I coded a C program in vistual studio and complied in 64 bit
#include<stdio.h>
int main()
{
printf("Hello World!!!\n");
return 0;
}
And I use IDA freeware to disassembly it, I didn't see main but follow
public start
start proc near
jmp start_0
start endp
after I clicked start_0, The following code showed
start_0 proc near
arg_0= qword ptr 8
mov [rsp+arg_0], rcx
sub rsp, 28h
call sub_7FF691D52000
add rsp, 28h
retn
start_0 endp
obviously not main too, and I also didn't find main in function table and also I found a answer in the internet
Windows --> Exports
But I only saw start function in the result
how to find main? where to find it? or do I need to set somethings?
To find functions by name used in sources, you can load your programs symbols in IDA (pdb file).
Without symbols you can open strings view, find there "Hello World!!!\n" string and double-click it.
IDA View opens with the cursor on the strings address. Open XREFS window (Ctrl+X) of this string. It should contain only one entry - your printf function.
Double-click this entry and you will land on printf in your main.
Related
It says that Jump out of range by 60 bytes
To solve my problem.
Conditional jumps in 8086 Assembly (and most assembly languages) have a limited distance they can jump. In other words, there's too much code between your jump instruction and the destination (in this case, 60 bytes too many). You didn't post your code so I can't tell you exactly what line to fix, but in general the solution is straightforward.
cmp ax,bx
jnz goHere
; more code is here than the conditional jump will allow
goHere:
; finish up what we were doing
ret
In order to fix the above code, we have to reverse the condition and JMP, since JMP isn't as limited as Jxx is.
cmp ax,bx
jz continue:
jmp goHere
continue:
; finish up what we were doing
ret
goHere:
; now we can get here even though we have too much code for a conditional jump
jmp continue ;this will also have enough range to go there.
There's several ways to re-arrange your code to allow conditional jumps to work as intended, and still get the desired outcome. This is just one technique for it.
In some elisp file, they use line-sparator(I have no idea what is the name of it) to sparate some functions.
Some functions maybe be called only by some functions which will be made for API for user. So the two part of functions are different.
In some elisp file, there a one charator which display like a line in Emacs(I call it line-sparator).
For example, in help.el file, after the line (defvar help-button-cache nil) , there is a line-sparator in line 114.
So, My question is How to input it in Emacs.
This character is called "form feed", shown in Emacs as ^L, represented in files as byte 12 (decimal) / 0C (hex). Its function is to separate pages; when sent to a printer, it will usually make the printer output the current page and restart output at the top of a new page.
You can input it with C-q C-l. C-q is bound to quoted-insert, which can insert almost anything into the buffer literally.
You are looking for C-q C-l I believe. This inserts the ^L escape, which is commonly known as a FORM_FEED. Traditionally, this command was used to tell printers to eject the page and start a new one; of course, this has changed over time. Normally, this is used as a directive to clear the screen in terminals.
I'm not sure what you're seeing, because the character displays as ^L to me.
EDIT: sniped.
Today I was wondering why the GFlags option Stop on hung GUI appears in the Kernel Flags tab of the GFlags user interface. Does the kernel have a GUI which could hang?
So I tried to get some information from Microsoft, but MSDN just says:
The Stop on hung GUI flag appears in GFlags, but it has no effect on Windows.
So I wonder even more: a kernel flag for a kernel which has a GUI, but it's not the Windows kernel?
Although it seems not of practical use, can anyone explain this?
I also tried to get more information from WinDbg .hh !gflag, but it doesn't even give the statement that this won't work on Windows.
Kernel flag indicates flag takes effect immediately without requiring a reboot
Registry flag requires a reboot for the flags to take effect
the kernel does not have any gui that could hang.
the term windows doesnt mean kernel but the gui windows of the running application
check NtSetSystemInformation in your os to understand why 0x8 does not take effect
basically there are a few hardcoded magic numbers inside this api which tests each request for GlobalFlag changes and allows them or disallows them
in xp-sp3 this magic value is 0B2319BF0 so any flag that is < 0x10 will be disallowed
and stop on hung gui is 0x8 so it isnt effective and you cant set this from registry tab
so effectively no way of setting this flag
nt!NtSetSystemInformation+0x193:
80606009 8b03 mov eax,dword ptr [ebx] ds:0023:001285f8=00000008 <---- +shg
8060600b 25f09b31b2 and eax,0B2319BF0h < magic value in nt
80606010 8945a0 mov dword ptr [ebp-60h],eax ss:0010:fb569cf0=00000000
80606013 8b0d6c125580 mov ecx,dword ptr [nt!NtGlobalFlag (8055126c)] ds:0023:8055126c=00000000
80606019 81e10f64ce4d and ecx,4DCE640Fh <--another magic value both these magic values orred together
will be 0xffffffff covers the whole range of flags
8060601f 0bc1 or eax,ecx
80606021 8945a0 mov dword ptr [ebp-60h],eax ss:0010:fb569cf0=00000000
80606024 a36c125580 mov dword ptr [nt!NtGlobalFlag (8055126c)],eax ds:0023:8055126c=00000000
I'm hoping this is an easy problem, but I haven't figured out the answer yet nor seen a good resource for this. I'm running an experiment in Matlab, and at times we call to an external program. After a certain amount of time, I want the participants to return to Matlab to take a survey, and then resume their task after they are done. The problem is the external code is interactive, so a person could be typing or clicking and not see the survey open up, and after completing the survey I don't know how to automatically return them to their open program (although I know when they are done with their survey and automatically close the browser). My toy code example would be:
system('start \max notepad.exe')
pause(60) %After x seconds a web page opens up in Matlab, how to ensure users see it?
web('cnn.com') %I have code that will close this after they click on a certain link
%After close browser, how to return to notepad where they left off?
Two solutions may help you. Actually, it is a little complicate. Solution 1 use mex method control window of program by c code. Solution 2 is also complicate, just use MATLAB parallel toolbox. Hmm, I suggest your use solution 1.
solution 1:
Create a cpp file, which controls your interactive program(i.e. window explorer here). code is below. copy and save the code as "ctrlWindow.cpp" at your MATLAB current folder.
compile ctrlWindow.cpp by compiler lcc:
mex -setup % choose compiler: type this command at MATLAB command, then choose lcc complier on windows 32 system
mex ctrlWindow.cpp % compile cpp: you would find ctrlWindow.mexw32 at current folder
run the mex file as m-file at MATLAB command:
ctrlWindow('your_program_window_name',command);
i.e. window name of a folder "myfold" is myfold which is display on the top left of window, type command:
ctrlWindow('myfold',6);
this would minimize your folder window. I suggest you minimize your program window firstly, then maximize it, and participants would focus on your program again:
ctrlWindow('myfold',6);%minimize window
ctrlWindow('myfold',3);%maximize window and participants would focus on this window
command is here:
HIDE 0
SHOWNORMAL 1
NORMAL 1
SHOWMINIMIZED 2
SHOWMAXIMIZED 3
MAXIMIZE 3
SHOWNOACTIVATE 4
SHOW 5
MINIMIZE 6
SHOWMINNOACTIVE 7
SHOWNA 8
RESTORE 9
SHOWDEFAULT 10
FORCEMINIMIZE 11
MAX 11
//filename:ctrlWindow.cpp
#include <windows.h>
#include "mex.h"
void mexFunction( int nlhs, mxArray *plhs[],
int nrhs, const mxArray *prhs[] )
{
mxChar* winName; //name of window wanted to be found
HWND hwnd; //handle of window
int command; //command of control window
// check number of input
if(nrhs!=2)
mexErrMsgTxt("input must be 2");
// check class of input
if (mxIsChar(prhs[0]))
winName=mxGetChars(prhs[0]);//get name of window
else
mexErrMsgTxt("input 1 should be char -- name of window");
if (mxIsDouble(prhs[1]))
{
command = (int) mxGetScalar(prhs[1]);//get command
if(command<0 || command >11)//check command
mexErrMsgTxt("No such command!!!");
}
else
mexErrMsgTxt("input 2 should be a double");
// find window
hwnd = FindWindowW(NULL, (LPCWSTR)winName);
if(NULL==hwnd)
{
MessageBoxW(NULL,(LPCWSTR) L"Can't find the window!!!",NULL,MB_OK);
return;
}
ShowWindow(hwnd, command);//control the window
}
Solution 2:
matlabpool open 2
open two matlab background, use first control your first program, use second one control your second program.
I want to use powershell in emacs, but it seems that the powershell in emacs is block buffered. For example, when I write the a simple c program like this:
int main()
{
printf("input the number of a value: \n");
scanf("%d", &num);
}
I compile it and make it run in Powershell under emacs. It won't print out the line input the number of a value: until I input a number and hit Enter. the c program runs well in powershell outside the emacs. My question is how can I run the PowerShell line buffered in emacs?
edit I use the Powershell.el
The stdout of the C library is line buffered if the stdout of your program is connected to a terminal. The reason you find the behavior in your original program (without fflush) is simply because while running through the GNU EMACS, your program thinks it is not connected to a real terminal. Experiment running your program in M-x term or M-x ansi-term, for example. The solutions given here suggest you using fflush, which is definitely not a solution as you won't change every little program that uses the C library in your system. So the answer to your question is really giving your GNU EMACS a real terminal and not changing your program. Now, the bad news is that neither of these terminals for the GNU EMACS seem to work on Windows. (Sorry.) (Nevertheless, it appears someone claims to run ansi-term on Windows.)
You need to fflush before the fscanf.
This works for me with eshell:
#include <stdio.h>
int main() {
int num;
printf("input the number:\n");
fflush(stdout);
scanf("%d", &num);
printf("inc: %d\n", num + 1);
}
I couldn't reproduce your problem with powershell.el because I see another: it doesn't wait for the input, "reads" a 0 instead, prints "inc: 1" and exits.