MessageBox throws Excpetion

Index > Windows > MessageBox throws Excpetion

Author

Thread

TightCoderEx

Joined: 14 Feb 2013
Posts: 58
Location: Alberta

TightCoderEx 15 Jun 2013, 18:33

Early in the development of this app I remember seeing error messages appear properly, but didn't test after each subsequent phase.

I deliberately changed @ line 41

Code:

                mov      al, sizeof.WNDCLASSEX + 7

so the error handling code @ 60 would in invokded. Otherwise, app runs as expected.

Code:

                mov     edx, RegErr
         .Err:  invoke  MessageBox, rbx, rdx, ErrTitle, MB_OK + MB_ICONSTOP
                mov     eax, 48
                jmp     .Exit

These are the details returned by WinDbg to show pointers in RDX & R8 actually point to valid data

Quote:

rcx = 0000000000000000 hWnd
rdx = 0000000000402021 lpText
r8 = 000000000040205d lpCaption
r9 = 0000000000000010 uType

00000000`00402000 44 49 53 41 53 4d 00 41-70 70 6c 69 63 61 74 69 DISASM.Applicati
00000000`00402010 6f 6e 73 20 64 69 73 61-73 73 65 6d 62 6c 65 72 ons disassembler
00000000`00402020 00 46 61 69 6c 65 64 20-74 6f 20 72 65 67 69 73 .Failed to regis
00000000`00402030 74 65 72 20 6d 61 69 6e-20 77 69 6e 64 6f 77 00 ter main window.
00000000`00402040 46 61 69 6c 65 64 20 74-6f 20 63 72 65 61 74 65 Failed to create
00000000`00402050 20 6d 61 69 6e 20 77 69-6e 64 6f 77 00 41 70 70 main window.App
00000000`00402060 6c 69 63 61 74 69 6f 6e-20 49 6e 69 74 69 61 6c lication Initial
00000000`00402070 69 7a 61 74 69 6f 6e 00-90 90 90 90 90 90 90 90 ization.........

00000000`00402021 "Failed to register main window"
00000000`0040205d "Application Initialization"

This is the error and place where app crashes

Quote:

USER32!MessageBoxTimeoutA+0x185:
00000000`77141611 e8a2fdffff call USER32!MessageBoxTimeoutW (00000000`771413b8)

(142c.17f0): Access violation - code c0000005 (first chance)
First chance exceptions are reported before any exception handling.
This exception may be expected and handled.
LPK!LpkDrawTextEx+0x315:
000007fe`fda61775 440f29842450010000 movaps xmmword ptr [rsp+150h],xmm8
ss:00000000`0006f6e8 = 000007fefed4a8e40000000001b31320

I'm running Win7 Service Pack 1

Description:	Source File	Download
Filename:	Disasm.ASM
Filesize:	3.92 KB
Downloaded:	486 Time(s)

15 Jun 2013, 18:33

bitRAKE

Joined: 21 Jul 2003
Posts: 4227
Location: vpcmpistri

bitRAKE 15 Jun 2013, 19:30

One of the primary requirements of the Win64 ABI is that the stack is aligned mod 16. This means prior to the call instruction, the lowest nibble of RSP must be zero. This differs greatly from 32-bit.

The FASM "invoke" macro assumes stack is aligned.

One way to achieve this is to only push in pairs.

Specifically, in your program, the LEAVE instruction returns RSP to the initial value on program entry. This value is 8 mod 16 because of the return value on stack.

15 Jun 2013, 19:30

bitRAKE

Joined: 21 Jul 2003
Posts: 4227
Location: vpcmpistri

bitRAKE 15 Jun 2013, 19:34

[double post]

Last edited by bitRAKE on 15 Jun 2013, 21:22; edited 1 time in total

15 Jun 2013, 19:34

TightCoderEx

Joined: 14 Feb 2013
Posts: 58
Location: Alberta

TightCoderEx 15 Jun 2013, 20:49

I do remember reading a lot about alignment of stack and structures, but brand new to Win64, so not aware of this mod 16 requirement. To fix, I just let the WNDCLASSEX frame persist just before ExitProcess and then re-align again with a push rax.

It does bring into question though, why only MessageBox as in the original version everything else worked just being qword aligned.

15 Jun 2013, 20:49

bitRAKE

Joined: 21 Jul 2003
Posts: 4227
Location: vpcmpistri

bitRAKE 15 Jun 2013, 21:21

Not all APIs use SSE moves which require alignment. AFAIK, that is the source of the requirement, but there might be others. Note the PUSH count between invoke's -- they just happen to be even. Smile

Also, note how most of the class items are constant, and it requires more bytes of code to create the structure than to just instance a structure in the data section.

hInstance is always the base address:
http://blogs.msdn.com/b/oldnewthing/archive/2004/10/25/247180.aspx
...the program can only be relocated if you include a relocation section.

The menu ID can be put in the class structure, too.

_________________
¯\(°_o)/¯ “languages are not safe - uses can be” Bjarne Stroustrup

15 Jun 2013, 21:21

TightCoderEx

Joined: 14 Feb 2013
Posts: 58
Location: Alberta

TightCoderEx 15 Jun 2013, 22:54

I had noticed that about the instance handle. On entry to the windows procedure, the stack is also misaligned, but for now it's not causing a problem so I'll just deal with whatever API accordingly if one should present a problem like MessageBox.

Quote:

Also, note how most of the class items are constant, and it requires more bytes of code to create the structure than to just instance a structure in the data section.

As a point of interest and not that I'm trying to imply my methodology is ground breaking, but it does serve as an interesting example.

Disassembly from TEMPLATE.ASM

Code:

  -  401000 4883ec08        sub     rsp,8
  -  401004 4883ec20        sub     rsp,20h
  -  401008 48c7c100000000  mov     rcx,0
  -  40100f ff1563200000    call    GetModuleHandle
  -  401015 4883c420        add     rsp,20h
  -  401019 48890529100000  mov     [00402049],rax
  -  401020 4883ec20        sub     rsp,20h
  -  401024 48c7c100000000  mov     rcx,0
  -  40102b 48c7c2007f0000  mov     rdx,7F00h
  -  401032 ff15f8200000    call    LoadIcon
  -  401038 4883c420        add     rsp,20h
  -  40103c 4889050e100000  mov     [00402051)],rax
  -  401043 4889052f100000  mov     [00402079)],rax
  -  40104a 4883ec20        sub     rsp,20h
  -  40104e 48c7c100000000  mov     rcx,0
  -  401055 48c7c2007f0000  mov     rdx,7F00h
  -  40105c ff15c6200000    call    LoadCursor
  -  401062 4883c420        add     rsp,20h
  -  401066 488905ec0f0000  mov     [00402059],rax
  -  40106d 4883ec20        sub     rsp,20h
  -  401071 48c7c131204000  mov     rcx, 00402031
  -  401078 ff15ca200000    call    RegisterClass
  -  40107e 4883c420        add     rsp,20h
  -  401082 4885c0          test    rax,rax

  =  133 bytes + bytes for WNDCLASS

Disassembly from Disasm.asm

Code:

  -  401000 55              push    rbp
  -  401001 4889e5          mov     rbp,rsp
  -  401004 31db            xor     ebx,ebx
  -  401006 ba007f0000      mov     edx,7F00h
  -  40100b 4883ec20        sub     rsp,20h
  -  40100f 4889d9          mov     rcx,rbx
  -  401012 ff1520310000    call    LoadIcon
  -  401018 4883c420        add     rsp,20h
  -  40101c 50              push    rax
  -  40101d 4989c7          mov     r15,rax
  -  401020 6800204000      push    402000
  -  401025 53              push    rbx
  -  401026 6a0d            push    0Dh
  -  401028 ba007f0000      mov     edx,7F00h
  -  40102d 4883ec20        sub     rsp,20h
  -  401031 4889d9          mov     rcx,rbx
  -  401034 ff15f6300000    call    LoadCursor
  -  40103a 4883c420        add     rsp,20h
  -  40103e 50              push    rax
  -  40103f 4157            push    r15
  -  401041 4883ec20        sub     rsp,20h
  -  401045 4889d9          mov     rcx,rbx
  -  401048 ff152a300000    call    GetModuleHandle
  -  40104e 4883c420        add     rsp,20h
  -  401052 50              push    rax
  -  401053 48890526100000  mov     [402080],rax
  -  40105a 53              push    rbx
  -  40105b 68c0114000      push    4011c0
  -  401060 b803000000      mov     eax,3
  -  401065 48c1e020        shl     rax,20h
  -  401069 b050            mov     al,50h
  -  40106b 50              push    rax
  -  40106c 89e1            mov     ecx,esp
  -  40106e 4883ec20        sub     rsp,20h
  -  401072 ff15e0300000    call    RegisterClassEx
  -  401078 4883c420        add     rsp,20h
  -  40107c 6685c0          test    ax,ax

  =  127 bytes

15 Jun 2013, 22:54

bitRAKE

Joined: 21 Jul 2003
Posts: 4227
Location: vpcmpistri

bitRAKE 15 Jun 2013, 23:07

TightCoderEx wrote:

On entry to the windows procedure, the stack is also misaligned, but for now it's not causing a problem so I'll just deal with whatever API accordingly if one should present a problem like MessageBox.

The problem with that approach is it could crash on other Win64 versions - with different alignment utility. Just something to be aware of going forward.

Looks like you've shaved off quite a few bytes.

_________________
¯\(°_o)/¯ “languages are not safe - uses can be” Bjarne Stroustrup

15 Jun 2013, 23:07

TightCoderEx

Joined: 14 Feb 2013
Posts: 58
Location: Alberta

TightCoderEx 16 Jun 2013, 00:43

Thanks for the input and I was mistaken about the misalignment in PROC. I failed to notice that the epilog macro creates at least and empty frame, thus aligning the stack.

16 Jun 2013, 00:43

spandexyfronts

Joined: 15 Sep 2013
Posts: 6

spandexyfronts 22 Sep 2013, 04:09

thanks to bitRAKE for posting such a useful tip...
aligning the stack to 16b just fixed a few problems i've been having with the invoke feature

22 Sep 2013, 04:09

< Last Thread | Next Thread >

Forum Rules:

You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum