x86-64

I am studying 8086/8080 microprocessors. The registers used in them have names, RAX RBX RCX RDX and go on until R8 when the registers are named as R8, R9... to R15. I wanted to know Do we also refer to the registers RAX, RBX etc as R1, R2 and so on? Standard practice is for the first 8 registers to keep their historical name. This convention is used in the documentation from Intel and AMD and in most assemblers. The reason for this is that these names are mnemonic for the function of the register. For example rsp sticks out as the stack pointer; r4 not so much. The new registers, by contrast,

I am creating a training on buffer overflows and stack/heap attacks. I am working on an Ubuntu 12.04 x86_64 machine and want to show some sample buggy programs and the ways you could exploit those vulnerabilities. I am trying to start with the most basic shellcode I have found so far, the simple exit call, which should exit the program being overflowed. Hereby the exitcall.asm : ;exitcall.asm [SECTION .text] global _start _start: xor ebx,ebx ; zero out ebx, same function as mov ebx,0 mov al, 1 ; exit command to kernel int 0x80 I've got this asm file from other tutorials, written for i386

I can't find a dedicated official website to search for such information . For example,if I want to do exit ,how should I do it with syscall introduced in x86_64? Any manual for this kind of details? I'm on Centos. Glibc sysdeps/unix/sysv/linux/x86_64/syscall.S , see if this helps. Let the C library do it for you: movl $0, %rdi # or whatever exit code you want (0-127) call _exit You really do not want to make system calls yourself. The C library insulates you from a bunch of low-level ABI issues (many system calls exist in more than one version, depending on exactly which kernel you have; some

i am writing a simple c program and my requirement is to print RIP(Instruction Pointer) from some function of the program. i dont want to use ptrace. the one thing i tried with inline asm is: asm("movl %%rip, %0;" : "=r"(val) ) this should copy my rip register value to variable val, but i am getting compilation error. if i use ebp/esp which are base pointer and stack pointers for 32 bit machine, i dont get any compilation error and my val has some hexadecimal number assigned. i have few questions here: 1) as my machine is 63 bit, how was above instruction able to read 32 bit registers? 2) why

I'm doing a project in x86-64 NASM and came across the instruction: mov rdi, rdi in the output of a compiler my professor wrote. I have searched all over but can't find mention of why this would be needed. Does it affect the flags or is it something clever that I don't understand? To give some context it's present in a loop right before the same register is decremented with sub . zx485 The instruction mov rdi, rdi is just an inefficient 3 byte NOP, equivalent to an actual NOP instruction. Assembling it, it generates the byte combination 48 89 ff mov rdi, rdi That can be considered as a NOP

struct Big { int a[8]; }; void foo(Big a); Big getStuff(); void test1() { foo(getStuff()); } compiles (using clang 6.0.0 for x86_64 on Linux so System V ABI, flags: -O3 -march=broadwell ) to test1(): # @test1() sub rsp, 72 lea rdi, [rsp + 40] call getStuff() vmovups ymm0, ymmword ptr [rsp + 40] vmovups ymmword ptr [rsp], ymm0 vzeroupper call foo(Big) add rsp, 72 ret If I am reading this correctly, this is what is happening: getStuff is passed a pointer to foo 's stack ( rsp + 40 ) to use for its return value, so after getStuff returns rsp + 40 through to rsp + 71 contains the result of

I was trying to make a basic printf example in x86-64 assembly code for OSX, here's my first version: section .data msg db 'hello', 0Ah section .text extern _printf global _main _main: sub rsp, 8 mov rdi, msg mov rax, 0 call _printf add rsp, 8 ret So this code is moving the absolute address of msg into rdi for the first argument to _printf , and gcc then complains about the lack of position-independent code. The binary still works though: → nasm -f macho64 new.asm && gcc -m64 -o new new.o && ./new ld: warning: PIE disabled. Absolute addressing (perhaps -mdynamic-no-pic) not allowed in code

I have an issue when trying to use an external lib : I can't compile the project as it throws an exception as below. ld: warning: ignoring file /Users/renaudcousin/Documents/XCode/WORK/StimShopPOC/StimShopPOC/libStimshop_SDK.a, missing required architecture x86_64 in file /Users/renaudcousin/Documents/XCode/WORK/StimShopPOC/StimShopPOC/libStimshop_SDK.a (3 slices) Undefined symbols for architecture x86_64: "_OBJC_CLASS_$_StimshopSDK", referenced from: objc-class-ref in ViewController.o ld: symbol(s) not found for architecture x86_64 clang: error: linker command failed with exit code 1 (use -v