Author Topic: show all registers on radasm?  (Read 3439 times)

mdrx

  • Regular Member
  • *
  • Posts: 7
show all registers on radasm?
« on: June 14, 2015, 07:03:56 AM »
my friends;

sorry for my bad english, i have a question about radasm. i searched it on google and in this forum but i couldn't solve. the question is: how can i show all registers during debugging on radasm? radasm has show only 32bit registers but i want to see all 8 bit, 16 bit, Flag, Pointer registers. is that possible?

example screen: http://i.hizliresim.com/rQaD4V.png

not: i am a human, i swear :)
« Last Edit: June 14, 2015, 08:04:54 AM by mdrx »

jj2007

  • Member
  • *****
  • Posts: 7667
  • Assembler is fun ;-)
    • MasmBasic
Re: show all registers on radasm?
« Reply #1 on: June 14, 2015, 07:20:38 AM »
Welcome to the forum :icon14:

The registers are shown in hexadecimal notation, e.g.
eax 760E494F

al is the last 2 digits, 4F
ah is 49
ax is 494F
etc...

If you prefer decimal notation, the deb macro is an option:

include \masm32\MasmBasic\MasmBasic.inc      ; download
  Init
  deb 4, "Some registers", eax, ax, ah, al, ecx, cx, ch, cl, xmm0, xmm1, ST(0), ST(1)
  Exit
end start

mdrx

  • Regular Member
  • *
  • Posts: 7
Re: show all registers on radasm?
« Reply #2 on: June 14, 2015, 11:48:00 AM »
dear @jj2007, thank you very much for your politeness,
i understand, but is possible that see other registers? like eflags (even data registers or the contents of the data registers)

jj2007

  • Member
  • *****
  • Posts: 7667
  • Assembler is fun ;-)
    • MasmBasic
Re: show all registers on radasm?
« Reply #3 on: June 14, 2015, 06:21:31 PM »
dear @jj2007, thank you very much for your politeness,
i understand, but is possible that see other registers? like eflags (even data registers or the contents of the data registers)

In case you mean global or local variables with "data registers", yes, that is possible. Flags can also be shown, see example below.

include \masm32\MasmBasic\MasmBasic.inc      ; download
.data
MyDword      dd 123456789
MyR8      REAL8 1234567.890123456789

  SetGlobals My$="Hello World"
  SetGlobals int a1=111, a2=222, a3=333

  Init
  or eax, -1      ; set sign flag (as an example)
  deb 4, "Important flags", flags
  deb 4, "All flags", FLAGS
  mov esi, My$
  fldpi      ; put something on the FPU
  mov eax, MyDword
  movd xmm0, eax
  movlps xmm1, MyR8
  fld1
  deb 4, "Variables etc", ST(0), ST(1), eax, $esi, $My$, a1, a2, a3, MyDword, MyR8, xmm0, f:xmm1
  Exit
end start

Output:
Important flags flags:          czSo   <<<< set flags in uppercase, cleared flags in lowercase
All flags       FLAGS:          cPazStIdo

Variables etc
ST(0)           1.000000000000000000
ST(1)           3.141592653589793238
eax             123456789
$esi            Hello World
$My$            Hello World
a1      111
a2      222
a3      333
MyDword         123456789
MyR8            1234567.890123457
xmm0            123456789
f:xmm1          1234567.890123457


Note:

- a $ prefix as in $esi above displays the memory pointed to by the variable. This works even if esi is zero or below 127: deb will complain <not a pointer> but there will be no crash

- since the content of xmm regs can be interpreted as integer or real, you need the f:xmm1 prefix to show them as real8.

- the first argument, 4 in the examples above, determines how to show the output:
0...3  messageboxes (for use in loops, they can be cancelled individually, i.e. you can cancel deb 2 but deb 1 will continue showing)
4     console output
5     write to file
6 and higher  show output maximal n times (for use in loops)

- usedeb=0 (somewhere above the deb) disables any code generation; recommended when debugging with Olly, and for the release version of course
- usedeb=16 forces hexadecimal output
- usedeb=2 forces binary output
- usedeb=1 (default) means decimal output; you can show individual variables as hex with e.g. x:eax or x:xmm0, or as binary with e.g. b:eax

dedndave

  • Member
  • *****
  • Posts: 8746
  • Still using Abacus 2.0
    • DednDave
Re: show all registers on radasm?
« Reply #4 on: June 14, 2015, 11:39:51 PM »
you can put the registers on the stack, then display them
dumping flags and registers is fairly simple....
Code: [Select]
        INCLUDE \masm32\include\masm32rt.inc

        .CODE

_main   PROC

    xor     eax,eax                ;sets flags as if ZERO
    mov     eax,1
    mov     ecx,2
    mov     edx,3
    mov     ebx,4
    mov     ebp,6
    mov     esi,7
    mov     edi,8
    call    DumpRegsD

    inkey
    exit

_main   ENDP

DumpRegsD PROC

    pushfd                         ;EFlags on stack
    pushad                         ;Registers on stack, EAX, ECX, EDX, EBX, ESP, EBP, ESI, EDI
    mov     ebp,esp

    print   chr$("   EAX = ")
    print   uhex$([ebp+28]),13,10

    print   chr$("   EBX = ")
    print   uhex$([ebp+16]),13,10

    print   chr$("   ECX = ")
    print   uhex$([ebp+24]),13,10

    print   chr$("   EDX = ")
    print   uhex$([ebp+20]),13,10

    print   chr$("   ESI = ")
    print   uhex$([ebp+4]),13,10

    print   chr$("   EDI = ")
    print   uhex$([ebp]),13,10

    print   chr$("   EBP = ")
    print   uhex$([ebp+8]),13,10

    print   chr$("   ESP = ")
    print   uhex$([ebp+12]),13,10

    print   chr$("EFlags = ")
    print   uhex$([ebp+32]),13,10,13,10

    popad
    popfd
    ret

DumpRegsD ENDP

        END     _main

attached is a PNG image of the EFlag bits...

mdrx

  • Regular Member
  • *
  • Posts: 7
Re: show all registers on radasm?
« Reply #5 on: June 19, 2015, 07:36:51 AM »
thank you very much. i think (i hope) understand.
dear @jj2007 please dont't be in a huff but i hate basic syntax. it's so ugly and doesn't benefit to the assembly. may be it's eaiser but even so it's not my style :)

jj2007

  • Member
  • *****
  • Posts: 7667
  • Assembler is fun ;-)
    • MasmBasic
Re: show all registers on radasm?
« Reply #6 on: June 19, 2015, 10:04:20 AM »
i hate basic syntax. it's so ugly

Your opinion is mainstream, congrats.
Btw nothing of what I posted above has anything to do with basic syntax - but no problem, the important thing is that you already have a style :t