flat assembler
Message board for the users of flat assembler.

Index > Windows > Assembly language for beginner

Goto page Previous  1, 2, 3  Next
Author
Thread Post new topic Reply to topic
ProMiNick



Joined: 24 Mar 2012
Posts: 798
Location: Russian Federation, Sochi
ProMiNick 13 May 2020, 16:34
in x86 some operations allowed only with specific register: result of 32bit division goes to eax, while remainder goes to edx, result of multiplication goes to edx:eax pair too.
in xlatb operation used al & ebx.
in data movement (string instructions) are used esi & edi.
pointing via ebp register is 1 byte shorter than via any other register.

so in data transfer & much of operations registers are equivalent, but when needed to execute specific to register instruction thou should use other registers or memory.
And esp, only with that registers executed pushes, popes, calls, rets.

but calling convention it is a bit different thing than register roles.

convention determine how will be passed params of different sizes, they will be passed via registers(and via which) or/and via stack, for clearing stack to state before call is responsible callee or caller, in what order params would be passed, will stack be aligned or not, and so on...
Post 13 May 2020, 16:34
View user's profile Send private message Send e-mail Reply with quote
Ali.Z



Joined: 08 Jan 2018
Posts: 716
Ali.Z 13 May 2020, 21:53
Stefx wrote:
First of what I would like to ask, is each registers have a specific job?

Code:
subroutine:
        push    eax
        mov     ebx, esp
        sub     esp, 8       


Program was working good but does using different registers matter?


it seems unclear to you what is meant by PUSH?
we PUSH a value on top of the stack to preserve it or pass it to a function/subroutine/procedure.

that is why Tomasz Grysztar PUSHed EBP to preserve it, and load ESP into EBP; if we were in a nested subroutine and did not preserve the value of EBP then that will cause a crash.

using different registers always matter, as for registers have specific job; YES, but they are general-purpose-registers.
ProMiNick already mentioned some examples, in addition to what ProMiNick wrote; every register in x86 mode have some specific uses by some specific instructions.

first off, lets go for "Naming Conventions":
E?X - E = Extended from previous intel architectures.

EAX = Accumulator, used by many x86 instructions. we cant count these as writing them down would take 30minutes to an hours.

ECX = Counter, used by few x86 instructions. REP/REPE(Z), REPNE(Z), JCXZ, JECXZ, few more ..

EDX = Data, some specific instructions.

EBX = Base, used by XLAT. and its the return value of some instructions like CPUID and others ...

ESP = Stack Pointer, which pointer to the current stack. used by PUSH, POP, CALL, RET, IRET, ENTER, LEAVE ...

EBP = Base Pointer, which is used to save current stack frame. its used by ENTER and LEAVE instructions.
in your example if you have used LEAVE before the RET instruction you will crash. (and you wouldnt crash if you followed what Tomasz wrote)

ESI = Source Index, see below.
EDI = Destination Index, see below.

both ESI and EDI are used by string-instructions.

as for Calling Conventions, ProMiNick already mentioned the purpose of the Calling Conventions.

Calling Convention is not fixed, by mean it can vary from one OS to another; also to be more clear its not something specific for OSes or Libraries.

its per function, for example 99.99% (and infinite line of nines) win32 api use the STDCALL Calling Convention.
however, some specific functions use CDECL Calling Convention. (they were originally C Lib functions that were adopted by microsoft windows)

both STDCALL and CDECL require parameters to be PUSHed on the stack, however the stack cleaning is different.
STDCALL - the callee must clean the stack. (easier to call) (when making your own function you may forget about how many bytes you should clean)
CDECL - that caller must clean the stack. (you may forget to clean the stack after the call) (easier to implement a function)

that is not everything, both Calling Conventions require parameters to be pushed right-to-left; both Calling Conventions guarantees that EBX,ESP,EBP,ESI,EDI are non-volatile by mean they will not be changed by the callee in other words they are preserved by the callee.
while EAX, ECX, EDX are volatile, and they will be altered by the callee; if the caller want to keep their values then the caller must preserve whatever content in EAX,ECX,EDX.

and the return value is in EAX.

that is for x86 Calling Conventions, the 64-bit Calling Conventions are different.

as for your own functions, you dont have to follow any rules especially if they are used within your program; you can customize them however you please.

but if you want to make a DLL, then you probably want to follow STDCALL Calling Convention; otherwise you have the document your custom Calling Convention.

in general STDCALL is the most used Calling Convention, and luckily fasm have some macros for stdcall.
invoke - indirect (optional)
stdcall - direct (optional)

as for making a function, PROC and ENDP pairs are used. (optional)

_________________
Asm For Wise Humans
Post 13 May 2020, 21:53
View user's profile Send private message Reply with quote
Stefx



Joined: 24 Apr 2020
Posts: 21
Stefx 14 May 2020, 09:10
@ProMiNick @Ali.Z
Thanks a lot for explaining, many things are now clear for me.
Post 14 May 2020, 09:10
View user's profile Send private message Reply with quote
Stefx



Joined: 24 Apr 2020
Posts: 21
Stefx 22 May 2020, 19:00
And here I am after a long break with another question Smile
Currently I am on "Introduction to x86 assembly, part 5: CoMParing numbers"
I would like ask why only first 3 letters change size to small and rest remain unchanged?


Description:
Filesize: 36.66 KB
Viewed: 14837 Time(s)

1asm.JPG


Post 22 May 2020, 19:00
View user's profile Send private message Reply with quote
ProMiNick



Joined: 24 Mar 2012
Posts: 798
Location: Russian Federation, Sochi
ProMiNick 22 May 2020, 20:07
somewhere happened call to ToLowerCase,
where first param passed as string to convert, (and in current case I could suppose that it is address of "example" var)
where 2nd param is count of chars from begining to convert (and in current case I could suppose that it is value 3)

to lower case transforming itself is adding to char difference between locase char and upper case one it is 'a'-'A'=$20=20h
add byte[edx],20h
note: it REQUIRES source string to consist only from ENGLISH CAPITAL LETTERS ASCIIs, for other sources it will convert strings to garbage.

Quote:
where 2nd param is count of chars from begining to convert (and in current case I could suppose that it is value 3)
that is answer on thour question.
Post 22 May 2020, 20:07
View user's profile Send private message Send e-mail Reply with quote
Stefx



Joined: 24 Apr 2020
Posts: 21
Stefx 23 May 2020, 05:47
Yeah that's right @ProMiNick I found on beginning of code
Code:
start:
        push    3
        push    example
        call    ToLowerCase    

after switch value of 3 to another number I can convert much more letters.
Post 23 May 2020, 05:47
View user's profile Send private message Reply with quote
Stefx



Joined: 24 Apr 2020
Posts: 21
Stefx 27 May 2020, 16:53
I would like ask about priority like on the picture

0 means most important or without priority?


Description:
Filesize: 21.03 KB
Viewed: 14737 Time(s)

1qaz.JPG


Post 27 May 2020, 16:53
View user's profile Send private message Reply with quote
ProMiNick



Joined: 24 Mar 2012
Posts: 798
Location: Russian Federation, Sochi
ProMiNick 27 May 2020, 17:54
thou could apply logic (if thou remember math).
multiplication & division are more priorited than sum or substraction, so priotity 0 - no priority, 7- highest.
Post 27 May 2020, 17:54
View user's profile Send private message Send e-mail Reply with quote
Stefx



Joined: 24 Apr 2020
Posts: 21
Stefx 11 Jun 2020, 18:25
Currently I am reading INTEL 80386 MANULA REF. Could you recommend any good or best book about assembly?

Also I would like ask why my text is not displayed on console
here is code:
Code:
format PE
entry start
section '.text' code readable executable
start:
mov     eax, 4
mov     ebx, 1
mov     ecx, text
mov     edx, [length]
int     80h
mov     eax, 1
int     80h

text db         'Hello', 0ah
length dd       $ - text     
Post 11 Jun 2020, 18:25
View user's profile Send private message Reply with quote
DimonSoft



Joined: 03 Mar 2010
Posts: 1228
Location: Belarus
DimonSoft 12 Jun 2020, 13:15
So, what is your target OS? It definitely is time to choose.
Post 12 Jun 2020, 13:15
View user's profile Send private message Visit poster's website Reply with quote
Stefx



Joined: 24 Apr 2020
Posts: 21
Stefx 14 Jun 2020, 11:26
DimonSoft wrote:
So, what is your target OS? It definitely is time to choose.

Windows
Post 14 Jun 2020, 11:26
View user's profile Send private message Reply with quote
SeproMan



Joined: 11 Oct 2009
Posts: 70
Location: Belgium
SeproMan 14 Jun 2020, 19:21
If your target OS is Windows, then you need to use its API and not use Linux system calls!

In your FASM\EXAMPLES directory there is an HELLO WORLD example that you can study.

Code:
format PE GUI
entry start

section '.text' code readable executable

  start:

        push    0
        push    _caption
        push    _message
        push    0
        call    [MessageBoxA]

        push    0
        call    [ExitProcess]

section '.data' data readable writeable

  _caption db 'Win32 assembly program',0
  _message db 'Hello World!',0

section '.idata' import data readable writeable

  dd 0,0,0,RVA kernel_name,RVA kernel_table
  dd 0,0,0,RVA user_name,RVA user_table
  dd 0,0,0,0,0

  kernel_table:
    ExitProcess dd RVA _ExitProcess
    dd 0
  user_table:
    MessageBoxA dd RVA _MessageBoxA
    dd 0

  kernel_name db 'KERNEL32.DLL',0
  user_name db 'USER32.DLL',0

  _ExitProcess dw 0
    db 'ExitProcess',0
  _MessageBoxA dw 0
    db 'MessageBoxA',0

section '.reloc' fixups data readable discardable       ; needed for Win32s
    

_________________
Real Address Mode.
Post 14 Jun 2020, 19:21
View user's profile Send private message Reply with quote
Stefx



Joined: 24 Apr 2020
Posts: 21
Stefx 11 Jul 2020, 04:57
Thanks for you answer
I would like ask why I should use API ? and why I can't do this in console?
I really need to know why this is so important
Post 11 Jul 2020, 04:57
View user's profile Send private message Reply with quote
revolution
When all else fails, read the source


Joined: 24 Aug 2004
Posts: 20300
Location: In your JS exploiting you and your system
revolution 11 Jul 2020, 05:23
Stefx wrote:
I would like ask why I should use API ? and why I can't do this in console?
You can't directly access the hardware in Windows. The best you can get is a virtual console (used by cmd.exe), and for that you also need to use the API.

You can't avoid using the API in Windows, and most other protected OSes (including Linux and MacOS). It's part of being a protected OS.
Post 11 Jul 2020, 05:23
View user's profile Send private message Visit poster's website Reply with quote
Stefx



Joined: 24 Apr 2020
Posts: 21
Stefx 12 Jul 2020, 05:28
So why in hight level language everything is displayed in console? The reason is libraries or IDE or something else?

I understand that my questions may be pointless for you, but I see many differences between high-level and low-level programming, which is why I ask.
Post 12 Jul 2020, 05:28
View user's profile Send private message Reply with quote
DimonSoft



Joined: 03 Mar 2010
Posts: 1228
Location: Belarus
DimonSoft 12 Jul 2020, 08:35
Stefx wrote:
So why in hight level language everything is displayed in console?

What makes you think it is the way you say?
Post 12 Jul 2020, 08:35
View user's profile Send private message Visit poster's website Reply with quote
revolution
When all else fails, read the source


Joined: 24 Aug 2004
Posts: 20300
Location: In your JS exploiting you and your system
revolution 12 Jul 2020, 08:38
Stefx wrote:
So why in hight level language everything is displayed in console? The reason is libraries or IDE or something else?

I understand that my questions may be pointless for you, but I see many differences between high-level and low-level programming, which is why I ask.
It isn't about the language, HLL or LLL, they don't matter. It is the OS that controls access to everything.

So all user programs, e.g. IDEs and compilers, use the API to display text and graphics. The console is only accessible through the API. You don't get to choose this, the OS chooses for you.

So, in short, to answer your question "I would like ask why I should use API ?" it is because the OS enforces this.

BTW: The console is really just a normal graphics program that renders text. And in Windows you can also draw pixel graphics directly to the console window (through the API of course), all you need is the DC handle.
Post 12 Jul 2020, 08:38
View user's profile Send private message Visit poster's website Reply with quote
TmX



Joined: 02 Mar 2006
Posts: 841
Location: Jakarta, Indonesia
TmX 12 Jul 2020, 09:38
Stefx wrote:
So why in hight level language everything is displayed in console?


Simplicity. Regardless you are coding in high level or low level language.

Sure, you can use fancy UI (forms with pretty buttons etc) to display the computation result, but that's unecessary and involves more coding.
Post 12 Jul 2020, 09:38
View user's profile Send private message Reply with quote
Stefx



Joined: 24 Apr 2020
Posts: 21
Stefx 12 Jul 2020, 09:59
I always thought that the console is the basic program of any king programming language even assembler, and I always thought after calling code console is running as first program.

Now I know how wrong I was...
Post 12 Jul 2020, 09:59
View user's profile Send private message Reply with quote
Ali.Z



Joined: 08 Jan 2018
Posts: 716
Ali.Z 12 Jul 2020, 10:30
many if not most (but not all) programming languages provide some basic input/output functions, we can call these language specific library functions.

when it comes to porting X language to Y operating system, we need to sort of translate these language specific i/o functions into something that Y operating system can understand.

which is OS APIs, so if we take C language as an example; the printf function acts like a wrapper around the real Windows API that deals with console i/o.

what that wrapper do is, basically formats the text, measure the length then pass these to the real API that renders the text.

you can either use language specific functions that act like a wrapper, or make your own wrapper, or maybe call the Windows API directly which is what we do here using x86 Assembly.

also to remind you, revolution said:

revolution wrote:
BTW: The console is really just a normal graphics program that renders text. And in Windows you can also draw pixel graphics directly to the console window (through the API of course), all you need is the DC handle.


so you keep this in mind.

_________________
Asm For Wise Humans
Post 12 Jul 2020, 10:30
View user's profile Send private message Reply with quote
Display posts from previous:
Post new topic Reply to topic

Jump to:  
Goto page Previous  1, 2, 3  Next

< Last Thread | Next Thread >
Forum Rules:
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum


Copyright © 1999-2024, Tomasz Grysztar. Also on GitHub, YouTube.

Website powered by rwasa.