13 Apr
2005
13 Apr
'05
11:25 p.m.
Source taken from HEAD just before Casper took it down for the rebuild.
Initially it was hanging just after the splash so I rebuilt with DGB to
see if I could glean more info.
Now it crashes upon install, just before it goes to the GUI config.
Here is a sceenshot of the crash
http://homepage.ntlworld.com/gedmurphy/crash.jpg
I have attached the map files for smss. I would have stuck on one for
ntoskrnl too, but it's a little large.
I can stick it on the along with anything else if someone wants it.
Regards,
Ged.
smss.nostrip.exe: file format pei-i386
Disassembly of section .text:
00401000 <_NtProcessStartup@4>:
/* Native image's entry point */
VOID STDCALL
NtProcessStartup(PPEB Peb)
{
401000: 55 push %ebp
401001: 89 e5 mov %esp,%ebp
401003: 57 push %edi
401004: 83 ec 34 sub $0x34,%esp
NTSTATUS Status;
PROCESS_BASIC_INFORMATION PBI = {0};
401007: 8d 7d c8 lea 0xffffffc8(%ebp),%edi
40100a: fc cld
40100b: ba 00 00 00 00 mov $0x0,%edx
401010: b8 06 00 00 00 mov $0x6,%eax
401015: 89 c1 mov %eax,%ecx
401017: 89 d0 mov %edx,%eax
401019: f3 ab repz stos %eax,%es:(%edi)
PrintString("ReactOS Session Manager %s (Build %s)\n",
40101b: 83 ec 04 sub $0x4,%esp
40101e: 68 00 50 40 00 push $0x405000
401023: 68 10 50 40 00 push $0x405010
401028: 68 20 50 40 00 push $0x405020
40102d: e8 79 26 00 00 call 4036ab <_PrintString@0>
401032: 83 c4 10 add $0x10,%esp
KERNEL_RELEASE_STR,
KERNEL_VERSION_BUILD_STR);
/* Lookup yourself */
Status = NtQueryInformationProcess (NtCurrentProcess(),
401035: 83 ec 0c sub $0xc,%esp
401038: 6a 00 push $0x0
40103a: 6a 18 push $0x18
40103c: 8d 45 c8 lea 0xffffffc8(%ebp),%eax
40103f: 50 push %eax
401040: 6a 00 push $0x0
401042: 6a ff push $0xffffffff
401044: e8 27 29 00 00 call 403970 <_NtQueryInformationProcess@20>
401049: 83 c4 0c add $0xc,%esp
40104c: 89 45 f4 mov %eax,0xfffffff4(%ebp)
ProcessBasicInformation,
& PBI,
sizeof PBI,
NULL);
if(NT_SUCCESS(Status))
40104f: 83 7d f4 00 cmpl $0x0,0xfffffff4(%ebp)
401053: 78 08 js 40105d <_NtProcessStartup@4+0x5d>
{
SmSsProcessId = PBI.UniqueProcessId;
401055: 8b 45 d8 mov 0xffffffd8(%ebp),%eax
401058: a3 00 60 40 00 mov %eax,0x406000
}
/* Initialize the system */
Status = InitSessionManager();
40105d: e8 24 01 00 00 call 401186 <_InitSessionManager>
401062: 89 45 f4 mov %eax,0xfffffff4(%ebp)
#if 0
if (!NT_SUCCESS(Status))
{
int i;
for (i=0; i < (sizeof Children / sizeof Children[0]); i++)
{
if (Children[i])
{
NtTerminateProcess(Children[i],0);
}
}
DPRINT1("SM: Initialization failed!\n");
goto ByeBye;
}
Status = NtWaitForMultipleObjects(((LONG) sizeof(Children) / sizeof(HANDLE)),
Children,
WaitAny,
TRUE, /* alertable */
NULL); /* NULL for infinite */
if (!NT_SUCCESS(Status))
{
DPRINT1("SM: NtWaitForMultipleObjects failed! (Status=0x%08lx)\n",
Status);
}
else
{
DPRINT1("SM: Process terminated!\n");
}
ByeBye:
/* Raise a hard error (crash the system/BSOD) */
NtRaiseHardError(STATUS_SYSTEM_PROCESS_TERMINATED,
0,0,0,0,0);
// NtTerminateProcess(NtCurrentProcess(), 0);
#endif
NtTerminateThread(NtCurrentThread(), Status);
401065: 83 ec 08 sub $0x8,%esp
401068: ff 75 f4 pushl 0xfffffff4(%ebp)
40106b: 6a fe push $0xfffffffe
40106d: e8 0e 29 00 00 call 403980 <_NtTerminateThread@8>
401072: 83 c4 08 add $0x8,%esp
}
401075: 8b 7d fc mov 0xfffffffc(%ebp),%edi
401078: c9 leave
401079: c2 04 00 ret $0x4
40107c: 90 nop
40107d: 90 nop
40107e: 90 nop
40107f: 90 nop
00401080 <_SmpSignalInitEvent>:
401080: 55 push %ebp
401081: 89 e5 mov %esp,%ebp
401083: 57 push %edi
401084: 83 ec 54 sub $0x54,%esp
401087: c7 45 f4 00 00 00 00 movl $0x0,0xfffffff4(%ebp)
40108e: 8d 7d c8 lea 0xffffffc8(%ebp),%edi
401091: fc cld
401092: ba 00 00 00 00 mov $0x0,%edx
401097: b8 06 00 00 00 mov $0x6,%eax
40109c: 89 c1 mov %eax,%ecx
40109e: 89 d0 mov %edx,%eax
4010a0: f3 ab repz stos %eax,%es:(%edi)
4010a2: c7 45 c0 00 00 00 00 movl $0x0,0xffffffc0(%ebp)
4010a9: c7 45 c4 00 00 00 00 movl $0x0,0xffffffc4(%ebp)
4010b0: c7 45 bc 00 00 00 00 movl $0x0,0xffffffbc(%ebp)
4010b7: 83 ec 08 sub $0x8,%esp
4010ba: 68 60 50 40 00 push $0x405060
4010bf: 8d 45 c0 lea 0xffffffc0(%ebp),%eax
4010c2: 50 push %eax
4010c3: e8 c8 28 00 00 call 403990 <_RtlInitUnicodeString@8>
4010c8: 83 c4 08 add $0x8,%esp
4010cb: c7 45 c8 18 00 00 00 movl $0x18,0xffffffc8(%ebp)
4010d2: 8d 45 c0 lea 0xffffffc0(%ebp),%eax
4010d5: 89 45 d0 mov %eax,0xffffffd0(%ebp)
4010d8: c7 45 d4 03 00 1f 00 movl $0x1f0003,0xffffffd4(%ebp)
4010df: c7 45 cc 00 00 00 00 movl $0x0,0xffffffcc(%ebp)
4010e6: c7 45 d8 00 00 00 00 movl $0x0,0xffffffd8(%ebp)
4010ed: c7 45 dc 00 00 00 00 movl $0x0,0xffffffdc(%ebp)
4010f4: 83 ec 04 sub $0x4,%esp
4010f7: 8d 45 c8 lea 0xffffffc8(%ebp),%eax
4010fa: 50 push %eax
4010fb: 68 03 00 1f 00 push $0x1f0003
401100: 8d 45 bc lea 0xffffffbc(%ebp),%eax
401103: 50 push %eax
401104: e8 97 28 00 00 call 4039a0 <_NtOpenEvent@12>
401109: 83 c4 04 add $0x4,%esp
40110c: 89 45 f4 mov %eax,0xfffffff4(%ebp)
40110f: 83 7d f4 00 cmpl $0x0,0xfffffff4(%ebp)
401113: 78 42 js 401157 <_SmpSignalInitEvent+0xd7>
401115: 83 ec 08 sub $0x8,%esp
401118: 6a 00 push $0x0
40111a: ff 75 bc pushl 0xffffffbc(%ebp)
40111d: e8 8e 28 00 00 call 4039b0 <_NtPulseEvent@8>
401122: 83 c4 08 add $0x8,%esp
401125: c7 45 b0 80 0f 05 fd movl $0xfd050f80,0xffffffb0(%ebp)
40112c: c7 45 b4 ff ff ff ff movl $0xffffffff,0xffffffb4(%ebp)
401133: 83 ec 04 sub $0x4,%esp
401136: 8d 45 b0 lea 0xffffffb0(%ebp),%eax
401139: 50 push %eax
40113a: 6a 00 push $0x0
40113c: ff 75 bc pushl 0xffffffbc(%ebp)
40113f: e8 7c 28 00 00 call 4039c0 <_NtWaitForSingleObject@12>
401144: 83 c4 04 add $0x4,%esp
401147: 83 ec 0c sub $0xc,%esp
40114a: ff 75 bc pushl 0xffffffbc(%ebp)
40114d: e8 7e 28 00 00 call 4039d0 <_NtClose@4>
401152: 83 c4 0c add $0xc,%esp
401155: eb 27 jmp 40117e <_SmpSignalInitEvent+0xfe>
401157: 83 ec 04 sub $0x4,%esp
40115a: 6a 44 push $0x44
40115c: 68 82 50 40 00 push $0x405082
401161: 68 89 50 40 00 push $0x405089
401166: e8 75 28 00 00 call 4039e0 <_DbgPrint>
40116b: 83 c4 10 add $0x10,%esp
40116e: 83 ec 0c sub $0xc,%esp
401171: 68 a0 50 40 00 push $0x4050a0
401176: e8 65 28 00 00 call 4039e0 <_DbgPrint>
40117b: 83 c4 10 add $0x10,%esp
40117e: 8b 45 f4 mov 0xfffffff4(%ebp),%eax
401181: 8b 7d fc mov 0xfffffffc(%ebp),%edi
401184: c9 leave
401185: c3 ret
00401186 <_InitSessionManager>:
/* EOF */
401186: 55 push %ebp
401187: 89 e5 mov %esp,%ebp
401189: 83 ec 18 sub $0x18,%esp
40118c: c7 45 fc 00 00 00 00 movl $0x0,0xfffffffc(%ebp)
401193: c7 45 f8 00 00 00 00 movl $0x0,0xfffffff8(%ebp)
40119a: c7 45 fc 00 00 00 00 movl $0x0,0xfffffffc(%ebp)
4011a1: 83 7d fc 0e cmpl $0xe,0xfffffffc(%ebp)
4011a5: 76 05 jbe 4011ac <_InitSessionManager+0x26>
4011a7: e9 82 00 00 00 jmp 40122e <_InitSessionManager+0xa8>
4011ac: 8b 55 fc mov 0xfffffffc(%ebp),%edx
4011af: 89 d0 mov %edx,%eax
4011b1: 01 c0 add %eax,%eax
4011b3: 01 d0 add %edx,%eax
4011b5: c1 e0 02 shl $0x2,%eax
4011b8: 8b 80 04 40 40 00 mov 0x404004(%eax),%eax
4011be: ff d0 call *%eax
4011c0: 89 45 f8 mov %eax,0xfffffff8(%ebp)
4011c3: 83 7d f8 00 cmpl $0x0,0xfffffff8(%ebp)
4011c7: 79 5b jns 401224 <_InitSessionManager+0x9e>
4011c9: 83 ec 04 sub $0x4,%esp
4011cc: 6a 6c push $0x6c
4011ce: 68 82 50 40 00 push $0x405082
4011d3: 68 89 50 40 00 push $0x405089
4011d8: e8 03 28 00 00 call 4039e0 <_DbgPrint>
4011dd: 83 c4 10 add $0x10,%esp
4011e0: ff 75 f8 pushl 0xfffffff8(%ebp)
4011e3: 8b 55 fc mov 0xfffffffc(%ebp),%edx
4011e6: 89 d0 mov %edx,%eax
4011e8: 01 c0 add %eax,%eax
4011ea: 01 d0 add %edx,%eax
4011ec: c1 e0 02 shl $0x2,%eax
4011ef: ff b0 08 40 40 00 pushl 0x404008(%eax)
4011f5: 68 65 52 40 00 push $0x405265
4011fa: 68 80 52 40 00 push $0x405280
4011ff: e8 dc 27 00 00 call 4039e0 <_DbgPrint>
401204: 83 c4 10 add $0x10,%esp
401207: 8b 55 fc mov 0xfffffffc(%ebp),%edx
40120a: 89 d0 mov %edx,%eax
40120c: 01 c0 add %eax,%eax
40120e: 01 d0 add %edx,%eax
401210: c1 e0 02 shl $0x2,%eax
401213: 83 b8 00 40 40 00 00 cmpl $0x0,0x404000(%eax)
40121a: 74 08 je 401224 <_InitSessionManager+0x9e>
40121c: 8b 45 f8 mov 0xfffffff8(%ebp),%eax
40121f: 89 45 f4 mov %eax,0xfffffff4(%ebp)
401222: eb 11 jmp 401235 <_InitSessionManager+0xaf>
401224: 8d 45 fc lea 0xfffffffc(%ebp),%eax
401227: ff 00 incl (%eax)
401229: e9 73 ff ff ff jmp 4011a1 <_InitSessionManager+0x1b>
40122e: c7 45 f4 00 00 00 00 movl $0x0,0xfffffff4(%ebp)
401235: 8b 45 f4 mov 0xfffffff4(%ebp),%eax
401238: c9 leave
401239: c3 ret
40123a: 90 nop
40123b: 90 nop
40123c: 90 nop
40123d: 90 nop
40123e: 90 nop
40123f: 90 nop
00401240 <_SmCreateHeap>:
HANDLE SmpHeap = NULL;
NTSTATUS
SmCreateHeap(VOID)
{
401240: 55 push %ebp
401241: 89 e5 mov %esp,%ebp
401243: 83 ec 08 sub $0x8,%esp
/* Create our own heap */
SmpHeap = RtlCreateHeap(HEAP_GROWABLE,
401246: 83 ec 08 sub $0x8,%esp
401249: 6a 00 push $0x0
40124b: 6a 00 push $0x0
40124d: 68 00 00 01 00 push $0x10000
401252: 68 00 00 01 00 push $0x10000
401257: 6a 00 push $0x0
401259: 6a 02 push $0x2
40125b: e8 90 27 00 00 call 4039f0 <_RtlCreateHeap@24>
401260: 83 c4 08 add $0x8,%esp
401263: a3 10 60 40 00 mov %eax,0x406010
NULL,
65536,
65536,
NULL,
NULL);
return (NULL == SmpHeap) ? STATUS_UNSUCCESSFUL : STATUS_SUCCESS;
401268: 83 3d 10 60 40 00 00 cmpl $0x0,0x406010
40126f: 75 09 jne 40127a <_SmCreateHeap+0x3a>
401271: c7 45 fc 01 00 00 c0 movl $0xc0000001,0xfffffffc(%ebp)
401278: eb 07 jmp 401281 <_SmCreateHeap+0x41>
40127a: c7 45 fc 00 00 00 00 movl $0x0,0xfffffffc(%ebp)
401281: 8b 45 fc mov 0xfffffffc(%ebp),%eax
}
401284: c9 leave
401285: c3 ret
401286: 90 nop
401287: 90 nop
401288: 90 nop
401289: 90 nop
40128a: 90 nop
40128b: 90 nop
40128c: 90 nop
40128d: 90 nop
40128e: 90 nop
40128f: 90 nop
00401290 <_SmCreateEnvironment>:
401290: 55 push %ebp
401291: 89 e5 mov %esp,%ebp
401293: 83 ec 08 sub $0x8,%esp
401296: 83 ec 08 sub $0x8,%esp
401299: 68 20 60 40 00 push $0x406020
40129e: 6a 00 push $0x0
4012a0: e8 5b 27 00 00 call 403a00 <_RtlCreateEnvironment@8>
4012a5: 83 c4 08 add $0x8,%esp
4012a8: c9 leave
4012a9: c3 ret
004012aa <_SmpSetEnvironmentVariable>:
4012aa: 55 push %ebp
4012ab: 89 e5 mov %esp,%ebp
4012ad: 83 ec 18 sub $0x18,%esp
4012b0: 83 ec 08 sub $0x8,%esp
4012b3: ff 75 0c pushl 0xc(%ebp)
4012b6: 8d 45 f8 lea 0xfffffff8(%ebp),%eax
4012b9: 50 push %eax
4012ba: e8 d1 26 00 00 call 403990 <_RtlInitUnicodeString@8>
4012bf: 83 c4 08 add $0x8,%esp
4012c2: 83 ec 08 sub $0x8,%esp
4012c5: ff 75 10 pushl 0x10(%ebp)
4012c8: 8d 45 f0 lea 0xfffffff0(%ebp),%eax
4012cb: 50 push %eax
4012cc: e8 bf 26 00 00 call 403990 <_RtlInitUnicodeString@8>
4012d1: 83 c4 08 add $0x8,%esp
4012d4: 83 ec 04 sub $0x4,%esp
4012d7: 8d 45 f0 lea 0xfffffff0(%ebp),%eax
4012da: 50 push %eax
4012db: 8d 45 f8 lea 0xfffffff8(%ebp),%eax
4012de: 50 push %eax
4012df: ff 75 08 pushl 0x8(%ebp)
4012e2: e8 29 27 00 00 call 403a10 <_RtlSetEnvironmentVariable@12>
4012e7: 83 c4 04 add $0x4,%esp
4012ea: b8 00 00 00 00 mov $0x0,%eax
4012ef: c9 leave
4012f0: c3 ret
004012f1 <_SmpEnvironmentQueryRoutine@24>:
4012f1: 55 push %ebp
4012f2: 89 e5 mov %esp,%ebp
4012f4: 83 ec 08 sub $0x8,%esp
4012f7: 83 7d 0c 01 cmpl $0x1,0xc(%ebp)
4012fb: 74 09 je 401306 <_SmpEnvironmentQueryRoutine@24+0x15>
4012fd: c7 45 fc 00 00 00 00 movl $0x0,0xfffffffc(%ebp)
401304: eb 17 jmp 40131d <_SmpEnvironmentQueryRoutine@24+0x2c>
401306: 83 ec 04 sub $0x4,%esp
401309: ff 75 10 pushl 0x10(%ebp)
40130c: ff 75 08 pushl 0x8(%ebp)
40130f: ff 75 18 pushl 0x18(%ebp)
401312: e8 93 ff ff ff call 4012aa <_SmpSetEnvironmentVariable>
401317: 83 c4 10 add $0x10,%esp
40131a: 89 45 fc mov %eax,0xfffffffc(%ebp)
40131d: 8b 45 fc mov 0xfffffffc(%ebp),%eax
401320: c9 leave
401321: c2 18 00 ret $0x18
00401324 <_SmSetEnvironmentVariables>:
401324: 55 push %ebp
401325: 89 e5 mov %esp,%ebp
401327: 81 ec 68 02 00 00 sub $0x268,%esp
*/
/* Copy system root into value buffer */
wcscpy(ValueBuffer,
40132d: 83 ec 08 sub $0x8,%esp
401330: 68 30 00 fe 7f push $0x7ffe0030
401335: 8d 85 a8 fd ff ff lea 0xfffffda8(%ebp),%eax
40133b: 50 push %eax
40133c: e8 ff 26 00 00 call 403a40 <_wcscpy>
401341: 83 c4 10 add $0x10,%esp
SharedUserData->NtSystemRoot);
/* Set SystemRoot = "C:\reactos" */
SmpSetEnvironmentVariable(&SmSystemEnvironment,L"SystemRoot",ValueBuffer);
401344: 83 ec 04 sub $0x4,%esp
401347: 8d 85 a8 fd ff ff lea 0xfffffda8(%ebp),%eax
40134d: 50 push %eax
40134e: 68 c0 52 40 00 push $0x4052c0
401353: 68 20 60 40 00 push $0x406020
401358: e8 4d ff ff ff call 4012aa <_SmpSetEnvironmentVariable>
40135d: 83 c4 10 add $0x10,%esp
/* Cut off trailing path */
ValueBuffer[2] = 0;
401360: 66 c7 85 ac fd ff ff movw $0x0,0xfffffdac(%ebp)
401367: 00 00
/* Set SystemDrive = "C:" */
SmpSetEnvironmentVariable(&SmSystemEnvironment,L"SystemDrive",ValueBuffer);
401369: 83 ec 04 sub $0x4,%esp
40136c: 8d 85 a8 fd ff ff lea 0xfffffda8(%ebp),%eax
401372: 50 push %eax
401373: 68 d6 52 40 00 push $0x4052d6
401378: 68 20 60 40 00 push $0x406020
40137d: e8 28 ff ff ff call 4012aa <_SmpSetEnvironmentVariable>
401382: 83 c4 10 add $0x10,%esp
/* Read system environment from the registry. */
RtlZeroMemory(&QueryTable,
401385: 83 ec 08 sub $0x8,%esp
401388: 6a 38 push $0x38
40138a: 8d 45 b8 lea 0xffffffb8(%ebp),%eax
40138d: 50 push %eax
40138e: e8 8d 26 00 00 call 403a20 <_RtlZeroMemory@8>
401393: 83 c4 08 add $0x8,%esp
sizeof(QueryTable));
QueryTable[0].QueryRoutine = SmpEnvironmentQueryRoutine;
401396: c7 45 b8 f1 12 40 00 movl $0x4012f1,0xffffffb8(%ebp)
Status = RtlQueryRegistryValues(RTL_REGISTRY_CONTROL,
40139d: 83 ec 0c sub $0xc,%esp
4013a0: ff 35 20 60 40 00 pushl 0x406020
4013a6: 68 20 60 40 00 push $0x406020
4013ab: 8d 45 b8 lea 0xffffffb8(%ebp),%eax
4013ae: 50 push %eax
4013af: 68 00 53 40 00 push $0x405300
4013b4: 6a 02 push $0x2
4013b6: e8 75 26 00 00 call 403a30 <_RtlQueryRegistryValues@20>
4013bb: 83 c4 0c add $0xc,%esp
4013be: 89 85 a4 fd ff ff mov %eax,0xfffffda4(%ebp)
L"\\Session Manager\\Environment",
QueryTable,
&SmSystemEnvironment,
SmSystemEnvironment);
return(Status);
4013c4: 8b 85 a4 fd ff ff mov 0xfffffda4(%ebp),%eax
}
4013ca: c9 leave
4013cb: c3 ret
004013cc <_SmUpdateEnvironment>:
/**********************************************************************
* Set environment variables from registry
*/
NTSTATUS
SmUpdateEnvironment(VOID)
{
4013cc: 55 push %ebp
4013cd: 89 e5 mov %esp,%ebp
/* TODO */
return STATUS_SUCCESS;
4013cf: b8 00 00 00 00 mov $0x0,%eax
}
4013d4: 5d pop %ebp
4013d5: c3 ret
4013d6: 90 nop
4013d7: 90 nop
4013d8: 90 nop
4013d9: 90 nop
4013da: 90 nop
4013db: 90 nop
4013dc: 90 nop
4013dd: 90 nop
4013de: 90 nop
4013df: 90 nop
004013e0 <_SmpObjectDirectoryQueryRoutine@24>:
4013e0: 55 push %ebp
4013e1: 89 e5 mov %esp,%ebp
4013e3: 83 ec 48 sub $0x48,%esp
4013e6: c7 45 c8 00 00 00 00 movl $0x0,0xffffffc8(%ebp)
DbgPrint("ValueData '%S'\n", (PWSTR)ValueData);
#endif
if (ValueType != REG_SZ)
4013ed: 83 7d 0c 01 cmpl $0x1,0xc(%ebp)
4013f1: 74 09 je 4013fc
<_SmpObjectDirectoryQueryRoutine@24+0x1c>
{
return(STATUS_SUCCESS);
4013f3: c7 45 c4 00 00 00 00 movl $0x0,0xffffffc4(%ebp)
4013fa: eb 59 jmp 401455
<_SmpObjectDirectoryQueryRoutine@24+0x75>
}
RtlInitUnicodeString(&UnicodeString,
4013fc: 83 ec 08 sub $0x8,%esp
4013ff: ff 75 10 pushl 0x10(%ebp)
401402: 8d 45 d0 lea 0xffffffd0(%ebp),%eax
401405: 50 push %eax
401406: e8 85 25 00 00 call 403990 <_RtlInitUnicodeString@8>
40140b: 83 c4 08 add $0x8,%esp
(PWSTR)ValueData);
InitializeObjectAttributes(&ObjectAttributes,
40140e: c7 45 d8 18 00 00 00 movl $0x18,0xffffffd8(%ebp)
401415: 8d 45 d0 lea 0xffffffd0(%ebp),%eax
401418: 89 45 e0 mov %eax,0xffffffe0(%ebp)
40141b: c7 45 e4 00 00 00 00 movl $0x0,0xffffffe4(%ebp)
401422: c7 45 dc 00 00 00 00 movl $0x0,0xffffffdc(%ebp)
401429: c7 45 e8 00 00 00 00 movl $0x0,0xffffffe8(%ebp)
401430: c7 45 ec 00 00 00 00 movl $0x0,0xffffffec(%ebp)
&UnicodeString,
0,
NULL,
NULL);
Status = ZwCreateDirectoryObject(&WindowsDirectory,
401437: 83 ec 04 sub $0x4,%esp
40143a: 8d 45 d8 lea 0xffffffd8(%ebp),%eax
40143d: 50 push %eax
40143e: 6a 00 push $0x0
401440: 8d 45 cc lea 0xffffffcc(%ebp),%eax
401443: 50 push %eax
401444: e8 07 26 00 00 call 403a50 <_ZwCreateDirectoryObject@12>
401449: 83 c4 04 add $0x4,%esp
40144c: 89 45 c8 mov %eax,0xffffffc8(%ebp)
0,
&ObjectAttributes);
return(Status);
40144f: 8b 45 c8 mov 0xffffffc8(%ebp),%eax
401452: 89 45 c4 mov %eax,0xffffffc4(%ebp)
}
401455: 8b 45 c4 mov 0xffffffc4(%ebp),%eax
401458: c9 leave
401459: c2 18 00 ret $0x18
0040145c <_SmCreateObjectDirectories>:
NTSTATUS
SmCreateObjectDirectories(VOID)
{
40145c: 55 push %ebp
40145d: 89 e5 mov %esp,%ebp
40145f: 83 ec 58 sub $0x58,%esp
RTL_QUERY_REGISTRY_TABLE QueryTable[2];
NTSTATUS Status;
RtlZeroMemory(&QueryTable,
401462: 83 ec 08 sub $0x8,%esp
401465: 6a 38 push $0x38
401467: 8d 45 b8 lea 0xffffffb8(%ebp),%eax
40146a: 50 push %eax
40146b: e8 b0 25 00 00 call 403a20 <_RtlZeroMemory@8>
401470: 83 c4 08 add $0x8,%esp
sizeof(QueryTable));
QueryTable[0].Name = L"ObjectDirectories";
401473: c7 45 c0 40 53 40 00 movl $0x405340,0xffffffc0(%ebp)
QueryTable[0].QueryRoutine = SmpObjectDirectoryQueryRoutine;
40147a: c7 45 b8 e0 13 40 00 movl $0x4013e0,0xffffffb8(%ebp)
Status = RtlQueryRegistryValues(RTL_REGISTRY_CONTROL,
401481: 83 ec 0c sub $0xc,%esp
401484: 6a 00 push $0x0
401486: 6a 00 push $0x0
401488: 8d 45 b8 lea 0xffffffb8(%ebp),%eax
40148b: 50 push %eax
40148c: 68 80 53 40 00 push $0x405380
401491: 6a 02 push $0x2
401493: e8 98 25 00 00 call 403a30 <_RtlQueryRegistryValues@20>
401498: 83 c4 0c add $0xc,%esp
40149b: 89 45 b4 mov %eax,0xffffffb4(%ebp)
SM_REGISTRY_ROOT_NAME,
QueryTable,
NULL,
NULL);
return(Status);
40149e: 8b 45 b4 mov 0xffffffb4(%ebp),%eax
}
4014a1: c9 leave
4014a2: c3 ret
4014a3: 90 nop
4014a4: 90 nop
4014a5: 90 nop
4014a6: 90 nop
4014a7: 90 nop
4014a8: 90 nop
4014a9: 90 nop
4014aa: 90 nop
4014ab: 90 nop
4014ac: 90 nop
4014ad: 90 nop
4014ae: 90 nop
4014af: 90 nop
004014b0 <_SmpDosDevicesQueryRoutine@24>:
4014b0: 55 push %ebp
4014b1: 89 e5 mov %esp,%ebp
4014b3: 81 ec f8 00 00 00 sub $0xf8,%esp
4014b9: 83 7d 0c 01 cmpl $0x1,0xc(%ebp)
4014bd: 74 0f je 4014ce <_SmpDosDevicesQueryRoutine@24+0x1e>
4014bf: c7 85 10 ff ff ff 00 movl $0x0,0xffffff10(%ebp)
4014c6: 00 00 00
4014c9: e9 db 00 00 00 jmp 4015a9 <_SmpDosDevicesQueryRoutine@24+0xf9>
4014ce: 83 ec 04 sub $0x4,%esp
4014d1: ff 75 08 pushl 0x8(%ebp)
4014d4: 68 c0 53 40 00 push $0x4053c0
4014d9: 8d 85 18 ff ff ff lea 0xffffff18(%ebp),%eax
4014df: 50 push %eax
4014e0: e8 8b 25 00 00 call 403a70 <_swprintf>
4014e5: 83 c4 10 add $0x10,%esp
4014e8: 83 ec 08 sub $0x8,%esp
4014eb: 8d 85 18 ff ff ff lea 0xffffff18(%ebp),%eax
4014f1: 50 push %eax
4014f2: 8d 45 c8 lea 0xffffffc8(%ebp),%eax
4014f5: 50 push %eax
4014f6: e8 95 24 00 00 call 403990 <_RtlInitUnicodeString@8>
4014fb: 83 c4 08 add $0x8,%esp
4014fe: 83 ec 08 sub $0x8,%esp
401501: ff 75 10 pushl 0x10(%ebp)
401504: 8d 45 d0 lea 0xffffffd0(%ebp),%eax
401507: 50 push %eax
401508: e8 83 24 00 00 call 403990 <_RtlInitUnicodeString@8>
40150d: 83 c4 08 add $0x8,%esp
401510: c7 45 d8 18 00 00 00 movl $0x18,0xffffffd8(%ebp)
401517: 8d 45 c8 lea 0xffffffc8(%ebp),%eax
40151a: 89 45 e0 mov %eax,0xffffffe0(%ebp)
40151d: c7 45 e4 10 00 00 00 movl $0x10,0xffffffe4(%ebp)
401524: c7 45 dc 00 00 00 00 movl $0x0,0xffffffdc(%ebp)
40152b: c7 45 e8 00 00 00 00 movl $0x0,0xffffffe8(%ebp)
401532: c7 45 ec 00 00 00 00 movl $0x0,0xffffffec(%ebp)
401539: 8d 45 d0 lea 0xffffffd0(%ebp),%eax
40153c: 50 push %eax
40153d: 8d 45 d8 lea 0xffffffd8(%ebp),%eax
401540: 50 push %eax
401541: 68 01 00 0f 00 push $0xf0001
401546: 8d 45 c4 lea 0xffffffc4(%ebp),%eax
401549: 50 push %eax
40154a: e8 11 25 00 00 call 403a60 <_NtCreateSymbolicLinkObject@16>
40154f: 89 85 14 ff ff ff mov %eax,0xffffff14(%ebp)
401555: 83 bd 14 ff ff ff 00 cmpl $0x0,0xffffff14(%ebp)
40155c: 79 31 jns 40158f <_SmpDosDevicesQueryRoutine@24+0xdf>
40155e: 83 ec 04 sub $0x4,%esp
401561: 6a 4f push $0x4f
401563: 68 ce 53 40 00 push $0x4053ce
401568: 68 db 53 40 00 push $0x4053db
40156d: e8 6e 24 00 00 call 4039e0 <_DbgPrint>
401572: 83 c4 10 add $0x10,%esp
401575: 8d 45 d0 lea 0xffffffd0(%ebp),%eax
401578: 50 push %eax
401579: 8d 45 c8 lea 0xffffffc8(%ebp),%eax
40157c: 50 push %eax
40157d: 68 e4 53 40 00 push $0x4053e4
401582: 68 00 54 40 00 push $0x405400
401587: e8 54 24 00 00 call 4039e0 <_DbgPrint>
40158c: 83 c4 10 add $0x10,%esp
40158f: 83 ec 0c sub $0xc,%esp
401592: ff 75 c4 pushl 0xffffffc4(%ebp)
401595: e8 36 24 00 00 call 4039d0 <_NtClose@4>
40159a: 83 c4 0c add $0xc,%esp
40159d: 8b 85 14 ff ff ff mov 0xffffff14(%ebp),%eax
4015a3: 89 85 10 ff ff ff mov %eax,0xffffff10(%ebp)
4015a9: 8b 85 10 ff ff ff mov 0xffffff10(%ebp),%eax
4015af: c9 leave
4015b0: c2 18 00 ret $0x18
004015b3 <_SmInitDosDevices>:
/* EOF */
4015b3: 55 push %ebp
4015b4: 89 e5 mov %esp,%ebp
4015b6: 83 ec 58 sub $0x58,%esp
4015b9: 83 ec 08 sub $0x8,%esp
4015bc: 6a 38 push $0x38
4015be: 8d 45 b8 lea 0xffffffb8(%ebp),%eax
4015c1: 50 push %eax
4015c2: e8 59 24 00 00 call 403a20 <_RtlZeroMemory@8>
4015c7: 83 c4 08 add $0x8,%esp
4015ca: c7 45 b8 b0 14 40 00 movl $0x4014b0,0xffffffb8(%ebp)
4015d1: 83 ec 0c sub $0xc,%esp
4015d4: 6a 00 push $0x0
4015d6: 6a 00 push $0x0
4015d8: 8d 45 b8 lea 0xffffffb8(%ebp),%eax
4015db: 50 push %eax
4015dc: 68 40 54 40 00 push $0x405440
4015e1: 6a 02 push $0x2
4015e3: e8 48 24 00 00 call 403a30 <_RtlQueryRegistryValues@20>
4015e8: 83 c4 0c add $0xc,%esp
4015eb: 89 45 b4 mov %eax,0xffffffb4(%ebp)
4015ee: 8b 45 b4 mov 0xffffffb4(%ebp),%eax
4015f1: c9 leave
4015f2: c3 ret
4015f3: 90 nop
4015f4: 90 nop
4015f5: 90 nop
4015f6: 90 nop
4015f7: 90 nop
4015f8: 90 nop
4015f9: 90 nop
4015fa: 90 nop
4015fb: 90 nop
4015fc: 90 nop
4015fd: 90 nop
4015fe: 90 nop
4015ff: 90 nop
00401600 <_SmpRunBootAppsQueryRoutine@24>:
401600: 55 push %ebp
401601: 89 e5 mov %esp,%ebp
401603: 81 ec 68 08 00 00 sub $0x868,%esp
401609: 83 7d 0c 01 cmpl $0x1,0xc(%ebp)
40160d: 74 0f je 40161e <_SmpRunBootAppsQueryRoutine@24+0x1e>
40160f: c7 85 a4 f7 ff ff 00 movl $0x0,0xfffff7a4(%ebp)
401616: 00 00 00
401619: e9 8f 01 00 00 jmp 4017ad
<_SmpRunBootAppsQueryRoutine@24+0x1ad>
40161e: 83 ec 08 sub $0x8,%esp
401621: 6a 20 push $0x20
401623: ff 75 10 pushl 0x10(%ebp)
401626: e8 85 24 00 00 call 403ab0 <_wcschr>
40162b: 83 c4 10 add $0x10,%esp
40162e: 89 85 b4 f7 ff ff mov %eax,0xfffff7b4(%ebp)
401634: 8b 55 10 mov 0x10(%ebp),%edx
401637: 8b 85 b4 f7 ff ff mov 0xfffff7b4(%ebp),%eax
40163d: 29 d0 sub %edx,%eax
40163f: d1 f8 sar %eax
401641: 89 85 ac f7 ff ff mov %eax,0xfffff7ac(%ebp)
401647: 83 ec 04 sub $0x4,%esp
40164a: 8b 85 ac f7 ff ff mov 0xfffff7ac(%ebp),%eax
401650: 01 c0 add %eax,%eax
401652: 50 push %eax
401653: ff 75 10 pushl 0x10(%ebp)
401656: 8d 85 e8 fd ff ff lea 0xfffffde8(%ebp),%eax
40165c: 50 push %eax
40165d: e8 3e 24 00 00 call 403aa0 <_memcpy>
401662: 83 c4 10 add $0x10,%esp
401665: 8b 85 ac f7 ff ff mov 0xfffff7ac(%ebp),%eax
40166b: 66 c7 84 45 e8 fd ff movw $0x0,0xfffffde8(%ebp,%eax,2)
401672: ff 00 00
401675: 8d 85 b4 f7 ff ff lea 0xfffff7b4(%ebp),%eax
40167b: 83 00 02 addl $0x2,(%eax)
40167e: 83 ec 08 sub $0x8,%esp
401681: 6a 20 push $0x20
401683: ff b5 b4 f7 ff ff pushl 0xfffff7b4(%ebp)
401689: e8 22 24 00 00 call 403ab0 <_wcschr>
40168e: 83 c4 10 add $0x10,%esp
401691: 89 85 b0 f7 ff ff mov %eax,0xfffff7b0(%ebp)
401697: 83 bd b0 f7 ff ff 00 cmpl $0x0,0xfffff7b0(%ebp)
40169e: 74 18 je 4016b8 <_SmpRunBootAppsQueryRoutine@24+0xb8>
4016a0: 8b 95 b4 f7 ff ff mov 0xfffff7b4(%ebp),%edx
4016a6: 8b 85 b0 f7 ff ff mov 0xfffff7b0(%ebp),%eax
4016ac: 29 d0 sub %edx,%eax
4016ae: d1 f8 sar %eax
4016b0: 89 85 ac f7 ff ff mov %eax,0xfffff7ac(%ebp)
4016b6: eb 17 jmp 4016cf <_SmpRunBootAppsQueryRoutine@24+0xcf>
4016b8: 83 ec 0c sub $0xc,%esp
4016bb: ff b5 b4 f7 ff ff pushl 0xfffff7b4(%ebp)
4016c1: e8 ca 23 00 00 call 403a90 <_wcslen>
4016c6: 83 c4 10 add $0x10,%esp
4016c9: 89 85 ac f7 ff ff mov %eax,0xfffff7ac(%ebp)
4016cf: 83 ec 04 sub $0x4,%esp
4016d2: 8b 85 ac f7 ff ff mov 0xfffff7ac(%ebp),%eax
4016d8: 01 c0 add %eax,%eax
4016da: 50 push %eax
4016db: ff b5 b4 f7 ff ff pushl 0xfffff7b4(%ebp)
4016e1: 8d 85 d8 fb ff ff lea 0xfffffbd8(%ebp),%eax
4016e7: 50 push %eax
4016e8: e8 b3 23 00 00 call 403aa0 <_memcpy>
4016ed: 83 c4 10 add $0x10,%esp
4016f0: 8b 85 ac f7 ff ff mov 0xfffff7ac(%ebp),%eax
4016f6: 66 c7 84 45 d8 fb ff movw $0x0,0xfffffbd8(%ebp,%eax,2)
4016fd: ff 00 00
401700: 83 bd b0 f7 ff ff 00 cmpl $0x0,0xfffff7b0(%ebp)
401707: 75 0b jne 401714
<_SmpRunBootAppsQueryRoutine@24+0x114>
401709: 66 c7 85 b8 f7 ff ff movw $0x0,0xfffff7b8(%ebp)
401710: 00 00
401712: eb 21 jmp 401735
<_SmpRunBootAppsQueryRoutine@24+0x135>
401714: 8d 85 b0 f7 ff ff lea 0xfffff7b0(%ebp),%eax
40171a: 83 00 02 addl $0x2,(%eax)
40171d: 83 ec 08 sub $0x8,%esp
401720: ff b5 b0 f7 ff ff pushl 0xfffff7b0(%ebp)
401726: 8d 85 b8 f7 ff ff lea 0xfffff7b8(%ebp),%eax
40172c: 50 push %eax
40172d: e8 0e 23 00 00 call 403a40 <_wcscpy>
401732: 83 c4 10 add $0x10,%esp
401735: 83 ec 08 sub $0x8,%esp
401738: 68 80 54 40 00 push $0x405480
40173d: 8d 85 c8 f9 ff ff lea 0xfffff9c8(%ebp),%eax
401743: 50 push %eax
401744: e8 f7 22 00 00 call 403a40 <_wcscpy>
401749: 83 c4 10 add $0x10,%esp
40174c: 83 ec 08 sub $0x8,%esp
40174f: 8d 85 d8 fb ff ff lea 0xfffffbd8(%ebp),%eax
401755: 50 push %eax
401756: 8d 85 c8 f9 ff ff lea 0xfffff9c8(%ebp),%eax
40175c: 50 push %eax
40175d: e8 1e 23 00 00 call 403a80 <_wcscat>
401762: 83 c4 10 add $0x10,%esp
401765: 83 ec 08 sub $0x8,%esp
401768: 68 ac 54 40 00 push $0x4054ac
40176d: 8d 85 c8 f9 ff ff lea 0xfffff9c8(%ebp),%eax
401773: 50 push %eax
401774: e8 07 23 00 00 call 403a80 <_wcscat>
401779: 83 c4 10 add $0x10,%esp
40177c: 83 ec 08 sub $0x8,%esp
40177f: 6a 00 push $0x0
401781: 6a 01 push $0x1
401783: 6a 00 push $0x0
401785: 6a 01 push $0x1
401787: 8d 85 b8 f7 ff ff lea 0xfffff7b8(%ebp),%eax
40178d: 50 push %eax
40178e: 8d 85 c8 f9 ff ff lea 0xfffff9c8(%ebp),%eax
401794: 50 push %eax
401795: e8 26 11 00 00 call 4028c0 <_SmCreateUserProcess@24>
40179a: 83 c4 08 add $0x8,%esp
40179d: 89 85 a8 f7 ff ff mov %eax,0xfffff7a8(%ebp)
4017a3: c7 85 a4 f7 ff ff 00 movl $0x0,0xfffff7a4(%ebp)
4017aa: 00 00 00
4017ad: 8b 85 a4 f7 ff ff mov 0xfffff7a4(%ebp),%eax
4017b3: c9 leave
4017b4: c2 18 00 ret $0x18
004017b7 <_SmRunBootApplications>:
4017b7: 55 push %ebp
4017b8: 89 e5 mov %esp,%ebp
4017ba: 83 ec 58 sub $0x58,%esp
4017bd: 83 ec 08 sub $0x8,%esp
4017c0: 6a 38 push $0x38
4017c2: 8d 45 b8 lea 0xffffffb8(%ebp),%eax
4017c5: 50 push %eax
4017c6: e8 55 22 00 00 call 403a20 <_RtlZeroMemory@8>
4017cb: 83 c4 08 add $0x8,%esp
4017ce: c7 45 c0 b6 54 40 00 movl $0x4054b6,0xffffffc0(%ebp)
4017d5: c7 45 b8 00 16 40 00 movl $0x401600,0xffffffb8(%ebp)
4017dc: 83 ec 0c sub $0xc,%esp
4017df: 6a 00 push $0x0
4017e1: 6a 00 push $0x0
4017e3: 8d 45 b8 lea 0xffffffb8(%ebp),%eax
4017e6: 50 push %eax
4017e7: 68 e0 54 40 00 push $0x4054e0
4017ec: 6a 02 push $0x2
4017ee: e8 3d 22 00 00 call 403a30 <_RtlQueryRegistryValues@20>
4017f3: 83 c4 0c add $0xc,%esp
4017f6: 89 45 b4 mov %eax,0xffffffb4(%ebp)
NULL,
NULL);
if (!NT_SUCCESS(Status))
4017f9: 83 7d b4 00 cmpl $0x0,0xffffffb4(%ebp)
4017fd: 79 32 jns 401831 <_SmRunBootApplications+0x7a>
{
DPRINT1("%s: RtlQueryRegistryValues() failed! (Status %lx)\n",
4017ff: 83 ec 04 sub $0x4,%esp
401802: 68 8e 00 00 00 push $0x8e
401807: 68 02 55 40 00 push $0x405502
40180c: 68 0c 55 40 00 push $0x40550c
401811: e8 ca 21 00 00 call 4039e0 <_DbgPrint>
401816: 83 c4 10 add $0x10,%esp
401819: 83 ec 04 sub $0x4,%esp
40181c: ff 75 b4 pushl 0xffffffb4(%ebp)
40181f: 68 15 55 40 00 push $0x405515
401824: 68 40 55 40 00 push $0x405540
401829: e8 b2 21 00 00 call 4039e0 <_DbgPrint>
40182e: 83 c4 10 add $0x10,%esp
__FUNCTION__,
Status);
}
return(Status);
401831: 8b 45 b4 mov 0xffffffb4(%ebp),%eax
}
401834: c9 leave
401835: c3 ret
401836: 90 nop
401837: 90 nop
401838: 90 nop
401839: 90 nop
40183a: 90 nop
40183b: 90 nop
40183c: 90 nop
40183d: 90 nop
40183e: 90 nop
40183f: 90 nop
00401840 <_SmProcessFileRenameList>:
401840: 55 push %ebp
401841: 89 e5 mov %esp,%ebp
401843: b8 00 00 00 00 mov $0x0,%eax
401848: 5d pop %ebp
401849: c3 ret
40184a: 90 nop
40184b: 90 nop
40184c: 90 nop
40184d: 90 nop
40184e: 90 nop
40184f: 90 nop
00401850 <_SmpKnownDllsQueryRoutine@24>:
401850: 55 push %ebp
401851: 89 e5 mov %esp,%ebp
401853: 83 ec 48 sub $0x48,%esp
401856: 83 ec 08 sub $0x8,%esp
401859: 68 80 55 40 00 push $0x405580
40185e: ff 75 08 pushl 0x8(%ebp)
401861: e8 ba 22 00 00 call 403b20 <__wcsicmp>
401866: 83 c4 10 add $0x10,%esp
401869: 85 c0 test %eax,%eax
40186b: 75 0c jne 401879 <_SmpKnownDllsQueryRoutine@24+0x29>
40186d: c7 45 b8 00 00 00 00 movl $0x0,0xffffffb8(%ebp)
401874: e9 97 01 00 00 jmp 401a10 <_SmpKnownDllsQueryRoutine@24+0x1c0>
401879: 83 ec 08 sub $0x8,%esp
40187c: ff 75 10 pushl 0x10(%ebp)
40187f: 8d 45 c8 lea 0xffffffc8(%ebp),%eax
401882: 50 push %eax
401883: e8 08 21 00 00 call 403990 <_RtlInitUnicodeString@8>
401888: 83 c4 08 add $0x8,%esp
40188b: c7 45 d8 18 00 00 00 movl $0x18,0xffffffd8(%ebp)
401892: 8d 45 c8 lea 0xffffffc8(%ebp),%eax
401895: 89 45 e0 mov %eax,0xffffffe0(%ebp)
401898: c7 45 e4 40 00 00 00 movl $0x40,0xffffffe4(%ebp)
40189f: 8b 45 18 mov 0x18(%ebp),%eax
4018a2: 89 45 dc mov %eax,0xffffffdc(%ebp)
4018a5: c7 45 e8 00 00 00 00 movl $0x0,0xffffffe8(%ebp)
4018ac: c7 45 ec 00 00 00 00 movl $0x0,0xffffffec(%ebp)
4018b3: 83 ec 08 sub $0x8,%esp
4018b6: 6a 60 push $0x60
4018b8: 6a 01 push $0x1
4018ba: 8d 45 d0 lea 0xffffffd0(%ebp),%eax
4018bd: 50 push %eax
4018be: 8d 45 d8 lea 0xffffffd8(%ebp),%eax
4018c1: 50 push %eax
4018c2: 68 21 00 10 00 push $0x100021
4018c7: 8d 45 c4 lea 0xffffffc4(%ebp),%eax
4018ca: 50 push %eax
4018cb: e8 f0 21 00 00 call 403ac0 <_NtOpenFile@24>
4018d0: 83 c4 08 add $0x8,%esp
4018d3: 89 45 bc mov %eax,0xffffffbc(%ebp)
4018d6: 83 7d bc 00 cmpl $0x0,0xffffffbc(%ebp)
4018da: 79 36 jns 401912 <_SmpKnownDllsQueryRoutine@24+0xc2>
4018dc: 83 ec 04 sub $0x4,%esp
4018df: 6a 46 push $0x46
4018e1: 68 9a 55 40 00 push $0x40559a
4018e6: 68 a6 55 40 00 push $0x4055a6
4018eb: e8 f0 20 00 00 call 4039e0 <_DbgPrint>
4018f0: 83 c4 10 add $0x10,%esp
4018f3: 83 ec 08 sub $0x8,%esp
4018f6: ff 75 bc pushl 0xffffffbc(%ebp)
4018f9: 68 c0 55 40 00 push $0x4055c0
4018fe: e8 dd 20 00 00 call 4039e0 <_DbgPrint>
401903: 83 c4 10 add $0x10,%esp
401906: c7 45 b8 00 00 00 00 movl $0x0,0xffffffb8(%ebp)
40190d: e9 fe 00 00 00 jmp 401a10 <_SmpKnownDllsQueryRoutine@24+0x1c0>
401912: 6a 00 push $0x0
401914: 6a 00 push $0x0
401916: 6a 00 push $0x0
401918: ff 75 c4 pushl 0xffffffc4(%ebp)
40191b: e8 b0 21 00 00 call 403ad0 <_LdrVerifyImageMatchesChecksum@16>
401920: 89 45 bc mov %eax,0xffffffbc(%ebp)
401923: 81 7d bc 21 02 00 c0 cmpl $0xc0000221,0xffffffbc(%ebp)
40192a: 75 1a jne 401946 <_SmpKnownDllsQueryRoutine@24+0xf6>
40192c: 83 ec 08 sub $0x8,%esp
40192f: 6a 00 push $0x0
401931: 6a 00 push $0x0
401933: 6a 00 push $0x0
401935: 6a 00 push $0x0
401937: 6a 00 push $0x0
401939: ff 75 bc pushl 0xffffffbc(%ebp)
40193c: e8 9f 21 00 00 call 403ae0 <_NtRaiseHardError@24>
401941: 83 c4 08 add $0x8,%esp
401944: eb 52 jmp 401998 <_SmpKnownDllsQueryRoutine@24+0x148>
401946: 83 7d bc 00 cmpl $0x0,0xffffffbc(%ebp)
40194a: 79 4c jns 401998 <_SmpKnownDllsQueryRoutine@24+0x148>
{
DPRINT1("Failed to check the image checksum\n");
40194c: 83 ec 04 sub $0x4,%esp
40194f: 6a 5d push $0x5d
401951: 68 9a 55 40 00 push $0x40559a
401956: 68 a6 55 40 00 push $0x4055a6
40195b: e8 80 20 00 00 call 4039e0 <_DbgPrint>
401960: 83 c4 10 add $0x10,%esp
401963: 83 ec 0c sub $0xc,%esp
401966: 68 00 56 40 00 push $0x405600
40196b: e8 70 20 00 00 call 4039e0 <_DbgPrint>
401970: 83 c4 10 add $0x10,%esp
NtClose(SectionHandle);
401973: 83 ec 0c sub $0xc,%esp
401976: ff 75 c0 pushl 0xffffffc0(%ebp)
401979: e8 52 20 00 00 call 4039d0 <_NtClose@4>
40197e: 83 c4 0c add $0xc,%esp
NtClose(FileHandle);
401981: 83 ec 0c sub $0xc,%esp
401984: ff 75 c4 pushl 0xffffffc4(%ebp)
401987: e8 44 20 00 00 call 4039d0 <_NtClose@4>
40198c: 83 c4 0c add $0xc,%esp
return STATUS_SUCCESS;
40198f: c7 45 b8 00 00 00 00 movl $0x0,0xffffffb8(%ebp)
401996: eb 78 jmp 401a10 <_SmpKnownDllsQueryRoutine@24+0x1c0>
}
InitializeObjectAttributes(&ObjectAttributes,
401998: c7 45 d8 18 00 00 00 movl $0x18,0xffffffd8(%ebp)
40199f: 8d 45 c8 lea 0xffffffc8(%ebp),%eax
4019a2: 89 45 e0 mov %eax,0xffffffe0(%ebp)
4019a5: c7 45 e4 50 00 00 00 movl $0x50,0xffffffe4(%ebp)
4019ac: 8b 45 1c mov 0x1c(%ebp),%eax
4019af: 89 45 dc mov %eax,0xffffffdc(%ebp)
4019b2: c7 45 e8 00 00 00 00 movl $0x0,0xffffffe8(%ebp)
4019b9: c7 45 ec 00 00 00 00 movl $0x0,0xffffffec(%ebp)
&ImageName,
OBJ_CASE_INSENSITIVE | OBJ_PERMANENT,
(HANDLE)EntryContext,
NULL);
Status = NtCreateSection(&SectionHandle,
4019c0: 83 ec 04 sub $0x4,%esp
4019c3: ff 75 c4 pushl 0xffffffc4(%ebp)
4019c6: 68 00 00 00 01 push $0x1000000
4019cb: 6a 10 push $0x10
4019cd: 6a 00 push $0x0
4019cf: 8d 45 d8 lea 0xffffffd8(%ebp),%eax
4019d2: 50 push %eax
4019d3: 68 1f 00 0f 00 push $0xf001f
4019d8: 8d 45 c0 lea 0xffffffc0(%ebp),%eax
4019db: 50 push %eax
4019dc: e8 0f 21 00 00 call 403af0 <_NtCreateSection@28>
4019e1: 83 c4 04 add $0x4,%esp
4019e4: 89 45 bc mov %eax,0xffffffbc(%ebp)
SECTION_ALL_ACCESS,
&ObjectAttributes,
NULL,
PAGE_EXECUTE,
SEC_IMAGE,
FileHandle);
if (NT_SUCCESS(Status))
4019e7: 83 7d bc 00 cmpl $0x0,0xffffffbc(%ebp)
4019eb: 78 0e js 4019fb <_SmpKnownDllsQueryRoutine@24+0x1ab>
{
DPRINT("Created section successfully\n");
NtClose(SectionHandle);
4019ed: 83 ec 0c sub $0xc,%esp
4019f0: ff 75 c0 pushl 0xffffffc0(%ebp)
4019f3: e8 d8 1f 00 00 call 4039d0 <_NtClose@4>
4019f8: 83 c4 0c add $0xc,%esp
}
NtClose(FileHandle);
4019fb: 83 ec 0c sub $0xc,%esp
4019fe: ff 75 c4 pushl 0xffffffc4(%ebp)
401a01: e8 ca 1f 00 00 call 4039d0 <_NtClose@4>
401a06: 83 c4 0c add $0xc,%esp
return STATUS_SUCCESS;
401a09: c7 45 b8 00 00 00 00 movl $0x0,0xffffffb8(%ebp)
}
401a10: 8b 45 b8 mov 0xffffffb8(%ebp),%eax
401a13: c9 leave
401a14: c2 18 00 ret $0x18
00401a17 <_SmLoadKnownDlls>:
NTSTATUS
SmLoadKnownDlls(VOID)
{
401a17: 55 push %ebp
401a18: 89 e5 mov %esp,%ebp
401a1a: 81 ec a8 00 00 00 sub $0xa8,%esp
RTL_QUERY_REGISTRY_TABLE QueryTable[2];
OBJECT_ATTRIBUTES ObjectAttributes;
IO_STATUS_BLOCK IoStatusBlock;
UNICODE_STRING DllDosPath;
UNICODE_STRING DllNtPath;
UNICODE_STRING Name;
HANDLE ObjectDirHandle;
HANDLE FileDirHandle;
HANDLE SymlinkHandle;
NTSTATUS Status;
DPRINT("SM: loading well-known DLLs\n");
DPRINT("SmLoadKnownDlls() called\n");
/* Create 'KnownDlls' object directory */
RtlInitUnicodeString(&Name,
401a20: 83 ec 08 sub $0x8,%esp
401a23: 68 24 56 40 00 push $0x405624
401a28: 8d 85 78 ff ff ff lea 0xffffff78(%ebp),%eax
401a2e: 50 push %eax
401a2f: e8 5c 1f 00 00 call 403990 <_RtlInitUnicodeString@8>
401a34: 83 c4 08 add $0x8,%esp
L"\\KnownDlls");
InitializeObjectAttributes(&ObjectAttributes,
401a37: c7 45 98 18 00 00 00 movl $0x18,0xffffff98(%ebp)
401a3e: 8d 85 78 ff ff ff lea 0xffffff78(%ebp),%eax
401a44: 89 45 a0 mov %eax,0xffffffa0(%ebp)
401a47: c7 45 a4 d0 00 00 00 movl $0xd0,0xffffffa4(%ebp)
401a4e: c7 45 9c 00 00 00 00 movl $0x0,0xffffff9c(%ebp)
401a55: c7 45 a8 00 00 00 00 movl $0x0,0xffffffa8(%ebp)
401a5c: c7 45 ac 00 00 00 00 movl $0x0,0xffffffac(%ebp)
&Name,
OBJ_PERMANENT | OBJ_CASE_INSENSITIVE | OBJ_OPENIF,
NULL,
NULL);
Status = NtCreateDirectoryObject(&ObjectDirHandle,
401a63: 83 ec 04 sub $0x4,%esp
401a66: 8d 45 98 lea 0xffffff98(%ebp),%eax
401a69: 50 push %eax
401a6a: 68 0f 00 0f 00 push $0xf000f
401a6f: 8d 85 74 ff ff ff lea 0xffffff74(%ebp),%eax
401a75: 50 push %eax
401a76: e8 85 20 00 00 call 403b00 <_NtCreateDirectoryObject@12>
401a7b: 83 c4 04 add $0x4,%esp
401a7e: 89 85 68 ff ff ff mov %eax,0xffffff68(%ebp)
DIRECTORY_ALL_ACCESS,
&ObjectAttributes);
if (!NT_SUCCESS(Status))
401a84: 83 bd 68 ff ff ff 00 cmpl $0x0,0xffffff68(%ebp)
401a8b: 79 41 jns 401ace <_SmLoadKnownDlls+0xb7>
{
DPRINT1("NtCreateDirectoryObject() failed (Status %lx)\n", Status);
401a8d: 83 ec 04 sub $0x4,%esp
401a90: 68 9d 00 00 00 push $0x9d
401a95: 68 9a 55 40 00 push $0x40559a
401a9a: 68 a6 55 40 00 push $0x4055a6
401a9f: e8 3c 1f 00 00 call 4039e0 <_DbgPrint>
401aa4: 83 c4 10 add $0x10,%esp
401aa7: 83 ec 08 sub $0x8,%esp
401aaa: ff b5 68 ff ff ff pushl 0xffffff68(%ebp)
401ab0: 68 40 56 40 00 push $0x405640
401ab5: e8 26 1f 00 00 call 4039e0 <_DbgPrint>
401aba: 83 c4 10 add $0x10,%esp
return Status;
401abd: 8b 85 68 ff ff ff mov 0xffffff68(%ebp),%eax
401ac3: 89 85 64 ff ff ff mov %eax,0xffffff64(%ebp)
401ac9: e9 da 02 00 00 jmp 401da8 <_SmLoadKnownDlls+0x391>
}
RtlInitUnicodeString(&DllDosPath, NULL);
401ace: 83 ec 08 sub $0x8,%esp
401ad1: 6a 00 push $0x0
401ad3: 8d 45 88 lea 0xffffff88(%ebp),%eax
401ad6: 50 push %eax
401ad7: e8 b4 1e 00 00 call 403990 <_RtlInitUnicodeString@8>
401adc: 83 c4 08 add $0x8,%esp
RtlZeroMemory(&QueryTable,
401adf: 83 ec 08 sub $0x8,%esp
401ae2: 6a 38 push $0x38
401ae4: 8d 45 b8 lea 0xffffffb8(%ebp),%eax
401ae7: 50 push %eax
401ae8: e8 33 1f 00 00 call 403a20 <_RtlZeroMemory@8>
401aed: 83 c4 08 add $0x8,%esp
sizeof(QueryTable));
QueryTable[0].Name = L"DllDirectory";
401af0: c7 45 c0 80 55 40 00 movl $0x405580,0xffffffc0(%ebp)
QueryTable[0].Flags = RTL_QUERY_REGISTRY_DIRECT;
401af7: c7 45 bc 20 00 00 00 movl $0x20,0xffffffbc(%ebp)
QueryTable[0].EntryContext = &DllDosPath;
401afe: 8d 45 88 lea 0xffffff88(%ebp),%eax
401b01: 89 45 c4 mov %eax,0xffffffc4(%ebp)
Status = RtlQueryRegistryValues(RTL_REGISTRY_CONTROL,
401b04: 83 ec 0c sub $0xc,%esp
401b07: ff 35 20 60 40 00 pushl 0x406020
401b0d: 6a 00 push $0x0
401b0f: 8d 45 b8 lea 0xffffffb8(%ebp),%eax
401b12: 50 push %eax
401b13: 68 80 56 40 00 push $0x405680
401b18: 6a 02 push $0x2
401b1a: e8 11 1f 00 00 call 403a30 <_RtlQueryRegistryValues@20>
401b1f: 83 c4 0c add $0xc,%esp
401b22: 89 85 68 ff ff ff mov %eax,0xffffff68(%ebp)
L"\\Session Manager\\KnownDlls",
QueryTable,
NULL,
SmSystemEnvironment);
if (!NT_SUCCESS(Status))
401b28: 83 bd 68 ff ff ff 00 cmpl $0x0,0xffffff68(%ebp)
401b2f: 79 41 jns 401b72 <_SmLoadKnownDlls+0x15b>
{
DPRINT1("RtlQueryRegistryValues() failed (Status %lx)\n", Status);
401b31: 83 ec 04 sub $0x4,%esp
401b34: 68 b1 00 00 00 push $0xb1
401b39: 68 9a 55 40 00 push $0x40559a
401b3e: 68 a6 55 40 00 push $0x4055a6
401b43: e8 98 1e 00 00 call 4039e0 <_DbgPrint>
401b48: 83 c4 10 add $0x10,%esp
401b4b: 83 ec 08 sub $0x8,%esp
401b4e: ff b5 68 ff ff ff pushl 0xffffff68(%ebp)
401b54: 68 c0 56 40 00 push $0x4056c0
401b59: e8 82 1e 00 00 call 4039e0 <_DbgPrint>
401b5e: 83 c4 10 add $0x10,%esp
return Status;
401b61: 8b 85 68 ff ff ff mov 0xffffff68(%ebp),%eax
401b67: 89 85 64 ff ff ff mov %eax,0xffffff64(%ebp)
401b6d: e9 36 02 00 00 jmp 401da8 <_SmLoadKnownDlls+0x391>
}
DPRINT("DllDosPath: '%wZ'\n", &DllDosPath);
if (!RtlDosPathNameToNtPathName_U(DllDosPath.Buffer,
401b72: 6a 00 push $0x0
401b74: 6a 00 push $0x0
401b76: 8d 45 80 lea 0xffffff80(%ebp),%eax
401b79: 50 push %eax
401b7a: ff 75 8c pushl 0xffffff8c(%ebp)
401b7d: e8 8e 1f 00 00 call 403b10 <_RtlDosPathNameToNtPathName_U@16>
401b82: 84 c0 test %al,%al
401b84: 75 39 jne 401bbf <_SmLoadKnownDlls+0x1a8>
&DllNtPath,
NULL,
NULL))
{
DPRINT1("RtlDosPathNameToNtPathName_U() failed\n");
401b86: 83 ec 04 sub $0x4,%esp
401b89: 68 bc 00 00 00 push $0xbc
401b8e: 68 9a 55 40 00 push $0x40559a
401b93: 68 a6 55 40 00 push $0x4055a6
401b98: e8 43 1e 00 00 call 4039e0 <_DbgPrint>
401b9d: 83 c4 10 add $0x10,%esp
401ba0: 83 ec 0c sub $0xc,%esp
401ba3: 68 00 57 40 00 push $0x405700
401ba8: e8 33 1e 00 00 call 4039e0 <_DbgPrint>
401bad: 83 c4 10 add $0x10,%esp
return STATUS_OBJECT_NAME_INVALID;
401bb0: c7 85 64 ff ff ff 33 movl $0xc0000033,0xffffff64(%ebp)
401bb7: 00 00 c0
401bba: e9 e9 01 00 00 jmp 401da8 <_SmLoadKnownDlls+0x391>
}
DPRINT("DllNtPath: '%wZ'\n", &DllNtPath);
/* Open the dll path directory */
InitializeObjectAttributes(&ObjectAttributes,
401bbf: c7 45 98 18 00 00 00 movl $0x18,0xffffff98(%ebp)
401bc6: 8d 45 80 lea 0xffffff80(%ebp),%eax
401bc9: 89 45 a0 mov %eax,0xffffffa0(%ebp)
401bcc: c7 45 a4 40 00 00 00 movl $0x40,0xffffffa4(%ebp)
401bd3: c7 45 9c 00 00 00 00 movl $0x0,0xffffff9c(%ebp)
401bda: c7 45 a8 00 00 00 00 movl $0x0,0xffffffa8(%ebp)
401be1: c7 45 ac 00 00 00 00 movl $0x0,0xffffffac(%ebp)
&DllNtPath,
OBJ_CASE_INSENSITIVE,
NULL,
NULL);
Status = NtOpenFile(&FileDirHandle,
401be8: 83 ec 08 sub $0x8,%esp
401beb: 6a 21 push $0x21
401bed: 6a 03 push $0x3
401bef: 8d 45 90 lea 0xffffff90(%ebp),%eax
401bf2: 50 push %eax
401bf3: 8d 45 98 lea 0xffffff98(%ebp),%eax
401bf6: 50 push %eax
401bf7: 68 01 00 10 00 push $0x100001
401bfc: 8d 85 70 ff ff ff lea 0xffffff70(%ebp),%eax
401c02: 50 push %eax
401c03: e8 b8 1e 00 00 call 403ac0 <_NtOpenFile@24>
401c08: 83 c4 08 add $0x8,%esp
401c0b: 89 85 68 ff ff ff mov %eax,0xffffff68(%ebp)
SYNCHRONIZE | FILE_READ_DATA,
&ObjectAttributes,
&IoStatusBlock,
FILE_SHARE_READ | FILE_SHARE_WRITE,
FILE_SYNCHRONOUS_IO_NONALERT | FILE_DIRECTORY_FILE);
if (!NT_SUCCESS(Status))
401c11: 83 bd 68 ff ff ff 00 cmpl $0x0,0xffffff68(%ebp)
401c18: 79 45 jns 401c5f <_SmLoadKnownDlls+0x248>
{
DPRINT1("NtOpenFile(%wZ) failed (Status %lx)\n", &DllNtPath, Status);
401c1a: 83 ec 04 sub $0x4,%esp
401c1d: 68 d0 00 00 00 push $0xd0
401c22: 68 9a 55 40 00 push $0x40559a
401c27: 68 a6 55 40 00 push $0x4055a6
401c2c: e8 af 1d 00 00 call 4039e0 <_DbgPrint>
401c31: 83 c4 10 add $0x10,%esp
401c34: 83 ec 04 sub $0x4,%esp
401c37: ff b5 68 ff ff ff pushl 0xffffff68(%ebp)
401c3d: 8d 45 80 lea 0xffffff80(%ebp),%eax
401c40: 50 push %eax
401c41: 68 40 57 40 00 push $0x405740
401c46: e8 95 1d 00 00 call 4039e0 <_DbgPrint>
401c4b: 83 c4 10 add $0x10,%esp
return Status;
401c4e: 8b 85 68 ff ff ff mov 0xffffff68(%ebp),%eax
401c54: 89 85 64 ff ff ff mov %eax,0xffffff64(%ebp)
401c5a: e9 49 01 00 00 jmp 401da8 <_SmLoadKnownDlls+0x391>
}
/* Link 'KnownDllPath' the dll path directory */
RtlInitUnicodeString(&Name,
401c5f: 83 ec 08 sub $0x8,%esp
401c62: 68 66 57 40 00 push $0x405766
401c67: 8d 85 78 ff ff ff lea 0xffffff78(%ebp),%eax
401c6d: 50 push %eax
401c6e: e8 1d 1d 00 00 call 403990 <_RtlInitUnicodeString@8>
401c73: 83 c4 08 add $0x8,%esp
L"KnownDllPath");
InitializeObjectAttributes(&ObjectAttributes,
401c76: c7 45 98 18 00 00 00 movl $0x18,0xffffff98(%ebp)
401c7d: 8d 85 78 ff ff ff lea 0xffffff78(%ebp),%eax
401c83: 89 45 a0 mov %eax,0xffffffa0(%ebp)
401c86: c7 45 a4 d0 00 00 00 movl $0xd0,0xffffffa4(%ebp)
401c8d: 8b 85 74 ff ff ff mov 0xffffff74(%ebp),%eax
401c93: 89 45 9c mov %eax,0xffffff9c(%ebp)
401c96: c7 45 a8 00 00 00 00 movl $0x0,0xffffffa8(%ebp)
401c9d: c7 45 ac 00 00 00 00 movl $0x0,0xffffffac(%ebp)
&Name,
OBJ_PERMANENT | OBJ_CASE_INSENSITIVE | OBJ_OPENIF,
ObjectDirHandle,
NULL);
Status = NtCreateSymbolicLinkObject(&SymlinkHandle,
401ca4: 8d 45 88 lea 0xffffff88(%ebp),%eax
401ca7: 50 push %eax
401ca8: 8d 45 98 lea 0xffffff98(%ebp),%eax
401cab: 50 push %eax
401cac: 68 01 00 0f 00 push $0xf0001
401cb1: 8d 85 6c ff ff ff lea 0xffffff6c(%ebp),%eax
401cb7: 50 push %eax
401cb8: e8 a3 1d 00 00 call 403a60 <_NtCreateSymbolicLinkObject@16>
401cbd: 89 85 68 ff ff ff mov %eax,0xffffff68(%ebp)
SYMBOLIC_LINK_ALL_ACCESS,
&ObjectAttributes,
&DllDosPath);
if (!NT_SUCCESS(Status))
401cc3: 83 bd 68 ff ff ff 00 cmpl $0x0,0xffffff68(%ebp)
401cca: 79 41 jns 401d0d <_SmLoadKnownDlls+0x2f6>
{
DPRINT1("NtCreateSymbolicLink() failed (Status %lx)\n", Status);
401ccc: 83 ec 04 sub $0x4,%esp
401ccf: 68 e2 00 00 00 push $0xe2
401cd4: 68 9a 55 40 00 push $0x40559a
401cd9: 68 a6 55 40 00 push $0x4055a6
401cde: e8 fd 1c 00 00 call 4039e0 <_DbgPrint>
401ce3: 83 c4 10 add $0x10,%esp
401ce6: 83 ec 08 sub $0x8,%esp
401ce9: ff b5 68 ff ff ff pushl 0xffffff68(%ebp)
401cef: 68 80 57 40 00 push $0x405780
401cf4: e8 e7 1c 00 00 call 4039e0 <_DbgPrint>
401cf9: 83 c4 10 add $0x10,%esp
return Status;
401cfc: 8b 85 68 ff ff ff mov 0xffffff68(%ebp),%eax
401d02: 89 85 64 ff ff ff mov %eax,0xffffff64(%ebp)
401d08: e9 9b 00 00 00 jmp 401da8 <_SmLoadKnownDlls+0x391>
}
NtClose(SymlinkHandle);
401d0d: 83 ec 0c sub $0xc,%esp
401d10: ff b5 6c ff ff ff pushl 0xffffff6c(%ebp)
401d16: e8 b5 1c 00 00 call 4039d0 <_NtClose@4>
401d1b: 83 c4 0c add $0xc,%esp
RtlZeroMemory(&QueryTable,
401d1e: 83 ec 08 sub $0x8,%esp
401d21: 6a 38 push $0x38
401d23: 8d 45 b8 lea 0xffffffb8(%ebp),%eax
401d26: 50 push %eax
401d27: e8 f4 1c 00 00 call 403a20 <_RtlZeroMemory@8>
401d2c: 83 c4 08 add $0x8,%esp
sizeof(QueryTable));
QueryTable[0].QueryRoutine = SmpKnownDllsQueryRoutine;
401d2f: c7 45 b8 50 18 40 00 movl $0x401850,0xffffffb8(%ebp)
QueryTable[0].EntryContext = ObjectDirHandle;
401d36: 8b 85 74 ff ff ff mov 0xffffff74(%ebp),%eax
401d3c: 89 45 c4 mov %eax,0xffffffc4(%ebp)
Status = RtlQueryRegistryValues(RTL_REGISTRY_CONTROL,
401d3f: 83 ec 0c sub $0xc,%esp
401d42: 6a 00 push $0x0
401d44: ff b5 70 ff ff ff pushl 0xffffff70(%ebp)
401d4a: 8d 45 b8 lea 0xffffffb8(%ebp),%eax
401d4d: 50 push %eax
401d4e: 68 80 56 40 00 push $0x405680
401d53: 6a 02 push $0x2
401d55: e8 d6 1c 00 00 call 403a30 <_RtlQueryRegistryValues@20>
401d5a: 83 c4 0c add $0xc,%esp
401d5d: 89 85 68 ff ff ff mov %eax,0xffffff68(%ebp)
L"\\Session Manager\\KnownDlls",
QueryTable,
(PVOID)FileDirHandle,
NULL);
if (!NT_SUCCESS(Status))
401d63: 83 bd 68 ff ff ff 00 cmpl $0x0,0xffffff68(%ebp)
401d6a: 79 30 jns 401d9c <_SmLoadKnownDlls+0x385>
{
DPRINT1("RtlQueryRegistryValues() failed (Status %lx)\n", Status);
401d6c: 83 ec 04 sub $0x4,%esp
401d6f: 68 f5 00 00 00 push $0xf5
401d74: 68 9a 55 40 00 push $0x40559a
401d79: 68 a6 55 40 00 push $0x4055a6
401d7e: e8 5d 1c 00 00 call 4039e0 <_DbgPrint>
401d83: 83 c4 10 add $0x10,%esp
401d86: 83 ec 08 sub $0x8,%esp
401d89: ff b5 68 ff ff ff pushl 0xffffff68(%ebp)
401d8f: 68 c0 56 40 00 push $0x4056c0
401d94: e8 47 1c 00 00 call 4039e0 <_DbgPrint>
401d99: 83 c4 10 add $0x10,%esp
}
DPRINT("SmLoadKnownDlls() done\n");
return Status;
401d9c: 8b 85 68 ff ff ff mov 0xffffff68(%ebp),%eax
401da2: 89 85 64 ff ff ff mov %eax,0xffffff64(%ebp)
}
401da8: 8b 85 64 ff ff ff mov 0xffffff64(%ebp),%eax
401dae: c9 leave
401daf: c3 ret
00401db0 <_SmpPagingFilesQueryRoutine@24>:
401db0: 55 push %ebp
401db1: 89 e5 mov %esp,%ebp
401db3: 83 ec 28 sub $0x28,%esp
401db6: 83 7d 0c 01 cmpl $0x1,0xc(%ebp)
401dba: 74 0c je 401dc8 <_SmpPagingFilesQueryRoutine@24+0x18>
401dbc: c7 45 dc 00 00 00 00 movl $0x0,0xffffffdc(%ebp)
401dc3: e9 e9 00 00 00 jmp 401eb1
<_SmpPagingFilesQueryRoutine@24+0x101>
401dc8: 83 ec 08 sub $0x8,%esp
401dcb: 6a 20 push $0x20
401dcd: ff 75 10 pushl 0x10(%ebp)
401dd0: e8 db 1c 00 00 call 403ab0 <_wcschr>
401dd5: 83 c4 10 add $0x10,%esp
401dd8: 89 45 e0 mov %eax,0xffffffe0(%ebp)
401ddb: 83 7d e0 00 cmpl $0x0,0xffffffe0(%ebp)
401ddf: 74 6b je 401e4c <_SmpPagingFilesQueryRoutine@24+0x9c>
401de1: 8b 45 e0 mov 0xffffffe0(%ebp),%eax
401de4: 66 c7 00 00 00 movw $0x0,(%eax)
401de9: 83 ec 04 sub $0x4,%esp
401dec: 6a 00 push $0x0
401dee: 8d 45 e0 lea 0xffffffe0(%ebp),%eax
401df1: 50 push %eax
401df2: 8b 45 e0 mov 0xffffffe0(%ebp),%eax
401df5: 83 c0 02 add $0x2,%eax
401df8: 50 push %eax
401df9: e8 62 1d 00 00 call 403b60 <_wcstoul>
401dfe: 83 c4 10 add $0x10,%esp
401e01: c1 e0 14 shl $0x14,%eax
401e04: ba 00 00 00 00 mov $0x0,%edx
401e09: 89 45 f0 mov %eax,0xfffffff0(%ebp)
401e0c: 89 55 f4 mov %edx,0xfffffff4(%ebp)
401e0f: 8b 45 e0 mov 0xffffffe0(%ebp),%eax
401e12: 66 83 38 20 cmpw $0x20,(%eax)
401e16: 75 26 jne 401e3e <_SmpPagingFilesQueryRoutine@24+0x8e>
401e18: 83 ec 04 sub $0x4,%esp
401e1b: 6a 00 push $0x0
401e1d: 6a 00 push $0x0
401e1f: 8b 45 e0 mov 0xffffffe0(%ebp),%eax
401e22: 83 c0 02 add $0x2,%eax
401e25: 50 push %eax
401e26: e8 35 1d 00 00 call 403b60 <_wcstoul>
401e2b: 83 c4 10 add $0x10,%esp
401e2e: c1 e0 14 shl $0x14,%eax
401e31: ba 00 00 00 00 mov $0x0,%edx
401e36: 89 45 e8 mov %eax,0xffffffe8(%ebp)
401e39: 89 55 ec mov %edx,0xffffffec(%ebp)
401e3c: eb 2a jmp 401e68 <_SmpPagingFilesQueryRoutine@24+0xb8>
401e3e: 8b 45 f0 mov 0xfffffff0(%ebp),%eax
401e41: 8b 55 f4 mov 0xfffffff4(%ebp),%edx
401e44: 89 45 e8 mov %eax,0xffffffe8(%ebp)
401e47: 89 55 ec mov %edx,0xffffffec(%ebp)
401e4a: eb 1c jmp 401e68 <_SmpPagingFilesQueryRoutine@24+0xb8>
401e4c: c7 45 f0 00 20 03 00 movl $0x32000,0xfffffff0(%ebp)
401e53: c7 45 f4 00 00 00 00 movl $0x0,0xfffffff4(%ebp)
401e5a: c7 45 e8 00 00 05 00 movl $0x50000,0xffffffe8(%ebp)
401e61: c7 45 ec 00 00 00 00 movl $0x0,0xffffffec(%ebp)
401e68: 6a 00 push $0x0
401e6a: 6a 00 push $0x0
401e6c: 8d 45 f8 lea 0xfffffff8(%ebp),%eax
401e6f: 50 push %eax
401e70: ff 75 10 pushl 0x10(%ebp)
401e73: e8 98 1c 00 00 call 403b10 <_RtlDosPathNameToNtPathName_U@16>
401e78: 84 c0 test %al,%al
401e7a: 75 09 jne 401e85 <_SmpPagingFilesQueryRoutine@24+0xd5>
401e7c: c7 45 dc 00 00 00 00 movl $0x0,0xffffffdc(%ebp)
401e83: eb 2c jmp 401eb1
<_SmpPagingFilesQueryRoutine@24+0x101>
401e85: 6a 00 push $0x0
401e87: 8d 45 e8 lea 0xffffffe8(%ebp),%eax
401e8a: 50 push %eax
401e8b: 8d 45 f0 lea 0xfffffff0(%ebp),%eax
401e8e: 50 push %eax
401e8f: 8d 45 f8 lea 0xfffffff8(%ebp),%eax
401e92: 50 push %eax
401e93: e8 98 1c 00 00 call 403b30 <_NtCreatePagingFile@16>
401e98: 89 45 e4 mov %eax,0xffffffe4(%ebp)
401e9b: 83 ec 0c sub $0xc,%esp
401e9e: 8d 45 f8 lea 0xfffffff8(%ebp),%eax
401ea1: 50 push %eax
401ea2: e8 99 1c 00 00 call 403b40 <_RtlFreeUnicodeString@4>
401ea7: 83 c4 0c add $0xc,%esp
401eaa: c7 45 dc 00 00 00 00 movl $0x0,0xffffffdc(%ebp)
401eb1: 8b 45 dc mov 0xffffffdc(%ebp),%eax
401eb4: c9 leave
401eb5: c2 18 00 ret $0x18
00401eb8 <_SmCreatePagingFiles>:
401eb8: 55 push %ebp
401eb9: 89 e5 mov %esp,%ebp
401ebb: 83 ec 58 sub $0x58,%esp
401ebe: 83 ec 08 sub $0x8,%esp
401ec1: 68 c0 57 40 00 push $0x4057c0
401ec6: 6a 02 push $0x2
401ec8: e8 83 1c 00 00 call 403b50 <_RtlCheckRegistryKey@8>
401ecd: 83 c4 08 add $0x8,%esp
401ed0: 85 c0 test %eax,%eax
401ed2: 75 09 jne 401edd <_SmCreatePagingFiles+0x25>
401ed4: c7 45 b0 00 00 00 00 movl $0x0,0xffffffb0(%ebp)
401edb: eb 42 jmp 401f1f <_SmCreatePagingFiles+0x67>
401edd: 83 ec 08 sub $0x8,%esp
401ee0: 6a 38 push $0x38
401ee2: 8d 45 b8 lea 0xffffffb8(%ebp),%eax
401ee5: 50 push %eax
401ee6: e8 35 1b 00 00 call 403a20 <_RtlZeroMemory@8>
401eeb: 83 c4 08 add $0x8,%esp
401eee: c7 45 c0 ce 57 40 00 movl $0x4057ce,0xffffffc0(%ebp)
401ef5: c7 45 b8 b0 1d 40 00 movl $0x401db0,0xffffffb8(%ebp)
401efc: 83 ec 0c sub $0xc,%esp
401eff: 6a 00 push $0x0
401f01: 6a 00 push $0x0
401f03: 8d 45 b8 lea 0xffffffb8(%ebp),%eax
401f06: 50 push %eax
401f07: 68 00 58 40 00 push $0x405800
401f0c: 6a 02 push $0x2
401f0e: e8 1d 1b 00 00 call 403a30 <_RtlQueryRegistryValues@20>
401f13: 83 c4 0c add $0xc,%esp
401f16: 89 45 b4 mov %eax,0xffffffb4(%ebp)
401f19: 8b 45 b4 mov 0xffffffb4(%ebp),%eax
401f1c: 89 45 b0 mov %eax,0xffffffb0(%ebp)
401f1f: 8b 45 b0 mov 0xffffffb0(%ebp),%eax
401f22: c9 leave
401f23: c3 ret
401f24: 90 nop
401f25: 90 nop
401f26: 90 nop
401f27: 90 nop
401f28: 90 nop
401f29: 90 nop
401f2a: 90 nop
401f2b: 90 nop
401f2c: 90 nop
401f2d: 90 nop
401f2e: 90 nop
401f2f: 90 nop
00401f30 <_SmpRegisterSmss>:
401f30: 55 push %ebp
401f31: 89 e5 mov %esp,%ebp
401f33: 83 ec 18 sub $0x18,%esp
401f36: c7 45 fc 00 00 00 00 movl $0x0,0xfffffffc(%ebp)
401f3d: c7 45 f0 00 00 00 00 movl $0x0,0xfffffff0(%ebp)
401f44: c7 45 f4 00 00 00 00 movl $0x0,0xfffffff4(%ebp)
401f4b: 83 ec 08 sub $0x8,%esp
401f4e: 68 60 58 40 00 push $0x405860
401f53: 8d 45 f0 lea 0xfffffff0(%ebp),%eax
401f56: 50 push %eax
401f57: e8 34 1a 00 00 call 403990 <_RtlInitUnicodeString@8>
401f5c: 83 c4 08 add $0x8,%esp
401f5f: 68 40 60 40 00 push $0x406040
401f64: 6a 01 push $0x1
401f66: 6a ff push $0xffffffff
401f68: 8d 45 f0 lea 0xfffffff0(%ebp),%eax
401f6b: 50 push %eax
401f6c: e8 cf 17 00 00 call 403740 <_SmConnectApiPort@16>
401f71: 89 45 fc mov %eax,0xfffffffc(%ebp)
401f74: 83 7d fc 00 cmpl $0x0,0xfffffffc(%ebp)
401f78: 79 08 jns 401f82 <_SmpRegisterSmss+0x52>
401f7a: 8b 45 fc mov 0xfffffffc(%ebp),%eax
401f7d: 89 45 ec mov %eax,0xffffffec(%ebp)
401f80: eb 06 jmp 401f88 <_SmpRegisterSmss+0x58>
401f82: 8b 45 fc mov 0xfffffffc(%ebp),%eax
401f85: 89 45 ec mov %eax,0xffffffec(%ebp)
401f88: 8b 45 ec mov 0xffffffec(%ebp),%eax
401f8b: c9 leave
401f8c: c3 ret
00401f8d <_SmpLoadKernelModeSubsystem>:
401f8d: 55 push %ebp
401f8e: 89 e5 mov %esp,%ebp
401f90: 57 push %edi
401f91: 81 ec 54 04 00 00 sub $0x454,%esp
401f97: c7 45 f4 00 00 00 00 movl $0x0,0xfffffff4(%ebp)
401f9e: c7 85 d4 fd ff ff 0a movl $0x20a,0xfffffdd4(%ebp)
401fa5: 02 00 00
401fa8: c7 85 d0 fd ff ff 00 movl $0x0,0xfffffdd0(%ebp)
401faf: 00 00 00
401fb2: 83 ec 0c sub $0xc,%esp
401fb5: 6a 01 push $0x1
401fb7: 8d 85 d0 fd ff ff lea 0xfffffdd0(%ebp),%eax
401fbd: 50 push %eax
401fbe: 8d 85 d4 fd ff ff lea 0xfffffdd4(%ebp),%eax
401fc4: 50 push %eax
401fc5: 8d 85 d8 fd ff ff lea 0xfffffdd8(%ebp),%eax
401fcb: 50 push %eax
401fcc: 68 62 58 40 00 push $0x405862
401fd1: e8 7f 0a 00 00 call 402a55 <_SmLookupSubsystem@20>
401fd6: 83 c4 0c add $0xc,%esp
401fd9: 89 45 f4 mov %eax,0xfffffff4(%ebp)
401fdc: 83 7d f4 00 cmpl $0x0,0xfffffff4(%ebp)
401fe0: 0f 85 93 00 00 00 jne 402079 <_SmpLoadKernelModeSubsystem+0xec>
401fe6: 83 bd d4 fd ff ff 02 cmpl $0x2,0xfffffdd4(%ebp)
401fed: 0f 86 86 00 00 00 jbe 402079 <_SmpLoadKernelModeSubsystem+0xec>
401ff3: 8d bd b8 fb ff ff lea 0xfffffbb8(%ebp),%edi
401ff9: fc cld
401ffa: b9 0a 02 00 00 mov $0x20a,%ecx
401fff: b0 00 mov $0x0,%al
402001: f3 aa repz stos %al,%es:(%edi)
402003: 83 ec 08 sub $0x8,%esp
402006: 68 6e 58 40 00 push $0x40586e
40200b: 8d 85 b8 fb ff ff lea 0xfffffbb8(%ebp),%eax
402011: 50 push %eax
402012: e8 29 1a 00 00 call 403a40 <_wcscpy>
402017: 83 c4 10 add $0x10,%esp
40201a: 83 ec 08 sub $0x8,%esp
40201d: 8d 85 d8 fd ff ff lea 0xfffffdd8(%ebp),%eax
402023: 50 push %eax
402024: 8d 85 b8 fb ff ff lea 0xfffffbb8(%ebp),%eax
40202a: 50 push %eax
40202b: e8 50 1a 00 00 call 403a80 <_wcscat>
402030: 83 c4 10 add $0x10,%esp
402033: 83 ec 08 sub $0x8,%esp
402036: 6a 08 push $0x8
402038: 8d 85 b0 fb ff ff lea 0xfffffbb0(%ebp),%eax
40203e: 50 push %eax
40203f: e8 dc 19 00 00 call 403a20 <_RtlZeroMemory@8>
402044: 83 c4 08 add $0x8,%esp
402047: 83 ec 08 sub $0x8,%esp
40204a: 8d 85 b8 fb ff ff lea 0xfffffbb8(%ebp),%eax
402050: 50 push %eax
402051: 8d 85 b0 fb ff ff lea 0xfffffbb0(%ebp),%eax
402057: 50 push %eax
402058: e8 33 19 00 00 call 403990 <_RtlInitUnicodeString@8>
40205d: 83 c4 08 add $0x8,%esp
402060: 83 ec 04 sub $0x4,%esp
402063: 6a 08 push $0x8
402065: 8d 85 b0 fb ff ff lea 0xfffffbb0(%ebp),%eax
40206b: 50 push %eax
40206c: 6a 26 push $0x26
40206e: e8 fd 1a 00 00 call 403b70 <_NtSetSystemInformation@12>
402073: 83 c4 04 add $0x4,%esp
402076: 89 45 f4 mov %eax,0xfffffff4(%ebp)
402079: 8b 45 f4 mov 0xfffffff4(%ebp),%eax
40207c: 8b 7d fc mov 0xfffffffc(%ebp),%edi
40207f: c9 leave
402080: c3 ret
00402081 <_SmpLoadRequiredSubsystems>:
402081: 55 push %ebp
402082: 89 e5 mov %esp,%ebp
402084: 81 ec 48 02 00 00 sub $0x248,%esp
40208a: c7 45 f4 00 00 00 00 movl $0x0,0xfffffff4(%ebp)
402091: c7 85 d4 fd ff ff 0a movl $0x20a,0xfffffdd4(%ebp)
402098: 02 00 00
40209b: c7 85 d0 fd ff ff 00 movl $0x0,0xfffffdd0(%ebp)
4020a2: 00 00 00
4020a5: 83 ec 08 sub $0x8,%esp
4020a8: ff b5 d4 fd ff ff pushl 0xfffffdd4(%ebp)
4020ae: 8d 85 d8 fd ff ff lea 0xfffffdd8(%ebp),%eax
4020b4: 50 push %eax
4020b5: e8 66 19 00 00 call 403a20 <_RtlZeroMemory@8>
4020ba: 83 c4 08 add $0x8,%esp
4020bd: 83 ec 0c sub $0xc,%esp
4020c0: 6a 00 push $0x0
4020c2: 8d 85 d0 fd ff ff lea 0xfffffdd0(%ebp),%eax
4020c8: 50 push %eax
4020c9: 8d 85 d4 fd ff ff lea 0xfffffdd4(%ebp),%eax
4020cf: 50 push %eax
4020d0: 8d 85 d8 fd ff ff lea 0xfffffdd8(%ebp),%eax
4020d6: 50 push %eax
4020d7: 68 78 58 40 00 push $0x405878
4020dc: e8 74 09 00 00 call 402a55 <_SmLookupSubsystem@20>
4020e1: 83 c4 0c add $0xc,%esp
4020e4: 89 45 f4 mov %eax,0xfffffff4(%ebp)
4020e7: 83 7d f4 00 cmpl $0x0,0xfffffff4(%ebp)
4020eb: 0f 85 04 01 00 00 jne 4021f5 <_SmpLoadRequiredSubsystems+0x174>
4020f1: 83 bd d4 fd ff ff 02 cmpl $0x2,0xfffffdd4(%ebp)
4020f8: 0f 86 f7 00 00 00 jbe 4021f5 <_SmpLoadRequiredSubsystems+0x174>
4020fe: c7 85 cc fd ff ff 00 movl $0x0,0xfffffdcc(%ebp)
402105: 00 00 00
402108: c7 85 c8 fd ff ff 00 movl $0x0,0xfffffdc8(%ebp)
40210f: 00 00 00
for (Name = Data; (Offset < DataLength); )
402112: 8d 85 d8 fd ff ff lea 0xfffffdd8(%ebp),%eax
402118: 89 85 cc fd ff ff mov %eax,0xfffffdcc(%ebp)
40211e: 8b 85 c8 fd ff ff mov 0xfffffdc8(%ebp),%eax
402124: 3b 85 d4 fd ff ff cmp 0xfffffdd4(%ebp),%eax
40212a: 72 05 jb 402131 <_SmpLoadRequiredSubsystems+0xb0>
40212c: e9 c4 00 00 00 jmp 4021f5 <_SmpLoadRequiredSubsystems+0x174>
{
if(L'\0' != *Name)
402131: 8b 85 cc fd ff ff mov 0xfffffdcc(%ebp),%eax
402137: 66 83 38 00 cmpw $0x0,(%eax)
40213b: 0f 84 9e 00 00 00 je 4021df <_SmpLoadRequiredSubsystems+0x15e>
{
UNICODE_STRING Program;
/* Run the current program */
RtlInitUnicodeString (& Program, Name);
402141: 83 ec 08 sub $0x8,%esp
402144: ff b5 cc fd ff ff pushl 0xfffffdcc(%ebp)
40214a: 8d 85 c0 fd ff ff lea 0xfffffdc0(%ebp),%eax
402150: 50 push %eax
402151: e8 3a 18 00 00 call 403990 <_RtlInitUnicodeString@8>
402156: 83 c4 08 add $0x8,%esp
Status = SmExecuteProgram (hSmApiPort, & Program);
402159: 83 ec 08 sub $0x8,%esp
40215c: 8d 85 c0 fd ff ff lea 0xfffffdc0(%ebp),%eax
402162: 50 push %eax
402163: ff 35 40 60 40 00 pushl 0x406040
402169: e8 32 17 00 00 call 4038a0 <_SmExecuteProgram@8>
40216e: 83 c4 08 add $0x8,%esp
402171: 89 45 f4 mov %eax,0xfffffff4(%ebp)
if(!NT_SUCCESS(Status))
402174: 83 7d f4 00 cmpl $0x0,0xfffffff4(%ebp)
402178: 79 35 jns 4021af <_SmpLoadRequiredSubsystems+0x12e>
{
DPRINT1("SM: %s failed to run '%S' program (Status=0x%08lx)\n",
40217a: 83 ec 04 sub $0x4,%esp
40217d: 68 a0 00 00 00 push $0xa0
402182: 68 8a 58 40 00 push $0x40588a
402187: 68 93 58 40 00 push $0x405893
40218c: e8 4f 18 00 00 call 4039e0 <_DbgPrint>
402191: 83 c4 10 add $0x10,%esp
402194: ff 75 f4 pushl 0xfffffff4(%ebp)
402197: ff b5 cc fd ff ff pushl 0xfffffdcc(%ebp)
40219d: 68 9c 58 40 00 push $0x40589c
4021a2: 68 c0 58 40 00 push $0x4058c0
4021a7: e8 34 18 00 00 call 4039e0 <_DbgPrint>
4021ac: 83 c4 10 add $0x10,%esp
4021af: 90 nop
__FUNCTION__, Name, Status);
}
/* Look for the next program */
while ((L'\0' != *Name) && (Offset < DataLength))
4021b0: 8b 85 cc fd ff ff mov 0xfffffdcc(%ebp),%eax
4021b6: 66 83 38 00 cmpw $0x0,(%eax)
4021ba: 74 23 je 4021df <_SmpLoadRequiredSubsystems+0x15e>
4021bc: 8b 85 c8 fd ff ff mov 0xfffffdc8(%ebp),%eax
4021c2: 3b 85 d4 fd ff ff cmp 0xfffffdd4(%ebp),%eax
4021c8: 72 02 jb 4021cc <_SmpLoadRequiredSubsystems+0x14b>
4021ca: eb 13 jmp 4021df <_SmpLoadRequiredSubsystems+0x15e>
{
++ Name;
4021cc: 8d 85 cc fd ff ff lea 0xfffffdcc(%ebp),%eax
4021d2: 83 00 02 addl $0x2,(%eax)
++ Offset;
4021d5: 8d 85 c8 fd ff ff lea 0xfffffdc8(%ebp),%eax
4021db: ff 00 incl (%eax)
4021dd: eb d1 jmp 4021b0 <_SmpLoadRequiredSubsystems+0x12f>
}
}
++ Name;
4021df: 8d 85 cc fd ff ff lea 0xfffffdcc(%ebp),%eax
4021e5: 83 00 02 addl $0x2,(%eax)
++ Offset;
4021e8: 8d 85 c8 fd ff ff lea 0xfffffdc8(%ebp),%eax
4021ee: ff 00 incl (%eax)
4021f0: e9 29 ff ff ff jmp 40211e <_SmpLoadRequiredSubsystems+0x9d>
}
}
return Status;
4021f5: 8b 45 f4 mov 0xfffffff4(%ebp),%eax
}
4021f8: c9 leave
4021f9: c3 ret
004021fa <_SmLoadSubsystems>:
/**********************************************************************
* SmLoadSubsystems/0
*/
NTSTATUS
SmLoadSubsystems(VOID)
{
4021fa: 55 push %ebp
4021fb: 89 e5 mov %esp,%ebp
4021fd: 83 ec 08 sub $0x8,%esp
NTSTATUS Status = STATUS_SUCCESS;
402200: c7 45 fc 00 00 00 00 movl $0x0,0xfffffffc(%ebp)
DPRINT("SM: loading subsystems\n");
/* SM self registers */
Status = SmpRegisterSmss();
402207: e8 24 fd ff ff call 401f30 <_SmpRegisterSmss>
40220c: 89 45 fc mov %eax,0xfffffffc(%ebp)
if(!NT_SUCCESS(Status)) return Status;
40220f: 83 7d fc 00 cmpl $0x0,0xfffffffc(%ebp)
402213: 79 08 jns 40221d <_SmLoadSubsystems+0x23>
402215: 8b 45 fc mov 0xfffffffc(%ebp),%eax
402218: 89 45 f8 mov %eax,0xfffffff8(%ebp)
40221b: eb 32 jmp 40224f <_SmLoadSubsystems+0x55>
/* Load Kmode subsystem (aka win32k.sys) */
Status = SmpLoadKernelModeSubsystem();
40221d: e8 6b fd ff ff call 401f8d <_SmpLoadKernelModeSubsystem>
402222: 89 45 fc mov %eax,0xfffffffc(%ebp)
if(!NT_SUCCESS(Status)) return Status;
402225: 83 7d fc 00 cmpl $0x0,0xfffffffc(%ebp)
402229: 79 08 jns 402233 <_SmLoadSubsystems+0x39>
40222b: 8b 45 fc mov 0xfffffffc(%ebp),%eax
40222e: 89 45 f8 mov %eax,0xfffffff8(%ebp)
402231: eb 1c jmp 40224f <_SmLoadSubsystems+0x55>
/* Load Required subsystems (Debug Windows) */
Status = SmpLoadRequiredSubsystems();
402233: e8 49 fe ff ff call 402081 <_SmpLoadRequiredSubsystems>
402238: 89 45 fc mov %eax,0xfffffffc(%ebp)
if(!NT_SUCCESS(Status)) return Status;
40223b: 83 7d fc 00 cmpl $0x0,0xfffffffc(%ebp)
40223f: 79 08 jns 402249 <_SmLoadSubsystems+0x4f>
402241: 8b 45 fc mov 0xfffffffc(%ebp),%eax
402244: 89 45 f8 mov %eax,0xfffffff8(%ebp)
402247: eb 06 jmp 40224f <_SmLoadSubsystems+0x55>
/* done */
return Status;
402249: 8b 45 fc mov 0xfffffffc(%ebp),%eax
40224c: 89 45 f8 mov %eax,0xfffffff8(%ebp)
}
40224f: 8b 45 f8 mov 0xfffffff8(%ebp),%eax
402252: c9 leave
402253: c3 ret
402254: 90 nop
402255: 90 nop
402256: 90 nop
402257: 90 nop
402258: 90 nop
402259: 90 nop
40225a: 90 nop
40225b: 90 nop
40225c: 90 nop
40225d: 90 nop
40225e: 90 nop
40225f: 90 nop
00402260 <_SmInitializeRegistry>:
402260: 55 push %ebp
402261: 89 e5 mov %esp,%ebp
402263: 83 ec 08 sub $0x8,%esp
402266: 83 ec 0c sub $0xc,%esp
402269: 6a 00 push $0x0
40226b: e8 10 19 00 00 call 403b80 <_NtInitializeRegistry@4>
402270: 83 c4 0c add $0xc,%esp
402273: c9 leave
402274: c3 ret
402275: 90 nop
402276: 90 nop
402277: 90 nop
402278: 90 nop
402279: 90 nop
40227a: 90 nop
40227b: 90 nop
40227c: 90 nop
40227d: 90 nop
40227e: 90 nop
40227f: 90 nop
00402280 <@SmInvalid@4>:
402280: 55 push %ebp
402281: 89 e5 mov %esp,%ebp
402283: 83 ec 04 sub $0x4,%esp
402286: 89 4d fc mov %ecx,0xfffffffc(%ebp)
402289: 8b 45 fc mov 0xfffffffc(%ebp),%eax
40228c: c7 40 1c 02 00 00 c0 movl $0xc0000002,0x1c(%eax)
402293: b8 00 00 00 00 mov $0x0,%eax
402298: c9 leave
402299: c3 ret
0040229a <@SmpGetConnectData@4>:
40229a: 55 push %ebp
40229b: 89 e5 mov %esp,%ebp
40229d: 83 ec 08 sub $0x8,%esp
4022a0: 89 4d fc mov %ecx,0xfffffffc(%ebp)
4022a3: 8b 45 fc mov 0xfffffffc(%ebp),%eax
4022a6: 89 45 f8 mov %eax,0xfffffff8(%ebp)
4022a9: 8b 45 f8 mov 0xfffffff8(%ebp),%eax
4022ac: 83 c0 18 add $0x18,%eax
4022af: c9 leave
4022b0: c3 ret
004022b1 <_SmpCallbackServer>:
4022b1: 55 push %ebp
4022b2: 89 e5 mov %esp,%ebp
4022b4: 83 ec 28 sub $0x28,%esp
4022b7: c7 45 fc 00 00 00 00 movl $0x0,0xfffffffc(%ebp)
4022be: 8b 4d 08 mov 0x8(%ebp),%ecx
4022c1: e8 d4 ff ff ff call 40229a <@SmpGetConnectData@4>
4022c6: 89 45 f8 mov %eax,0xfffffff8(%ebp)
4022c9: c7 45 ec 78 00 00 00 movl $0x78,0xffffffec(%ebp)
4022d0: c7 45 e4 04 00 00 00 movl $0x4,0xffffffe4(%ebp)
4022d7: 8b 45 f8 mov 0xfffffff8(%ebp),%eax
4022da: 66 83 38 01 cmpw $0x1,(%eax)
4022de: 75 09 jne 4022e9 <_SmpCallbackServer+0x38>
4022e0: c7 45 e0 00 00 00 00 movl $0x0,0xffffffe0(%ebp)
4022e7: eb 62 jmp 40234b <_SmpCallbackServer+0x9a>
4022e9: 83 ec 04 sub $0x4,%esp
4022ec: ff 75 ec pushl 0xffffffec(%ebp)
4022ef: 8b 45 f8 mov 0xfffffff8(%ebp),%eax
4022f2: 83 c0 04 add $0x4,%eax
4022f5: 50 push %eax
4022f6: 8b 45 0c mov 0xc(%ebp),%eax
4022f9: 83 c0 18 add $0x18,%eax
4022fc: 50 push %eax
4022fd: e8 9e 17 00 00 call 403aa0 <_memcpy>
402302: 83 c4 10 add $0x10,%esp
402305: 83 ec 08 sub $0x8,%esp
402308: 8b 45 0c mov 0xc(%ebp),%eax
40230b: 83 c0 18 add $0x18,%eax
40230e: 50 push %eax
40230f: 8d 45 f0 lea 0xfffffff0(%ebp),%eax
402312: 50 push %eax
402313: e8 78 16 00 00 call 403990 <_RtlInitUnicodeString@8>
402318: 83 c4 08 add $0x8,%esp
40231b: c7 45 e8 06 00 00 00 movl $0x6,0xffffffe8(%ebp)
402322: 8d 45 e4 lea 0xffffffe4(%ebp),%eax
402325: 50 push %eax
402326: 8d 45 e8 lea 0xffffffe8(%ebp),%eax
402329: 50 push %eax
40232a: 6a 00 push $0x0
40232c: 6a 00 push $0x0
40232e: 6a 00 push $0x0
402330: 6a 00 push $0x0
402332: 8d 45 f0 lea 0xfffffff0(%ebp),%eax
402335: 50 push %eax
402336: 8b 45 0c mov 0xc(%ebp),%eax
402339: 83 c0 14 add $0x14,%eax
40233c: 50 push %eax
40233d: e8 4e 18 00 00 call 403b90 <_NtConnectPort@32>
402342: 89 45 fc mov %eax,0xfffffffc(%ebp)
402345: 8b 45 fc mov 0xfffffffc(%ebp),%eax
402348: 89 45 e0 mov %eax,0xffffffe0(%ebp)
40234b: 8b 45 e0 mov 0xffffffe0(%ebp),%eax
40234e: c9 leave
40234f: c3 ret
00402350 <_SmpApiConnectedThread@4>:
402350: 55 push %ebp
402351: 89 e5 mov %esp,%ebp
402353: 57 push %edi
402354: 81 ec 94 00 00 00 sub $0x94,%esp
40235a: c7 45 f4 00 00 00 00 movl $0x0,0xfffffff4(%ebp)
402361: c7 45 f0 00 00 00 00 movl $0x0,0xfffffff0(%ebp)
402368: c7 45 ec 00 00 00 00 movl $0x0,0xffffffec(%ebp)
40236f: 8d bd 78 ff ff ff lea 0xffffff78(%ebp),%edi
402375: fc cld
402376: ba 00 00 00 00 mov $0x0,%edx
40237b: b8 1b 00 00 00 mov $0x1b,%eax
402380: 89 c1 mov %eax,%ecx
402382: 89 d0 mov %edx,%eax
402384: f3 ab repz stos %eax,%es:(%edi)
402386: 8b 45 08 mov 0x8(%ebp),%eax
402389: 8b 00 mov (%eax),%eax
40238b: 89 85 74 ff ff ff mov %eax,0xffffff74(%ebp)
402391: 8d 85 78 ff ff ff lea 0xffffff78(%ebp),%eax
402397: 50 push %eax
402398: ff 75 ec pushl 0xffffffec(%ebp)
40239b: 8d 45 f0 lea 0xfffffff0(%ebp),%eax
40239e: 50 push %eax
40239f: ff b5 74 ff ff ff pushl 0xffffff74(%ebp)
4023a5: e8 f6 17 00 00 call 403ba0 <_NtReplyWaitReceivePort@16>
4023aa: 89 45 f4 mov %eax,0xfffffff4(%ebp)
4023ad: 83 7d f4 00 cmpl $0x0,0xfffffff4(%ebp)
4023b1: 0f 88 b3 00 00 00 js 40246a <_SmpApiConnectedThread@4+0x11a>
4023b7: 8b 85 7c ff ff ff mov 0xffffff7c(%ebp),%eax
4023bd: 89 c2 mov %eax,%edx
4023bf: 81 e2 ff ff 00 00 and $0xffff,%edx
4023c5: 89 95 70 ff ff ff mov %edx,0xffffff70(%ebp)
4023cb: 83 bd 70 ff ff ff 08 cmpl $0x8,0xffffff70(%ebp)
4023d2: 74 3a je 40240e <_SmpApiConnectedThread@4+0xbe>
4023d4: 83 bd 70 ff ff ff 08 cmpl $0x8,0xffffff70(%ebp)
4023db: 7f 0b jg 4023e8 <_SmpApiConnectedThread@4+0x98>
4023dd: 83 bd 70 ff ff ff 05 cmpl $0x5,0xffffff70(%ebp)
4023e4: 74 34 je 40241a <_SmpApiConnectedThread@4+0xca>
4023e6: eb 3e jmp 402426 <_SmpApiConnectedThread@4+0xd6>
4023e8: 83 bd 70 ff ff ff 0a cmpl $0xa,0xffffff70(%ebp)
4023ef: 74 02 je 4023f3 <_SmpApiConnectedThread@4+0xa3>
4023f1: eb 33 jmp 402426 <_SmpApiConnectedThread@4+0xd6>
4023f3: 83 ec 0c sub $0xc,%esp
4023f6: 8d 85 78 ff ff ff lea 0xffffff78(%ebp),%eax
4023fc: 50 push %eax
4023fd: e8 90 00 00 00 call 402492 <_SmpHandleConnectionRequest@4>
402402: 83 c4 0c add $0xc,%esp
402405: c7 45 ec 00 00 00 00 movl $0x0,0xffffffec(%ebp)
40240c: eb 83 jmp 402391 <_SmpApiConnectedThread@4+0x41>
40240e: c7 45 ec 00 00 00 00 movl $0x0,0xffffffec(%ebp)
402415: e9 77 ff ff ff jmp 402391 <_SmpApiConnectedThread@4+0x41>
40241a: c7 45 ec 00 00 00 00 movl $0x0,0xffffffec(%ebp)
402421: e9 6b ff ff ff jmp 402391 <_SmpApiConnectedThread@4+0x41>
402426: 83 7d 90 00 cmpl $0x0,0xffffff90(%ebp)
40242a: 74 29 je 402455 <_SmpApiConnectedThread@4+0x105>
40242c: 83 7d 90 05 cmpl $0x5,0xffffff90(%ebp)
402430: 77 23 ja 402455 <_SmpApiConnectedThread@4+0x105>
402432: 8b 45 90 mov 0xffffff90(%ebp),%eax
402435: 8d 8d 78 ff ff ff lea 0xffffff78(%ebp),%ecx
40243b: 8b 04 85 c4 40 40 00 mov 0x4040c4(,%eax,4),%eax
402442: ff d0 call *%eax
402444: 89 45 f4 mov %eax,0xfffffff4(%ebp)
402447: 8d 85 78 ff ff ff lea 0xffffff78(%ebp),%eax
40244d: 89 45 ec mov %eax,0xffffffec(%ebp)
402450: e9 3c ff ff ff jmp 402391 <_SmpApiConnectedThread@4+0x41>
402455: c7 45 94 02 00 00 c0 movl $0xc0000002,0xffffff94(%ebp)
40245c: 8d 85 78 ff ff ff lea 0xffffff78(%ebp),%eax
402462: 89 45 ec mov %eax,0xffffffec(%ebp)
402465: e9 27 ff ff ff jmp 402391 <_SmpApiConnectedThread@4+0x41>
40246a: 83 ec 0c sub $0xc,%esp
40246d: ff b5 74 ff ff ff pushl 0xffffff74(%ebp)
402473: e8 58 15 00 00 call 4039d0 <_NtClose@4>
402478: 83 c4 0c add $0xc,%esp
40247b: 83 ec 08 sub $0x8,%esp
40247e: ff 75 f4 pushl 0xfffffff4(%ebp)
402481: 6a fe push $0xfffffffe
402483: e8 f8 14 00 00 call 403980 <_NtTerminateThread@8>
402488: 83 c4 08 add $0x8,%esp
40248b: 8b 7d fc mov 0xfffffffc(%ebp),%edi
40248e: c9 leave
40248f: c2 04 00 ret $0x4
00402492 <_SmpHandleConnectionRequest@4>:
402492: 55 push %ebp
402493: 89 e5 mov %esp,%ebp
402495: 83 ec 28 sub $0x28,%esp
402498: 8b 4d 08 mov 0x8(%ebp),%ecx
40249b: e8 fa fd ff ff call 40229a <@SmpGetConnectData@4>
4024a0: 89 45 fc mov %eax,0xfffffffc(%ebp)
4024a3: c7 45 f8 00 00 00 00 movl $0x0,0xfffffff8(%ebp)
4024aa: c7 45 f4 00 00 00 00 movl $0x0,0xfffffff4(%ebp)
4024b1: c7 45 f0 00 00 00 00 movl $0x0,0xfffffff0(%ebp)
4024b8: c7 45 ec 00 00 00 00 movl $0x0,0xffffffec(%ebp)
4024bf: 8d 45 ec lea 0xffffffec(%ebp),%eax
4024c2: 89 45 e8 mov %eax,0xffffffe8(%ebp)
4024c5: c7 45 e4 00 00 00 00 movl $0x0,0xffffffe4(%ebp)
4024cc: 8d 45 e4 lea 0xffffffe4(%ebp),%eax
4024cf: 89 45 e0 mov %eax,0xffffffe0(%ebp)
4024d2: c7 45 dc 00 00 00 00 movl $0x0,0xffffffdc(%ebp)
4024d9: 8b 45 08 mov 0x8(%ebp),%eax
4024dc: 66 81 38 f4 00 cmpw $0xf4,(%eax)
4024e1: 0f 85 97 00 00 00 jne 40257e <_SmpHandleConnectionRequest@4+0xec>
4024e7: 8b 45 fc mov 0xfffffffc(%ebp),%eax
4024ea: 66 83 38 00 cmpw $0x0,(%eax)
4024ee: 75 15 jne 402505 <_SmpHandleConnectionRequest@4+0x73>
4024f0: 8d 45 ec lea 0xffffffec(%ebp),%eax
4024f3: 89 45 e8 mov %eax,0xffffffe8(%ebp)
4024f6: 8d 45 e4 lea 0xffffffe4(%ebp),%eax
4024f9: 89 45 e0 mov %eax,0xffffffe0(%ebp)
/* EOF */
4024fc: c7 45 f4 01 00 00 00 movl $0x1,0xfffffff4(%ebp)
402503: eb 79 jmp 40257e <_SmpHandleConnectionRequest@4+0xec>
402505: 8b 45 fc mov 0xfffffffc(%ebp),%eax
402508: 66 8b 00 mov (%eax),%ax
40250b: 83 e0 01 and $0x1,%eax
40250e: 66 83 f8 01 cmp $0x1,%ax
402512: 75 6a jne 40257e <_SmpHandleConnectionRequest@4+0xec>
402514: 83 ec 08 sub $0x8,%esp
402517: 8d 45 f0 lea 0xfffffff0(%ebp),%eax
40251a: 50 push %eax
40251b: ff 75 08 pushl 0x8(%ebp)
40251e: e8 33 0c 00 00 call 403156 <_SmCreateClient@8>
402523: 83 c4 08 add $0x8,%esp
402526: 89 45 f8 mov %eax,0xfffffff8(%ebp)
402529: 83 7d f8 00 cmpl $0x0,0xfffffff8(%ebp)
40252d: 75 4f jne 40257e <_SmpHandleConnectionRequest@4+0xec>
40252f: 8b 45 f0 mov 0xfffffff0(%ebp),%eax
402532: 83 c0 0c add $0xc,%eax
402535: 89 45 e8 mov %eax,0xffffffe8(%ebp)
402538: 8b 45 f0 mov 0xfffffff0(%ebp),%eax
40253b: 83 c0 10 add $0x10,%eax
40253e: 89 45 e0 mov %eax,0xffffffe0(%ebp)
402541: 83 ec 08 sub $0x8,%esp
402544: ff 75 f0 pushl 0xfffffff0(%ebp)
402547: ff 75 08 pushl 0x8(%ebp)
40254a: e8 62 fd ff ff call 4022b1 <_SmpCallbackServer>
40254f: 83 c4 10 add $0x10,%esp
402552: 89 45 f8 mov %eax,0xfffffff8(%ebp)
402555: 83 7d f8 00 cmpl $0x0,0xfffffff8(%ebp)
402559: 78 09 js 402564 <_SmpHandleConnectionRequest@4+0xd2>
40255b: c7 45 f4 01 00 00 00 movl $0x1,0xfffffff4(%ebp)
402562: eb 1a jmp 40257e <_SmpHandleConnectionRequest@4+0xec>
402564: 83 ec 0c sub $0xc,%esp
402567: 8b 45 fc mov 0xfffffffc(%ebp),%eax
40256a: 66 8b 00 mov (%eax),%ax
40256d: 25 ff ff 00 00 and $0xffff,%eax
402572: 50 push %eax
402573: e8 27 0d 00 00 call 40329f <_SmDestroyClient@4>
402578: 83 c4 0c add $0xc,%esp
40257b: 89 45 f8 mov %eax,0xfffffff8(%ebp)
40257e: 83 ec 08 sub $0x8,%esp
402581: 6a 00 push $0x0
402583: 6a 00 push $0x0
402585: b8 00 00 00 00 mov $0x0,%eax
40258a: 8a 45 f4 mov 0xfffffff4(%ebp),%al
40258d: 50 push %eax
40258e: ff 75 dc pushl 0xffffffdc(%ebp)
402591: ff 35 c0 40 40 00 pushl 0x4040c0
402597: ff 75 e8 pushl 0xffffffe8(%ebp)
40259a: e8 11 16 00 00 call 403bb0 <_NtAcceptConnectPort@24>
40259f: 83 c4 08 add $0x8,%esp
4025a2: 89 45 f8 mov %eax,0xfffffff8(%ebp)
4025a5: 83 7d f4 00 cmpl $0x0,0xfffffff4(%ebp)
4025a9: 0f 84 04 01 00 00 je 4026b3 <_SmpHandleConnectionRequest@4+0x221>
4025af: 83 7d f8 00 cmpl $0x0,0xfffffff8(%ebp)
4025b3: 79 3d jns 4025f2 <_SmpHandleConnectionRequest@4+0x160>
4025b5: 83 ec 04 sub $0x4,%esp
4025b8: 68 0d 01 00 00 push $0x10d
4025bd: 68 00 59 40 00 push $0x405900
4025c2: 68 08 59 40 00 push $0x405908
4025c7: e8 14 14 00 00 call 4039e0 <_DbgPrint>
4025cc: 83 c4 10 add $0x10,%esp
4025cf: 83 ec 04 sub $0x4,%esp
4025d2: ff 75 f8 pushl 0xfffffff8(%ebp)
4025d5: 68 11 59 40 00 push $0x405911
4025da: 68 40 59 40 00 push $0x405940
4025df: e8 fc 13 00 00 call 4039e0 <_DbgPrint>
4025e4: 83 c4 10 add $0x10,%esp
4025e7: 8b 45 f8 mov 0xfffffff8(%ebp),%eax
4025ea: 89 45 d8 mov %eax,0xffffffd8(%ebp)
4025ed: e9 c7 00 00 00 jmp 4026b9 <_SmpHandleConnectionRequest@4+0x227>
4025f2: 83 ec 0c sub $0xc,%esp
4025f5: 8b 45 e8 mov 0xffffffe8(%ebp),%eax
4025f8: ff 30 pushl (%eax)
4025fa: e8 c1 15 00 00 call 403bc0 <_NtCompleteConnectPort@4>
4025ff: 83 c4 0c add $0xc,%esp
402602: 89 45 f8 mov %eax,0xfffffff8(%ebp)
402605: 83 7d f8 00 cmpl $0x0,0xfffffff8(%ebp)
402609: 79 3a jns 402645 <_SmpHandleConnectionRequest@4+0x1b3>
40260b: 83 ec 04 sub $0x4,%esp
40260e: 68 15 01 00 00 push $0x115
402613: 68 00 59 40 00 push $0x405900
402618: 68 08 59 40 00 push $0x405908
40261d: e8 be 13 00 00 call 4039e0 <_DbgPrint>
402622: 83 c4 10 add $0x10,%esp
402625: 83 ec 04 sub $0x4,%esp
402628: ff 75 f8 pushl 0xfffffff8(%ebp)
40262b: 68 11 59 40 00 push $0x405911
402630: 68 80 59 40 00 push $0x405980
402635: e8 a6 13 00 00 call 4039e0 <_DbgPrint>
40263a: 83 c4 10 add $0x10,%esp
40263d: 8b 45 f8 mov 0xfffffff8(%ebp),%eax
402640: 89 45 d8 mov %eax,0xffffffd8(%ebp)
402643: eb 74 jmp 4026b9 <_SmpHandleConnectionRequest@4+0x227>
402645: 83 ec 08 sub $0x8,%esp
402648: 6a 00 push $0x0
40264a: ff 75 e0 pushl 0xffffffe0(%ebp)
40264d: ff 75 e8 pushl 0xffffffe8(%ebp)
402650: 68 50 23 40 00 push $0x402350
402655: 6a 00 push $0x0
402657: 6a 00 push $0x0
402659: 6a 00 push $0x0
40265b: 6a 00 push $0x0
40265d: 6a 00 push $0x0
40265f: 6a ff push $0xffffffff
402661: e8 6a 15 00 00 call 403bd0 <_RtlCreateUserThread@40>
402666: 83 c4 08 add $0x8,%esp
402669: 89 45 f8 mov %eax,0xfffffff8(%ebp)
40266c: 83 7d f8 00 cmpl $0x0,0xfffffff8(%ebp)
402670: 79 3a jns 4026ac <_SmpHandleConnectionRequest@4+0x21a>
402672: 83 ec 04 sub $0x4,%esp
402675: 68 27 01 00 00 push $0x127
40267a: 68 00 59 40 00 push $0x405900
40267f: 68 08 59 40 00 push $0x405908
402684: e8 57 13 00 00 call 4039e0 <_DbgPrint>
402689: 83 c4 10 add $0x10,%esp
40268c: 83 ec 04 sub $0x4,%esp
40268f: ff 75 f8 pushl 0xfffffff8(%ebp)
402692: 68 11 59 40 00 push $0x405911
402697: 68 c0 59 40 00 push $0x4059c0
40269c: e8 3f 13 00 00 call 4039e0 <_DbgPrint>
4026a1: 83 c4 10 add $0x10,%esp
4026a4: 8b 45 f8 mov 0xfffffff8(%ebp),%eax
4026a7: 89 45 d8 mov %eax,0xffffffd8(%ebp)
4026aa: eb 0d jmp 4026b9 <_SmpHandleConnectionRequest@4+0x227>
4026ac: c7 45 f8 00 00 00 00 movl $0x0,0xfffffff8(%ebp)
4026b3: 8b 45 f8 mov 0xfffffff8(%ebp),%eax
4026b6: 89 45 d8 mov %eax,0xffffffd8(%ebp)
4026b9: 8b 45 d8 mov 0xffffffd8(%ebp),%eax
4026bc: c9 leave
4026bd: c2 04 00 ret $0x4
004026c0 <_SmpApiThread@4>:
4026c0: 55 push %ebp
4026c1: 89 e5 mov %esp,%ebp
4026c3: 57 push %edi
4026c4: 81 ec 64 01 00 00 sub $0x164,%esp
4026ca: c7 45 f4 00 00 00 00 movl $0x0,0xfffffff4(%ebp)
4026d1: 8d bd 98 fe ff ff lea 0xfffffe98(%ebp),%edi
4026d7: fc cld
4026d8: ba 00 00 00 00 mov $0x0,%edx
4026dd: b8 52 00 00 00 mov $0x52,%eax
4026e2: 89 c1 mov %eax,%ecx
4026e4: 89 d0 mov %edx,%eax
4026e6: f3 ab repz stos %eax,%es:(%edi)
4026e8: 83 ec 08 sub $0x8,%esp
4026eb: 8d 85 98 fe ff ff lea 0xfffffe98(%ebp),%eax
4026f1: 50 push %eax
4026f2: ff 75 08 pushl 0x8(%ebp)
4026f5: e8 e6 14 00 00 call 403be0 <_NtListenPort@8>
4026fa: 83 c4 08 add $0x8,%esp
4026fd: 89 45 f4 mov %eax,0xfffffff4(%ebp)
402700: 83 7d f4 00 cmpl $0x0,0xfffffff4(%ebp)
402704: 79 34 jns 40273a <_SmpApiThread@4+0x7a>
402706: 83 ec 04 sub $0x4,%esp
402709: 68 4b 01 00 00 push $0x14b
40270e: 68 00 59 40 00 push $0x405900
402713: 68 08 59 40 00 push $0x405908
402718: e8 c3 12 00 00 call 4039e0 <_DbgPrint>
40271d: 83 c4 10 add $0x10,%esp
402720: 83 ec 04 sub $0x4,%esp
402723: ff 75 f4 pushl 0xfffffff4(%ebp)
402726: 68 f9 59 40 00 push $0x4059f9
40272b: 68 20 5a 40 00 push $0x405a20
402730: e8 ab 12 00 00 call 4039e0 <_DbgPrint>
402735: 83 c4 10 add $0x10,%esp
402738: eb 4d jmp 402787 <_SmpApiThread@4+0xc7>
40273a: 83 ec 0c sub $0xc,%esp
40273d: 8d 85 98 fe ff ff lea 0xfffffe98(%ebp),%eax
402743: 50 push %eax
402744: e8 49 fd ff ff call 402492 <_SmpHandleConnectionRequest@4>
402749: 83 c4 0c add $0xc,%esp
40274c: 89 45 f4 mov %eax,0xfffffff4(%ebp)
40274f: 83 7d f4 00 cmpl $0x0,0xfffffff4(%ebp)
402753: 79 93 jns 4026e8 <_SmpApiThread@4+0x28>
402755: 83 ec 04 sub $0x4,%esp
402758: 68 51 01 00 00 push $0x151
40275d: 68 00 59 40 00 push $0x405900
402762: 68 08 59 40 00 push $0x405908
402767: e8 74 12 00 00 call 4039e0 <_DbgPrint>
40276c: 83 c4 10 add $0x10,%esp
40276f: 83 ec 04 sub $0x4,%esp
402772: ff 75 f4 pushl 0xfffffff4(%ebp)
402775: 68 f9 59 40 00 push $0x4059f9
40277a: 68 60 5a 40 00 push $0x405a60
40277f: e8 5c 12 00 00 call 4039e0 <_DbgPrint>
402784: 83 c4 10 add $0x10,%esp
402787: 83 ec 0c sub $0xc,%esp
40278a: ff 75 08 pushl 0x8(%ebp)
40278d: e8 3e 12 00 00 call 4039d0 <_NtClose@4>
402792: 83 c4 0c add $0xc,%esp
402795: 83 ec 08 sub $0x8,%esp
402798: ff 75 f4 pushl 0xfffffff4(%ebp)
40279b: 6a fe push $0xfffffffe
40279d: e8 de 11 00 00 call 403980 <_NtTerminateThread@8>
4027a2: 83 c4 08 add $0x8,%esp
4027a5: 8b 7d fc mov 0xfffffffc(%ebp),%edi
4027a8: c9 leave
4027a9: c2 04 00 ret $0x4
004027ac <_SmCreateApiPort>:
4027ac: 55 push %ebp
4027ad: 89 e5 mov %esp,%ebp
4027af: 57 push %edi
4027b0: 83 ec 34 sub $0x34,%esp
4027b3: 8d 7d d8 lea 0xffffffd8(%ebp),%edi
4027b6: fc cld
4027b7: ba 00 00 00 00 mov $0x0,%edx
4027bc: b8 06 00 00 00 mov $0x6,%eax
4027c1: 89 c1 mov %eax,%ecx
4027c3: 89 d0 mov %edx,%eax
4027c5: f3 ab repz stos %eax,%es:(%edi)
4027c7: c7 45 d0 00 00 00 00 movl $0x0,0xffffffd0(%ebp)
4027ce: c7 45 d4 00 00 00 00 movl $0x0,0xffffffd4(%ebp)
4027d5: c7 45 cc 00 00 00 00 movl $0x0,0xffffffcc(%ebp)
4027dc: 66 c7 45 d0 14 00 movw $0x14,0xffffffd0(%ebp)
4027e2: 66 c7 45 d2 16 00 movw $0x16,0xffffffd2(%ebp)
4027e8: c7 45 d4 9c 5a 40 00 movl $0x405a9c,0xffffffd4(%ebp)
4027ef: c7 45 d8 18 00 00 00 movl $0x18,0xffffffd8(%ebp)
4027f6: 8d 45 d0 lea 0xffffffd0(%ebp),%eax
4027f9: 89 45 e0 mov %eax,0xffffffe0(%ebp)
4027fc: c7 45 e4 01 00 00 00 movl $0x1,0xffffffe4(%ebp)
402803: c7 45 dc 00 00 00 00 movl $0x0,0xffffffdc(%ebp)
40280a: c7 45 e8 00 00 00 00 movl $0x0,0xffffffe8(%ebp)
402811: c7 45 ec 00 00 00 00 movl $0x0,0xffffffec(%ebp)
402818: 83 ec 0c sub $0xc,%esp
40281b: 6a 00 push $0x0
40281d: 6a 00 push $0x0
40281f: 6a 00 push $0x0
402821: 8d 45 d8 lea 0xffffffd8(%ebp),%eax
402824: 50 push %eax
402825: 68 c0 40 40 00 push $0x4040c0
40282a: e8 c1 13 00 00 call 403bf0 <_NtCreatePort@20>
40282f: 83 c4 0c add $0xc,%esp
402832: 89 45 cc mov %eax,0xffffffcc(%ebp)
402835: 83 7d cc 00 cmpl $0x0,0xffffffcc(%ebp)
402839: 79 08 jns 402843 <_SmCreateApiPort+0x97>
40283b: 8b 45 cc mov 0xffffffcc(%ebp),%eax
40283e: 89 45 c8 mov %eax,0xffffffc8(%ebp)
402841: eb 2c jmp 40286f <_SmCreateApiPort+0xc3>
402843: 83 ec 08 sub $0x8,%esp
402846: 6a 00 push $0x0
402848: 6a 00 push $0x0
40284a: ff 35 c0 40 40 00 pushl 0x4040c0
402850: 68 c0 26 40 00 push $0x4026c0
402855: 6a 00 push $0x0
402857: 6a 00 push $0x0
402859: 6a 00 push $0x0
40285b: 6a 00 push $0x0
40285d: 6a 00 push $0x0
40285f: 6a ff push $0xffffffff
402861: e8 6a 13 00 00 call 403bd0 <_RtlCreateUserThread@40>
402866: 83 c4 08 add $0x8,%esp
402869: 8b 45 cc mov 0xffffffcc(%ebp),%eax
40286c: 89 45 c8 mov %eax,0xffffffc8(%ebp)
40286f: 8b 45 c8 mov 0xffffffc8(%ebp),%eax
402872: 8b 7d fc mov 0xfffffffc(%ebp),%edi
402875: c9 leave
402876: c3 ret
402877: 90 nop
402878: 90 nop
402879: 90 nop
40287a: 90 nop
40287b: 90 nop
40287c: 90 nop
40287d: 90 nop
40287e: 90 nop
40287f: 90 nop
00402880 <@SmCompSes@4>:
402880: 55 push %ebp
402881: 89 e5 mov %esp,%ebp
402883: 83 ec 08 sub $0x8,%esp
402886: 89 4d fc mov %ecx,0xfffffffc(%ebp)
402889: c7 45 f8 00 00 00 00 movl $0x0,0xfffffff8(%ebp)
402890: 83 ec 0c sub $0xc,%esp
402893: 8b 45 fc mov 0xfffffffc(%ebp),%eax
402896: ff 70 08 pushl 0x8(%eax)
402899: e8 73 07 00 00 call 403011 <_SmCompleteClientInitialization@4>
40289e: 83 c4 0c add $0xc,%esp
4028a1: 89 45 f8 mov %eax,0xfffffff8(%ebp)
4028a4: 83 7d f8 00 cmpl $0x0,0xfffffff8(%ebp)
4028a8: 79 0a jns 4028b4 <@SmCompSes@4+0x34>
4028aa: 8b 45 fc mov 0xfffffffc(%ebp),%eax
4028ad: c7 40 1c 01 00 00 c0 movl $0xc0000001,0x1c(%eax)
4028b4: 8b 45 f8 mov 0xfffffff8(%ebp),%eax
4028b7: c9 leave
4028b8: c3 ret
4028b9: 90 nop
4028ba: 90 nop
4028bb: 90 nop
4028bc: 90 nop
4028bd: 90 nop
4028be: 90 nop
4028bf: 90 nop
004028c0 <_SmCreateUserProcess@24>:
4028c0: 55 push %ebp
4028c1: 89 e5 mov %esp,%ebp
4028c3: 57 push %edi
4028c4: 81 ec 84 00 00 00 sub $0x84,%esp
4028ca: 8b 45 10 mov 0x10(%ebp),%eax
4028cd: 8b 55 18 mov 0x18(%ebp),%edx
4028d0: 88 45 f7 mov %al,0xfffffff7(%ebp)
4028d3: 88 55 f6 mov %dl,0xfffffff6(%ebp)
4028d6: c7 45 e8 00 00 00 00 movl $0x0,0xffffffe8(%ebp)
4028dd: c7 45 ec 00 00 00 00 movl $0x0,0xffffffec(%ebp)
4028e4: c7 45 e0 00 00 00 00 movl $0x0,0xffffffe0(%ebp)
4028eb: c7 45 e4 00 00 00 00 movl $0x0,0xffffffe4(%ebp)
4028f2: c7 45 dc 00 00 00 00 movl $0x0,0xffffffdc(%ebp)
4028f9: 8d 7d 88 lea 0xffffff88(%ebp),%edi
4028fc: fc cld
4028fd: ba 00 00 00 00 mov $0x0,%edx
402902: b8 11 00 00 00 mov $0x11,%eax
402907: 89 c1 mov %eax,%ecx
402909: 89 d0 mov %edx,%eax
40290b: f3 ab repz stos %eax,%es:(%edi)
40290d: 8d 45 88 lea 0xffffff88(%ebp),%eax
402910: 89 45 84 mov %eax,0xffffff84(%ebp)
402913: c7 45 80 00 00 00 00 movl $0x0,0xffffff80(%ebp)
40291a: 83 ec 08 sub $0x8,%esp
40291d: ff 75 08 pushl 0x8(%ebp)
402920: 8d 45 e8 lea 0xffffffe8(%ebp),%eax
402923: 50 push %eax
402924: e8 67 10 00 00 call 403990 <_RtlInitUnicodeString@8>
402929: 83 c4 08 add $0x8,%esp
40292c: 83 ec 08 sub $0x8,%esp
40292f: ff 75 0c pushl 0xc(%ebp)
402932: 8d 45 e0 lea 0xffffffe0(%ebp),%eax
402935: 50 push %eax
402936: e8 55 10 00 00 call 403990 <_RtlInitUnicodeString@8>
40293b: 83 c4 08 add $0x8,%esp
40293e: 83 ec 08 sub $0x8,%esp
402941: 6a 00 push $0x0
402943: 6a 00 push $0x0
402945: 6a 00 push $0x0
402947: 6a 00 push $0x0
402949: ff 35 20 60 40 00 pushl 0x406020
40294f: 8d 45 e0 lea 0xffffffe0(%ebp),%eax
402952: 50 push %eax
402953: 6a 00 push $0x0
402955: 6a 00 push $0x0
402957: 8d 45 e8 lea 0xffffffe8(%ebp),%eax
40295a: 50 push %eax
40295b: 8d 45 dc lea 0xffffffdc(%ebp),%eax
40295e: 50 push %eax
40295f: e8 9c 12 00 00 call 403c00 <_RtlCreateProcessParameters@40>
402964: 83 c4 08 add $0x8,%esp
402967: 83 7d 1c 00 cmpl $0x0,0x1c(%ebp)
40296b: 74 06 je 402973 <_SmCreateUserProcess@24+0xb3>
40296d: 8b 45 1c mov 0x1c(%ebp),%eax
402970: 89 45 84 mov %eax,0xffffff84(%ebp)
402973: 83 ec 08 sub $0x8,%esp
402976: ff 75 84 pushl 0xffffff84(%ebp)
402979: 6a 00 push $0x0
40297b: 6a 00 push $0x0
40297d: 6a 00 push $0x0
40297f: 6a 00 push $0x0
402981: 6a 00 push $0x0
402983: 6a 00 push $0x0
402985: ff 75 dc pushl 0xffffffdc(%ebp)
402988: 6a 40 push $0x40
40298a: 8d 45 e8 lea 0xffffffe8(%ebp),%eax
40298d: 50 push %eax
40298e: e8 7d 12 00 00 call 403c10 <_RtlCreateUserProcess@40>
402993: 83 c4 08 add $0x8,%esp
402996: 89 45 80 mov %eax,0xffffff80(%ebp)
402999: 83 ec 0c sub $0xc,%esp
40299c: ff 75 dc pushl 0xffffffdc(%ebp)
40299f: e8 7c 12 00 00 call 403c20 <_RtlDestroyProcessParameters@4>
4029a4: 83 c4 0c add $0xc,%esp
4029a7: 83 7d 80 00 cmpl $0x0,0xffffff80(%ebp)
4029ab: 79 3a jns 4029e7 <_SmCreateUserProcess@24+0x127>
4029ad: 83 ec 04 sub $0x4,%esp
4029b0: 6a 59 push $0x59
4029b2: 68 c0 5a 40 00 push $0x405ac0
4029b7: 68 cc 5a 40 00 push $0x405acc
4029bc: e8 1f 10 00 00 call 4039e0 <_DbgPrint>
4029c1: 83 c4 10 add $0x10,%esp
4029c4: ff 75 80 pushl 0xffffff80(%ebp)
4029c7: ff 75 ec pushl 0xffffffec(%ebp)
4029ca: 68 d5 5a 40 00 push $0x405ad5
4029cf: 68 00 5b 40 00 push $0x405b00
4029d4: e8 07 10 00 00 call 4039e0 <_DbgPrint>
4029d9: 83 c4 10 add $0x10,%esp
4029dc: 8b 45 80 mov 0xffffff80(%ebp),%eax
4029df: 89 85 7c ff ff ff mov %eax,0xffffff7c(%ebp)
4029e5: eb 61 jmp 402a48 <_SmCreateUserProcess@24+0x188>
4029e7: 83 ec 08 sub $0x8,%esp
4029ea: 6a 00 push $0x0
4029ec: 8b 45 84 mov 0xffffff84(%ebp),%eax
4029ef: ff 70 08 pushl 0x8(%eax)
4029f2: e8 39 12 00 00 call 403c30 <_ZwResumeThread@8>
4029f7: 83 c4 08 add $0x8,%esp
4029fa: 80 7d f7 00 cmpb $0x0,0xfffffff7(%ebp)
4029fe: 74 16 je 402a16 <_SmCreateUserProcess@24+0x156>
402a00: 83 ec 04 sub $0x4,%esp
402a03: ff 75 14 pushl 0x14(%ebp)
402a06: 6a 00 push $0x0
402a08: 8b 45 84 mov 0xffffff84(%ebp),%eax
402a0b: ff 70 04 pushl 0x4(%eax)
402a0e: e8 ad 0f 00 00 call 4039c0 <_NtWaitForSingleObject@12>
402a13: 83 c4 04 add $0x4,%esp
402a16: 80 7d f6 00 cmpb $0x0,0xfffffff6(%ebp)
402a1a: 74 22 je 402a3e <_SmCreateUserProcess@24+0x17e>
402a1c: 83 ec 0c sub $0xc,%esp
402a1f: 8b 45 84 mov 0xffffff84(%ebp),%eax
402a22: ff 70 08 pushl 0x8(%eax)
402a25: e8 a6 0f 00 00 call 4039d0 <_NtClose@4>
402a2a: 83 c4 0c add $0xc,%esp
402a2d: 83 ec 0c sub $0xc,%esp
402a30: 8b 45 84 mov 0xffffff84(%ebp),%eax
402a33: ff 70 04 pushl 0x4(%eax)
402a36: e8 95 0f 00 00 call 4039d0 <_NtClose@4>
402a3b: 83 c4 0c add $0xc,%esp
402a3e: c7 85 7c ff ff ff 00 movl $0x0,0xffffff7c(%ebp)
402a45: 00 00 00
402a48: 8b 85 7c ff ff ff mov 0xffffff7c(%ebp),%eax
402a4e: 8b 7d fc mov 0xfffffffc(%ebp),%edi
402a51: c9 leave
402a52: c2 18 00 ret $0x18
00402a55 <_SmLookupSubsystem@20>:
402a55: 55 push %ebp
402a56: 89 e5 mov %esp,%ebp
402a58: 57 push %edi
402a59: b8 84 18 00 00 mov $0x1884,%eax
402a5e: e8 bd 12 00 00 call 403d20 <___chkstk>
402a63: 8b 45 18 mov 0x18(%ebp),%eax
402a66: 88 45 f7 mov %al,0xfffffff7(%ebp)
402a69: c7 45 f0 00 00 00 00 movl $0x0,0xfffffff0(%ebp)
402a70: c7 45 e8 00 00 00 00 movl $0x0,0xffffffe8(%ebp)
402a77: c7 45 ec 00 00 00 00 movl $0x0,0xffffffec(%ebp)
402a7e: 8d 7d c8 lea 0xffffffc8(%ebp),%edi
402a81: fc cld
402a82: ba 00 00 00 00 mov $0x0,%edx
402a87: b8 06 00 00 00 mov $0x6,%eax
402a8c: 89 c1 mov %eax,%ecx
402a8e: 89 d0 mov %edx,%eax
402a90: f3 ab repz stos %eax,%es:(%edi)
402a92: c7 45 c4 00 00 00 00 movl $0x0,0xffffffc4(%ebp)
402a99: 83 ec 08 sub $0x8,%esp
402a9c: 68 40 5b 40 00 push $0x405b40
402aa1: 8d 45 e8 lea 0xffffffe8(%ebp),%eax
402aa4: 50 push %eax
402aa5: e8 e6 0e 00 00 call 403990 <_RtlInitUnicodeString@8>
402aaa: 83 c4 08 add $0x8,%esp
402aad: c7 45 c8 18 00 00 00 movl $0x18,0xffffffc8(%ebp)
402ab4: 8d 45 e8 lea 0xffffffe8(%ebp),%eax
402ab7: 89 45 d0 mov %eax,0xffffffd0(%ebp)
402aba: c7 45 d4 40 00 00 00 movl $0x40,0xffffffd4(%ebp)
402ac1: c7 45 cc 00 00 00 00 movl $0x0,0xffffffcc(%ebp)
402ac8: c7 45 d8 00 00 00 00 movl $0x0,0xffffffd8(%ebp)
402acf: c7 45 dc 00 00 00 00 movl $0x0,0xffffffdc(%ebp)
402ad6: 83 ec 04 sub $0x4,%esp
402ad9: 8d 45 c8 lea 0xffffffc8(%ebp),%eax
402adc: 50 push %eax
402add: 68 00 00 00 02 push $0x2000000
402ae2: 8d 45 c4 lea 0xffffffc4(%ebp),%eax
402ae5: 50 push %eax
402ae6: e8 55 11 00 00 call 403c40 <_NtOpenKey@12>
402aeb: 83 c4 04 add $0x4,%esp
402aee: 89 45 f0 mov %eax,0xfffffff0(%ebp)
402af1: 83 7d f0 00 cmpl $0x0,0xfffffff0(%ebp)
402af5: 0f 88 c1 02 00 00 js 402dbc <_SmLookupSubsystem@20+0x367>
402afb: c7 45 b8 00 00 00 00 movl $0x0,0xffffffb8(%ebp)
402b02: c7 45 bc 00 00 00 00 movl $0x0,0xffffffbc(%ebp)
402b09: 8d bd b8 f7 ff ff lea 0xfffff7b8(%ebp),%edi
402b0f: fc cld
402b10: ba 00 00 00 00 mov $0x0,%edx
402b15: b8 00 02 00 00 mov $0x200,%eax
402b1a: 89 c1 mov %eax,%ecx
402b1c: 89 d0 mov %edx,%eax
402b1e: f3 ab repz stos %eax,%es:(%edi)
402b20: c7 85 b4 f7 ff ff 00 movl $0x0,0xfffff7b4(%ebp)
402b27: 00 00 00
402b2a: 8d 85 b8 f7 ff ff lea 0xfffff7b8(%ebp),%eax
402b30: 89 85 b0 f7 ff ff mov %eax,0xfffff7b0(%ebp)
402b36: 83 ec 08 sub $0x8,%esp
402b39: ff 75 08 pushl 0x8(%ebp)
402b3c: 8d 45 b8 lea 0xffffffb8(%ebp),%eax
402b3f: 50 push %eax
402b40: e8 4b 0e 00 00 call 403990 <_RtlInitUnicodeString@8>
402b45: 83 c4 08 add $0x8,%esp
402b48: 83 ec 08 sub $0x8,%esp
402b4b: 8d 85 b4 f7 ff ff lea 0xfffff7b4(%ebp),%eax
402b51: 50 push %eax
402b52: 68 00 08 00 00 push $0x800
402b57: 8d 85 b8 f7 ff ff lea 0xfffff7b8(%ebp),%eax
402b5d: 50 push %eax
402b5e: 6a 02 push $0x2
402b60: 8d 45 b8 lea 0xffffffb8(%ebp),%eax
402b63: 50 push %eax
402b64: ff 75 c4 pushl 0xffffffc4(%ebp)
402b67: e8 e4 10 00 00 call 403c50 <_NtQueryValueKey@24>
402b6c: 83 c4 08 add $0x8,%esp
402b6f: 89 45 f0 mov %eax,0xfffffff0(%ebp)
402b72: 83 7d f0 00 cmpl $0x0,0xfffffff0(%ebp)
402b76: 0f 88 fe 01 00 00 js 402d7a <_SmLookupSubsystem@20+0x325>
402b7c: 83 7d 0c 00 cmpl $0x0,0xc(%ebp)
402b80: 0f 84 bc 01 00 00 je 402d42 <_SmLookupSubsystem@20+0x2ed>
402b86: 83 7d 10 00 cmpl $0x0,0x10(%ebp)
402b8a: 0f 84 b2 01 00 00 je 402d42 <_SmLookupSubsystem@20+0x2ed>
402b90: 83 7d 14 00 cmpl $0x0,0x14(%ebp)
402b94: 0f 84 a8 01 00 00 je 402d42 <_SmLookupSubsystem@20+0x2ed>
402b9a: 8b 45 14 mov 0x14(%ebp),%eax
402b9d: 8b 95 b0 f7 ff ff mov 0xfffff7b0(%ebp),%edx
402ba3: 8b 52 04 mov 0x4(%edx),%edx
402ba6: 89 10 mov %edx,(%eax)
402ba8: 80 7d f7 00 cmpb $0x0,0xfffffff7(%ebp)
402bac: 0f 84 16 01 00 00 je 402cc8 <_SmLookupSubsystem@20+0x273>
402bb2: 8b 45 14 mov 0x14(%ebp),%eax
402bb5: 83 38 02 cmpl $0x2,(%eax)
402bb8: 0f 85 0a 01 00 00 jne 402cc8 <_SmLookupSubsystem@20+0x273>
402bbe: 8d bd a8 e7 ff ff lea 0xffffe7a8(%ebp),%edi
402bc4: fc cld
402bc5: ba 00 00 00 00 mov $0x0,%edx
402bca: b8 00 04 00 00 mov $0x400,%eax
402bcf: 89 c1 mov %eax,%ecx
402bd1: 89 d0 mov %edx,%eax
402bd3: f3 ab repz stos %eax,%es:(%edi)
402bd5: c7 85 9c e7 ff ff 00 movl $0x0,0xffffe79c(%ebp)
402bdc: 00 00 00
402bdf: 8b 85 b0 f7 ff ff mov 0xfffff7b0(%ebp),%eax
402be5: 66 8b 40 08 mov 0x8(%eax),%ax
402be9: 66 89 85 a8 f7 ff ff mov %ax,0xfffff7a8(%ebp)
402bf0: 8b 85 b0 f7 ff ff mov 0xfffff7b0(%ebp),%eax
402bf6: 66 8b 40 08 mov 0x8(%eax),%ax
402bfa: 66 89 85 aa f7 ff ff mov %ax,0xfffff7aa(%ebp)
402c01: 8b 85 b0 f7 ff ff mov 0xfffff7b0(%ebp),%eax
402c07: 83 c0 0c add $0xc,%eax
402c0a: 89 85 ac f7 ff ff mov %eax,0xfffff7ac(%ebp)
402c10: 66 c7 85 a0 e7 ff ff movw $0x0,0xffffe7a0(%ebp)
402c17: 00 00
402c19: 66 c7 85 a2 e7 ff ff movw $0x1000,0xffffe7a2(%ebp)
402c20: 00 10
402c22: 8d 85 a8 e7 ff ff lea 0xffffe7a8(%ebp),%eax
402c28: 89 85 a4 e7 ff ff mov %eax,0xffffe7a4(%ebp)
402c2e: 8d 85 9c e7 ff ff lea 0xffffe79c(%ebp),%eax
402c34: 50 push %eax
402c35: 8d 85 a0 e7 ff ff lea 0xffffe7a0(%ebp),%eax
402c3b: 50 push %eax
402c3c: 8d 85 a8 f7 ff ff lea 0xfffff7a8(%ebp),%eax
402c42: 50 push %eax
402c43: ff 35 20 60 40 00 pushl 0x406020
402c49: e8 12 10 00 00 call 403c60 <_RtlExpandEnvironmentStrings_U@16>
402c4e: 89 45 f0 mov %eax,0xfffffff0(%ebp)
402c51: 83 7d f0 00 cmpl $0x0,0xfffffff0(%ebp)
402c55: 0f 88 d7 00 00 00 js 402d32 <_SmLookupSubsystem@20+0x2dd>
402c5b: 8b 55 10 mov 0x10(%ebp),%edx
402c5e: 89 95 98 e7 ff ff mov %edx,0xffffe798(%ebp)
402c64: 8b 45 10 mov 0x10(%ebp),%eax
402c67: 89 85 90 e7 ff ff mov %eax,0xffffe790(%ebp)
402c6d: 8b 85 a0 e7 ff ff mov 0xffffe7a0(%ebp),%eax
402c73: 89 c2 mov %eax,%edx
402c75: 81 e2 ff ff 00 00 and $0xffff,%edx
402c7b: 89 95 94 e7 ff ff mov %edx,0xffffe794(%ebp)
402c81: 8b 95 94 e7 ff ff mov 0xffffe794(%ebp),%edx
402c87: 8b 85 90 e7 ff ff mov 0xffffe790(%ebp),%eax
402c8d: 3b 10 cmp (%eax),%edx
402c8f: 76 0e jbe 402c9f <_SmLookupSubsystem@20+0x24a>
402c91: 8b 85 90 e7 ff ff mov 0xffffe790(%ebp),%eax
402c97: 8b 00 mov (%eax),%eax
402c99: 89 85 94 e7 ff ff mov %eax,0xffffe794(%ebp)
402c9f: 8b 85 94 e7 ff ff mov 0xffffe794(%ebp),%eax
402ca5: 8b 95 98 e7 ff ff mov 0xffffe798(%ebp),%edx
402cab: 89 02 mov %eax,(%edx)
402cad: 83 ec 04 sub $0x4,%esp
402cb0: 8b 45 10 mov 0x10(%ebp),%eax
402cb3: ff 30 pushl (%eax)
402cb5: ff b5 a4 e7 ff ff pushl 0xffffe7a4(%ebp)
402cbb: ff 75 0c pushl 0xc(%ebp)
402cbe: e8 dd 0d 00 00 call 403aa0 <_memcpy>
402cc3: 83 c4 10 add $0x10,%esp
402cc6: eb 6a jmp 402d32 <_SmLookupSubsystem@20+0x2dd>
402cc8: 8b 55 10 mov 0x10(%ebp),%edx
402ccb: 89 95 8c e7 ff ff mov %edx,0xffffe78c(%ebp)
402cd1: 8b 45 10 mov 0x10(%ebp),%eax
402cd4: 89 85 84 e7 ff ff mov %eax,0xffffe784(%ebp)
402cda: 8b 85 b0 f7 ff ff mov 0xfffff7b0(%ebp),%eax
402ce0: 8b 40 08 mov 0x8(%eax),%eax
402ce3: 89 85 88 e7 ff ff mov %eax,0xffffe788(%ebp)
402ce9: 8b 85 88 e7 ff ff mov 0xffffe788(%ebp),%eax
402cef: 8b 95 84 e7 ff ff mov 0xffffe784(%ebp),%edx
402cf5: 3b 02 cmp (%edx),%eax
402cf7: 76 0e jbe 402d07 <_SmLookupSubsystem@20+0x2b2>
402cf9: 8b 95 84 e7 ff ff mov 0xffffe784(%ebp),%edx
402cff: 8b 12 mov (%edx),%edx
402d01: 89 95 88 e7 ff ff mov %edx,0xffffe788(%ebp)
402d07: 8b 95 88 e7 ff ff mov 0xffffe788(%ebp),%edx
402d0d: 8b 85 8c e7 ff ff mov 0xffffe78c(%ebp),%eax
402d13: 89 10 mov %edx,(%eax)
402d15: 83 ec 04 sub $0x4,%esp
402d18: 8b 45 10 mov 0x10(%ebp),%eax
402d1b: ff 30 pushl (%eax)
402d1d: 8b 85 b0 f7 ff ff mov 0xfffff7b0(%ebp),%eax
402d23: 83 c0 0c add $0xc,%eax
402d26: 50 push %eax
402d27: ff 75 0c pushl 0xc(%ebp)
402d2a: e8 71 0d 00 00 call 403aa0 <_memcpy>
402d2f: 83 c4 10 add $0x10,%esp
402d32: 8b 45 14 mov 0x14(%ebp),%eax
402d35: 8b 95 b0 f7 ff ff mov 0xfffff7b0(%ebp),%edx
402d3b: 8b 52 04 mov 0x4(%edx),%edx
402d3e: 89 10 mov %edx,(%eax)
402d40: eb 6a jmp 402dac <_SmLookupSubsystem@20+0x357>
402d42: 83 ec 04 sub $0x4,%esp
402d45: 68 df 00 00 00 push $0xdf
402d4a: 68 c0 5a 40 00 push $0x405ac0
402d4f: 68 cc 5a 40 00 push $0x405acc
402d54: e8 87 0c 00 00 call 4039e0 <_DbgPrint>
402d59: 83 c4 10 add $0x10,%esp
402d5c: 83 ec 08 sub $0x8,%esp
402d5f: 68 dc 5b 40 00 push $0x405bdc
402d64: 68 00 5c 40 00 push $0x405c00
402d69: e8 72 0c 00 00 call 4039e0 <_DbgPrint>
402d6e: 83 c4 10 add $0x10,%esp
402d71: c7 45 f0 0d 00 00 c0 movl $0xc000000d,0xfffffff0(%ebp)
402d78: eb 32 jmp 402dac <_SmLookupSubsystem@20+0x357>
402d7a: 83 ec 04 sub $0x4,%esp
402d7d: 68 e3 00 00 00 push $0xe3
402d82: 68 c0 5a 40 00 push $0x405ac0
402d87: 68 cc 5a 40 00 push $0x405acc
402d8c: e8 4f 0c 00 00 call 4039e0 <_DbgPrint>
402d91: 83 c4 10 add $0x10,%esp
402d94: 83 ec 04 sub $0x4,%esp
402d97: ff 75 f0 pushl 0xfffffff0(%ebp)
402d9a: 68 dc 5b 40 00 push $0x405bdc
402d9f: 68 40 5c 40 00 push $0x405c40
402da4: e8 37 0c 00 00 call 4039e0 <_DbgPrint>
402da9: 83 c4 10 add $0x10,%esp
402dac: 83 ec 0c sub $0xc,%esp
402daf: ff 75 c4 pushl 0xffffffc4(%ebp)
402db2: e8 19 0c 00 00 call 4039d0 <_NtClose@4>
402db7: 83 c4 0c add $0xc,%esp
402dba: eb 32 jmp 402dee <_SmLookupSubsystem@20+0x399>
402dbc: 83 ec 04 sub $0x4,%esp
402dbf: 68 e7 00 00 00 push $0xe7
402dc4: 68 c0 5a 40 00 push $0x405ac0
402dc9: 68 cc 5a 40 00 push $0x405acc
402dce: e8 0d 0c 00 00 call 4039e0 <_DbgPrint>
402dd3: 83 c4 10 add $0x10,%esp
402dd6: 83 ec 04 sub $0x4,%esp
402dd9: ff 75 f0 pushl 0xfffffff0(%ebp)
402ddc: 68 dc 5b 40 00 push $0x405bdc
402de1: 68 80 5c 40 00 push $0x405c80
402de6: e8 f5 0b 00 00 call 4039e0 <_DbgPrint>
402deb: 83 c4 10 add $0x10,%esp
402dee: 8b 45 f0 mov 0xfffffff0(%ebp),%eax
402df1: 8b 7d fc mov 0xfffffffc(%ebp),%edi
402df4: c9 leave
402df5: c2 14 00 ret $0x14
00402df8 <@SmExecPgm@4>:
402df8: 55 push %ebp
402df9: 89 e5 mov %esp,%ebp
402dfb: 57 push %edi
402dfc: 53 push %ebx
402dfd: 81 ec b0 04 00 00 sub $0x4b0,%esp
402e03: 89 4d f4 mov %ecx,0xfffffff4(%ebp)
402e06: c7 45 f0 00 00 00 00 movl $0x0,0xfffffff0(%ebp)
402e0d: c7 45 94 00 00 00 00 movl $0x0,0xffffff94(%ebp)
402e14: 83 7d f4 00 cmpl $0x0,0xfffffff4(%ebp)
402e18: 75 3e jne 402e58 <@SmExecPgm@4+0x60>
402e1a: 83 ec 04 sub $0x4,%esp
402e1d: 68 fa 00 00 00 push $0xfa
402e22: 68 c0 5a 40 00 push $0x405ac0
402e27: 68 cc 5a 40 00 push $0x405acc
402e2c: e8 af 0b 00 00 call 4039e0 <_DbgPrint>
402e31: 83 c4 10 add $0x10,%esp
402e34: 83 ec 08 sub $0x8,%esp
402e37: 68 a7 5c 40 00 push $0x405ca7
402e3c: 68 b1 5c 40 00 push $0x405cb1
402e41: e8 9a 0b 00 00 call 4039e0 <_DbgPrint>
402e46: 83 c4 10 add $0x10,%esp
402e49: c7 85 54 fb ff ff 0d movl $0xc000000d,0xfffffb54(%ebp)
402e50: 00 00 c0
402e53: e9 57 01 00 00 jmp 402faf <@SmExecPgm@4+0x1b7>
402e58: 8b 45 f4 mov 0xfffffff4(%ebp),%eax
402e5b: 83 c0 20 add $0x20,%eax
402e5e: 89 45 f0 mov %eax,0xfffffff0(%ebp)
402e61: 8b 45 f0 mov 0xfffffff0(%ebp),%eax
402e64: 83 38 00 cmpl $0x0,(%eax)
402e67: 0f 84 28 01 00 00 je 402f95 <@SmExecPgm@4+0x19d>
402e6d: 8b 45 f0 mov 0xfffffff0(%ebp),%eax
402e70: 83 38 20 cmpl $0x20,(%eax)
402e73: 0f 87 1c 01 00 00 ja 402f95 <@SmExecPgm@4+0x19d>
402e79: 83 ec 08 sub $0x8,%esp
402e7c: 6a 42 push $0x42
402e7e: 8d 45 98 lea 0xffffff98(%ebp),%eax
402e81: 50 push %eax
402e82: e8 99 0b 00 00 call 403a20 <_RtlZeroMemory@8>
402e87: 83 c4 08 add $0x8,%esp
402e8a: 83 ec 04 sub $0x4,%esp
402e8d: 8b 45 f0 mov 0xfffffff0(%ebp),%eax
402e90: 8b 00 mov (%eax),%eax
402e92: 01 c0 add %eax,%eax
402e94: 50 push %eax
402e95: 8b 45 f0 mov 0xfffffff0(%ebp),%eax
402e98: 83 c0 04 add $0x4,%eax
402e9b: 50 push %eax
402e9c: 8d 45 98 lea 0xffffff98(%ebp),%eax
402e9f: 50 push %eax
402ea0: e8 fb 0b 00 00 call 403aa0 <_memcpy>
402ea5: 83 c4 10 add $0x10,%esp
402ea8: 83 ec 08 sub $0x8,%esp
402eab: 8d 45 98 lea 0xffffff98(%ebp),%eax
402eae: 50 push %eax
402eaf: 68 cc 5c 40 00 push $0x405ccc
402eb4: e8 67 0c 00 00 call 403b20 <__wcsicmp>
402eb9: 83 c4 10 add $0x10,%esp
402ebc: 85 c0 test %eax,%eax
402ebe: 75 10 jne 402ed0 <@SmExecPgm@4+0xd8>
402ec0: 8b 5d f4 mov 0xfffffff4(%ebp),%ebx
402ec3: e8 0a 07 00 00 call 4035d2 <_SmInitializeDbgSs>
402ec8: 89 43 1c mov %eax,0x1c(%ebx)
402ecb: e9 d6 00 00 00 jmp 402fa6 <@SmExecPgm@4+0x1ae>
402ed0: 8d bd 78 fd ff ff lea 0xfffffd78(%ebp),%edi
402ed6: fc cld
402ed7: b9 0a 02 00 00 mov $0x20a,%ecx
402edc: b0 00 mov $0x0,%al
402ede: f3 aa repz stos %al,%es:(%edi)
402ee0: c7 85 74 fd ff ff 0a movl $0x20a,0xfffffd74(%ebp)
402ee7: 02 00 00
402eea: c7 85 70 fd ff ff 02 movl $0x2,0xfffffd70(%ebp)
402ef1: 00 00 00
402ef4: 83 ec 0c sub $0xc,%esp
402ef7: 6a 01 push $0x1
402ef9: 8d 85 70 fd ff ff lea 0xfffffd70(%ebp),%eax
402eff: 50 push %eax
402f00: 8d 85 74 fd ff ff lea 0xfffffd74(%ebp),%eax
402f06: 50 push %eax
402f07: 8d 85 78 fd ff ff lea 0xfffffd78(%ebp),%eax
402f0d: 50 push %eax
402f0e: 8d 45 98 lea 0xffffff98(%ebp),%eax
402f11: 50 push %eax
402f12: e8 3e fb ff ff call 402a55 <_SmLookupSubsystem@20>
402f17: 83 c4 0c add $0xc,%esp
402f1a: 89 45 94 mov %eax,0xffffff94(%ebp)
402f1d: 83 7d 94 00 cmpl $0x0,0xffffff94(%ebp)
402f21: 78 67 js 402f8a <@SmExecPgm@4+0x192>
402f23: 8d bd 58 fb ff ff lea 0xfffffb58(%ebp),%edi
402f29: fc cld
402f2a: b9 0a 02 00 00 mov $0x20a,%ecx
402f2f: b0 00 mov $0x0,%al
402f31: f3 aa repz stos %al,%es:(%edi)
402f33: 83 ec 08 sub $0x8,%esp
402f36: 68 d8 5c 40 00 push $0x405cd8
402f3b: 8d 85 58 fb ff ff lea 0xfffffb58(%ebp),%eax
402f41: 50 push %eax
402f42: e8 f9 0a 00 00 call 403a40 <_wcscpy>
402f47: 83 c4 10 add $0x10,%esp
402f4a: 83 ec 08 sub $0x8,%esp
402f4d: 8d 85 78 fd ff ff lea 0xfffffd78(%ebp),%eax
402f53: 50 push %eax
402f54: 8d 85 58 fb ff ff lea 0xfffffb58(%ebp),%eax
402f5a: 50 push %eax
402f5b: e8 20 0b 00 00 call 403a80 <_wcscat>
402f60: 83 c4 10 add $0x10,%esp
402f63: 8b 5d f4 mov 0xfffffff4(%ebp),%ebx
402f66: 83 ec 08 sub $0x8,%esp
402f69: 6a 00 push $0x0
402f6b: 6a 00 push $0x0
402f6d: 6a 00 push $0x0
402f6f: 6a 00 push $0x0
402f71: 68 e2 5c 40 00 push $0x405ce2
402f76: 8d 85 58 fb ff ff lea 0xfffffb58(%ebp),%eax
402f7c: 50 push %eax
402f7d: e8 3e f9 ff ff call 4028c0 <_SmCreateUserProcess@24>
402f82: 83 c4 08 add $0x8,%esp
402f85: 89 43 1c mov %eax,0x1c(%ebx)
402f88: eb 1c jmp 402fa6 <@SmExecPgm@4+0x1ae>
402f8a: 8b 55 f4 mov 0xfffffff4(%ebp),%edx
402f8d: 8b 45 94 mov 0xffffff94(%ebp),%eax
402f90: 89 42 1c mov %eax,0x1c(%edx)
402f93: eb 11 jmp 402fa6 <@SmExecPgm@4+0x1ae>
402f95: 8b 45 f4 mov 0xfffffff4(%ebp),%eax
402f98: c7 45 94 0d 00 00 c0 movl $0xc000000d,0xffffff94(%ebp)
402f9f: c7 40 1c 0d 00 00 c0 movl $0xc000000d,0x1c(%eax)
402fa6: 8b 45 94 mov 0xffffff94(%ebp),%eax
402fa9: 89 85 54 fb ff ff mov %eax,0xfffffb54(%ebp)
402faf: 8b 85 54 fb ff ff mov 0xfffffb54(%ebp),%eax
402fb5: 8d 65 f8 lea 0xfffffff8(%ebp),%esp
402fb8: 5b pop %ebx
402fb9: 5f pop %edi
402fba: 5d pop %ebp
402fbb: c3 ret
402fbc: 90 nop
402fbd: 90 nop
402fbe: 90 nop
402fbf: 90 nop
00402fc0 <@SmQryInfo@4>:
402fc0: 55 push %ebp
402fc1: 89 e5 mov %esp,%ebp
402fc3: 83 ec 08 sub $0x8,%esp
402fc6: 89 4d fc mov %ecx,0xfffffffc(%ebp)
402fc9: c7 45 f8 00 00 00 00 movl $0x0,0xfffffff8(%ebp)
402fd0: 8b 45 fc mov 0xfffffffc(%ebp),%eax
402fd3: c7 40 1c 02 00 00 c0 movl $0xc0000002,0x1c(%eax)
402fda: 8b 45 f8 mov 0xfffffff8(%ebp),%eax
402fdd: c9 leave
402fde: c3 ret
402fdf: 90 nop
00402fe0 <_SmInitializeClientManagement>:
402fe0: 55 push %ebp
402fe1: 89 e5 mov %esp,%ebp
402fe3: 83 ec 08 sub $0x8,%esp
402fe6: 83 ec 0c sub $0xc,%esp
402fe9: 68 60 60 40 00 push $0x406060
402fee: e8 7d 0c 00 00 call 403c70 <_RtlInitializeCriticalSection@4>
402ff3: 83 c4 0c add $0xc,%esp
402ff6: c7 05 78 60 40 00 00 movl $0x0,0x406078
402ffd: 00 00 00
403000: c7 05 7c 60 40 00 00 movl $0x0,0x40607c
403007: 00 00 00
40300a: b8 00 00 00 00 mov $0x0,%eax
40300f: c9 leave
403010: c3 ret
00403011 <_SmCompleteClientInitialization@4>:
403011: 55 push %ebp
403012: 89 e5 mov %esp,%ebp
403014: 83 ec 08 sub $0x8,%esp
403017: c7 45 fc 00 00 00 00 movl $0x0,0xfffffffc(%ebp)
40301e: c7 45 f8 00 00 00 00 movl $0x0,0xfffffff8(%ebp)
403025: 83 ec 0c sub $0xc,%esp
403028: 68 60 60 40 00 push $0x406060
40302d: e8 4e 0c 00 00 call 403c80 <_RtlEnterCriticalSection@4>
403032: 83 c4 0c add $0xc,%esp
403035: 83 3d 78 60 40 00 00 cmpl $0x0,0x406078
40303c: 74 3c je 40307a
<_SmCompleteClientInitialization@4+0x69>
40303e: a1 7c 60 40 00 mov 0x40607c,%eax
403043: 89 45 f8 mov %eax,0xfffffff8(%ebp)
403046: 83 7d f8 00 cmpl $0x0,0xfffffff8(%ebp)
40304a: 75 02 jne 40304e
<_SmCompleteClientInitialization@4+0x3d>
40304c: eb 25 jmp 403073
<_SmCompleteClientInitialization@4+0x62>
40304e: 8b 55 f8 mov 0xfffffff8(%ebp),%edx
403051: 8b 45 08 mov 0x8(%ebp),%eax
403054: 3b 42 08 cmp 0x8(%edx),%eax
403057: 75 0c jne 403065
<_SmCompleteClientInitialization@4+0x54>
403059: 8b 45 f8 mov 0xfffffff8(%ebp),%eax
40305c: c7 40 04 01 00 00 00 movl $0x1,0x4(%eax)
403063: eb 0e jmp 403073
<_SmCompleteClientInitialization@4+0x62>
403065: 8b 45 f8 mov 0xfffffff8(%ebp),%eax
403068: 8b 80 08 01 00 00 mov 0x108(%eax),%eax
40306e: 89 45 f8 mov %eax,0xfffffff8(%ebp)
403071: eb d3 jmp 403046
<_SmCompleteClientInitialization@4+0x35>
403073: c7 45 fc 25 02 00 c0 movl $0xc0000225,0xfffffffc(%ebp)
40307a: 83 ec 0c sub $0xc,%esp
40307d: 68 60 60 40 00 push $0x406060
403082: e8 09 0c 00 00 call 403c90 <_RtlLeaveCriticalSection@4>
403087: 83 c4 0c add $0xc,%esp
40308a: 8b 45 fc mov 0xfffffffc(%ebp),%eax
40308d: c9 leave
40308e: c2 04 00 ret $0x4
00403091 <@SmpLookupClientUnsafe@8>:
403091: 55 push %ebp
403092: 89 e5 mov %esp,%ebp
403094: 83 ec 0c sub $0xc,%esp
403097: 89 55 f8 mov %edx,0xfffffff8(%ebp)
40309a: 66 89 4d fe mov %cx,0xfffffffe(%ebp)
40309e: c7 45 f4 00 00 00 00 movl $0x0,0xfffffff4(%ebp)
4030a5: 83 7d f8 00 cmpl $0x0,0xfffffff8(%ebp)
4030a9: 74 09 je 4030b4 <@SmpLookupClientUnsafe@8+0x23>
4030ab: 8b 45 f8 mov 0xfffffff8(%ebp),%eax
4030ae: c7 00 00 00 00 00 movl $0x0,(%eax)
4030b4: 83 3d 78 60 40 00 00 cmpl $0x0,0x406078
4030bb: 74 3a je 4030f7 <@SmpLookupClientUnsafe@8+0x66>
4030bd: a1 7c 60 40 00 mov 0x40607c,%eax
4030c2: 89 45 f4 mov %eax,0xfffffff4(%ebp)
4030c5: 83 7d f4 00 cmpl $0x0,0xfffffff4(%ebp)
4030c9: 75 02 jne 4030cd <@SmpLookupClientUnsafe@8+0x3c>
4030cb: eb 2a jmp 4030f7 <@SmpLookupClientUnsafe@8+0x66>
4030cd: 8b 55 f4 mov 0xfffffff4(%ebp),%edx
4030d0: 66 8b 45 fe mov 0xfffffffe(%ebp),%ax
4030d4: 66 3b 02 cmp (%edx),%ax
4030d7: 75 02 jne 4030db <@SmpLookupClientUnsafe@8+0x4a>
4030d9: eb 1c jmp 4030f7 <@SmpLookupClientUnsafe@8+0x66>
4030db: 83 7d f8 00 cmpl $0x0,0xfffffff8(%ebp)
4030df: 74 08 je 4030e9 <@SmpLookupClientUnsafe@8+0x58>
4030e1: 8b 55 f8 mov 0xfffffff8(%ebp),%edx
4030e4: 8b 45 f4 mov 0xfffffff4(%ebp),%eax
4030e7: 89 02 mov %eax,(%edx)
4030e9: 8b 45 f4 mov 0xfffffff4(%ebp),%eax
4030ec: 8b 80 08 01 00 00 mov 0x108(%eax),%eax
4030f2: 89 45 f4 mov %eax,0xfffffff4(%ebp)
4030f5: eb ce jmp 4030c5 <@SmpLookupClientUnsafe@8+0x34>
4030f7: 8b 45 f4 mov 0xfffffff4(%ebp),%eax
4030fa: c9 leave
4030fb: c3 ret
004030fc <_SmpLookupClient@4>:
4030fc: 55 push %ebp
4030fd: 89 e5 mov %esp,%ebp
4030ff: 83 ec 08 sub $0x8,%esp
403102: 8b 45 08 mov 0x8(%ebp),%eax
403105: 66 89 45 fe mov %ax,0xfffffffe(%ebp)
403109: c7 45 f8 00 00 00 00 movl $0x0,0xfffffff8(%ebp)
403110: 83 ec 0c sub $0xc,%esp
403113: 68 60 60 40 00 push $0x406060
403118: e8 63 0b 00 00 call 403c80 <_RtlEnterCriticalSection@4>
40311d: 83 c4 0c add $0xc,%esp
403120: 66 8b 45 fe mov 0xfffffffe(%ebp),%ax
403124: 89 c1 mov %eax,%ecx
403126: 81 e1 ff ff 00 00 and $0xffff,%ecx
40312c: ba 00 00 00 00 mov $0x0,%edx
403131: e8 5b ff ff ff call 403091 <@SmpLookupClientUnsafe@8>
403136: 89 45 f8 mov %eax,0xfffffff8(%ebp)
403139: 83 7d f8 00 cmpl $0x0,0xfffffff8(%ebp)
40313d: 74 10 je 40314f <_SmpLookupClient@4+0x53>
40313f: 83 ec 0c sub $0xc,%esp
403142: 68 60 60 40 00 push $0x406060
403147: e8 44 0b 00 00 call 403c90 <_RtlLeaveCriticalSection@4>
40314c: 83 c4 0c add $0xc,%esp
40314f: 8b 45 f8 mov 0xfffffff8(%ebp),%eax
403152: c9 leave
403153: c2 04 00 ret $0x4
00403156 <_SmCreateClient@8>:
403156: 55 push %ebp
403157: 89 e5 mov %esp,%ebp
403159: 83 ec 18 sub $0x18,%esp
40315c: c7 45 fc 00 00 00 00 movl $0x0,0xfffffffc(%ebp)
403163: 8b 4d 08 mov 0x8(%ebp),%ecx
403166: e8 2f f1 ff ff call 40229a <@SmpGetConnectData@4>
40316b: 89 45 f8 mov %eax,0xfffffff8(%ebp)
40316e: 8b 45 08 mov 0x8(%ebp),%eax
403171: 66 8b 00 mov (%eax),%ax
403174: 25 ff ff 00 00 and $0xffff,%eax
403179: 83 e8 04 sub $0x4,%eax
40317c: 89 45 f4 mov %eax,0xfffffff4(%ebp)
40317f: 83 ec 0c sub $0xc,%esp
403182: 8b 45 f8 mov 0xfffffff8(%ebp),%eax
403185: 66 8b 00 mov (%eax),%ax
403188: 25 ff ff 00 00 and $0xffff,%eax
40318d: 50 push %eax
40318e: e8 69 ff ff ff call 4030fc <_SmpLookupClient@4>
403193: 83 c4 0c add $0xc,%esp
403196: 85 c0 test %eax,%eax
403198: 74 0c je 4031a6 <_SmCreateClient@8+0x50>
40319a: c7 45 ec 01 00 00 c0 movl $0xc0000001,0xffffffec(%ebp)
4031a1: e9 f2 00 00 00 jmp 403298 <_SmCreateClient@8+0x142>
4031a6: 83 ec 04 sub $0x4,%esp
4031a9: 68 0c 01 00 00 push $0x10c
4031ae: 6a 08 push $0x8
4031b0: ff 35 10 60 40 00 pushl 0x406010
4031b6: e8 e5 0a 00 00 call 403ca0 <_RtlAllocateHeap@12>
4031bb: 83 c4 04 add $0x4,%esp
4031be: 89 45 fc mov %eax,0xfffffffc(%ebp)
4031c1: 83 7d fc 00 cmpl $0x0,0xfffffffc(%ebp)
4031c5: 75 0c jne 4031d3 <_SmCreateClient@8+0x7d>
4031c7: c7 45 ec 17 00 00 c0 movl $0xc0000017,0xffffffec(%ebp)
4031ce: e9 c5 00 00 00 jmp 403298 <_SmCreateClient@8+0x142>
4031d3: 8b 55 fc mov 0xfffffffc(%ebp),%edx
4031d6: 8b 45 f8 mov 0xfffffff8(%ebp),%eax
4031d9: 66 8b 00 mov (%eax),%ax
4031dc: 66 89 02 mov %ax,(%edx)
4031df: 8b 55 fc mov 0xfffffffc(%ebp),%edx
4031e2: 8b 45 fc mov 0xfffffffc(%ebp),%eax
4031e5: 66 83 38 01 cmpw $0x1,(%eax)
4031e9: 0f 94 c0 sete %al
4031ec: 25 ff 00 00 00 and $0xff,%eax
4031f1: 89 42 04 mov %eax,0x4(%edx)
4031f4: 83 7d f4 00 cmpl $0x0,0xfffffff4(%ebp)
4031f8: 74 1c je 403216 <_SmCreateClient@8+0xc0>
4031fa: 83 ec 04 sub $0x4,%esp
4031fd: ff 75 f4 pushl 0xfffffff4(%ebp)
403200: 8b 45 f8 mov 0xfffffff8(%ebp),%eax
403203: 83 c0 04 add $0x4,%eax
403206: 50 push %eax
403207: 8b 45 fc mov 0xfffffffc(%ebp),%eax
40320a: 83 c0 18 add $0x18,%eax
40320d: 50 push %eax
40320e: e8 8d 08 00 00 call 403aa0 <_memcpy>
403213: 83 c4 10 add $0x10,%esp
* client directory.
*/
if (NULL == SmpClientDirectory.Client)
403216: 83 3d 7c 60 40 00 00 cmpl $0x0,0x40607c
40321d: 75 0a jne 403229 <_SmCreateClient@8+0xd3>
{
SmpClientDirectory.Client = pClient;
40321f: 8b 45 fc mov 0xfffffffc(%ebp),%eax
403222: a3 7c 60 40 00 mov %eax,0x40607c
403227: eb 37 jmp 403260 <_SmCreateClient@8+0x10a>
} else {
PSM_CLIENT_DATA pCD = NULL;
403229: c7 45 f0 00 00 00 00 movl $0x0,0xfffffff0(%ebp)
for (pCD=SmpClientDirectory.Client;
403230: a1 7c 60 40 00 mov 0x40607c,%eax
403235: 89 45 f0 mov %eax,0xfffffff0(%ebp)
403238: 8b 45 f0 mov 0xfffffff0(%ebp),%eax
40323b: 83 b8 08 01 00 00 00 cmpl $0x0,0x108(%eax)
403242: 75 02 jne 403246 <_SmCreateClient@8+0xf0>
403244: eb 0e jmp 403254 <_SmCreateClient@8+0xfe>
403246: 8b 45 f0 mov 0xfffffff0(%ebp),%eax
403249: 8b 80 08 01 00 00 mov 0x108(%eax),%eax
40324f: 89 45 f0 mov %eax,0xfffffff0(%ebp)
403252: eb e4 jmp 403238 <_SmCreateClient@8+0xe2>
(NULL != pCD->Next);
pCD = pCD->Next);
pCD->Next = pClient;
403254: 8b 55 f0 mov 0xfffffff0(%ebp),%edx
403257: 8b 45 fc mov 0xfffffffc(%ebp),%eax
40325a: 89 82 08 01 00 00 mov %eax,0x108(%edx)
}
pClient->Next = NULL;
403260: 8b 45 fc mov 0xfffffffc(%ebp),%eax
403263: c7 80 08 01 00 00 00 movl $0x0,0x108(%eax)
40326a: 00 00 00
++ SmpClientDirectory.Count;
40326d: ff 05 78 60 40 00 incl 0x406078
/*
* Note we unlock the client directory here, because
* it was locked by SmpLookupClient on failure.
*/
RtlLeaveCriticalSection (& SmpClientDirectory.Lock);
403273: 83 ec 0c sub $0xc,%esp
403276: 68 60 60 40 00 push $0x406060
40327b: e8 10 0a 00 00 call 403c90 <_RtlLeaveCriticalSection@4>
403280: 83 c4 0c add $0xc,%esp
if (ClientData)
403283: 83 7d 0c 00 cmpl $0x0,0xc(%ebp)
403287: 74 08 je 403291 <_SmCreateClient@8+0x13b>
{
*ClientData = pClient;
403289: 8b 55 0c mov 0xc(%ebp),%edx
40328c: 8b 45 fc mov 0xfffffffc(%ebp),%eax
40328f: 89 02 mov %eax,(%edx)
}
return STATUS_SUCCESS;
403291: c7 45 ec 00 00 00 00 movl $0x0,0xffffffec(%ebp)
}
403298: 8b 45 ec mov 0xffffffec(%ebp),%eax
40329b: c9 leave
40329c: c2 08 00 ret $0x8
0040329f <_SmDestroyClient@4>:
/**********************************************************************
* SmpDestroyClient/1
*
* 1. close any handle
* 2. kill client process
* 3. release resources
*/
NTSTATUS STDCALL
SmDestroyClient (ULONG SubsystemId)
{
40329f: 55 push %ebp
4032a0: 89 e5 mov %esp,%ebp
4032a2: 83 ec 18 sub $0x18,%esp
NTSTATUS Status = STATUS_SUCCESS;
4032a5: c7 45 fc 00 00 00 00 movl $0x0,0xfffffffc(%ebp)
PSM_CLIENT_DATA Parent = NULL;
4032ac: c7 45 f8 00 00 00 00 movl $0x0,0xfffffff8(%ebp)
PSM_CLIENT_DATA Client = NULL;
4032b3: c7 45 f4 00 00 00 00 movl $0x0,0xfffffff4(%ebp)
DPRINT("SM: %s called\n", __FUNCTION__);
RtlEnterCriticalSection (& SmpClientDirectory.Lock);
4032ba: 83 ec 0c sub $0xc,%esp
4032bd: 68 60 60 40 00 push $0x406060
4032c2: e8 b9 09 00 00 call 403c80 <_RtlEnterCriticalSection@4>
4032c7: 83 c4 0c add $0xc,%esp
Client = SmpLookupClientUnsafe (SubsystemId, & Parent);
4032ca: 8d 55 f8 lea 0xfffffff8(%ebp),%edx
4032cd: 8b 45 08 mov 0x8(%ebp),%eax
4032d0: 89 c1 mov %eax,%ecx
4032d2: 81 e1 ff ff 00 00 and $0xffff,%ecx
4032d8: e8 b4 fd ff ff call 403091 <@SmpLookupClientUnsafe@8>
4032dd: 89 45 f4 mov %eax,0xfffffff4(%ebp)
if(NULL == Client)
4032e0: 83 7d f4 00 cmpl $0x0,0xfffffff4(%ebp)
4032e4: 75 3e jne 403324 <_SmDestroyClient@4+0x85>
{
DPRINT1("SM: %s: del req for non existent subsystem (id=%d)\n",
4032e6: 83 ec 04 sub $0x4,%esp
4032e9: 68 fa 00 00 00 push $0xfa
4032ee: 68 00 5d 40 00 push $0x405d00
4032f3: 68 09 5d 40 00 push $0x405d09
4032f8: e8 e3 06 00 00 call 4039e0 <_DbgPrint>
4032fd: 83 c4 10 add $0x10,%esp
403300: 83 ec 04 sub $0x4,%esp
403303: ff 75 08 pushl 0x8(%ebp)
403306: 68 12 5d 40 00 push $0x405d12
40330b: 68 40 5d 40 00 push $0x405d40
403310: e8 cb 06 00 00 call 4039e0 <_DbgPrint>
403315: 83 c4 10 add $0x10,%esp
__FUNCTION__, SubsystemId);
Status = STATUS_NOT_FOUND;
403318: c7 45 fc 25 02 00 c0 movl $0xc0000225,0xfffffffc(%ebp)
40331f: e9 82 00 00 00 jmp 4033a6 <_SmDestroyClient@4+0x107>
}
else
{
/* 1st in the list? */
if(NULL == Parent)
403324: 83 7d f8 00 cmpl $0x0,0xfffffff8(%ebp)
403328: 75 10 jne 40333a <_SmDestroyClient@4+0x9b>
{
SmpClientDirectory.Client = Client->Next;
40332a: 8b 45 f4 mov 0xfffffff4(%ebp),%eax
40332d: 8b 80 08 01 00 00 mov 0x108(%eax),%eax
403333: a3 7c 60 40 00 mov %eax,0x40607c
403338: eb 50 jmp 40338a <_SmDestroyClient@4+0xeb>
}
else
{
if(NULL != Parent)
40333a: 83 7d f8 00 cmpl $0x0,0xfffffff8(%ebp)
40333e: 74 14 je 403354 <_SmDestroyClient@4+0xb5>
{
Parent->Next = Client->Next;
403340: 8b 45 f8 mov 0xfffffff8(%ebp),%eax
403343: 8b 55 f4 mov 0xfffffff4(%ebp),%edx
403346: 8b 92 08 01 00 00 mov 0x108(%edx),%edx
40334c: 89 90 08 01 00 00 mov %edx,0x108(%eax)
403352: eb 36 jmp 40338a <_SmDestroyClient@4+0xeb>
} else {
DPRINT1("SM: %s: n-th has no parent!\n", __FUNCTION__);
403354: 83 ec 04 sub $0x4,%esp
403357: 68 0b 01 00 00 push $0x10b
40335c: 68 00 5d 40 00 push $0x405d00
403361: 68 09 5d 40 00 push $0x405d09
403366: e8 75 06 00 00 call 4039e0 <_DbgPrint>
40336b: 83 c4 10 add $0x10,%esp
40336e: 83 ec 08 sub $0x8,%esp
403371: 68 12 5d 40 00 push $0x405d12
403376: 68 74 5d 40 00 push $0x405d74
40337b: e8 60 06 00 00 call 4039e0 <_DbgPrint>
403380: 83 c4 10 add $0x10,%esp
Status = STATUS_UNSUCCESSFUL; /* FIXME */
403383: c7 45 fc 01 00 00 c0 movl $0xc0000001,0xfffffffc(%ebp)
}
}
/* TODO: send shutdown or kill */
RtlFreeHeap (SmpHeap, 0, Client);
40338a: 83 ec 04 sub $0x4,%esp
40338d: ff 75 f4 pushl 0xfffffff4(%ebp)
403390: 6a 00 push $0x0
403392: ff 35 10 60 40 00 pushl 0x406010
403398: e8 13 09 00 00 call 403cb0 <_RtlFreeHeap@12>
40339d: 83 c4 04 add $0x4,%esp
-- SmpClientDirectory.Count;
4033a0: ff 0d 78 60 40 00 decl 0x406078
}
RtlLeaveCriticalSection (& SmpClientDirectory.Lock);
4033a6: 83 ec 0c sub $0xc,%esp
4033a9: 68 60 60 40 00 push $0x406060
4033ae: e8 dd 08 00 00 call 403c90 <_RtlLeaveCriticalSection@4>
4033b3: 83 c4 0c add $0xc,%esp
return Status;
4033b6: 8b 45 fc mov 0xfffffffc(%ebp),%eax
}
4033b9: c9 leave
4033ba: c2 04 00 ret $0x4
4033bd: 90 nop
4033be: 90 nop
4033bf: 90 nop
004033c0 <_DbgSsApiPortThread@4>:
4033c0: 55 push %ebp
4033c1: 89 e5 mov %esp,%ebp
4033c3: 57 push %edi
4033c4: 81 ec 64 01 00 00 sub $0x164,%esp
4033ca: c7 45 f4 00 00 00 00 movl $0x0,0xfffffff4(%ebp)
4033d1: 8d bd 98 fe ff ff lea 0xfffffe98(%ebp),%edi
4033d7: fc cld
4033d8: ba 00 00 00 00 mov $0x0,%edx
4033dd: b8 52 00 00 00 mov $0x52,%eax
4033e2: 89 c1 mov %eax,%ecx
4033e4: 89 d0 mov %edx,%eax
4033e6: f3 ab repz stos %eax,%es:(%edi)
4033e8: 83 ec 08 sub $0x8,%esp
4033eb: 8d 85 98 fe ff ff lea 0xfffffe98(%ebp),%eax
4033f1: 50 push %eax
4033f2: ff 35 50 60 40 00 pushl 0x406050
4033f8: e8 e3 07 00 00 call 403be0 <_NtListenPort@8>
4033fd: 83 c4 08 add $0x8,%esp
403400: 89 45 f4 mov %eax,0xfffffff4(%ebp)
403403: 83 7d f4 00 cmpl $0x0,0xfffffff4(%ebp)
403407: 79 df jns 4033e8 <_DbgSsApiPortThread@4+0x28>
403409: 83 ec 04 sub $0x4,%esp
40340c: 6a 35 push $0x35
40340e: 68 a0 5d 40 00 push $0x405da0
403413: 68 a8 5d 40 00 push $0x405da8
403418: e8 c3 05 00 00 call 4039e0 <_DbgPrint>
40341d: 83 c4 10 add $0x10,%esp
403420: 83 ec 04 sub $0x4,%esp
403423: ff 75 f4 pushl 0xfffffff4(%ebp)
403426: 68 b1 5d 40 00 push $0x405db1
40342b: 68 e0 5d 40 00 push $0x405de0
403430: e8 ab 05 00 00 call 4039e0 <_DbgPrint>
403435: 83 c4 10 add $0x10,%esp
403438: 83 ec 08 sub $0x8,%esp
40343b: ff 75 f4 pushl 0xfffffff4(%ebp)
40343e: 6a fe push $0xfffffffe
403440: e8 3b 05 00 00 call 403980 <_NtTerminateThread@8>
403445: 83 c4 08 add $0x8,%esp
403448: 8b 7d fc mov 0xfffffffc(%ebp),%edi
40344b: c9 leave
40344c: c2 04 00 ret $0x4
0040344f <_DbgUiApiPortThread@4>:
40344f: 55 push %ebp
403450: 89 e5 mov %esp,%ebp
403452: 57 push %edi
403453: 81 ec 64 01 00 00 sub $0x164,%esp
403459: c7 45 f4 00 00 00 00 movl $0x0,0xfffffff4(%ebp)
403460: 8d bd 98 fe ff ff lea 0xfffffe98(%ebp),%edi
403466: fc cld
403467: ba 00 00 00 00 mov $0x0,%edx
40346c: b8 52 00 00 00 mov $0x52,%eax
403471: 89 c1 mov %eax,%ecx
403473: 89 d0 mov %edx,%eax
403475: f3 ab repz stos %eax,%es:(%edi)
403477: 83 ec 08 sub $0x8,%esp
40347a: 8d 85 98 fe ff ff lea 0xfffffe98(%ebp),%eax
403480: 50 push %eax
403481: ff 35 54 60 40 00 pushl 0x406054
403487: e8 54 07 00 00 call 403be0 <_NtListenPort@8>
40348c: 83 c4 08 add $0x8,%esp
40348f: 89 45 f4 mov %eax,0xfffffff4(%ebp)
403492: 83 7d f4 00 cmpl $0x0,0xfffffff4(%ebp)
403496: 79 df jns 403477 <_DbgUiApiPortThread@4+0x28>
403498: 83 ec 04 sub $0x4,%esp
40349b: 6a 48 push $0x48
40349d: 68 a0 5d 40 00 push $0x405da0
4034a2: 68 a8 5d 40 00 push $0x405da8
4034a7: e8 34 05 00 00 call 4039e0 <_DbgPrint>
4034ac: 83 c4 10 add $0x10,%esp
4034af: 83 ec 04 sub $0x4,%esp
4034b2: ff 75 f4 pushl 0xfffffff4(%ebp)
4034b5: 68 11 5e 40 00 push $0x405e11
4034ba: 68 e0 5d 40 00 push $0x405de0
4034bf: e8 1c 05 00 00 call 4039e0 <_DbgPrint>
4034c4: 83 c4 10 add $0x10,%esp
4034c7: 83 ec 08 sub $0x8,%esp
4034ca: ff 75 f4 pushl 0xfffffff4(%ebp)
4034cd: 6a fe push $0xfffffffe
4034cf: e8 ac 04 00 00 call 403980 <_NtTerminateThread@8>
4034d4: 83 c4 08 add $0x8,%esp
4034d7: 8b 7d fc mov 0xfffffffc(%ebp),%edi
4034da: c9 leave
4034db: c2 04 00 ret $0x4
004034de <_SmpCreatePT@28>:
4034de: 55 push %ebp
4034df: 89 e5 mov %esp,%ebp
4034e1: 83 ec 58 sub $0x58,%esp
4034e4: c7 45 f4 00 00 00 00 movl $0x0,0xfffffff4(%ebp)
4034eb: c7 45 e8 00 00 00 00 movl $0x0,0xffffffe8(%ebp)
4034f2: c7 45 ec 00 00 00 00 movl $0x0,0xffffffec(%ebp)
4034f9: c7 45 c4 00 00 00 00 movl $0x0,0xffffffc4(%ebp)
403500: c7 45 b8 00 00 00 00 movl $0x0,0xffffffb8(%ebp)
403507: c7 45 bc 00 00 00 00 movl $0x0,0xffffffbc(%ebp)
40350e: 83 ec 08 sub $0x8,%esp
403511: ff 75 0c pushl 0xc(%ebp)
403514: 8d 45 e8 lea 0xffffffe8(%ebp),%eax
403517: 50 push %eax
403518: e8 73 04 00 00 call 403990 <_RtlInitUnicodeString@8>
40351d: 83 c4 08 add $0x8,%esp
403520: c7 45 c8 18 00 00 00 movl $0x18,0xffffffc8(%ebp)
403527: 8d 45 e8 lea 0xffffffe8(%ebp),%eax
40352a: 89 45 d0 mov %eax,0xffffffd0(%ebp)
40352d: c7 45 d4 01 00 00 00 movl $0x1,0xffffffd4(%ebp)
403534: c7 45 cc 00 00 00 00 movl $0x0,0xffffffcc(%ebp)
40353b: c7 45 d8 00 00 00 00 movl $0x0,0xffffffd8(%ebp)
403542: c7 45 dc 00 00 00 00 movl $0x0,0xffffffdc(%ebp)
403549: 83 ec 0c sub $0xc,%esp
40354c: ff 75 18 pushl 0x18(%ebp)
40354f: ff 75 14 pushl 0x14(%ebp)
403552: ff 75 10 pushl 0x10(%ebp)
403555: 8d 45 c8 lea 0xffffffc8(%ebp),%eax
403558: 50 push %eax
403559: ff 75 08 pushl 0x8(%ebp)
40355c: e8 8f 06 00 00 call 403bf0 <_NtCreatePort@20>
403561: 83 c4 0c add $0xc,%esp
403564: 89 45 f4 mov %eax,0xfffffff4(%ebp)
403567: 83 7d f4 00 cmpl $0x0,0xfffffff4(%ebp)
40356b: 74 08 je 403575 <_SmpCreatePT@28+0x97>
40356d: 8b 45 f4 mov 0xfffffff4(%ebp),%eax
403570: 89 45 b4 mov %eax,0xffffffb4(%ebp)
403573: eb 56 jmp 4035cb <_SmpCreatePT@28+0xed>
403575: 83 ec 08 sub $0x8,%esp
403578: 8d 45 b8 lea 0xffffffb8(%ebp),%eax
40357b: 50 push %eax
40357c: 8d 45 c4 lea 0xffffffc4(%ebp),%eax
40357f: 50 push %eax
403580: ff 75 08 pushl 0x8(%ebp)
403583: ff 75 1c pushl 0x1c(%ebp)
403586: 6a 00 push $0x0
403588: 6a 00 push $0x0
40358a: 6a 00 push $0x0
40358c: 6a 00 push $0x0
40358e: 6a 00 push $0x0
403590: 6a ff push $0xffffffff
403592: e8 39 06 00 00 call 403bd0 <_RtlCreateUserThread@40>
403597: 83 c4 08 add $0x8,%esp
40359a: 83 7d c4 00 cmpl $0x0,0xffffffc4(%ebp)
40359e: 75 17 jne 4035b7 <_SmpCreatePT@28+0xd9>
4035a0: 83 ec 0c sub $0xc,%esp
4035a3: 8b 45 08 mov 0x8(%ebp),%eax
4035a6: ff 30 pushl (%eax)
4035a8: e8 23 04 00 00 call 4039d0 <_NtClose@4>
4035ad: 83 c4 0c add $0xc,%esp
4035b0: c7 45 f4 01 00 00 c0 movl $0xc0000001,0xfffffff4(%ebp)
4035b7: 83 7d 20 00 cmpl $0x0,0x20(%ebp)
4035bb: 74 08 je 4035c5 <_SmpCreatePT@28+0xe7>
4035bd: 8b 55 20 mov 0x20(%ebp),%edx
4035c0: 8b 45 c4 mov 0xffffffc4(%ebp),%eax
4035c3: 89 02 mov %eax,(%edx)
4035c5: 8b 45 f4 mov 0xfffffff4(%ebp),%eax
4035c8: 89 45 b4 mov %eax,0xffffffb4(%ebp)
4035cb: 8b 45 b4 mov 0xffffffb4(%ebp),%eax
4035ce: c9 leave
4035cf: c2 1c 00 ret $0x1c
004035d2 <_SmInitializeDbgSs>:
4035d2: 55 push %ebp
4035d3: 89 e5 mov %esp,%ebp
4035d5: 83 ec 18 sub $0x18,%esp
4035d8: c7 45 fc 00 00 00 00 movl $0x0,0xfffffffc(%ebp)
4035df: c7 45 f8 00 00 00 00 movl $0x0,0xfffffff8(%ebp)
4035e6: 83 ec 04 sub $0x4,%esp
4035e9: 8d 45 f8 lea 0xfffffff8(%ebp),%eax
4035ec: 50 push %eax
4035ed: 68 c0 33 40 00 push $0x4033c0
4035f2: 6a 00 push $0x0
4035f4: 6a 00 push $0x0
4035f6: 6a 00 push $0x0
4035f8: 68 24 5e 40 00 push $0x405e24
4035fd: 68 50 60 40 00 push $0x406050
403602: e8 d7 fe ff ff call 4034de <_SmpCreatePT@28>
403607: 83 c4 04 add $0x4,%esp
40360a: 89 45 fc mov %eax,0xfffffffc(%ebp)
40360d: 83 7d fc 00 cmpl $0x0,0xfffffffc(%ebp)
403611: 79 08 jns 40361b <_SmInitializeDbgSs+0x49>
403613: 8b 45 fc mov 0xfffffffc(%ebp),%eax
403616: 89 45 f4 mov %eax,0xfffffff4(%ebp)
403619: eb 59 jmp 403674 <_SmInitializeDbgSs+0xa2>
40361b: 83 ec 04 sub $0x4,%esp
40361e: 6a 00 push $0x0
403620: 68 4f 34 40 00 push $0x40344f
403625: 6a 00 push $0x0
403627: 6a 00 push $0x0
403629: 6a 00 push $0x0
40362b: 68 40 5e 40 00 push $0x405e40
403630: 68 54 60 40 00 push $0x406054
403635: e8 a4 fe ff ff call 4034de <_SmpCreatePT@28>
40363a: 83 c4 04 add $0x4,%esp
40363d: 89 45 fc mov %eax,0xfffffffc(%ebp)
403640: 83 7d fc 00 cmpl $0x0,0xfffffffc(%ebp)
403644: 79 27 jns 40366d <_SmInitializeDbgSs+0x9b>
403646: 83 ec 0c sub $0xc,%esp
403649: ff 75 f8 pushl 0xfffffff8(%ebp)
40364c: e8 7f 03 00 00 call 4039d0 <_NtClose@4>
403651: 83 c4 0c add $0xc,%esp
403654: 83 ec 0c sub $0xc,%esp
403657: ff 35 50 60 40 00 pushl 0x406050
40365d: e8 6e 03 00 00 call 4039d0 <_NtClose@4>
403662: 83 c4 0c add $0xc,%esp
403665: 8b 45 fc mov 0xfffffffc(%ebp),%eax
403668: 89 45 f4 mov %eax,0xfffffff4(%ebp)
40366b: eb 07 jmp 403674 <_SmInitializeDbgSs+0xa2>
40366d: c7 45 f4 00 00 00 00 movl $0x0,0xfffffff4(%ebp)
403674: 8b 45 f4 mov 0xfffffff4(%ebp),%eax
403677: c9 leave
403678: c3 ret
403679: 90 nop
40367a: 90 nop
40367b: 90 nop
40367c: 90 nop
40367d: 90 nop
40367e: 90 nop
40367f: 90 nop
00403680 <_DisplayString@4>:
403680: 55 push %ebp
403681: 89 e5 mov %esp,%ebp
403683: 83 ec 08 sub $0x8,%esp
403686: 83 ec 08 sub $0x8,%esp
403689: ff 75 08 pushl 0x8(%ebp)
40368c: 8d 45 f8 lea 0xfffffff8(%ebp),%eax
40368f: 50 push %eax
403690: e8 fb 02 00 00 call 403990 <_RtlInitUnicodeString@8>
403695: 83 c4 08 add $0x8,%esp
403698: 83 ec 0c sub $0xc,%esp
40369b: 8d 45 f8 lea 0xfffffff8(%ebp),%eax
40369e: 50 push %eax
40369f: e8 1c 06 00 00 call 403cc0 <_ZwDisplayString@4>
4036a4: 83 c4 0c add $0xc,%esp
4036a7: c9 leave
4036a8: c2 04 00 ret $0x4
004036ab <_PrintString@0>:
4036ab: 55 push %ebp
4036ac: 89 e5 mov %esp,%ebp
4036ae: 81 ec 28 02 00 00 sub $0x228,%esp
4036b4: 8d 45 0c lea 0xc(%ebp),%eax
4036b7: 89 85 f4 fd ff ff mov %eax,0xfffffdf4(%ebp)
4036bd: 83 ec 04 sub $0x4,%esp
4036c0: ff b5 f4 fd ff ff pushl 0xfffffdf4(%ebp)
4036c6: ff 75 08 pushl 0x8(%ebp)
4036c9: 8d 85 f8 fd ff ff lea 0xfffffdf8(%ebp),%eax
4036cf: 50 push %eax
4036d0: e8 2b 06 00 00 call 403d00 <_vsprintf>
4036d5: 83 c4 10 add $0x10,%esp
4036d8: 83 ec 08 sub $0x8,%esp
4036db: 8d 85 f8 fd ff ff lea 0xfffffdf8(%ebp),%eax
4036e1: 50 push %eax
4036e2: 8d 85 e0 fd ff ff lea 0xfffffde0(%ebp),%eax
4036e8: 50 push %eax
4036e9: e8 e2 05 00 00 call 403cd0 <_RtlInitAnsiString@8>
4036ee: 83 c4 08 add $0x8,%esp
4036f1: 83 ec 04 sub $0x4,%esp
4036f4: 6a 01 push $0x1
4036f6: 8d 85 e0 fd ff ff lea 0xfffffde0(%ebp),%eax
4036fc: 50 push %eax
4036fd: 8d 85 e8 fd ff ff lea 0xfffffde8(%ebp),%eax
403703: 50 push %eax
403704: e8 d7 05 00 00 call 403ce0 <_RtlAnsiStringToUnicodeString@12>
403709: 83 c4 04 add $0x4,%esp
40370c: 83 ec 0c sub $0xc,%esp
40370f: 8d 85 e8 fd ff ff lea 0xfffffde8(%ebp),%eax
403715: 50 push %eax
403716: e8 d5 05 00 00 call 403cf0 <_NtDisplayString@4>
40371b: 83 c4 0c add $0xc,%esp
40371e: 83 ec 0c sub $0xc,%esp
403721: 8d 85 e8 fd ff ff lea 0xfffffde8(%ebp),%eax
403727: 50 push %eax
403728: e8 13 04 00 00 call 403b40 <_RtlFreeUnicodeString@4>
40372d: 83 c4 0c add $0xc,%esp
403730: c9 leave
403731: c3 ret
403732: 90 nop
403733: 90 nop
403734: 90 nop
403735: 90 nop
403736: 90 nop
403737: 90 nop
403738: 90 nop
403739: 90 nop
40373a: 90 nop
40373b: 90 nop
40373c: 90 nop
40373d: 90 nop
40373e: 90 nop
40373f: 90 nop
00403740 <_SmConnectApiPort@16>:
403740: 55 push %ebp
403741: 89 e5 mov %esp,%ebp
403743: 57 push %edi
403744: 81 ec 44 01 00 00 sub $0x144,%esp
40374a: 8b 45 10 mov 0x10(%ebp),%eax
40374d: 66 89 45 f6 mov %ax,0xfffffff6(%ebp)
403751: c7 45 d4 00 00 00 00 movl $0x0,0xffffffd4(%ebp)
403758: 8d bd c8 fe ff ff lea 0xfffffec8(%ebp),%edi
40375e: fc cld
40375f: ba 00 00 00 00 mov $0x0,%edx
403764: b8 3d 00 00 00 mov $0x3d,%eax
403769: 89 c1 mov %eax,%ecx
40376b: 89 d0 mov %edx,%eax
40376d: f3 ab repz stos %eax,%es:(%edi)
40376f: c7 85 c4 fe ff ff 00 movl $0x0,0xfffffec4(%ebp)
403776: 00 00 00
403779: 83 7d 08 00 cmpl $0x0,0x8(%ebp)
40377d: 0f 84 90 00 00 00 je 403813 <_SmConnectApiPort@16+0xd3>
403783: 8b 45 08 mov 0x8(%ebp),%eax
403786: 66 81 38 f0 00 cmpw $0xf0,(%eax)
40378b: 76 0f jbe 40379c <_SmConnectApiPort@16+0x5c>
40378d: c7 85 c0 fe ff ff ef movl $0xc00000ef,0xfffffec0(%ebp)
403794: 00 00 c0
403797: e9 ed 00 00 00 jmp 403889 <_SmConnectApiPort@16+0x149>
40379c: 83 7d 0c 00 cmpl $0x0,0xc(%ebp)
4037a0: 74 07 je 4037a9 <_SmConnectApiPort@16+0x69>
4037a2: 66 83 7d f6 00 cmpw $0x0,0xfffffff6(%ebp)
4037a7: 75 0f jne 4037b8 <_SmConnectApiPort@16+0x78>
4037a9: c7 85 c0 fe ff ff 30 movl $0xc0000030,0xfffffec0(%ebp)
4037b0: 00 00 c0
4037b3: e9 d1 00 00 00 jmp 403889 <_SmConnectApiPort@16+0x149>
4037b8: 83 ec 08 sub $0x8,%esp
4037bb: 68 f4 00 00 00 push $0xf4
4037c0: 8d 85 c8 fe ff ff lea 0xfffffec8(%ebp),%eax
4037c6: 50 push %eax
4037c7: e8 54 02 00 00 call 403a20 <_RtlZeroMemory@8>
4037cc: 83 c4 08 add $0x8,%esp
4037cf: 66 c7 85 ca fe ff ff movw $0x0,0xfffffeca(%ebp)
4037d6: 00 00
4037d8: 66 8b 45 f6 mov 0xfffffff6(%ebp),%ax
4037dc: 66 89 85 c8 fe ff ff mov %ax,0xfffffec8(%ebp)
4037e3: 8b 45 08 mov 0x8(%ebp),%eax
4037e6: 66 83 38 00 cmpw $0x0,(%eax)
4037ea: 74 27 je 403813 <_SmConnectApiPort@16+0xd3>
4037ec: 83 ec 04 sub $0x4,%esp
4037ef: 8b 45 08 mov 0x8(%ebp),%eax
4037f2: 66 8b 00 mov (%eax),%ax
4037f5: 25 ff ff 00 00 and $0xffff,%eax
4037fa: 50 push %eax
4037fb: 8b 45 08 mov 0x8(%ebp),%eax
4037fe: ff 70 04 pushl 0x4(%eax)
403801: 8d 85 c8 fe ff ff lea 0xfffffec8(%ebp),%eax
403807: 83 c0 04 add $0x4,%eax
40380a: 50 push %eax
40380b: e8 90 02 00 00 call 403aa0 <_memcpy>
403810: 83 c4 10 add $0x10,%esp
403813: c7 85 c4 fe ff ff f4 movl $0xf4,0xfffffec4(%ebp)
40381a: 00 00 00
40381d: c7 45 d8 0c 00 00 00 movl $0xc,0xffffffd8(%ebp)
403824: c7 45 dc 01 00 00 00 movl $0x1,0xffffffdc(%ebp)
40382b: c6 45 e0 01 movb $0x1,0xffffffe0(%ebp)
40382f: c6 45 e1 01 movb $0x1,0xffffffe1(%ebp)
403833: 83 ec 08 sub $0x8,%esp
403836: 68 60 5e 40 00 push $0x405e60
40383b: 8d 45 e8 lea 0xffffffe8(%ebp),%eax
40383e: 50 push %eax
40383f: e8 4c 01 00 00 call 403990 <_RtlInitUnicodeString@8>
403844: 83 c4 08 add $0x8,%esp
403847: 8d 85 c4 fe ff ff lea 0xfffffec4(%ebp),%eax
40384d: 50 push %eax
40384e: 8d 85 c8 fe ff ff lea 0xfffffec8(%ebp),%eax
403854: 50 push %eax
403855: 6a 00 push $0x0
403857: 6a 00 push $0x0
403859: 6a 00 push $0x0
40385b: 8d 45 d8 lea 0xffffffd8(%ebp),%eax
40385e: 50 push %eax
40385f: 8d 45 e8 lea 0xffffffe8(%ebp),%eax
403862: 50 push %eax
403863: ff 75 14 pushl 0x14(%ebp)
403866: e8 25 03 00 00 call 403b90 <_NtConnectPort@32>
40386b: 89 45 d4 mov %eax,0xffffffd4(%ebp)
40386e: 83 7d d4 00 cmpl $0x0,0xffffffd4(%ebp)
403872: 78 0c js 403880 <_SmConnectApiPort@16+0x140>
403874: c7 85 c0 fe ff ff 00 movl $0x0,0xfffffec0(%ebp)
40387b: 00 00 00
40387e: eb 09 jmp 403889 <_SmConnectApiPort@16+0x149>
403880: 8b 45 d4 mov 0xffffffd4(%ebp),%eax
403883: 89 85 c0 fe ff ff mov %eax,0xfffffec0(%ebp)
403889: 8b 85 c0 fe ff ff mov 0xfffffec0(%ebp),%eax
40388f: 8b 7d fc mov 0xfffffffc(%ebp),%edi
403892: c9 leave
403893: c2 10 00 ret $0x10
403896: 90 nop
403897: 90 nop
403898: 90 nop
403899: 90 nop
40389a: 90 nop
40389b: 90 nop
40389c: 90 nop
40389d: 90 nop
40389e: 90 nop
40389f: 90 nop
004038a0 <_SmExecuteProgram@8>:
4038a0: 55 push %ebp
4038a1: 89 e5 mov %esp,%ebp
4038a3: 81 ec 98 00 00 00 sub $0x98,%esp
4038a9: 8b 45 0c mov 0xc(%ebp),%eax
4038ac: 66 83 38 40 cmpw $0x40,(%eax)
4038b0: 76 0f jbe 4038c1 <_SmExecuteProgram@8+0x21>
4038b2: c7 85 74 ff ff ff 0d movl $0xc000000d,0xffffff74(%ebp)
4038b9: 00 00 c0
4038bc: e9 a4 00 00 00 jmp 403965 <_SmExecuteProgram@8+0xc5>
4038c1: 83 ec 08 sub $0x8,%esp
4038c4: 6a 6c push $0x6c
4038c6: 8d 85 78 ff ff ff lea 0xffffff78(%ebp),%eax
4038cc: 50 push %eax
4038cd: e8 4e 01 00 00 call 403a20 <_RtlZeroMemory@8>
4038d2: 83 c4 08 add $0x8,%esp
4038d5: 8b 45 0c mov 0xc(%ebp),%eax
4038d8: 66 8b 00 mov (%eax),%ax
4038db: 25 ff ff 00 00 and $0xffff,%eax
4038e0: 89 45 98 mov %eax,0xffffff98(%ebp)
4038e3: 83 ec 04 sub $0x4,%esp
4038e6: 8b 45 0c mov 0xc(%ebp),%eax
4038e9: 66 8b 00 mov (%eax),%ax
4038ec: 25 ff ff 00 00 and $0xffff,%eax
4038f1: 50 push %eax
4038f2: 8b 45 0c mov 0xc(%ebp),%eax
4038f5: ff 70 04 pushl 0x4(%eax)
4038f8: 8d 85 78 ff ff ff lea 0xffffff78(%ebp),%eax
4038fe: 83 c0 24 add $0x24,%eax
403901: 50 push %eax
403902: e8 99 01 00 00 call 403aa0 <_memcpy>
403907: 83 c4 10 add $0x10,%esp
40390a: c7 45 90 04 00 00 00 movl $0x4,0xffffff90(%ebp)
403911: 66 c7 85 7c ff ff ff movw $0x0,0xffffff7c(%ebp)
403918: 00 00
40391a: 66 c7 85 78 ff ff ff movw $0x54,0xffffff78(%ebp)
403921: 54 00
403923: 66 c7 85 7a ff ff ff movw $0x6c,0xffffff7a(%ebp)
40392a: 6c 00
40392c: 83 ec 04 sub $0x4,%esp
40392f: 8d 85 78 ff ff ff lea 0xffffff78(%ebp),%eax
403935: 50 push %eax
403936: 8d 85 78 ff ff ff lea 0xffffff78(%ebp),%eax
40393c: 50 push %eax
40393d: ff 75 08 pushl 0x8(%ebp)
403940: e8 cb 03 00 00 call 403d10 <_NtRequestWaitReplyPort@12>
403945: 83 c4 04 add $0x4,%esp
403948: 89 45 f4 mov %eax,0xfffffff4(%ebp)
40394b: 83 7d f4 00 cmpl $0x0,0xfffffff4(%ebp)
40394f: 78 0b js 40395c <_SmExecuteProgram@8+0xbc>
403951: 8b 45 94 mov 0xffffff94(%ebp),%eax
403954: 89 85 74 ff ff ff mov %eax,0xffffff74(%ebp)
40395a: eb 09 jmp 403965 <_SmExecuteProgram@8+0xc5>
40395c: 8b 45 f4 mov 0xfffffff4(%ebp),%eax
40395f: 89 85 74 ff ff ff mov %eax,0xffffff74(%ebp)
403965: 8b 85 74 ff ff ff mov 0xffffff74(%ebp),%eax
40396b: c9 leave
40396c: c2 08 00 ret $0x8
40396f: 90 nop
00403970 <_NtQueryInformationProcess@20>:
403970: ff 25 68 71 40 00 jmp *0x407168
403976: 90 nop
403977: 90 nop
...
00403980 <_NtTerminateThread@8>:
403980: ff 25 80 71 40 00 jmp *0x407180
403986: 90 nop
403987: 90 nop
...
00403990 <_RtlInitUnicodeString@8>:
403990: ff 25 c4 71 40 00 jmp *0x4071c4
403996: 90 nop
403997: 90 nop
...
004039a0 <_NtOpenEvent@12>:
4039a0: ff 25 58 71 40 00 jmp *0x407158
4039a6: 90 nop
4039a7: 90 nop
...
004039b0 <_NtPulseEvent@8>:
4039b0: ff 25 64 71 40 00 jmp *0x407164
4039b6: 90 nop
4039b7: 90 nop
...
004039c0 <_NtWaitForSingleObject@12>:
4039c0: ff 25 84 71 40 00 jmp *0x407184
4039c6: 90 nop
4039c7: 90 nop
...
004039d0 <_NtClose@4>:
4039d0: ff 25 2c 71 40 00 jmp *0x40712c
4039d6: 90 nop
4039d7: 90 nop
...
004039e0 <_DbgPrint>:
4039e0: ff 25 20 71 40 00 jmp *0x407120
4039e6: 90 nop
4039e7: 90 nop
...
004039f0 <_RtlCreateHeap@24>:
4039f0: ff 25 98 71 40 00 jmp *0x407198
4039f6: 90 nop
4039f7: 90 nop
...
00403a00 <_RtlCreateEnvironment@8>:
403a00: ff 25 94 71 40 00 jmp *0x407194
403a06: 90 nop
403a07: 90 nop
...
00403a10 <_RtlSetEnvironmentVariable@12>:
403a10: ff 25 d4 71 40 00 jmp *0x4071d4
403a16: 90 nop
403a17: 90 nop
...
00403a20 <_RtlZeroMemory@8>:
403a20: ff 25 d8 71 40 00 jmp *0x4071d8
403a26: 90 nop
403a27: 90 nop
...
00403a30 <_RtlQueryRegistryValues@20>:
403a30: ff 25 d0 71 40 00 jmp *0x4071d0
403a36: 90 nop
403a37: 90 nop
...
00403a40 <_wcscpy>:
403a40: ff 25 00 72 40 00 jmp *0x407200
403a46: 90 nop
403a47: 90 nop
...
00403a50 <_ZwCreateDirectoryObject@12>:
403a50: ff 25 dc 71 40 00 jmp *0x4071dc
403a56: 90 nop
403a57: 90 nop
...
00403a60 <_NtCreateSymbolicLinkObject@16>:
403a60: ff 25 48 71 40 00 jmp *0x407148
403a66: 90 nop
403a67: 90 nop
...
00403a70 <_swprintf>:
403a70: ff 25 f0 71 40 00 jmp *0x4071f0
403a76: 90 nop
403a77: 90 nop
...
00403a80 <_wcscat>:
403a80: ff 25 f8 71 40 00 jmp *0x4071f8
403a86: 90 nop
403a87: 90 nop
...
00403a90 <_wcslen>:
403a90: ff 25 04 72 40 00 jmp *0x407204
403a96: 90 nop
403a97: 90 nop
...
00403aa0 <_memcpy>:
403aa0: ff 25 ec 71 40 00 jmp *0x4071ec
403aa6: 90 nop
403aa7: 90 nop
...
00403ab0 <_wcschr>:
403ab0: ff 25 fc 71 40 00 jmp *0x4071fc
403ab6: 90 nop
403ab7: 90 nop
...
00403ac0 <_NtOpenFile@24>:
403ac0: ff 25 5c 71 40 00 jmp *0x40715c
403ac6: 90 nop
403ac7: 90 nop
...
00403ad0 <_LdrVerifyImageMatchesChecksum@16>:
403ad0: ff 25 24 71 40 00 jmp *0x407124
403ad6: 90 nop
403ad7: 90 nop
...
00403ae0 <_NtRaiseHardError@24>:
403ae0: ff 25 70 71 40 00 jmp *0x407170
403ae6: 90 nop
403ae7: 90 nop
...
00403af0 <_NtCreateSection@28>:
403af0: ff 25 44 71 40 00 jmp *0x407144
403af6: 90 nop
403af7: 90 nop
...
00403b00 <_NtCreateDirectoryObject@12>:
403b00: ff 25 38 71 40 00 jmp *0x407138
403b06: 90 nop
403b07: 90 nop
...
00403b10 <_RtlDosPathNameToNtPathName_U@16>:
403b10: ff 25 ac 71 40 00 jmp *0x4071ac
403b16: 90 nop
403b17: 90 nop
...
00403b20 <__wcsicmp>:
403b20: ff 25 e8 71 40 00 jmp *0x4071e8
403b26: 90 nop
403b27: 90 nop
...
00403b30 <_NtCreatePagingFile@16>:
403b30: ff 25 3c 71 40 00 jmp *0x40713c
403b36: 90 nop
403b37: 90 nop
...
00403b40 <_RtlFreeUnicodeString@4>:
403b40: ff 25 bc 71 40 00 jmp *0x4071bc
403b46: 90 nop
403b47: 90 nop
...
00403b50 <_RtlCheckRegistryKey@8>:
403b50: ff 25 90 71 40 00 jmp *0x407190
403b56: 90 nop
403b57: 90 nop
...
00403b60 <_wcstoul>:
403b60: ff 25 08 72 40 00 jmp *0x407208
403b66: 90 nop
403b67: 90 nop
...
00403b70 <_NtSetSystemInformation@12>:
403b70: ff 25 7c 71 40 00 jmp *0x40717c
403b76: 90 nop
403b77: 90 nop
...
00403b80 <_NtInitializeRegistry@4>:
403b80: ff 25 50 71 40 00 jmp *0x407150
403b86: 90 nop
403b87: 90 nop
...
00403b90 <_NtConnectPort@32>:
403b90: ff 25 34 71 40 00 jmp *0x407134
403b96: 90 nop
403b97: 90 nop
...
00403ba0 <_NtReplyWaitReceivePort@16>:
403ba0: ff 25 74 71 40 00 jmp *0x407174
403ba6: 90 nop
403ba7: 90 nop
...
00403bb0 <_NtAcceptConnectPort@24>:
403bb0: ff 25 28 71 40 00 jmp *0x407128
403bb6: 90 nop
403bb7: 90 nop
...
00403bc0 <_NtCompleteConnectPort@4>:
403bc0: ff 25 30 71 40 00 jmp *0x407130
403bc6: 90 nop
403bc7: 90 nop
...
00403bd0 <_RtlCreateUserThread@40>:
403bd0: ff 25 a4 71 40 00 jmp *0x4071a4
403bd6: 90 nop
403bd7: 90 nop
...
00403be0 <_NtListenPort@8>:
403be0: ff 25 54 71 40 00 jmp *0x407154
403be6: 90 nop
403be7: 90 nop
...
00403bf0 <_NtCreatePort@20>:
403bf0: ff 25 40 71 40 00 jmp *0x407140
403bf6: 90 nop
403bf7: 90 nop
...
00403c00 <_RtlCreateProcessParameters@40>:
403c00: ff 25 9c 71 40 00 jmp *0x40719c
403c06: 90 nop
403c07: 90 nop
...
00403c10 <_RtlCreateUserProcess@40>:
403c10: ff 25 a0 71 40 00 jmp *0x4071a0
403c16: 90 nop
403c17: 90 nop
...
00403c20 <_RtlDestroyProcessParameters@4>:
403c20: ff 25 a8 71 40 00 jmp *0x4071a8
403c26: 90 nop
403c27: 90 nop
...
00403c30 <_ZwResumeThread@8>:
403c30: ff 25 e4 71 40 00 jmp *0x4071e4
403c36: 90 nop
403c37: 90 nop
...
00403c40 <_NtOpenKey@12>:
403c40: ff 25 60 71 40 00 jmp *0x407160
403c46: 90 nop
403c47: 90 nop
...
00403c50 <_NtQueryValueKey@24>:
403c50: ff 25 6c 71 40 00 jmp *0x40716c
403c56: 90 nop
403c57: 90 nop
...
00403c60 <_RtlExpandEnvironmentStrings_U@16>:
403c60: ff 25 b4 71 40 00 jmp *0x4071b4
403c66: 90 nop
403c67: 90 nop
...
00403c70 <_RtlInitializeCriticalSection@4>:
403c70: ff 25 c8 71 40 00 jmp *0x4071c8
403c76: 90 nop
403c77: 90 nop
...
00403c80 <_RtlEnterCriticalSection@4>:
403c80: ff 25 b0 71 40 00 jmp *0x4071b0
403c86: 90 nop
403c87: 90 nop
...
00403c90 <_RtlLeaveCriticalSection@4>:
403c90: ff 25 cc 71 40 00 jmp *0x4071cc
403c96: 90 nop
403c97: 90 nop
...
00403ca0 <_RtlAllocateHeap@12>:
403ca0: ff 25 88 71 40 00 jmp *0x407188
403ca6: 90 nop
403ca7: 90 nop
...
00403cb0 <_RtlFreeHeap@12>:
403cb0: ff 25 b8 71 40 00 jmp *0x4071b8
403cb6: 90 nop
403cb7: 90 nop
...
00403cc0 <_ZwDisplayString@4>:
403cc0: ff 25 e0 71 40 00 jmp *0x4071e0
403cc6: 90 nop
403cc7: 90 nop
...
00403cd0 <_RtlInitAnsiString@8>:
403cd0: ff 25 c0 71 40 00 jmp *0x4071c0
403cd6: 90 nop
403cd7: 90 nop
...
00403ce0 <_RtlAnsiStringToUnicodeString@12>:
403ce0: ff 25 8c 71 40 00 jmp *0x40718c
403ce6: 90 nop
403ce7: 90 nop
...
00403cf0 <_NtDisplayString@4>:
403cf0: ff 25 4c 71 40 00 jmp *0x40714c
403cf6: 90 nop
403cf7: 90 nop
...
00403d00 <_vsprintf>:
403d00: ff 25 f4 71 40 00 jmp *0x4071f4
403d06: 90 nop
403d07: 90 nop
...
00403d10 <_NtRequestWaitReplyPort@12>:
403d10: ff 25 78 71 40 00 jmp *0x407178
403d16: 90 nop
403d17: 90 nop
...
00403d20 <___chkstk>:
403d20: 51 push %ecx
403d21: 89 e1 mov %esp,%ecx
403d23: 83 c1 08 add $0x8,%ecx
00403d26 <probe>:
403d26: 3d 00 10 00 00 cmp $0x1000,%eax
403d2b: 72 10 jb 403d3d <done>
403d2d: 81 e9 00 10 00 00 sub $0x1000,%ecx
403d33: 83 09 00 orl $0x0,(%ecx)
403d36: 2d 00 10 00 00 sub $0x1000,%eax
403d3b: eb e9 jmp 403d26 <probe>
00403d3d <done>:
403d3d: 29 c1 sub %eax,%ecx
403d3f: 83 09 00 orl $0x0,(%ecx)
403d42: 89 e0 mov %esp,%eax
403d44: 89 cc mov %ecx,%esp
403d46: 8b 08 mov (%eax),%ecx
403d48: 8b 40 04 mov 0x4(%eax),%eax
403d4b: ff e0 jmp *%eax
403d4d: 90 nop
403d4e: 90 nop
403d4f: 90 nop
00403d50 <__CTOR_LIST__>:
403d50: ff (bad)
403d51: ff (bad)
403d52: ff (bad)
403d53: ff 00 incl (%eax)
403d55: 00 00 add %al,(%eax)
...
00403d58 <__DTOR_LIST__>:
403d58: ff (bad)
403d59: ff (bad)
403d5a: ff (bad)
403d5b: ff 00 incl (%eax)
403d5d: 00 00 add %al,(%eax)
...
14 Apr
14 Apr
7:12 p.m.
Hi
I'm getting a similar crash under QEmu.
Cheers
Jason
On 4/14/05, Gedi <gedi(a)ntlworld.com> wrote:
Source taken from HEAD just before Casper took it down
for the rebuild.
Initially it was hanging just after the splash so I rebuilt with DGB to
see if I could glean more info.
Now it crashes upon install, just before it goes to the GUI config.
Here is a sceenshot of the crash
http://homepage.ntlworld.com/gedmurphy/crash.jpg
I have attached the map files for smss. I would have stuck on one for
ntoskrnl too, but it's a little large.
I can stick it on the along with anything else if someone wants it.
Regards,
Ged.
10:17 p.m.
On the 13th, in QEmu I had a stop due to serial.sys
http://users.libero.it/ea/ros/qemu-ros-200504130002.jpg
On IRC, Hervé said he's working on it.
Jason Filby wrote:
Hi
I'm getting a similar crash under QEmu.
Cheers
Jason
On 4/14/05, Gedi <gedi(a)ntlworld.com> wrote:
>Source taken from HEAD just before Casper took it down for the rebuild.
>
>Initially it was hanging just after the splash so I rebuilt with DGB to
>see if I could glean more info.
>
>Now it crashes upon install, just before it goes to the GUI config.
>
>Here is a sceenshot of the crash
>http://homepage.ntlworld.com/gedmurphy/crash.jpg
>
>I have attached the map files for smss. I would have stuck on one for
>ntoskrnl too, but it's a little large.
>
>
The map file is for the production SM: the one in the blue screen is the
1st stage (text) setup program (in the boot disk it get renamed to be
run by ntoskrnl with no changes).
Emanuele
7101
days inactive
7102
days old
2 comments
3 participants
participants (3)
-
ea -
Gedi -
Jason Filby