I have written x64 code, that takes input from user it is based on masm32 StdIn procedure(watched it under olly). I have complied it with ml64 and it works but i'm not sure is everything fine. I don't know system inside. I need to be certain, that it's OK. Could some one look at it?
includelib /masm64/lib/kernel32.lib
includelib /masm64/lib/user32.lib
WriteConsoleA proto :ptr, :ptr, :dword, :ptr, :dword
ReadConsoleA proto :ptr, :ptr, :dword, :ptr, :dword
GetStdHandle proto :dword
ExitProcess proto :dword
SetConsoleMode proto :dword, :dword
ReadFile proto :dword, :dword, :dword, :dword
STD_OUTPUT_HANDLE equ -11
STD_INPUT_HANDLE equ -10
.data
tMsg db "Hello x64 world",13,10
.data?
btText db 4 dup (?)
hStdOut dq ?
hStdIn dq ?
qWritten dq ?
qRead dq ?
.code
start proc
mov rax, 1
mov rax,2
mov rcx, STD_OUTPUT_HANDLE
call GetStdHandle
mov hStdOut, rax
mov rcx, rax
mov rdx, offset tMsg
mov r8, lengthof tMsg
mov r9, offset qWritten
mov qword ptr [rsp + 8 * 4], 0
call WriteConsoleA
mov rcx, STD_INPUT_HANDLE
call GetStdHandle
mov hStdIn, rax
mov rcx, rax
mov rdx, 7 ;ENABLE_ECHO_INPUT or ENABLE_LINE_INPUT or ENABLE_PROCESSED_INPUT
call SetConsoleMode
mov rcx, hStdIn
mov rdx, offset btText
mov r8, sizeof btText
mov r9, offset qRead
mov qword ptr [rsp + 8 * 4], 0 ;Is it fifth proc arg???
call ReadFile
mov rcx, hStdOut
mov rdx, offset btText
mov r8, sizeof btText
mov r9, offset qWritten
mov qword ptr [rsp + 8 * 4], 0
call WriteConsoleA
xor rcx, rcx
call ExitProcess
start endp
end
and other question:
mov qword ptr [rsp + 8 * 4], 0
is it fifth arg of WriteConsoleA?
thanks in advance
The allocation of the 5 stack arguments + alignment is missing. Also the prototypes are formally wrong: the handles are declared as DWORDs, instead of QWORDs. The rest look OK.
Other thoughts: XOR ECX,ECX == XOR RCX,RCX , the first one is shorter and formal correct.
EDIT: the same for some other moves. e.g. mov rcx, STD_OUTPUT_HANDLE
Quote
Other thoughts: XOR ECX,ECX == XOR RCX,RCX , the first one is shorter and formal correct.
EDIT: the same for some other moves. e.g. mov rcx, STD_OUTPUT_HANDLE
that means that for function is important low half of e.g. RCX not the whole reg?
Quote from: vogelsang on September 24, 2013, 11:17:11 PMthat means that for function is important low half of e.g. RCX not the whole reg?
(theoretically) yes. However, as said, there is not difference because 32 bit results (of an operation) are zero extended to 64 bit in registers.
Therefore MOV rax,imm32 is equal to mov eax,imm32.
thanks qWord for explaining it. I'm new to x64. Good to know.
sorry, a small mistake in the last post: MOV rax,imm32 is signed extended and not zero extended. However, for XOR and most other instruction it applies.