Sws101_journal6

Topic : Journal entry 6 : Learning x86-64 Assembly

Getting Started: Setting Up Your Environment

1. Choosing the Right Tools
   • Assembler: The cornerstone of assembly programming is the assembler, a tool that translates assembly language into machine code. For x86-64 development, Flat Assembler (FASM) stands out due to its simplicity, ease of use, and comprehensive feature set.
   • Debugger: Debugging is crucial for understanding and troubleshooting assembly programs. WinDbg, a powerful debugger compatible with x86-64, offers detailed insights into program execution, memory, and registers, making it an invaluable tool for assembly programmers.
2. Installing the Necessary Software
   • Download and install FASM from its official website.
   • Obtain WinDbg from the Windows 10 SDK or its standalone version for a more streamlined experience.
3. Understanding the Basics
   • The Instruction Set Architecture (ISA)
     • The ISA defines the operations a CPU can perform. x86-64 extends the x86 architecture, supporting 64-bit computing with a larger addressable memory space and enhanced capabilities.
4. Registers
   • Registers are small storage areas within the CPU, optimized for speed. x86-64 introduces 16 general-purpose registers, each 64 bits wide, facilitating efficient computation and data handling.
5. Memory Model
   • Memory in x86-64 is organized linearly, starting at address 0, simplifying memory management compared to segmented memory models of older architectures.

Writing Your First Program

• Setting Up the Development Environment
  • Open FASM and create a new file for your program.
  • Write a simple program that loads and exits, serving as a foundation for further exploration.
• Using WinDbg to Debug Your Program
  • Load your program into WinDbg and observe the initial execution steps.
  • Use breakpoints and single-step execution to explore the program’s behavior in detail.
• Advanced Concepts
  • The Portable Executable (PE) Format Understanding the PE format is crucial for creating complex applications, including managing imports and exports, and organizing code and data sections.
• Calling Conventions
  • Familiarize yourself with the Microsoft x64 calling convention, which dictates how functions receive arguments and return values, influencing how you structure your assembly code.

Summary

Learning x86-64 assembly programming is a journey that combines theoretical knowledge with practical application. By starting with the basics, progressing through intermediate concepts, and eventually tackling more complex topics, you’ll develop a deep understanding of how software operates at the lowest levels. Remember, the key to mastering assembly lies in consistent practice and experimentation.

Overview

Assembling in assembly language using one of the processors of the x86 family running in 64-bit mode. Touching such low levels and reading about the operating principle of processors and memory has been interesting. Overall, the tutorial began by describing the architecture – the CPU possesses a number of registers that function like little memory storages and may access information stored in them or shift numbers from registers to the regular memory and vice versa, using certain commands. I found it useful to read that there are special purpose registers like rax, rbx, rcx and think that accessing the lower portions of such registers is also possible.

I have learned a lot of things with the help of this topic but the most interesting aspect of it is how well the higher level languages that I have previously studied spoke of the stack pointer (rsp) and instruction pointer (rip) but I had no knowledge of how these registers are updated and used in assembly. The concept of the rflags register which holds condition flags and may result in execution also seemed quite novel to me. The minimal assembly program and hitting the cycle of debugging it was the best starting point for consolidating all the concepts. Understanding by watching the action happen and seeing the values change in the register was extremely helpful in the process.

The real problem was that it was hard to figure out how to properly create the import table so that windows could import assembly code that called things like ExitProcess. This tutorial discussed the structure of the Portable Executable format as wells as how the import directory table and import address tables can be formed. Learning how to use registers vs the stack for passing arguments is definitely something that I have manually grokked for the 64-bit calling convention rule.

I can’t wait to take it to another level in the upcoming tutorials and learn much more about more complex programs, system calls, calling conventions and perhaps many other low-level details. Assembly is by no means something I will be regularly using in writing simple programs; however, I am witnessing how effective this simple language is as a stepping stone towards comprehending the operations that everything else gets compiled to. It helps user have mind-set at this basic level of things like processor architecture, memory management, stack and calling conventions.