2 Privalov
Do you plan to add CodeView and line number information to COFF format output?
Posted on 2002-08-14 16:11:59 by Sergo
I will work on it when I finally find some time to read more about these structures. :)
Posted on 2002-08-15 09:29:49 by Tomasz Grysztar
To Privalov:

1)Ok. sounds good
I hope you put some CV in PE format too.


2) Macros:

How can a reserved word 'label' can be used as a name of a label?

macro strtbl name,
{
common
label name dword ; declares a dword called name - OK
forward
local label ; declare a local symbol called 'label' - ???
dd label
forward
label db string,0
}

also,
=====================
macro library ; how a reserved word can be
{ forward ; used as parameter
local _label
dd 0,0,0,RVA _label,RVA label
===========


3)
Can somebody give me a good example how to declare locals in FASM?
(like LOCAL in MASM)
What if I want to use ESP to reference them?

4) Import section
Isn't assembler capable of tracking what extern symbols
(assumed there are appropriate headers informing what functions
each module contains) were used and then automatically
generate symbol table?

5)

============== Whatsnew.txt===================================
[+] timestamps generated for COFF and PE
==============================================================

Maybe it makes sense to define some set of predefined macros,
like timestamp dword, to put something in import section
And in general, there are so many holes (zeroes) in produced PE file.
Hope, there are not so important.

6) how to declare '.drective' section for the linker?
at least '/entry:'


Sorry, if it was too much.
Posted on 2002-08-15 18:36:49 by Sergo

How can a reserved word 'label' can be used as a name of a label?

This is in macroinstruction, where word 'label' is replaced with something different (when "label" is declared as local for the macro, it's replaced with something like "label?0027") before that source is parsed, and the reserved words are reserved at the parser stage.


Can somebody give me a good example how to declare locals in FASM?

Any data you define between "proc" macro and "enter" macro will be defined on stack as local, eg:


proc WndProc, hwnd,wmsg,wparam,lparam
lcdw dd ?
lcrc RECT
lcbuf rb 100
enter
; ...
return


What if I want to use ESP to reference them?

You'll have to modify the macros.


Isn't assembler capable of tracking what extern symbols
(assumed there are appropriate headers informing what functions
each module contains) were used and then automatically
generate symbol table?

http://www.asmcommunity.net/board/index.php?topic=6693
For COFF format you'd need another macros, but it surely can be done.


how to declare '.drective' section for the linker?

That will need two additional section flags for COFF, I'll try to do something about it. ;)
Posted on 2002-08-15 18:48:37 by Tomasz Grysztar
2 Privalov
1.
So , if a word 'label' used as a parameter how assembler distinguish res. word from parameter

2. Since FASM can stand for 'Freedom ASM' I propose may be you allow a programmer directly specifiy section flags (as dword), (an example using predefined constanst from winnt.h)

section '.drectve' IMAGE_SCN_LNK_INFO | IMAGE_SCN_LNK_REMOVE

It would allow not to pollute FASM resereved words namespace with all diferrent flags than could be needed in the future.

And as a further generalization allow directly put all MZ, PE headers in the image
leaving an option to specify 'default' or just empty member of the structure allowing the assembler fill that member. Something like this (not quite FASM synax):

MY_PE_OFFSET equ 200
ORG 0h ( or RVA 0)
MZ <..., MY_PE_OFF > ; 200 - elfanew
; here code for MS STUB if needed
.....
ORG MY_PE_OFFSET
IMAGE_FILE_HEADER < 0x014c, , , ....>; if initialization value is skipped
; it's filled by ASM

IMAGE_OPTIONAL_HEADER < ... >

IMAGE_SECTION_HEADER < > ; for section you use
IMAGE_SECTION_HEADER < >


3. Is it possible set by default if path for source and image is not given FASM searches in the current directory, otherwise I have to put the full name for the source if Windows finds FASM in %PATH%.

4.
Why do you put fasm's image flags
IMAGE_FILE_BYTES_REVERSED_LO | IMAGE_FILE_BYTES_REVERSED_HI
at the same time?
Most images don't have them at all.
Anyway if it's the machine type is set 386 it would be always little endian.

5. How to put in FASM .tls section?
Posted on 2002-08-17 14:58:40 by Sergo
If understand the predoc correctly if.. end if are considered as assembler directives not the preprocessor's ones, so

if MY_INC eq
include myinc.inc
end if

myinc.inc is loaded in memory any way and waste memory not being parsed anyway.
Posted on 2002-08-17 15:11:43 by Sergo
1. The parameters to macroinstruciton are processed by preprocessor, while reseved words are recognized by parser. fasm consists of four parts: preprocessor, parser, assembler and formatter, each next is doing its work after the previous is finished. So the parameter 'label' is replaced with its values before even the parser gets to it.

2. About section flags: it can be done. About filling the headers: the 'org' directive doesn't work this way.

3. It should search in current directory because this is the default behaviour of Win32 fs functions. I don't know why it wouldn't work for you.
Posted on 2002-08-17 15:37:45 by Tomasz Grysztar

If understand the predoc correctly if.. end if are considered as assembler directives not the preprocessor's ones, so (...) myinc.inc is loaded in memory any way and waste memory not being parsed anyway.

It's preprocessed, and it's parsed, too. It's only not assembled. Remember the order of fasm modules.
Posted on 2002-08-17 15:39:42 by Tomasz Grysztar
1.
So what's your way to let a programmer specify specific of various image attributes in COFF(both exe and obj) & MZ headers?
Apparently , adding extra switch in for each attribute ( like it's done in MS link) is not the best way, especially that specification can change in the future and new flags can be added or deleted.

2. Just confirm,
'if end' are NOT dealt by preprocessor and and all conditional includes DO get loaded in memory?

3. What about IMAGE_FILE_BYTES_REVERSED_LO | IMAGE_FILE_BYTES_REVERSED_HI
in fasm.exe?
Posted on 2002-08-17 16:10:45 by Sergo
1. Why you think it's so important to specify some non-standard attributes? Well, if you really want to control everything in headers, you can create the PE from scratch using the binary output format, here's an example:


macro align value { times (value-1) - ($ + value-1) mod value db 0 }

MZ_header:
dw 'MZ'
dw stub_end,1
dw 0,4,10h,0FFFFh,0,100h+stub_end-stub_code,0,0,0,stub_code
rb 3Ch-$
dd stub_end

use16

stub_code:
push cs
pop ds
mov dx,stub_message-stub_code
mov ah,9
int 21h
mov ax,4C01h
int 21h
stub_message db 'this program cannot be run in DOS mode.',0Dh,0Ah,24h
align 8
stub_end:

use32

RVA equ -400000h+

PE_header:
dd 'PE'
dw 14Ch,1
dd 0,0,0
dw sections-NT_header,818Fh

NT_header:
dw 10Bh,0
dd 0,0,0,RVA start,0,0,400000h
dd 1000h,200h
dd 1,0,3 + 10 shl 16,0
dd 2000h,200h,0,2
dd 1000h,1000h,10000h,0,0,2

directories:
dd 0,0
dd RVA import_data,import_end-import_data

sections:
dq '.flat'
dd 1000h,1000h,200h,flat_section
dd 0,0,0,0E0000060h

rb 200h-$

flat_section:

org 401000h+$-flat_section

start:

push 0
push user_name
push _MessageBoxA+2
push 0
call [MessageBox]

ret

import_data:

dd 0,0,0,RVA user_name,RVA user_table
dd 0,0,0,0,0

user_table:
MessageBox dd RVA _MessageBoxA
dd 0

user_name db 'USER32.DLL',0

_MessageBoxA dw 0
db 'MessageBoxA',0

import_end:

org flat_section+$-401000h
align 200h


2. And why shouldn't I get them loaded into memory? fasm has no memory limitations, and the condition can possibly change during the assembly passes and then I'd need that code which was skipped usually.

3. Both these flags together mean the data is little-endian (there's a mistake in the latest M$ docs, but it was correctly defined in early version of PE specificatin which I was using), as I recall BYTES_REVERSED_LO had to mean that bytes are swapped in the word, BYTES_REVERSED_HI had to mean that words are swapped in the dword.
Posted on 2002-08-17 16:35:58 by Tomasz Grysztar
I came to the same conclusion (to use binary format).
But it's OK for a small program, but if you have several section
it would be nice if assembler keep track of file (512) and section(4K)
misalignment.

Maybe its possible to find some middle ground solution that can give both
convenience and flexibility at the same time. Some sort of templates
for the formatter so when format specification changes
you just say the FASM formatter use another template.
or in simple way - just set of macros for binary format.

If it's too much, well, control over
Optional Header Data Directories and Section headers
would not hurt.

Minor comments for the current FASM PE formatter:
1. There is no need to generate all 10 OH Data Dirs if they are not used.
2.You allow to set subsystem field but there is no way to set
OS version (it's always set to 1.0)
3.
PE GUI 4.1 sets '04 0A' Is it supposed to be so ( 10 instead of 1)?
4. How about image version ?
5. Size(Base) of Code/Data are not set. Because of SizeofCode=0 OllyDbg get confused and says
that entry point is outside of code section.
6. Dedicated section for uninitialized data
( in addition to extending virtual size of section)
7. How to put export/import section in existing section?
(typical example - kernel32.dll - export dir in .text section, or for small intro)
Adding export word after section declaration sets the size of export
tabel in the OH Data Dir to the size of the section which is not good,
especially if forwarding is used. Adding both 'export , import' after 'section'
results in corrupted image.

8. MS defined a standard for PE and none of its images has either of
FLAGS IMAGE_FILE_BYTES_REVERSED_LO | IMAGE_FILE_BYTES_REVERSED_HI
but they have IMAGE_FILE_DEBUG_STRIPPED sometimes
( there is still no debug symbols in FASM images ;) )
Posted on 2002-08-19 19:26:59 by Sergo
1. Some programs expect that PE contains 10h directories and rely on that, I don't remember now which programs. Never mind. I've never seen the PE with other number of directories.
2. All Win32 versions made for i386 are 1.0, maybe it would change for some 64-bit systems? fasm generates only PE32 format.
3. The same as for Windows 3.1 it is 3.10 (check it!)
4. I leave it as an exercise :tongue:
5. It was set in the earliest versions of fasm, but then I changed mind because there was no good way to always calculate correct sizes when you are allowed to mix code/data section in any order or put the code and data in the same section. I had no such problem with latest OllyDbg versions.
6. When you put only uninitialized data inside the section, fasm will mark it as udata automatically
7. "data" directive. RTFM!!!
8. TASM did put those flags in PE, and I was following the TASM standards when designing fasm
Posted on 2002-08-19 21:11:24 by Tomasz Grysztar
Sorry, Privalov, I guess you got sick of me already, but I like FASM
more and more every day, that's why I keep asking..

1.
Is it possible to chanege the FASM so it reports errors on a single line
i.e file.asm [11] Fatal error - CPU not found :)
and it would be great if the output format would be conformant with Visual Studio
(it has a nice feature - F4 and it points to the error line in the source)

2. /nologo or /quiet switch

3. How to set a default alignment for labels withing a section (or part of file )?

4. If I define a section that contains only rb directive formatter
sets both IMAGE_SCN_CNT_INITIALIZED_DATA IMAGE_SCN_CNT_UNINITIALIZED_DATA?
I understand that loader commits this region and hence it is initialized to zero,
but other linkers don't set INIT flag anyway ( for example, GNU linker .bss section)
Also you don't set PointerToRawData to zero zero for unitialized section
( from pecoff.pdf = When a section contains only uninitialized data,
this field should be 0.)

5 Multi line comments ('comment' directive in MASM)
6. How to ASSUME esi: ptr SOMESTRUC in FASM
So just write mov ebx, pointStruc
mov , 100

7. Warning message about constant redefinition
7a) And what exactly the differnce between '=' and 'equ'
Do they both processed by the assembler? (not preprocessor)
8. STRUCT equ struc doesn't work (I'm tryning to use MASM headers)
9. Does anybody working on making full Win32 headers like in MASM32 package?
10. How to write struc initialization list? It's possible if it was declared with
with parameters, but usally headers come without them, like this

struc POINT { .x dd ? .y dd ? }


Also as a consequnece, of declaring members as 'dd' 'db' etc, given that there
is STILL no way to set section attributes explictly (i.e uninit data)
each struct consumes space in the file. Possible solution is to declare members
using 'r_' rb,rd, etc. but in this case I can't initialize it if I put in init section
and have to keep to separate declaratoin of the same structere for init/uninit data.


11. I know how to set image version in binary format, but in PE?
12. All images that come with Win98 has OS version 4.0 , with W2K - 5.0
Also linkers set it to 4.0


13. From your binary example (thanks, btw)
flat_section:
org 401000h+$-flat_section
; isn't $ is always equal to flat_section?

14. As I understand PE specs Data dirs have nothing to do with section.
(Export directory works fine even if its right after the header
in the first 512 bytes)
So maybe it is possibe to make separate keyword framework for them so programmer
can put them in any section.)
I read about data directive, but how do I know exactly the file(image) offset
formatter will put it?
Also what about support for bound import section? It should be difficult
( but I couldn't find specs for it in PECOFF.pdf)

15. Is it possible to inject data section in code something like it's done in MASM:
( not just put data in data in code section, because it slows down CPU)
invoke MessageBox, 0, String ("Hello"),0,0

literal MACRO quoted_text:VARARG
LOCAL local_text
.data
local_text db quoted_text,0
.code
EXITM <local_text>
ENDM

SOFF MACRO quoted_text:VARARG ; the same as lit
EXITM <offset literal(quoted_text)>
ENDM


16. Please, put more macro examples in the distribution archive.

17. Most program that work with PE images (depends.exe PEView) have no problem
exploring the files with less than 10h dirs.
Sec. attrib: It was not Borland who designed specs for COFF/PE.
Posted on 2002-08-22 17:12:41 by Sergo
I'll answer only to some of them, because the other need more thinking from me ;)

1. Just modify "line_data_start db ':',0Dh,0Ah,0" line in the system.inc to "line_data_start db ':',0".
4. In this case you just shouldn't provide "data" flag in the section declaration.
7. If you wan't to be not-redefinable, define it as label ("label smth at 100" instead of "smth = 100"), everything about "=" "equ" you can read in the latest docs.
8. Yeah, equ's are processed after macros, sorry, i had to choose some order
9. I don't know.
13. This is because I was planning more complex example, you can remove this
14. "data" directive defines its data exactly where it is used (thus in the section where it's put). Well, the main reason why I had called fasm the "flat" is that it always puts all the data and code in exactly the same order as in the source code.
15. After my answer to 14 you should understand that it's impossible
sec attrib: but I trust Borland more.
Posted on 2002-08-22 17:31:01 by Tomasz Grysztar
4. Maybe you finally let user set section attributes as a dword, please?

7. Redefinition warning could be useful when you include not written by yourself header
files with a lot of equates (i.e Win32) and accidently redefine some constant on which
this header relyies on.

8. So, constants defined with '=' processed before macros, and 'equ' after?

"The symbolic constants are diferent from the numerical constants, before
the assembly process they are replaced with their values everywhere in source
lines after their definitions"

Isn't a constant defined with '=' is replaced with its value in the source file
as well?


14. If use 'data' directive outside any section where the formatter would put it?

15. You don't plan to add some feature that allows define some data on the fly?
BTW, If I define several section with the same name , would FASM merge them?
(I assume in the order they were defined, like linkers merge data$A,..data$Z )
(Can't check now :( )
Posted on 2002-08-22 18:22:01 by Sergo
8. Both are processed after macros, but symbolic constant are replaced with the value, which can be anything, before parsing. The '=' constants are not replaced, they are just equal to some numbers, but these values can change during the passes of assembly process.
14. How would you do that? Every place in source belongs to the section declared just before, if there were no section declared yet, it belongs to '.flat' section.
15. The linker will do it for you when you are using the COFF format.
Posted on 2002-08-22 18:29:59 by Tomasz Grysztar
14. But directory doesn't have to belong some section. (At least loader doesn't care
as long the page it lies readable for export / and r/w for import)

15. But FASM PE formatter won't ? ( merge section with the same name)

How can I declare a section at specific address?
Posted on 2002-08-22 18:48:24 by Sergo
Well, how could you have data loaded into memory if it doesn't belong to any section?
fasm PE formatter creates the section just as you write them in source.
And what do you mean: at specific address? If you need a specific RVA, just can do some kind of alignment with uninitialized data.
Posted on 2002-08-22 19:00:10 by Tomasz Grysztar
The first page containg header is always loaded and committed and marked as readable.
And there are a lot of space left after the header that can be used to store data
( directories that need read only access, text messages, etc.)
I check it with manualy made images - works fine!)

What I meant is VirtualAddress field in section header, so programmer can specify
where loader will map this section in process address space.
And in general what I'm crying about is to give FASM users control over section header.
like
section _ here goes binary strucure represention section header

I hope FASM also stands for 'Flexible'
Posted on 2002-08-22 19:27:34 by Sergo
You have it flexible in binary output mode, I don't want to bloat the formatter too much, because I don't see the point for doing that. The aesthetical design of syntax is also important for me (sorry for a bit of artistical insanity).
Posted on 2002-08-22 20:31:41 by Tomasz Grysztar