Can CS,DS,ES,FS,GS, and SS be used in Win32?

[Mark Jones]

I recall trying to use these awhile back (when I was a NOOB noob) but only got various errors. Recently I debugged a sample .dll and saw where FS had data in it. Can these registers be used in typical MASM32 applications, or only in real-mode?  Thanks. :)

[QvasiModo]

In theory user-mode apps are not supposed to touch the segment registers. But FS in particular can be used to access some OS-specific kernel structures, and that can be an useful "hack".

[hutch--]

Mark,

The specification of 32 bit FLAT memory model in Windows is to set the normal segment registers to the same address.

In order,

CS = Code segment
DS = Data segment
ES = Extra segment
SS = Stack Segment

The last 2 FS and GS are not used in the specification but are used at times by the OS for structured exception handling so while you can use them occasionally, its risky depending on the OS ersion you use as they may be in use for something else.

Placing the normal segment registers at the same address is what makes FLAT memory model possible so that you have both DATA and CODE written in the same memory space which is standard with a PE file.

[tenkey]

You cannot use the segment registers as general purpose registers because 32-bit code can only run in protected mode. All segment registers must be either NULL or have a valid selector.

The FS register is used to point to thread-specific information. This includes stack limits, the exception handler chain, handles to thread local storage, and probably handles to message queues.

[Mark Jones]

 Ok then as a hack, it should be possible to:

1. push FS onto the stack
2. use FS in a local routine
3. pop FS?

GS does not like this at all... access violation.

Strange, MOV FS,EAX does not give an error. It compiles to MOV FS,AX however.

Also is it possible to use the debug registers DR0-7 for anything in Win32?
MOV DR0,EAX  yields a "privledged command" error.

Thanks for the great tips. :bg

[pbrennick]

Mark,
I think your tests have already told you what you need to know.  I have seen people use FS in there code.  Personally, I have programmed for years and never played with the stuff like that.  I am sure you just want to know all there is to know and I respect that a lot.  Have fun and above all, be careful.  I would recommend you do a cold boot any time you get a crash using some of this stuff.  OS recovery is never guarranteed to be totally effective.  You could wind up running a hybrid of your own OS and not know it and the results of that may lead to more errors in other programs that ordinarily would run with no errors.  I have a 500 mhz K6 that I use for testing.  Think about something like that.

Paul

[QvasiModo]

Ok then as a hack, it should be possible to:

1. push FS onto the stack
2. use FS in a local routine
3. pop FS?

GS does not like this at all... access violation.

Typically you use FS to access OS specific structures beginning at FS:[00000000h]. I don't know what GS is used for though.

Strange, MOV FS,EAX does not give an error. It compiles to MOV FS,AX however.

That's because segment registers are only 16 bits in size. :)

BTW, I found this on the old forum:
http://old.masmforum.com/viewtopic.php?t=4810&highlight=&sid=8d3110e9f3698fce4784f9a468ebf0b7

[rea]

Searching a little on the web for: seh exception handling fs debug

http://www.assembly-journal.com//viewarticle.php?id=69
http://www.jorgon.freeserve.co.uk/Except/Except.htm

http://www.microsoft.com/msj/0197/Exception/Exception.aspx
http://msdn.microsoft.com/msdnmag/issues/02/03/hood/default.aspx


You can find many other ones :).

[tenkey]

Ok then as a hack, it should be possible to:

1. push FS onto the stack
2. use FS in a local routine
3. pop FS?

GS does not like this at all... access violation.

If GS does not like your value, FS won't either. You can put any value in the extra segment registers if you run from a DOS executable, but not from a Win32 (PE) executable.

[roticv]

Why do you have to resort to using segment registers? Isn't sse/mmx/general purpose registers enough for your uses?

[Mark Jones]

roticv: Why do you have to resort to using segment registers? Isn't sse/mmx/general purpose registers enough for your uses?

Can SSE/MMX regs hold arbitrary data? That would be great, haven't gotten into math yet.

Recently I made a small app to intelligently convert spaces <--> tabs in source documents. The routine used EAX,EBX,ECX, and EDX as two string pointers, three counters, and two byte buffers. Probably a lot of room for optimization, but hey I am a noob at this. :) The app works, but I almost ran out of registers. Now what could I do if I needed another register or two? Values could be pushed and poped from the stack, but that's going to be much slower than using any register. It seems like a good idea to define the limits of what can actually be done with x86. :)

rea and tenkey, aaaah the SEH uses FS as a pointer, that makes sense. So if an exception occurs during a routine which uses FS, (and it doesn't point to any record) Windows might decide to go belly-up? :bg

MJ: Strange, MOV FS,EAX does not give an error. It compiles to MOV FS,AX however.

QvasiModo: That's because segment registers are only 16 bits in size. :)

Hmm, yes of course, but shouldn't it give an incompatible size error? EAX=32 bits, FS=16 bits.

[pbrennick]

Mark,
About the assembler changing your source so it could compile (eax --> ax), there is no question that this is very heavy handed functionality.  I don't remember that I ever experienced such a thing, myself.  I do know that I don't care for it.  I would not be surprised if this is not a soft bug in the assembler (a fix put in by a lazy developer).  Surprising to see this later in the game.  You will probably never know why because know one will ever acknowledge it (at Microsoft).  It is a pretty rock solid assembler, though, all things considered.
Paul

[roticv]

Read the caution by tenkey. Segment registers are not general purpose registers.

Well I think if you really run out of general purpose registers, you have to end up using memory/stack. Of course you can temporary store the value of esp in mmx register which allows you to have esp as another register. For example

Code Select Expand


movd mm0, esp
;...
movd esp, mm0


[Mark_Larson]

Read the caution by tenkey. Segment registers are not general purpose registers.

Well I think if you really run out of general purpose registers, you have to end up using memory/stack. Of course you can temporary store the value of esp in mmx register which allows you to have esp as another register. For example

Code Select Expand


movd mm0, esp
;...
movd esp, mm0


  You can also expand on this and use MMX registers as temporary registers to hold general purpose registers.  I recommend pushing/popping on the stack, but this works to.

Code Select Expand


movd  mm0, eax               ;save eax in mm0
mov   eax,[mem_locaotion] ;get new eax value from memory
... perform operations on eax
movd eax,mm0                ;restore original value for eax


  In addition you can look at the size of your variables.  Is your loop counter less than 256?  You can use byte registers.  Using ROLs ( or BSWAPs) you can get 4 8 byte registers out of EAX.  I've used that trick to get more registers.  Works for 16 byte values as well.  As long as you aren't going to be using a full 32-bit value, you can avoid using a full 32-bit register, and thus increase the number of registers you have.


  I would never use segment registers as temporary registers.  You're asking for a problem. 

[dsouza123]

In addition to  EAX, EBX, ECX, EDX there are also EDI and ESI