0

Very similar issue like CreateProcessA function doesn't work in MASM64 (ml64.exe) , but in my case I think its not case with alignment or pointer data types in 64x. So the code is

    ;ml64.exe CreateProcessA.asm /link /subsystem:console /entry:main /LIBPATH:"C:\Program Files (x86)\Windows Kits\10\Lib\10.0.18362.0\um\x64" /defaultlib:kernel32.lib

extrn CreateProcessA : proc

PROCESS_INFORMATION    struct 
    hProcess          qword ?
    hThread           qword ?
    dwProcessId       dword ?
    dwThreadId        dword ?
PROCESS_INFORMATION    ends

STARTUPINFOA         struct
cb                  qword     sizeof ( STARTUPINFOA )        
lpReserved          qword     ?         
lpDesktop           qword     ?         
lpTitle             qword     ?         
dwX                 dword     ?         
dwY                 dword     ?         
dwXSize             dword     ?         
dwYSize             dword     ?         
dwXCountChars       dword     ?         
dwYCountChars       dword     ?         
dwFillAttribute     dword     ?         
dwFlags             dword     ?         
wShowWindow         word      ?         
cbReserved2         word      3 dup ( ? )
lpReserved2         qword     ?         
hStdInput           qword     ?         
hStdOutput          qword     ?         
hStdError           qword     ?         
STARTUPINFOA         ends

.const
NORMAL_PRIORITY_CLASS equ 020h

.data
processInfo PROCESS_INFORMATION <>
startupInfo STARTUPINFOA <>
szProcName db "C:\Windows\System32\cmd.exe", 00h

.code
    main proc
        lea rax, processInfo
        lea rbx, startupInfo

        push rax                     
        push rbx                     
        push 00h                                  
        push 00h                     
        push NORMAL_PRIORITY_CLASS   
        push 00h                     

        sub rsp, 20h
        mov r9, 00h
        mov r8, 00h
        mov rdx, 00h
        lea rcx, szProcName
        call CreateProcessA

    main endp
end

Error - Access Violation inside kernelbase.dll on

movaps xmmword ptr ss:[rsp+C0],xmm0

can someone clarify what is wrong with the my code?

Slava
  • 13
  • 1
  • 3
  • A memory access instruction that targets an SSE register: The address is invalid. The memory is probably valid, so the address is probably misaligned. It looks like at the point of the call, your stack is not 16-byte aligned. (There are other things wrong with the program, like lacking unwind codes, failing to preserve nonvolatile registers, and falling off the end of a function.) – Raymond Chen Dec 03 '21 at 12:59
  • I add two lines at the begining of main proc sub RSP, 28h and RSP, 0FFFFFFFFFFFFFFF0h and now the stack befor call of call of CreateProcessA looks like - https://postimg.cc/vgKjgr3Q and its aligned - or I miss the whole point about that? – Slava Dec 03 '21 at 17:32
  • About other things that you mention - "unwind codes, failing to preserve nonvolatile registers, and falling off the end of a function" - this piece of code its just for understanding how this two structures work and how call CreateProcessA with them, its not the code for begining of some project, program or something more. – Slava Dec 03 '21 at 17:32
  • If you are still getting an access violation at that instruction, dump the memory starting at `rsp+0xc0` to see if the address is valid, properly aligned, and read-write. – Raymond Chen Dec 03 '21 at 23:02

0 Answers0