News:

Masm32 SDK description, downloads and other helpful links
Message to All Guests
NB: Posting URL's See here: Posted URL Change

Main Menu

sizeof Invoke, Call structures ?

Started by K_F, February 05, 2013, 01:04:14 AM

Previous topic - Next topic
Print
Go Down Pages1
User actions

K_F

February 05, 2013, 01:04:14 AM
Search is getting me nowhere fast... :)
Does anybody have an idea of the assembler output code size of Invoke or Call instructions..
I would like to make a jump to call table and need to know alignment sizes.

I'll carry on looking at some pdf's but .. ja!
Thanks
'Sire, Sire!... the peasants are Revolting !!!'
'Yes, they are.. aren't they....'

hamper

#1
February 05, 2013, 01:36:21 AM
I don't know whether this helps or not (new to assembler) and it may not be what you are looking for, but...

Don't know about invoke, but according to the Intel reference manual, call is a single opcode either E8, FF or 9A depending on how the call is made.

jj2007

#2
February 05, 2013, 01:43:15 AM
Code size depends
a) on the type and number of args pushed (or passed via FastCall in ecx etc)
b) whether you call a global variable (invoke MyTest, ....) or if you use call edx, call [edx], call [edx+eax+120] etc

dedndave

#3
February 05, 2013, 01:45:29 AM
well - API's are invoked with a jmp to a table - 5 bytes
1 byte opcode - 4 byte address
i seem to remember they use "2-aligned" branches in the IAT   :lol:
one every 6 bytes

Tedd

#4
February 05, 2013, 02:39:47 AM
5 bytes for the call, so align it to 6 minimally, or 8 if you're feeling generous. Debug an exe to see how it's usually done.

Depending how flexible you can be, a table of offsets might be preferable - then you can either load the offset into a reg and call reg (though you'll require an extra ret to get back to the original caller), or copy the offset into a known location for which the next instruction instruction does an indirect jmp.
Potato2

dedndave

#5
February 05, 2013, 02:45:29 AM
yes - a table of offsets...
i use them rather often as Branch Vector Tables
but - that is when you have an index in a register or something

nice thing is - they can stay 4-aligned without wasting space

this is related to the thread of Jochen's   :P

Quote from: Tedd on February 05, 2013, 02:39:47 AM
... or copy the offset into a known location for which the next instruction does an indirect jmp.

that can be both variable and invoked   :t

K_F

#6
February 05, 2013, 02:56:18 AM
Thanks..
I've used offset jump tables in other Asm's... my brain just went mushy with as I'd never done it before with Masm.

So essentially we're talking about Offsets being better, something like COM vector tables.
:t
'Sire, Sire!... the peasants are Revolting !!!'
'Yes, they are.. aren't they....'

dedndave

#7
February 05, 2013, 02:58:01 AM
yes - i am reminded of the original x86 interrupt vector tables, but they were FAR's
Print
Go Up Pages1
User actions