I am learning assembly development on Windows 10 (64-bit) and using IntelliJ IDEA to write my assembly code. I'm trying to log multiple outputs using WriteConsoleA
, but only the first log message appears. The second log message is ignored.
First I tried to implement arithmetic logic to get the sum of two numbers. It didn't work and I tried to hardcode the value and get a log result and then I realized this problem.
Here is my detailed setup and the code I am using.
Environment:
Code:
section .data
sum_msg db 'Sum: ', 0
sum db '15', 0
section .bss
num_bytes_written resq 1
section .text
global _start
extern GetStdHandle
extern WriteConsoleA
extern ExitProcess
_start:
; Get the handle for stdout
mov ecx, -11 ; STD_OUTPUT_HANDLE
call GetStdHandle
; Check if handle is valid
cmp rax, -1
je .exit
; Write the "Sum: " message to stdout
mov rcx, rax ; handle to stdout
lea rdx, [rel sum_msg] ; pointer to message
mov r8d, 5 ; message length
lea r9, [rel num_bytes_written] ; pointer to number of bytes written
call WriteConsoleA
; Write the hardcoded sum to stdout
mov rcx, rax ; handle to stdout
lea rdx, [rel sum] ; pointer to sum string
mov r8d, 2 ; sum string length (including null terminator)
lea r9, [rel num_bytes_written] ; pointer to number of bytes written
call WriteConsoleA
; Infinite loop to prevent immediate exit
.loop:
nop
jmp .loop
.exit:
; Exit
xor ecx, ecx ; exit code 0
call ExitProcess
Commands: Assemble code:
nasm -f win64 sum.asm -o sum.obj
Link code:
gcc -nostdlib -o sum.exe sum.obj -lkernel32
Expected Output:
Sum: 15
Actual output:
Sum:
Attempts to Fix:
WriteConsoleA
(top: "15", bottom: "Sum: ") and it logs the "15" result.What exactly do I need to know
Any help or suggestions would be greatly appreciated.
Turning the comments into an answer:
There are several problems here. Probably the most significant is that the return value from your first call to WriteConsoleA overwrites the value of eax, where you are storing the handle returned from GetStdHandle. As a result, the second call to WriteConsoleA is using the wrong handle.
Secondmost is that you are only passing 4 parameters to a routine that takes 5. While this may work since param 5 is reserved (and therefore probably completely unused), it's a risk since there's no way of knowing what the called function might be doing with it or the stack space where it's supposed to be stored.
Third is the fact that you are failing to allocate shadow space for the parameters (discussed here). Again, you might get away with it depending on how the called function is working. But if it fails, the failure might come hundreds of instructions later, making tracking it down very hard.
Similarly: The stack will always be maintained 16-byte aligned, except within the prolog (for example, after the return address is pushed). You are calling functions with the stack not aligned on 16 byte boundaries.
Raymond also makes reference to unwind codes. While I don't specify these myself, I don't usually use exception handling. Presumably terrible things happen if you omit them in code that does throw
, or is even in the call stack when an exception is triggered.
Writing code that fails to properly follow the calling conventions is a terrible idea. It might seem to work, but is mucking things up that you can't easily see. Easier to do it right the first time than to spend time tracking it down later.