flat assembler
Message board for the users of flat assembler.

Index > Windows > How windows execute settimer ?

Goto page Previous  1, 2, 3  Next
Author
Thread Post new topic Reply to topic
MatQuasar3



Joined: 04 Nov 2024
Posts: 38
MatQuasar3 28 Nov 2024, 05:42
sinsi wrote:
Microsoft SetTimer parameters wrote:

[in] nIDEvent
Type: UINT_PTR

A nonzero timer identifier.


https://learn.microsoft.com/en-us/windows/win32/api/winuser/nf-winuser-settimer


Thank you for pointing this out. I also noticed it the requirement of nonzero timer identifier, but there is exception where nIDEvent can be zero.
Post 28 Nov 2024, 05:42
View user's profile Send private message Reply with quote
MatQuasar3



Joined: 04 Nov 2024
Posts: 38
MatQuasar3 28 Nov 2024, 06:59
If I comment the BeginPaint and EndPaint, the timer won't run, even if I set EAX return value to zero.

This is a must for WM_PAINT!
Code:
  .wmpaint:
        invoke  BeginPaint,[hwnd],ps
        mov     [hdc],eax
        invoke  EndPaint,[hwnd],ps
        xor     eax,eax
        jmp     .finish   
    
Post 28 Nov 2024, 06:59
View user's profile Send private message Reply with quote
macomics



Joined: 26 Jan 2021
Posts: 1013
Location: Russia
macomics 28 Nov 2024, 07:38
MatQuasar3 wrote:
Is the "align 16" for faster performance?

The point here is completely different.

In the data section, I have arranged the structures and the corresponding variables according to the Windows rules. A variable of a certain size must be at an address multiple of this size. All fields in the structures and variables in my data section are arranged according to this rule. At the same time, they are ordered so that uninitialized variables are located at the end of the section and do not take up extra space in the file. To comply with this rule, align 16 has been added before uninitialized variables.

If you are going to catch the WM_PAINT message, then you should definitely redraw the window region. Otherwise, the WM_PAINT priority is raised and the message queue will be blocked with it. You should not return mov eax, 1 unnecessarily. If you are not going to process some message, then you should invoke DefWindowProc and return its value to eax.
Post 28 Nov 2024, 07:38
View user's profile Send private message Reply with quote
revolution
When all else fails, read the source


Joined: 24 Aug 2004
Posts: 20416
Location: In your JS exploiting you and your system
revolution 28 Nov 2024, 09:13
macomics wrote:
A variable of a certain size must be at an address multiple of this size.
There is an alignment requirement for the stack in 64-bit Windows. But other variables not passed on the stack don't have that requirement.

There are other reasons to prefer to align non-stack values, but Windows on x86 doesn't require that. So you are free to unalign values in the data section if you want to. There will be no issue with correctness of the code, it will work. You might notice performance or efficiency reductions if you look for them and it is on some critical path or something, but otherwise it will be fine.
Post 28 Nov 2024, 09:13
View user's profile Send private message Visit poster's website Reply with quote
macomics



Joined: 26 Jan 2021
Posts: 1013
Location: Russia
macomics 28 Nov 2024, 10:30
revolution wrote:
There is an alignment requirement for the stack in 64-bit Windows. But other variables not passed on the stack don't have that requirement.


I can't find a link to MSDN, but there was something like that there too. This is done in Windows to reduce cache line and memory page misses. So that the variable does not fall on the boundaries of the cache lines and page boundaries. In the stack, the flag is responsible for alignment, but they had an agreement with the data sections (it seems to have come from C)
Post 28 Nov 2024, 10:30
View user's profile Send private message Reply with quote
revolution
When all else fails, read the source


Joined: 24 Aug 2004
Posts: 20416
Location: In your JS exploiting you and your system
revolution 28 Nov 2024, 10:40
macomics wrote:
revolution wrote:
There is an alignment requirement for the stack in 64-bit Windows. But other variables not passed on the stack don't have that requirement.


I can't find a link to MSDN, but there was something like that there too. This is done in Windows to reduce cache line and memory page misses. So that the variable does not fall on the boundaries of the cache lines and page boundaries. In the stack, the flag is responsible for alignment, but they had an agreement with the data sections (it seems to have come from C)
That is to address potential performance and/or efficiency hazards. It doesn't affect the correctness of the code.
Post 28 Nov 2024, 10:40
View user's profile Send private message Visit poster's website Reply with quote
macomics



Joined: 26 Jan 2021
Posts: 1013
Location: Russia
macomics 28 Nov 2024, 11:04
revolution wrote:
That is to address potential performance and/or efficiency hazards. It doesn't affect the correctness of the code.

I'm telling you, I can't find this article on MSDN. The following was written there (in my own words): each variable in the Windows operating system should be located at addresses multiple of its size; word at addresses multiple of 2, dword -- 4, qword -- 8 etc (this was said about all variables, not just the stack).

Network, but there was an article about general variables.
Post 28 Nov 2024, 11:04
View user's profile Send private message Reply with quote
revolution
When all else fails, read the source


Joined: 24 Aug 2004
Posts: 20416
Location: In your JS exploiting you and your system
revolution 28 Nov 2024, 11:10
macomics wrote:
A variable of a certain size must be at an address multiple of this size.
macomics wrote:
... each variable in the Windows operating system should be located at addresses multiple of its size ...
Must != should.

I agree with "should". The "must" is not correct, there is no requirement.
Post 28 Nov 2024, 11:10
View user's profile Send private message Visit poster's website Reply with quote
MatQuasar3



Joined: 04 Nov 2024
Posts: 38
MatQuasar3 28 Nov 2024, 12:43
macomics wrote:

I'm telling you, I can't find this article on MSDN.


Is it this one?
https://learn.microsoft.com/en-us/cpp/c-language/alignment-c?view=msvc-170

Thank you revolution for making things clear that it isn't a requirement on x86, that's why I still stick to x86 (chuckle).

In overall, I think macomics adherence to the alignment rule is a good practice. I may want to start thinking about aligning variable (already quite familiar with stack alignment) once I move up to x64 programming.
Post 28 Nov 2024, 12:43
View user's profile Send private message Reply with quote
macomics



Joined: 26 Jan 2021
Posts: 1013
Location: Russia
macomics 28 Nov 2024, 12:48
revolution wrote:
Must != should.

I agree with "should". The "must" is not correct, there is no requirement.
Ok.

MatQuasar3 wrote:
Is it this one?
This is about the С/С++ compiler, not about the guidelines for variables in the OS.
Post 28 Nov 2024, 12:48
View user's profile Send private message Reply with quote
sinsi



Joined: 10 Aug 2007
Posts: 794
Location: Adelaide
sinsi 28 Nov 2024, 12:59
There are instructions, like MOVAPS, that require alignment.
Quote:
When the source or destination operand is a memory operand, the operand must be aligned on a 16-byte boundary or a general-protection exception (#GP) will be generated


There is also the AC flag which enforces all memory accesses to be aligned but Windows doesn't use it.
Post 28 Nov 2024, 12:59
View user's profile Send private message Reply with quote
AsmGuru62



Joined: 28 Jan 2004
Posts: 1657
Location: Toronto, Canada
AsmGuru62 28 Nov 2024, 13:01
Interesting fact: you know the Window Class Name that needs to be put into WNDCLASS structure?
Recently, I was coding the x64 app and my UNICODE string for a class name was misaligned.
The string address was not divisible by 2 --- I had declared something as DB before the class name.
The application did not run until I corrected that.
Weird! This was never mentioned in any help files.
Post 28 Nov 2024, 13:01
View user's profile Send private message Send e-mail Reply with quote
revolution
When all else fails, read the source


Joined: 24 Aug 2004
Posts: 20416
Location: In your JS exploiting you and your system
revolution 28 Nov 2024, 13:08
So to summarise, for those with limited reading time.
Code:
IF is_Windows_64_bit AND is_data_on_the_stack_for_an_api_call THEN
  align your stack or suffer crashes
ELSE
  do whatever you want, but prefer aligned over unaligned
ENDIF    
Post 28 Nov 2024, 13:08
View user's profile Send private message Visit poster's website Reply with quote
revolution
When all else fails, read the source


Joined: 24 Aug 2004
Posts: 20416
Location: In your JS exploiting you and your system
revolution 28 Nov 2024, 13:13
sinsi wrote:
There are instructions, like MOVAPS, that require alignment.
Quote:
When the source or destination operand is a memory operand, the operand must be aligned on a 16-byte boundary or a general-protection exception (#GP) will be generated
The use of MOVAPS is the very reason for the crashes people get. It is long outdated now because almost all newer CPUs have no performace penalty at all for MOVUPS, but MS keep using MOVAPS anyway. Sad
sinsi wrote:
There is also the AC flag which enforces all memory accesses to be aligned but Windows doesn't use it.
And they never will enable it else too many existing applications will die.
Post 28 Nov 2024, 13:13
View user's profile Send private message Visit poster's website Reply with quote
revolution
When all else fails, read the source


Joined: 24 Aug 2004
Posts: 20416
Location: In your JS exploiting you and your system
revolution 28 Nov 2024, 13:20
AsmGuru62 wrote:
Interesting fact: you know the Window Class Name that needs to be put into WNDCLASS structure?
Recently, I was coding the x64 app and my UNICODE string for a class name was misaligned.
The string address was not divisible by 2 --- I had declared something as DB before the class name.
The application did not run until I corrected that.
Weird! This was never mentioned in any help files.
The class name in embedded in the WNDCLASS structure. You can't shift it arbitrarily by one byte because that puts it at the wrong offset. The same goes for all the fields in a structure, they need to be at the correct offset to work correctly.
Post 28 Nov 2024, 13:20
View user's profile Send private message Visit poster's website Reply with quote
AsmGuru62



Joined: 28 Jan 2004
Posts: 1657
Location: Toronto, Canada
AsmGuru62 28 Nov 2024, 17:03
This is an issue I was talking about, revolution.
Code:
section '.data' data readable writeable

    glb_InputBuffer     dq 0
    glb_OutputBuffer    dq 0
    bool_Running        db 0    ; cause of misalignment
    txt_FrameClass      du 'TFrameWndClass',0

    ...

    lea     rsi, [my_wnd_cls]       ; local variable
    mov     [rsi + WNDCLASS.lpszClassName], txt_FrameClass
    invoke  RegisterClassW, rsi     ; crashes inside
    

Adding another boolean flag fixed it:
Code:
section '.data' data readable writeable

    glb_InputBuffer     dq 0
    glb_OutputBuffer    dq 0
    bool_Running        db 0    ; cause of misalignment
    bool_Dummy          db 0    ; fixed misalignment
    txt_FrameClass      du 'TFrameWndClass',0

    ...

    lea     rsi, [my_wnd_cls]       ; local variable
    mov     [rsi + WNDCLASS.lpszClassName], txt_FrameClass
    invoke  RegisterClassW, rsi     ; no crash
    
Post 28 Nov 2024, 17:03
View user's profile Send private message Send e-mail Reply with quote
revolution
When all else fails, read the source


Joined: 24 Aug 2004
Posts: 20416
Location: In your JS exploiting you and your system
revolution 28 Nov 2024, 17:14
Oh, you mean the wide string address must be aligned!

That is the first I have heard of that.
Post 28 Nov 2024, 17:14
View user's profile Send private message Visit poster's website Reply with quote
bitRAKE



Joined: 21 Jul 2003
Posts: 4060
Location: vpcmpistri
bitRAKE 28 Nov 2024, 21:46
Data use can cause all types of errors. Often one's thinking needs to go beyond just alignment: ownership, allocation pool, etc.

For example, BSTR's should be created through the ole functions, but if it's constant and ownership isn't given away then we can break that rule. Basically, we must know that called function will not try to manipulate the string - which is rare. Oddly, even some of the conversion functions change the source string - yikes! Easiest to just use the ole functions when using BSTR's.

_________________
¯\(°_o)/¯ “languages are not safe - uses can be” Bjarne Stroustrup
Post 28 Nov 2024, 21:46
View user's profile Send private message Visit poster's website Reply with quote
revolution
When all else fails, read the source


Joined: 24 Aug 2004
Posts: 20416
Location: In your JS exploiting you and your system
revolution 28 Nov 2024, 23:12
revolution wrote:
... the wide string address must be aligned!
I'm trying to imagine the code they use that makes it a requirement?

Even rep scasw, rep cmpsw, or rep movsw don't have any alignment requirements.

Is the code deliberately using and rsi,not 1 to reset bit 0? I can't think of any other way to make it not work when unaligned. If it is then for what purpose? What problem is solved by doing that?
Post 28 Nov 2024, 23:12
View user's profile Send private message Visit poster's website Reply with quote
sinsi



Joined: 10 Aug 2007
Posts: 794
Location: Adelaide
sinsi 28 Nov 2024, 23:34
I tested it, CreateWindowExW returns 0 and GetLastError returns
Quote:
0x000003E6 ERROR_NOACCESS Invalid access to memory location.


edit: Sorry it was RegisterClassExW


Last edited by sinsi on 28 Nov 2024, 23:57; edited 1 time in total
Post 28 Nov 2024, 23:34
View user's profile Send private message Reply with quote
Display posts from previous:
Post new topic Reply to topic

Jump to:  
Goto page Previous  1, 2, 3  Next

< Last Thread | Next Thread >
Forum Rules:
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum


Copyright © 1999-2024, Tomasz Grysztar. Also on GitHub, YouTube.

Website powered by rwasa.