All of these operations in your code are incorrect: mov[num1 + eax-3], 0 StdIn returns the number of characters read, excluding the NUL terminator. So if you entered 100, eax will be 3, so you'll set the very first byte to 0, thereby making num1 an empty string. Even worse,...
Java uses bytecode. The most similar would be javap, per the linked Oracle documentation, the javap command disassembles one or more class files. Its output depends on the options used. package com.stackoverflow; class Main { public static void main(String[] args) { System.out.println("Hello, World!"); } } If I compile that to...
In MIPS, during beq the offset to add to program counter is calculated as: signextend immediate value offset = (immediate value) << 2 New PC is calculated as: pc += offset Here, in your code, you want to move pc back 12 bytes or 3 instruction if $8 == $0....
c++,assembly,visual-studio-2013
Your code does have a main function, which is required for it to work. As you said the debugger returned a 'missing executable' error, I'm assuming you didn't compile the code, or if so, got some errors which can be found in the output and error windows. If you're working...
The problem is, you don't have debug info for the ptr type, so gdb treats it as integer. You can examine its real contents using: (gdb) x/a &ptr 0x600124 <ptr>: 0x7fffffffe950 (gdb) p/a $rsp $3 = 0x7fffffffe950 Of course I have a different value for rsp than you, but you...
c,visual-studio-2012,assembly,64bit
Each core (physical or virtual) in a multi-core CPU has its own IDT. What you're seeing are the IDTR values for different cores in your system. None of them are incorrect.
If you are still interested in tricking the Visual C++ compiler you can try this code #define pushargs(...) for (unsigned int _esp; ;) _esp = varcount(), _esp =(_esp-varcount(__VA_ARGS__))>>2, pushargs_c(_esp, __VA_ARGS__ ); unsigned int __declspec(naked) __forceinline varcount(...) { __asm mov eax, esp; __asm ret; } unsigned int __declspec(naked) __forceinline pushargs_c(unsigned int...
Normally the suffix is ignored/not important if proper register names are given. So the instruction above is a 32 Bit instruction because esi and ecx are 32 Bit registers.
The assembly file is meant to be run through the C preprocessor before being sent to the assembler. This should result in the C macro being properly expanded, assuming that the macro been defined in the one of the other files that are included by the #include lines. To have...
There is no mov which takes 2 memory operands. See the instruction set reference. You can go through a byte-sized register, for example: mov dl, [rax] mov [rbx], dl Also note that the calling convention mandates some registers need to be preserved, including rbx. You could use rcx instead, or...
AVX is disabled because the entire AMD Bulldozer family does not handle 256-bit AVX instructions efficiently. Internally, the execution units are only 128-bit wide. So 256-bit operations are split up thereby providing no benefit over 128-bit. To add insult to injury, on Piledriver, there's a bug in the 256-bit store...
assembly,nasm,interrupt,ms-dos
You should not let your radius get bigger than 99 because the dimensions of the screen are 320x200 and you are drawing from the center of the screen with no checks on the outcome of the address calculation in DI register. To get the desired loop make the following changes:...
The subl $16, %esp is a red herring. The actual issue is in print_int: movl value(%ebp), %eax jge .L1 # if value >= 0 movl doesn't set flags. You are missing a test %eax, %eax or equivalent before the jge. Learn to use a debugger. It would have pointed you...
if you perform SHR 00110000b you would end up with 00011000b If you shifted one bit to the right, yes. You can specify the shift amount, so it's not fixed at 1. However, if you were to perform SHR on 11111111b you would end up with an incorrect answer...
If you declare the return type func as float the result will be returned in the FPU (ST0). For returning a value in EAX you have to declare it as an integer type. For printf you have to fake a float. Example: caller.c: #include <stdio.h> #include <stdint.h> extern float asmfunc1(float);...
When calling any function in x86-64 assembly, AL must contain the number of registers used. It's the convention, you can't avoid it. Variable-argument subroutines require a value in RAX for the number of vector registers used. RAX is a temporary register; with variable arguments passes information about the number of...
c++,c,assembly,gdb,benchmarking
Your hex dump is just a bunch of function names so it doesn't tell us much. And you didn't mention an operating system either... I'll assume if you can run gdb on it, you can use GNU binutils too. For a start you can try objdump -h myprog. It will...
The reason that you cannot do it is not a limitation in TASM but a "feature" of the instruction set. The Intel/AMD instruction sets do not support moving an immediate value into the DS register. It is not unusual in CISC based computers to have various restrictions and limitations. It...
You have forgotten to cleanup the stack. In the prologue you have: pushl %eax pushl %ecx pushl %edx pushl %ebp movl %esp, %ebp You obviously need to undo that before you ret, such as: movl %ebp, %esp popl %ebp popl %edx popl %ecx popl %eax ret PS: I have already...
winapi,assembly,stack,x86-64,masm
mov dword ptr [rsp + 20h], 0 is wrong. The last parameter has the type LPOVERLAPPED, which is here a 64-bit pointer. Change the line to mov qword ptr [rsp + 20h], 0 Also, lea rcx, handle is wrong. WriteFile expects a value, not an address (pointer). Change it to...
You cannot use compiler intrinsics because they are processed by the Delphi compiler rather than the assembler. Intrinsics are resolved by the Pascal compiler processing and parsing Pascal expressions, and then emitting code. That's the job of a compiler rather than an assembler. At least, that's my mental model. In...
To access any individual element of array, you can use it as: la $t3, array # put address of array into $t3 If array is a byte array, like: array: .byte 'H','E','L','L','O' to access the ith element: lb $a0, i($t3) # this load the byte at address that is (i+$t3)...
Unlike A32's "flexible second operand", there is no common immediate format in A64. For immediate-operand data-processing instructions (ignoring the boring and straightforward ones like shifts), Arithmetic instructions (add{s}, sub{s}, cmp, cmn) take a 12-bit unsigned immediate with an optional 12-bit left shift. Move instructions (movz, movn, movk) take a 16-bit...
c,assembly,operating-system,stack-trace
Nope, the memory is not dynamically allocated. In the function before main (_start), argv and argc are pushed onto the stack for usage with main The change in address has nothing to do with the number of arguments. It could be the batting of a butterfly's wings in another...
These three lines contain your answer: lea 0x1(%rax),%edx mov %edx,-0x4(%rbp) mov %eax,-0x4(%rbp) The increment operation isn't skipped. lea is the increment, taking the value from %rax and storing the incremented value in %edx. %edx is stored but then overwritten by the next line which uses the original value from %eax....
assembly,x86,switch-statement,emulation,opcodes
If you are branching across 256 opcodes through a switch block, you're going to be doing an indirect jump which the CPU cannot predict well, and that will get you a pipeline break on every opcode. If the work to emulate an opcode is fair size, then this pipeline break...
Opcode: 0000 11 Remaining 26 bits: Bits 2-27 of the address of label Explanation: The machine language equivalent that you know so far is: 0000 11xx xxxx xxxx xxxx xxxx xxxx xxxx x represents not-known-at-this-point. To find 32-bit Machine Language representation of jal func, first thing you'd need is the...
This answer assumes Intel x86 architecture. Is is right when I execute a CALL function in assembly that instruction is pushed onto the stack ? No. What is pushed onto the stack is the value of the instruction pointer, which at that time points to the instruction following the CALL...
The immediate problem is that your prints destroys bx (because it sets bl and bh) so your printmem loop which requires bx to be preserved blows up. However, it also destroys al so your input loop won't be storing the correct value in memory to start with, either. Furthermore, while...
This simple code will output all ASCII's from 0 to 99. mov ah,01h int 21h aam xchg al, ah add ax, 3030h mov dx, ax mov ah,2 int 21h mov dl, dh int 21h To output in hex (allows all 256 codes to be shown) use mov ah, 01h int...
The lodsb instruction loads the byte pointed to by the DS and SI registers but you haven't loaded either with a valid value. Since this a bootloader you also need to use the ORG directive, otherwise the assembler won't know where you code, and therefor welcome, gets loaded into memory....
assembly,x86,calling-convention,att
movl 8(%ebp), %eax brings your int a in the %EAX register. movswl 12(%ebp), %edx brings your short b in the %EDX register. Since subl %edx, %eax subtracts %EDX from %EAX you obtained (a - b)...
Is "$32" means 32 bytes ?($number means constant ?) If yes then how are we allocating 32 bytes on 64 bit register? These 32 bytes are not allocated on 64 bit register. They are allocated on the stack. By lowering the stackpointer (which is in %rsp) the address range...
assembly,equation,tasm,dosbox,operands
Your program is almost good, you only have some issues with operand sizes, which is normal. So I took your code and made some little changes, those changes are commented and pointed by arrows (<========) and they are : Fixed the operand size problem. I still use DB because I...
You can't make your inline assembly code portable to Microsoft's C/C++ compiler for two reasons. The first is that syntax for asm statements is too different. Microsoft's compiler expects something like asm { mov rax, [rbp + 8] } instead of asm("movq -8(%rbp), %rax\n\t"). The second is that Microsoft 64-bit...
c,assembly,memory-address,watcom
I don't think there's any way to convince the OpenWatcom compiler to emit a group based segment relocation. Part of the problem is that there's no way to declare or define the group so that you can refer to it in the inline assembly. However, it appears the OpenWatcom linker...
c,assembly,operating-system,kernel,hex
You're not initializing the segment registers. Try changing the start of your bootsector to something like this: xor ax, ax mov bp, 0x9000 mov ds, ax mov es, ax mov ss, ax ; disables interrupts until the end of the next instruction mov sp, bp mov [BOOT_DRIVE], dl ...
In MASM the label MY_VAR translates to the offset part of the address of MY_VAR relative to the segment it was declared in (if you use it like mov ax, MY_VAR) or relative the to segment you have assumed for the segment register you are using to access it (if...
Well, the problem is that it is not just the mapping of hardware, as well as it is not just the bootloader in the computer. What you are really talking about is the writing of a driver. BIOS manages the simplest devices and uses the best available methods to achieve...
It's the xorpd instruction. It causes and Exception of type 4, which happens when you specify an unaligned memory location with the VEX prefix before instruction (not 100% sure here). However, it's not the only one, there are about 106 more instructions that cause the same thing. ...
Old MinGW versions had the problem that "ld" was not able to create non-PE files at all. Maybe current versions have the same problem. The work-around was creating a PE file with "ld" and then to transform the PE file to binary, HEX or S19 using "objcopy"....
To define a string you can use the .STRINGZ directive, which also places the terminating zero after it. You should use BRNZP because the assembler apparently doesn't like BRZNP. Other than that, your code works fine.
assembly,floating-point,x86,sse,avx
Here's an alternate implementation which uses fewer instructions: static inline void maxminmag_test(__m128d & a, __m128d & b) { __m128d cmp = _mm_add_pd(a, b); // test for mean(a, b) >= 0 __m128d amin = _mm_min_pd(a, b); __m128d amax = _mm_max_pd(a, b); __m128d minmag = _mm_blendv_pd(amin, amax, cmp); __m128d maxmag = _mm_blendv_pd(amax,...
Here's an example from a course that I teach. This is a raw bootsector that you can compile directly as an object file and use as a bootable floppy or USB image in something like Qemu, VirtualBox, VMWare, Bochs or a real machine. This makes use of the real mode...
The following appears to work fine for me: NAME = libfts.a SRC_ASM = file1.s \ file2.s \ file3.s \ OBJ_ASM = $(SRC_ASM:.s=.o) FLAGS = -Wall -Werror -Wextra NASM = nasm AR = ar RANLIB = ranlib ASM_FLAGS = -f macho64 all : $(NAME) $(NAME): $(OBJ_ASM) $(AR) rc $(NAME) $(OBJ_ASM) $(RANLIB)...
Your first instruction is the problem: cmp rdi, 0. You're comparing the string pointer, passed to my_puts, to the value 0 to determine if you should print "(null)" rather than comparing the first byte of the string to 0. I'm supposing if you pass a 0 pointer, that would be...
assembly,x86,operating-system,kernel
As bochs told you, your selector 0x08 has CPL=0 but the descriptor entry has DPL=3. Remember that the two least significant bits of the selector are the CPL. Thus, to switch to ring3, you should use 0x0b.
loops,assembly,counter,increment
The fault is caused because the mouse interrupt 33h function AX=0003h returns the mouse position in CX and DX. This overwrites your "counter" in register CX. It is always a dangerous game to keep values in registers throughout a program. Better to have a memory variable location. You could also...
It's because of the mov DWORD PTR [esp],eax Apparently, your puts and gets implementations require the argument to be pushed onto the stack. Value [ebp-0xc] is actually [esp] now, that's why that dword is reserved ahead. Why is it so? Doing it this way is more efficient, as you don't...
Variables created in the .data section are directly accessable from every procedure. LOCAL variables are only present in the specific procedure and getting popped from the stack as soon as the procedure ends. What do you mean exactly with "end up with a random value"?
You can't use MS-DOS services (INT 21h) in a bootloader. MS-DOS is an operating system, like Linux or Windows. Just like how you can't use Linux services before Linux has loaded, you can't use MS-DOS services before it has loaded. In a bootloader you're restricted to using BIOS services (or...
assembly,input,keyboard,mouse,simultaneous
Thanks for your advice knm241. The above program now works fine thanks to you. The only problem that occurred was that the keyboard buffer was not clearing and thus the program would get stuck in a loop. I fixed that by clearing the buffer and now everything works. I used...
Maybe you could do push %rbp mov %rsp, %rbp # puts("Hello World\n") mov $_message, %rdi mov $puts, %eax call %eax pop %rbp ret and thus forcing the call to become an absolute one. The question is whether assembler doesn't optimize this out for its own purposes....
arrays,assembly,input,user,mips
Some mistake I found is: In GETLIST: sw $v0,0($a2) #store in array add $a0,$a0,4 #next number <= instead write 'add $a2,$a2,4' if you want don't want to overwrite it. Also the problem in printing list is that you are adding $a2 to store the number in the array. But, you...
c,assembly,floating-point,hybrid
An example as addition to the comments of Ross Ridge. main.cpp: #include <iostream.h> extern "C" { int f1( int* ); float f2( float* ); } int main() { int x1[100] = {5,3,4,5,6}; float x2[100] = {5,3.0,4.0,5.0,6.5}; cout << "Sum of x1 = " << f1(x1) << endl; cout << "Sum...
The problem is that INT 16h AH=00h returns a ASCII character code in AL and an scan code in AH. The mov [qbuf], ax instruction stores both in the buffer, but INT 10h AH=0Eh only prints ASCII characters. It ends up interpreting the scan code you stored in the buffer...
c++,assembly,inline-assembly,ms-dos,borland-c++
The type int can only hold a 16-bit signed integer and the number you tried to assign to filename is way outside its range. As int variables are two bytes long, they're not all that useful for storing file names. Instead you should store the name in an array of...
assembly,x86,segmentation-fault,mmap
The value in R8 at the time your program crashes is the file descriptor returned by the open syscall. Its value is probably 3 which isn't a valid address. You'll need to stores these values in a range of memory you've properly allocated. You can create a buffer in your...
Somewhat ironically, by using UAL syntax to solve the first problem you've now hit pretty much the same thing, but the other way round and with a rather more cryptic symptom. The only Thumb encodings for (non-flag-setting) mov with an immediate operand are 32-bit ones, however Cortex-M0 doesn't support those,...
Is kernel just one process? (Is it the init process?) The kernel is a magic beast. It's not a process. The kernel doesn't have a PID you can refer to. First, it's worth stating (even though it's obvious) that instructions runs on the processor: Therefore, int 80h is executed...
c,assembly,operating-system,protected-mode
There's only one GDTR register and it points to a location in the linear address space. It's not normally changed for each process. Instead the LDTR register is changed if different processes need different selectors. With most modern operating systems this is not the case and processes all share the...
Since labels wouldn't work, I dug through the gas documentation and found that it's also possible to create expression symbols, and that one could use . to get the location's address. As it turns out, with the Mach-O output format, gas will accept this: .set main, . sub edx, edx...
assembly,stack,stack-overflow,8086
If you're not allowed to modify the code then search for a 0CBh or 0CAh byte anywhere in the code segment. These are far return instructions, but they don't actually have used for that purpose by the code. You just need to find a byte with either of these values....
There simply is no such form of je. What you can do is put a relative conditional jump based on the opposite condition, followed by an unconditional register-indirect jump: jne skip jmp eax skip: You could make a macro out of this to save you from writing the same thing...
In order to use lea rax, [rip] in inline assembly with GCC you need to convert it to AT&T syntax and the quote it correctly so the % characters aren't interpreted as operand substitutions. So for example: asm volatile ("lea (%%rip),%%rax" ::: "rax"); Note that since this doesn't actually do...
As Jongware states in his comment the 40 REX prefix is ignored. The reason why you're seeing this however isn't because of a broken compiler, but because the compiler is following the Windows x64 ABI. Functions are required to begin with an instruction that's at least two-bytes long to allow...
Two problems. One, the call strlen is allowed to clobber some registers which include rdi and you need that later. So, surround the call strlen with push rdi and pop rdi to save and restore it. Second, you do not initialize rdi in the print_newline block. You need to set...
According to standard calling convention, some registers are caller-saved, namely eax, ecx and edx. As such, you shouldn't expect their value to be retained through a call printf. That's presumably why you get wrong value printed. You could push the second one on the stack before printing the first one,...
div di divides the 32 bit quantity dx:ax by di. We don't know what value your bx has, but presumably it produces dx=1 (due to the adc dx, dx). So the division is going to be 0x10003 / 3 = 0x5556 remainder 1, and that's exactly what you see. PS:...
assembly,x86,bootloader,16-bit
Execution starts at the top. If you omit the jmp start then the character h will get interpreted by the CPU as if it were an instruction. Surely you see that such can not be correct? as far I was concerned, there was no distinction between code and data? There's...
No, there isn't. The easiest way around it is to have a C function with the asm, and then call that C function with ISO_C_BINDING.
You wrote [130], not 130. Are you sure that's correct? I don't know whether (and I don't think) that's possible. "The Art of Assembly Language" calls this "Based Indexed Plus Displacement Addressing Mode". The default segment in this case is DS (because you use BX), which means your instruction is...
There is no simple answer, so I won't delve into it here. You have to peek into the FAT (File Allocation Table) structures on the disk: https://en.wikipedia.org/wiki/Design_of_the_FAT_file_system More, Reference: https://en.wikipedia.org/wiki/File_Allocation_Table...
string,assembly,x86,att,reversing
Your immediate problem is cmpb '\n', %al which is missing the $ sign required in at&t syntax to make it an immediate. As it is, '\n' is considered an address, and an invalid one at that. You should use cmpb $'\n', %al. However scanf will not place '\n' into your...
When a string is captured from keyboard with int 21h, ah=0Ah, the string has next structure: As you can see, the first two bytes are control, the characters entered by user start at the third byte (byte 2). The last char is chr(13) (ENTER key). To display this captured string...
You want to use the JB and JA (jump below/above) instructions instead of JL/JG. The COMISS instruction sets the flags as if it were two unsigned integers being compared. This makes the effect on the flags simpler. The COMISS instruction's effect on flags is documented in the Intel 64 and...
char * args[2]; Is an array of two pointers. On 32-bit machines, pointers (addresses, but not necessarily) are 32 bits wide, and on 64-bit machines, pointers (and never addresses) are 64 bits wide. That means, that the area on the stack in the current stack frame must be 2 *...
Conditional branches are I type instructions, they have 16 bit immediate field. If the condition is met, PC is updated as PC += immediate << 2. PC is the address of the conditional jump. The immediate is a two complement value (to jump back eventually), so the range is from...
IA32 processors have a default code size, in 16 bit code segments (or in real mode) is (guess) 16 bit. In 32 bit and 64 bit code segments it is 32 bit. Instructions like mov eax, 3ch are actually something like mov A, 3ch where A is the A register...
Yes, there definitely is something more to it. To turn a string into a byte, you can use something like this ; INPUT esi = a null-terminated string ; OUTPUT al = the number str2byte: push cx mov cx, 0x0a00 xor al, al .loop: mul ch mov cl, byte [esi]...
Use BIOS function 0Ah to do that. mov cx,1 mov bx,7 mov ax,0A0Ah int 10h ...
Here's the line where things go wrong: move $a0, $v0 #n = mcc91(n + 11) You're trying to move the return value from a previous call to mcc into $a0, but you never actually place the return value in $v0. So you'll need to change this part: base: subi $a0,...
Looking at your code I was able to find the infinite loop. PROG1 ADD R1,R1,#0 BRZ IMPOSSIBLE AND R2,R2,#0 ADD R2,R2,#1 NOT R4,R1 ADD R4,R4,#1 REP1 ADD R3,R0,R4 ; subtracts #27 from x5000 until negative BRN FIN1 ADD R0,R3,#0 BRNZP REP1 ; infinite loop IMPOSSIBLE AND R2,R2,#0 BRNZP FIN1 FIN1...
cmpss and its friends are more meant to give you masks that you can do branchless computation with, you could extract it to a GPR and then test that and so on but that's all a bit verbose and unnecessary. If you want to branch, ucomiss (or comiss, depending on...
According to your example you are fighting with the "little endian" byte order. A byte sequence of 12 34 56 78 is loaded into a 32-bit register as 78563412. You can reverse the byte order in a 32/64-bit register with BSWAP. In the second case you need to reverse the...
winapi,assembly,x86,masm32,playsound
Read the documentation. PlaySound function pszSound A string that specifies the sound to play. The maximum length, including the null terminator, is 256 characters. If this parameter is NULL, any currently playing waveform sound is stopped. To stop a non-waveform sound, specify SND_PURGE in the fdwSound parameter. ... fdwSound Flags...
The hint tells you to create BB XOR CC then apply that to BB and CC. It's an example of the well known XOR swap. Something like this: EOR R1, R0, R0, LSR #8 @ R1 = AA BB^AA CC^BB DD^CC AND R1, R1, #0xff00 @ R1 = 00 00...
The DEFINE_ARGS macro defines a number single line macros the are meant to be used to refer to the arguments of the function that the cglobal macro introduces. So for example, if foo is given as the name of the first argument then DEFINE_ARGS creates the following defines: %xdefine fooq...
assembly,optimization,bit-manipulation,division,multiplication
That method is called, "Division by Invariant Multiplication". The constants that you're seeing are actually approximates of the reciprocal. So rather than computing: N / D = Q you do something like this instead: N * (1/D) = Q where 1/D is a reciprocal that can be precomputed. Fundamentally, reciprocals...
Logic wise. Get the even bits by anding with AAAAAAAA Then right shift that, to give N1er2 Get the odd bits by Anding with 55555555 to give N1o The result would be N1er2 Ored with N1o...
c,assembly,makefile,global-variables
You must use the compiler's -c option if you want to compile a C source into an object file. Without it, gcc tries to go on linking, which is not what you want. E.g. b.o: b.c gcc -c -m32 -Wall -g b.c should get you a bit further....
jmp *%eax is AT&T syntax for jmp eax, which is one form of jmp r/m32. It will jump to the address contained in register eax: Jump near, absolute indirect, address given in r/m32. Another form of the same type of jump instruction is jmp *(%eax) which corresponds to jmp [eax]...
assembly,cpu-architecture,microcoding,mal
The instruction shifts the value in the TOS register to the left by 8 and stores the result in the H register. It then bitwise ORs the value in the H register with the value of the instruction's immediate byte and stores the resulting value both in the TOS register...
python,c,gcc,assembly,shellcode
The problem with creating shellcode from C programs is not that you cannot control the assembly generated, nor something related with the code generation. The problem with creating shellcode from C programs is symbols resolution or relocation, call it whatever you like. You approach, for what I have understand, is...
c++,pointers,assembly,offset,hybrid
Ouch, long time I haven't seen a call from 16 bits C to assembly ... C or C++ allows passing a variable number of arguments provided callee can determine the number because it pushes all arguments in opposite order before calling the function, and the caller cleans up the stack...