flat assembler
Message board for the users of flat assembler.
Index
> Windows > win64 64 bit source samples, executables Goto page Previous 1, 2, 3, 4, 5, 6, 7 Next |
Author |
|
vid 23 Apr 2006, 10:23
r22: maybe there is some replacement for explorer.exe? there were many for 32bit windoze, written in C so replacement to 64bit shouldn't be THAT hard
|
|||
23 Apr 2006, 10:23 |
|
Garthower 15 May 2006, 10:10
To all: tell please, who used what debuggers for debugging drivers?
|
|||
15 May 2006, 10:10 |
|
Garthower 16 May 2006, 14:51
I have simply thought, that there are any other debuggers, except for these two... It is a pity, that there is no alternative, because at me too only one PC and not money on numega stuff.
About alignment of structures - looking what API and from what DLL you use. For example, if you use ShellExecuteEx from SHELL32. DLL the structure should be aligned 10h. Besides RSP should be multiple 10h too... One week ago I have spent one hour for finding-out of this problem while a debugger has not entered into a code most API and have not seen, that for zeroing a stack is used command SSE MOVDQA. I think, in the future we are still with more many opening with this OS, as pleasant, and not so |
|||
16 May 2006, 14:51 |
|
Feryno 17 May 2006, 05:38
There were more APIs in release canditates of win64 than todays.
I wonder the method how win64 patch movdqa - this is transparent for executing exe program - program cause exception, win64 replace movdqa with movdqu and resume exe program. Instruction stays patched until you reboot OS. If you run program before this in debugger, debugger stops at this instruction in API (in DLL). If you then execute program outside debugger, win64 patches instruction and you notice anything in debugger until reboot. drivers debugging I don't know why windbg needs 2 connected PC. For debugging drivers loaded when OS boots - before loading graphics card drivers, of course this is the only way to send informations e.g. through COM port by small routine in kernel. But debugging drivers after switching into graphics mode... why is this so big problem to simply catch kernel exception and notice user sitting in front of monitor connected to this PC ? If I know how to catch kernel exceptions, then I'll add kernel debugging into fdbg, but today I think this is too complicated for me to do because I don't know how to do it. Please don't take my advices as 100%, I never debugged any driver, everything here are my deductions only. Please download the latest version of windbg and manuals again... The win64 debuggers know to me: ms windbg - free numega softice - commercial, very expensive for assembler fans maybe IDA (interactive disassembler) - has debugger, but I don't know if not for i386 only - commercial, very expensive for assembler fans fdbg - free... and very small |
|||
17 May 2006, 05:38 |
|
peter 02 Jun 2006, 03:05
Hope this will be useful for someone: Calling Convention for x64 64-Bit Environments paper from Microsoft:
http://msdn.microsoft.com/library/en-us/Kernel_d/hh/Kernel_d/64bitAMD_6ec00b51-bf75-41bf-8635-caa8653c8bd9.xml.asp It also contains information about exception handling. |
|||
02 Jun 2006, 03:05 |
|
Feryno 02 Jun 2006, 09:18
in projects and ideas section
http://board.flatassembler.net/topic.php?p=39504#39504 direct editing by clicking on ListViews (easier than through Menu->Change->...) moving ListViews with rat by some ugly array of pressing and releasing shift and left rat's paw, see !_news.txt I have an idea how to resize ListViews with rat move, I'am going to try it. I haven't tried MDI child windows yet... I have 1024x768 resolution (old monitor). If every ListView have its own win, they don't fit into this small screen (wasted space with win titles used only for move win). In case of win titles, decreasing of font size and ListView sizes is necessary, and font size is already small enough... 0 and D differ badly (D is as 0 - dif is only 1 pixel in left up corner). And there are people with screen resolution even smaller than 1024x768. I hope once you rearrange ListViews, you need to reaarange them rarely only. Thanx Peter for link ! I think, a driver will be necessary for interact with ring0 drivers and their exceptions from fdbg running in user mode ring3 |
|||
02 Jun 2006, 09:18 |
|
MazeGen 02 Jun 2006, 10:17
peter, that link is outdated. Final release of those documents are here:
http://msdn2.microsoft.com/en-us/library/7kcdt6fy.aspx |
|||
02 Jun 2006, 10:17 |
|
peter 02 Jun 2006, 13:34
Thank you, MazeGen! Updated version is far better; finally, they clarified Floating-Point Support in Win64 (the earlier version said floating point was not supported at all).
|
|||
02 Jun 2006, 13:34 |
|
Feryno 23 Jun 2006, 11:33
Out of topic, but Vista 64 beta is for free download. A lot of people have AMD64 and run win32 on it and don't want to waste extra money on win64. If they don't mind downloading of 4 GB and spending 20 GB free partition, let try it !
(a bit wasting hardware/software resources for run 2-3 kB assembler app...) http://www.microsoft.com/windowsvista/getready/preview.mspx Download demand has already decreased to the level when downloading is possible. |
|||
23 Jun 2006, 11:33 |
|
lilljocke 27 Jun 2006, 22:44
Hi i have just installed a Windows XP 64 Bit Edition on my computer and i'm quite disepointed becouse olly stops in NTDLL all the time and i can not code Win 64 apps i don't use FASM but does someone know where i can find ml64.exe i think it is a compiler to MASM 64 bit
|
|||
27 Jun 2006, 22:44 |
|
MazeGen 28 Jun 2006, 06:37
lilljocke, you can't use OllyDbg for debugging 64-bit apps since it is 32-bit debugger only.
As for ml64.exe, you can get version 8.00.40310.49 for free with DDK or PSDK. Too bad, this version is still very buggy. Newest version 8.00.50727.42 is included in VS2005. You can get free evaluation version here: http://www.microsoft.com/emea/msdn/visualstudio/getthetrials/ edit: The newest version fixes some important bugs, but there are still some annoying issues. I don't want to discuss more here since it is FASM forum. Note that MASM is not included in VS2005 Express, which is completely for free. If you have more questions about ml64, you should go to specialized subforum: http://www.masm32.com/board/index.php?board=43.0 Last edited by MazeGen on 28 Jun 2006, 10:47; edited 1 time in total |
|||
28 Jun 2006, 06:37 |
|
Feryno 28 Jun 2006, 08:48
Hello lilljocke and welcome in 64-bit world !
Quick rules for coding: params in rcx, rdx, r8, r9, [rsp+8*4], [rsp+8*5], [rsp+8*6], ... [rsp+...] structures porting from win32 - handles, memory pointers are qwords and must be aligned 8 sample: something0 db ? times 7 db ? ; padding handle dq ? something1 dd ? dd ? ; padding mem_pointer dq ? allways keep rsp aligned 16 (because win64 grabs values from stack with movdqa xmm... sometimes) so prolog's samples: exe_entry_point: sub rsp,8*(4+1) ; or 4+3, 4+5, 4+7, ... ; this leave 4 qwords [rsp+8*0]...[rsp+8*3] for API use - never use this 4 qwords for your things because API may use and destroy them ! exe_entry_point_sample_1: push rbx ; save rbx and align stack 16 sub rsp,8*(4+0) ; reserve 4 qwords of stack for API prologue_sample_2: push rcx push rdx push r8 push r9 sub rsp,8*(4+3); reserve 4 qw for API, 3 for us and align stack 16 ; use 4+3 even you need only 2 qwords becase subtracting nonparity power of 8 make stack aligned 16 - rsp is nonparity power of 8 at exe entry point and procedure start Back 32-bit compactibility isn't perfect (WOW64), especially win32 debuggers hang when debugging win32 apps (TD32, GoBug) Debuggers for true win64 apps: windbg free for DL from microsoft, IDA (terrible expensive), fdbg from Projects and ideas section (include sources - huge and not much clear for start coding, but better than nothing). Compilers: I suggest FASM because none of bugs and miscompiled instructions (I checked every instruction during developping disasm engine of fdbg, then I checked compiled instruction with 2 different manuals, windbg, biew - biew had a lot of misdissassmebled, windbg a bit in SSE/SSE2/SSE3). Jeremy Gordon reported to me a few of misassembled instructions in win64 MASM (ml64.exe), some of them are very common and often used, but they should have been fixed already... (but you know the speed of ms fixing) The highest disadvantage of MASM is necessity of about 30 MB of libs (kernel32.lib, user32.lib, ... for link files). Size of FASM with macros and structures is much smaller. I got MASM64 by ordering DDK (price was 1 US $ only, but shipping was about 10-20 US $, paid by credit card, delivered fast in about 5-7 days). Try download file like asm_amd64_win64.zip from my homepage, ml64.exe, link.exe, kernel32.lib, user32.lib are there, but are about 3 years old). If you are interested, I'm able to try to find newer (about 1-1,5 years old) in my home PC and send them to you. Don't hesitate to ask question to prevent wasting a lot of time to find solutions. I have got some basic experiences but it costed a lot of time (a lot of debugging to find how to translate structures from win32 into win64, howto put and get params, unexpected behaviour when rsp not aligned 16...) |
|||
28 Jun 2006, 08:48 |
|
vid 28 Jun 2006, 09:46
Quote: times 7 db ? ; padding rather use "align 8", it's more readable and more straightforward. also i remember MazeGen mentioned MASM64 is too buggy to be usable, i will point him here to describe it more deeply, when he is online. |
|||
28 Jun 2006, 09:46 |
|
MazeGen 28 Jun 2006, 11:02
Feryno, the Windows DDK can be downloaded for free, no need to order and pay something. And I'm sure the DDK doesn't contain older version than 1 year old.
|
|||
28 Jun 2006, 11:02 |
|
MazeGen 28 Jun 2006, 11:13
And one important thing, both FASM and GoAsm doesn't support x64 exception handling. If your code doesn't contain exception frames and an exception arises, windows kill silently your app without any crash informations so you can't trace up your bug.
|
|||
28 Jun 2006, 11:13 |
|
vid 28 Jun 2006, 12:56
MazeGen: it can (and should!) be solved by "proc" macros
|
|||
28 Jun 2006, 12:56 |
|
MazeGen 29 Jun 2006, 06:41
vid: yeah, now just find somebody who knows x64 exception handling and whois able and disposed to do that.
|
|||
29 Jun 2006, 06:41 |
|
Feryno 03 Jul 2006, 12:40
I played a bit with exception handling and I did something, but not everything what I expected.
1. Installing exception handler - no problemo... (1 API with 2 params) 2. Using handler procedure input - no problemo... (displaying type of exception, address of opcode causing exception, exception flag continuable/noncontinuable) 3. End of exception handler - I don't know how to skip instruction and continue execution. There isn't problem to jump to safe place in app or to call ExitProcess. I had a dream about simple skipping of instruction which caused exception, but it stays in phase of dream jet. You need to terminate a00.exe by kill it (Task manager). I added option 'Ignore exception' (= pass it to app exception handler instead of debugger handler) into fdbg latest version: http://board.flatassembler.net/topic.php?p=40817#40817 For Vista Beta2 x64 players: It is beta jet, and if you don't want to change boot manager - My method of installing and booting: 1. create floppy boot disk to boot winxp (for safe) 2. prepare primary partition with 20 GB or more 3. set 20 GB partition active (this makes Vista installer to install its new OS boot manager into this partition and preserves changes of previous loader which isn't on newly activated partition) 4. install Vista into 20 GB 5. create vista floppy boot disk (for safe) 6. save partition records 7. set winxp partition active 8. boot into winxp and add boot menu into boot.ini see attached file for utils and ideas for 1., 5., 6., 8. in 3. and 7. you should need other OS, like Linux of floppy with freeDOS edit 2011-11-30 deleted the attachment vista_sectors_boot.zip because of quota limit
Last edited by Feryno on 30 Nov 2011, 12:10; edited 1 time in total |
|||||||||||
03 Jul 2006, 12:40 |
|
Garthower 04 Jul 2006, 08:11
Hi.
I have a problem with resources in PE64. As by means of the macroowls who are being delivery FASM to dialogue it's impossible to appoint a class, I used purposes for section of resources from a file using "section '.rsrc ' resource from ' myfile.res' ". In PE32 all works, but in PE64 function CreateDialogParam returns a mistake " Resource not found ". I used this sources: File SignForm64.RC: Code: 1 ICON "SignForm64.ico" SignFormat64 DIALOG 0, 0, 388, 162 STYLE DS_MODALFRAME | DS_3DLOOK | DS_CONTEXTHELP | WS_POPUP | WS_CAPTION | WS_SYSMENU | WS_MINIMIZEBOX CLASS "SignatureFormat64" CAPTION "" FONT 8, "MS Serif" { CONTROL "Close",6, "button", BS_PUSHBUTTON | BS_CENTER | WS_CHILD | WS_VISIBLE | WS_TABSTOP, 332, 145, 50, 14 } ASM Source: Code: format PE64 GUI ..... include 'struct.inc' struct WNDCLASSEX cbSize dd ? style dd ? lpfnWndProc dq ? cbClsExtra dd ? cbWndExtra dd ? hInstance dq ? hIcon dq ? hCursor dq ? hbrBackground dq ? lpszMenuName dq ? lpszClassName dq ? hIconSm dq ? ends ..... invoke CreateDialogParam,[wc.hInstance],DlgName,0,0,0 ..... section '.data' data readable writeable ..... DlgName db 'SignFormat64',0 ClassName db 'SignatureFormat64',0 wc_start: wc WNDCLASSEX wc_end-wc_start,CS_HREDRAW or CS_VREDRAW,/ WndProc,0,0,0,0,0,COLOR_WINDOW,0,ClassName,0 wc_end: ..... section '.rsrc' resource from 'SignForm64.res' To compile .RC file I used GoRC v.0.90.0 beta, to compile ASM source I user FASM v.1.67.3. Perhaps, somebody will prompt, where is a bug and in what it? |
|||
04 Jul 2006, 08:11 |
|
Goto page Previous 1, 2, 3, 4, 5, 6, 7 Next < Last Thread | Next Thread > |
Forum Rules:
|
Copyright © 1999-2024, Tomasz Grysztar. Also on GitHub, YouTube.
Website powered by rwasa.