Inline assembler get address of pointer Visual Studio

Question

I have a function in VS where I pass a pointer to the function. I then want to store the pointer in a register to further manipulate. How do you do that?

I have tried

float __declspec(align(16)) x[16] = 
{
    0.125000, 0.125000, 0.125000, 0,
    -0.125000, 0.125000, -0.125000, 0,
    0.125000, -0.125000, -0.125000, 0,
    -0.125000, -0.125000, 0.125000, 0
};

void e()
{
    __asm mov eax, x // doesn't work
    __asm mov ebx, [eax]
}

void f(float *p)
{
    __asm mov eax, p // does work
    __asm mov ebx, [eax]
}

int main()
{
    f(x);
    e();
}

Answer 1

Option 1 actually seems to work fine. Consider the following program:

#include <stdio.h>

void f(int *p) {
    __asm mov eax, p
    __asm mov ebx, [eax]
    // break here
}

void main()
{
    int i = 0x12345678;
    f(&i);
}

With Visual Studio 2008 SP1, a single-file C++ program and debug build, I'm getting the following in the registers window when stepping into the end of f():

EAX = 004DF960 
EBX = 12345678 
ECX = 00000000 
EDX = 00000001 
ESI = 00000000 
EDI = 004DF884 
EIP = 003013C3 
ESP = 004DF7B8 
EBP = 004DF884 
EFL = 00000202

Looking at the values in EAX, EBX and ESP, that looks like a pretty good evidence that you actually have the pointer you wanted in EAX. The address in EAX is just a tad higher than the one in ESP, suggesting it's one frame higher up the stack. The dereferenced value loaded into EBX suggests we got the right address.

---

Loading the address of a global is subtly different. The following example uses the LEA instruction to accomplish the task.

#include <stdio.h>

int a[] = { 0x1234, 0x4567 };

void main()
{
    // __asm mov eax, a    ; interpreted as eax <- a[0]
    __asm lea eax, a       ; interpreted as eax <- &a[0]
    __asm mov ebx, [eax]
    __asm mov ecx, [eax+4]
    // break here
}

Stepping to the end of main() gets you the following register values. EAX gets the address of the first element in the array, while EBX an ECX get the values of its members.

EAX = 00157038 
EBX = 00001234 
ECX = 00004567 
EDX = 00000001 
ESI = 00000000 
EDI = 0047F800 
EIP = 001513C9 
ESP = 0047F734 
EBP = 0047F800 
EFL = 00000202 

The magic isn't in the LEA instruction itself. Rather, it appears that the __asm directive treats C/C++ identifiers differently depending on whether a MOV or an LEA instruction is used. Here is the ASM dump of the same program, when the MOV instruction is uncommented. Notice how the MOV instruction gets the content of a[] as its argument (DWORD PTR), while the LEA instruction gets its offset.

; ...

PUBLIC ?a@@3PAHA       ; a
_DATA SEGMENT
?a@@3PAHA DD 01234H    ; a
          DD 04567H
_DATA   ENDS

; ...

mov eax, DWORD PTR ?a@@3PAHA
lea eax, OFFSET ?a@@3PAHA
mov ebx, DWORD PTR [eax]
mov ecx, DWORD PTR [eax+4]

; ...

Answer 2

I'm not sure if this is correct, but have you tried casting *p to an int first and then loading that value?

void f(*p) { int tmp = (int)p; // asm stuff... }