Illegal instruction in Assembly - windows

I really do not understand why this simple code works fine in the first attempt but when
putting it in a procedure an error shows:
NTVDM CPU has encountered an illegal instruction
CS:db22 IP:4de4 OP:f0 ff ff ff ff
The first code segment works just fine:
.model small
.stack 100h
.code
start:
mov ax,#data
mov ds,ax
mov es,ax
MOV AH,02H ;sets cursor up
MOV BH,00H
MOV DH,02
MOV DL,00
INT 10H
EXIT:
MOV AH,4CH
INT 21H
END
However This generates an error:
.model small
.stack 100h
.code
start:
mov ax,#data
mov ds,ax
mov es,ax
call set_cursor
PROC set_cursor near
MOV AH,02H ;sets cursor up
MOV BH,00H
MOV DH,02
MOV DL,00
INT 10H
RET
set_cursor ENDP
EXIT:
MOV AH,4CH
INT 21H
END
Note: Nothing is wrong with windows config. I have tried many sample codes that work fine
Thanks

You left out a JMP:
call set_cursor
jmp EXIT ; <== you forgot this part
PROC set_cursor near
What's happening is that after call set_cursor, you're then falling through to the proc and and executing it again, then when you hit the ret it pops the stack and you jump to, well, who knows?
Edit: As someone else pointed out, you're better off putting your PROC after your main code ends, instead of sticking it in the middle and jumping around it. But you've probably figured that out already :)

You should move the code of the procedure after the part where you exit the program (or follow egrunin's advice).
The reason for your segfault is that the code in the procedure is executed again after you first call it. During the second execution the code crashes on RET because there is no valid return address on the stack.

Related

GDB Doesn't Return Prompt on macOS After Run

I'm new to assembly, and am consequently also learning to play around with GDB.
I've got a simple program I'm trying to test GDB with:
global _main
SECTION .data ;ro = read only
txt DB 0x41, 0x0A, 0x00 ;db = define byte
.len EQU $ - txt ;Assembler constant definition: Make len (current memory position start of line ($$ is start of current section) - position of txt)
SECTION .text ;Code
_main:
;Write message
MOV rax, 0x02000004 ;sys_write
MOV rdi, 1 ;File descriptor stdout
MOV rdx, txt.len ;Message length
MOV rcx, txt ;Message to write
SYSCALL ;Return value stored in rax
;Exit
MOV rdi, rax ;Copy return value to rdi as exit code
MOV rax, 0x02000001 ;Exit syscall number
SYSCALL
After setting breakpoints (e.g. b 18 -- before the program exits) and running the program via r, GDB announces that it is running the program on a new thread and my prompt is indefinitely taken away. ^C does nothing, and all I can do to stop the process is kill it.
I barely know what I'm doing, so probably something dumb, but how do I get my prompt to return so I can interact with GDB?

Can anyone explain me how does this Flat Assembler code works?

I am trying to learn me making GUI programs in assembly. I downloaded Flat Assembler and started to read the example programs. There I found this code.
This is 64 bit code in assembly (fasm) for Windows. It makes empty window. But there was very few comments in It, so It's hard for me to understand what's going on. I commented here which parts I don't understand.
format PE64 GUI 5.0
entry start
include 'win64a.inc'
section '.idata' import data readable writeable
library kernel32,'KERNEL32.DLL',\
user32,'USER32.DLL'
include 'api\kernel32.inc'
include 'api\user32.inc'
section '.data' data readable writeable
_title TCHAR 'Win64 program template',0
_class TCHAR 'FASMWIN64',0
_error TCHAR 'Startup failed.',0
wc WNDCLASSEX sizeof.WNDCLASSEX,0,WindowProc,0,0,NULL,NULL,NULL,COLOR_BTNFACE+1,NULL,_class,NULL
msg MSG
section '.text' code readable executable
start:
sub rsp,8 ; Make stack dqword aligned
invoke GetModuleHandle,0 ;GetModuleHandle,0?
mov [wc.hInstance],rax ;wc.hInstance?
invoke LoadIcon,0,IDI_APPLICATION ;LoadIcon,0,IDI_APPLICATION?
mov [wc.hIcon],rax ;wc.hIcon?
mov [wc.hIconSm],rax ;ec.hIconSm?
invoke LoadCursor,0,IDC_ARROW ;LoadCursor,0,IDC_ARROW?
mov [wc.hCursor],rax ;wc.hCursor?
invoke RegisterClassEx,wc ;RegisterClassEx,wc?
test rax,rax ;test?
jz error
invoke CreateWindowEx,0,_class,_title,WS_VISIBLE+WS_DLGFRAME+WS_SYSMENU,128,128,256,192,NULL,NULL,[wc.hInstance],NULL
test rax,rax
jz error
msg_loop: ;What does this function?
invoke GetMessage,msg,NULL,0,0
cmp eax,1
jb end_loop
jne msg_loop
invoke TranslateMessage,msg
invoke DispatchMessage,msg
jmp msg_loop
error:
invoke MessageBox,NULL,_error,NULL,MB_ICONERROR+MB_OK
end_loop:
invoke ExitProcess,[msg.wParam]
proc WindowProc uses rbx rsi rdi, hwnd,wmsg,wparam,lparam ;?
; Note that first four parameters are passed in registers,
; while names given in the declaration of procedure refer to the stack
; space reserved for them - you may store them there to be later accessible
; if the contents of registers gets destroyed. This may look like:
; mov [hwnd],rcx
; mov [wmsg],edx
; mov [wparam],r8
; mov [lparam],r9
cmp edx,WM_DESTROY
je .wmdestroy
.defwndproc: ;What does this?
invoke DefWindowProc,rcx,rdx,r8,r9
jmp .finish
.wmdestroy:
invoke PostQuitMessage,0
xor eax,eax
.finish:
ret
endp

Assembly - Moving data from Register to Memory in MASM

I am trying to move stuff from a register to a variable in .CODE, but trying to do so makes my program start over in an infinite loop (no crash and no error message, but obviously broken). I don't understand what I'm doing wrong. Here is the beginning of my code where I am trying to move data; the program never even gets past this part when I include it:
.CODE
screenX DWORD 0
screenY DWORD 0
...
ProcName PROC
mov ebx, edx ;; Copy srcBitmap into ebx
mov eax, edi ;; Take given y-location (edi)
mov edx, (EECS205BITMAP PTR [ebx]).dwHeight
shr edx, 1 ;; Subtract dwHeight/2 to center
sub eax, edx
mov screenY, eax ;; Program jumps back to beginning with no error message
Seems like I'm missing something obvious, anyone have a clue?
Your application's code segment (which is actually it's .text section under Windows) isn't writable. If you want to modify these variables you need to put them in the data segment.

Creating variables inside main's frame (Linux)

[SOLVED]
I'm trying to do my own assembly code to do what similar C code will do:
main()
{
scanf("%d",&integer_var); // here must be the address of the integer_var
printf("Your Value is:%d",integer_var);
}
Well this is in C, so I'm doing with NASM under linux with extern functions. scanf and printf and compile first with nasm and then with gcc.
Here's my code (is not right :D)
SECTION .text
argstr: db "%d",10,0
str: db "Your value is:%d",10,0
extern printf
extern scanf
SECTION .data
global main
main:
push ebp
mov esp,ebp
sub esp, 0x10 ;ok integer right?
mov [ebp-0x4],0x0 ;just put 0 number on our integer variable
mov eax,(ebp-0x4) ;here i don't know how to push the address of ebp-0x4
push ecx ;first push is last argument so here's our address to scanf
push argstr ;just the string format
call scanf ;call that to input something
;I have no idea how to do this
;but if i don't do this i get an error
;because the scanf won't clear the arguments on stack
;and what scanf can't return
pop edx ;maybe help here? but it works fine
pop edx
push [-0x4(ebp)] ;i want the value of our var :D
push str
call printf
pop edx ;clear the stack to avoid "segment fault" or something similar
pop edx
mov esp,ebp
pop ebp
ret ;the end :(
Compiler error:
a.asm:18: error: invalid operand type
a.asm:28: error: parser: expecting ]
Another thing: Do I need to align the stack on this case, by the way?
thanks guys ! :)
EDIT solved whole program!
well at least, I can print the variable with printf. scanf i will do later and then I will share here the last result:
SECTION .text
str: db "Value is:%d",10,0
extern printf
SECTION .data
global main
main:
push ebp ;the main function starts here.
mov ebp,esp
;
sub esp,4 ;we need 4bytes of space for the integer
and esp,0xfffffff0 ;align the stack
mov [esp-4], dword 0xff ;move the value 0xff to our var
mov eax,[esp-4] ;move our variable value to the eax
push eax ;second argument of printf
push str ;first argument of printf
call printf ;printf
;
add esp,16 ;this add to the stack pointer what we pushed basicly
mov ebp,esp ;if we don't do add 16 to esp it shows us
pop ebp ;a segment fault cuz ret doesnt pop saved ebp
ret ;of who whatever called this program :)
To load the address EBP-4 into EAX, use lea eax, [ebp-4]. (this is NOT the same as pushing the address.)
In order to push the value at memory location EBP-4, push dword [ebp-4] should work.
Then you need to specify operand size for one of your movs, too: mov [ebp-4], dword 0x0.
These will fix your current assembler errors, and make your program compile, but there are a few other errors in there that will probably prevent it from running.
Here's a working attempt that is close to yours:
;note the sections, the string literals are better in .rodata
;all code goes in .text
SECTION .rodata
;no newline after scanf string
argstr: db "%d",0
str: db "Your value is: %d",10,0
SECTION .text
extern printf
extern scanf
global main
main:
push ebp
mov ebp,esp ;move esp to ebp, NOT other way round!
sub esp, 4 ;4 bytes are enough for the local variable
;there are NO alignment requirements for this program
lea eax,[ebp-4]
push eax
push dword argstr
call scanf
add esp, 8 ;since we don't actually need the popped values
;we can increment esp instead of two pop edx
push dword [ebp-4]
push dword str
call printf
add esp, 8
mov esp,ebp
pop ebp
ret

Any Way To Make This Snippet More Efficient?

I just started playing around with MASM styled assembly and after playing around long enough managed to make a sort of loop. This is just from tinkering so I was wondering if anybody could give me any insight and explanation on if this code is inefficient or how it can be improved.
.386
.model flat, stdcall
option casemap:none
include \masm32\include\windows.inc
include \masm32\include\masm32.inc
include \masm32\include\user32.inc
includelib \masm32\lib\masm32.lib
includelib \masm32\lib\user32.lib
.data
MsgBxTitle db "Loop Step", NULL
.data?
Buff dd ?
MsgBxBody dd ?
.code
start:
XOR eax,eax
MOV Buff, eax
lp:
invoke dw2hex, Buff, addr MsgBxBody
invoke MessageBox, NULL, addr MsgBxBody, addr MsgBxTitle, MB_OKCANCEL
.IF eax==IDCANCEL
RET
.ENDIF
INC Buff
CMP Buff,10
JL lp
RET
end lp
invoke ExitProcess, NULL
end start
You can shave 16 bytes off the code this way. Zero a register and push that for zero. Use a register for you dword buffer. Using registers Assemble to smaller opcodes and are "faster" than memory (labels).
I personally don't like/use the high level stuff.
start:
xor edi, edi
xor esi, esi
mov ebx, 10
lp:
push offset MsgBxBody
push edi
call dw2hex
push MB_OKCANCEL
push offset MsgBxTitle
push offset MsgBxBody
push esi
call MessageBox
test eax, IDCANCEL
jnz Done
inc edi
dec ebx
jns lp
Done:
push esi
call ExitProcess
end start
When displaying your results with MessageBox, I don't see that efficiency or performance is relevant. I have questions about your control flow. Where is "RET" intended to return to? When, if ever, is ExitProcess invoked? I don't know what "end lp" does, so perhaps I'm missing something...
Best,
Frank

Resources