The Mac 10 & 11/M10 &11 model is a compact submachine gun that has become a collector’s favorite recently. Originally designed to use 9mm and.45ACP, the M11A1 includes an upper receiver that can use rifle and pistol rounds in one. Few working parts makes.
![]()
Many assembly tutorials and books doesn’t coverhow to write a simple assembly program on the Mac OS X.Here are some baby steps that can help people whoare also interested in assembly to get startedeasier.
Mach-O file format
To get started on writing OSX assembly, you need tounderstand OSX executable file format – the Mach-Ofile format. It’s similar to ELF, but insteadof sections of data, bss, and text, it has segments thatcontains sections.
A common assembly in Linux like
would translate into this in Mach-O
Mach-O is pretty flexible. You can embed a
cstring section in your __TEXT segment insteadof putting it in __DATA,__data . Actually this isthe default behavior that compiler does on your Mac.
Hello Assembly
Now we know how to translate common linux assemblyto mac, let’s write a basic program – do a system callwith an exit code.
On x86 you do a system call by
int x80 instruction. On64 bit machine, you do this by syscall . Here’s the samplecode:
you can compile the code by the following commands:
To perform a system call, you put the system call number in
%eax , and put the actual exit code to %ebx . The systemcall number can be found in /usr/include/sys/syscall.h .
The system call number need to add an offset
0x2000000 , becauseOSX has 4 different class of system calls. You can find the referencehere XNU syscall.
System call by using wrapper functions
If you’re like me that had no assembly background, you mightfeel that
syscall is alien to you. In C, we usually usewrapper functions to perform the call:
Now we call a
libc function instead of performing a systemcall. To do this we need to link to libc by passing -lc to linker ld . There are several things you need to doto make a function call.
Call frame
We need to prepare the stack before we call a function. Super waveformer mac os. Elseyou would probably get a segmentation fault.The values in
%rsp and %rbp is used to preserve frame information.To maintain the stack, you first push the base register %rbp onto the stack by pushq %rbp ;then you copy the stack register %rsp to the base register.
If you have local variables, you subtract
%rsp for space.Remember, stack grows down and heap grows up.When releasing the frame, you add the space back to %rsp .
A live cycle of a function would look like this:
The stack size can be set at link time. On OSX, below are theexample parameters you can pass to
ld to set the stack size:
When setting the stack size, you also have to set the stack address.On the System V Application Binary Interface it says
Although the AMD64 architecture uses 64-bit pointers, implementationsare only required to handle 48-bit addresses. Therefore, conforming processes may onlyuse addresses from
0x00000000 00000000 to 0x00007fff ffffffff
I don’t know a good answer of how to chose a good stack address.I just copy whatever a normal code produces.
Parameters passing
The rules for parameter passing can be found in System VApplication Binary Interface:
Handgun Hoedown Mac Os Download
The
exit() function only need one integer parameter, therefore we putthe exit code in %edi . Since the parameter is type int , we use 32 bitvariance of register %rdi and the instruction is movl (mov long) insteadof movq (mov quad).
Hello world
Now we know the basics of how to performa system call, and how to call a function.Let’s write a hello world program.
The global variable
str can only be accessed through GOT(Global Offset Table). And the GOT needs to be access fromthe instruction pointer %rip . For more curious you canread Mach-O Programming Topics: x86-64 Code Model.
The register used for
syscall parameters are a littlebit different than the normal function call.It uses %rdi , %rsi , %rdx , %r10 , %r8 and %r9 .You cannot pass more than 6 parameters in syscall , norcan you put the parameters on the stack.
Hello world using printf
Now you know the basics of assembly. A hello worldexample using printf should be trivial to read:
Conclusion
The 64 bit assembly looks more vague than the tutorialswritten in X86 assembly. Once you know these basic differences,it’s easy for you to learn assembly in depth on your own,even if the material is designed for x86. I highly recommendthe book “Programming from the ground up”. It is well writtenfor self study purpose.
ReferencesHandgun Hoedown Mac Os Download
Comments are closed.
|