Recent Posts

11

Programming with NASM / Re: Things to do in _start

« Last post by fredericopissarra on March 07, 2024, 12:43:30 PM »

There is no reason for this stuff... Well... not this way and not always.

If you are creating what I call a pseudo-assembly code (creating a C program, using C Runtime and libc in asm), then you must obey the ABI (MS-ABI or SysV ABI). This means RSP must be aligned by DQWORD (16 bytes). main() has a misaligned RSP, so you must do:

Code: [Select]

  global main
main:
  sub rsp,8    ; align RSP
  ...
  add rsp,8    ; restore RSP before returning
  xor  eax,eax  ; return 0;
  ret
Of course, using libc in _start isn't a good idea (you'll need to initialize the library, the C Runtime).

In _start, on Windows, if you are using Win32 API, you must align RSP and reserve space to shadow space:

Code: [Select]

_start:
  sub  rsp,8+32   ; align RSP and reserve space for shadow space.
  ...
  ; Don't need to restore RSP here...
  xor  ecx,ecx
  jmp  [__imp_ExitProcess]

On SysV ABI (Linux, etc) it is garanteed that RSP will be aligned to DQWORD on _start entry. On MS-ABI it isn't!
[]s
Fred

12

Programming with NASM / Things to do in _start

« Last post by decuser on March 07, 2024, 04:59:02 AM »

I see a lot of example code out there that has _start like this:

Code: [Select]

push rbp
mov rbp, rsp
and rsp, -16
and:

Code: [Select]

push rsp
mov rbp, rsp
nop
and even just:

Code: [Select]

nop
What's going on? Is there some reason for this stuff? It's not part of the main logic, it seems like it's some kind of setup, but I can't make sense of it. I have heard about stack alignment, maybe this is something to do with that, if so WTF? What do I need to have at the beginning of my code?

13

Programming with NASM / Re: Learning Assembler

« Last post by AntonPotapov on March 03, 2024, 04:15:25 PM »

Thank you

14

Programming with NASM / Re: gdb and debug symbols

« Last post by decuser on March 03, 2024, 03:56:36 PM »

You and me, both! Screen’s aren’t big enough. Somebody oughtta...

15

Programming with NASM / Re: gdb and debug symbols

« Last post by Frank Kotler on March 02, 2024, 10:24:19 PM »

My poor exeszight.

Sorry
Frank

16

Programming with NASM / Re: gdb and debug symbols

« Last post by decuser on March 02, 2024, 09:51:33 PM »

I don't have "Code" anywhere. I have a .text section.

17

Programming with NASM / Re: gdb and debug symbols

« Last post by Frank Kotler on March 02, 2024, 09:22:38 PM »

""Code" is not a "known  section name". Try changing it to .text
Best,
Frank

18

Programming with NASM / Re: Learning Assembler

« Last post by decuser on March 02, 2024, 03:02:22 PM »

I used Jorgensen before I purchased Duntemann's x64 Assembly Language Programming on Linux book. Both are great books for x64 on Linux. As a new learner, I found Duntemann's book to be phenomenal. Jorgensen's is not as in depth, but it is very good. I asked the author if he had an updated version and he sent me one.

Both work with my system (Linux Mint 21.3 "Virginia") pretty much verbatim and both give enough hints to work through system differences if there are any (I used them both for FreeBSD, where the only thing I had a hard time with was the System Calls and Calling Conventions, but I expected that). I don't use SASM, which is featured prominently in Duntemann's book, but all of the examples work fine in gdb. Jorgensen uses ddd, which works fine.

19

Programming with NASM / Re: gdb and debug symbols

« Last post by decuser on March 02, 2024, 02:47:47 PM »

and I've tried it with no -F, -F stabs, and -Fdwarf, same result.

20

Programming with NASM / Re: gdb and debug symbols

« Last post by decuser on March 02, 2024, 02:46:18 PM »

Ok. I've since learned a lot more about what I'm doing with this stuff (assembly on Linux). I still have the same issue though.

I've tried adding nop as the first executable instruction:

Code: [Select]

section .data
EOLs: db 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10

section .text

global _start
_start:
    nop
When I fire up gdb, I'm able to debug fine. I can set breakpoints at my labels, step through code, display memory contents with x/, etc. But, if I try to use:

Code: [Select]

info address EOLs
I get

Code: [Select]

Symbol "EOLs" is at 0x402000 in a file compiled without debugging.
Sure enough EOLs is at 0x402000:

Code: [Select]

(gdb) x/16bx &EOLs
0x402000 <EOLs>:        0x0a    0x0a    0x0a    0x0a    0x0a    0x0a    0x0a    0x0a
0x402008:       0x0a    0x0a    0x0a    0x0a    0x0a    0x0a    0x0a    0x0a
(gdb) x/16bx 0x402000
0x402000 <EOLs>:        0x0a    0x0a    0x0a    0x0a    0x0a    0x0a    0x0a    0x0a
0x402008:       0x0a    0x0a    0x0a    0x0a    0x0a    0x0a    0x0a    0x0a
Why does it report that it's in a file compiled without debugging?