Introduction to Windows X64 compilation (1)

Introduction to Windows X64 compilation (1)
Tankaiha

Recently intermittent contact with some of the 64-bit compilation of knowledge, here is a summary, one is a review of the stage study, and the second is to be helpful to the 64-digit compilation novice. I am also just contact with this knowledge, there must be mistakes in the text, we correct.
The title of the article contains four main elements of this article:
(1) Windows: This article is in the Windows environment of the assembly program design, debugging Environment for the Windows Vista 64-bit version, called by the Windows API.
(2) X64: This article discusses the x64 assembly, where x64 represents AMD64 and Intel EM64T, not IA64. As for the difference between the three, you can search by yourself.
(3) Compilation: As the name implies, this article discusses the programming language is a compilation, other high-level language 64-bit programming is not a discussion category.
(4) Getting started: It's not all about getting started. First, there is a lot of knowledge just donuts, more in-depth study to future efforts. Second, it's easy for beginners like me to just touch x64 assembly.
debugging environment for all the code in this article: Windows Vista X64,intel Core 2 Duo.

1. Setting up the development environment
1.1 Compiler Selection
The development environment also differs for different x64 assembler tools. The most common is Microsoft's MASM, in the x64 environment, the corresponding compiler has been renamed to Ml64.exe, with Visual Studio 20,051 published. So if you are a loyal fan of Microsoft, you can install VS2005 directly. At run time, simply open the appropriate 64-bit command-line window (Figure 1), and you can compile it with ml64.


The second recommended compiler is GOASM, which contains a total of three files: the Goasm compiler, the Golink linker, and the GORC Resource compiler, with an include directory. Its largest good outside is small, without having to learn 64-bit assembler to install several G's vs. Therefore, the code for this article is compiled under Goasm.

The third yasm, because not ripe, so no longer repeat, interested friends self-test it.
Different compilers, the syntax will be a certain difference, this is the following.

1.2 IDE Selection
Searched the internet and did not find an IDE to support asm64, not even an editor. Therefore, the simplest way is to modify the EditPlus MASM grammar file yourself, which is the method I used, at least to get syntax highlighting. Of course, if you don't bother to do it, then use Notepad.
Without the IDE, you have to manually enter a number of parameters and options each time you compile, you can do a batch process.

1.3 Hardware and operating system
The hardware requirements are 64-bit CPUs. The operating system must also be 64-bit, if a 32-bit operating system is installed on a 64-bit CPU, the program cannot be run even if it is compiled successfully.

2. Change of register
A compilation is a language that deals directly with registers, so hardware has a great impact on language. Let's take a look at what x64 and x32 compare to the hardware and what's changed (Figure 2).


X64 has 8 general-purpose registers: R8, R9, R10, R11, R12, R13, R14, R15, and of course, they are all 64-bit. 8 additional 128-bit XMM registers are added, but they are usually not used.
The registers in the X32 are expanded to 64 bits in X64, and the first letter of the name is changed from E to R. However, we can still call 32-bit registers in 64-bit programs, such as RAX (64-bit), EAX (Low 32), AX (low 16-bit), AL (low 8-bit), AH (8 to 15-bit), corresponding to R8, r8d, r8w, and r8b. Do not use registers like AH in your program, however, because this usage can conflict with certain instructions on AMD CPUs.

3. First x64 assembler
In this section, we begin to write our own first x64 assembler program. Before that, let's talk about the change of calling convention.
3.1 API call mode
Put calling convention in the first place, on behalf of its importance. In the 32-bit assembly, when we call an API, we use the stdcall, which has two features: first, all parameters into the stack, pass through the vertebral stack, and the other is called the API is responsible for the stack pointer (ESP) recovery, we do not add esp,14h after calling the MessageBox, Because the MessageBox has been restored.
In the x64 compilation, both aspects have changed. One is the first four parameter analysis passed through four registers: RCX, RDX, R8, R9, if there are more parameters, pass through the vertebral stack. Second, the caller is responsible for the allocation and recovery of the space of the vertebral stack.
Here is a snippet of code that shows a simple messagebox, paying attention to the operation of the RSP:

Code:

; Example code 1.asm
; Syntax: GoASM
DATA SECTION
text db ‘Hello x64!’, 0
caption db ‘My First x64 Application’, 0

CODE SECTION
START:
sub rsp, 28h
xor r9d, r9d
lea r8, caption
lea rdx, text
xor rcx, rcx
call MessageBoxA
add rsp, 28h
ret

???? This code is compiled in Goasm, the instruction part goasm and ML64 similar, the key is some macro definition has the difference. For example, in MASM. Code, this is the code section here. Here's the difference, compile first. The compilation in Goasm is divided into two steps:
(1) Compile: goasm/x64 1.asm
(2) Link: golink 1.obj user32.dll
If some are normal, the command line should display the contents of Figure 3.


Running, our first 64-bit Windows program is running.


Goasm also features support for macros: ARG and invoke, which can be used to exempt the programmer from manipulating the stack itself. But beginner, or from the basic mastery is better. The following section of code has the same functionality as the MASM code, note the difference. ML64 still does not support macros, so every step of the work to do their own.

Code:

; Example code 2.asm
; Syntax: ML64
extrn MessageBoxA: proc

.data
text db ‘Hello x64!’, 0
caption db ‘My First x64 Application’, 0

.code
Main proc
sub rsp, 28h
xor r9d, r9d
lea r8, caption
lea rdx, text
xor rcx, rcx
call MessageBoxA
add rsp, 28h
ret

Main ENDP
end 

???? The command line to compile this code is: Ml64 2.asm/link/subsystem:windows/entry:main user32.lib. If normal, it should be shown in 5.


It's interesting, under 64-bit systems, we still call User32 's API. May be the name of the habit, Microsoft itself is too lazy to change it.

3.2 64-bit vertebral stack
There is one more note in the code that is sub rsp,28h and add rsp,28h. 28h How does this value come from?
First, the x64 is expanded to 64 bits, and secondly, when we call MessageBoxA, we leave space for four parameters plus a return address, so 8 (bit) *5=40=28h.
Other minor issues to note that AMD64 does not support instructions for push 32bit registers, the best way is to use 64-bit registers for both push and pop. How about EM64T? Looking at Intel's development manual, each instruction is divided into three cases: pure 32-bit, pure 64-bit, and 32-and 64-bit mixing. Here is a snippet of the manual:

opcode* instruction 64-bit mode compat/leg mode Description
FF/6 Push r/m16 Valid Valid push r/m16.
FF/6 PUSH r/m32 n.e. Valid Push R/m32.
FF/6 PUSH r/m64 Valid n.e. Push r/m64.
Default operand size 64-bits.

There is no other good way to use more attention, as far as possible in 64-bit programs to keep 64-bit registers.

4. Some reference materials
After writing the first Hello World, this article stops here. Ben also wanted to write some content, but the mastery is not deep, leave it next. The feeling that some of the information has to be released in the first article, because they are the best teaching materials of the existing learning x64 compilation, the text of a lot of code and knowledge points also come from these materials.
(1) "Moving to Windows x64", From: http://www.ntcore.com/Files/vista_x64.htm
(2) Goasm's help documentation, currently the best 64-bit compilation tutorial. Originating From: www.jorgon.freeserve.co.uk
(3) "All the information you need to know before you start programming 64-bit Windows systems" from: http://www.microsoft.com/china/MSDN/library/Windev/64bit/issuesx64.mspx
(4) Two articles from Codegurus
"Assembler & Win64",
Http://www.codegurus.be/codegurus/Programming/assembler&win64_en.htm
"Bout RIP relative addressing"
Http://www.codegurus.be/codegurus/Programming/riprelativeaddressing_en.htm
(5) AMD development manual
(6) Intel Development Manual, note is the new "Ntel?" IA-32 architectures software Developer ' s Manual "

JPG change rar

Introduction to Windows X64 compilation (1)