flat assembler
Message board for the users of flat assembler.

Index > Windows > is my win7 x64 error?

Author
Thread Post new topic Reply to topic
charme



Joined: 08 Jan 2010
Posts: 22
charme
i m a chinese ,so english is not my native.

i use the fasm now, i think it is very good.but..........

now,just a code that made by ohther and compile by me...

Code:
format PE64 GUI 5.0

;;entry
;entry start

;;include
include 'C:\asm\tool\fasm\fasmw\INCLUDE\win64axp.inc'

;;data
.data
        status          db      'Status',0
        reg             db      'FLAGS: %.8X',13,10,'%s',13,10

                        db      'RAX: %.16IX',9,'R8: %.16IX',13,10
                        db      'RBX: %.16IX',9,'R9: %.16IX',13,10
                        db      'RCX: %.16IX',9,'R10: %.16IX',13,10
                        db      'RDX: %.16IX',9,'R11: %.16IX',13,10
                        db      'RSP: %.16IX',9,'R12: %.16IX',13,10
                        db      'RBP: %.16IX',9,'R13: %.16IX',13,10
                        db      'RSI: %.16IX',9,'R14: %.16IX',13,10
                        db      'RDI: %.16IX',9,'R15: %.16IX',13,10

                        db      'RIP: %.16IX',13,10,0

        buff            rb      1024
        flag            dd      ?

.code

        start:
                        call    print
                        call    print
                        call    print

                        ;;exit
                        xor     rcx,rcx
                        call    [ExitProcess]

        print:
                        pushf
                        push    qword [rsp+8] ;;return address
                        push    r15
                        push    rdi
                        push    r14
                        push    rsi
                        push    r13
                        push    rbp
                        push    r12
                        push    rsp
                        push    r11
                        push    rdx
                        push    r10
                        push    rcx
                        push    r9
                        push    rbx
                        push    r8
                        push    rax      ;;we have push 17*8 xx

                        mov     r8,[rsp+17*8];;3th arg

                        ;;create stack for wsprintf
                        sub      rsp,4*8

                        ;;push arrgs
                        lea    rcx,[buff]  ;;1th arg
                        lea    rdx,[reg]   ;;2th arg
                        lea    r9,[flag]   ;;4th arg
                        call   [wsprintf]

                        ;;msgbox
                        xor     rcx,rcx
                        lea     rdx,[buff]
                        lea     r8,[status]
                        xor     r9,r9
                        call    [MessageBoxA]

                        ;;recover stack
                        add     rsp,4*8

                        ;;pop
                        pop     rax
                        pop     r8
                        pop     rbx
                        pop     r9
                        pop     rcx
                        pop     r10
                        pop     rdx
                        pop     r11
                        pop     rsp
                        pop     r12
                        pop     rbp
                        pop     r13
                        pop     rsi
                        pop     r14
                        pop     rdi
                        pop     r15
                        pop     qword [rsp+8]
                        popf

.end    start    


none error.

but dosn't work !!!

why?the code?the PE64 GUI?
or maybe use MS64 COFF? i try it ,but always fail!

my CPU is not AMD,,but IA..................about this?

when i run the xx.exe.

just like this:

"the program has stoped working"

help me ,,thk you!!
Post 08 Jan 2010, 06:31
View user's profile Send private message ICQ Number Reply with quote
LocoDelAssembly
Your code has a bug


Joined: 06 May 2005
Posts: 4633
Location: Argentina
LocoDelAssembly
If you can at least see the MessageBox then the only error is that you forgot the "ret" instruction at the end of "print" (just after popf).

Another problem could be that the stack is not aligned to a double quad word ((RSP mod 16) != 0), but it doesn't look that you have that error.
Post 08 Jan 2010, 06:58
View user's profile Send private message Reply with quote
charme



Joined: 08 Jan 2010
Posts: 22
charme
LocoDelAssembly wrote:
If you can at least see the MessageBox then the only error is that you forgot the "ret" instruction at the end of "print" (just after popf).

Another problem could be that the stack is not aligned to a double quad word ((RSP mod 16) != 0), but it doesn't look that you have that error.


yeah,,thx。。

the problem is the stcak align!! i have deal it just like this:

Code:
format PE64 GUI



;;include

include 'C:\asm\tool\fasm\fasmw\INCLUDE\win64axp.inc'



;;data

.data

        status          db      'Status',0

        reg             db      'FLAGS: %.8X',13,10,'%s',13,10



                        db      'RAX: %.16IX',9,'R8: %.16IX',13,10

                        db      'RBX: %.16IX',9,'R9: %.16IX',13,10

                        db      'RCX: %.16IX',9,'R10: %.16IX',13,10

                        db      'RDX: %.16IX',9,'R11: %.16IX',13,10

                        db      'RSP: %.16IX',9,'R12: %.16IX',13,10

                        db      'RBP: %.16IX',9,'R13: %.16IX',13,10

                        db      'RSI: %.16IX',9,'R14: %.16IX',13,10

                        db      'RDI: %.16IX',9,'R15: %.16IX',13,10



                        db      'RIP: %.16IX',13,10,0



        buff            rb      1024

        flag            dd      ?



.code



        start:

                        sub     rsp,4*8

                        jmp     print

                        ;jmp     print

                        ;jmp     print



                        ;;exit

                        add     rsp,4*8

                        xor     rcx,rcx

                        call    [ExitProcess]



        print:

                        pushf

                        push    qword [rsp+8] ;;return address

                        push    r15

                        push    rdi

                        push    r14

                        push    rsi

                        push    r13

                        push    rbp

                        push    r12

                        push    rsp

                        push    r11

                        push    rdx

                        push    r10

                        push    rcx

                        push    r9

                        push    rbx

                        push    r8

                        push    rax      ;;we have push 17*8 xx



                        mov     r8,[rsp+17*8];;3th arg



                        ;;create stack for wsprintf

                        sub      rsp,4*8



                        ;;push arrgs

                        lea    rcx,[buff]  ;;1th arg

                        lea    rdx,[reg]   ;;2th arg

                        lea    r9,[flag]   ;;4th arg

                        call   [wsprintf]



                        ;;msgbox

                        xor     rcx,rcx

                        lea     rdx,[buff]

                        lea     r8,[status]

                        xor     r9,r9

                        call    [MessageBoxA]



                        ;;recover stack

                        add     rsp,4*8



                        ;;pop

                        pop     rax

                        pop     r8

                        pop     rbx

                        pop     r9

                        pop     rcx

                        pop     r10

                        pop     rdx

                        pop     r11

                        pop     rsp

                        pop     r12

                        pop     rbp

                        pop     r13

                        pop     rsi

                        pop     r14

                        pop     rdi

                        pop     r15

                        pop     qword [rsp+8]

                        popf



.end    start    
Post 08 Jan 2010, 10:15
View user's profile Send private message ICQ Number Reply with quote
LocoDelAssembly
Your code has a bug


Joined: 06 May 2005
Posts: 4633
Location: Argentina
LocoDelAssembly
Note that ExitProcess will never be called because after POPF you are not returning back.
Post 08 Jan 2010, 16:41
View user's profile Send private message Reply with quote
Borsuc



Joined: 29 Dec 2005
Posts: 2466
Location: Bucharest, Romania
Borsuc
You have to jump back after "popf" to the 'exit code'
Post 08 Jan 2010, 17:17
View user's profile Send private message Reply with quote
charme



Joined: 08 Jan 2010
Posts: 22
charme
LocoDelAssembly wrote:
Note that ExitProcess will never be called because after POPF you are not returning back.


through it will not execute the exit code

but it work well
Post 08 Jan 2010, 17:30
View user's profile Send private message ICQ Number Reply with quote
LocoDelAssembly
Your code has a bug


Joined: 06 May 2005
Posts: 4633
Location: Argentina
LocoDelAssembly
No, it is silently crashing.You'll probably won't get any error with this neither:
Code:
format pe gui 4.0

call $    

But if you run it under a debugger you'll see the stack overflow error. (At least my WinXP 32-bit doesn't show any error)
Post 08 Jan 2010, 17:42
View user's profile Send private message Reply with quote
LocoDelAssembly
Your code has a bug


Joined: 06 May 2005
Posts: 4633
Location: Argentina
LocoDelAssembly
As you probably saw in the other thread, RSP is already aligned to 16 bytes when "start:" is executed because the ".code" macro adds a "sub rsp, 8" before your own code.
For that reason, in your "print" code you'll have to adjust the stack. The other way is not using ".code" macro and just write this:
Code:
section '.text' code readable executable 
entry start    
But note that you should still use SUB RSP, 8 before the call to ExitProcess is made.

Sorry I couldn't spot this problem earlier, but my Windows is 32-bit only and I don't have free access to the computer that has Windows7 64-bit.
Post 08 Jan 2010, 19:47
View user's profile Send private message Reply with quote
charme



Joined: 08 Jan 2010
Posts: 22
charme
LocoDelAssembly wrote:
As you probably saw in the other thread, RSP is already aligned to 16 bytes when "start:" is executed because the ".code" macro adds a "sub rsp, 8" before your own code.
For that reason, in your "print" code you'll have to adjust the stack. The other way is not using ".code" macro and just write this:
Code:
section '.text' code readable executable 
entry start    
But note that you should still use SUB RSP, 8 before the call to ExitProcess is made.

Sorry I couldn't spot this problem earlier, but my Windows is 32-bit only and I don't have free access to the computer that has Windows7 64-bit.



yeah,,i have see the .code macro....you are right

greate!
Post 09 Jan 2010, 00:20
View user's profile Send private message ICQ Number Reply with quote
Display posts from previous:
Post new topic Reply to topic

Jump to:  


< Last Thread | Next Thread >
Forum Rules:
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum


Copyright © 1999-2020, Tomasz Grysztar. Also on GitHub, YouTube, Twitter.

Website powered by rwasa.