registers at startup and questions

[Mark Jones]

That's very handy info Donkey, thanks! :)

Later: Hmm, EAX == 0 upon start for me (XP).
EBX = 7FFDE000h, some seemingly valid data there. Wonder if one of those bytes can be used as an OS version flag. Perhaps someone more knowledgable can expand on this:

Code Select Expand


; make as "console build and link"
include masm32rt.inc    ; "runtime" libs

.data
    sz9x        BYTE    "Win9x",0
    szNT        BYTE    "WinNT",0
    szXP        BYTE    "WinXP",0

.code
start:
    cmp eax, 10000000h          ; WinXP?
    jz WinXP
    test eax,eax                ; WinNT?
    jz WinNT
    print addr sz9x             ; must be 9x here
    jmp endit
WinXP:
    print addr szXP
    jmp endit
WinNT:
    print addr szNT
    jmp endit
endit:
    print chr$(" detected!",13,10)
    mov eax, input("Press enter to exit")

    invoke ExitProcess, 0   ; exit gracefully
end start


[MazeGen]

Maybe I have missed something here but as you can already write procedures without a stack frame in MASM using the OPTION PROLOGUE/EPILOGUE syntax, I am not sure what the gain is. They tend to be used when the algo design needs the extra register EBP and there is a minor stack overhead gain by doing so.

In MASM, the only user-friendly (I mean, no hardcoded offsets) way to access procedure locals and arguments is via EBP, i.e. standard stack frame. When you suppress this standard frame, the only way to access them is via ESP with hardcoded offsets:

Code Select Expand


mov [esp+8],eax    ; store result to localvar2


Now, when you add some new PUSH + POP, you have to revise all appropriate offsets:

Code Select Expand


push ecx
mov [esp+8+4],eax    ; store result to localvar2
pop ecx


That's quite annoying, especially when the procedure is not a few lines of source code long. You can also often forgot to revise some of them.

And that's the gain of pmacros: you get rid of those revisions, because the offset is revised automatically:

Code Select Expand


mov [localvar2],eax    ; will be assembled to [ESP+8]


Code Select Expand


_push ecx
mov [localvar2],eax    ; will be assembled to [ESP+8+4]
_pop ecx


I, personally, don't like those underlined macros, like _push or _pop, and that's why I code that "plugin".

[Jeff]

im getting EAX = 00000000 EBX = 7FFD7000.  so information on my program could be accessed by using the address pointed to by EBX at start?  so i take it i should at least preserve EBX during processing.  ok, ill do that unless anyone else could shed the light on the important registers.  :)


another question:
this involves determining what are arguments and what arent.  in general, individual arguments are seperated by (any number of) spaces and paired quotes.

within a quoted argument, if there are leading spaces in the argument, are those spaces included with the argument or ignored?

i remember reading something on this in the msdn library but cant remember which topic it was.  so if you ran a program with this command:

Code Select Expand

[cmd]program.exe "what the!?"     yabba da"bba d"o! "dd   "a" ood ao [/cmd](there is a space at the end)
the arguments should be interpreted as:

Code Select Expand

arg0 [arg]program.exe[/arg]
arg1 [arg]what the!?[/arg]
arg2 [arg]yabba[/arg]
arg3 [arg]da[/arg]
arg4 [arg]bba d[/arg]
arg5 [arg]o![/arg]
arg6 [arg]dd   [/arg]
arg7 [arg]a[/arg]
arg8 [arg] ood ao [/arg]right?
or are the quoted arguments' leading/trailing spaces ignored?

[chep]

im getting EAX = 00000000 EBX = 7FFD7000.  so information on my program could be accessed by using the address pointed to by EBX at start?  so i take it i should at least preserve EBX during processing.  ok, ill do that unless anyone else could shed the light on the important registers.  :)

AFAIK this EBX thing is documented nowhere so noone should rely on it. You can get the PEB address at fs:[30h], so there's no need to preserve EBX IMO.

Code Select Expand

[cmd]program.exe "what the!?"     yabba da"bba d"o! "dd   "a" ood ao [/cmd](there is a space at the end)
the arguments should be interpreted as:

Code Select Expand

arg0 [arg]program.exe[/arg]
arg1 [arg]what the!?[/arg]
arg2 [arg]yabba[/arg]
arg3 [arg]da[/arg]
arg4 [arg]bba d[/arg]
arg5 [arg]o![/arg]
arg6 [arg]dd   [/arg]
arg7 [arg]a[/arg]
arg8 [arg] ood ao [/arg]right?

I think it's right.

or are the quoted arguments' leading/trailing spaces ignored?

nope!!

[Jeff]

hey guys, more arguments questions.


what is the maximum amount of arguments an application can take at the command line?
i currently wrote it so it would take in a maximum of 10 additional arguments but i want to know my absolute limit.

and

what is the maximum size of a line on the command line?
i currently have a buffer of magnitude 208 bytes.  so thats 208 bytes available for the argument strings and null terminators.  again, i want to know my limit.

[edit]
one more: i noticed that when i made a main procedure without arguments (tho i havent tested with procedures in general), it did not create a new stack frame.  is this normal?  i thought that for all "formal procedures" were created with a new stack frame unless given alternate prologues/epilogues.

thanks guys for being so helpful