Created
June 13, 2019 06:29
-
-
Save bionicbeagle/882c7e8079686617a7b1f0bdb6970c17 to your computer and use it in GitHub Desktop.
QueryPerformanceCounter from Windows 10 v1903
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| 00007FFE496CBBB0 mov qword ptr [rsp+8],rbx | |
| 00007FFE496CBBB5 push rdi | |
| 00007FFE496CBBB6 sub rsp,20h | |
| 00007FFE496CBBBA mov r8b,byte ptr [7FFE03C6h] | |
| 00007FFE496CBBC2 mov rbx,rcx | |
| 00007FFE496CBBC5 test r8b,1 | |
| 00007FFE496CBBC9 je 00007FFE496CBC3B | |
| 00007FFE496CBBCB mov r11,qword ptr [7FFE03B8h] | |
| 00007FFE496CBBD3 test r8b,2 | |
| 00007FFE496CBBD7 je 00007FFE497698FF | |
| 00007FFE496CBBDD mov r9,qword ptr [7FFE49823EC8h] | |
| 00007FFE496CBBE4 test r9,r9 | |
| 00007FFE496CBBE7 je 00007FFE496CBC3B | |
| 00007FFE496CBBE9 mov r10d,dword ptr [r9] | |
| 00007FFE496CBBEC test r10d,r10d | |
| 00007FFE496CBBEF je 00007FFE496CBC3B | |
| 00007FFE496CBBF1 test r8b,r8b | |
| 00007FFE496CBBF4 jns 00007FFE497698E4 | |
| 00007FFE496CBBFA rdtscp | |
| 00007FFE496CBBFD shl rdx,20h | |
| 00007FFE496CBC01 or rdx,rax | |
| 00007FFE496CBC04 mov rax,qword ptr [r9+8] | |
| 00007FFE496CBC08 mov rcx,qword ptr [r9+10h] | |
| 00007FFE496CBC0C mul rax,rdx | |
| 00007FFE496CBC0F mov eax,dword ptr [r9] | |
| 00007FFE496CBC12 add rdx,rcx | |
| 00007FFE496CBC15 cmp eax,r10d | |
| 00007FFE496CBC18 jne 00007FFE496CBBE9 | |
| 00007FFE496CBC1A mov cl,byte ptr [7FFE03C7h] | |
| 00007FFE496CBC21 lea rax,[rdx+r11] | |
| 00007FFE496CBC25 shr rax,cl | |
| 00007FFE496CBC28 mov qword ptr [rbx],rax | |
| 00007FFE496CBC2B mov eax,1 | |
| 00007FFE496CBC30 mov rbx,qword ptr [rsp+30h] | |
| 00007FFE496CBC35 add rsp,20h | |
| 00007FFE496CBC39 pop rdi | |
| 00007FFE496CBC3A ret |
v1903 with symbols from MS symbol store:
RtlQueryPerformanceCounter:
00007FFE7CD6BBB0 mov qword ptr [rsp+8],rbx
00007FFE7CD6BBB5 push rdi
00007FFE7CD6BBB6 sub rsp,20h
00007FFE7CD6BBBA mov r8b,byte ptr [7FFE03C6h]
00007FFE7CD6BBC2 mov rbx,rcx
00007FFE7CD6BBC5 test r8b,1
00007FFE7CD6BBC9 je RtlQueryPerformanceCounter+8Bh (07FFE7CD6BC3Bh)
00007FFE7CD6BBCB mov r11,qword ptr [7FFE03B8h]
00007FFE7CD6BBD3 test r8b,2
00007FFE7CD6BBD7 je memset+697Fh (07FFE7CE098FFh)
00007FFE7CD6BBDD mov r9,qword ptr [RtlpHypervisorSharedUserVa (07FFE7CEC3EC8h)]
00007FFE7CD6BBE4 test r9,r9
00007FFE7CD6BBE7 je RtlQueryPerformanceCounter+8Bh (07FFE7CD6BC3Bh)
00007FFE7CD6BBE9 mov r10d,dword ptr [r9]
00007FFE7CD6BBEC test r10d,r10d
00007FFE7CD6BBEF je RtlQueryPerformanceCounter+8Bh (07FFE7CD6BC3Bh)
00007FFE7CD6BBF1 test r8b,r8b
00007FFE7CD6BBF4 jns memset+6964h (07FFE7CE098E4h)
00007FFE7CD6BBFA rdtscp
00007FFE7CD6BBFD shl rdx,20h
00007FFE7CD6BC01 or rdx,rax
00007FFE7CD6BC04 mov rax,qword ptr [r9+8]
00007FFE7CD6BC08 mov rcx,qword ptr [r9+10h]
00007FFE7CD6BC0C mul rax,rdx
00007FFE7CD6BC0F mov eax,dword ptr [r9]
00007FFE7CD6BC12 add rdx,rcx
00007FFE7CD6BC15 cmp eax,r10d
00007FFE7CD6BC18 jne RtlQueryPerformanceCounter+39h (07FFE7CD6BBE9h)
00007FFE7CD6BC1A mov cl,byte ptr [7FFE03C7h]
00007FFE7CD6BC21 lea rax,[rdx+r11]
00007FFE7CD6BC25 shr rax,cl
00007FFE7CD6BC28 mov qword ptr [rbx],rax
00007FFE7CD6BC2B mov eax,1
00007FFE7CD6BC30 mov rbx,qword ptr [rsp+30h]
00007FFE7CD6BC35 add rsp,20h
00007FFE7CD6BC39 pop rdi
00007FFE7CD6BC3A ret
00007FFE7CD6BC3B xor edx,edx
00007FFE7CD6BC3D lea rcx,[rsp+40h]
00007FFE7CD6BC42 call NtQueryPerformanceCounter (07FFE7CDFC670h)
00007FFE7CD6BC47 mov rax,qword ptr [rsp+40h]
00007FFE7CD6BC4C jmp RtlQueryPerformanceCounter+78h (07FFE7CD6BC28h)
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Previous version (v1809)