EXETOOLS FORUM  

Go Back   EXETOOLS FORUM > General > x64 OS

Notices

Reply
 
Thread Tools Display Modes
  #1  
Old 09-10-2010, 18:15
Git's Avatar
Git Git is offline
Old Git
 
Join Date: Mar 2002
Location: Torino
Posts: 1,068
Rept. Given: 218
Rept. Rcvd 265 Times in 157 Posts
Thanks Given: 68
Thanks Rcvd at 110 Times in 48 Posts
Git Reputation: 200-299 Git Reputation: 200-299 Git Reputation: 200-299
Introduction to x64 Assembly

Very useful new article by Intel :

Introduction to x64 Assembly

Git
Reply With Quote
The Following 4 Users Gave Reputation+1 to Git For This Useful Post:
ahmadmansoor (09-13-2010), oVERfLOW (09-14-2010)
  #2  
Old 09-13-2010, 23:03
Taitch
 
Posts: n/a
Some reasons to use intrinsics:
* Inline asm not supported in x64.

Works fine in GCC. You can use $eax or $rax to reference $rax. Also the Microsoft 64-bit calling convention works with MinGW GCC since 4.4.

AMD has a similar guide on x86-64, and it said things like not to use loops for short iterations because the compiler likely won't always optimise in 64-bit mode for these. So 'unroll' them. GCC has options: -funroll-all-loops -funroll-loops . It's not hugely noticeable when you have a quad-core machine @ 3.4 GHz. The guide from AMD is very technical but does explain some basics like that RAX is basicallly EAX and that a __stdcall (if that were used on x86-64 Windows) is not ordered EAX,EDX,EDI (with return value in EAX) but now it's RAX,RSI,RDI if I remember correctly. I was having trouble putting inline ASM into an app just to see if it would work, and then realised GCC won't convert it to x86-64 for me. PUSH EAX worked but almost nothing else did.

It'll be some time before the Windows world fully moves to 64-bit, but there will certainly be reversing when that time comes. By contrast, most software for Linux can either be compiled for 64-bit or has a 64-bit version binary (including things like Maya).
Reply With Quote
  #3  
Old 12-25-2010, 06:15
unknownone
 
Posts: n/a
Quote:
Originally Posted by Taitch View Post
Some reasons to use intrinsics:
* Inline asm not supported in x64.
this is one pice of crap for someone developing low level stuff with c++&asm

all the code should be rewrited in order to compile for x64
Reply With Quote
  #4  
Old 12-30-2010, 07:25
Fyyre's Avatar
Fyyre Fyyre is offline
Fyyre
 
Join Date: Dec 2009
Location: 0°N 0°E / 0°N 0°E / 0; 0
Posts: 144
Rept. Given: 42
Rept. Rcvd 59 Times in 27 Posts
Thanks Given: 29
Thanks Rcvd at 87 Times in 21 Posts
Fyyre Reputation: 59
inline assembly language in functions? not really so useful, imho... for situations where it is, intrincs do well enough (imho, of course :)

i.e.

Code:
#define memopen()   _disable(); __writecr0(__readcr0() & (~(0x10000)));
#define memclose()  __writecr0(__readcr0() ^ 0x10000);  _enable();
atm... 60% of code I write is for nt kernel (x64).

-fyyre

Quote:
Originally Posted by unknownone View Post
this is one pice of crap for someone developing low level stuff with c++&asm

all the code should be rewrited in order to compile for x64 :(
Reply With Quote
The Following 2 Users Gave Reputation+1 to Fyyre For This Useful Post:
Git (12-30-2010), sendersu (12-31-2010)
  #5  
Old 12-31-2010, 23:21
deroko's Avatar
deroko deroko is offline
cr4zyserb
 
Join Date: Nov 2005
Posts: 216
Rept. Given: 13
Rept. Rcvd 30 Times in 14 Posts
Thanks Given: 7
Thanks Rcvd at 23 Times in 11 Posts
deroko Reputation: 30
Well I would love to have those inline asm markers in the code I've tried to use instrinsic to achive same but during optimization, my macros are gone, mixed with other instructions when optimized and officially I hate to use imports as markers, as it adds extra work on my side which by default wouldn't be needed. (eg. walk import table, and remove IID which points to my fake_import_marker.dll), and also there is always chance that searching for call dword ptr[mymarker_start] can lead to wrong data, and wrong analyse

However everybody should know whom are developing using asm on x64 that you must keep stack always 16 byte aligned, as some sse instructions require memory to be 16 byte aligned when data is written to memory, otherwise you will get exception. I learnt this in hard way, after 1h debugging why application crashed when writing to existing and r/w memory from some API call (don't even remember what API this was)
__________________
http://accessroot.com

Last edited by deroko; 12-31-2010 at 23:29.
Reply With Quote
  #6  
Old 01-01-2011, 21:49
tHE mUTABLE
 
Posts: n/a
@deroko. Have you tried to disable compiler optimizations selectively? (I've been into a similar situation ) Most of the compilers I'm aware of support this feature via a "#pragma". Intel compiler provides a lot of fine-grained options for enabling/disabling specific optimizing transformation.

Hope that helps!
Reply With Quote
  #7  
Old 01-01-2011, 23:40
deroko's Avatar
deroko deroko is offline
cr4zyserb
 
Join Date: Nov 2005
Posts: 216
Rept. Given: 13
Rept. Rcvd 30 Times in 14 Posts
Thanks Given: 7
Thanks Rcvd at 23 Times in 11 Posts
deroko Reputation: 30
Well, disabling optimization is not an option, unfortunately. There are pragmas in msvc to disable/enable optimization but those are global. eg. can't put them before macro, and after macro. For now I think I will stick with import table trick until ms adds this option again, or use /Od for a while
__________________
http://accessroot.com
Reply With Quote
  #8  
Old 01-02-2011, 00:47
tHE mUTABLE
 
Posts: n/a
Could you please try the following (enable/disable global optimization at the function/macro level). I'm not sure about macro but theoretically it should definitely work.

#pragma optimize( "g", off )
// Macro goes here
#pragma optimize( "g", on )

Another option would be to enable optimization profiling, (MSVC has one of the worst optimization profiler I've ever seen!) so that you can pinpoint the specific transformation that is getting exercised by the compiler, then you can selectively disable or at least tweak that optimization accordingly which is I'm guessing it's most likely to be inlining!
Reply With Quote
  #9  
Old 01-02-2011, 01:34
deroko's Avatar
deroko deroko is offline
cr4zyserb
 
Join Date: Nov 2005
Posts: 216
Rept. Given: 13
Rept. Rcvd 30 Times in 14 Posts
Thanks Given: 7
Thanks Rcvd at 23 Times in 11 Posts
deroko Reputation: 30
That's the one I was referring, it can be only set globally, not possible to set inside of a function
__________________
http://accessroot.com
Reply With Quote
  #10  
Old 01-02-2011, 20:22
Git's Avatar
Git Git is offline
Old Git
 
Join Date: Mar 2002
Location: Torino
Posts: 1,068
Rept. Given: 218
Rept. Rcvd 265 Times in 157 Posts
Thanks Given: 68
Thanks Rcvd at 110 Times in 48 Posts
Git Reputation: 200-299 Git Reputation: 200-299 Git Reputation: 200-299
Or you could use the Intel compiler.

Git
Reply With Quote
The Following User Gave Reputation+1 to Git For This Useful Post:
Fyyre (01-03-2011)
  #11  
Old 01-03-2011, 03:55
Fyyre's Avatar
Fyyre Fyyre is offline
Fyyre
 
Join Date: Dec 2009
Location: 0°N 0°E / 0°N 0°E / 0; 0
Posts: 144
Rept. Given: 42
Rept. Rcvd 59 Times in 27 Posts
Thanks Given: 29
Thanks Rcvd at 87 Times in 21 Posts
Fyyre Reputation: 59
Quote:
Originally Posted by deroko View Post
That's the one I was referring, it can be only set globally, not possible to set inside of a function :)
optimization can set on function to function basis, but not within the function itself. i am thinking you mean this by "globally" ?

i.e.

Code:
#pragma optimize( "", off )

void meow()
{
  /* ... */
}

#pragma optimize( "", on )
Intel-specific Pragma Reference

-Fyyre
Reply With Quote
  #12  
Old 01-03-2011, 17:48
deroko's Avatar
deroko deroko is offline
cr4zyserb
 
Join Date: Nov 2005
Posts: 216
Rept. Given: 13
Rept. Rcvd 30 Times in 14 Posts
Thanks Given: 7
Thanks Rcvd at 23 Times in 11 Posts
deroko Reputation: 30
This is globally, as it affects whole function, not only a portion where macro would be stored. Well it doesn't really matter, as I've already worked this import thing long time ago. I'm just saying why inline asm would be nice to have in msvc x64 compiler
__________________
http://accessroot.com

Last edited by deroko; 01-03-2011 at 17:57.
Reply With Quote
Reply

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
About .Net Packing and Introduction BackTangent General Discussion 10 06-12-2011 20:24
An Introduction to Software Reverse Engineering LAVA General Discussion 9 01-11-2005 03:59


All times are GMT +8. The time now is 01:20.


��ICP��05004977��
Always Your Best Friend: Aaron, JMI, ahmadmansoor, ZeNiX