Well I executed this right after the 'where' from last time (still had it up in a window though the connection has long since timed out):
(gdb) info reg eax 0x0 0 ecx 0xb7e35f90 -1209835632 edx 0x80084ae8 -2146940184 ebx 0x3018 12312 esp 0xbfffb070 0xbfffb070 ebp 0xb7e35e70 0xb7e35e70 esi 0x80081bb8 -2146952264 edi 0xffffebb0 -5200 eip 0xb7e369fd 0xb7e369fd <vpaes_cbc_encrypt+189> eflags 0x246 [ PF ZF IF ] cs 0x73 115 ss 0x7b 123 ds 0x7b 123 es 0x7b 123 fs 0x0 0 gs 0x33 51 (gdb) disassemble Dump of assembler code for function vpaes_cbc_encrypt: 0xb7e36940 <+0>: push %ebp 0xb7e36941 <+1>: push %ebx 0xb7e36942 <+2>: push %esi 0xb7e36943 <+3>: push %edi 0xb7e36944 <+4>: mov 0x14(%esp),%esi 0xb7e36948 <+8>: mov 0x18(%esp),%edi 0xb7e3694c <+12>: mov 0x1c(%esp),%eax 0xb7e36950 <+16>: mov 0x20(%esp),%edx 0xb7e36954 <+20>: lea -0x38(%esp),%ebx 0xb7e36958 <+24>: mov 0x24(%esp),%ebp 0xb7e3695c <+28>: and $0xfffffff0,%ebx 0xb7e3695f <+31>: mov 0x28(%esp),%ecx 0xb7e36963 <+35>: xchg %esp,%ebx 0xb7e36965 <+37>: movdqu 0x0(%ebp),%xmm1 0xb7e3696a <+42>: sub %esi,%edi 0xb7e3696c <+44>: mov %ebx,0x30(%esp) 0xb7e36970 <+48>: mov %edi,(%esp) 0xb7e36973 <+51>: sub $0x10,%eax 0xb7e36976 <+54>: mov %edx,0x4(%esp) 0xb7e3697a <+58>: mov %ebp,0x8(%esp) 0xb7e3697e <+62>: mov %eax,%edi 0xb7e36980 <+64>: lea 0xfffff4e5,%ebp 0xb7e36986 <+70>: call 0xb7e361c0 <_vpaes_preheat> ---Type <return> to continue, or q <return> to quit--- 0xb7e3698b <+75>: cmp $0x0,%ecx 0xb7e3698e <+78>: je 0xb7e369d0 <vpaes_cbc_encrypt+144> 0xb7e36990 <+80>: jmp 0xb7e369a0 <vpaes_cbc_encrypt+96> 0xb7e36992 <+82>: lea 0x0(%esi,%eiz,1),%esi 0xb7e36999 <+89>: lea 0x0(%edi,%eiz,1),%edi 0xb7e369a0 <+96>: movdqu (%esi),%xmm0 0xb7e369a4 <+100>: pxor %xmm1,%xmm0 0xb7e369a8 <+104>: call 0xb7e361d0 <_vpaes_encrypt_core> 0xb7e369ad <+109>: mov (%esp),%ebx 0xb7e369b0 <+112>: mov 0x4(%esp),%edx 0xb7e369b4 <+116>: movdqa %xmm0,%xmm1 0xb7e369b8 <+120>: movdqu %xmm0,(%ebx,%esi,1) 0xb7e369bd <+125>: lea 0x10(%esi),%esi 0xb7e369c0 <+128>: sub $0x10,%edi 0xb7e369c3 <+131>: jae 0xb7e369a0 <vpaes_cbc_encrypt+96> 0xb7e369c5 <+133>: jmp 0xb7e36a05 <vpaes_cbc_encrypt+197> 0xb7e369c7 <+135>: mov %esi,%esi 0xb7e369c9 <+137>: lea 0x0(%edi,%eiz,1),%edi 0xb7e369d0 <+144>: movdqu (%esi),%xmm0 0xb7e369d4 <+148>: movdqa %xmm1,0x10(%esp) 0xb7e369da <+154>: movdqa %xmm0,0x20(%esp) 0xb7e369e0 <+160>: call 0xb7e36310 <_vpaes_decrypt_core> 0xb7e369e5 <+165>: mov (%esp),%ebx 0xb7e369e8 <+168>: mov 0x4(%esp),%edx ---Type <return> to continue, or q <return> to quit--- 0xb7e369ec <+172>: pxor 0x10(%esp),%xmm0 0xb7e369f2 <+178>: movdqa 0x20(%esp),%xmm1 0xb7e369f8 <+184>: movdqu %xmm0,(%ebx,%esi,1) => 0xb7e369fd <+189>: lea 0x10(%esi),%esi 0xb7e36a00 <+192>: sub $0x10,%edi 0xb7e36a03 <+195>: jae 0xb7e369d0 <vpaes_cbc_encrypt+144> 0xb7e36a05 <+197>: mov 0x8(%esp),%ebx 0xb7e36a09 <+201>: mov 0x30(%esp),%esp 0xb7e36a0d <+205>: movdqu %xmm1,(%ebx) 0xb7e36a11 <+209>: pop %edi 0xb7e36a12 <+210>: pop %esi 0xb7e36a13 <+211>: pop %ebx 0xb7e36a14 <+212>: pop %ebp 0xb7e36a15 <+213>: ret End of assembler dump. (gdb) info reg eax 0x0 0 ecx 0xb7e35f90 -1209835632 edx 0x80084ae8 -2146940184 ebx 0x3018 12312 esp 0xbfffb070 0xbfffb070 ebp 0xb7e35e70 0xb7e35e70 esi 0x80081bb8 -2146952264 edi 0xffffebb0 -5200 eip 0xb7e369fd 0xb7e369fd <vpaes_cbc_encrypt+189> eflags 0x246 [ PF ZF IF ] cs 0x73 115 ss 0x7b 123 ds 0x7b 123 es 0x7b 123 fs 0x0 0 gs 0x33 51 Sincerely, Michael Russo, Systems Engineer PaperSolve, Inc. 268 Watchogue Road Staten Island, NY 10314
Well I executed this right after the ‘where’ from last time (still had it up in a window though the connection has long since timed out): (gdb) info reg eax 0x0 0 ecx 0xb7e35f90 -1209835632 edx 0x80084ae8 -2146940184 ebx 0x3018 12312 esp 0xbfffb070 0xbfffb070 ebp 0xb7e35e70 0xb7e35e70 esi 0x80081bb8 -2146952264 edi 0xffffebb0 -5200 eip 0xb7e369fd 0xb7e369fd <vpaes_cbc_encrypt+189> eflags 0x246 [ PF ZF IF ] cs 0x73 115 ss 0x7b 123 ds 0x7b 123 es 0x7b 123 fs 0x0 0 gs 0x33 51 (gdb) disassemble Dump of assembler code for function vpaes_cbc_encrypt: 0xb7e36940 <+0>: push %ebp 0xb7e36941 <+1>: push %ebx 0xb7e36942 <+2>: push %esi 0xb7e36943 <+3>: push %edi 0xb7e36944 <+4>: mov 0x14(%esp),%esi 0xb7e36948 <+8>: mov 0x18(%esp),%edi 0xb7e3694c <+12>: mov 0x1c(%esp),%eax 0xb7e36950 <+16>: mov 0x20(%esp),%edx 0xb7e36954 <+20>: lea -0x38(%esp),%ebx 0xb7e36958 <+24>: mov 0x24(%esp),%ebp 0xb7e3695c <+28>: and $0xfffffff0,%ebx 0xb7e3695f <+31>: mov 0x28(%esp),%ecx 0xb7e36963 <+35>: xchg %esp,%ebx 0xb7e36965 <+37>: movdqu 0x0(%ebp),%xmm1 0xb7e3696a <+42>: sub %esi,%edi 0xb7e3696c <+44>: mov %ebx,0x30(%esp) 0xb7e36970 <+48>: mov %edi,(%esp) 0xb7e36973 <+51>: sub $0x10,%eax 0xb7e36976 <+54>: mov %edx,0x4(%esp) 0xb7e3697a <+58>: mov %ebp,0x8(%esp) 0xb7e3697e <+62>: mov %eax,%edi 0xb7e36980 <+64>: lea 0xfffff4e5,%ebp 0xb7e36986 <+70>: call 0xb7e361c0 <_vpaes_preheat> ---Type <return> to continue, or q <return> to quit--- 0xb7e3698b <+75>: cmp $0x0,%ecx 0xb7e3698e <+78>: je 0xb7e369d0 <vpaes_cbc_encrypt+144> 0xb7e36990 <+80>: jmp 0xb7e369a0 <vpaes_cbc_encrypt+96> 0xb7e36992 <+82>: lea 0x0(%esi,%eiz,1),%esi 0xb7e36999 <+89>: lea 0x0(%edi,%eiz,1),%edi 0xb7e369a0 <+96>: movdqu (%esi),%xmm0 0xb7e369a4 <+100>: pxor %xmm1,%xmm0 0xb7e369a8 <+104>: call 0xb7e361d0 <_vpaes_encrypt_core> 0xb7e369ad <+109>: mov (%esp),%ebx 0xb7e369b0 <+112>: mov 0x4(%esp),%edx 0xb7e369b4 <+116>: movdqa %xmm0,%xmm1 0xb7e369b8 <+120>: movdqu %xmm0,(%ebx,%esi,1) 0xb7e369bd <+125>: lea 0x10(%esi),%esi 0xb7e369c0 <+128>: sub $0x10,%edi 0xb7e369c3 <+131>: jae 0xb7e369a0 <vpaes_cbc_encrypt+96> 0xb7e369c5 <+133>: jmp 0xb7e36a05 <vpaes_cbc_encrypt+197> 0xb7e369c7 <+135>: mov %esi,%esi 0xb7e369c9 <+137>: lea 0x0(%edi,%eiz,1),%edi 0xb7e369d0 <+144>: movdqu (%esi),%xmm0 0xb7e369d4 <+148>: movdqa %xmm1,0x10(%esp) 0xb7e369da <+154>: movdqa %xmm0,0x20(%esp) 0xb7e369e0 <+160>: call 0xb7e36310 <_vpaes_decrypt_core> 0xb7e369e5 <+165>: mov (%esp),%ebx 0xb7e369e8 <+168>: mov 0x4(%esp),%edx ---Type <return> to continue, or q <return> to quit--- 0xb7e369ec <+172>: pxor 0x10(%esp),%xmm0 0xb7e369f2 <+178>: movdqa 0x20(%esp),%xmm1 0xb7e369f8 <+184>: movdqu %xmm0,(%ebx,%esi,1) => 0xb7e369fd <+189>: lea 0x10(%esi),%esi 0xb7e36a00 <+192>: sub $0x10,%edi 0xb7e36a03 <+195>: jae 0xb7e369d0 <vpaes_cbc_encrypt+144> 0xb7e36a05 <+197>: mov 0x8(%esp),%ebx 0xb7e36a09 <+201>: mov 0x30(%esp),%esp 0xb7e36a0d <+205>: movdqu %xmm1,(%ebx) 0xb7e36a11 <+209>: pop %edi 0xb7e36a12 <+210>: pop %esi 0xb7e36a13 <+211>: pop %ebx 0xb7e36a14 <+212>: pop %ebp 0xb7e36a15 <+213>: ret
End of assembler dump. (gdb) info reg eax 0x0 0 ecx 0xb7e35f90 -1209835632 edx 0x80084ae8 -2146940184 ebx 0x3018 12312 esp 0xbfffb070 0xbfffb070 ebp 0xb7e35e70 0xb7e35e70 esi 0x80081bb8 -2146952264 edi 0xffffebb0 -5200 eip 0xb7e369fd 0xb7e369fd <vpaes_cbc_encrypt+189> eflags 0x246 [ PF ZF IF ] cs 0x73 115 ss 0x7b 123 ds 0x7b 123 es 0x7b 123 fs 0x0 0 gs 0x33 51 Sincerely, Michael Russo, Systems Engineer PaperSolve, Inc. 268 Watchogue Road Staten Island, NY 10314 |