flat assembler
Message board for the users of flat assembler.

Index > DOS > Chances to debug a .com file with source (labels/comments/)?

Goto page Previous  1, 2
Author
Thread Post new topic Reply to topic
marste



Joined: 05 May 2015
Posts: 44
marste 20 Sep 2015, 21:53
ACP wrote:
BTW: An interesting detail: I did not remember that TASM is using xchg bx,bx as padding (fasm is using nop).


TASM is adding a single nop (90h) in case of an even number of bytes

I've noticed also other "assembler signatures" of the FASM/TASM. When I get back to them I'll post Smile
Post 20 Sep 2015, 21:53
View user's profile Send private message Reply with quote
ACP



Joined: 23 Sep 2006
Posts: 204
ACP 21 Sep 2015, 13:23
Please do!
Post 21 Sep 2015, 13:23
View user's profile Send private message Reply with quote
marste



Joined: 05 May 2015
Posts: 44
marste 21 Sep 2015, 17:01
for example compilation of the instruction "xor ax,ax":
tasm: 33 C0
fasm: 30 C0
Post 21 Sep 2015, 17:01
View user's profile Send private message Reply with quote
revolution
When all else fails, read the source


Joined: 24 Aug 2004
Posts: 20430
Location: In your JS exploiting you and your system
revolution 22 Sep 2015, 06:04
Assembler fingerprinting can be interesting. I think that many AV companies use these kinds of details to help determine which compilers and languages are used to create different parts of the code.
Post 22 Sep 2015, 06:04
View user's profile Send private message Visit poster's website Reply with quote
marste



Joined: 05 May 2015
Posts: 44
marste 23 Sep 2015, 13:56
Was seeming strange to me that already the first instruction of my program (xor ax,ax) was compiled differently but I was having to debug and didn't take much attention to other ones.
But checking a bit better I was able to find that A LOT of instructions are in reality compiled with different machine codes!
Seems anyway that all are of same length (and that was important to me), but I don't know if a different coding would mean different execution speed (and if vary on different processors)!
Post 23 Sep 2015, 13:56
View user's profile Send private message Reply with quote
ACP



Joined: 23 Sep 2006
Posts: 204
ACP 24 Sep 2015, 17:01
Welcome to the great world of x86 instruction set encoding. Actually I wonder if any assembler uses different encoding for the same instruction when different target process has been selected.

There is also a interesting case of A86 assembler: it generated different output files for registers and unregistered versions from the same source.

@revolution
You are right. IDA FLIRT is a great example of another usage of fingerprinting compilers but it rather targets high level language compilers. I haven't seen a good analysis of fingerprinting assemblers on x86. It would be interested to see one eventually.
Post 24 Sep 2015, 17:01
View user's profile Send private message Reply with quote
marste



Joined: 05 May 2015
Posts: 44
marste 06 Oct 2015, 11:38
PS: my "little" program...
http://sourceforge.net/projects/smmax/files/smex%20583%20fide.zip/download
(reference compilation with fasm! Smile)
Post 06 Oct 2015, 11:38
View user's profile Send private message Reply with quote
marste



Joined: 05 May 2015
Posts: 44
marste 10 Oct 2015, 20:32
Post 10 Oct 2015, 20:32
View user's profile Send private message Reply with quote
rugxulo



Joined: 09 Aug 2005
Posts: 2341
Location: Usono (aka, USA)
rugxulo 25 Sep 2016, 02:17
Okay, I'm late to respond, but here's a few ideas:

Don't bother with TASM, it's of questionable legality (unless you already have an old copy).

EDIT: For completeness, there is a partial TASM ("Ideal") clone called Lazy Assembler (LZASM) circa 2007 that is freeware (Win32 or DOS) and supports debug info as well.

At the basic level, it's easiest to just insert "int3" as breakpoint where you want the debugger to stop, and go from there.

If your debugger doesn't support your kind of symbolic info, and you're running raw DOS (and not multitasking), you can use something like Dave Dunfield's TFB (TSR file browser).

If you're using an emulator (JPC? Bochs?), chances are that they support their own built-in debugger (although DOSBox may need a third-party build to enable this).

A86/D86 (shareware) supports its own .SYM format.

NASM and YASM support various debug infos, but I have no idea which debuggers work best for them. ("nasm -f obj -y" says "Borland Debug Records". "yasm -g help" says "CodeView/VC8, DWARF2, Stabs".)

DJGPP GAS is supported by their GDB (7.1?), not sure about FSDB or EDEBUG32.

WASM/JWasm are supported by OpenWatcom's WD. This might be your best bet.

Ladsoft's VALX (or MKSYM) can produce symbol files for use with his GRDB.


Last edited by rugxulo on 29 Sep 2016, 23:57; edited 1 time in total
Post 25 Sep 2016, 02:17
View user's profile Send private message Visit poster's website Reply with quote
marste



Joined: 05 May 2015
Posts: 44
marste 29 Sep 2016, 09:57
Ciao rugxulo!

I already managed long time ago with Turbo Debugger and delivered successfully Super Micro Chess! Smile

Your information can be anyway useful for someone else in my situation!

Thank you!
_Stefano
Post 29 Sep 2016, 09:57
View user's profile Send private message Reply with quote
Display posts from previous:
Post new topic Reply to topic

Jump to:  
Goto page Previous  1, 2

< Last Thread | Next Thread >
Forum Rules:
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum


Copyright © 1999-2024, Tomasz Grysztar. Also on GitHub, YouTube.

Website powered by rwasa.