O'Reilly logo

Memory Dump Analysis Anthology, Volume 4 by Dmitry Vostokov

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Chapter 12. Art

Opcodism: The Art of Opcodes

Fascinated by Kazimir Malevich's Black Square[72] I created the new art genre with the following two artistic installations:

A Pause before Crash

This is 1 MB of PAUSE[73] instructions without the point of return:

_text SEGMENT

main PROC

DW 100000h DUP (90f3h)

main ENDP

_text ENDS

END

When launched it crashes:

0:000> kL Child-SP RetAddr Call Site 00000000`0012ff58 00000000`7704be3d 1MbPause+0x201011 00000000`0012ff60 00000000`77256a51 kernel32!BaseThreadInitThunk+0xd 00000000`0012ff90 00000000`00000000 ntdll!RtlUserThreadStart+0x1d 0:000> ub rip 1MbPause+0x201002: 00000001`40201002 f390 pause 00000001`40201004 f390 pause 00000001`40201006 f390 pause 00000001`40201008 f390 pause 00000001`4020100a f390 pause ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required