp
402795: 83 ec 08 sub $0x8,%esp
402798: ff 75 f4 pushl 0xfffffff4(%ebp)
40279b: 6a fe push $0xfffffffe
40279d: e8 de 11 00 00 call 403980 <_NtTerminateThread at 8>
4027a2: 83 c4 08 add $0x8,%esp
4027a5: 8b 7d fc mov 0xfffffffc(%ebp),%edi
4027a8: c9 leave
4027a9: c2 04 00 ret $0x4
004027ac <_SmCreateApiPort>:
4027ac: 55 push %ebp
4027ad: 89 e5 mov %esp,%ebp
4027af: 57 push %edi
4027b0: 83 ec 34 sub $0x34,%esp
4027b3: 8d 7d d8 lea 0xffffffd8(%ebp),%edi
4027b6: fc cld
4027b7: ba 00 00 00 00 mov $0x0,%edx
4027bc: b8 06 00 00 00 mov $0x6,%eax
4027c1: 89 c1 mov %eax,%ecx
4027c3: 89 d0 mov %edx,%eax
4027c5: f3 ab repz stos %eax,%es:(%edi)
4027c7: c7 45 d0 00 00 00 00 movl $0x0,0xffffffd0(%ebp)
4027ce: c7 45 d4 00 00 00 00 movl $0x0,0xffffffd4(%ebp)
4027d5: c7 45 cc 00 00 00 00 movl $0x0,0xffffffcc(%ebp)
4027dc: 66 c7 45 d0 14 00 movw $0x14,0xffffffd0(%ebp)
4027e2: 66 c7 45 d2 16 00 movw $0x16,0xffffffd2(%ebp)
4027e8: c7 45 d4 9c 5a 40 00 movl $0x405a9c,0xffffffd4(%ebp)
4027ef: c7 45 d8 18 00 00 00 movl $0x18,0xffffffd8(%ebp)
4027f6: 8d 45 d0 lea 0xffffffd0(%ebp),%eax
4027f9: 89 45 e0 mov %eax,0xffffffe0(%ebp)
4027fc: c7 45 e4 01 00 00 00 movl $0x1,0xffffffe4(%ebp)
402803: c7 45 dc 00 00 00 00 movl $0x0,0xffffffdc(%ebp)
40280a: c7 45 e8 00 00 00 00 movl $0x0,0xffffffe8(%ebp)
402811: c7 45 ec 00 00 00 00 movl $0x0,0xffffffec(%ebp)
402818: 83 ec 0c sub $0xc,%esp
40281b: 6a 00 push $0x0
40281d: 6a 00 push $0x0
40281f: 6a 00 push $0x0
402821: 8d 45 d8 lea 0xffffffd8(%ebp),%eax
402824: 50 push %eax
402825: 68 c0 40 40 00 push $0x4040c0
40282a: e8 c1 13 00 00 call 403bf0 <_NtCreatePort at 20>
40282f: 83 c4 0c add $0xc,%esp
402832: 89 45 cc mov %eax,0xffffffcc(%ebp)
402835: 83 7d cc 00 cmpl $0x0,0xffffffcc(%ebp)
402839: 79 08 jns 402843 <_SmCreateApiPort+0x97>
40283b: 8b 45 cc mov 0xffffffcc(%ebp),%eax
40283e: 89 45 c8 mov %eax,0xffffffc8(%ebp)
402841: eb 2c jmp 40286f <_SmCreateApiPort+0xc3>
402843: 83 ec 08 sub $0x8,%esp
402846: 6a 00 push $0x0
402848: 6a 00 push $0x0
40284a: ff 35 c0 40 40 00 pushl 0x4040c0
402850: 68 c0 26 40 00 push $0x4026c0
402855: 6a 00 push $0x0
402857: 6a 00 push $0x0
402859: 6a 00 push $0x0
40285b: 6a 00 push $0x0
40285d: 6a 00 push $0x0
40285f: 6a ff push $0xffffffff
402861: e8 6a 13 00 00 call 403bd0 <_RtlCreateUserThread at 40>
402866: 83 c4 08 add $0x8,%esp
402869: 8b 45 cc mov 0xffffffcc(%ebp),%eax
40286c: 89 45 c8 mov %eax,0xffffffc8(%ebp)
40286f: 8b 45 c8 mov 0xffffffc8(%ebp),%eax
402872: 8b 7d fc mov 0xfffffffc(%ebp),%edi
402875: c9 leave
402876: c3 ret
402877: 90 nop
402878: 90 nop
402879: 90 nop
40287a: 90 nop
40287b: 90 nop
40287c: 90 nop
40287d: 90 nop
40287e: 90 nop
40287f: 90 nop
00402880 <@SmCompSes at 4>:
402880: 55 push %ebp
402881: 89 e5 mov %esp,%ebp
402883: 83 ec 08 sub $0x8,%esp
402886: 89 4d fc mov %ecx,0xfffffffc(%ebp)
402889: c7 45 f8 00 00 00 00 movl $0x0,0xfffffff8(%ebp)
402890: 83 ec 0c sub $0xc,%esp
402893: 8b 45 fc mov 0xfffffffc(%ebp),%eax
402896: ff 70 08 pushl 0x8(%eax)
402899: e8 73 07 00 00 call 403011 <_SmCompleteClientInitialization at 4>
40289e: 83 c4 0c add $0xc,%esp
4028a1: 89 45 f8 mov %eax,0xfffffff8(%ebp)
4028a4: 83 7d f8 00 cmpl $0x0,0xfffffff8(%ebp)
4028a8: 79 0a jns 4028b4 <@SmCompSes at 4+0x34>
4028aa: 8b 45 fc mov 0xfffffffc(%ebp),%eax
4028ad: c7 40 1c 01 00 00 c0 movl $0xc0000001,0x1c(%eax)
4028b4: 8b 45 f8 mov 0xfffffff8(%ebp),%eax
4028b7: c9 leave
4028b8: c3 ret
4028b9: 90 nop
4028ba: 90 nop
4028bb: 90 nop
4028bc: 90 nop
4028bd: 90 nop
4028be: 90 nop
4028bf: 90 nop
004028c0 <_SmCreateUserProcess at 24>:
4028c0: 55 push %ebp
4028c1: 89 e5 mov %esp,%ebp
4028c3: 57 push %edi
4028c4: 81 ec 84 00 00 00 sub $0x84,%esp
4028ca: 8b 45 10 mov 0x10(%ebp),%eax
4028cd: 8b 55 18 mov 0x18(%ebp),%edx
4028d0: 88 45 f7 mov %al,0xfffffff7(%ebp)
4028d3: 88 55 f6 mov %dl,0xfffffff6(%ebp)
4028d6: c7 45 e8 00 00 00 00 movl $0x0,0xffffffe8(%ebp)
4028dd: c7 45 ec 00 00 00 00 movl $0x0,0xffffffec(%ebp)
4028e4: c7 45 e0 00 00 00 00 movl $0x0,0xffffffe0(%ebp)
4028eb: c7 45 e4 00 00 00 00 movl $0x0,0xffffffe4(%ebp)
4028f2: c7 45 dc 00 00 00 00 movl $0x0,0xffffffdc(%ebp)
4028f9: 8d 7d 88 lea 0xffffff88(%ebp),%edi
4028fc: fc cld
4028fd: ba 00 00 00 00 mov $0x0,%edx
402902: b8 11 00 00 00 mov $0x11,%eax
402907: 89 c1 mov %eax,%ecx
402909: 89 d0 mov %edx,%eax
40290b: f3 ab repz stos %eax,%es:(%edi)
40290d: 8d 45 88 lea 0xffffff88(%ebp),%eax
402910: 89 45 84 mov %eax,0xffffff84(%ebp)
402913: c7 45 80 00 00 00 00 movl $0x0,0xffffff80(%ebp)
40291a: 83 ec 08 sub $0x8,%esp
40291d: ff 75 08 pushl 0x8(%ebp)
402920: 8d 45 e8 lea 0xffffffe8(%ebp),%eax
402923: 50 push %eax
402924: e8 67 10 00 00 call 403990 <_RtlInitUnicodeString at 8>
402929: 83 c4 08 add $0x8,%esp
40292c: 83 ec 08 sub $0x8,%esp
40292f: ff 75 0c pushl 0xc(%ebp)
402932: 8d 45 e0 lea 0xffffffe0(%ebp),%eax
402935: 50 push %eax
402936: e8 55 10 00 00 call 403990 <_RtlInitUnicodeString at 8>
40293b: 83 c4 08 add $0x8,%esp
40293e: 83 ec 08 sub $0x8,%esp
402941: 6a 00 push $0x0
402943: 6a 00 push $0x0
402945: 6a 00 push $0x0
402947: 6a 00 push $0x0
402949: ff 35 20 60 40 00 pushl 0x406020
40294f: 8d 45 e0 lea 0xffffffe0(%ebp),%eax
402952: 50 push %eax
402953: 6a 00 push $0x0
402955: 6a 00 push $0x0
402957: 8d 45 e8 lea 0xffffffe8(%ebp),%eax
40295a: 50 push %eax
40295b: 8d 45 dc lea 0xffffffdc(%ebp),%eax
40295e: 50 push %eax
40295f: e8 9c 12 00 00 call 403c00 <_RtlCreateProcessParameters at 40>
402964: 83 c4 08 add $0x8,%esp
402967: 83 7d 1c 00 cmpl $0x0,0x1c(%ebp)
40296b: 74 06 je 402973 <_SmCreateUserProcess at 24+0xb3>
40296d: 8b 45 1c mov 0x1c(%ebp),%eax
402970: 89 45 84 mov %eax,0xffffff84(%ebp)
402973: 83 ec 08 sub $0x8,%esp
402976: ff 75 84 pushl 0xffffff84(%ebp)
402979: 6a 00 push $0x0
40297b: 6a 00 push $0x0
40297d: 6a 00 push $0x0
40297f: 6a 00 push $0x0
402981: 6a 00 push $0x0
402983: 6a 00 push $0x0
402985: ff 75 dc pushl 0xffffffdc(%ebp)
402988: 6a 40 push $0x40
40298a: 8d 45 e8 lea 0xffffffe8(%ebp),%eax
40298d: 50 push %eax
40298e: e8 7d 12 00 00 call 403c10 <_RtlCreateUserProcess at 40>
402993: 83 c4 08 add $0x8,%esp
402996: 89 45 80 mov %eax,0xffffff80(%ebp)
402999: 83 ec 0c sub $0xc,%esp
40299c: ff 75 dc pushl 0xffffffdc(%ebp)
40299f: e8 7c 12 00 00 call 403c20 <_RtlDestroyProcessParameters at 4>
4029a4: 83 c4 0c add $0xc,%esp
4029a7: 83 7d 80 00 cmpl $0x0,0xffffff80(%ebp)
4029ab: 79 3a jns 4029e7 <_SmCreateUserProcess at 24+0x127>
4029ad: 83 ec 04 sub $0x4,%esp
4029b0: 6a 59 push $0x59
4029b2: 68 c0 5a 40 00 push $0x405ac0
4029b7: 68 cc 5a 40 00 push $0x405acc
4029bc: e8 1f 10 00 00 call 4039e0 <_DbgPrint>
4029c1: 83 c4 10 add $0x10,%esp
4029c4: ff 75 80 pushl 0xffffff80(%ebp)
4029c7: ff 75 ec pushl 0xffffffec(%ebp)
4029ca: 68 d5 5a 40 00 push $0x405ad5
4029cf: 68 00 5b 40 00 push $0x405b00
4029d4: e8 07 10 00 00 call 4039e0 <_DbgPrint>
4029d9: 83 c4 10 add $0x10,%esp
4029dc: 8b 45 80 mov 0xffffff80(%ebp),%eax
4029df: 89 85 7c ff ff ff mov %eax,0xffffff7c(%ebp)
4029e5: eb 61 jmp 402a48 <_SmCreateUserProcess at 24+0x188>
4029e7: 83 ec 08 sub $0x8,%esp
4029ea: 6a 00 push $0x0
4029ec: 8b 45 84 mov 0xffffff84(%ebp),%eax
4029ef: ff 70 08 pushl 0x8(%eax)
4029f2: e8 39 12 00 00 call 403c30 <_ZwResumeThread at 8>
4029f7: 83 c4 08 add $0x8,%esp
4029fa: 80 7d f7 00 cmpb $0x0,0xfffffff7(%ebp)
4029fe: 74 16 je 402a16 <_SmCreateUserProcess at 24+0x156>
402a00: 83 ec 04 sub $0x4,%esp
402a03: ff 75 14 pushl 0x14(%ebp)
402a06: 6a 00 push $0x0
402a08: 8b 45 84 mov 0xffffff84(%ebp),%eax
402a0b: ff 70 04 pushl 0x4(%eax)
402a0e: e8 ad 0f 00 00 call 4039c0 <_NtWaitForSingleObject at 12>
402a13: 83 c4 04 add $0x4,%esp
402a16: 80 7d f6 00 cmpb $0x0,0xfffffff6(%ebp)
402a1a: 74 22 je 402a3e <_SmCreateUserProcess at 24+0x17e>
402a1c: 83 ec 0c sub $0xc,%esp
402a1f: 8b 45 84 mov 0xffffff84(%ebp),%eax
402a22: ff 70 08 pushl 0x8(%eax)
402a25: e8 a6 0f 00 00 call 4039d0 <_NtClose at 4>
402a2a: 83 c4 0c add $0xc,%esp
402a2d: 83 ec 0c sub $0xc,%esp
402a30: 8b 45 84 mov 0xffffff84(%ebp),%eax
402a33: ff 70 04 pushl 0x4(%eax)
402a36: e8 95 0f 00 00 call 4039d0 <_NtClose at 4>
402a3b: 83 c4 0c add $0xc,%esp
402a3e: c7 85 7c ff ff ff 00 movl $0x0,0xffffff7c(%ebp)
402a45: 00 00 00
402a48: 8b 85 7c ff ff ff mov 0xffffff7c(%ebp),%eax
402a4e: 8b 7d fc mov 0xfffffffc(%ebp),%edi
402a51: c9 leave
402a52: c2 18 00 ret $0x18
00402a55 <_SmLookupSubsystem at 20>:
402a55: 55 push %ebp
402a56: 89 e5 mov %esp,%ebp
402a58: 57 push %edi
402a59: b8 84 18 00 00 mov $0x1884,%eax
402a5e: e8 bd 12 00 00 call 403d20 <___chkstk>
402a63: 8b 45 18 mov 0x18(%ebp),%eax
402a66: 88 45 f7 mov %al,0xfffffff7(%ebp)
402a69: c7 45 f0 00 00 00 00 movl $0x0,0xfffffff0(%ebp)
402a70: c7 45 e8 00 00 00 00 movl $0x0,0xffffffe8(%ebp)
402a77: c7 45 ec 00 00 00 00 movl $0x0,0xffffffec(%ebp)
402a7e: 8d 7d c8 lea 0xffffffc8(%ebp),%edi
402a81: fc cld
402a82: ba 00 00 00 00 mov $0x0,%edx
402a87: b8 06 00 00 00 mov $0x6,%eax
402a8c: 89 c1 mov %eax,%ecx
402a8e: 89 d0 mov %edx,%eax
402a90: f3 ab repz stos %eax,%es:(%edi)
402a92: c7 45 c4 00 00 00 00 movl $0x0,0xffffffc4(%ebp)
402a99: 83 ec 08 sub $0x8,%esp
402a9c: 68 40 5b 40 00 push $0x405b40
402aa1: 8d 45 e8 lea 0xffffffe8(%ebp),%eax
402aa4: 50 push %eax
402aa5: e8 e6 0e 00 00 call 403990 <_RtlInitUnicodeString at 8>
402aaa: 83 c4 08 add $0x8,%esp
402aad: c7 45 c8 18 00 00 00 movl $0x18,0xffffffc8(%ebp)
402ab4: 8d 45 e8 lea 0xffffffe8(%ebp),%eax
402ab7: 89 45 d0 mov %eax,0xffffffd0(%ebp)
402aba: c7 45 d4 40 00 00 00 movl $0x40,0xffffffd4(%ebp)
402ac1: c7 45 cc 00 00 00 00 movl $0x0,0xffffffcc(%ebp)
402ac8: c7 45 d8 00 00 00 00 movl $0x0,0xffffffd8(%ebp)
402acf: c7 45 dc 00 00 00 00 movl $0x0,0xffffffdc(%ebp)
402ad6: 83 ec 04 sub $0x4,%esp
402ad9: 8d 45 c8 lea 0xffffffc8(%ebp),%eax
402adc: 50 push %eax
402add: 68 00 00 00 02 push $0x2000000
402ae2: 8d 45 c4 lea 0xffffffc4(%ebp),%eax
402ae5: 50 push %eax
402ae6: e8 55 11 00 00 call 403c40 <_NtOpenKey at 12>
402aeb: 83 c4 04 add $0x4,%esp
402aee: 89 45 f0 mov %eax,0xfffffff0(%ebp)
402af1: 83 7d f0 00 cmpl $0x0,0xfffffff0(%ebp)
402af5: 0f 88 c1 02 00 00 js 402dbc <_SmLookupSubsystem at 20+0x367>
402afb: c7 45 b8 00 00 00 00 movl $0x0,0xffffffb8(%ebp)
402b02: c7 45 bc 00 00 00 00 movl $0x0,0xffffffbc(%ebp)
402b09: 8d bd b8 f7 ff ff lea 0xfffff7b8(%ebp),%edi
402b0f: fc cld
402b10: ba 00 00 00 00 mov $0x0,%edx
402b15: b8 00 02 00 00 mov $0x200,%eax
402b1a: 89 c1 mov %eax,%ecx
402b1c: 89 d0 mov %edx,%eax
402b1e: f3 ab repz stos %eax,%es:(%edi)
402b20: c7 85 b4 f7 ff ff 00 movl $0x0,0xfffff7b4(%ebp)
402b27: 00 00 00
402b2a: 8d 85 b8 f7 ff ff lea 0xfffff7b8(%ebp),%eax
402b30: 89 85 b0 f7 ff ff mov %eax,0xfffff7b0(%ebp)
402b36: 83 ec 08 sub $0x8,%esp
402b39: ff 75 08 pushl 0x8(%ebp)
402b3c: 8d 45 b8 lea 0xffffffb8(%ebp),%eax
402b3f: 50 push %eax
402b40: e8 4b 0e 00 00 call 403990 <_RtlInitUnicodeString at 8>
402b45: 83 c4 08 add $0x8,%esp
402b48: 83 ec 08 sub $0x8,%esp
402b4b: 8d 85 b4 f7 ff ff lea 0xfffff7b4(%ebp),%eax
402b51: 50 push %eax
402b52: 68 00 08 00 00 push $0x800
402b57: 8d 85 b8 f7 ff ff lea 0xfffff7b8(%ebp),%eax
402b5d: 50 push %eax
402b5e: 6a 02 push $0x2
402b60: 8d 45 b8 lea 0xffffffb8(%ebp),%eax
402b63: 50 push %eax
402b64: ff 75 c4 pushl 0xffffffc4(%ebp)
402b67: e8 e4 10 00 00 call 403c50 <_NtQueryValueKey at 24>
402b6c: 83 c4 08 add $0x8,%esp
402b6f: 89 45 f0 mov %eax,0xfffffff0(%ebp)
402b72: 83 7d f0 00 cmpl $0x0,0xfffffff0(%ebp)
402b76: 0f 88 fe 01 00 00 js 402d7a <_SmLookupSubsystem at 20+0x325>
402b7c: 83 7d 0c 00 cmpl $0x0,0xc(%ebp)
402b80: 0f 84 bc 01 00 00 je 402d42 <_SmLookupSubsystem at 20+0x2ed>
402b86: 83 7d 10 00 cmpl $0x0,0x10(%ebp)
402b8a: 0f 84 b2 01 00 00 je 402d42 <_SmLookupSubsystem at 20+0x2ed>
402b90: 83 7d 14 00 cmpl $0x0,0x14(%ebp)
402b94: 0f 84 a8 01 00 00 je 402d42 <_SmLookupSubsystem at 20+0x2ed>
402b9a: 8b 45 14 mov 0x14(%ebp),%eax
402b9d: 8b 95 b0 f7 ff ff mov 0xfffff7b0(%ebp),%edx
402ba3: 8b 52 04 mov 0x4(%edx),%edx
402ba6: 89 10 mov %edx,(%eax)
402ba8: 80 7d f7 00 cmpb $0x0,0xfffffff7(%ebp)
402bac: 0f 84 16 01 00 00 je 402cc8 <_SmLookupSubsystem at 20+0x273>
402bb2: 8b 45 14 mov 0x14(%ebp),%eax
402bb5: 83 38 02 cmpl $0x2,(%eax)
402bb8: 0f 85 0a 01 00 00 jne 402cc8 <_SmLookupSubsystem at 20+0x273>
402bbe: 8d bd a8 e7 ff ff lea 0xffffe7a8(%ebp),%edi
402bc4: fc cld
402bc5: ba 00 00 00 00 mov $0x0,%edx
402bca: b8 00 04 00 00 mov $0x400,%eax
402bcf: 89 c1 mov %eax,%ecx
402bd1: 89 d0 mov %edx,%eax
402bd3: f3 ab repz stos %eax,%es:(%edi)
402bd5: c7 85 9c e7 ff ff 00 movl $0x0,0xffffe79c(%ebp)
402bdc: 00 00 00
402bdf: 8b 85 b0 f7 ff ff mov 0xfffff7b0(%ebp),%eax
402be5: 66 8b 40 08 mov 0x8(%eax),%ax
402be9: 66 89 85 a8 f7 ff ff mov %ax,0xfffff7a8(%ebp)
402bf0: 8b 85 b0 f7 ff ff mov 0xfffff7b0(%ebp),%eax
402bf6: 66 8b 40 08 mov 0x8(%eax),%ax
402bfa: 66 89 85 aa f7 ff ff mov %ax,0xfffff7aa(%ebp)
402c01: 8b 85 b0 f7 ff ff mov 0xfffff7b0(%ebp),%eax
402c07: 83 c0 0c add $0xc,%eax
402c0a: 89 85 ac f7 ff ff mov %eax,0xfffff7ac(%ebp)
402c10: 66 c7 85 a0 e7 ff ff movw $0x0,0xffffe7a0(%ebp)
402c17: 00 00
402c19: 66 c7 85 a2 e7 ff ff movw $0x1000,0xffffe7a2(%ebp)
402c20: 00 10
402c22: 8d 85 a8 e7 ff ff lea 0xffffe7a8(%ebp),%eax
402c28: 89 85 a4 e7 ff ff mov %eax,0xffffe7a4(%ebp)
402c2e: 8d 85 9c e7 ff ff lea 0xffffe79c(%ebp),%eax
402c34: 50 push %eax
402c35: 8d 85 a0 e7 ff ff lea 0xffffe7a0(%ebp),%eax
402c3b: 50 push %eax
402c3c: 8d 85 a8 f7 ff ff lea 0xfffff7a8(%ebp),%eax
402c42: 50 push %eax
402c43: ff 35 20 60 40 00 pushl 0x406020
402c49: e8 12 10 00 00 call 403c60 <_RtlExpandEnvironmentStrings_U at 16>
402c4e: 89 45 f0 mov %eax,0xfffffff0(%ebp)
402c51: 83 7d f0 00 cmpl $0x0,0xfffffff0(%ebp)
402c55: 0f 88 d7 00 00 00 js 402d32 <_SmLookupSubsystem at 20+0x2dd>
402c5b: 8b 55 10 mov 0x10(%ebp),%edx
402c5e: 89 95 98 e7 ff ff mov %edx,0xffffe798(%ebp)
402c64: 8b 45 10 mov 0x10(%ebp),%eax
402c67: 89 85 90 e7 ff ff mov %eax,0xffffe790(%ebp)
402c6d: 8b 85 a0 e7 ff ff mov 0xffffe7a0(%ebp),%eax
402c73: 89 c2 mov %eax,%edx
402c75: 81 e2 ff ff 00 00 and $0xffff,%edx
402c7b: 89 95 94 e7 ff ff mov %edx,0xffffe794(%ebp)
402c81: 8b 95 94 e7 ff ff mov 0xffffe794(%ebp),%edx
402c87: 8b 85 90 e7 ff ff mov 0xffffe790(%ebp),%eax
402c8d: 3b 10 cmp (%eax),%edx
402c8f: 76 0e jbe 402c9f <_SmLookupSubsystem at 20+0x24a>
402c91: 8b 85 90 e7 ff ff mov 0xffffe790(%ebp),%eax
402c97: 8b 00 mov (%eax),%eax
402c99: 89 85 94 e7 ff ff mov %eax,0xffffe794(%ebp)
402c9f: 8b 85 94 e7 ff ff mov 0xffffe794(%ebp),%eax
402ca5: 8b 95 98 e7 ff ff mov 0xffffe798(%ebp),%edx
402cab: 89 02 mov %eax,(%edx)
402cad: 83 ec 04 sub $0x4,%esp
402cb0: 8b 45 10 mov 0x10(%ebp),%eax
402cb3: ff 30 pushl (%eax)
402cb5: ff b5 a4 e7 ff ff pushl 0xffffe7a4(%ebp)
402cbb: ff 75 0c pushl 0xc(%ebp)
402cbe: e8 dd 0d 00 00 call 403aa0 <_memcpy>
402cc3: 83 c4 10 add $0x10,%esp
402cc6: eb 6a jmp 402d32 <_SmLookupSubsystem at 20+0x2dd>
402cc8: 8b 55 10 mov 0x10(%ebp),%edx
402ccb: 89 95 8c e7 ff ff mov %edx,0xffffe78c(%ebp)
402cd1: 8b 45 10 mov 0x10(%ebp),%eax
402cd4: 89 85 84 e7 ff ff mov %eax,0xffffe784(%ebp)
402cda: 8b 85 b0 f7 ff ff mov 0xfffff7b0(%ebp),%eax
402ce0: 8b 40 08 mov 0x8(%eax),%eax
402ce3: 89 85 88 e7 ff ff mov %eax,0xffffe788(%ebp)
402ce9: 8b 85 88 e7 ff ff mov 0xffffe788(%ebp),%eax
402cef: 8b 95 84 e7 ff ff mov 0xffffe784(%ebp),%edx
402cf5: 3b 02 cmp (%edx),%eax
402cf7: 76 0e jbe 402d07 <_SmLookupSubsystem at 20+0x2b2>
402cf9: 8b 95 84 e7 ff ff mov 0xffffe784(%ebp),%edx
402cff: 8b 12 mov (%edx),%edx
402d01: 89 95 88 e7 ff ff mov %edx,0xffffe788(%ebp)
402d07: 8b 95 88 e7 ff ff mov 0xffffe788(%ebp),%edx
402d0d: 8b 85 8c e7 ff ff mov 0xffffe78c(%ebp),%eax
402d13: 89 10 mov %edx,(%eax)
402d15: 83 ec 04 sub $0x4,%esp
402d18: 8b 45 10 mov 0x10(%ebp),%eax
402d1b: ff 30 pushl (%eax)
402d1d: 8b 85 b0 f7 ff ff mov 0xfffff7b0(%ebp),%eax
402d23: 83 c0 0c add $0xc,%eax
402d26: 50 push %eax
402d27: ff 75 0c pushl 0xc(%ebp)
402d2a: e8 71 0d 00 00 call 403aa0 <_memcpy>
402d2f: 83 c4 10 add $0x10,%esp
402d32: 8b 45 14 mov 0x14(%ebp),%eax
402d35: 8b 95 b0 f7 ff ff mov 0xfffff7b0(%ebp),%edx
402d3b: 8b 52 04 mov 0x4(%edx),%edx
402d3e: 89 10 mov %edx,(%eax)
402d40: eb 6a jmp 402dac <_SmLookupSubsystem at 20+0x357>
402d42: 83 ec 04 sub $0x4,%esp
402d45: 68 df 00 00 00 push $0xdf
402d4a: 68 c0 5a 40 00 push $0x405ac0
402d4f: 68 cc 5a 40 00 push $0x405acc
402d54: e8 87 0c 00 00 call 4039e0 <_DbgPrint>
402d59: 83 c4 10 add $0x10,%esp
402d5c: 83 ec 08 sub $0x8,%esp
402d5f: 68 dc 5b 40 00 push $0x405bdc
402d64: 68 00 5c 40 00 push $0x405c00
402d69: e8 72 0c 00 00 call 4039e0 <_DbgPrint>
402d6e: 83 c4 10 add $0x10,%esp
402d71: c7 45 f0 0d 00 00 c0 movl $0xc000000d,0xfffffff0(%ebp)
402d78: eb 32 jmp 402dac <_SmLookupSubsystem at 20+0x357>
402d7a: 83 ec 04 sub $0x4,%esp
402d7d: 68 e3 00 00 00 push $0xe3
402d82: 68 c0 5a 40 00 push $0x405ac0
402d87: 68 cc 5a 40 00 push $0x405acc
402d8c: e8 4f 0c 00 00 call 4039e0 <_DbgPrint>
402d91: 83 c4 10 add $0x10,%esp
402d94: 83 ec 04 sub $0x4,%esp
402d97: ff 75 f0 pushl 0xfffffff0(%ebp)
402d9a: 68 dc 5b 40 00 push $0x405bdc
402d9f: 68 40 5c 40 00 push $0x405c40
402da4: e8 37 0c 00 00 call 4039e0 <_DbgPrint>
402da9: 83 c4 10 add $0x10,%esp
402dac: 83 ec 0c sub $0xc,%esp
402daf: ff 75 c4 pushl 0xffffffc4(%ebp)
402db2: e8 19 0c 00 00 call 4039d0 <_NtClose at 4>
402db7: 83 c4 0c add $0xc,%esp
402dba: eb 32 jmp 402dee <_SmLookupSubsystem at 20+0x399>
402dbc: 83 ec 04 sub $0x4,%esp
402dbf: 68 e7 00 00 00 push $0xe7
402dc4: 68 c0 5a 40 00 push $0x405ac0
402dc9: 68 cc 5a 40 00 push $0x405acc
402dce: e8 0d 0c 00 00 call 4039e0 <_DbgPrint>
402dd3: 83 c4 10 add $0x10,%esp
402dd6: 83 ec 04 sub $0x4,%esp
402dd9: ff 75 f0 pushl 0xfffffff0(%ebp)
402ddc: 68 dc 5b 40 00 push $0x405bdc
402de1: 68 80 5c 40 00 push $0x405c80
402de6: e8 f5 0b 00 00 call 4039e0 <_DbgPrint>
402deb: 83 c4 10 add $0x10,%esp
402dee: 8b 45 f0 mov 0xfffffff0(%ebp),%eax
402df1: 8b 7d fc mov 0xfffffffc(%ebp),%edi
402df4: c9 leave
402df5: c2 14 00 ret $0x14
00402df8 <@SmExecPgm at 4>:
402df8: 55 push %ebp
402df9: 89 e5 mov %esp,%ebp
402dfb: 57 push %edi
402dfc: 53 push %ebx
402dfd: 81 ec b0 04 00 00 sub $0x4b0,%esp
402e03: 89 4d f4 mov %ecx,0xfffffff4(%ebp)
402e06: c7 45 f0 00 00 00 00 movl $0x0,0xfffffff0(%ebp)
402e0d: c7 45 94 00 00 00 00 movl $0x0,0xffffff94(%ebp)
402e14: 83 7d f4 00 cmpl $0x0,0xfffffff4(%ebp)
402e18: 75 3e jne 402e58 <@SmExecPgm at 4+0x60>
402e1a: 83 ec 04 sub $0x4,%esp
402e1d: 68 fa 00 00 00 push $0xfa
402e22: 68 c0 5a 40 00 push $0x405ac0
402e27: 68 cc 5a 40 00 push $0x405acc
402e2c: e8 af 0b 00 00 call 4039e0 <_DbgPrint>
402e31: 83 c4 10 add $0x10,%esp
402e34: 83 ec 08 sub $0x8,%esp
402e37: 68 a7 5c 40 00 push $0x405ca7
402e3c: 68 b1 5c 40 00 push $0x405cb1
402e41: e8 9a 0b 00 00 call 4039e0 <_DbgPrint>
402e46: 83 c4 10 add $0x10,%esp
402e49: c7 85 54 fb ff ff 0d movl $0xc000000d,0xfffffb54(%ebp)
402e50: 00 00 c0
402e53: e9 57 01 00 00 jmp 402faf <@SmExecPgm at 4+0x1b7>
402e58: 8b 45 f4 mov 0xfffffff4(%ebp),%eax
402e5b: 83 c0 20 add $0x20,%eax
402e5e: 89 45 f0 mov %eax,0xfffffff0(%ebp)
402e61: 8b 45 f0 mov 0xfffffff0(%ebp),%eax
402e64: 83 38 00 cmpl $0x0,(%eax)
402e67: 0f 84 28 01 00 00 je 402f95 <@SmExecPgm at 4+0x19d>
402e6d: 8b 45 f0 mov 0xfffffff0(%ebp),%eax
402e70: 83 38 20 cmpl $0x20,(%eax)
402e73: 0f 87 1c 01 00 00 ja 402f95 <@SmExecPgm at 4+0x19d>
402e79: 83 ec 08 sub $0x8,%esp
402e7c: 6a 42 push $0x42
402e7e: 8d 45 98 lea 0xffffff98(%ebp),%eax
402e81: 50 push %eax
402e82: e8 99 0b 00 00 call 403a20 <_RtlZeroMemory at 8>
402e87: 83 c4 08 add $0x8,%esp
402e8a: 83 ec 04 sub $0x4,%esp
402e8d: 8b 45 f0 mov 0xfffffff0(%ebp),%eax
402e90: 8b 00 mov (%eax),%eax
402e92: 01 c0 add %eax,%eax
402e94: 50 push %eax
402e95: 8b 45 f0 mov 0xfffffff0(%ebp),%eax
402e98: 83 c0 04 add $0x4,%eax
402e9b: 50 push %eax
402e9c: 8d 45 98 lea 0xffffff98(%ebp),%eax
402e9f: 50 push %eax
402ea0: e8 fb 0b 00 00 call 403aa0 <_memcpy>
402ea5: 83 c4 10 add $0x10,%esp
402ea8: 83 ec 08 sub $0x8,%esp
402eab: 8d 45 98 lea 0xffffff98(%ebp),%eax
402eae: 50 push %eax
402eaf: 68 cc 5c 40 00 push $0x405ccc
402eb4: e8 67 0c 00 00 call 403b20 <__wcsicmp>
402eb9: 83 c4 10 add $0x10,%esp
402ebc: 85 c0 test %eax,%eax
402ebe: 75 10 jne 402ed0 <@SmExecPgm at 4+0xd8>
402ec0: 8b 5d f4 mov 0xfffffff4(%ebp),%ebx
402ec3: e8 0a 07 00 00 call 4035d2 <_SmInitializeDbgSs>
402ec8: 89 43 1c mov %eax,0x1c(%ebx)
402ecb: e9 d6 00 00 00 jmp 402fa6 <@SmExecPgm at 4+0x1ae>
402ed0: 8d bd 78 fd ff ff lea 0xfffffd78(%ebp),%edi
402ed6: fc cld
402ed7: b9 0a 02 00 00 mov $0x20a,%ecx
402edc: b0 00 mov $0x0,%al
402ede: f3 aa repz stos %al,%es:(%edi)
402ee0: c7 85 74 fd ff ff 0a movl $0x20a,0xfffffd74(%ebp)
402ee7: 02 00 00
402eea: c7 85 70 fd ff ff 02 movl $0x2,0xfffffd70(%ebp)
402ef1: 00 00 00
402ef4: 83 ec 0c sub $0xc,%esp
402ef7: 6a 01 push $0x1
402ef9: 8d 85 70 fd ff ff lea 0xfffffd70(%ebp),%eax
402eff: 50 push %eax
402f00: 8d 85 74 fd ff ff lea 0xfffffd74(%ebp),%eax
402f06: 50 push %eax
402f07: 8d 85 78 fd ff ff lea 0xfffffd78(%ebp),%eax
402f0d: 50 push %eax
402f0e: 8d 45 98 lea 0xffffff98(%ebp),%eax
402f11: 50 push %eax
402f12: e8 3e fb ff ff call 402a55 <_SmLookupSubsystem at 20>
402f17: 83 c4 0c add $0xc,%esp
402f1a: 89 45 94 mov %eax,0xffffff94(%ebp)
402f1d: 83 7d 94 00 cmpl $0x0,0xffffff94(%ebp)
402f21: 78 67 js 402f8a <@SmExecPgm at 4+0x192>
402f23: 8d bd 58 fb ff ff lea 0xfffffb58(%ebp),%edi
402f29: fc cld
402f2a: b9 0a 02 00 00 mov $0x20a,%ecx
402f2f: b0 00 mov $0x0,%al
402f31: f3 aa repz stos %al,%es:(%edi)
402f33: 83 ec 08 sub $0x8,%esp
402f36: 68 d8 5c 40 00 push $0x405cd8
402f3b: 8d 85 58 fb ff ff lea 0xfffffb58(%ebp),%eax
402f41: 50 push %eax
402f42: e8 f9 0a 00 00 call 403a40 <_wcscpy>
402f47: 83 c4 10 add $0x10,%esp
402f4a: 83 ec 08 sub $0x8,%esp
402f4d: 8d 85 78 fd ff ff lea 0xfffffd78(%ebp),%eax
402f53: 50 push %eax
402f54: 8d 85 58 fb ff ff lea 0xfffffb58(%ebp),%eax
402f5a: 50 push %eax
402f5b: e8 20 0b 00 00 call 403a80 <_wcscat>
402f60: 83 c4 10 add $0x10,%esp
402f63: 8b 5d f4 mov 0xfffffff4(%ebp),%ebx
402f66: 83 ec 08 sub $0x8,%esp
402f69: 6a 00 push $0x0
402f6b: 6a 00 push $0x0
402f6d: 6a 00 push $0x0
402f6f: 6a 00 push $0x0
402f71: 68 e2 5c 40 00 push $0x405ce2
402f76: 8d 85 58 fb ff ff lea 0xfffffb58(%ebp),%eax
402f7c: 50 push %eax
402f7d: e8 3e f9 ff ff call 4028c0 <_SmCreateUserProcess at 24>
402f82: 83 c4 08 add $0x8,%esp
402f85: 89 43 1c mov %eax,0x1c(%ebx)
402f88: eb 1c jmp 402fa6 <@SmExecPgm at 4+0x1ae>
402f8a: 8b 55 f4 mov 0xfffffff4(%ebp),%edx
402f8d: 8b 45 94 mov 0xffffff94(%ebp),%eax
402f90: 89 42 1c mov %eax,0x1c(%edx)
402f93: eb 11 jmp 402fa6 <@SmExecPgm at 4+0x1ae>
402f95: 8b 45 f4 mov 0xfffffff4(%ebp),%eax
402f98: c7 45 94 0d 00 00 c0 movl $0xc000000d,0xffffff94(%ebp)
402f9f: c7 40 1c 0d 00 00 c0 movl $0xc000000d,0x1c(%eax)
402fa6: 8b 45 94 mov 0xffffff94(%ebp),%eax
402fa9: 89 85 54 fb ff ff mov %eax,0xfffffb54(%ebp)
402faf: 8b 85 54 fb ff ff mov 0xfffffb54(%ebp),%eax
402fb5: 8d 65 f8 lea 0xfffffff8(%ebp),%esp
402fb8: 5b pop %ebx
402fb9: 5f pop %edi
402fba: 5d pop %ebp
402fbb: c3 ret
402fbc: 90 nop
402fbd: 90 nop
402fbe: 90 nop
402fbf: 90 nop
00402fc0 <@SmQryInfo at 4>:
402fc0: 55 push %ebp
402fc1: 89 e5 mov %esp,%ebp
402fc3: 83 ec 08 sub $0x8,%esp
402fc6: 89 4d fc mov %ecx,0xfffffffc(%ebp)
402fc9: c7 45 f8 00 00 00 00 movl $0x0,0xfffffff8(%ebp)
402fd0: 8b 45 fc mov 0xfffffffc(%ebp),%eax
402fd3: c7 40 1c 02 00 00 c0 movl $0xc0000002,0x1c(%eax)
402fda: 8b 45 f8 mov 0xfffffff8(%ebp),%eax
402fdd: c9 leave
402fde: c3 ret
402fdf: 90 nop
00402fe0 <_SmInitializeClientManagement>:
402fe0: 55 push %ebp
402fe1: 89 e5 mov %esp,%ebp
402fe3: 83 ec 08 sub $0x8,%esp
402fe6: 83 ec 0c sub $0xc,%esp
402fe9: 68 60 60 40 00 push $0x406060
402fee: e8 7d 0c 00 00 call 403c70 <_RtlInitializeCriticalSection at 4>
402ff3: 83 c4 0c add $0xc,%esp
402ff6: c7 05 78 60 40 00 00 movl $0x0,0x406078
402ffd: 00 00 00
403000: c7 05 7c 60 40 00 00 movl $0x0,0x40607c
403007: 00 00 00
40300a: b8 00 00 00 00 mov $0x0,%eax
40300f: c9 leave
403010: c3 ret
00403011 <_SmCompleteClientInitialization at 4>:
403011: 55 push %ebp
403012: 89 e5 mov %esp,%ebp
403014: 83 ec 08 sub $0x8,%esp
403017: c7 45 fc 00 00 00 00 movl $0x0,0xfffffffc(%ebp)
40301e: c7 45 f8 00 00 00 00 movl $0x0,0xfffffff8(%ebp)
403025: 83 ec 0c sub $0xc,%esp
403028: 68 60 60 40 00 push $0x406060
40302d: e8 4e 0c 00 00 call 403c80 <_RtlEnterCriticalSection at 4>
403032: 83 c4 0c add $0xc,%esp
403035: 83 3d 78 60 40 00 00 cmpl $0x0,0x406078
40303c: 74 3c je 40307a <_SmCompleteClientInitialization at 4+0x69>
40303e: a1 7c 60 40 00 mov 0x40607c,%eax
403043: 89 45 f8 mov %eax,0xfffffff8(%ebp)
403046: 83 7d f8 00 cmpl $0x0,0xfffffff8(%ebp)
40304a: 75 02 jne 40304e <_SmCompleteClientInitialization at 4+0x3d>
40304c: eb 25 jmp 403073 <_SmCompleteClientInitialization at 4+0x62>
40304e: 8b 55 f8 mov 0xfffffff8(%ebp),%edx
403051: 8b 45 08 mov 0x8(%ebp),%eax
403054: 3b 42 08 cmp 0x8(%edx),%eax
403057: 75 0c jne 403065 <_SmCompleteClientInitialization at 4+0x54>
403059: 8b 45 f8 mov 0xfffffff8(%ebp),%eax
40305c: c7 40 04 01 00 00 00 movl $0x1,0x4(%eax)
403063: eb 0e jmp 403073 <_SmCompleteClientInitialization at 4+0x62>
403065: 8b 45 f8 mov 0xfffffff8(%ebp),%eax
403068: 8b 80 08 01 00 00 mov 0x108(%eax),%eax
40306e: 89 45 f8 mov %eax,0xfffffff8(%ebp)
403071: eb d3 jmp 403046 <_SmCompleteClientInitialization at 4+0x35>
403073: c7 45 fc 25 02 00 c0 movl $0xc0000225,0xfffffffc(%ebp)
40307a: 83 ec 0c sub $0xc,%esp
40307d: 68 60 60 40 00 push $0x406060
403082: e8 09 0c 00 00 call 403c90 <_RtlLeaveCriticalSection at 4>
403087: 83 c4 0c add $0xc,%esp
40308a: 8b 45 fc mov 0xfffffffc(%ebp),%eax
40308d: c9 leave
40308e: c2 04 00 ret $0x4
00403091 <@SmpLookupClientUnsafe at 8>:
403091: 55 push %ebp
403092: 89 e5 mov %esp,%ebp
403094: 83 ec 0c sub $0xc,%esp
403097: 89 55 f8 mov %edx,0xfffffff8(%ebp)
40309a: 66 89 4d fe mov %cx,0xfffffffe(%ebp)
40309e: c7 45 f4 00 00 00 00 movl $0x0,0xfffffff4(%ebp)
4030a5: 83 7d f8 00 cmpl $0x0,0xfffffff8(%ebp)
4030a9: 74 09 je 4030b4 <@SmpLookupClientUnsafe at 8+0x23>
4030ab: 8b 45 f8 mov 0xfffffff8(%ebp),%eax
4030ae: c7 00 00 00 00 00 movl $0x0,(%eax)
4030b4: 83 3d 78 60 40 00 00 cmpl $0x0,0x406078
4030bb: 74 3a je 4030f7 <@SmpLookupClientUnsafe at 8+0x66>
4030bd: a1 7c 60 40 00 mov 0x40607c,%eax
4030c2: 89 45 f4 mov %eax,0xfffffff4(%ebp)
4030c5: 83 7d f4 00 cmpl $0x0,0xfffffff4(%ebp)
4030c9: 75 02 jne 4030cd <@SmpLookupClientUnsafe at 8+0x3c>
4030cb: eb 2a jmp 4030f7 <@SmpLookupClientUnsafe at 8+0x66>
4030cd: 8b 55 f4 mov 0xfffffff4(%ebp),%edx
4030d0: 66 8b 45 fe mov 0xfffffffe(%ebp),%ax
4030d4: 66 3b 02 cmp (%edx),%ax
4030d7: 75 02 jne 4030db <@SmpLookupClientUnsafe at 8+0x4a>
4030d9: eb 1c jmp 4030f7 <@SmpLookupClientUnsafe at 8+0x66>
4030db: 83 7d f8 00 cmpl $0x0,0xfffffff8(%ebp)
4030df: 74 08 je 4030e9 <@SmpLookupClientUnsafe at 8+0x58>
4030e1: 8b 55 f8 mov 0xfffffff8(%ebp),%edx
4030e4: 8b 45 f4 mov 0xfffffff4(%ebp),%eax
4030e7: 89 02 mov %eax,(%edx)
4030e9: 8b 45 f4 mov 0xfffffff4(%ebp),%eax
4030ec: 8b 80 08 01 00 00 mov 0x108(%eax),%eax
4030f2: 89 45 f4 mov %eax,0xfffffff4(%ebp)
4030f5: eb ce jmp 4030c5 <@SmpLookupClientUnsafe at 8+0x34>
4030f7: 8b 45 f4 mov 0xfffffff4(%ebp),%eax
4030fa: c9 leave
4030fb: c3 ret
004030fc <_SmpLookupClient at 4>:
4030fc: 55 push %ebp
4030fd: 89 e5 mov %esp,%ebp
4030ff: 83 ec 08 sub $0x8,%esp
403102: 8b 45 08 mov 0x8(%ebp),%eax
403105: 66 89 45 fe mov %ax,0xfffffffe(%ebp)
403109: c7 45 f8 00 00 00 00 movl $0x0,0xfffffff8(%ebp)
403110: 83 ec 0c sub $0xc,%esp
403113: 68 60 60 40 00 push $0x406060
403118: e8 63 0b 00 00 call 403c80 <_RtlEnterCriticalSection at 4>
40311d: 83 c4 0c add $0xc,%esp
403120: 66 8b 45 fe mov 0xfffffffe(%ebp),%ax
403124: 89 c1 mov %eax,%ecx
403126: 81 e1 ff ff 00 00 and $0xffff,%ecx
40312c: ba 00 00 00 00 mov $0x0,%edx
403131: e8 5b ff ff ff call 403091 <@SmpLookupClientUnsafe at 8>
403136: 89 45 f8 mov %eax,0xfffffff8(%ebp)
403139: 83 7d f8 00 cmpl $0x0,0xfffffff8(%ebp)
40313d: 74 10 je 40314f <_SmpLookupClient at 4+0x53>
40313f: 83 ec 0c sub $0xc,%esp
403142: 68 60 60 40 00 push $0x406060
403147: e8 44 0b 00 00 call 403c90 <_RtlLeaveCriticalSection at 4>
40314c: 83 c4 0c add $0xc,%esp
40314f: 8b 45 f8 mov 0xfffffff8(%ebp),%eax
403152: c9 leave
403153: c2 04 00 ret $0x4
00403156 <_SmCreateClient at 8>:
403156: 55 push %ebp
403157: 89 e5 mov %esp,%ebp
403159: 83 ec 18 sub $0x18,%esp
40315c: c7 45 fc 00 00 00 00 movl $0x0,0xfffffffc(%ebp)
403163: 8b 4d 08 mov 0x8(%ebp),%ecx
403166: e8 2f f1 ff ff call 40229a <@SmpGetConnectData at 4>
40316b: 89 45 f8 mov %eax,0xfffffff8(%ebp)
40316e: 8b 45 08 mov 0x8(%ebp),%eax
403171: 66 8b 00 mov (%eax),%ax
403174: 25 ff ff 00 00 and $0xffff,%eax
403179: 83 e8 04 sub $0x4,%eax
40317c: 89 45 f4 mov %eax,0xfffffff4(%ebp)
40317f: 83 ec 0c sub $0xc,%esp
403182: 8b 45 f8 mov 0xfffffff8(%ebp),%eax
403185: 66 8b 00 mov (%eax),%ax
403188: 25 ff ff 00 00 and $0xffff,%eax
40318d: 50 push %eax
40318e: e8 69 ff ff ff call 4030fc <_SmpLookupClient at 4>
403193: 83 c4 0c add $0xc,%esp
403196: 85 c0 test %eax,%eax
403198: 74 0c je 4031a6 <_SmCreateClient at 8+0x50>
40319a: c7 45 ec 01 00 00 c0 movl $0xc0000001,0xffffffec(%ebp)
4031a1: e9 f2 00 00 00 jmp 403298 <_SmCreateClient at 8+0x142>
4031a6: 83 ec 04 sub $0x4,%esp
4031a9: 68 0c 01 00 00 push $0x10c
4031ae: 6a 08 push $0x8
4031b0: ff 35 10 60 40 00 pushl 0x406010
4031b6: e8 e5 0a 00 00 call 403ca0 <_RtlAllocateHeap at 12>
4031bb: 83 c4 04 add $0x4,%esp
4031be: 89 45 fc mov %eax,0xfffffffc(%ebp)
4031c1: 83 7d fc 00 cmpl $0x0,0xfffffffc(%ebp)
4031c5: 75 0c jne 4031d3 <_SmCreateClient at 8+0x7d>
4031c7: c7 45 ec 17 00 00 c0 movl $0xc0000017,0xffffffec(%ebp)
4031ce: e9 c5 00 00 00 jmp 403298 <_SmCreateClient at 8+0x142>
4031d3: 8b 55 fc mov 0xfffffffc(%ebp),%edx
4031d6: 8b 45 f8 mov 0xfffffff8(%ebp),%eax
4031d9: 66 8b 00 mov (%eax),%ax
4031dc: 66 89 02 mov %ax,(%edx)
4031df: 8b 55 fc mov 0xfffffffc(%ebp),%edx
4031e2: 8b 45 fc mov 0xfffffffc(%ebp),%eax
4031e5: 66 83 38 01 cmpw $0x1,(%eax)
4031e9: 0f 94 c0 sete %al
4031ec: 25 ff 00 00 00 and $0xff,%eax
4031f1: 89 42 04 mov %eax,0x4(%edx)
4031f4: 83 7d f4 00 cmpl $0x0,0xfffffff4(%ebp)
4031f8: 74 1c je 403216 <_SmCreateClient at 8+0xc0>
4031fa: 83 ec 04 sub $0x4,%esp
4031fd: ff 75 f4 pushl 0xfffffff4(%ebp)
403200: 8b 45 f8 mov 0xfffffff8(%ebp),%eax
403203: 83 c0 04 add $0x4,%eax
403206: 50 push %eax
403207: 8b 45 fc mov 0xfffffffc(%ebp),%eax
40320a: 83 c0 18 add $0x18,%eax
40320d: 50 push %eax
40320e: e8 8d 08 00 00 call 403aa0 <_memcpy>
403213: 83 c4 10 add $0x10,%esp
* client directory.
*/
if (NULL == SmpClientDirectory.Client)
403216: 83 3d 7c 60 40 00 00 cmpl $0x0,0x40607c
40321d: 75 0a jne 403229 <_SmCreateClient at 8+0xd3>
{
SmpClientDirectory.Client = pClient;
40321f: 8b 45 fc mov 0xfffffffc(%ebp),%eax
403222: a3 7c 60 40 00 mov %eax,0x40607c
403227: eb 37 jmp 403260 <_SmCreateClient at 8+0x10a>
} else {
PSM_CLIENT_DATA pCD = NULL;
403229: c7 45 f0 00 00 00 00 movl $0x0,0xfffffff0(%ebp)
for (pCD=SmpClientDirectory.Client;
403230: a1 7c 60 40 00 mov 0x40607c,%eax
403235: 89 45 f0 mov %eax,0xfffffff0(%ebp)
403238: 8b 45 f0 mov 0xfffffff0(%ebp),%eax
40323b: 83 b8 08 01 00 00 00 cmpl $0x0,0x108(%eax)
403242: 75 02 jne 403246 <_SmCreateClient at 8+0xf0>
403244: eb 0e jmp 403254 <_SmCreateClient at 8+0xfe>
403246: 8b 45 f0 mov 0xfffffff0(%ebp),%eax
403249: 8b 80 08 01 00 00 mov 0x108(%eax),%eax
40324f: 89 45 f0 mov %eax,0xfffffff0(%ebp)
403252: eb e4 jmp 403238 <_SmCreateClient at 8+0xe2>
(NULL != pCD->Next);
pCD = pCD->Next);
pCD->Next = pClient;
403254: 8b 55 f0 mov 0xfffffff0(%ebp),%edx
403257: 8b 45 fc mov 0xfffffffc(%ebp),%eax
40325a: 89 82 08 01 00 00 mov %eax,0x108(%edx)
}
pClient->Next = NULL;
403260: 8b 45 fc mov 0xfffffffc(%ebp),%eax
403263: c7 80 08 01 00 00 00 movl $0x0,0x108(%eax)
40326a: 00 00 00
++ SmpClientDirectory.Count;
40326d: ff 05 78 60 40 00 incl 0x406078
/*
* Note we unlock the client directory here, because
* it was locked by SmpLookupClient on failure.
*/
RtlLeaveCriticalSection (& SmpClientDirectory.Lock);
403273: 83 ec 0c sub $0xc,%esp
403276: 68 60 60 40 00 push $0x406060
40327b: e8 10 0a 00 00 call 403c90 <_RtlLeaveCriticalSection at 4>
403280: 83 c4 0c add $0xc,%esp
if (ClientData)
403283: 83 7d 0c 00 cmpl $0x0,0xc(%ebp)
403287: 74 08 je 403291 <_SmCreateClient at 8+0x13b>
{
*ClientData = pClient;
403289: 8b 55 0c mov 0xc(%ebp),%edx
40328c: 8b 45 fc mov 0xfffffffc(%ebp),%eax
40328f: 89 02 mov %eax,(%edx)
}
return STATUS_SUCCESS;
403291: c7 45 ec 00 00 00 00 movl $0x0,0xffffffec(%ebp)
}
403298: 8b 45 ec mov 0xffffffec(%ebp),%eax
40329b: c9 leave
40329c: c2 08 00 ret $0x8
0040329f <_SmDestroyClient at 4>:
/**********************************************************************
* SmpDestroyClient/1
*
* 1. close any handle
* 2. kill client process
* 3. release resources
*/
NTSTATUS STDCALL
SmDestroyClient (ULONG SubsystemId)
{
40329f: 55 push %ebp
4032a0: 89 e5 mov %esp,%ebp
4032a2: 83 ec 18 sub $0x18,%esp
NTSTATUS Status = STATUS_SUCCESS;
4032a5: c7 45 fc 00 00 00 00 movl $0x0,0xfffffffc(%ebp)
PSM_CLIENT_DATA Parent = NULL;
4032ac: c7 45 f8 00 00 00 00 movl $0x0,0xfffffff8(%ebp)
PSM_CLIENT_DATA Client = NULL;
4032b3: c7 45 f4 00 00 00 00 movl $0x0,0xfffffff4(%ebp)
DPRINT("SM: %s called\n", __FUNCTION__);
RtlEnterCriticalSection (& SmpClientDirectory.Lock);
4032ba: 83 ec 0c sub $0xc,%esp
4032bd: 68 60 60 40 00 push $0x406060
4032c2: e8 b9 09 00 00 call 403c80 <_RtlEnterCriticalSection at 4>
4032c7: 83 c4 0c add $0xc,%esp
Client = SmpLookupClientUnsafe (SubsystemId, & Parent);
4032ca: 8d 55 f8 lea 0xfffffff8(%ebp),%edx
4032cd: 8b 45 08 mov 0x8(%ebp),%eax
4032d0: 89 c1 mov %eax,%ecx
4032d2: 81 e1 ff ff 00 00 and $0xffff,%ecx
4032d8: e8 b4 fd ff ff call 403091 <@SmpLookupClientUnsafe at 8>
4032dd: 89 45 f4 mov %eax,0xfffffff4(%ebp)
if(NULL == Client)
4032e0: 83 7d f4 00 cmpl $0x0,0xfffffff4(%ebp)
4032e4: 75 3e jne 403324 <_SmDestroyClient at 4+0x85>
{
DPRINT1("SM: %s: del req for non existent subsystem (id=%d)\n",
4032e6: 83 ec 04 sub $0x4,%esp
4032e9: 68 fa 00 00 00 push $0xfa
4032ee: 68 00 5d 40 00 push $0x405d00
4032f3: 68 09 5d 40 00 push $0x405d09
4032f8: e8 e3 06 00 00 call 4039e0 <_DbgPrint>
4032fd: 83 c4 10 add $0x10,%esp
403300: 83 ec 04 sub $0x4,%esp
403303: ff 75 08 pushl 0x8(%ebp)
403306: 68 12 5d 40 00 push $0x405d12
40330b: 68 40 5d 40 00 push $0x405d40
403310: e8 cb 06 00 00 call 4039e0 <_DbgPrint>
403315: 83 c4 10 add $0x10,%esp
__FUNCTION__, SubsystemId);
Status = STATUS_NOT_FOUND;
403318: c7 45 fc 25 02 00 c0 movl $0xc0000225,0xfffffffc(%ebp)
40331f: e9 82 00 00 00 jmp 4033a6 <_SmDestroyClient at 4+0x107>
}
else
{
/* 1st in the list? */
if(NULL == Parent)
403324: 83 7d f8 00 cmpl $0x0,0xfffffff8(%ebp)
403328: 75 10 jne 40333a <_SmDestroyClient at 4+0x9b>
{
SmpClientDirectory.Client = Client->Next;
40332a: 8b 45 f4 mov 0xfffffff4(%ebp),%eax
40332d: 8b 80 08 01 00 00 mov 0x108(%eax),%eax
403333: a3 7c 60 40 00 mov %eax,0x40607c
403338: eb 50 jmp 40338a <_SmDestroyClient at 4+0xeb>
}
else
{
if(NULL != Parent)
40333a: 83 7d f8 00 cmpl $0x0,0xfffffff8(%ebp)
40333e: 74 14 je 403354 <_SmDestroyClient at 4+0xb5>
{
Parent->Next = Client->Next;
403340: 8b 45 f8 mov 0xfffffff8(%ebp),%eax
403343: 8b 55 f4 mov 0xfffffff4(%ebp),%edx
403346: 8b 92 08 01 00 00 mov 0x108(%edx),%edx
40334c: 89 90 08 01 00 00 mov %edx,0x108(%eax)
403352: eb 36 jmp 40338a <_SmDestroyClient at 4+0xeb>
} else {
DPRINT1("SM: %s: n-th has no parent!\n", __FUNCTION__);
403354: 83 ec 04 sub $0x4,%esp
403357: 68 0b 01 00 00 push $0x10b
40335c: 68 00 5d 40 00 push $0x405d00
403361: 68 09 5d 40 00 push $0x405d09
403366: e8 75 06 00 00 call 4039e0 <_DbgPrint>
40336b: 83 c4 10 add $0x10,%esp
40336e: 83 ec 08 sub $0x8,%esp
403371: 68 12 5d 40 00 push $0x405d12
403376: 68 74 5d 40 00 push $0x405d74
40337b: e8 60 06 00 00 call 4039e0 <_DbgPrint>
403380: 83 c4 10 add $0x10,%esp
Status = STATUS_UNSUCCESSFUL; /* FIXME */
403383: c7 45 fc 01 00 00 c0 movl $0xc0000001,0xfffffffc(%ebp)
}
}
/* TODO: send shutdown or kill */
RtlFreeHeap (SmpHeap, 0, Client);
40338a: 83 ec 04 sub $0x4,%esp
40338d: ff 75 f4 pushl 0xfffffff4(%ebp)
403390: 6a 00 push $0x0
403392: ff 35 10 60 40 00 pushl 0x406010
403398: e8 13 09 00 00 call 403cb0 <_RtlFreeHeap at 12>
40339d: 83 c4 04 add $0x4,%esp
-- SmpClientDirectory.Count;
4033a0: ff 0d 78 60 40 00 decl 0x406078
}
RtlLeaveCriticalSection (& SmpClientDirectory.Lock);
4033a6: 83 ec 0c sub $0xc,%esp
4033a9: 68 60 60 40 00 push $0x406060
4033ae: e8 dd 08 00 00 call 403c90 <_RtlLeaveCriticalSection at 4>
4033b3: 83 c4 0c add $0xc,%esp
return Status;
4033b6: 8b 45 fc mov 0xfffffffc(%ebp),%eax
}
4033b9: c9 leave
4033ba: c2 04 00 ret $0x4
4033bd: 90 nop
4033be: 90 nop
4033bf: 90 nop
004033c0 <_DbgSsApiPortThread at 4>:
4033c0: 55 push %ebp
4033c1: 89 e5 mov %esp,%ebp
4033c3: 57 push %edi
4033c4: 81 ec 64 01 00 00 sub $0x164,%esp
4033ca: c7 45 f4 00 00 00 00 movl $0x0,0xfffffff4(%ebp)
4033d1: 8d bd 98 fe ff ff lea 0xfffffe98(%ebp),%edi
4033d7: fc cld
4033d8: ba 00 00 00 00 mov $0x0,%edx
4033dd: b8 52 00 00 00 mov $0x52,%eax
4033e2: 89 c1 mov %eax,%ecx
4033e4: 89 d0 mov %edx,%eax
4033e6: f3 ab repz stos %eax,%es:(%edi)
4033e8: 83 ec 08 sub $0x8,%esp
4033eb: 8d 85 98 fe ff ff lea 0xfffffe98(%ebp),%eax
4033f1: 50 push %eax
4033f2: ff 35 50 60 40 00 pushl 0x406050
4033f8: e8 e3 07 00 00 call 403be0 <_NtListenPort at 8>
4033fd: 83 c4 08 add $0x8,%esp
403400: 89 45 f4 mov %eax,0xfffffff4(%ebp)
403403: 83 7d f4 00 cmpl $0x0,0xfffffff4(%ebp)
403407: 79 df jns 4033e8 <_DbgSsApiPortThread at 4+0x28>
403409: 83 ec 04 sub $0x4,%esp
40340c: 6a 35 push $0x35
40340e: 68 a0 5d 40 00 push $0x405da0
403413: 68 a8 5d 40 00 push $0x405da8
403418: e8 c3 05 00 00 call 4039e0 <_DbgPrint>
40341d: 83 c4 10 add $0x10,%esp
403420: 83 ec 04 sub $0x4,%esp
403423: ff 75 f4 pushl 0xfffffff4(%ebp)
403426: 68 b1 5d 40 00 push $0x405db1
40342b: 68 e0 5d 40 00 push $0x405de0
403430: e8 ab 05 00 00 call 4039e0 <_DbgPrint>
403435: 83 c4 10 add $0x10,%esp
403438: 83 ec 08 sub $0x8,%esp
40343b: ff 75 f4 pushl 0xfffffff4(%ebp)
40343e: 6a fe push $0xfffffffe
403440: e8 3b 05 00 00 call 403980 <_NtTerminateThread at 8>
403445: 83 c4 08 add $0x8,%esp
403448: 8b 7d fc mov 0xfffffffc(%ebp),%edi
40344b: c9 leave
40344c: c2 04 00 ret $0x4
0040344f <_DbgUiApiPortThread at 4>:
40344f: 55 push %ebp
403450: 89 e5 mov %esp,%ebp
403452: 57 push %edi
403453: 81 ec 64 01 00 00 sub $0x164,%esp
403459: c7 45 f4 00 00 00 00 movl $0x0,0xfffffff4(%ebp)
403460: 8d bd 98 fe ff ff lea 0xfffffe98(%ebp),%edi
403466: fc cld
403467: ba 00 00 00 00 mov $0x0,%edx
40346c: b8 52 00 00 00 mov $0x52,%eax
403471: 89 c1 mov %eax,%ecx
403473: 89 d0 mov %edx,%eax
403475: f3 ab repz stos %eax,%es:(%edi)
403477: 83 ec 08 sub $0x8,%esp
40347a: 8d 85 98 fe ff ff lea 0xfffffe98(%ebp),%eax
403480: 50 push %eax
403481: ff 35 54 60 40 00 pushl 0x406054
403487: e8 54 07 00 00 call 403be0 <_NtListenPort at 8>
40348c: 83 c4 08 add $0x8,%esp
40348f: 89 45 f4 mov %eax,0xfffffff4(%ebp)
403492: 83 7d f4 00 cmpl $0x0,0xfffffff4(%ebp)
403496: 79 df jns 403477 <_DbgUiApiPortThread at 4+0x28>
403498: 83 ec 04 sub $0x4,%esp
40349b: 6a 48 push $0x48
40349d: 68 a0 5d 40 00 push $0x405da0
4034a2: 68 a8 5d 40 00 push $0x405da8
4034a7: e8 34 05 00 00 call 4039e0 <_DbgPrint>
4034ac: 83 c4 10 add $0x10,%esp
4034af: 83 ec 04 sub $0x4,%esp
4034b2: ff 75 f4 pushl 0xfffffff4(%ebp)
4034b5: 68 11 5e 40 00 push $0x405e11
4034ba: 68 e0 5d 40 00 push $0x405de0
4034bf: e8 1c 05 00 00 call 4039e0 <_DbgPrint>
4034c4: 83 c4 10 add $0x10,%esp
4034c7: 83 ec 08 sub $0x8,%esp
4034ca: ff 75 f4 pushl 0xfffffff4(%ebp)
4034cd: 6a fe push $0xfffffffe
4034cf: e8 ac 04 00 00 call 403980 <_NtTerminateThread at 8>
4034d4: 83 c4 08 add $0x8,%esp
4034d7: 8b 7d fc mov 0xfffffffc(%ebp),%edi
4034da: c9 leave
4034db: c2 04 00 ret $0x4
004034de <_SmpCreatePT at 28>:
4034de: 55 push %ebp
4034df: 89 e5 mov %esp,%ebp
4034e1: 83 ec 58 sub $0x58,%esp
4034e4: c7 45 f4 00 00 00 00 movl $0x0,0xfffffff4(%ebp)
4034eb: c7 45 e8 00 00 00 00 movl $0x0,0xffffffe8(%ebp)
4034f2: c7 45 ec 00 00 00 00 movl $0x0,0xffffffec(%ebp)
4034f9: c7 45 c4 00 00 00 00 movl $0x0,0xffffffc4(%ebp)
403500: c7 45 b8 00 00 00 00 movl $0x0,0xffffffb8(%ebp)
403507: c7 45 bc 00 00 00 00 movl $0x0,0xffffffbc(%ebp)
40350e: 83 ec 08 sub $0x8,%esp
403511: ff 75 0c pushl 0xc(%ebp)
403514: 8d 45 e8 lea 0xffffffe8(%ebp),%eax
403517: 50 push %eax
403518: e8 73 04 00 00 call 403990 <_RtlInitUnicodeString at 8>
40351d: 83 c4 08 add $0x8,%esp
403520: c7 45 c8 18 00 00 00 movl $0x18,0xffffffc8(%ebp)
403527: 8d 45 e8 lea 0xffffffe8(%ebp),%eax
40352a: 89 45 d0 mov %eax,0xffffffd0(%ebp)
40352d: c7 45 d4 01 00 00 00 movl $0x1,0xffffffd4(%ebp)
403534: c7 45 cc 00 00 00 00 movl $0x0,0xffffffcc(%ebp)
40353b: c7 45 d8 00 00 00 00 movl $0x0,0xffffffd8(%ebp)
403542: c7 45 dc 00 00 00 00 movl $0x0,0xffffffdc(%ebp)
403549: 83 ec 0c sub $0xc,%esp
40354c: ff 75 18 pushl 0x18(%ebp)
40354f: ff 75 14 pushl 0x14(%ebp)
403552: ff 75 10 pushl 0x10(%ebp)
403555: 8d 45 c8 lea 0xffffffc8(%ebp),%eax
403558: 50 push %eax
403559: ff 75 08 pushl 0x8(%ebp)
40355c: e8 8f 06 00 00 call 403bf0 <_NtCreatePort at 20>
403561: 83 c4 0c add $0xc,%esp
403564: 89 45 f4 mov %eax,0xfffffff4(%ebp)
403567: 83 7d f4 00 cmpl $0x0,0xfffffff4(%ebp)
40356b: 74 08 je 403575 <_SmpCreatePT at 28+0x97>
40356d: 8b 45 f4 mov 0xfffffff4(%ebp),%eax
403570: 89 45 b4 mov %eax,0xffffffb4(%ebp)
403573: eb 56 jmp 4035cb <_SmpCreatePT at 28+0xed>
403575: 83 ec 08 sub $0x8,%esp
403578: 8d 45 b8 lea 0xffffffb8(%ebp),%eax
40357b: 50 push %eax
40357c: 8d 45 c4 lea 0xffffffc4(%ebp),%eax
40357f: 50 push %eax
403580: ff 75 08 pushl 0x8(%ebp)
403583: ff 75 1c pushl 0x1c(%ebp)
403586: 6a 00 push $0x0
403588: 6a 00 push $0x0
40358a: 6a 00 push $0x0
40358c: 6a 00 push $0x0
40358e: 6a 00 push $0x0
403590: 6a ff push $0xffffffff
403592: e8 39 06 00 00 call 403bd0 <_RtlCreateUserThread at 40>
403597: 83 c4 08 add $0x8,%esp
40359a: 83 7d c4 00 cmpl $0x0,0xffffffc4(%ebp)
40359e: 75 17 jne 4035b7 <_SmpCreatePT at 28+0xd9>
4035a0: 83 ec 0c sub $0xc,%esp
4035a3: 8b 45 08 mov 0x8(%ebp),%eax
4035a6: ff 30 pushl (%eax)
4035a8: e8 23 04 00 00 call 4039d0 <_NtClose at 4>
4035ad: 83 c4 0c add $0xc,%esp
4035b0: c7 45 f4 01 00 00 c0 movl $0xc0000001,0xfffffff4(%ebp)
4035b7: 83 7d 20 00 cmpl $0x0,0x20(%ebp)
4035bb: 74 08 je 4035c5 <_SmpCreatePT at 28+0xe7>
4035bd: 8b 55 20 mov 0x20(%ebp),%edx
4035c0: 8b 45 c4 mov 0xffffffc4(%ebp),%eax
4035c3: 89 02 mov %eax,(%edx)
4035c5: 8b 45 f4 mov 0xfffffff4(%ebp),%eax
4035c8: 89 45 b4 mov %eax,0xffffffb4(%ebp)
4035cb: 8b 45 b4 mov 0xffffffb4(%ebp),%eax
4035ce: c9 leave
4035cf: c2 1c 00 ret $0x1c
004035d2 <_SmInitializeDbgSs>:
4035d2: 55 push %ebp
4035d3: 89 e5 mov %esp,%ebp
4035d5: 83 ec 18 sub $0x18,%esp
4035d8: c7 45 fc 00 00 00 00 movl $0x0,0xfffffffc(%ebp)
4035df: c7 45 f8 00 00 00 00 movl $0x0,0xfffffff8(%ebp)
4035e6: 83 ec 04 sub $0x4,%esp
4035e9: 8d 45 f8 lea 0xfffffff8(%ebp),%eax
4035ec: 50 push %eax
4035ed: 68 c0 33 40 00 push $0x4033c0
4035f2: 6a 00 push $0x0
4035f4: 6a 00 push $0x0
4035f6: 6a 00 push $0x0
4035f8: 68 24 5e 40 00 push $0x405e24
4035fd: 68 50 60 40 00 push $0x406050
403602: e8 d7 fe ff ff call 4034de <_SmpCreatePT at 28>
403607: 83 c4 04 add $0x4,%esp
40360a: 89 45 fc mov %eax,0xfffffffc(%ebp)
40360d: 83 7d fc 00 cmpl $0x0,0xfffffffc(%ebp)
403611: 79 08 jns 40361b <_SmInitializeDbgSs+0x49>
403613: 8b 45 fc mov 0xfffffffc(%ebp),%eax
403616: 89 45 f4 mov %eax,0xfffffff4(%ebp)
403619: eb 59 jmp 403674 <_SmInitializeDbgSs+0xa2>
40361b: 83 ec 04 sub $0x4,%esp
40361e: 6a 00 push $0x0
403620: 68 4f 34 40 00 push $0x40344f
403625: 6a 00 push $0x0
403627: 6a 00 push $0x0
403629: 6a 00 push $0x0
40362b: 68 40 5e 40 00 push $0x405e40
403630: 68 54 60 40 00 push $0x406054
403635: e8 a4 fe ff ff call 4034de <_SmpCreatePT at 28>
40363a: 83 c4 04 add $0x4,%esp
40363d: 89 45 fc mov %eax,0xfffffffc(%ebp)
403640: 83 7d fc 00 cmpl $0x0,0xfffffffc(%ebp)
403644: 79 27 jns 40366d <_SmInitializeDbgSs+0x9b>
403646: 83 ec 0c sub $0xc,%esp
403649: ff 75 f8 pushl 0xfffffff8(%ebp)
40364c: e8 7f 03 00 00 call 4039d0 <_NtClose at 4>
403651: 83 c4 0c add $0xc,%esp
403654: 83 ec 0c sub $0xc,%esp
403657: ff 35 50 60 40 00 pushl 0x406050
40365d: e8 6e 03 00 00 call 4039d0 <_NtClose at 4>
403662: 83 c4 0c add $0xc,%esp
403665: 8b 45 fc mov 0xfffffffc(%ebp),%eax
403668: 89 45 f4 mov %eax,0xfffffff4(%ebp)
40366b: eb 07 jmp 403674 <_SmInitializeDbgSs+0xa2>
40366d: c7 45 f4 00 00 00 00 movl $0x0,0xfffffff4(%ebp)
403674: 8b 45 f4 mov 0xfffffff4(%ebp),%eax
403677: c9 leave
403678: c3 ret
403679: 90 nop
40367a: 90 nop
40367b: 90 nop
40367c: 90 nop
40367d: 90 nop
40367e: 90 nop
40367f: 90 nop
00403680 <_DisplayString at 4>:
403680: 55 push %ebp
403681: 89 e5 mov %esp,%ebp
403683: 83 ec 08 sub $0x8,%esp
403686: 83 ec 08 sub $0x8,%esp
403689: ff 75 08 pushl 0x8(%ebp)
40368c: 8d 45 f8 lea 0xfffffff8(%ebp),%eax
40368f: 50 push %eax
403690: e8 fb 02 00 00 call 403990 <_RtlInitUnicodeString at 8>
403695: 83 c4 08 add $0x8,%esp
403698: 83 ec 0c sub $0xc,%esp
40369b: 8d 45 f8 lea 0xfffffff8(%ebp),%eax
40369e: 50 push %eax
40369f: e8 1c 06 00 00 call 403cc0 <_ZwDisplayString at 4>
4036a4: 83 c4 0c add $0xc,%esp
4036a7: c9 leave
4036a8: c2 04 00 ret $0x4
004036ab <_PrintString at 0>:
4036ab: 55 push %ebp
4036ac: 89 e5 mov %esp,%ebp
4036ae: 81 ec 28 02 00 00 sub $0x228,%esp
4036b4: 8d 45 0c lea 0xc(%ebp),%eax
4036b7: 89 85 f4 fd ff ff mov %eax,0xfffffdf4(%ebp)
4036bd: 83 ec 04 sub $0x4,%esp
4036c0: ff b5 f4 fd ff ff pushl 0xfffffdf4(%ebp)
4036c6: ff 75 08 pushl 0x8(%ebp)
4036c9: 8d 85 f8 fd ff ff lea 0xfffffdf8(%ebp),%eax
4036cf: 50 push %eax
4036d0: e8 2b 06 00 00 call 403d00 <_vsprintf>
4036d5: 83 c4 10 add $0x10,%esp
4036d8: 83 ec 08 sub $0x8,%esp
4036db: 8d 85 f8 fd ff ff lea 0xfffffdf8(%ebp),%eax
4036e1: 50 push %eax
4036e2: 8d 85 e0 fd ff ff lea 0xfffffde0(%ebp),%eax
4036e8: 50 push %eax
4036e9: e8 e2 05 00 00 call 403cd0 <_RtlInitAnsiString at 8>
4036ee: 83 c4 08 add $0x8,%esp
4036f1: 83 ec 04 sub $0x4,%esp
4036f4: 6a 01 push $0x1
4036f6: 8d 85 e0 fd ff ff lea 0xfffffde0(%ebp),%eax
4036fc: 50 push %eax
4036fd: 8d 85 e8 fd ff ff lea 0xfffffde8(%ebp),%eax
403703: 50 push %eax
403704: e8 d7 05 00 00 call 403ce0 <_RtlAnsiStringToUnicodeString at 12>
403709: 83 c4 04 add $0x4,%esp
40370c: 83 ec 0c sub $0xc,%esp
40370f: 8d 85 e8 fd ff ff lea 0xfffffde8(%ebp),%eax
403715: 50 push %eax
403716: e8 d5 05 00 00 call 403cf0 <_NtDisplayString at 4>
40371b: 83 c4 0c add $0xc,%esp
40371e: 83 ec 0c sub $0xc,%esp
403721: 8d 85 e8 fd ff ff lea 0xfffffde8(%ebp),%eax
403727: 50 push %eax
403728: e8 13 04 00 00 call 403b40 <_RtlFreeUnicodeString at 4>
40372d: 83 c4 0c add $0xc,%esp
403730: c9 leave
403731: c3 ret
403732: 90 nop
403733: 90 nop
403734: 90 nop
403735: 90 nop
403736: 90 nop
403737: 90 nop
403738: 90 nop
403739: 90 nop
40373a: 90 nop
40373b: 90 nop
40373c: 90 nop
40373d: 90 nop
40373e: 90 nop
40373f: 90 nop
00403740 <_SmConnectApiPort at 16>:
403740: 55 push %ebp
403741: 89 e5 mov %esp,%ebp
403743: 57 push %edi
403744: 81 ec 44 01 00 00 sub $0x144,%esp
40374a: 8b 45 10 mov 0x10(%ebp),%eax
40374d: 66 89 45 f6 mov %ax,0xfffffff6(%ebp)
403751: c7 45 d4 00 00 00 00 movl $0x0,0xffffffd4(%ebp)
403758: 8d bd c8 fe ff ff lea 0xfffffec8(%ebp),%edi
40375e: fc cld
40375f: ba 00 00 00 00 mov $0x0,%edx
403764: b8 3d 00 00 00 mov $0x3d,%eax
403769: 89 c1 mov %eax,%ecx
40376b: 89 d0 mov %edx,%eax
40376d: f3 ab repz stos %eax,%es:(%edi)
40376f: c7 85 c4 fe ff ff 00 movl $0x0,0xfffffec4(%ebp)
403776: 00 00 00
403779: 83 7d 08 00 cmpl $0x0,0x8(%ebp)
40377d: 0f 84 90 00 00 00 je 403813 <_SmConnectApiPort at 16+0xd3>
403783: 8b 45 08 mov 0x8(%ebp),%eax
403786: 66 81 38 f0 00 cmpw $0xf0,(%eax)
40378b: 76 0f jbe 40379c <_SmConnectApiPort at 16+0x5c>
40378d: c7 85 c0 fe ff ff ef movl $0xc00000ef,0xfffffec0(%ebp)
403794: 00 00 c0
403797: e9 ed 00 00 00 jmp 403889 <_SmConnectApiPort at 16+0x149>
40379c: 83 7d 0c 00 cmpl $0x0,0xc(%ebp)
4037a0: 74 07 je 4037a9 <_SmConnectApiPort at 16+0x69>
4037a2: 66 83 7d f6 00 cmpw $0x0,0xfffffff6(%ebp)
4037a7: 75 0f jne 4037b8 <_SmConnectApiPort at 16+0x78>
4037a9: c7 85 c0 fe ff ff 30 movl $0xc0000030,0xfffffec0(%ebp)
4037b0: 00 00 c0
4037b3: e9 d1 00 00 00 jmp 403889 <_SmConnectApiPort at 16+0x149>
4037b8: 83 ec 08 sub $0x8,%esp
4037bb: 68 f4 00 00 00 push $0xf4
4037c0: 8d 85 c8 fe ff ff lea 0xfffffec8(%ebp),%eax
4037c6: 50 push %eax
4037c7: e8 54 02 00 00 call 403a20 <_RtlZeroMemory at 8>
4037cc: 83 c4 08 add $0x8,%esp
4037cf: 66 c7 85 ca fe ff ff movw $0x0,0xfffffeca(%ebp)
4037d6: 00 00
4037d8: 66 8b 45 f6 mov 0xfffffff6(%ebp),%ax
4037dc: 66 89 85 c8 fe ff ff mov %ax,0xfffffec8(%ebp)
4037e3: 8b 45 08 mov 0x8(%ebp),%eax
4037e6: 66 83 38 00 cmpw $0x0,(%eax)
4037ea: 74 27 je 403813 <_SmConnectApiPort at 16+0xd3>
4037ec: 83 ec 04 sub $0x4,%esp
4037ef: 8b 45 08 mov 0x8(%ebp),%eax
4037f2: 66 8b 00 mov (%eax),%ax
4037f5: 25 ff ff 00 00 and $0xffff,%eax
4037fa: 50 push %eax
4037fb: 8b 45 08 mov 0x8(%ebp),%eax
4037fe: ff 70 04 pushl 0x4(%eax)
403801: 8d 85 c8 fe ff ff lea 0xfffffec8(%ebp),%eax
403807: 83 c0 04 add $0x4,%eax
40380a: 50 push %eax
40380b: e8 90 02 00 00 call 403aa0 <_memcpy>
403810: 83 c4 10 add $0x10,%esp
403813: c7 85 c4 fe ff ff f4 movl $0xf4,0xfffffec4(%ebp)
40381a: 00 00 00
40381d: c7 45 d8 0c 00 00 00 movl $0xc,0xffffffd8(%ebp)
403824: c7 45 dc 01 00 00 00 movl $0x1,0xffffffdc(%ebp)
40382b: c6 45 e0 01 movb $0x1,0xffffffe0(%ebp)
40382f: c6 45 e1 01 movb $0x1,0xffffffe1(%ebp)
403833: 83 ec 08 sub $0x8,%esp
403836: 68 60 5e 40 00 push $0x405e60
40383b: 8d 45 e8 lea 0xffffffe8(%ebp),%eax
40383e: 50 push %eax
40383f: e8 4c 01 00 00 call 403990 <_RtlInitUnicodeString at 8>
403844: 83 c4 08 add $0x8,%esp
403847: 8d 85 c4 fe ff ff lea 0xfffffec4(%ebp),%eax
40384d: 50 push %eax
40384e: 8d 85 c8 fe ff ff lea 0xfffffec8(%ebp),%eax
403854: 50 push %eax
403855: 6a 00 push $0x0
403857: 6a 00 push $0x0
403859: 6a 00 push $0x0
40385b: 8d 45 d8 lea 0xffffffd8(%ebp),%eax
40385e: 50 push %eax
40385f: 8d 45 e8 lea 0xffffffe8(%ebp),%eax
403862: 50 push %eax
403863: ff 75 14 pushl 0x14(%ebp)
403866: e8 25 03 00 00 call 403b90 <_NtConnectPort at 32>
40386b: 89 45 d4 mov %eax,0xffffffd4(%ebp)
40386e: 83 7d d4 00 cmpl $0x0,0xffffffd4(%ebp)
403872: 78 0c js 403880 <_SmConnectApiPort at 16+0x140>
403874: c7 85 c0 fe ff ff 00 movl $0x0,0xfffffec0(%ebp)
40387b: 00 00 00
40387e: eb 09 jmp 403889 <_SmConnectApiPort at 16+0x149>
403880: 8b 45 d4 mov 0xffffffd4(%ebp),%eax
403883: 89 85 c0 fe ff ff mov %eax,0xfffffec0(%ebp)
403889: 8b 85 c0 fe ff ff mov 0xfffffec0(%ebp),%eax
40388f: 8b 7d fc mov 0xfffffffc(%ebp),%edi
403892: c9 leave
403893: c2 10 00 ret $0x10
403896: 90 nop
403897: 90 nop
403898: 90 nop
403899: 90 nop
40389a: 90 nop
40389b: 90 nop
40389c: 90 nop
40389d: 90 nop
40389e: 90 nop
40389f: 90 nop
004038a0 <_SmExecuteProgram at 8>:
4038a0: 55 push %ebp
4038a1: 89 e5 mov %esp,%ebp
4038a3: 81 ec 98 00 00 00 sub $0x98,%esp
4038a9: 8b 45 0c mov 0xc(%ebp),%eax
4038ac: 66 83 38 40 cmpw $0x40,(%eax)
4038b0: 76 0f jbe 4038c1 <_SmExecuteProgram at 8+0x21>
4038b2: c7 85 74 ff ff ff 0d movl $0xc000000d,0xffffff74(%ebp)
4038b9: 00 00 c0
4038bc: e9 a4 00 00 00 jmp 403965 <_SmExecuteProgram at 8+0xc5>
4038c1: 83 ec 08 sub $0x8,%esp
4038c4: 6a 6c push $0x6c
4038c6: 8d 85 78 ff ff ff lea 0xffffff78(%ebp),%eax
4038cc: 50 push %eax
4038cd: e8 4e 01 00 00 call 403a20 <_RtlZeroMemory at 8>
4038d2: 83 c4 08 add $0x8,%esp
4038d5: 8b 45 0c mov 0xc(%ebp),%eax
4038d8: 66 8b 00 mov (%eax),%ax
4038db: 25 ff ff 00 00 and $0xffff,%eax
4038e0: 89 45 98 mov %eax,0xffffff98(%ebp)
4038e3: 83 ec 04 sub $0x4,%esp
4038e6: 8b 45 0c mov 0xc(%ebp),%eax
4038e9: 66 8b 00 mov (%eax),%ax
4038ec: 25 ff ff 00 00 and $0xffff,%eax
4038f1: 50 push %eax
4038f2: 8b 45 0c mov 0xc(%ebp),%eax
4038f5: ff 70 04 pushl 0x4(%eax)
4038f8: 8d 85 78 ff ff ff lea 0xffffff78(%ebp),%eax
4038fe: 83 c0 24 add $0x24,%eax
403901: 50 push %eax
403902: e8 99 01 00 00 call 403aa0 <_memcpy>
403907: 83 c4 10 add $0x10,%esp
40390a: c7 45 90 04 00 00 00 movl $0x4,0xffffff90(%ebp)
403911: 66 c7 85 7c ff ff ff movw $0x0,0xffffff7c(%ebp)
403918: 00 00
40391a: 66 c7 85 78 ff ff ff movw $0x54,0xffffff78(%ebp)
403921: 54 00
403923: 66 c7 85 7a ff ff ff movw $0x6c,0xffffff7a(%ebp)
40392a: 6c 00
40392c: 83 ec 04 sub $0x4,%esp
40392f: 8d 85 78 ff ff ff lea 0xffffff78(%ebp),%eax
403935: 50 push %eax
403936: 8d 85 78 ff ff ff lea 0xffffff78(%ebp),%eax
40393c: 50 push %eax
40393d: ff 75 08 pushl 0x8(%ebp)
403940: e8 cb 03 00 00 call 403d10 <_NtRequestWaitReplyPort at 12>
403945: 83 c4 04 add $0x4,%esp
403948: 89 45 f4 mov %eax,0xfffffff4(%ebp)
40394b: 83 7d f4 00 cmpl $0x0,0xfffffff4(%ebp)
40394f: 78 0b js 40395c <_SmExecuteProgram at 8+0xbc>
403951: 8b 45 94 mov 0xffffff94(%ebp),%eax
403954: 89 85 74 ff ff ff mov %eax,0xffffff74(%ebp)
40395a: eb 09 jmp 403965 <_SmExecuteProgram at 8+0xc5>
40395c: 8b 45 f4 mov 0xfffffff4(%ebp),%eax
40395f: 89 85 74 ff ff ff mov %eax,0xffffff74(%ebp)
403965: 8b 85 74 ff ff ff mov 0xffffff74(%ebp),%eax
40396b: c9 leave
40396c: c2 08 00 ret $0x8
40396f: 90 nop
00403970 <_NtQueryInformationProcess at 20>:
403970: ff 25 68 71 40 00 jmp *0x407168
403976: 90 nop
403977: 90 nop
...
00403980 <_NtTerminateThread at 8>:
403980: ff 25 80 71 40 00 jmp *0x407180
403986: 90 nop
403987: 90 nop
...
00403990 <_RtlInitUnicodeString at 8>:
403990: ff 25 c4 71 40 00 jmp *0x4071c4
403996: 90 nop
403997: 90 nop
...
004039a0 <_NtOpenEvent at 12>:
4039a0: ff 25 58 71 40 00 jmp *0x407158
4039a6: 90 nop
4039a7: 90 nop
...
004039b0 <_NtPulseEvent at 8>:
4039b0: ff 25 64 71 40 00 jmp *0x407164
4039b6: 90 nop
4039b7: 90 nop
...
004039c0 <_NtWaitForSingleObject at 12>:
4039c0: ff 25 84 71 40 00 jmp *0x407184
4039c6: 90 nop
4039c7: 90 nop
...
004039d0 <_NtClose at 4>:
4039d0: ff 25 2c 71 40 00 jmp *0x40712c
4039d6: 90 nop
4039d7: 90 nop
...
004039e0 <_DbgPrint>:
4039e0: ff 25 20 71 40 00 jmp *0x407120
4039e6: 90 nop
4039e7: 90 nop
...
004039f0 <_RtlCreateHeap at 24>:
4039f0: ff 25 98 71 40 00 jmp *0x407198
4039f6: 90 nop
4039f7: 90 nop
...
00403a00 <_RtlCreateEnvironment at 8>:
403a00: ff 25 94 71 40 00 jmp *0x407194
403a06: 90 nop
403a07: 90 nop
...
00403a10 <_RtlSetEnvironmentVariable at 12>:
403a10: ff 25 d4 71 40 00 jmp *0x4071d4
403a16: 90 nop
403a17: 90 nop
...
00403a20 <_RtlZeroMemory at 8>:
403a20: ff 25 d8 71 40 00 jmp *0x4071d8
403a26: 90 nop
403a27: 90 nop
...
00403a30 <_RtlQueryRegistryValues at 20>:
403a30: ff 25 d0 71 40 00 jmp *0x4071d0
403a36: 90 nop
403a37: 90 nop
...
00403a40 <_wcscpy>:
403a40: ff 25 00 72 40 00 jmp *0x407200
403a46: 90 nop
403a47: 90 nop
...
00403a50 <_ZwCreateDirectoryObject at 12>:
403a50: ff 25 dc 71 40 00 jmp *0x4071dc
403a56: 90 nop
403a57: 90 nop
...
00403a60 <_NtCreateSymbolicLinkObject at 16>:
403a60: ff 25 48 71 40 00 jmp *0x407148
403a66: 90 nop
403a67: 90 nop
...
00403a70 <_swprintf>:
403a70: ff 25 f0 71 40 00 jmp *0x4071f0
403a76: 90 nop
403a77: 90 nop
...
00403a80 <_wcscat>:
403a80: ff 25 f8 71 40 00 jmp *0x4071f8
403a86: 90 nop
403a87: 90 nop
...
00403a90 <_wcslen>:
403a90: ff 25 04 72 40 00 jmp *0x407204
403a96: 90 nop
403a97: 90 nop
...
00403aa0 <_memcpy>:
403aa0: ff 25 ec 71 40 00 jmp *0x4071ec
403aa6: 90 nop
403aa7: 90 nop
...
00403ab0 <_wcschr>:
403ab0: ff 25 fc 71 40 00 jmp *0x4071fc
403ab6: 90 nop
403ab7: 90 nop
...
00403ac0 <_NtOpenFile at 24>:
403ac0: ff 25 5c 71 40 00 jmp *0x40715c
403ac6: 90 nop
403ac7: 90 nop
...
00403ad0 <_LdrVerifyImageMatchesChecksum at 16>:
403ad0: ff 25 24 71 40 00 jmp *0x407124
403ad6: 90 nop
403ad7: 90 nop
...
00403ae0 <_NtRaiseHardError at 24>:
403ae0: ff 25 70 71 40 00 jmp *0x407170
403ae6: 90 nop
403ae7: 90 nop
...
00403af0 <_NtCreateSection at 28>:
403af0: ff 25 44 71 40 00 jmp *0x407144
403af6: 90 nop
403af7: 90 nop
...
00403b00 <_NtCreateDirectoryObject at 12>:
403b00: ff 25 38 71 40 00 jmp *0x407138
403b06: 90 nop
403b07: 90 nop
...
00403b10 <_RtlDosPathNameToNtPathName_U at 16>:
403b10: ff 25 ac 71 40 00 jmp *0x4071ac
403b16: 90 nop
403b17: 90 nop
...
00403b20 <__wcsicmp>:
403b20: ff 25 e8 71 40 00 jmp *0x4071e8
403b26: 90 nop
403b27: 90 nop
...
00403b30 <_NtCreatePagingFile at 16>:
403b30: ff 25 3c 71 40 00 jmp *0x40713c
403b36: 90 nop
403b37: 90 nop
...
00403b40 <_RtlFreeUnicodeString at 4>:
403b40: ff 25 bc 71 40 00 jmp *0x4071bc
403b46: 90 nop
403b47: 90 nop
...
00403b50 <_RtlCheckRegistryKey at 8>:
403b50: ff 25 90 71 40 00 jmp *0x407190
403b56: 90 nop
403b57: 90 nop
...
00403b60 <_wcstoul>:
403b60: ff 25 08 72 40 00 jmp *0x407208
403b66: 90 nop
403b67: 90 nop
...
00403b70 <_NtSetSystemInformation at 12>:
403b70: ff 25 7c 71 40 00 jmp *0x40717c
403b76: 90 nop
403b77: 90 nop
...
00403b80 <_NtInitializeRegistry at 4>:
403b80: ff 25 50 71 40 00 jmp *0x407150
403b86: 90 nop
403b87: 90 nop
...
00403b90 <_NtConnectPort at 32>:
403b90: ff 25 34 71 40 00 jmp *0x407134
403b96: 90 nop
403b97: 90 nop
...
00403ba0 <_NtReplyWaitReceivePort at 16>:
403ba0: ff 25 74 71 40 00 jmp *0x407174
403ba6: 90 nop
403ba7: 90 nop
...
00403bb0 <_NtAcceptConnectPort at 24>:
403bb0: ff 25 28 71 40 00 jmp *0x407128
403bb6: 90 nop
403bb7: 90 nop
...
00403bc0 <_NtCompleteConnectPort at 4>:
403bc0: ff 25 30 71 40 00 jmp *0x407130
403bc6: 90 nop
403bc7: 90 nop
...
00403bd0 <_RtlCreateUserThread at 40>:
403bd0: ff 25 a4 71 40 00 jmp *0x4071a4
403bd6: 90 nop
403bd7: 90 nop
...
00403be0 <_NtListenPort at 8>:
403be0: ff 25 54 71 40 00 jmp *0x407154
403be6: 90 nop
403be7: 90 nop
...
00403bf0 <_NtCreatePort at 20>:
403bf0: ff 25 40 71 40 00 jmp *0x407140
403bf6: 90 nop
403bf7: 90 nop
...
00403c00 <_RtlCreateProcessParameters at 40>:
403c00: ff 25 9c 71 40 00 jmp *0x40719c
403c06: 90 nop
403c07: 90 nop
...
00403c10 <_RtlCreateUserProcess at 40>:
403c10: ff 25 a0 71 40 00 jmp *0x4071a0
403c16: 90 nop
403c17: 90 nop
...
00403c20 <_RtlDestroyProcessParameters at 4>:
403c20: ff 25 a8 71 40 00 jmp *0x4071a8
403c26: 90 nop
403c27: 90 nop
...
00403c30 <_ZwResumeThread at 8>:
403c30: ff 25 e4 71 40 00 jmp *0x4071e4
403c36: 90 nop
403c37: 90 nop
...
00403c40 <_NtOpenKey at 12>:
403c40: ff 25 60 71 40 00 jmp *0x407160
403c46: 90 nop
403c47: 90 nop
...
00403c50 <_NtQueryValueKey at 24>:
403c50: ff 25 6c 71 40 00 jmp *0x40716c
403c56: 90 nop
403c57: 90 nop
...
00403c60 <_RtlExpandEnvironmentStrings_U at 16>:
403c60: ff 25 b4 71 40 00 jmp *0x4071b4
403c66: 90 nop
403c67: 90 nop
...
00403c70 <_RtlInitializeCriticalSection at 4>:
403c70: ff 25 c8 71 40 00 jmp *0x4071c8
403c76: 90 nop
403c77: 90 nop
...
00403c80 <_RtlEnterCriticalSection at 4>:
403c80: ff 25 b0 71 40 00 jmp *0x4071b0
403c86: 90 nop
403c87: 90 nop
...
00403c90 <_RtlLeaveCriticalSection at 4>:
403c90: ff 25 cc 71 40 00 jmp *0x4071cc
403c96: 90 nop
403c97: 90 nop
...
00403ca0 <_RtlAllocateHeap at 12>:
403ca0: ff 25 88 71 40 00 jmp *0x407188
403ca6: 90 nop
403ca7: 90 nop
...
00403cb0 <_RtlFreeHeap at 12>:
403cb0: ff 25 b8 71 40 00 jmp *0x4071b8
403cb6: 90 nop
403cb7: 90 nop
...
00403cc0 <_ZwDisplayString at 4>:
403cc0: ff 25 e0 71 40 00 jmp *0x4071e0
403cc6: 90 nop
403cc7: 90 nop
...
00403cd0 <_RtlInitAnsiString at 8>:
403cd0: ff 25 c0 71 40 00 jmp *0x4071c0
403cd6: 90 nop
403cd7: 90 nop
...
00403ce0 <_RtlAnsiStringToUnicodeString at 12>:
403ce0: ff 25 8c 71 40 00 jmp *0x40718c
403ce6: 90 nop
403ce7: 90 nop
...
00403cf0 <_NtDisplayString at 4>:
403cf0: ff 25 4c 71 40 00 jmp *0x40714c
403cf6: 90 nop
403cf7: 90 nop
...
00403d00 <_vsprintf>:
403d00: ff 25 f4 71 40 00 jmp *0x4071f4
403d06: 90 nop
403d07: 90 nop
...
00403d10 <_NtRequestWaitReplyPort at 12>:
403d10: ff 25 78 71 40 00 jmp *0x407178
403d16: 90 nop
403d17: 90 nop
...
00403d20 <___chkstk>:
403d20: 51 push %ecx
403d21: 89 e1 mov %esp,%ecx
403d23: 83 c1 08 add $0x8,%ecx
00403d26 <probe>:
403d26: 3d 00 10 00 00 cmp $0x1000,%eax
403d2b: 72 10 jb 403d3d <done>
403d2d: 81 e9 00 10 00 00 sub $0x1000,%ecx
403d33: 83 09 00 orl $0x0,(%ecx)
403d36: 2d 00 10 00 00 sub $0x1000,%eax
403d3b: eb e9 jmp 403d26 <probe>
00403d3d <done>:
403d3d: 29 c1 sub %eax,%ecx
403d3f: 83 09 00 orl $0x0,(%ecx)
403d42: 89 e0 mov %esp,%eax
403d44: 89 cc mov %ecx,%esp
403d46: 8b 08 mov (%eax),%ecx
403d48: 8b 40 04 mov 0x4(%eax),%eax
403d4b: ff e0 jmp *%eax
403d4d: 90 nop
403d4e: 90 nop
403d4f: 90 nop
00403d50 <__CTOR_LIST__>:
403d50: ff (bad)
403d51: ff (bad)
403d52: ff (bad)
403d53: ff 00 incl (%eax)
403d55: 00 00 add %al,(%eax)
...
00403d58 <__DTOR_LIST__>:
403d58: ff (bad)
403d59: ff (bad)
403d5a: ff (bad)
403d5b: ff 00 incl (%eax)
403d5d: 00 00 add %al,(%eax)
...
More information about the Ros-dev
mailing list