views:

220

answers:

4

I know that executables contain instructions, but what exactly are these instructions? If I want to call the MessageBox API function for example, what does the instruction look like?

Thanks.

A: 

It depends on the language that you are working in. But for many it is as simple as...

msgbox("Your message goes here")

or

alert("Your message goes here")
mrdenny
I didn't really think you understand my question, I meant after compilation, how these instructions look like?
TTT
+9  A: 

Executables are binary files that are understood by the operating system. The executable will contain sections which have data in them. Windows uses the PE format. The PE Format has a section which has machine instructions. These instructions are just numbers which are ordered in a sequence and is understood by the CPU.

A function call to MessageBox(), would be a sequence of instructions which will

1) have the address of the function which is in a DLL. This address is put in by the compiler

2) instructions to "push" the parameters onto a stack

3) The actual function call

4) some sort of cleanup (depends on the calling convention).

Its important to remember that EXE files are just specially formatted files. I dont have a disassembly for you, but you can try compiling your code, then open your EXE in visual studio to see the disassembly.

Andrew Keith
Thank for you answer, but Wikipedia says that DLL file uses the PE format either. Why is that?
TTT
And how exactly it "pushes" that parameters? I know from PE Explorer that the DLL saves the function and the size of its parameters, for example 8 bytes can be int,int.
TTT
A DLL can also contain executable code that EXEs can use at run time - hence the name "dynamic link library".
unforgiven3
Yes, windows is flexible. A DLL in windows is similar to an EXE but doesnt have an entry point. Basically, its like an EXE which cannot be run. DLL's also have other features like function address which can be called from outside the DLL. The PE format is flexible and is extended to even contain .NET code, resource files, etc.
Andrew Keith
DLLs can be executable in some cases, bot directly by 'running it' but via abother process/executable.
o.k.w
The Pushing of the parameters is following the calling convention. Its too complicated to explain here. Here is a link about ithttp://en.wikipedia.org/wiki/Calling_conventionBasically, there is a stack for every thread. When you call a function, parameters are put on this stack. The function or the caller needs to clean up after the call. This behavior can be changed using certain modifiers in C/C++.
Andrew Keith
Calling convention looks really complicated, but it's really interesting. Thank you.
TTT
+1  A: 

Whatever code is written (be it in C or some other language) is compiled by a compiler to a special sort of language called assembler (well, machine code, but they're very close). Assembler is a very low-level language, which the CPU executes natively. Normally, you don't program in assembler because it is so low-level (for example, you don't want to deal with pulling bits back and forth from memory).

I can't say about the MessageBox function specifically, but I'd guess that it's a LOT of instructions. Think about it: it has to draw the box, and style it however your computer styles it, and hook up an even handler so that something happens when the user clicks the button, tells Windows (or whatever operating system) to add it to the taskbar (or dock, etc), and so many other things.

pavpanchekha
+1  A: 

That is a bloated question if I ever saw one. BUT, I will try my best to give an overview. In a binary executable there are these things called "byte codes", byte codes are just the hex represtation of an instruction. Commonly you can "look up" byte codes and convert them to Assembly instructions. For example: The instruction:

mov ax, 2h

Has the byte code representation:

B8 02 00

The byte codes get loaded into RAM and executed by the processer as that is its "language". No one sane that I know programs in byte code, it would just be wayyyy to complicated. Assembly is...fun enough as it is. Whenever you compile a program in a higher level language it has to take your code and turn it into Assembly instructions, you just imagine how mangled your code would look after it compiles it. Don't get me wrong, compilers are great, but disassemble a C++ program with IDA Pro Freeware and you will see what I am talking about. That is executables in a nutshell, there are certainly books written on this subject. I am not a Windows API expert, but someone else can show you what the instruction would look like for calling the Windows API "MessageBox". It should only be a few lines of Assembly.

Nathan Adams