64bit 프로그래밍

  • View
    113

  • Download
    1

Embed Size (px)

DESCRIPTION

정성태 (kevin13@chol.net) *** 이 문서는 PPT Template 만을 .NETXPERT 를 썼을 뿐 , 회사의 공식 문서가 아닙니다. 64bit 프로그래밍. MSDN Magazine 2006-05 x64 Primer – Everything You Need to Know To Start Programming 64-bit Windows Systems. 2006.06.10. Win64. - PowerPoint PPT Presentation

Text of 64bit 프로그래밍

  • 64bit (kevin13@chol.net)

    *** PPT Template .NETXPERT , .MSDN Magazine 2006-05 x64 Primer Everything You Need to Know To Start Programming 64-bit Windows Systems2006.06.10

  • Win64IA64 x64 x86 .Win64 x64 - AMD x64, Intel x64 , Win64 .

    PPT Win32 x64 Win64 .

  • OS x64 CPU VC++ x64 .NET x64

  • OS 1-1. : 2 64 16 exabytesWindows x64 : 2 44 16 terabytes

    ? x64 CPU : 2 40 1 terabytes : 2 52 4 petabytes [1]

  • OS 1 Physical Memory and CPU Limits

  • OS 1-2. Windows

  • OS 1-3. Win64 Win32 , 0 ~ 8 TB : User mode8 ~ 16 TB : Kernel mode Page size : 4KB 64KB . 0x10000 System DLL 4GB . ( 0x7FF00000000)

  • OS 1-4. Win32 x86 Windows 2003 : Internet Explorer

  • OS 1-5. Win64 x64 Windows 2003 : Internet Explorer

  • OS 2. DEP ( Data Execution Protection ) x64 CPU No Execute bit , Win64 DEP .

  • OS 3. (Types)int, long, DWORD : Win64 32bit, HANDLE, size_t : Win64 64bit

  • OS 4. : PE32+ Win32 PE . 32bit 64bit IMAGE_LOAD_CONFIG, IMAGE_THUNK_DATA 32bit 64bit PDATA Exception Handling [3]

  • 3 Changes to PE File FIelds

  • OS 5-1. : Win32 OS FS:[0] Linked List .EXCEPTION_DISPOSITION __cdecl _except_handler( struct _EXCEPTION_RECORD *ExceptionRecord, void * EstablisherFrame, struct _CONTEXT *ContextRecord, void * DispatcherContext ) { return ExceptionContinueExecution; } { DWORD handler = (DWORD)_except_handler; __asm { push handler // Address of handler function push FS:[0] // Address of previous handler mov FS:[0],ESP // Install new EXECEPTION_REGISTRATION } __asm { mov eax,0 // Zero out EAX mov [eax], 1 // Write to EAX to deliberately cause a fault } __asm { mov eax,[ESP] // Get pointer to previous record mov FS:[0], EAX // Install previous record add esp, 8 // Clean our EXECEPTION_REGISTRATION off stack }

  • OS 5-2. : Win64 . Win64 runtime function table . entry / .Win64 SDK WinNT.h IMAGE_RUNTIME_FUNCTION_ENTRY entry , RtlAddFunctionTable API

    : , . : try .

  • OS 5-3. : Win64 int boundary = 0;0000000000402E16 mov dword ptr [rsp],0 boundary ++;0000000000402E1D mov eax,dword ptr [rsp] 0000000000402E20 add eax,1 0000000000402E23 mov dword ptr [rsp],eax { int check = 0;0000000000402E26 mov dword ptr [check],0 } return 0;0000000000402E2E xor eax,eax }0000000000402E30 add rsp,10h 0000000000402E34 pop rdi 0000000000402E35 retint _tmain(int argc, _TCHAR* argv[]){0000000000402DF0 mov qword ptr [rsp+10h],rdx 0000000000402DF5 mov dword ptr [rsp+8],ecx 0000000000402DF9 push rdi 0000000000402DFA sub rsp,10h 0000000000402DFE mov rdi,rsp 0000000000402E01 mov rcx,4 0000000000402E0B mov eax,0CCCCCCCCh 0000000000402E10 rep stos dword ptr [rdi] 0000000000402E12 mov ecx,dword ptr [rsp+20h]

  • OS 5-4. : Win64 int boundary = 0;0000000000402E1F mov dword ptr [rsp],0 boundary ++;0000000000402E26 mov eax,dword ptr [rsp] 0000000000402E29 add eax,1 0000000000402E2C mov dword ptr [rsp],eax try {int check = 0;0000000000402E2F mov dword ptr [check],0 } catch ( ... ){} return 0;0000000000402E37 xor eax,eax }0000000000402E39 add rsp,10h 0000000000402E3D pop rdi 0000000000402E3E retint _tmain(int argc, _TCHAR* argv[]){0000000000402DF0 mov qword ptr [rsp+10h],rdx 0000000000402DF5 mov dword ptr [rsp+8],ecx 0000000000402DF9 push rdi 0000000000402DFA sub rsp,10h 0000000000402DFE mov rdi,rsp 0000000000402E01 mov rcx,4 0000000000402E0B mov eax,0CCCCCCCCh 0000000000402E10 rep stos dword ptr [rdi] 0000000000402E12 mov ecx,dword ptr [rsp+20h] 0000000000402E16 mov qword ptr [rsp+8],0FFFFFFFFFFFFFFFEh

  • OS 5-5. : x86 A Crash Course on the Depths of Win32 Structured Exception Handling http://www.microsoft.com/msj/0197/Exception/Exception.aspx x64 X64 Unwind Informationhttp://blogs.msdn.com/509372.aspx

  • OS 6. APIIA64 x64 Windows API .IsWow64Process Win64 . GetNativeSystemInfo Win64 API [ 4]

  • 4 New 64-Bit APIs

  • OS 7-1. WOW64 SubsystemWin32 Win64 . WOW64 *32 .

    - 16 bit

  • OS 7-2. WOW64 Subsystem - 32bit , WOW64 .

    32bit 32bit DLL 64bit 64bit DLL , (shared memory), (named pipe), (named synchronization object) * , Internet Explorer 32bit . IIS , 64bit 32bit COM DLL WOW64 .

  • OS 7-2. WOW64 Subsystem Kernel32.dll DLL 32bit 64 , WOW64 32bit SysWow64

    , 64bit SysWow64 , GetSystemWow64Directory API .32bit DLL : C:\Windows\SysWow6464bit DLL : C:\Windows\System32

  • OS 7-3. WOW64 Subsystem 32bit 64bit COM , 32/64bit COM

    , RegOpenKey API flag KEY_WOW64_64KEY 64 bit KEY_WOW64_32KEY 32 bit 64bit : HKEY_CLASSES_ROOT\CLSID32bit : HKEY_CLASSES_ROOT\Wow6432Node\CLSID

  • OS 8. - FS Win64 GS .

    - PatchGuard : syscall IDT (interrupt dispatch table) . .

  • x64 CPU 1. IA64 , x86 .

    64bit R . EAX, AX, AL, AH

    R8 ~ R15 64bit

    16 128-bit SSE2 XMM0 ~ XMM15 x64 WinNT.h #if defined(_AMD64_) _CONTEXT .

  • x64 CPU 2. 64bit 32bit 5-byte CALL DWORD PTR [XXXXXXXX] 64bit 64bit 5-byte . 64-bit 32-bit offset . , ,00401000: CALL DWORD PTR [00020000h]00421000h 64-bit . , 64-bit 2GB . , . * 2006-08-12 : Call Dword ptr 421000h .

  • x64 CPU 3-1. (calling convention)- calling convention . __cdecl . x64 , x86 fastcall .

    - 4 ( ) 64bit . RCX: RDX: R8: R9: - 4 XMM0 ~ XMM3 . - 4 .

  • x64 CPU 3-2. (calling convention) - int test( int k, int j, int t, int o, int p, double dd ){ return 0;} { test( 0, 1, 2, 3, 4, 0.06 );}0000000000402E52 movsd xmm0,mmword ptr [__real@3faeb851eb851eb8 (405B88h)] 0000000000402E5A movsd mmword ptr [rsp+28h],xmm0 // XMM0 == 0.060000000000402E60 mov dword ptr [rsp+20h],4 // == 40000000000402E68 mov r9d,3 // R9 == 30000000000402E6E mov r8d,2 // R8 == 20000000000402E74 mov edx,1 // RDX == 10000000000402E79 xor ecx,ecx // RCX == 00000000000402E7B call test

  • x64 CPU 3-3. (calling convention) (1) . , . 4 . , offset . 5 .

    - (caller) .

  • x64 CPU 3-3. (calling convention) (2) (prologue)/(epilogue) RSP .x64 . . ESP x64 .The history of calling conventions, part 5: amd64; http://blogs.msdn.com/oldnewthing/archive/2004/01/14/58579.aspx

  • x64 CPU 3-4. (calling convention) , RAX . XMM0 ; RBX, RBP, RDI, RSI, R12, R13, R14, R15 ; RAX, RCX, RDX, R8, R9, R10, R11

  • x64 CPU 4. Integer parameters that are less than 64-bits are sign extended, then still passed via the appropriate register, if among the first four integer parameters.At no point should any parameter be in a stack location that's not a multiple of 8 bytes, thus preserving 64-bit alignment. Any argument that's not 1, 2, 4, or 8 bytes (including structs) is passed by reference. Structs and unions of 8, 16, 32, or 64-bits are passed as if they were integers of the same size.

  • VC++ x64 1. VS.NET 2005Build / Configuration Manager Active solution platform / . x64 .

  • VC++ x64 2. (1) int, long, DWORD . x64 8byte 4GB int/long/DWORD 4byte int/long/DWORD , DWORD_PTR, INT_PTR , basetsd.h INT32, INT64, INT16, UINT32, DWORD64 printf/sprintf . %X, %08X %p . I . , UINT_PTR %lu, 64bit %l64d

  • VC++ x64 2. (2) DLL/EXE base address 4GB Win32 Win64 . _M_IX86 : x86 _M_AMD64 : AMD 64 _WIN64 : IX86 AMD64 64bit #ifdef _M_AMD64 // My x64 code here #else // My x86 code here #endif#ifdef _M_AMD64 // My x64 code here #elif defined (_M_IX86) // My x86 code here #else #error !!! Need to write code for this architecture #endif

  • VC++ x64 2. (3)- : x64 . __asm . 64bit MASM (ML64exe) .

  • .NET x64 1. VS.NET 2005- .NET Any CPU . , CPU x86, x64, Itanium .

  • .NET x64 2. - P/Invoke , .

  • To enable IIS 6.0 to run 32-bit applications on 64-bit Windows Open a command prompt and navigate to the %systemdrive%\Inetpub\AdminScripts directory. Type the following command: cscript.exe adsutil.vbs set W3SVC/AppPools/Enable32BitAppOnWin64 "true" Press ENTER.

    Windows . .HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run