asm, Tasm32 and Win exefiles

Tasm32 and Win exefiles

Author	Message
Quad #1 / 4	Tasm32 and Win exefiles One reason for jmp-ing to a supposed-to-be a called function is when the jmp is at the end of a procedure.. let me be clearer with an example, proc SomeFunc ; some code here... jmp OtherFunc endp SomeFunc this can be written instead of proc SomeFunc ; some code here... call OtherFunc ret endp SomeFunc why? because that when you call a function, the ip register (or eip) of the next instruction is pushed on the stack and a ret instruction just restore it to ip/eip... so the program is coming back to where the function has been called. so only jmp-ing to a function will avoid a ret !.. you can also see that when you debug with turbo de{filter}.. see by yourself.. there are surely other reasons why the compiler does that, but I don't know any of them.. like I just said, the code generated depends on the compiler and language you use... so a 4k messagebox Windows program can be 10k with a linker and 640 bytes with another.. Quad Quote: >I`m trying to program a little bit in win32 and I use tasm. when i do a >program with just a message box i get a big 4k exe. Why? I`ve see a 640 byte >exe with a message box. Also tasm uses a diffent method to call the >MessageBoxA: >E849000000 call 0040105C ;call to some place in the program >some place: >FF2564304000 jmp dword ptr [00403064] ;a jmp to the message box >So my question is why the program not jumps directly? >In programs with other languages it does! >thx for the answers >cu adikes
Fri, 13 Jul 2001 03:00:00 GMT

John S. Fin #2 / 4	Tasm32 and Win exefiles Quote: > E849000000 call 0040105C ;call to some place in the program > some place: > FF2564304000 jmp dword ptr [00403064] ;a jmp to the message box > So my question is why the program not jumps directly? > In programs with other languages it does! The thing you are calling is in a DLL. Its location is not known until the loader attaches your program to that DLL. At that time, the loader patches a single location in your program for each entry point you call in the DLL. Since you might call the same entry point more than once, it needs a level of indirection to have all calls use the same patched address. If the compiler knew that the call was to a DLL and wanted to use that knowledge it could "call dword ptr [???]" to represent the indirection within one instruction. If the compiler doesn't do that (since you used TASM, not a compiler, I think it is in your control) then the call must look like an ordinary direct call. The linker can't change a direct call to an indirect call, so it must create an indirect jmp for the direct call to go to. -- http://www.erols.com/johnfine/ http://www.geocities.com/SiliconValley/Peaks/8600/
Sat, 14 Jul 2001 03:00:00 GMT

karl malbrai #3 / 4	Tasm32 and Win exefiles Subject: Re: Tasm32 and Win exefiles Date: Monday, January 25, 1999 6:34 PM Quote: >> So my question is why the program not jumps directly? >> In programs with other languages it does! > The thing you are calling is in a DLL. Its location is not known >until the loader attaches your program to that DLL. At that time, >the loader patches a single location in your program for each >entry point you call in the DLL. Since you might call the same >entry point more than once, it needs a level of indirection to >have all calls use the same patched address. This is not entirely correct....The system loader places the <<patched>>address in a data section location to keep the code section read only. The fix-up then occurs in a private location for each process on the system, and the code sections can be shared across processes. The number of references to each fixed-up location is irrelavent -- it can be one to one, or many to one. The criteria is which section is modified by the loader. Karl M
Sun, 15 Jul 2001 03:00:00 GMT

Page 1 of 1

[ 4 post ]