Taking care of the prerequisites to create my first program without VS

[RedSkeleton007]

I no longer care about using Irvine or Visual Studio. Screw Visual Studio. KILL Visual Studio!

That being said, lets begin

I'm an absolute beginner. My first priority is learning how to properly use basic op-codes. That being said, hutch--, I appreciate your neat print out code here:  https://masm32.com/board/index.php?msg=54890
But it's a little too advanced for me right now. Visual Studio did such a nice job displaying everything by calling Dumpregs, and I was expecting something similar to happen by following dedndave's instruction here:

dowload OllyDbg - as i recall, installation is merely a matter of creating a folder and placing the program in it

you want to make Olly the "default just-in-time" handler
if you open Olly, there is an Options menu
under Debugging, Just-in-time - Set OllyDbg button
it takes care of it for you, and saves previous settings if you want to reverse it

now, any program that generates an exception will cause Olly to pop up
we generally insert

Code Select Expand

    int     3into the code where we want execution to generate an exception

And I added the

Code Select Expand

int 3 into the MyTest.asm file:

Code Select Expand

include \masm32\include\masm32rt.inc

.data
MyArray dd 25, 18, 23, 17, 9, 2, 6
HelloW$ db "Hello World", 0

.code
start:
  xor ebx, ebx ; set two non-volatile
  xor esi, esi ; registers to zero
  .Repeat
add esi, MyArray[4*ebx]
inc ebx
  .Until ebx>=lengthof MyArray
  MsgBox 0, cat$(str$(esi), " is the sum"), offset HelloW$, MB_OK

int 3
  exit

end start
But none of Olly's features happened like he promised. Any suggestions?

Fixed link above, originally it opened a "quote" editor window.

[GoneFishing]

I'd recommend you to use VKDEBUG .
QEDITOR -> Help -> vkDebug
Read it .
All you need to start using it is :

Code Select Expand


include  \masm32\include\debug.inc
includelib \masm32\lib\debug.lib
Now you may want to find out which function dumps the contents of CPU to DbgWin  and try it .

[jj2007]

Now you may want to find out which function dumps the contents of CPU to DbgWin  and try it.

deb is more powerful*), and easier to use. Anyway, DbgWin commands are described in \Masm32\help\VKDebug.chm

However, Olly would be much more helpful, therefore: What exactly doesn't work with Olly?
- do you have the file \Masm32\OllyDbg\ollydbg.exe ?
- when you start Olly, and open the exe produced with qEditor, what do you see?

Below is a screenshot of Olly. This is what you should see if you followed the instructions.

*) same program using deb:

Code Select Expand

include \masm32\MasmBasic\MasmBasic.inc
; include \masm32\include\masm32rt.inc

.data
MyArray dd 25, 18, 23, 17, 9, 2, 6
HelloW$ db "Hello World", 0

.code
start:
  xor ebx, ebx ; set two non-volatile
  xor esi, esi ; registers to zero
  .Repeat
deb 4, "adding:  ", MyArray[4*ebx]
add esi, MyArray[4*ebx]
deb 4, "new sum:", esi
inc ebx
  .Until ebx>=lengthof MyArray
  Inkey Str$("The sum is %i", esi), Str$(", and the counter arrived at %i", ebx)
  exit

end start

Output:

Code Select Expand

adding:         MyArray[4*ebx]  25
new sum:        esi             25
adding:         MyArray[4*ebx]  18
new sum:        esi             43
adding:         MyArray[4*ebx]  23
new sum:        esi             66
adding:         MyArray[4*ebx]  17
new sum:        esi             83
adding:         MyArray[4*ebx]  9
new sum:        esi             92
adding:         MyArray[4*ebx]  2
new sum:        esi             94
adding:         MyArray[4*ebx]  6
new sum:        esi             100
The sum is 100, and the counter arrived at 7

[hutch--]

Red,

The trick is not to take on too much in one go, get used to things a bit at a time. The MASM32 library and macro system is there to get you up and going. Once you learn enough you can start to do the fancy stuff. You need to learn the basics of intel mnemonics, the complex addressing mode and the bare minimum of Windows API functions. Just take it a bit at a time and it will all come together. I wrote the 2 simple procedures on register contents so you had a simple and easy to use way of seeing what you registers held. Once you learn the basics you can start on a debugger if you need it but a lot of code can be written before you need to learn a debugger.

[jj2007]

Hutch,

I fully agree that the Masm32 library is the best invention ever after the wheel, but to start learning and understanding assembly, there is nothing simpler than opening an exe in Olly and pressing F8 repeatedly.

[hutch--]

Red,

The trick with the 2 procedures I posted is you don't have to understand them in a hurry, they work as they are by simply calling them. Once you know a bit more you will know what they are doing, both copy all of the registers to some memory based variables, then they are displayed using a couple of different macros, one for console, the other for joining all the results and shown in a message box. Many have tried to start in assembler by trying to learn all of the low level basics but it rarely ever works well as there is so much to start with.

The reason for the MASM32 library and the macro support is because MASM does not have a run time library so one was created to make starting with MASM a lot easier. If you use the runtime library and the macros you will get a lot more code up and running and this will make learning the important stuff like mnemonic coding a lot easier. A lot of API functions are just hack OS code to interact with the OS but direct mnemonic code is where the real action is and its where you get some real speed once you properly understand it.

[dedndave]

that's a big step in the right direction   :t

you will find that the masm32 package is a much faster way to get serious about writing windows-32 code
however, don't discount Kip Irvine's book, altogether
it does a fair job of explaining data types, registers, and instructions
the problem is to be able to take one of Kip's example programs, and convert it to masm32

to understand this "translation", a little background might be helpful....

in the days of 16-bit DOS code, much of the hardware was accessed through software and hardware interrupts
hardware generated physical interrupts that the 8088 "detected", causing specific code to be executed
for example, when a timer interrupt occured, a timer routine in BIOS was executed to update a clock count

software interrupts were "called" by programs using the INT instruction
in most cases, arguments were passed to the interrupts via registers
so, to open a file, for example, you would load AX, CX, and DS:DX with specific values, then INT 21h (DOS function dispatcher)

Code Select Expand

    mov     ah,3Ch               ;INT 21h function number to create a file
    mov     cl,<file attributes>
    mov     dx,offset filename   ;assuming that DS points to the proper data segment
    int     21h

if the function is successful, the INT returns with the carry flag cleared
if there is an error, the carry flag is set, and AX holds the error code
for some functions, values were also returned in other registers

that is old stuff that you really don't want or need to learn
but, i wanted you to see how calls were made
program functions were often written to be called in much the same way
Kip Irvine (and several others) wrote books, based on these methods

when the transition to 32-bit windows code was made, Kip adapted his old code to work in the new world
windows was designed with a whole new set of "rules"
however, the code examples in Kip's book don't obey the new rules
and, that is where the problems begin - lol

enough history lesson
to work with windows, you will want to understand parts of the windows ABI (application binary interface)
the ABI describes many things, like how object modules are linked and so on
it also gives a basic set of rules for how operating system functions are called, and how they return information:

rather than passing arguments in registers, they are passed on the stack
EBX, EBP, ESI, and EDI registers are preserved across calls
EAX, ECX, and EDX are volatile (may be destroyed)
EAX is often used to return a status or result (not the carry flag, like DOS)
(if a function requires more space to return results, it is usually passed the address of a data structure to fill in)
the direction flag is normally left cleared (up direction)
if you set it (down direction) for your code, you should clear it when done
many operating system functions require the direction flag to be cleared prior to call

the key is, that we generally write our own functions to behave the same way - to follow the same rules
that way, they are interchangable with OS functions
in cases where the ABI must be observed, our own functions obey the rules
i think it's correct to say that all of Hutch's functions in the masm32 library follow the ABI rules

that having been said, there are ways to take Kip's examples and make them masm32 compatible
when one of Kip's "WriteXxxxx" functions are called, you can generally replace it with the masm32 "print" macro
understand that Kip's routines pass arguments in registers - and that he has a tendancy to preserve most registers across calls
very different from the windows ABI
what you really want to do is to be able to follow his code to learn instructions
then, know how to make it work in the simpler world of masm32 code   

[RedSkeleton007]

However, Olly would be much more helpful, therefore: What exactly doesn't work with Olly?
- do you have the file \Masm32\OllyDbg\ollydbg.exe ?
- when you start Olly, and open the exe produced with qEditor, what do you see?

I didn't realize I needed to open the MASM32-Editor-produced .exe file in Olly. My bad. I also now understand that pressing F8 steps through (debugs) lines of .asm code one line at a time, kind of like Visual Studio's debugger.

But what exactly was the point of dedndave adding

Code Select Expand

int   3 to the code?

Also, I couldn't see the Flag statuses anywhere in Olly when I ran it (see my attached screen shot, and help me find them please).

NOTE: the .asm code that generated the .exe file used by Olly in the attached screen shot is:

Code Select Expand


include \masm32\include\masm32rt.inc

.data
MyArray dd 25, 18, 23, 17, 9, 2, 6
HelloW$ db "Hello World", 0

.code
start:
  xor ebx, ebx ; set two non-volatile
  xor esi, esi ; registers to zero
  .Repeat
add esi, MyArray[4*ebx]
inc ebx
  .Until ebx>=lengthof MyArray
  MsgBox 0, cat$(str$(esi), " is the sum"), offset HelloW$, MB_OK
  exit

end start


One more thing: can someone please paste the code for a simple .asm template that will output straight to a console window or dialog box automatically when run with MASM32 Editor (instead of outputting a console-dialog-box-hybrid that the code above does)? Thanks again.

[dedndave]

this should answer 2 of the questions/requests

Code Select Expand

;###############################################################################################

        INCLUDE    \Masm32\Include\Masm32rt.inc
        .686p
        .MMX
        .XMM

;###############################################################################################

  ;      .DATA

;***********************************************************************************************

  ;      .DATA?

;###############################################################################################

        .CODE

;***********************************************************************************************

main    PROC

        print   "Hello "

        int     3                      ;generate exception to bring up OllyDbg

        print   "World!",13,10
        inkey
        INVOKE  ExitProcess,0

main    ENDP

;###############################################################################################

        END     main

[jj2007]

But what exactly was the point of dedndave adding

Code Select Expand

int   3 to the code?

Also, I couldn't see the Flag statuses anywhere in Olly when I ran it (see my attached screen shot, and help me find them please).
...
One more thing: can someone please paste the code for a simple .asm template that will output straight to a console window or dialog box automatically when run with MASM32 Editor (instead of outputting a console-dialog-box-hybrid that the code above does)? Thanks again.

- the point of int 3: If you press F9, Olly runs the code until it hits int 3. Useful when your code grows bigger.
- the flags are under the registers in the right panel:

Code Select Expand

C0
P1
A0
Z1
S0


- template:

Code Select Expand

include \masm32\include\masm32rt.inc
.code
start:
  nop
  inkey "hello world"
  exit
end start

[dedndave]

this is a picture of the Olly window when my little program above is executed
circled in red is the EFL (EFlags) register

notice that Olly came up when the INT 3 was executed

[RedSkeleton007]

circled in red is the EFL (EFlags) register

Thanks, but I was looking for Status Flags. Also, why doesn't the number in Olly's EDX register (attached screen shot image) match the prediction comment in my code:

Code Select Expand


include \masm32\include\masm32rt.inc
.data
val1 WORD 1000h
val2 WORD 2000h
.code
start:

; Demonstrate MOVZX instruction:
    mov bx,0A69Bh
    movzx eax,bx ; EAX = 0000A69Bh
    movzx edx,bl ; EDX = 0000009Bh predicted value
    movzx cx,bl  ; CX = 009Bh
  nop
  ; inkey "hello world"
  ; inkey EDX
  exit
end start

Also, how do you display attached images between text and stuff, inline with posts?

[jj2007]

I was looking for Status Flags.

These are the status flags.

Also, why doesn't the number in Olly's EDX register (attached screen shot image) match the prediction comment in my code

Because you forgot to hit F8 until you reach the point of your prediction.

[RedSkeleton007]

Ready to have some fun? The questions are in the comments of the following code:

Code Select Expand


include \masm32\include\masm32rt.inc
.data
val1 WORD 1000h
val2 WORD 2000h
strDuke BYTE "Duke Nukem" ; should be 10 bytes, right?
.code
start:

; Lets find out what inkey can do:
    inkey strDuke ; when run, this statement causes the program to crash. Why?
    inkey "It's time to kick ass and chew bubble gum..."
    mov eax,SIZEOF strDuke

; Lets also try out xchg:
    mov si,val1 ; SI = 1000h
    xchg si,val2 ; SI = 2000h, val2 = 1000h
    mov val1,si ; SI = 2000h
    ; NOTE: SI is from the extended source index register ESI
   
  nop ; what is nop supposed to do?
 
  inkey "and I'm all out of gum."
  exit
end start

Also, in the attached screen shot, despite hitting F8 as many times as Olly let me, the value in register SI (of ESI) stayed the same 00000000. Why?

[jj2007]

Which book are you using? "The Art of Spoon-Feeding"?