flat assembler
Message board for the users of flat assembler.

flat assembler > High Level Languages > Why not to use visual studio...

Author
Thread Post new topic Reply to topic
kohlrak



Joined: 21 Jul 2006
Posts: 1421
Location: Uncle Sam's Pad
Some examples from Visual Studio's on board assembler... Remember, listening to the song Yackity (sp?) Sax (aka the benny hill theme) while reading this adds to the humor.

RESON1: Calling function "triangle"

Code:
00401428 6A 01                push        1
0040142A E8 F9 FB FF FF       call        @ILT+35(Triangle) (00401028)
0040142F 83 C4 04             add         esp,4 ;wtf is this?    


RESON2: the return statement from the void function triangle...

Code:
004013D1 5F                   pop         edi ;what is this?
004013D2 5E                   pop         esi ;and this?
004013D3 5B                   pop         ebx ; and this
004013D4 83 C4 48             add         esp,48h ;and this
004013D7 3B EC                cmp         ebp,esp ;and this as well
004013D9 E8 02 7A 00 00       call        __chkesp (00408de0) ;huh?
004013DE 8B E5                mov         esp,ebp ;hm....
004013E0 5D                   pop         ebp ;i question this...
004013E1 C3                   ret
    


RESON3: This is between the triangle and main functions...

Quote:
--- No source file ----------------------------------------------------------------------------------------------------------
004013E2 CC int 3
004013E3 CC int 3
004013E4 CC int 3
004013E5 CC int 3
004013E6 CC int 3
004013E7 CC int 3
004013E8 CC int 3
004013E9 CC int 3
004013EA CC int 3
004013EB CC int 3
004013EC CC int 3
004013ED CC int 3
004013EE CC int 3
004013EF CC int 3
004013F0 CC int 3
004013F1 CC int 3
004013F2 CC int 3
004013F3 CC int 3
004013F4 CC int 3
004013F5 CC int 3
004013F6 CC int 3
004013F7 CC int 3
004013F8 CC int 3
004013F9 CC int 3
004013FA CC int 3
004013FB CC int 3
004013FC CC int 3
004013FD CC int 3
004013FE CC int 3
004013FF CC int 3
00401400 CC int 3
00401401 CC int 3
00401402 CC int 3
00401403 CC int 3
00401404 CC int 3
00401405 CC int 3
00401406 CC int 3
00401407 CC int 3
00401408 CC int 3
00401409 CC int 3
0040140A CC int 3
0040140B CC int 3
0040140C CC int 3
0040140D CC int 3
0040140E CC int 3
0040140F CC int 3


What was all of that?

RESON4: Now, if you look closely and use your assembler, you'll notice that these instructions when assembled don't come out with the hex code displayed in the disassembler... This means it's recoding the exe file and a little common sence will tell you that there's no point in encoding the exe, because the only ones who could decompile your code, would have to know assembly in the first place, and they would easily beat the algoritham anyway, so this encoding and decoding process just eats away your time.

Am i wrong in any of this?
Post 17 Dec 2006, 20:38
View user's profile Send private message Visit poster's website AIM Address Yahoo Messenger MSN Messenger Reply with quote
vid
Verbosity in development


Joined: 05 Sep 2003
Posts: 7108
Location: Slovakia
about esp - google something about "ccall" or "c calling standard"

about "int 3" - this assures that if code gets (by mistake) somewhere where it shouldn't be (between functions), then code immediately stops executing.
Post 17 Dec 2006, 21:37
View user's profile Send private message Visit poster's website AIM Address MSN Messenger ICQ Number Reply with quote
kohlrak



Joined: 21 Jul 2006
Posts: 1421
Location: Uncle Sam's Pad
Calling standard? I still don't see hte point to it, but i'll let that slide cause i'm too lazy to look it up since i have to code more C++ apps for school. And aside from that, the whitespace between functions is a little pointless... The compiler should prevent that without the need of the exit code. And other than that, i am right that there is completely pointless code here?
Post 17 Dec 2006, 21:43
View user's profile Send private message Visit poster's website AIM Address Yahoo Messenger MSN Messenger Reply with quote
vid
Verbosity in development


Joined: 05 Sep 2003
Posts: 7108
Location: Slovakia
whitespace between function is alignment on page boundary which makes sure processor doesn't have to reload entire 4kb memory page just to get one byte of function.

ccall is useful because it supports variable number of arguments, unlike stdcall (the one you know). Useful in printf for example.

next time, try not to judge things if you don't understand them
Post 17 Dec 2006, 21:48
View user's profile Send private message Visit poster's website AIM Address MSN Messenger ICQ Number Reply with quote
kohlrak



Joined: 21 Jul 2006
Posts: 1421
Location: Uncle Sam's Pad
Eh, i thought i did understand them. lol I guess i didn't... lol
Post 17 Dec 2006, 23:12
View user's profile Send private message Visit poster's website AIM Address Yahoo Messenger MSN Messenger Reply with quote
Vasilev Vjacheslav



Joined: 11 Aug 2004
Posts: 392
chkesp is used when you have big local variables in procedure, e.g.:

Code:
char buffer[10000];
    
Post 18 Dec 2006, 07:26
View user's profile Send private message Reply with quote
Tommy



Joined: 17 Jun 2003
Posts: 492
Location: Norway
was the result printed from a debug executable, or a release executable?
Post 18 Dec 2006, 08:41
View user's profile Send private message Visit poster's website Reply with quote
MichaelH



Joined: 03 May 2005
Posts: 402
kohlrak, in Visual Studio, go to "Project -> Properties ->C/C++ -> Output files" and set Assembly Output to "Assembly With Source Code (/FAs)" (and play with the other settings) for both Debug and Release. Compile both the Debug and Release configs. You will get an asm file in the Debug and Release output folders. You can then see that call __chkesp (.........) is all over the place in the debug asm file and not in the Release asm file.

As for all your other "what is this ... and this and this" study these asm files to see how stack frames are set up and broken down for the C++ functions.


Code:
004013D1 5F                   pop         edi ;what is this? 
004013D2 5E                   pop         esi ;and this? 
004013D3 5B                   pop         ebx ; and this 
    



Note the opposite push for each at the start of each procedure.

Visual Studio actually disassembles fasm produced binaries very close to the fasm syntax, so is a very helpful tool. The only thing it doesn't do is debug in kernel mode (use IDA Pro or windbg for that).
Post 18 Dec 2006, 20:36
View user's profile Send private message Reply with quote
f0dder



Joined: 19 Feb 2004
Posts: 3170
Location: Denmark
All the 0xCC's can be used for a smart purpose: not having to re-link the entire executable when only a single function needs to be updated. You might also want to read up on "hotpatching" introduced in recent MSVC, interesting idea.

For the "add esp" and "pop ebp", vid already hinted at the standard C calling convention. You can use some compiler flags to override default calling convention, or you can set calling convention per function. Check out: "/Gd - __cdecl", "/Gz - __stdcall", "/Gr - __fastcall". Also check our "/Oy - frame pointer omission".

The issues you're bashing here, anyway, are pretty minor ones that just show you haven't looked into the tool you're using Smile
Post 18 Dec 2006, 23:52
View user's profile Send private message Visit poster's website Reply with quote
kohlrak



Joined: 21 Jul 2006
Posts: 1421
Location: Uncle Sam's Pad
Well, when you learn C++ they never teach you diddly squat about how it actually works. I'm just now realizing that "linker" isn't a synonym for assembler. As for it disassembling Fasm code, some of my fasm code keeps crashing, i open it up in the IDE, and well... no disassembly. And the following is interesting...

Fasm's xor eax, eax wrote:
66 31 C0


Masm (Visual studio)'s xor eax, eax wrote:
68: __asm xor eax, eax
00402338 33 C0 xor eax,eax


It visual studio just lieing, or does the processor have more ways to do the same instruction, or is there just stuff i havn't figured out yet?
Post 19 Dec 2006, 02:55
View user's profile Send private message Visit poster's website AIM Address Yahoo Messenger MSN Messenger Reply with quote
f0dder



Joined: 19 Feb 2004
Posts: 3170
Location: Denmark
Quote:

Well, when you learn C++ they never teach you diddly squat about how it actually works.

They hopefully teach you the language, but don't start out with a lot of details you don't really need. Although perhaps explaining what happens on most platforms when building a program is relevant enough Wink

Some opcodes have multiple instructions. 0x66 and 0x67 are prefixes though, so I assume your "fasm xor eax, eax" was assembled for 16bit mode. That'd also explain why you can't open it in the VS ide Smile
Post 19 Dec 2006, 03:17
View user's profile Send private message Visit poster's website Reply with quote
kohlrak



Joined: 21 Jul 2006
Posts: 1421
Location: Uncle Sam's Pad
Well, eventually there won't be many 16 bit computers, so eventually fasm might be set into 32 bit mode, or maybe not. I don't know much about assembly still, so it might be difficult to do. lol
Post 19 Dec 2006, 03:58
View user's profile Send private message Visit poster's website AIM Address Yahoo Messenger MSN Messenger Reply with quote
MichaelH



Joined: 03 May 2005
Posts: 402
If you put an int3 in your fasm code and run the exe, the system error dialog will come up. You can either push the "Don't Send" button and nothing will happen or push Debug and if visual studio is your current JIT debugger (if it's not then you can set it to be), select "native" on the dialog that comes up, then open up the disassembly window once VC opens and all will be revealed to you like magic Smile

You can set break points in the assembly window and do all sorts of other cool things.

Tell us what you really think about visual studio when you learn it's true power Wink

Edit:

Fasm is not just a 16 bit assembler, place in your code use32 for 32 bit code or use64 for 64 bit code ..... but really you'd know all this if you just read the fasm documentation ...... so how about doing that and saving us all the time of replying to you!


Last edited by MichaelH on 19 Dec 2006, 04:11; edited 2 times in total
Post 19 Dec 2006, 03:59
View user's profile Send private message Reply with quote
kohlrak



Joined: 21 Jul 2006
Posts: 1421
Location: Uncle Sam's Pad
heh, the way documentation is today. I don't expect to learn much about it's ability, especially because the documentation can't even tell me half the stuff in C++ (exturnal documentation, not visual studio's included docs which are great by the way). My school course book can't even teach us the binary operators, instead denies that >> and << have a purpose other than std::cin and std::cout.

EDIT: unusual, as soon as i added the int 3 it was capable of disassembling my code. Normally it can't... As for reading the docs, i was actually saving them for when i understood assembly a bit better. Perhaps i should be worrying more about that rather than jumping the gun everytime i see windows trying to do something. I have a personal bias against windows, and if you see my highschool post in the heap you'll understand why, but probably not why i blame microsoft for that. Every time i look at work by microsoft i am reading it with the assumption that they're trying to slow down comptuers to help sell the "faster version" of windows that is the next release, and this time it's windows vista which is released in january. I don't trust windows much at all, so perhaps i should stop accusing microsoft of so much.

And one of those resons i don't trust internet service providers, even, (and i know this is off topic) but after typing that all up, my computer just randomly decides it dosn't want to connect to the internet, but my firewall acts as if traffic is fine and shows all kinds of in and out stuff, but oddly enough nothing is working. Looks like i'll have to wait till morning and hope i can submit this edit then...

Actually, i just rebooted my router and everything's fine... Lesson learned: stop accusing everything...
Post 19 Dec 2006, 04:02
View user's profile Send private message Visit poster's website AIM Address Yahoo Messenger MSN Messenger Reply with quote
Display posts from previous:
Post new topic Reply to topic

Jump to:  


< Last Thread | Next Thread >
Forum Rules:
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum


Copyright © 1999-2019, Tomasz Grysztar.

Powered by rwasa.