In general, how do I link 64-bit amd64 asm code into a winddk driver? My .c code

resides one level above the /amd64 folder and calls a .asm file in the /amd64 folder.

The .asm file at this point is only:

.code

capabilities PROC
xor rax, rax
xor rbx, rbx
mov rax, rbx
RET
capabilities ENDP

END

When I run this, I crash, and the crashdump begins with:

module: nt
exception code NTStatus 0xc0000005 The instruction referenced memory at 0x%081x. The

memory could not be %s

Googling this error makes me think that the program references memory that it can’t.

But I don’t know how exactly the transition works.

Background notes:

capabilities is expected to return an integer–I think that is understood to be in

rax

I am running this with build /amd64 -cw in WinDDK 7600.16385.1 in the x64 Checked

Build Environment.

Thank you for any help that you can give!

eva

The better question you need to ask is not how to link but how to transition from C/C++ to assembly, which you do not know.

It looks like all you’re trying to do is clear RAX which you did when XOR’d RAX with RAX, making the next two lines useless and redundant, unless you were trying burn CPU cycles. But then you messed around with RBX and wondered why the system crashed. If you really don’t know why you crashed, you need to find out how registers are used in C/C++, which you need to save if you decide you know how to write assembly, and which you have to restore before you let the C compiler do what it can obviously do much better than you.

The assembly in the kernel has debate has been passed around here with the general feeling that humans that think they can beat modern compilers are mostly arrogant.

Gary G. Little

----- Original Message -----
From: xxxxx@excite.com
To: “Windows System Software Devs Interest List”
Sent: Wednesday, March 9, 2011 1:30:27 PM
Subject: [ntdev] Linking 64-bit amd64 asm code

In general, how do I link 64-bit amd64 asm code into a winddk driver? My .c code

resides one level above the /amd64 folder and calls a .asm file in the /amd64 folder.

The .asm file at this point is only:

.code

capabilities PROC
xor rax, rax
xor rbx, rbx
mov rax, rbx
RET
capabilities ENDP

END

When I run this, I crash, and the crashdump begins with:

module: nt
exception code NTStatus 0xc0000005 The instruction referenced memory at 0x%081x. The

memory could not be %s

Googling this error makes me think that the program references memory that it can’t.

But I don’t know how exactly the transition works.

Background notes:

capabilities is expected to return an integer–I think that is understood to be in

rax

I am running this with build /amd64 -cw in WinDDK 7600.16385.1 in the x64 Checked

Build Environment.

Thank you for any help that you can give!

eva

—
NTDEV is sponsored by OSR

For our schedule of WDF, WDM, debugging and other seminars visit:
http://www.osr.com/seminars

To unsubscribe, visit the List Server section of OSR Online at http://www.osronline.com/page.cfm?name=ListServer

How about answering the obvious question, “What are you really going to do
in your assembly?” It’s very likely that there is a better way to do that
without needing the assembly, and if there is, I’m sure there are several
members of the list who would know and tell you about it.

Phil

Philip D. Barila (303) 776-1264

Gary is right, only volatile registers (EAX, ECX, RDX, R8, R9, R10 and R11)
can be freely used by a called function without preserving their values.
Other registers (e.g. EBX, RSI, …) are non-volatile registers and must be
saved and restored by functions that use them.

Please read something about x64 assembler (e.g. x64 prolog/epilog,
convention calls, etc) - it’s quite different from x86 assembler.

-----Original Message-----
From: xxxxx@lists.osr.com
[mailto:xxxxx@lists.osr.com] On Behalf Of
xxxxx@excite.com
Sent: Wednesday, March 09, 2011 8:30 PM
To: Windows System Software Devs Interest List
Subject: [ntdev] Linking 64-bit amd64 asm code

In general, how do I link 64-bit amd64 asm code into a winddk driver? My .c
code

resides one level above the /amd64 folder and calls a .asm file in the
/amd64 folder.

The .asm file at this point is only:

.code

capabilities PROC
xor rax, rax
xor rbx, rbx
mov rax, rbx
RET
capabilities ENDP

END

When I run this, I crash, and the crashdump begins with:

module: nt
exception code NTStatus 0xc0000005 The instruction referenced memory at
0x%081x. The

memory could not be %s

Googling this error makes me think that the program references memory that
it can’t.

But I don’t know how exactly the transition works.

Background notes:

capabilities is expected to return an integer–I think that is understood to
be in

rax

I am running this with build /amd64 -cw in WinDDK 7600.16385.1 in the x64
Checked

Build Environment.

Thank you for any help that you can give!

eva

NTDEV is sponsored by OSR

For our schedule of WDF, WDM, debugging and other seminars visit:
http://www.osr.com/seminars

To unsubscribe, visit the List Server section of OSR Online at
http://www.osronline.com/page.cfm?name=ListServer

it depends a lot on how u are structuring ur code...

our assm routnes were like yours, and we used
extern "C" __declspec(naked) FuncName

to call them...

here is a sample sources file....

sources file for use with DDK BUILD utility

File created on 12/8/2008

File Modified on 16/2/2009

AB: This is the vesion of the sources file that is used for Production

build of the driver.

C_DEFINES to be included.

TARGETNAME = VSmall
TARGETPATH = ..\Output\P$(_OBJ_DIR)

TARGETTYPE = DRIVER
DRIVERTYPE = WDM
NO_SAFESEH = 1
USE_LIBCNTPR=1
LINKER_FLAGS = /VERBOSE:LIB /MAP

!IF ("$(DDKBUILDENV)"=="chk")
BUILDTYPE = CHECKED

WINCECODE produces assembly listings

WINCECOD=1
!ELSE
BUILDTYPE = FREE
NTDEBUG=
!ENDIF

!IF ("$(_BUILDARCH)" == "AMD64")

AMD64

!IF ("$(DDKBUILDENV)"=="chk")
LIBDIR = objchk_wlh_amd64\amd64
!ELSE
LIBDIR = objfre_wlh_amd64\amd64
!ENDIF

!ELSE

i386

!IF ("$(DDKBUILDENV)"=="chk")
LIBDIR = objchk_wxp_x86\i386
!ELSE
LIBDIR = objfre_wxp_x86\i386
!ENDIF

!ENDIF

!IF ("$(DDKBUILDENV)"=="chk") || ("$(DDKBUILDENV)"=="checked")
C_DEFINES =$(C_DEFINES) -D_ENABLE_LOG
!ELSE
C_DEFINES =$(C_DEFINES)
!ENDIF

TARGETLIBS= $(DDK_LIB_PATH)\Rtlver.lib \
$(DDK_LIB_PATH)\csq.lib \
$(DDK_LIB_PATH)\libcntpr.lib \
$(DDK_LIB_PATH)\ntoskrnl.lib \
$(BASEWORKDIR)\Memops$(LIBDIR)\memopslib.lib \
$(KEY_OUTDIR)\keys.lib \

ntstrsafe.h is in DDK_INC_PATH even for WDM driver

INCLUDES=$(INCLUDE);$(DDK_INC_PATH); \
$(BASEWORKDIR)\Include; \
$(BASEWORKDIR)\KeyLib\Keys; \

AMD64_SOURCES= ..\amd64\Util.asm \
..\amd64\ocdscomsig64.asm

I386_SOURCES=..\i386\Util.asm

SOURCES=..\vsmall.rc \


On Thu, Mar 10, 2011 at 1:00 AM, wrote:

> In general, how do I link 64-bit amd64 asm code into a winddk driver? My .c
> code
>
> resides one level above the /amd64 folder and calls a .asm file in the
> /amd64 folder.
>
> The .asm file at this point is only:
>
> .code
>
> capabilities PROC
> xor rax, rax
> xor rbx, rbx
> mov rax, rbx
> RET
> capabilities ENDP
>
> END
>
> When I run this, I crash, and the crashdump begins with:
>
> module: nt
> exception code NTStatus 0xc0000005 The instruction referenced memory at
> 0x%081x. The
>
> memory could not be %s
>
> Googling this error makes me think that the program references memory that
> it can't.
>
> But I don't know how exactly the transition works.
>
> Background notes:
>
> capabilities is expected to return an integer--I think that is understood
> to be in
>
> rax
>
> I am running this with build /amd64 -cw in WinDDK 7600.16385.1 in the x64
> Checked
>
> Build Environment.
>
> Thank you for any help that you can give!
>
> eva
>
> ---
> NTDEV is sponsored by OSR
>
> For our schedule of WDF, WDM, debugging and other seminars visit:
> OSR Seminars – OSR
>
> To unsubscribe, visit the List Server section of OSR Online at
> ListServer/Forum
>

--

- amitr0

thats right…you gotta do some stack adjustments urself the ‘naked’ call
gives u that hint…
we used to setup and tear down our own stacks

On Thu, Mar 10, 2011 at 2:16 AM, Petr Kurtin wrote:

> Gary is right, only volatile registers (EAX, ECX, RDX, R8, R9, R10 and R11)
> can be freely used by a called function without preserving their values.
> Other registers (e.g. EBX, RSI, …) are non-volatile registers and must be
> saved and restored by functions that use them.
>
> Please read something about x64 assembler (e.g. x64 prolog/epilog,
> convention calls, etc) - it’s quite different from x86 assembler.
>
>
> -----Original Message-----
> From: xxxxx@lists.osr.com
> [mailto:xxxxx@lists.osr.com] On Behalf Of
> xxxxx@excite.com
> Sent: Wednesday, March 09, 2011 8:30 PM
> To: Windows System Software Devs Interest List
> Subject: [ntdev] Linking 64-bit amd64 asm code
>
> In general, how do I link 64-bit amd64 asm code into a winddk driver? My .c
> code
>
> resides one level above the /amd64 folder and calls a .asm file in the
> /amd64 folder.
>
> The .asm file at this point is only:
>
> .code
>
> capabilities PROC
> xor rax, rax
> xor rbx, rbx
> mov rax, rbx
> RET
> capabilities ENDP
>
> END
>
> When I run this, I crash, and the crashdump begins with:
>
> module: nt
> exception code NTStatus 0xc0000005 The instruction referenced memory at
> 0x%081x. The
>
> memory could not be %s
>
> Googling this error makes me think that the program references memory that
> it can’t.
>
> But I don’t know how exactly the transition works.
>
> Background notes:
>
> capabilities is expected to return an integer–I think that is understood
> to
> be in
>
> rax
>
> I am running this with build /amd64 -cw in WinDDK 7600.16385.1 in the x64
> Checked
>
> Build Environment.
>
> Thank you for any help that you can give!
>
> eva
>
> —
> NTDEV is sponsored by OSR
>
> For our schedule of WDF, WDM, debugging and other seminars visit:
> http://www.osr.com/seminars
>
> To unsubscribe, visit the List Server section of OSR Online at
> http://www.osronline.com/page.cfm?name=ListServer
>
>
> —
> NTDEV is sponsored by OSR
>
> For our schedule of WDF, WDM, debugging and other seminars visit:
> http://www.osr.com/seminars
>
> To unsubscribe, visit the List Server section of OSR Online at
> http://www.osronline.com/page.cfm?name=ListServer
>

–

- amitr0