Author Topic: Re: 64-bit: Why Can't I get "CreateFileA" to Access a File or Device?  (Read 4042 times)

hutch--

  • Administrator
  • Member
  • ******
  • Posts: 8494
  • Mnemonic Driven API Grinder
    • The MASM32 SDK
Re: 64-bit: Why Can't I get "CreateFileA" to Access a File or Device?
« Reply #30 on: March 08, 2021, 04:09:18 AM »
> The caller does not write the regs to shadow space. The callee may write them to shadow space.

Yes we already know that, that is why if you don't use an argument list in masm you don't get the overhead of shadow space.

This produces,
; ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

 entry_point proc

    rcall empty,1,2,3,4

 entry_point endp

; ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

empty proc

    ret

empty endp

; ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

Which disassembles to,

.text:0000000140001000 C8800000                   enter 0x80, 0x0
.text:0000000140001004 4883EC60                   sub rsp, 0x60
.text:0000000140001008 49C7C104000000             mov r9, 4
.text:000000014000100f 49C7C003000000             mov r8, 3
.text:0000000140001016 48C7C202000000             mov rdx, 2
.text:000000014000101d 48C7C101000000             mov rcx, 0x1
.text:0000000140001024 E800000000                 call sub_140001029
.text:0000000140001024
; --------------------------------------------------------------------------
; sub_140001029
; --------------------------------------------------------------------------
sub_140001029   proc
.text:0000000140001029 C8800000                   enter 0x80, 0x0
.text:000000014000102d 4883EC60                   sub rsp, 0x60
.text:0000000140001031 C9                         leave
.text:0000000140001032 C3                         ret
sub_140001029   endp
hutch at movsd dot com
http://www.masm32.com    :biggrin:  :skrewy:

hutch--

  • Administrator
  • Member
  • ******
  • Posts: 8494
  • Mnemonic Driven API Grinder
    • The MASM32 SDK
Re: 64-bit: Why Can't I get "CreateFileA" to Access a File or Device?
« Reply #31 on: March 08, 2021, 04:25:07 AM »
For nidud,

Stackframes galore !

; ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

    include \masm32\include64\masm64rt.inc

    .code

; ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

 entry_point proc

    rcall empty, 1,2,3,4
    rcall empty2,1,2,3,4
    rcall empty3,1,2,3,4
    rcall empty4,1,2,3,4

 entry_point endp

; ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

ALTSTACKFRAME

empty proc

    ret

empty endp

STACKFRAME

; ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

NOSTACKFRAME

empty2 proc

    ret

empty2 endp

STACKFRAME

; ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

PROCALIGN

empty3 proc

    ret

empty3 endp

STACKFRAME

; ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

SET_STACK_FRAME 2, 2

empty4 proc

    ret

empty4 endp

STACKFRAME

; ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
    end

Which disassembles to,

.text:0000000140001000 C8800000                   enter 0x80, 0x0
.text:0000000140001004 4883EC60                   sub rsp, 0x60

.text:0000000140001008 49C7C104000000             mov r9, 4
.text:000000014000100f 49C7C003000000             mov r8, 3
.text:0000000140001016 48C7C202000000             mov rdx, 2
.text:000000014000101d 48C7C101000000             mov rcx, 0x1
.text:0000000140001024 E863000000                 call sub_14000108c
.text:0000000140001024
.text:0000000140001029 49C7C104000000             mov r9, 4
.text:0000000140001030 49C7C003000000             mov r8, 3
.text:0000000140001037 48C7C202000000             mov rdx, 2
.text:000000014000103e 48C7C101000000             mov rcx, 0x1
.text:0000000140001045 E84C000000                 call 0x140001096
.text:0000000140001045
.text:000000014000104a 49C7C104000000             mov r9, 4
.text:0000000140001051 49C7C003000000             mov r8, 3
.text:0000000140001058 48C7C202000000             mov rdx, 2
.text:000000014000105f 48C7C101000000             mov rcx, 0x1
.text:0000000140001066 E82C000000                 call sub_140001097
.text:0000000140001066
.text:000000014000106b 49C7C104000000             mov r9, 4
.text:0000000140001072 49C7C003000000             mov r8, 3
.text:0000000140001079 48C7C202000000             mov rdx, 2
.text:0000000140001080 48C7C101000000             mov rcx, 0x1
.text:0000000140001087 E814000000                 call 0x1400010a0
.text:0000000140001087
; --------------------------------------------------------------------------
; sub_14000108c
; --------------------------------------------------------------------------
sub_14000108c   proc
.text:000000014000108c 55                         push rbp
.text:000000014000108d 488BEC                     mov rbp, rsp
.text:0000000140001090 4883EC60                   sub rsp, 0x60
.text:0000000140001094 C9                         leave
.text:0000000140001095 C3                         ret
sub_14000108c   endp
 
.text:0000000140001096
.text:0000000140001096 0x140001096:
.text:0000000140001096 C3                         ret
; --------------------------------------------------------------------------
; sub_140001097
; --------------------------------------------------------------------------
sub_140001097   proc
.text:0000000140001097 4883EC08                   sub rsp, 8
.text:000000014000109b 4883C408                   add rsp, 8
.text:000000014000109f C3                         ret
sub_140001097   endp
 
.text:00000001400010a0
.text:00000001400010a0 0x1400010a0:
.text:00000001400010a0 55                         push rbp
.text:00000001400010a1 488BEC                     mov rbp, rsp
.text:00000001400010a4 4883EC60                   sub rsp, 0x60
.text:00000001400010a8 488BE5                     mov rsp, rbp
.text:00000001400010ab 5D                         pop rbp
.text:00000001400010ac C3                         ret
hutch at movsd dot com
http://www.masm32.com    :biggrin:  :skrewy:

hutch--

  • Administrator
  • Member
  • ******
  • Posts: 8494
  • Mnemonic Driven API Grinder
    • The MASM32 SDK
Re: 64-bit: Why Can't I get "CreateFileA" to Access a File or Device?
« Reply #32 on: March 08, 2021, 04:36:00 AM »
How to write shadow space.

; ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

SET_STACK_FRAME 2, 2

empty4 proc arg1:QWORD,arg2:QWORD,arg3:QWORD,arg4:QWORD

    ret

empty4 endp

STACKFRAME

; ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

.text:00000001400010a0
.text:00000001400010a0 0x1400010a0:
.text:00000001400010a0 55                         push rbp
.text:00000001400010a1 488BEC                     mov rbp, rsp
.text:00000001400010a4 4883EC60                   sub rsp, 0x60
.text:00000001400010a8 48894D10                   mov qword ptr [rbp+0x10], rcx
.text:00000001400010ac 48895518                   mov qword ptr [rbp+0x18], rdx
.text:00000001400010b0 4C894520                   mov qword ptr [rbp+0x20], r8
.text:00000001400010b4 4C894D28                   mov qword ptr [rbp+0x28], r9
.text:00000001400010b8 488BE5                     mov rsp, rbp
.text:00000001400010bb 5D                         pop rbp
.text:00000001400010bc C3                         ret
hutch at movsd dot com
http://www.masm32.com    :biggrin:  :skrewy:

nidud

  • Member
  • *****
  • Posts: 2213
    • https://github.com/nidud/asmc
Re: 64-bit: Why Can't I get "CreateFileA" to Access a File or Device?
« Reply #33 on: March 08, 2021, 05:06:37 AM »
Are you saying you cannot produce varieties of stack frames. I can routinely do it in MASM.

No.

Quote
Yes we already know that, that is why if you don't use an argument list in masm you don't get the overhead of shadow space.

This produces,
Which disassembles to,

.text:0000000140001000 C8800000                   enter 0x80, 0x0
.text:0000000140001004 4883EC60                   sub rsp, 0x60

 :biggrin:

You literary create a stack frame for 28 arguments, the size of 7 shadow spaces, for each of them.

How to write shadow space.

; ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

SET_STACK_FRAME 2, 2

empty4 proc arg1:QWORD,arg2:QWORD,arg3:QWORD,arg4:QWORD

    ret

empty4 endp

STACKFRAME

; ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

.text:00000001400010a0
.text:00000001400010a0 0x1400010a0:
.text:00000001400010a0 55                         push rbp
.text:00000001400010a1 488BEC                     mov rbp, rsp
.text:00000001400010a4 4883EC60                   sub rsp, 0x60
.text:00000001400010a8 48894D10                   mov qword ptr [rbp+0x10], rcx
.text:00000001400010ac 48895518                   mov qword ptr [rbp+0x18], rdx
.text:00000001400010b0 4C894520                   mov qword ptr [rbp+0x20], r8
.text:00000001400010b4 4C894D28                   mov qword ptr [rbp+0x28], r9
.text:00000001400010b8 488BE5                     mov rsp, rbp
.text:00000001400010bb 5D                         pop rbp
.text:00000001400010bc C3                         ret


In Asmc, skipping the shadow spase gives this result:

option win64:rsp noauto

empty4 proc arg1:QWORD,arg2:QWORD,arg3:QWORD,arg4:QWORD
    ret
empty4 endp

empty4:
        ret

Using the default mode:

option win64:3

empty4 proc arg1:QWORD,arg2:QWORD,arg3:QWORD,arg4:QWORD
    mov rax,arg3 ; the argument(s) needs to be used..
    ret
empty4 endp

empty4:
        mov     qword ptr [rsp+18H], r8
        push    rbp                   
        mov     rbp, rsp               
        sub     rsp, 32               
        mov     rax, qword ptr [rbp+20H]
        leave                           
        ret                             

TimoVJL

  • Member
  • ****
  • Posts: 723
Re: 64-bit: Why Can't I get "CreateFileA" to Access a File or Device?
« Reply #34 on: March 08, 2021, 08:22:52 AM »
Many in this site loves macros and try to sell those to everyone, but i like to see optimized code, not a new macro hell :sad:
May the source be with you

HSE

  • Member
  • *****
  • Posts: 1743
  • <AMD>< 7-32>
Re: 64-bit: Why Can't I get "CreateFileA" to Access a File or Device?
« Reply #35 on: March 08, 2021, 09:05:45 AM »
Hi Nidud!

option win64:3

empty4 proc arg1:QWORD,arg2:QWORD,arg3:QWORD,arg4:QWORD
    mov rax,arg3 ; the argument(s) needs to be used..
    ret
empty4 endp

Are you sure?

With my little understanding, I think you missed something:

empty4 proc arg1:QWORD,arg2:QWORD,arg3:QWORD,arg4:QWORD
    mov rax,arg3 ; the argument(s) needs to be used and you are going to debug with WinDbg
    ret
empty4 endp

Shadow space only is used in that way by callee when you are testing/debugging (can be used like usual locals in other case). No? 

hutch--

  • Administrator
  • Member
  • ******
  • Posts: 8494
  • Mnemonic Driven API Grinder
    • The MASM32 SDK
Re: 64-bit: Why Can't I get "CreateFileA" to Access a File or Device?
« Reply #36 on: March 08, 2021, 09:35:30 AM »
 :biggrin:

I am not sure why you are worried about 0x60 bytes when a default stack is usually 1 meg or with PE linker options even greater. Long ago I learnt that a little padding here and there was highly virtuous. You are not saving memory here by trimming down to a theoretical limit, it is already allocated when the executable is built.

Now I never criticise the creative genius of making something and I admit I am not familiar with your notation but the options for stack frames above look like build options that you would use at the start of the file, not something that you can do for each procedure.

hutch at movsd dot com
http://www.masm32.com    :biggrin:  :skrewy:

nidud

  • Member
  • *****
  • Posts: 2213
    • https://github.com/nidud/asmc
Re: 64-bit: Why Can't I get "CreateFileA" to Access a File or Device?
« Reply #37 on: March 08, 2021, 10:28:24 AM »
Are you sure?

With my little understanding, I think you missed something:

empty4 proc arg1:QWORD,arg2:QWORD,arg3:QWORD,arg4:QWORD
    mov rax,arg3 ; the argument(s) needs to be used and you are going to debug with WinDbg
    ret
empty4 endp

Shadow space only is used in that way by callee when you are testing/debugging (can be used like usual locals in other case). No?

The debugger only look at the stack frame but the sample is a bit misguided. You would normally use the register (r8) here directly, and the assembler wouldn't bother saving the register to the stack in that case. If you add a call at top it make more sense:

    CoInitialize(0)

    ; now the registers RCX, RDX, R8, and R9 are trashed

    mov rax,arg3 ; so you need to use the stack

In this case arg3 is flagged as used and thus saved to the stack before the call.

I am not sure why you are worried about 0x60 bytes when a default stack is usually 1 meg or with PE linker options even greater. Long ago I learnt that a little padding here and there was highly virtuous. You are not saving memory here by trimming down to a theoretical limit, it is already allocated when the executable is built.

It's actually 0x80 + 0x60 + 8 for each level, two in this sample, but yes there's a large stack.

Quote
Now I never criticise the creative genius of making something and I admit I am not familiar with your notation but the options for stack frames above look like build options that you would use at the start of the file, not something that you can do for each procedure.

It's normally handled by the header files so it runs on auto by default but also possible to customize it for each procedure.

HSE

  • Member
  • *****
  • Posts: 1743
  • <AMD>< 7-32>
Re: 64-bit: Why Can't I get "CreateFileA" to Access a File or Device?
« Reply #38 on: March 08, 2021, 12:46:46 PM »
Quote from: nidud link=topic=9218.msg101372#msg101372
If you add a call at top it make more sense
Ok. Could be necesary sometimes.

Thanks  :thumbsup:

daydreamer

  • Member
  • *****
  • Posts: 1721
  • building nextdoor
Re: 64-bit: Why Can't I get "CreateFileA" to Access a File or Device?
« Reply #39 on: March 08, 2021, 06:04:37 PM »
:biggrin:

I am not sure why you are worried about 0x60 bytes when a default stack is usually 1 meg or with PE linker options even greater. Long ago I learnt that a little padding here and there was highly virtuous. You are not saving memory here by trimming down to a theoretical limit, it is already allocated when the executable is built.
I am more interested in link option lower stack space,so i get small memory footprint even with lots of threads,what's good set it,10k?,100k?
SIMD fan and macro fan
why assembly is fastest is because its switch has no (brakes) breaks
:P
only in 16bit assembly you can get away with "Only words" :P

TimoVJL

  • Member
  • ****
  • Posts: 723
Re: 64-bit: Why Can't I get "CreateFileA" to Access a File or Device?
« Reply #40 on: March 08, 2021, 06:36:58 PM »
I think, only when someone needs more stack than 1MB, -stack option is usable.
May the source be with you

hutch--

  • Administrator
  • Member
  • ******
  • Posts: 8494
  • Mnemonic Driven API Grinder
    • The MASM32 SDK
Re: 64-bit: Why Can't I get "CreateFileA" to Access a File or Device?
« Reply #41 on: March 08, 2021, 08:01:16 PM »
Hi Timo,

> Many in this site loves macros and try to sell those to everyone, but i like to see optimized code, not a new macro hell

I think I understand why you would have this view but its the nature of the beast as a macro assembler to be able to do stuff like that. In a large number of instances macros are used to reduce the level of tedium hacking through mountains of high level code and funny enough you rarely ever see macro code in pure mnemonic algorithms. Where the grunt really matters, pure mnemonic code rules.

The problem with late model Window UI code is that it is cluttered and complicated by way of its original design and even with great patience it can be messy to read.
hutch at movsd dot com
http://www.masm32.com    :biggrin:  :skrewy:

daydreamer

  • Member
  • *****
  • Posts: 1721
  • building nextdoor
Re: 64-bit: Why Can't I get "CreateFileA" to Access a File or Device?
« Reply #42 on: March 08, 2021, 10:08:33 PM »
> Many in this site loves macros and try to sell those to everyone, but i like to see optimized code, not a new macro hell

I think I understand why you would have this view but its the nature of the beast as a macro assembler to be able to do stuff like that. In a large number of instances macros are used to reduce the level of tedium hacking through mountains of high level code and funny enough you rarely ever see macro code in pure mnemonic algorithms. Where the grunt really matters, pure mnemonic code rules.
I like the right kind of macros help with code productivity for whole asm program and concentrate on optimization where it matters
where real grunt the big exception using Macros for later SSE opcodes,128bit SIMD integer xmm regs instead of only 64bit registers
you could have 2048 threads * stack 1mb on 64bit,but its useless for those who have old 32bit computer with not so much memory,so if I only use few small LOCAL arrays it might be only need 10k or 100k stack?
SIMD fan and macro fan
why assembly is fastest is because its switch has no (brakes) breaks
:P
only in 16bit assembly you can get away with "Only words" :P

jj2007

  • Member
  • *****
  • Posts: 11551
  • Assembler is fun ;-)
    • MasmBasic
Re: 64-bit: Why Can't I get "CreateFileA" to Access a File or Device?
« Reply #43 on: March 08, 2021, 10:27:54 PM »
I think, only when someone needs more stack than 1MB, -stack option is usable.

It seems so. For example, with linker option /STACK:0xF00000 you get 20MB instead of 1.x, but I have not been able to get less than 850k (in 32-bit code).