0

So, since dividing in assembly is a very hard topic i wanted to try it out.

1. mov eax, Winmine__XP.exe+579C // address of time elapsed
2. cmp [eax], 0x2                // compare time with 2
3. jge decrease                  // jump to decrease if time greater or equal 2
4. inc [eax]                        // increase deref eax
5. jmp exit                      // exit
6. decrease:
7. mov eax, [eax]                // deref eax into eax as dividend
8. mov ecx, 0x2                  // move 2 into ecx as divisor
9. div ecx                       // divide eax by ecx
// CRASH

Now i was wondering if my instruction of moving the dereferenced eax into eax crashes my program or if i was doing something wrong using division.

Peter Cordes
  • 328,167
  • 45
  • 605
  • 847
kek5chen
  • 96
  • 10
  • 2
    `inc [eax]` has ambiguous operand-size: a good assembler would refuse to assemble that without `inc dword [eax]` or similar, depending on which flavour of Intel syntax you're using. – Peter Cordes Jun 04 '21 at 05:49
  • If you want to divide by 2, use `shr eax,1`. Or without loading first, `shr dword ptr [eax], 1`. BTW, since you've apparently checked with a debugger that it doesn't crash until the actual `div` instruction, that rules out the load faulting on a bad address. – Peter Cordes Jun 04 '21 at 05:50
  • @PeterCordes alright, good to know but thats not the problem as the increase is working. It crashes when getting to [eax] = 2 – kek5chen Jun 04 '21 at 05:52
  • I know, apparently whatever you used to assemble this has some default operand-size. Hopefully dword! That's why I just commented while looking for the canonical duplicate for failing to zero EDX. – Peter Cordes Jun 04 '21 at 05:53
  • Im compiling the asm using cheat engine – kek5chen Jun 04 '21 at 05:56
  • its working using `shr [eax],1` but thats not the goal of my project, im trying to use div. – kek5chen Jun 04 '21 at 05:57
  • Yeah, and that part is still a duplicate of [Why should EDX be 0 before using the DIV instruction?](https://stackoverflow.com/q/38416593). I guess you didn't notice I already linked this question as a duplicate of that canonical Q&A a few minutes ago. – Peter Cordes Jun 04 '21 at 06:00
  • I just did right after i commented, moving 0 into edx fixes it. now imma go read why it works haha. thanks for your help – kek5chen Jun 04 '21 at 06:05
  • @Peter Cordes: `cmp [eax], 0x2` is missing a memory operand size too. – ecm Jun 04 '21 at 08:34

0 Answers0