Text only | Text with Images

The MASM Forum

General => The Campus => Topic started by: K_F on February 05, 2013, 01:04:14 AM

Title: sizeof Invoke, Call structures ?
Post by: K_F on February 05, 2013, 01:04:14 AM
Search is getting me nowhere fast... :)
Does anybody have an idea of the assembler output code size of Invoke or Call instructions..
I would like to make a jump to call table and need to know alignment sizes.

I'll carry on looking at some pdf's but .. ja!
Thanks
Title: Re: sizeof Invoke, Call structures ?
Post by: hamper on February 05, 2013, 01:36:21 AM
I don't know whether this helps or not (new to assembler) and it may not be what you are looking for, but...

Don't know about invoke, but according to the Intel reference manual, call is a single opcode either E8, FF or 9A depending on how the call is made.
Title: Re: sizeof Invoke, Call structures ?
Post by: jj2007 on February 05, 2013, 01:43:15 AM
Code size depends
a) on the type and number of args pushed (or passed via FastCall in ecx etc)
b) whether you call a global variable (invoke MyTest, ....) or if you use call edx, call [edx], call [edx+eax+120] etc
Title: Re: sizeof Invoke, Call structures ?
Post by: dedndave on February 05, 2013, 01:45:29 AM
well - API's are invoked with a jmp to a table - 5 bytes
1 byte opcode - 4 byte address
i seem to remember they use "2-aligned" branches in the IAT   :lol:
one every 6 bytes
Title: Re: sizeof Invoke, Call structures ?
Post by: Tedd on February 05, 2013, 02:39:47 AM
5 bytes for the call, so align it to 6 minimally, or 8 if you're feeling generous. Debug an exe to see how it's usually done.

Depending how flexible you can be, a table of offsets might be preferable - then you can either load the offset into a reg and call reg (though you'll require an extra ret to get back to the original caller), or copy the offset into a known location for which the next instruction instruction does an indirect jmp.
Title: Re: sizeof Invoke, Call structures ?
Post by: dedndave on February 05, 2013, 02:45:29 AM
yes - a table of offsets...
i use them rather often as Branch Vector Tables
but - that is when you have an index in a register or something

nice thing is - they can stay 4-aligned without wasting space

this is related to the thread of Jochen's   :P

Quote from: Tedd on February 05, 2013, 02:39:47 AM
... or copy the offset into a known location for which the next instruction does an indirect jmp.

that can be both variable and invoked   :t
Title: Re: sizeof Invoke, Call structures ?
Post by: K_F on February 05, 2013, 02:56:18 AM
Thanks..
I've used offset jump tables in other Asm's... my brain just went mushy with as I'd never done it before with Masm.

So essentially we're talking about Offsets being better, something like COM vector tables.
:t
Title: Re: sizeof Invoke, Call structures ?
Post by: dedndave on February 05, 2013, 02:58:01 AM
yes - i am reminded of the original x86 interrupt vector tables, but they were FAR's
Text only | Text with Images