Rocksolid Light

Welcome to novaBBS (click a section below)

mail  files  register  nodelist  faq  login

An algorithm must be seen to be believed. -- D. E. Knuth


programming / comp.lang.asm.x86 / newbie learning: question about an instruction

SubjectAuthor
* newbie learning: question about an instructionG G
`* Re: newbie learning: question about an instructions dubrovich
 `* Re: newbie learning: question about an instructionG G
  +- Re: newbie learning: question about an instructionMel
  +* Re: newbie learning: question about an instructionR.Wieser
  |`- Re: newbie learning: question about an instructionG G
  `- Re: newbie learning: question about an instructionRick C. Hodgin

1
Subject: newbie learning: question about an instruction
From: G G
Newsgroups: comp.lang.asm.x86
Organization: A noiseless patient Spider
Date: Thu, 13 Jun 2019 21:46 UTC
Path: i2pn2.org!i2pn.org!eternal-september.org!feeder.eternal-september.org!reader02.eternal-september.org!.POSTED!not-for-mail
From: gdot...@nospicedham.gmail.com (G G)
Newsgroups: comp.lang.asm.x86
Subject: newbie learning: question about an instruction
Date: Thu, 13 Jun 2019 14:46:11 -0700 (PDT)
Organization: A noiseless patient Spider
Lines: 55
Approved: fbkotler@myfairpoint.net - comp.lang.asm.x86 moderation team.
Message-ID: <05ca43c4-7bdf-43e9-8f20-bdc7aeb7ee7c@googlegroups.com>
Mime-Version: 1.0
Content-Type: text/plain; charset="UTF-8"
Injection-Date: Thu, 13 Jun 2019 21:46:11 +0000
Injection-Info: h2725194.stratoserver.net; posting-host="04ced959b78be85a49f8cd5487d02b93";
logging-data="9393"; mail-complaints-to="abuse@eternal-september.org"; posting-account="U2FsdGVkX1+y+HNIY82tsK1g5Xq7bh9RgVnhTAyGUq8="
User-Agent: G2/1.0
Cancel-Lock: sha1:gAzJUKxWwCisnmOIiBSx6AKeyUE=
View all headers
;  program from book
;  Windows 64-bit Assembly Language Programming
;  Quick Start: Intel X86-64, SSE, AVX




includelib kernel32.lib ; Windows kernel interface
GetStdHandle proto ; Function to retrieve I/O handle
WriteConsoleA proto ; Function that writes to command window
Console equ -11 ; Device code for console text output.
ExitProcess proto

.code
mainCRTStartup proc

sub RSP,40 ; Reserve "shadow space" on stack.

; Obtain "handle" for console display monitor I/O streams

mov RCX,Console ; Console standard output handle
call GetStdHandle ; Returns handle in register RAX
mov stdout,RAX ; Save handle for text display.

; Display the "Hello World" message.

mov RCX,stdout ; Handle to standard output device
lea RDX,hwm ; Pointer to message (byte array).
mov R8,lengthof hwm ; Number of characters to display
lea R9,nbwr ; Number of bytes actually written.
call WriteConsoleA ; Write text string to window.

add RSP,40 ; Replace "shadow space" on stack
mov RCX,0 ; Set exit status code to zero.
call ExitProcess ; Return control to Windows.

mainCRTStartup endp

.data
hwm byte "Hello World"
stdout qword ? ; Handle to standard output device
nbwr qword ? ; Number of bytes actually written

end



my questions are about shadow space and lea R9,nbwr

RSP - register star pointer is pointing to a location here 40 is subtracted
from that address?  is 40, 64bit memory address where 40 bytes are
being acquired ?

where does nbwr get it's value to be move into register R9?



Subject: Re: newbie learning: question about an instruction
From: s_dubrov...@nospicedham.yahoo.com
Newsgroups: comp.lang.asm.x86
Organization: A noiseless patient Spider
Date: Fri, 14 Jun 2019 13:45 UTC
References: 1
Path: i2pn2.org!i2pn.org!eternal-september.org!feeder.eternal-september.org!reader02.eternal-september.org!.POSTED!not-for-mail
From: s_dubrov...@nospicedham.yahoo.com
Newsgroups: comp.lang.asm.x86
Subject: Re: newbie learning: question about an instruction
Date: Fri, 14 Jun 2019 06:45:22 -0700 (PDT)
Organization: A noiseless patient Spider
Lines: 74
Approved: fbkotler@myfairpoint.net - comp.lang.asm.x86 moderation team.
Message-ID: <7845d771-ba1d-45a5-a5a8-a6af3f30d335@googlegroups.com>
References: <05ca43c4-7bdf-43e9-8f20-bdc7aeb7ee7c@googlegroups.com>
Mime-Version: 1.0
Content-Type: text/plain; charset="UTF-8"
Injection-Date: Fri, 14 Jun 2019 13:45:22 +0000
Injection-Info: h2725194.stratoserver.net; posting-host="c1183534aacfd4a6a36226096521d5bf";
logging-data="24218"; mail-complaints-to="abuse@eternal-september.org"; posting-account="U2FsdGVkX1/YXTgvrLqk3zB/ryto/GntmFUT9PMR8lQ="
User-Agent: G2/1.0
Cancel-Lock: sha1:7h9BgNxIoO/WkV2YJ42LcMCv7nw=
View all headers
On Thursday, June 13, 2019 at 4:59:52 PM UTC-5, G G wrote:
;  program from book
;  Windows 64-bit Assembly Language Programming
;  Quick Start: Intel X86-64, SSE, AVX




includelib kernel32.lib ; Windows kernel interface
GetStdHandle proto ; Function to retrieve I/O handle
WriteConsoleA proto ; Function that writes to command window
Console equ -11 ; Device code for console text output.
ExitProcess proto

.code
mainCRTStartup proc

sub RSP,40 ; Reserve "shadow space" on stack.

; Obtain "handle" for console display monitor I/O streams

mov RCX,Console ; Console standard output handle
call GetStdHandle ; Returns handle in register RAX
mov stdout,RAX ; Save handle for text display.

; Display the "Hello World" message.

mov RCX,stdout ; Handle to standard output device
lea RDX,hwm ; Pointer to message (byte array).
mov R8,lengthof hwm ; Number of characters to display
lea R9,nbwr ; Number of bytes actually written.
call WriteConsoleA ; Write text string to window.

add RSP,40 ; Replace "shadow space" on stack
mov RCX,0 ; Set exit status code to zero.
call ExitProcess ; Return control to Windows.

mainCRTStartup endp

.data
hwm byte "Hello World"
stdout qword ? ; Handle to standard output device
nbwr qword ? ; Number of bytes actually written

end



my questions are about shadow space and lea R9,nbwr
 
I'll take a stab at it..

RSP - register star pointer is pointing to a location here 40 is subtracted
from that address?

SP is 'Stack Pointer', 'R' is register size, qword. So, RSP is the stack pointer register in 64 bits.  40 (bytes I assume) is 8 bytes (qword) * 5 qwords.  This is a way to allocate _space_ for 5 automatic variables on the stack.

 is 40, 64bit memory address where 40 bytes are
being acquired ?

No, space for 5 automatic variables is allocated in the stack frame, perhaps the called function needs these, the program fragment you show doesn't touch them.

where does nbwr get it's value to be move into register R9?

It looks like WriteConsoleA needs some values passed in registers to do its work.
  lea R9,nbwr ; Number of bytes actually written.
So R9 receives the effective address of nbwr (its pointer), it looks like the function call will return a value in the variable whose address is passed in R9.

So that is where nbwr gets its value, it is a returned result of WriteConsoleA.

hth,

Steve



Subject: Re: newbie learning: question about an instruction
From: G G
Newsgroups: comp.lang.asm.x86
Organization: A noiseless patient Spider
Date: Fri, 14 Jun 2019 14:23 UTC
References: 1 2
Path: i2pn2.org!i2pn.org!eternal-september.org!feeder.eternal-september.org!reader02.eternal-september.org!.POSTED!not-for-mail
From: gdot...@nospicedham.gmail.com (G G)
Newsgroups: comp.lang.asm.x86
Subject: Re: newbie learning: question about an instruction
Date: Fri, 14 Jun 2019 07:23:55 -0700 (PDT)
Organization: A noiseless patient Spider
Lines: 79
Approved: fbkotler@myfairpoint.net - comp.lang.asm.x86 moderation team.
Message-ID: <95df2c1a-843f-4970-96bc-0a91a0078ac8@googlegroups.com>
References: <05ca43c4-7bdf-43e9-8f20-bdc7aeb7ee7c@googlegroups.com> <7845d771-ba1d-45a5-a5a8-a6af3f30d335@googlegroups.com>
Mime-Version: 1.0
Content-Type: text/plain; charset="UTF-8"
Injection-Date: Fri, 14 Jun 2019 14:23:55 +0000
Injection-Info: h2725194.stratoserver.net; posting-host="d872993ffcb4efe92952f013dad3581a";
logging-data="24908"; mail-complaints-to="abuse@eternal-september.org"; posting-account="U2FsdGVkX1+LT4Dvz2unnq69ycKM9ZAnn82+Z8UQphY="
User-Agent: G2/1.0
Cancel-Lock: sha1:PWLEVFx0Oou2pRJ3VoWLphjQDaY=
View all headers
On Friday, June 14, 2019 at 9:46:01 AM UTC-4, s_dub...@nospicedham.yahoo.com wrote:
On Thursday, June 13, 2019 at 4:59:52 PM UTC-5, G G wrote:
;  program from book
;  Windows 64-bit Assembly Language Programming
;  Quick Start: Intel X86-64, SSE, AVX




includelib kernel32.lib ; Windows kernel interface
GetStdHandle proto ; Function to retrieve I/O handle
WriteConsoleA proto ; Function that writes to command window
Console equ -11 ; Device code for console text output.
ExitProcess proto

.code
mainCRTStartup proc

sub RSP,40 ; Reserve "shadow space" on stack.

; Obtain "handle" for console display monitor I/O streams

mov RCX,Console ; Console standard output handle
call GetStdHandle ; Returns handle in register RAX
mov stdout,RAX ; Save handle for text display.

; Display the "Hello World" message.

mov RCX,stdout ; Handle to standard output device
lea RDX,hwm ; Pointer to message (byte array).
mov R8,lengthof hwm ; Number of characters to display
lea R9,nbwr ; Number of bytes actually written.
call WriteConsoleA ; Write text string to window.

add RSP,40 ; Replace "shadow space" on stack
mov RCX,0 ; Set exit status code to zero.
call ExitProcess ; Return control to Windows.

mainCRTStartup endp

.data
hwm byte "Hello World"
stdout qword ? ; Handle to standard output device
nbwr qword ? ; Number of bytes actually written

end



my questions are about shadow space and lea R9,nbwr
 
I'll take a stab at it..

RSP - register star pointer is pointing to a location here 40 is subtracted
from that address?

SP is 'Stack Pointer', 'R' is register size, qword. So, RSP is the stack pointer register in 64 bits.  40 (bytes I assume) is 8 bytes (qword) * 5 qwords.  This is a way to allocate _space_ for 5 automatic variables on the stack.

 is 40, 64bit memory address where 40 bytes are
being acquired ?

No, space for 5 automatic variables is allocated in the stack frame, perhaps the called function needs these, the program fragment you show doesn't touch them.

where does nbwr get it's value to be move into register R9?

It looks like WriteConsoleA needs some values passed in registers to do its work.
  lea R9,nbwr ; Number of bytes actually written.
So R9 receives the effective address of nbwr (its pointer), it looks like the function call will return a value in the variable whose address is passed in R9.

So that is where nbwr gets its value, it is a returned result of WriteConsoleA.

hth,

Steve

but i'm missing somthething here.  lea  R9, nbwr  comes before the
WriteConsoleA procedure even though it may return a value
wouldn't nbwr contain garbage when it is move into R9?



Subject: Re: newbie learning: question about an instruction
From: Mel
Newsgroups: comp.lang.asm.x86
Organization: albasani.net
Date: Fri, 14 Jun 2019 15:15 UTC
References: 1 2 3
Path: i2pn2.org!i2pn.org!eternal-september.org!feeder.eternal-september.org!reader02.eternal-september.org!.POSTED!not-for-mail
From: mel...@nospicedham.zzzzz.com (Mel)
Newsgroups: comp.lang.asm.x86
Subject: Re: newbie learning: question about an instruction
Date: Fri, 14 Jun 2019 17:15:56 +0200
Organization: albasani.net
Lines: 98
Approved: fbkotler@myfairpoint.net - comp.lang.asm.x86 moderation team.
Message-ID: <almarsoft.2530314366481700538@news.albasani.net>
References: <05ca43c4-7bdf-43e9-8f20-bdc7aeb7ee7c@googlegroups.com> <7845d771-ba1d-45a5-a5a8-a6af3f30d335@googlegroups.com> <95df2c1a-843f-4970-96bc-0a91a0078ac8@googlegroups.com>
Content-Type: text/plain; charset=UTF-8; format=flowed
Content-Transfer-Encoding: 8bit
Injection-Info: h2725194.stratoserver.net; posting-host="c1183534aacfd4a6a36226096521d5bf";
logging-data="25826"; mail-complaints-to="abuse@eternal-september.org"; posting-account="U2FsdGVkX19hdog9OHLkNBF0GwL+BwRO1fYrEr1nzRE="
User-Agent: Groundhog Newsreader for Android
Cancel-Lock: sha1:0ST3QUjvAnS8MVZ/SO+3zwVouu8=
View all headers
On Fri, 14 Jun 2019 07:23:55 -0700 (PDT), G G <gdotone@nospicedham.gmail.com> wrote:
On Friday, June 14, 2019 at 9:46:01 AM UTC-4,
s_dub...@nospicedham.yahoo.com wrote:
On Thursday, June 13, 2019 at 4:59:52 PM UTC-5, G G wrote:
;  program from book ;  Windows 64-bit Assembly Language Programming
;  Quick Start: Intel X86-64, SSE, AVX




includelib kernel32.lib ; Windows kernel interface
GetStdHandle proto ; Function to retrieve I/O handle
WriteConsoleA proto ; Function that writes to command window
Console equ -11 ; Device code for console text output.
ExitProcess proto

.code
mainCRTStartup proc

sub RSP,40 ; Reserve "shadow space" on stack.

; Obtain "handle" for console display monitor I/O streams

mov RCX,Console ; Console standard output handle
call GetStdHandle ; Returns handle in register RAX
mov stdout,RAX ; Save handle for text display.

; Display the "Hello World" message.

mov RCX,stdout ; Handle to standard output device lea RDX,hwm ; Pointer to message (byte array).
mov R8,lengthof hwm ; Number of characters to display
lea R9,nbwr ; Number of bytes actually written.
call WriteConsoleA ; Write text string to window.

add RSP,40 ; Replace "shadow space" on stack
mov RCX,0 ; Set exit status code to zero.
call ExitProcess ; Return control to Windows.

mainCRTStartup endp

.data
hwm byte "Hello World"
stdout qword ? ; Handle to standard output device
nbwr qword ? ; Number of bytes actually written

end



my questions are about shadow space and lea R9,nbwr
 I'll take a stab at it..

RSP - register star pointer is pointing to a location here 40
is subtracted
from that address?

SP is 'Stack Pointer', 'R' is register size, qword. So, RSP is
the stack pointer register in 64 bits.  40 (bytes I assume) is 8 bytes (qword) * 5 qwords.  This is a way to allocate _space_ for 5 automatic variables on the stack.

 is 40, 64bit memory address where 40 bytes are being acquired ?

No, space for 5 automatic variables is allocated in the stack
frame, perhaps the called function needs these, the program fragment you show doesn't touch them.

where does nbwr get it's value to be move into register R9?

It looks like WriteConsoleA needs some values passed in registers
to do its work.
  lea R9,nbwr ; Number of bytes actually written.
So R9 receives the effective address of nbwr (its pointer), it
looks like the function call will return a value in the variable whose address is passed in R9.

So that is where nbwr gets its value, it is a returned result of
WriteConsoleA.

hth,

Steve


but i'm missing somthething here.  lea  R9, nbwr  comes before the
WriteConsoleA procedure even though it may return a value
wouldn't nbwr contain garbage when it is move into R9?

Lea loads address

--
Press any key to continue or any other to quit

Subject: Re: newbie learning: question about an instruction
From: R.Wieser
Newsgroups: comp.lang.asm.x86
Organization: Aioe.org NNTP Server
Date: Fri, 14 Jun 2019 15:37 UTC
References: 1 2 3
Path: i2pn2.org!i2pn.org!eternal-september.org!feeder.eternal-september.org!reader02.eternal-september.org!.POSTED!not-for-mail
From: addr...@nospicedham.not.available (R.Wieser)
Newsgroups: comp.lang.asm.x86
Subject: Re: newbie learning: question about an instruction
Date: Fri, 14 Jun 2019 17:37:02 +0200
Organization: Aioe.org NNTP Server
Lines: 24
Approved: fbkotler@myfairpoint.net - comp.lang.asm.x86 moderation team.
Message-ID: <qe0ev2$c6i$1@gioia.aioe.org>
References: <05ca43c4-7bdf-43e9-8f20-bdc7aeb7ee7c@googlegroups.com> <7845d771-ba1d-45a5-a5a8-a6af3f30d335@googlegroups.com> <95df2c1a-843f-4970-96bc-0a91a0078ac8@googlegroups.com>
Injection-Info: h2725194.stratoserver.net; posting-host="c1183534aacfd4a6a36226096521d5bf";
logging-data="26018"; mail-complaints-to="abuse@eternal-september.org"; posting-account="U2FsdGVkX19LwrXaN1onpaXCOEdmnXyA/VPA9d/rVsU="
Cancel-Lock: sha1:GtL05bEXFP0L772/Ki5nng3dBnk=
View all headers
G G,

lea  R9, nbwr  comes before the WriteConsoleA
procedure even though it may return a value wouldn't
nbwr contain garbage when it is move into R9?

Your code is using LEA, not MOV.   LEA gets 'the addres of' (the memory the
variable is located at).  In short: It is how you get a variable 'by
reference' (instead of 'by value').

Said another way: WriteConsoleA is given /a pointer to/ a variable, so it
knows where (which bytes in memory) to write its result (the number of bytes
read) into.    If it would have been 'by value' it would have not been able
to return that count.

So yes, it /points to/ a variable with unknown contents.   But that does not
matter, as the function will overwrite it.

Hope that helps.

Regards,
Rudy Wieser




Subject: Re: newbie learning: question about an instruction
From: G G
Newsgroups: comp.lang.asm.x86
Organization: A noiseless patient Spider
Date: Fri, 14 Jun 2019 16:07 UTC
References: 1 2 3 4
Path: i2pn2.org!i2pn.org!eternal-september.org!feeder.eternal-september.org!reader02.eternal-september.org!.POSTED!not-for-mail
From: gdot...@nospicedham.gmail.com (G G)
Newsgroups: comp.lang.asm.x86
Subject: Re: newbie learning: question about an instruction
Date: Fri, 14 Jun 2019 09:07:51 -0700 (PDT)
Organization: A noiseless patient Spider
Lines: 28
Approved: fbkotler@myfairpoint.net - comp.lang.asm.x86 moderation team.
Message-ID: <d6439f29-d536-4fd1-a6a0-2a81b261aed9@googlegroups.com>
References: <05ca43c4-7bdf-43e9-8f20-bdc7aeb7ee7c@googlegroups.com>
<7845d771-ba1d-45a5-a5a8-a6af3f30d335@googlegroups.com> <95df2c1a-843f-4970-96bc-0a91a0078ac8@googlegroups.com>
<qe0ev2$c6i$1@gioia.aioe.org>
Mime-Version: 1.0
Content-Type: text/plain; charset="UTF-8"
Injection-Date: Fri, 14 Jun 2019 16:07:51 +0000
Injection-Info: h2725194.stratoserver.net; posting-host="c1183534aacfd4a6a36226096521d5bf";
logging-data="26463"; mail-complaints-to="abuse@eternal-september.org"; posting-account="U2FsdGVkX19bOY6KsLZyEC9s732gLCuqGtup9AGNNE0="
User-Agent: G2/1.0
Cancel-Lock: sha1:NjSGcNrpFSTrGJsTmIdaWL8I/G0=
View all headers
On Friday, June 14, 2019 at 11:46:24 AM UTC-4, R.Wieser wrote:
G G,

lea  R9, nbwr  comes before the WriteConsoleA
procedure even though it may return a value wouldn't
nbwr contain garbage when it is move into R9?

Your code is using LEA, not MOV.   LEA gets 'the addres of' (the memory the
variable is located at).  In short: It is how you get a variable 'by
reference' (instead of 'by value').

Said another way: WriteConsoleA is given /a pointer to/ a variable, so it
knows where (which bytes in memory) to write its result (the number of bytes
read) into.    If it would have been 'by value' it would have not been able
to return that count.

So yes, it /points to/ a variable with unknown contents.   But that does not
matter, as the function will overwrite it.

Hope that helps.

Regards,
Rudy Wieser

got it! i think.

thanks.



Subject: Re: newbie learning: question about an instruction
From: Rick C. Hodgin
Newsgroups: comp.lang.asm.x86
Organization: A noiseless patient Spider
Date: Fri, 14 Jun 2019 14:54 UTC
References: 1 2 3
Path: i2pn2.org!i2pn.org!eternal-september.org!feeder.eternal-september.org!reader02.eternal-september.org!.POSTED!not-for-mail
From: rick.c.h...@gmail.com (Rick C. Hodgin)
Newsgroups: comp.lang.asm.x86
Subject: Re: newbie learning: question about an instruction
Date: Fri, 14 Jun 2019 07:54:03 -0700 (PDT)
Organization: A noiseless patient Spider
Lines: 51
Approved: fbkotler@myfairpoint.net - comp.lang.asm.x86 moderation team.
Message-ID: <1fb6f176-c2b0-4ffd-99c8-7629630fd7e3@googlegroups.com>
References: <05ca43c4-7bdf-43e9-8f20-bdc7aeb7ee7c@googlegroups.com>
<7845d771-ba1d-45a5-a5a8-a6af3f30d335@googlegroups.com> <95df2c1a-843f-4970-96bc-0a91a0078ac8@googlegroups.com>
Mime-Version: 1.0
Content-Type: text/plain; charset="UTF-8"
Injection-Date: Fri, 14 Jun 2019 14:54:03 +0000
Injection-Info: h2725194.stratoserver.net; posting-host="c1183534aacfd4a6a36226096521d5bf";
logging-data="31158"; mail-complaints-to="abuse@eternal-september.org"; posting-account="U2FsdGVkX1/OmpJ4e3sTYeus8Of8fqJh3G5ssAHCjxM="
User-Agent: G2/1.0
Cancel-Lock: sha1:YquUSn8teNMxNhQpjhDTmAVQOG4=
View all headers
On Friday, June 14, 2019 at 10:31:16 AM UTC-4, G G wrote:
but i'm missing somthething here.  lea  R9, nbwr  comes before the
WriteConsoleA procedure even though it may return a value
wouldn't nbwr contain garbage when it is move into R9?

Do you have an C/C++ experience?  It's doing basically this:

    void my_function(int* p)
    {
        *p = 9;
    }

    int main()
    {
        // nbwr is defined, but never initialized
        int nbwr;

        // Call a function with its address
        my_function(&nbwr);  // param is equivalent of "lea r9,nbwr"

        // Display the value of nbwr
        // It was never populated locally, but only in the called
        // function.
        printf("Value = %d\n", nbwr);

        return 0;
    }

When you load the address of nbwr into r9, it's storing the lo-
cation in memory where nbwr's value exists.  This allows the
called function to write a value there, updating nbwr remotely
by its pointed-to location.  It's a very common way to obtain
output parameters as the called functions can update local data
if they know where it is (hence the use of lea = load effective
address of the target variable).

-----
Also, the reason why you see extra bytes being added for stack
space is a Windows need.  It adds an area called "shadow space"
so that you can use that area to load existing register values
into that location without having to issue lots of PUSH/POP in-
structions.

Personally I think it's an incredible and ridiculous waste.  It
tries to cast the role of called functions into a mold that is
a one-size fits all.  It's wasteful and an inappropriate use of
machine resources in my opinion.

--
Rick C. Hodgin



1
rocksolid light 0.7.2
clearneti2ptor