flat assembler
Message board for the users of flat assembler.

Index > Compiler Internals > x64 code 'push' bug

Author
Thread Post new topic Reply to topic
Tycho



Joined: 02 Mar 2008
Posts: 16
Tycho 02 Mar 2008, 12:01
When I make programs in 32 bit I've no problems using the command push, but in 64 bit I got the error 'Out of range' many times.
Some examples:

push 0xFFFFFFFF
push 0x80000002
push 0x1FFFFFFFFFFFFFF1
push 0x123456789ABCDEF1

But when I first first write them to a register it works fine:

mov rax,0xFFFFFFFF
push rax
mov rax,0x80000002
push rax
mov rax,0x1FFFFFFFFFFFFFF1
push rax
mov rax,0x123456789ABCDEF1
push rax

I hope this bug can be fixed because writing them to a register takes a lot of my time and the compiled file keeps growing in size!
Post 02 Mar 2008, 12:01
View user's profile Send private message Reply with quote
revolution
When all else fails, read the source


Joined: 24 Aug 2004
Posts: 20445
Location: In your JS exploiting you and your system
revolution 02 Mar 2008, 12:17
It is a limitation with the X86-64 CPU encoding, not a fasm bug. It is not possible to encode constants that don't fit into a 32bit signed value, with one exception when you load it into a register.

Notice that "mov rbx,[qword 0x123456789ABCDEF1]" also fails with 'Out of range'. There is no way to encode that within the instruction set.

To clarify:

  • push 0x7FFFFFFF - okay, because sign extension gives 0x000000007FFFFFFF.
  • push 0x80000000 - fails, because sign extension of 0x80000000 would give 0xFFFFFFFF80000000, which is not the right value.
  • push -0x80000000 - okay, because sign extension of 0x80000000 gives 0xFFFFFFFF80000000


Last edited by revolution on 02 Mar 2008, 13:17; edited 3 times in total
Post 02 Mar 2008, 12:17
View user's profile Send private message Visit poster's website Reply with quote
asmfan



Joined: 11 Aug 2006
Posts: 392
Location: Russian
asmfan 02 Mar 2008, 12:44
revolution wrote:

Notice that "mov rbx,0x123456789ABCDEF1" also fails with 'Out of range'. There is no way to encode that within the instruction set.

Assembles well with "use64" Smile mov accepts imm64

_________________
Any offers?
Post 02 Mar 2008, 12:44
View user's profile Send private message Reply with quote
revolution
When all else fails, read the source


Joined: 24 Aug 2004
Posts: 20445
Location: In your JS exploiting you and your system
revolution 02 Mar 2008, 12:50
asmfan wrote:
revolution wrote:

Notice that "mov rbx,0x123456789ABCDEF1" also fails with 'Out of range'. There is no way to encode that within the instruction set.

Assembles well with "use64" Smile mov accepts imm64
Oops Embarassed, yeah, i got confused with the memory address "mov rbx,[qword 0x123456789ABCDEF1]" is not encodable but "mov rax,[qword 0x123456789ABCDEF1]" is.

I edited it above so as to any avoid confusion.
Post 02 Mar 2008, 12:50
View user's profile Send private message Visit poster's website Reply with quote
asmfan



Joined: 11 Aug 2006
Posts: 392
Location: Russian
asmfan 02 Mar 2008, 13:05
Seems that fasm have a bug assembling "MOV RAX, moffset64"
Post 02 Mar 2008, 13:05
View user's profile Send private message Reply with quote
Tycho



Joined: 02 Mar 2008
Posts: 16
Tycho 02 Mar 2008, 13:14
Thank you all, I was confused because command push 0xFFFFFFFF and push 0x80000002 do work under 32-bit mode but doesn't under 64-bit mode. Will need to write them to the register first!
Post 02 Mar 2008, 13:14
View user's profile Send private message Reply with quote
revolution
When all else fails, read the source


Joined: 24 Aug 2004
Posts: 20445
Location: In your JS exploiting you and your system
revolution 02 Mar 2008, 13:15
asmfan wrote:
Seems that fasm have a bug assembling "MOV RAX, moffset64"
Works okay for me.
Post 02 Mar 2008, 13:15
View user's profile Send private message Visit poster's website Reply with quote
asmfan



Joined: 11 Aug 2006
Posts: 392
Location: Russian
asmfan 02 Mar 2008, 13:32
Yes, it works if "qword" specified. But why not without? Can you explain this?
Post 02 Mar 2008, 13:32
View user's profile Send private message Reply with quote
vid
Verbosity in development


Joined: 05 Sep 2003
Posts: 7105
Location: Slovakia
vid 02 Mar 2008, 15:55
because in that case it won't use RIP relative addressing, and so code is no longer position independent. If you want absolute address, you must be specific.
Post 02 Mar 2008, 15:55
View user's profile Send private message Visit poster's website AIM Address MSN Messenger ICQ Number Reply with quote
asmfan



Joined: 11 Aug 2006
Posts: 392
Location: Russian
asmfan 02 Mar 2008, 16:05
I thought relative can be only labels but not immediates, thanks for ansver btw
Post 02 Mar 2008, 16:05
View user's profile Send private message Reply with quote
vid
Verbosity in development


Joined: 05 Sep 2003
Posts: 7105
Location: Slovakia
vid 03 Mar 2008, 00:25
in 64bit mode there is RIP-relative addressing which is used in memory addressing by default. search board for "RIP relative addressing" and study Wink
Post 03 Mar 2008, 00:25
View user's profile Send private message Visit poster's website AIM Address MSN Messenger ICQ Number Reply with quote
Display posts from previous:
Post new topic Reply to topic

Jump to:  


< Last Thread | Next Thread >
Forum Rules:
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum


Copyright © 1999-2025, Tomasz Grysztar. Also on GitHub, YouTube.

Website powered by rwasa.