Author
Ben321

According to documentation when you use DIV the dividend (EAX and EDX register) is always 64 bits if the divisor (operand register) is 32 bits. So what is supposed to happen if the divisor is itself EDX? Like:
```mov eax,10
mov edx,2
div edx    ```

Does it then treat the dividend as 32 bits instead of 64 bits, and avoid using EDX register as the upper 32bits of the dividend? Or does it result in some kind of unpredictable output?
01 Oct 2018, 08:52
Tomasz Grysztar
The initial value of EDX is then taken both as divisor and as the upper part of dividend. You are going to get exception 0, because (edx shl 32 +eax)/edx >= 1 shl 32 so the result cannot fit in 32 bits.
01 Oct 2018, 09:00
Furs

Tomasz Grysztar wrote:
The initial value of EDX is then taken both as divisor and as the upper part of dividend. You are going to get exception 0, because (edx shl 32 +eax)/edx >= 1 shl 32 so the result cannot fit in 32 bits.
So basically you can use it as a trap for custom exception handlers, since it will always cause an exception.
01 Oct 2018, 16:43
revolution
Furs wrote:
Tomasz Grysztar wrote:
The initial value of EDX is then taken both as divisor and as the upper part of dividend. You are going to get exception 0, because (edx shl 32 +eax)/edx >= 1 shl 32 so the result cannot fit in 32 bits.
So basically you can use it as a trap for custom exception handlers, since it will always cause an exception.
UD2
01 Oct 2018, 17:53
DimonSoft

Ben321 wrote:
```mov eax,10
mov edx,2
div edx     ```

revolution wrote:
UD2

Which stands for “U Divide by 2”
01 Oct 2018, 19:47
Furs

revolution wrote:
Furs wrote:
Tomasz Grysztar wrote:
The initial value of EDX is then taken both as divisor and as the upper part of dividend. You are going to get exception 0, because (edx shl 32 +eax)/edx >= 1 shl 32 so the result cannot fit in 32 bits.
So basically you can use it as a trap for custom exception handlers, since it will always cause an exception.
UD2
That's no fun.

You can use them as some sort of internal opcode too (i.e. exception handler performs differently with 'div edx' than with 'ud2' or others, though 1-byte invalid opcodes for userspace like 'hlt' can encode an arbitrary second byte without being larger...)

But anyway ud2 is boring.
02 Oct 2018, 15:06
revolution
Furs wrote:
But anyway ud2 is boring.
The CPU doesn't care.

There are lots of ways to cause exceptions in user mode. IN, OUT, INT3, INT 3, HLT, UD2, DIV EDX, MOV CR0,EAX, MOV DR0,EAX, etc. Each can be set to perform a different action in the exception handler. It would make the code harder to debug and reverse engineer.
02 Oct 2018, 15:55
Furs

revolution wrote:
The CPU doesn't care.

There are lots of ways to cause exceptions in user mode. IN, OUT, INT3, INT 3, HLT, UD2, DIV EDX, MOV CR0,EAX, MOV DR0,EAX, etc. Each can be set to perform a different action in the exception handler. It would make the code harder to debug and reverse engineer.
If it's your code shouldn't be harder to debug, since you can just use macros. Harder to reverse engineer is a perk.
02 Oct 2018, 16:48
revolution
Furs wrote:
If it's your code shouldn't be harder to debug, since you can just use macros.
Getting an exception in the exception handler doesn't usually end well.
03 Oct 2018, 03:10
Furs

revolution wrote:
Furs wrote:
If it's your code shouldn't be harder to debug, since you can just use macros.
Getting an exception in the exception handler doesn't usually end well.
I like to keep such exception handlers small, so most of what they do is "continue execution" at a completely different place with some ability to return to previous code.
04 Oct 2018, 18:47
