Does the RAX initial value mean to anything ?

Just starting out? Need help? Post your questions and find answers here.
Olli
Addict
Addict
Posts: 1071
Joined: Wed May 27, 2020 12:26 pm

Does the RAX initial value mean to anything ?

Post by Olli »

Hello, I can see RAX has a non-zero initial value. Does anybody know if it means to anything ?

Code: Select all

Define.I A
! mov [v_a], rax
Debug A
Best regards
User avatar
mk-soft
Always Here
Always Here
Posts: 5313
Joined: Fri May 12, 2006 6:51 pm
Location: Germany

Re: Does the RAX initial value mean to anything ?

Post by mk-soft »

Olli wrote: Sat May 08, 2021 1:04 pm Hello, I can see RAX has a non-zero initial value. Does anybody know if it means to anything ?

Code: Select all

Define.I A
! mov [v_a], rax
Debug A
Best regards
There can always be something in the RAX register, as with all registers. After all, it is the main register with which one works.

Code: Select all

ShowAssemblyViewer()
Global a
!mov [v_a], rax
Debug a
CallDebugger
My Projects ThreadToGUI / OOP-BaseClass / EventDesigner V3
PB v3.30 / v5.75 - OS Mac Mini OSX 10.xx - VM Window Pro / Linux Ubuntu
Downloads on my Webspace / OneDrive
User avatar
mk-soft
Always Here
Always Here
Posts: 5313
Joined: Fri May 12, 2006 6:51 pm
Location: Germany

Re: Does the RAX initial value mean to anything ?

Post by mk-soft »

And the rax register is the return register of function (not float or double)

Code: Select all

Procedure foo()
  ! mov rax, 999
  ProcedureReturn ; exit procedure without change rax register
EndProcedure

Debug foo()
My Projects ThreadToGUI / OOP-BaseClass / EventDesigner V3
PB v3.30 / v5.75 - OS Mac Mini OSX 10.xx - VM Window Pro / Linux Ubuntu
Downloads on my Webspace / OneDrive
Olli
Addict
Addict
Posts: 1071
Joined: Wed May 27, 2020 12:26 pm

Re: Does the RAX initial value mean to anything ?

Post by Olli »

mk-soft wrote: Sat May 08, 2021 2:16 pm And the rax register is the return register of function (not float or double)

Code: Select all

Procedure foo()
  ! mov rax, 999
  ProcedureReturn ; exit procedure without change rax register
EndProcedure

Debug foo()
Hello,

yes this is the documented criteria of RAX.

For the initial value of RAX, I just see it is a 32-bits range value.

Code: Select all

RAX Initial value
0x00000000NNNNNNNN
(W10)
User avatar
mk-soft
Always Here
Always Here
Posts: 5313
Joined: Fri May 12, 2006 6:51 pm
Location: Germany

Re: Does the RAX initial value mean to anything ?

Post by mk-soft »

There is no initial value for rax or other registers. One must always take care to initialise the registers to be forced before using them, or to assign values to them.

Code: Select all

! xor rax, rax
It is machine code and not a high-level language where variables are already initialised (NULL) before use.
My Projects ThreadToGUI / OOP-BaseClass / EventDesigner V3
PB v3.30 / v5.75 - OS Mac Mini OSX 10.xx - VM Window Pro / Linux Ubuntu
Downloads on my Webspace / OneDrive
Olli
Addict
Addict
Posts: 1071
Joined: Wed May 27, 2020 12:26 pm

Re: Does the RAX initial value mean to anything ?

Post by Olli »

I am not so sure... We can get a static 12-bits nibbles sequence...

Code: Select all

! Mov bx, ax
! Shr rax, 16
! Xor ax, bx
Define.I A
! Mov [v_A], rax
Debug Hex(A)
On every compiling, this changes. It seems to be an memory offset...
In the way it should be doable to need this initial value, we maybe should save this value

Code: Select all

Define.I InitialRax
! Mov [v_initialrax], rax
! Xor rax, rax
Bitblazer
Enthusiast
Enthusiast
Posts: 730
Joined: Mon Apr 10, 2017 6:17 pm
Location: Germany
Contact:

Re: Does the RAX initial value mean to anything ?

Post by Bitblazer »

Just use Ollydbg, ida pro free, WinDBG or x64dbg to look into the common windows PE stub that purebasic generates. Assuming you talk about windows.

ps: there are more options but these should be enough for today :D
webpage - discord chat links -> purebasic GPT4All
Olli
Addict
Addict
Posts: 1071
Joined: Wed May 27, 2020 12:26 pm

Re: Does the RAX initial value mean to anything ?

Post by Olli »

I confirm it is on Windows (W10). Unless anybody has already searched the matches of this value, I do not think I will search more, and I stop the mk-soft logic, imagining it is not other thing that garbage result.

Added : to bitblazer, it seems to be near the Windows PE signature, but the rest does not match to anything...
Bitblazer
Enthusiast
Enthusiast
Posts: 730
Joined: Mon Apr 10, 2017 6:17 pm
Location: Germany
Contact:

Re: Does the RAX initial value mean to anything ?

Post by Bitblazer »

The information you need to find out where the eax/rax value actually originates from, is already in this thread. Debug the purebasic windows stub with a disassembler if you really want to know it.

It will be a useful experience in the long run, but the register value itself is likely useless.

Another option is to use the pbcompiler command line parameter /commented with a dummy sourcecode and look into the generated and nicely commented purebasic.asm. A very useful feature of purebasic that probably not many users even know.

Code: Select all

; 
PureBasicStart:
; 
  SUB    rsp,40
  MOV    r8,I_BSSEnd-I_BSSStart
  XOR    rdx,rdx
  MOV    rcx,I_BSSStart
  CALL   memset
  XOR    rcx,rcx
  CALL   GetModuleHandleW
  MOV    [PB_Instance],rax
  XOR    r8,r8
  MOV    rdx,4096
  XOR    rcx,rcx
  CALL   HeapCreate
  MOV    [PB_MemoryBase],rax
  CALL   SYS_InitString
  CALL   PB_InitDesktop
  CALL   PB_InitRequester
That is the stub from a x64 windows dummy executable i just created.

I hope nobody tries to use this to assume rax is always pointing to an internal memory heap purebasic uses and does some crazy tool using that info. Remember that the stub also depends on the compiler options in the ide. So it can be different from this. You also need to remember the common register changing conventions for calls.
webpage - discord chat links -> purebasic GPT4All
Olli
Addict
Addict
Posts: 1071
Joined: Wed May 27, 2020 12:26 pm

Re: Does the RAX initial value mean to anything ?

Post by Olli »

30 years that I do ASM and I did not watch this... :D :lol:
User avatar
mk-soft
Always Here
Always Here
Posts: 5313
Joined: Fri May 12, 2006 6:51 pm
Location: Germany

Re: Does the RAX initial value mean to anything ?

Post by mk-soft »

Part from Purebasic help of ASM
- On x86 processors, the available volatile registers are: eax, ecx and edx, xmm0, xmm1, xmm2 and xmm3. All others must be always preserved.
- On x64 processors, the available volatile registers are: rax, rcx, rdx, r8, r9, xmm0, xmm1, xmm2 and xmm3. All others must be always preserved.
This means that these registers can be used and can also contain any old values.
It is not important what was done with it before. (Except of course for example the RAX register as return value of functions).

Link to nice tool: PB-IDE-Tool: Display ASM Code
...

global _main
_main:

MOV [PB_InitialStackValue],rsp
SUB rsp,40
MOV [_PB_ArgC],edi
MOV [_PB_ArgV],rsi
CALL _SYS_InitPureBasic
;;
; Define a
; a = foo()
CALL _Procedure0
MOV qword [v_a],rax
;
; Debug a
_PB_EOP:
_PB_EOP_NoValue:
CALL _PB_EndFunctions
MOV rsp,[PB_InitialStackValue]
MOV rax,[PB_ExitCode]
RET
_PB_EndFunctions:
SUB rsp,40
ADD rsp,40
RET

; Procedure foo()
_Procedure0:
%define PS0 64
XOR rax,rax
PUSH rax
PUSH rax
SUB rsp,40
; Protected r1
; r1 = 99
MOV qword [rsp+40],99
; ProcedureReturn r1
MOV rax,qword [rsp+40]
JMP _EndProcedure1
; EndProcedure
_EndProcedureZero1:
XOR rax,rax
_EndProcedure1:
ADD rsp,56
RET

...
My Projects ThreadToGUI / OOP-BaseClass / EventDesigner V3
PB v3.30 / v5.75 - OS Mac Mini OSX 10.xx - VM Window Pro / Linux Ubuntu
Downloads on my Webspace / OneDrive
Olli
Addict
Addict
Posts: 1071
Joined: Wed May 27, 2020 12:26 pm

Re: Does the RAX initial value mean to anything ?

Post by Olli »

Thank you mk-soft for these advices. There is an exception however. Until I have the time to tell about it, I will do it, and search an old link to a source code treating the subject.
Post Reply