Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Maybe have a disclaimer about error returns? #3

Open
golddranks opened this issue Mar 18, 2022 · 2 comments
Open

Maybe have a disclaimer about error returns? #3

golddranks opened this issue Mar 18, 2022 · 2 comments

Comments

@golddranks
Copy link

Hi, thanks for this great resource, really helps when attempting to program in assembly for MacOS, there's not lot info out there.

I have hardly seen this mentioned anywhere, but the MacOS x86_64 syscall ABI seems to use the Carry Flag in the EFLAGS register to signal that an error happened, unlike Linux which uses negative numbers. I think that it would be cool if that was mentioned on the syscall page, because that info is not simply commonly available, I found it from here: https://stackoverflow.com/questions/47834513/64-bit-syscall-documentation-for-macos-assembly

Another worrying thing is the report that syscalls may clobber rdx, which I also haven't seen mentioned elsewhere...
@golddranks
Copy link
Author

golddranks commented Mar 18, 2022
edited
Loading

Re: the second point about clobbering: indeed, the syscall to write does seem to reset rdx to zero, instead of the length of the hello world message.

global _start
section .text
_start:

mov rdx, hello.len      ; size
mov rsi, hello          ; buf
mov edi, 1              ; fd
mov rax, 0x2000004      ; write
syscall

mov rdi, rdx			; exit status
mov rax, 0x2000001      ; exit
syscall

section .data
hello:
.str db `Hello wooooeeeeeerld\n`
.len equ $-hello.str

nasm -f macho64 syscall.asm && ld syscall.o -e _start -static && ./a.out; echo $?

@golddranks
Copy link
Author

Examined every register with "write" syscall:

global _start
section .text
_start:

mov rax, 0xDEADBEEF; 0xDEADBEEF = 3735928559; 3735928559 mod 256 = 239
mov rbx, 0xDEADBEEF
mov rcx, 0xDEADBEEF
mov rdx, 0xDEADBEEF
mov rsi, 0xDEADBEEF
mov rdi, 0xDEADBEEF
mov rsp, 0xDEADBEEF
mov rbp, 0xDEADBEEF
mov r8, 0xDEADBEEF
mov r9, 0xDEADBEEF
mov r10, 0xDEADBEEF
mov r11, 0xDEADBEEF
mov r12, 0xDEADBEEF
mov r13, 0xDEADBEEF
mov r14, 0xDEADBEEF
mov r15, 0xDEADBEEF

mov rdx, len2     		; size
mov rsi, msg2      		; buf
mov rdi, 1              ; fd
mov rax, 0x2000004      ; write
syscall

mov rdi, rsi			; CHANGE THIS TO EXAMINE DIFFERENT REGISTERS
mov rax, 0x2000001      ; exit
syscall

section .data
msg_pad db `aaaa\n`		; to make the buffer not to be page-aligned
msg2 db `bbbbbb\n`		; because then it's easier to notice whether
len2 equ $-msg2			; clobbered or not

clobber list of a "write" syscall

rax		clobbered
rbx		not clobbered
rcx		clobbered
rdx		clobbered???
rsi		not clobbered
rdi		not clobbered
rsp		not clobbered
rbp		not clobbered
r8		not clobbered
r9		not clobbered
r10		not clobbered
r11		clobbered
r12		not clobbered
r13		not clobbered
r14		not clobbered
r15		not clobbered

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@golddranks