flat assembler
Message board for the users of flat assembler.
Index
> Main > struct ---> struc Goto page Previous 1, 2 |
Author |
|
ouadji 12 Oct 2010, 14:34
yes, you're right (early twenties ? ... hummm , memories ! ) |
|||
12 Oct 2010, 14:34 |
|
baldr 13 Oct 2010, 06:36
edfed,
There is something strange with your code, I must admit. Size operator for push… well, there is push imm8, but 200 won't fit in signed byte. Even if it will, pushed value will be 16/32 bits in size, so its EA should be something like ebp+8. |
|||
13 Oct 2010, 06:36 |
|
edfed 13 Oct 2010, 11:13
yes, it was just an example to demonstrate the idea, then, it can have some unexactness.
i will correct it. |
|||
13 Oct 2010, 11:13 |
|
3200th 13 Oct 2010, 12:09
edfed wrote: i'm in my late twenties, but i always look younger, even in real world. |
|||
13 Oct 2010, 12:09 |
|
Treant 24 Oct 2010, 13:28
Tomasz, why you did not add features for 'struc' such as unions and substructures?
I think struc and other should be compiler features, not macro, and i think compiler internals more important than readable source. Also why virtual directive not support 'virtual {}' define as struc directive? P.S Sorry for my english. |
|||
24 Oct 2010, 13:28 |
|
Tomasz Grysztar 24 Oct 2010, 13:50
Treant wrote: Tomasz, why you did not add features for 'struc' such as unions and substructures? But with classical fasm's approach "virtual" directive was enough to implement structures, unions, etc. The only problem with such approach was that it is a syntax that is highly nonstandard (though very generic). Treant wrote: Also why virtual directive not support 'virtual {}' define as struc directive? To learn more about those topics, please read my Design Principles and Understanding flat assembler (unfinished) articles. |
|||
24 Oct 2010, 13:50 |
|
Treant 26 Oct 2010, 12:11
Do I need use padding in struct directive for define x64 structures such as:
Code: struc _IO_STACK_LOCATION { label .MajorFunction byte at 0 ; 00h UCHAR label .MinorFunction byte at 1 ; 01h UCHAR label .Flags byte at 2 ; 02h UCHAR label .Control byte at 3 ; 03h UCHAR ; dword ; padding ; union Parameters ; 32 bytes ; struc Create ; 32 bytes label .Parameters.Create.SecurityContext qword at 8 ; 08h POINTER _IO_SECURITY_CONTEXT label .Parameters.Create.Options dword at 10h ; 10h ULONG ; dword ; padding label .Parameters.Create.FileAttributes word at 18h ; 18h USHORT POINTER_ALIGNMENT label .Parameters.Create.ShareAccess word at 1Ah ; 1Ah USHORT ; dword ; padding label .Parameters.Create.EaLength dword at 20h ; 20h ULONG POINTER_ALIGNMENT ; dword ; padding ; struc Read ; 24 bytes label .Parameters.Read.Length dword at 8 ; 08h ULONG ; dword ; padding label .Parameters.Read.Key dword at 10h ; 10h ULONG POINTER_ALIGNMENT ; dword ; padding label .Parameters.Read.ByteOffset qword at 18h ; 18h _LARGE_INTEGER <64 bit> ; struc Write ; 24 bytes label .Parameters.Write.Length dword at 8 ; 08h ULONG ; dword ; padding label .Parameters.Write.KeyKey dword at 10h ; 10h ULONG POINTER_ALIGNMENT ; dword ; padding label .Parameters.Write.ByteOffset qword at 18h ; 18h _LARGE_INTEGER <64 bit> ; struc QueryDirectory ; 32 bytes label .Parameters.QueryDirectory.Length dword at 8 ; 08h ULONG ; dword ; padding label .Parameters.QueryDirectory.FileName qword at 10h ; 10h POINTER _UNICODE_STRING label .Parameters.QueryDirectory.FileInformationClass dword at 18h ; 18h ENUM _FILE_INFORMATION_CLASS ; dword ; padding label .Parameters.QueryDirectory.FileIndex dword at 20h ; 20h ULONG POINTER_ALIGNMENT ; dword ; padding ; struc NotifyDirectory ; 16 bytes label .Parameters.NotifyDirectory.Length dword at 8 ; 08h ULONG ; dword ; padding label .Parameters.NotifyDirectory.CompletionFilter dword at 10h ; 10h ULONG POINTER_ALIGNMENT ; dword ; padding ; struc QueryFile ; 16 bytes label .Parameters.QueryFile.Length dword at 8 ; 08h ULONG ; dword ; padding label .Parameters.QueryFile.FileInformationClass dword at 10h ; 10h ENUM _FILE_INFORMATION_CLASS POINTER_ALIGNMENT ; dword ; padding ; struc SetFile ; 32 bytes label .Parameters.SetFile.Length dword at 8 ; 08h ULONG ; dword ; padding label .Parameters.SetFile.FileInformationClass dword at 10h ; 10h ENUM _FILE_INFORMATION_CLASS POINTER_ALIGNMENT ; dword ; padding label .Parameters.SetFile.FileObject qword at 18h ; POINTER _FILE_OBJECT ; union ; struc label .Parameters.SetFile.ReplaceIfExists byte at 20h ; 20h BOOLEAN label .Parameters.SetFile.AdvanceOnly byte at 21h ; 21h BOOLEAN label .Parameters.SetFile.ClusterCount dword at 20h ; 20h ULONG ; dword ; padding label .Parameters.SetFile.DeleteHandle qword at 20h ; 20h HANDLE ; struc QueryEa ; 32 bytes label .Parameters.QueryEa.Length dword at 8 ; 08h ULONG ; dword ; padding label .Parameters.QueryEa.EaList qword at 10h ; 10h POINTER label .Parameters.QueryEa.EaListLength dword at 18h ; 18h ULONG ; dword ; padding label .Parameters.QueryEa.EaIndex dword at 20h ; 20h ULONG POINTER_ALIGNMENT ; dword ; padding ; struc SetEa ; 8 bytes label .Parameters.SetEa.Length dword at 8 ; ULONG ; dword ; padding ; struc QueryVolume ; 16 bytes label .Parameters.QueryVolume.Length dword at 8 ; 08h ULONG ; dword ; padding label .Parameters.QueryVolume.FsInformationClass dword at 10h ; 10h ENUM _FILE_INFORMATION_CLASS POINTER_ALIGNMENT ; dword ; padding ; struc DeviceIoControl ; 32 bytes label .Parameters.DeviceIoControl.OutputBufferLength dword at 8 ; 08h ULONG ; dword ; padding label .Parameters.DeviceIoControl.InputBufferLength dword at 10h ; 10h ULONG POINTER_ALIGNMENT ; dword ; padding label .Parameters.DeviceIoControl.IoControlCode dword at 18h ; 18h ULONG POINTER_ALIGNMENT ; dword ; padding label .Parameters.DeviceIoControl.Type3InputBuffer qword at 20h ; 20h POINTER label .DeviceObject qword at 28h ; 28h POINTER _DEVICE_OBJECT label .FileObject qword at 30h ; 30h POINTER _FILE_OBJECT label .CompletionRoutine qword at 38h ; 38h POINTER _IO_COMPLETION_ROUTINE label .Context qword at 40h ; 40h POINTER } |
|||
26 Oct 2010, 12:11 |
|
Treant 26 Oct 2010, 12:27
I check it, must be.
|
|||
26 Oct 2010, 12:27 |
|
Tomasz Grysztar 26 Oct 2010, 12:37
You used "struc" in such way that it does not appear to make any sense. Why are you doing it like that?
|
|||
26 Oct 2010, 12:37 |
|
Treant 26 Oct 2010, 12:57
I define virtual with it structure:
Code: virtual at 0
vIoStackLocation _IO_STACK_LOCATION
end virtual
And use it, as offset of register: Code: mov edi, [rax+vIoStackLocation.Parameters.DeviceIoControl.OutputBufferLength] Can i define named union in struct? Code: union Parameters Return error: invalid macro arguments |
|||
26 Oct 2010, 12:57 |
|
Tomasz Grysztar 26 Oct 2010, 13:12
Treant wrote: I define virtual with it structure: Code: vIoStackLocation _IO_STACK_LOCATION but then really using "struc" macro in this place is redundant as well, it would be enough to do it like: Code: label vIoStackLocation at 0 label .MajorFunction byte at 0 ; 00h UCHAR label .MinorFunction byte at 1 ; 01h UCHAR label .Flags byte at 2 ; 02h UCHAR label .Control byte at 3 ; 03h UCHAR ; ... If you wanted "struc" for more flexibility, you would have to use relative addresses instead of absolute ones: Code: struc _IO_STACK_LOCATION { label .MajorFunction byte at $ ; 00h UCHAR label .MinorFunction byte at $+1 ; 01h UCHAR label .Flags byte at $+2 ; 02h UCHAR label .Control byte at $+3 ; 03h UCHAR ; ... } virtual at 0 vIoStackLocation _IO_STACK_LOCATION end virtual mov cl, [rax+vIoStackLocation.MajorFunction] virtual at rax aIoStackLocation _IO_STACK_LOCATION end virtual mov cl, [aIoStackLocation.MajorFunction] But this still looks terrible, since you calculate all the label addresses manually. This is how the "struc" was intended to be used: Code: struc _IO_STACK_LOCATION { .MajorFunction db ? .MinorFunction db ? .Flags db ? .Control db ? dd ? ; padding .Parameters dd 32 dup ? virtual at .Parameters .Parameters.Create.SecurityContext dq ? .Parameters.Create.Options dd ? .Parameters.Create.FileAttributes dw ? .Parameters.Create.ShareAccess dw ? .Parameters.Create.EaLength dd ? end virtual virtual at .Parameters .Parameters.Read.Length dd ? .Parameters.Read.Key dd ? .Parameters.Read.ByteOffset dd ? end virtual ; ... } virtual at 0 vIoStackLocation _IO_STACK_LOCATION end virtual mov cl, [rax+vIoStackLocation.MajorFunction] virtual at rax aIoStackLocation _IO_STACK_LOCATION end virtual mov cl, [aIoStackLocation.MajorFunction] |
|||
26 Oct 2010, 13:12 |
|
Treant 26 Oct 2010, 13:23
Ok, thank, then i will not use struct macro.
|
|||
26 Oct 2010, 13:23 |
|
Treant 26 Oct 2010, 14:14
Tomasz, may be add feature:
Code: virtual .Parameters at $ .Create.SecurityContext dq ? .Create.Options dd ? .Create.FileAttributes dw ? .Create.ShareAccess dw ? .Create.EaLength dd ? end virtual |
|||
26 Oct 2010, 14:14 |
|
Tomasz Grysztar 26 Oct 2010, 15:50
It seems that you still misunderstand the purpose of fasm's features. "virtual" itself is not any kind of structure declarator, it is a tools to define data at specified address without generating output in file (something like local "org" directive, with generated bytes discarded from output). "struc" macro on the other hand is for the purpose of prepending a name of structure to names starting with dot inside its definition. "struc" is part of preprocessed language, while "virtual" is part of assembler language - they are from different layers. To have nested structures you need to declare a separate "struc" for. Like:
Code: struc __CreationParameters { .SecurityContext dq ? .Options dd ? .FileAttributes dw ? .ShareAccess dw ? .EaLength dd ? } struc _IO_STACK_LOCATION { .MajorFunction db ? .MinorFunction db ? .Flags db ? .Control db ? dd ? ; padding .Parameters dd 32 dup ? virtual at .Parameters .Parameters.Create __CreationParameters end virtual ; ... } |
|||
26 Oct 2010, 15:50 |
|
Treant 26 Oct 2010, 21:04
How i can upgrade it?
Code: struc _IO_STATUS_BLOCK { .union0 rb 8 ; 00h union virtual at .union0 .Status rb 4 ; 00h NTSTATUS rb 4 ; padding end virtual virtual at .union0 .Pointer rb 8 ; 00h POINTER end virtual .Information rb 8 ; 08h POINTER ULONG } struc _KDEVICE_QUEUE_ENTRY { .DeviceListEntry _LIST_ENTRY ; 00h .SortKey rb 4 ; 10h ULONG .Inserted rb 1 ; 14h BOOLEAN rb 3 ; padding } struc _DRIVER_OBJECT { .Type rb 2 ; 00h CSHORT .Size rb 2 ; 02h CSHORT rb 4 ; padding .DeviceObject rb 8 ; 08h POINTER _DEVICE_OBJECT .Flags rb 4 ; 10h ULONG rb 4 ; padding .DriverStart rb 8 ; 18h POINTER .DriverSize rb 8 ; 20h ULONG .DriverSection rb 8 ; 28h POINTER .DriverExtension rb 8 ; 30h POINTER _DRIVER_EXTENSION .DriverName UNICODE_STRING ; 38h .HardwareDatabase rb 8 ; 48h POINTER UNICODE_STRING .FastIoDispatch rb 8 ; 50h POINTER _FAST_IO_DISPATCH .DriverInit rb 8 ; 58h POINTER .DriverStartIo rb 8 ; 60h POINTER .DriverUnload rb 8 ; 68h POINTER .MajorFunction rb (IRP_MJ_MAXIMUM_FUNCTION + 1)*8 ; 70h } struc _IO_STACK_LOCATION { .MajorFunction rb 1 ; 00h UCHAR .MinorFunction rb 1 ; 01h UCHAR .Flags rb 1 ; 02h UCHAR .Control rb 1 ; 03h UCHAR rb 4 ; padding .Parameters rb 32 ; 08h union virtual at .Parameters .Parameters.Create.SecurityContext rb 8 ; 08h POINTER _IO_SECURITY_CONTEXT .Parameters.Create.Options rb 4 ; 10h ULONG rb 4 ; padding .Parameters.Create.FileAttributes rb 2 ; 18h USHORT POINTER_ALIGNMENT .Parameters.Create.ShareAccess rb 2 ; 1Ah USHORT rb 4 ; padding .Parameters.Create.EaLength rb 4 ; 20h ULONG POINTER_ALIGNMENT rb 4 ; padding end virtual virtual at .Parameters .Parameters.Read.Length rb 4 ; 08h ULONG rb 4 ; padding .Parameters.Read.Key rb 4 ; 10h ULONG POINTER_ALIGNMENT rb 4 ; padding .Parameters.Read.ByteOffset rb 8 ; 18h _LARGE_INTEGER <64 bit> end virtual virtual at .Parameters .Parameters.Write.Length rb 4 ; 08h ULONG rb 4 ; padding .Parameters.Write.Key rb 4 ; 10h ULONG POINTER_ALIGNMENT rb 4 ; padding .Parameters.Write.ByteOffset rb 8 ; 18h _LARGE_INTEGER <64 bit> end virtual virtual at .Parameters .Parameters.QueryDirectory.Length rb 4 ; 08h ULONG rb 4 ; padding .Parameters.QueryDirectory.FileName rb 8 ; 10h POINTER _UNICODE_STRING .Parameters.QueryDirectory.FileInformationClass rb 4 ; 18h ENUM _FILE_INFORMATION_CLASS rb 4 ; padding .Parameters.QueryDirectory.FileIndex rb 4 ; 20h ULONG POINTER_ALIGNMENT rb 4 ; padding end virtual virtual at .Parameters .Parameters.NotifyDirectory.Length rb 4 ; 08h ULONG rb 4 ; padding .Parameters.NotifyDirectory.CompletionFilter rb 4 ; 10h ULONG POINTER_ALIGNMENT rb 4 ; padding end virtual virtual at .Parameters .Parameters.QueryFile.Length rb 4 ; 08h ULONG rb 4 ; padding .Parameters.QueryFile.FileInformationClass rb 4 ; 10h ENUM _FILE_INFORMATION_CLASS POINTER_ALIGNMENT rb 4 ; padding end virtual virtual at .Parameters .Parameters.SetFile.Length rb 4 ; 08h ULONG rb 4 ; padding .Parameters.SetFile.FileInformationClass rb 4 ; 10h ENUM _FILE_INFORMATION_CLASS POINTER_ALIGNMENT rb 4 ; padding .Parameters.SetFile.FileObject rb 8 ; 18h POINTER _FILE_OBJECT .union0 rb 8 ; 20h union virtual at .union0 .Parameters.SetFile.ReplaceIfExists rb 1 ; 20h BOOLEAN .Parameters.SetFile.AdvanceOnly rb 1 ; 21h BOOLEAN rb 6 ; padding end virtual virtual at .union0 .Parameters.SetFile.ClusterCount rb 4 ; 20h ULONG rb 4 ; padding end virtual virtual at .union0 .Parameters.SetFile.DeleteHandle rb 8 ; 20h HANDLE end virtual end virtual virtual at .Parameters .Parameters.QueryEa.Length rb 4 ; 08h ULONG rb 4 ; padding .Parameters.QueryEa.EaList rb 8 ; 10h POINTER .Parameters.QueryEa.EaListLength rb 4 ; 18h ULONG rb 4 ; padding .Parameters.QueryEa.EaIndex rb 4 ; 20h ULONG POINTER_ALIGNMENT rb 4 ; padding end virtual virtual at .Parameters .Parameters.SetEa.Length rb 4 ; ULONG rb 4 ; padding end virtual virtual at .Parameters .Parameters.QueryVolume.Length rb 4 ; 08h ULONG rb 4 ; padding .Parameters.QueryVolume.FsInformationClass rb 4 ; 10h ENUM _FILE_INFORMATION_CLASS POINTER_ALIGNMENT rb 4 ; padding end virtual virtual at .Parameters .Parameters.DeviceIoControl.OutputBufferLength rb 4 ; 08h ULONG rb 4 ; padding .Parameters.DeviceIoControl.InputBufferLength rb 4 ; 10h ULONG POINTER_ALIGNMENT rb 4 ; padding .Parameters.DeviceIoControl.IoControlCode rb 4 ; 18h ULONG POINTER_ALIGNMENT rb 4 ; padding .Parameters.DeviceIoControl.Type3InputBuffer rb 8 ; 20h POINTER end virtual .DeviceObject rb 8 ; 28h POINTER _DEVICE_OBJECT .FileObject rb 8 ; 30h POINTER _FILE_OBJECT .CompletionRoutine rb 8 ; 38h POINTER _IO_COMPLETION_ROUTINE .Context rb 8 ; 40h POINTER } struc _KAPC { .Type rb 1 ; 00h UCHAR .SpareByte0 rb 1 ; 01h UCHAR .Size rb 1 ; 02h UCHAR .SpareByte1 rb 1 ; 03h UCHAR .SpareLong0 rb 4 ; 04h ULONG .Thread rb 8 ; 8h POINTER _KTHREAD .ApcListEntry _LIST_ENTRY ; 10h .KernelRoutine rb 8 ; 20h POINTER .RundownRoutine rb 8 ; 28h POINTER .NormalRoutine rb 8 ; 30h POINTER .NormalContext rb 8 ; 38h POINTER .SystemArgument1 rb 8 ; 40h POINTER .SystemArgument2 rb 8 ; 48h POINTER .ApcStateIndex rb 1 ; 50h CCHAR .ApcMode rb 1 ; 51h KPROCESSOR_MODE .Inserted rb 1 ; 52h BOOLEAN rb 5 ; padding } struc _IRP { .Type rb 2 ; 00h CSHORT .Size rb 2 ; 02h CSHORT rb 4 ; padding .MdlAddress rb 8 ; 08h POINTER _MDL .Flags rb 4 ; 10h ULONG rb 4 ; padding .AssociatedIrp rb 8 ; 18h union virtual at .AssociatedIrp .AssociatedIrp.MasterIrp rb 8 ; 18h POINTER _IRP end virtual virtual at .AssociatedIrp .AssociatedIrp.IrpCount rb 4 ; 18h LONG rb 4 ; padding end virtual virtual at .AssociatedIrp .AssociatedIrp.SystemBuffer rb 8 ; 18h POINTER end virtual .ThreadListEntry _LIST_ENTRY ; 20h .IoStatus _IO_STATUS_BLOCK ; 30h .RequestorMode rb 1 ; 40h KPROCESSOR_MODE .PendingReturned rb 1 ; 41h BOOLEAN .StackCount rb 1 ; 42h CHAR .CurrentLocation rb 1 ; 43h CHAR .Cancel rb 1 ; 44h BOOLEAN .CancelIrql rb 1 ; 45h KIRQL .ApcEnvironment rb 1 ; 46h CCHAR .AllocationFlags rb 1 ; 47h UCHAR .UserIosb rb 8 ; 48h POINTER _IO_STATUS_BLOCK .UserEvent rb 8 ; 50h POINTER _KEVENT .Overlay rb 16 ; 58h union virtual at .Overlay .union0 rb 8 ; 58h union virtual at .union0 .Overlay.AsynchronousParameters.UserApcRoutine rb 8 ; 58h POINTER end virtual virtual at .union0 .Overlay.AsynchronousParameters.IssuingProcess rb 8 ; 58h POINTER end virtual .Overlay.AsynchronousParameters.UserApcContext rb 8 ; 60h POINTER end virtual virtual at .Overlay .Overlay.AllocationSize rb 8 ; 58h _LARGE_INTEGER <64 bit> end virtual .CancelRoutine rb 8 ; 68h POINTER .UserBuffer rb 8 ; 70h POINTER .Tail rb 58h ; 78h union ?? virtual at .Tail .union1 rb 32 ; 78h union virtual at .union1 .Tail.Overlay.DeviceQueueEntry _KDEVICE_QUEUE_ENTRY ; 78h end virtual virtual at .union1 .Tail.Overlay.DriverContext rb 8*4 ; 78h POINTER[4] end virtual .Tail.Overlay.Thread rb 8 ; 98h POINTER _ETHREAD .Tail.Overlat.AuxiliaryBuffer rb 8 ; A0h POINTER CHAR .Tail.Overlay.ListEntry _LIST_ENTRY ; A8h .union2 rb 8 ; B8h union virtual at .union2 .Tail.Overlay.CurrentStackLocation rb 8 ; B8h POINTER _IO_STACK_LOCATION end virtual virtual at .union2 .Tail.Overlay.PacketType rb 4 ; B8h ULONG rb 4 ; padding end virtual .Tail.Overlay.OriginalFileObject rb 8 ; C0h POINTER _FILE_OBJECT end virtual virtual at .Tail .Tail.Apc _KAPC ; 78h end virtual virtual at .Tail .Tail.CompletionKey rb 8 ; 78h POINTER end virtual } |
|||
26 Oct 2010, 21:04 |
|
baldr 26 Oct 2010, 21:19
Treant,
You may move virtuals toward the head and scoop some bytes in source skipping « at .union0» part. Padding isn't needed too (it's discarded, without any apparent effect — unless memory-wise). Same for the following. Is there a real problem that you're going to solve with struc directive instead of struct macro? |
|||
26 Oct 2010, 21:19 |
|
Treant 26 Oct 2010, 21:42
Quote: Is there a real problem that you're going to solve with struc directive instead of struct macro? I don't know, without include dependence - no problem, but in struc macro too much is not enough. For example this sample: Code: struct tst union tst0 struc tst1 union struct tst3 dd 0 ends tst2 dd 0 ends ends ends ends teststruct tst |
|||
26 Oct 2010, 21:42 |
|
Treant 26 Oct 2010, 21:47
Many topics about structures.
Apparently this is a big problem... |
|||
26 Oct 2010, 21:47 |
|
Goto page Previous 1, 2 < Last Thread | Next Thread > |
Forum Rules:
|
Copyright © 1999-2024, Tomasz Grysztar. Also on GitHub, YouTube.
Website powered by rwasa.