0

I am writing a service in assembly. When I call StartServiceCtrlDispatcher I get error code: 3221225477 (C0000005h) which I believe is an access violation exception.

No errors with an empty table and all table pointers are tested.

So I am thinking, maybe it is something to do with the WINAPI / sdtcall calling convention.

The call has 2 parameters so in my case they will be quad words, a total of 16 bytes. I turned stack frames off and cleaned 16 bytes on the ret and still access violation.

I have trawled the internet for posible causes, tried loads and spent hours with no success. I am hoping someone might read this and know the answer.

Maybe I do not understand the stdcall convention correctly?

Please review my test code and I look forward to your suggestions. Thank you :)

    ;¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
    .data

        szName          db  "MyTestService",0

        service_table   dq  QWORD PTR [szName]
                        dq  QWORD PTR [myServiceMain]
                        dq  0,0

    ;¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
    .code

    myServiceStart PROC
     mov rax,rv(StartServiceCtrlDispatcher,service_table)
     ret
    myServiceStart ENDP

    NOSTACKFRAME
    myServiceMain PROC
     ret 16
    myServiceMain ENDP
    STACKFRAME

    ;¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
    end
Penelope Hubble
  • 69
  • 4

1 Answers1

0

SOLVED The problem was the value of the table was being passed when it should have been the pointer to the table.

the line should read... mov rax,rv(StartServiceCtrlDispatcher,ADDR service_table)

Also, there is only one calling convention in 64 bit mode so there were no other issues discovered.

Penelope Hubble
  • 69
  • 4