Jinoh Kang (@iamahuman) commented about dlls/ntdll/tests/exception.c:
/* invoke NtContinue... */0xff, 0x94, 0x24, 0xd0, 0x00, 0x00, 0x00, /* call *8*12+0x70(%rsp) *//* validate stack pointer */0x48, 0x8b, 0x0c, 0x24, /* 1: mov (%rsp), %rcx */0x48, 0x39, 0xe1, /* cmp %rsp, %rcx */0x74, 0x02, /* je 2f; jump over ud2 */0x0f, 0x0b, /* ud2; stack pointer invalid, let's crash *//* invoke capture context */0x48, 0x8b, 0x4c, 0x24, 0x50, /* 2: mov 8*10(%rsp), %rcx; context */0x48, 0x81, 0xc1, 0xd0, 0x04, 0x00, 0x00, /* add $0x4d0, %rcx; +sizeof(CONTEXT) to get context->after */0xff, 0x54, 0x24, 0x68, /* call *8*13(%rsp) *//* free stack */0x48, 0x83, 0xc4, 0x08, /* add $0x8, %rsp */
Ditto.
```suggestion:-15+0 /* invoke NtContinue... */ 0xff, 0x94, 0x24, 0xf0, 0x00, 0x00, 0x00, /* call *8*16+0x70(%rsp) */
/* validate stack pointer */ 0x48, 0x3b, 0x64, 0x24, 0x20, /* 1: cmp 0x20(%rsp), %rsp */ 0x74, 0x02, /* je 2f; jump over ud2 */ 0x0f, 0x0b, /* ud2; stack pointer invalid, let's crash */
/* invoke capture context */ 0x48, 0x8b, 0x4c, 0x24, 0x70, /* 2: mov 8*14(%rsp), %rcx; context */ 0x48, 0x81, 0xc1, 0xd0, 0x04, 0x00, 0x00, /* add $0x4d0, %rcx; +sizeof(CONTEXT) to get context->after */ 0xff, 0x94, 0x24, 0x88, 0x00, 0x00, 0x00, /* call *8*17(%rsp) */
/* free stack */ 0x48, 0x83, 0xc4, 0x28, /* add $0x28, %rsp */ ```
While we're at it, I've consolidated mov-cmp sequence into just one cmp.