7,448 questions
1
vote
1
answer
69
views
printf wont work when linking to ucrtbase.dll, but works when linked to msvcrt.dll (Windows, NASM)
I am struggling to get printf to work for me in NASM while linking to ucrt.dll, It works 0 problems when I link to msvcrt.dll for printf, but I am trying to practice with something a little newer.
I ...
Advice
0
votes
1
replies
71
views
Branch predictor training depends on call site? (Spectre experiment)
While analyzing the Spectre vulnerability, I ran into a question about how branch prediction training works.
My understanding is that the CPU accumulates prediction history for a specific conditional ...
5
votes
1
answer
133
views
What is the purpose of the k0, k1, ... k7 registers?
I am debugging a simple program that prints the string "Hello, world!" three times. In the information about the registers that the gdb program gives, with the command info register, appear ...
- 53
1
vote
0
answers
106
views
How to compare a register and the effective address of a variable in GAS with intel_syntax
I am following an assembly tutorial where they use NASM. They manage to compare a register to a variable's address with cmp rcx, digitSpace, but how can I do the same with GAS?
As you know this ...
- 37
2
votes
1
answer
223
views
Kernel panic during ROP chain: GDB stepping mismatch and unexpected register state
I am working on a Linux x64 kernel exploitation CTF challenge. I have constructed a ROP chain to execute commit_creds(prepare_kernel_cred(0)).
However, I am encountering a major inconsistency between ...
- 1,401
1
vote
0
answers
186
views
How can I bypass the ASLR c code that was compiled as 64-bit? (school assignment : “within 10 minutes.”)
How could I get past it if the code is compiled as 64-bit? There’s no need to obtain a root shell; it’s sufficient to just verify that the address was guessed correctly. In my assignment, to bypass ...
- 1
27
votes
2
answers
2k
views
Why does clang zero "eax" before calling a function with unspecified parameters, but gcc doesn't?
Consider this C (not C++!) code:
int g();
int f() {
return g();
}
Clang (with any optimization level above zero) compiles this to:
f:
xor eax, eax
jmp g@PLT
I am trying ...
- 11k
Advice
3
votes
5
replies
92
views
x86_64 AT&T style assembly manual
I'm looking for an assembly language manual for x86_64 architecture that uses the AT&T style. Is such manual available directly by AT&T? What I found was from [Oracle](https://docs.oracle.com/...
- 595
6
votes
1
answer
157
views
What is the performance effect (on x64) of __atomic_fetch_add that ignores its result?
My code is
...
fragment1 // compares several regions in D1$ to D1$/D3$
__atomic_fetch_add(&lock,-1,__ATOMIC_ACQ_REL); // stmt A
fragment2 // moves several regions from D1$/D3$ to D1$
...
- 101
Advice
0
votes
4
replies
225
views
Why does GCC transform a >= 4 into a > 3 at -O0? JG seems to be more complex than JGE
Title: Why does GCC transform a >= 4 into a > 3 at -O0? JG seems more complex than JGE
I'm analyzing a simple C code on godbolt and found GCC's code generation puzzling:
long a;
a = a >= 4;
...
- 27
Best practices
1
vote
2
replies
108
views
Loading a byte: Partial register stall for intel cpus (r8 vs r64)
My assembly program reads characters in a text file by loading them one by one in register 'al'. However I sometime need to use rax fully, and I think this causes a partial register stall. Now I think ...
- 43
3
votes
2
answers
141
views
How can I correctly load the kernel to its canonical high address space
I am working on a small os with a custom boot loader targeting BIOS. For this, I need to map the kernel to its canonical high address space (0xFFFFFFFF80000000) and jump to its entry point.
For this, ...
- 133
0
votes
0
answers
50
views
How to cross-compile a customized QGroundControl (Qt 6.8.3) for Jetson Nano (ARM64) from Ubuntu x86_64
I have been customizing QGroundControl and have successfully built it for my Ubuntu system (x86_64 architecture) using Qt 6.8.3. I utilized the provided shell scripts and Dockerfiles located in the ...
- 39
Advice
1
vote
2
replies
165
views
How many general purpose registers are on an x86-64 processor, including alias registers?
I was curious and wondering how many registers are on an x64 processor. I know there are 16 general purpose registers available to the user, but there are supposedly general purpose alias registers ...
2
votes
1
answer
185
views
Is it possible to call x86 `idiv r/m8` from MSVC2022 using C++ directly?
I am trying to call idiv r/m8 using MSVC2022's current Microsoft Visual C++ Compiler 17.4.33403.182 and C++.
Using the most straightforward approach:
struct cdiv_t
{
// char
std::int8_t quot;
...
- 332
2
votes
2
answers
150
views
Why would MSVC 2022 create two idiv calls for one std::div without any optimizations?
Using CMAKE_BUILD_TYPE="Debug" my MSVC 2022 [17.4.33403.182] produced one idiv call for the quotient and an identical idiv call for the remainder. The code was simply [see here for the ...
- 332
3
votes
1
answer
154
views
How to catch EXCEPTION_PRIV_INSTRUCTION from RDPMC directly in Assembly (and without SEH)?
I'm experimenting with measuring CPU's instructions latency and throughput on P and E cores using RDPMC on Win 11, something like that:
MOV ECX, 0x40000000 ; Instructions Counter
RDPMC ; Read ...
- 179
-1
votes
1
answer
152
views
x86_64 assembly program segfaults if push/pop rdx is removed
writing some simple assembly code, the program segfaults at the second call of subroutine _printint. This only happens if i remove push rdx and pop rdx from either the _printint subroutine or the ...
2
votes
0
answers
80
views
Problem with characters and cmp in x86_64 assembly language (AT&T) [duplicate]
I'm having trouble writing what should be a simple character counting program. Here's the file with the .data section, as given by the author of Learn to Program with Assembly, which I'm following (I ...
- 99
2
votes
2
answers
129
views
Pointers, referencing, and dereferencing static strings in assembly language
I'm writing a little toy program to try to help myself better understand this language (AT&T syntax, x86_64 assembly language). Consider this code, if you'll be so kind:
.section .data
mystring: ....
- 99
0
votes
1
answer
93
views
Undefined reference for .quad $symbol in AT&T assembly
You all were kind enough to help me recently with understanding this language a bit better. I'm working on AT&T syntax x86_64 assembly language through an Apress book. The author gives this code, ...
- 99
2
votes
0
answers
97
views
Too big a latency of ping-pong between two IPC processes on Sapphire Rapids Xeon with plain loads and stores, instruction order makes a big difference
I am running simple Ping/Pong between two processes A, B with shared memory:
shm_A and shm_B are in separate cache lines. Allocated with separate calls to shm_open, so probably in different pages, ...
- 7,284
0
votes
0
answers
88
views
Why am I getting this error in my assembly program?
I'm making an assembly program that is supposed to get the mac address of the specified interface, however, when I try to assemble it, I get this error.
gethwaddress.s:12: warning: multi-line macro `...
17
votes
3
answers
1k
views
Stack memory in a freestanding environment
I'm reading a GNU as introductory book for programs running on top of an OS. I'm at the stack memory part and I was curious how the stack looks like in a freestanding environment.
I'm guessing that ...
- 595
3
votes
4
answers
238
views
What is the difference between a value and a memory address in x86_64 AT&T assembly language?
Novice here, with a frustratingly simple question. I'm trying to learn assembly and this has been a stumbling block for me for so long, I would really appreciate help with these concepts. Thanks so ...
- 99
-4
votes
1
answer
106
views
idt_64 definiton crashes the os [closed]
im following a udemy course on making an operating system from scratch, but i have run into a very bizarre error:
Makefile:
DISK = os.img
KERNEL = kernel.bin
BOOTSECTOR = bootsector
NASM = nasm
QEMU =...
2
votes
0
answers
85
views
Where am I wrong with writing transition from protected mode to IA-32e mode?
I try to code the transition from protected mode to IA-32e mode. It's a task in college. The problem that I can't debug 32 bit bootloader. I can only run QEMU and tell based on its output whether this ...
- 41
1
vote
2
answers
232
views
How does MSVC's optimized asm implement a simple C program that uses strcpy on argv[1]? Understanding IDA output and what it's doing with pointers?
I have written a very basic int main program as shown below:
#include <stdio.h>
#include <windows.h>
int main(int argc, char** argv)
{
char buffer[500];
strcpy(buffer, argv[1]);
...
- 305
4
votes
0
answers
154
views
Segmentation fault on a x86-64 push instruction (after execve syscall returns -ENOSYS depending on what value was pushed)
I am executing shell-code in executable stack memory:
xor rax,rax ;
push rax ;
mov rbx,0x68732f2f6e69622f ;
push rbx
mov rdi,rsp ; ...
1
vote
0
answers
89
views
This program with inline assembly works in CLANG with optimization enabled but does not work in GCC. Does GCC ignore `volatile` on global variables? [duplicate]
So, this piece of C++ code:
/*
* Compile on 64-bit Linux or Solaris (I guess it will probably also work on
* FreeBSD), like this:
* g++ -o bin2dec bin2dec.cpp -std=c++11 #Don't put -O3
* here, as ...
- 840
5
votes
1
answer
148
views
Why does syscall on x86-64 load CS and SS selectors if base/limit aren’t used?
On x86-64, the syscall instruction causes a privilege-level change from user mode to kernel mode.
According to the Intel manual (Vol. 2A, SYSCALL—Fast System Call), during execution:
CS is loaded ...
- 197
0
votes
1
answer
79
views
How to compare a keyboard input in assemble language NASM
I have code that is comparing a keyboard input which will be a number/ integer.
However when I test it, it doesn't jmp if equal. I am not sure what value it is tested against. For example I have tried ...
0
votes
0
answers
109
views
How do I store and use rax output into a register for later use?
I've been given an assignment to store and write out a user-inputted string stored in buffer. My professor said that the number of bytes read is stored in rax after the user inputs the string into ...
- 1
1
vote
0
answers
118
views
unexpected PLT reloc type 0x00
I don't seem to be able to fix this dynamic linking error I am getting.
I am on ARCH Linux, Garuda Mokka to be precise.
This is how I compile my project:
clang++ -v -lclang `llvm-config --cxxflags --...
- 310
7
votes
1
answer
228
views
Why are all IMUL µOPs dispatched to Port 1 only (on Haswell), even when multiple IMULs are executed in parallel?
I'm experimenting with the IMUL r64, r64 instruction on an Intel Xeon E5-1620 v3 (Haswell architecture, base clock 3.5 GHz, turbo boost up to 3.6 GHz, Hyper Threading is enabled).
My test loop is ...
- 179
6
votes
2
answers
177
views
What makes executables compiled with gcc on ARM64 larger than on x86_64?
It has been my observation that compiling the same code using gcc 12.2.0 on both Raspberry Pi OS Bookworm aarch64 and Debian Bookworm x86_64, always results in a much smaller executable on the latter. ...
user31366153
10
votes
2
answers
124
views
Why is the AL field (FP register usage count) necessary in the SysV ABI?
I was going through the System V AMD64 ABI and couldn’t find a clear explanation for why the AL field (which tracks how many floating-point registers are used) is necessary.
From my understanding, ...
- 159
2
votes
2
answers
329
views
Making an absolute 64-bit jump in x64 assembler which can be copied as a JIT
I am trying to port some code from linux to windows. I need to assemble a jump to an absolute address, using nasm, such that the same bytes will jump to the same address, no matter where the code is ...
- 50.7k
2
votes
0
answers
73
views
What is long long under __X86_64__? [duplicate]
I see this in int-ll64.h when building for -m64
__extension__ typedef unsigned long long __u64;
does this mean it's 128 bits instead of 64.
The compiler certain complains that the definition of:
...
- 2,567
4
votes
1
answer
185
views
Apps built with /QSpectre-load and /CETCOMPAT crashes with EXCEPTION_STACK_OVERFLOW
Crashes when run on a Windows version and CPU that supports CET (verified on Win11 23H2, i7-1365U).
Works fine on a CPU that doesn't support CET (verified on Win11 23H2, i7-10750H).
Works fine ...
- 602
8
votes
1
answer
211
views
Segfault simulating #embed on GCC 14 with .incbin into .rodata and defining a global span<>
I have a project that has to use GCC 14 which does not have #embed support.
I attempted to simulate it as follows.
namespace {
namespace {
extern "C" {
extern std::...
- 1,277
29
votes
1
answer
4k
views
Why do C compilers still prefer PUSH over MOV for saving registers, even when MOV appears faster in llvm-mca?
I noticed that modern C compilers typically use push instructions to save caller-saved registers, rather than explicit mov + sub sequences. However, based on llvm-mca simulations, the mov approach ...
- 465
5
votes
1
answer
218
views
Ensure a value is in a specific register both in GCC and MSVC on windows x64
The goal is to guarantee that r10 and r11 are set to certain values before a call to an assembly function:
template<typename Args...>
int wrapper(int val1, int val2, Args... args) {
// somehow ...
5
votes
1
answer
281
views
Why does the C compiler save registers in a noreturn function?
I mainly use clang, but I have also explored other compilers during my experiments, such as MinGW GCC and MSVC, but they all have this problem.
E:\code\test>clang -v
clang version 20.1.7
Target: ...
- 465
10
votes
3
answers
1k
views
Why doesn't the Windows C compiler reuse incoming shadow space in noreturn functions?
I mainly use Clang, but I have also explored other compilers during my experiments, such as MinGW GCC and MSVC, but they all have this problem.
cd C:\Users\Moi5t
clang -v
Output:
clang version 20.1.7
...
- 465
1
vote
1
answer
182
views
Why calling longjmp in a non-main stack causes the program to crash?
The following code attempts to create a simple stackful coroutine. It allocates a stack frame in the heap space by setting the rsp register and then calling a function. Afterwards, it exits the ...
- 151
1
vote
0
answers
106
views
What's the difference between label and constant x64 AT&T assembly [duplicate]
Some context behind the question. I tried writing a simple exit call like this
.data
.equ EXIT, 60
.equ STATUS, 0
.text
movq EXIT, %rax
movq STATUS, %rdi
syscall
however the code fails with a ...
0
votes
1
answer
78
views
What can cause a 64-bit assembly program's window to not be visible when run?
I have assembly code that appears to be working however when exe is run the window does not appear.
I have Windows 11, 64-bit, x64 based processor
Assembler: NASM ; Linker: GoLink
I have essentially ...
- 76
-1
votes
0
answers
36
views
Why does my "Hello, " message appear before user input in Assembly x86_64? [duplicate]
Why are two messages being printed together before user input in my x86_64 Assembly program?
I'm just starting to learn x86_64 Assembly on Linux, and I'm working on a simple program that should:
...
- 7
1
vote
0
answers
70
views
Encountering an issue in SASM XMM0 [duplicate]
The following is my SASM x86-64 code:
section .data
promptInput db "Enter two doubles: ", 10, 0
scanformat db "%lf", 0
printOpeOne db "OperandOne: %lf", 10, 0
...
- 11