simple source code debuggers

[GoneFishing]

Congratulations!
And how did you like WinDbg?

[dedndave]

great   :t
what are your ML and LINK command lines ?

[flipflop1]

windbg is very complicated and could use a little user friendliness (double click breakpoints on source screen and register values displayed better in more than one format -  took me a while to find the zero flag) but if olly had source code debug then I would be straight there it just seems less cluttered and it was alot easier to set up(olly 2 was up in ten minutes)

my args for windbg
ml /Zd /Zi /Zf /coff /c myprog.asm
link /debug /subsystem:windows /debugtype:coff /verbose myprog.obj rsrc.obj >>the rsrc.obj seems to be very important

[dedndave]

thanks for the info
not that i use WinDbg, but it may help others in the future   :t

yes - the resource file can be critical for some programs   :P

[GoneFishing]

It took me a long time to get  acquainted with WinDbg.
But by now  more I learn it more I like it . Though I use Olly sometimes either.
   

took me a while to find the zero flag

Simply type:

Code Select Expand

r zf
or you may set the option when all the registers being changed will appear topmost in the list
or even customize the order of the registers in the list

I'd say WinDbg is  fully customizable and widely extensible

[japheth]

ml /Zd /Zi /Zf /coff /c myprog.asm
link /debug /subsystem:windows /debugtype:coff /verbose myprog.obj rsrc.obj >>the rsrc.obj seems to be very important

Using "/debugtype:coff" is not a good idea. It restricts the symbolic debug info to what may be found in the COFF symbol table - and Masm will only put "global" symbols in this table. If you also want to see and change local variables, don't use this option ( and, additionally, it has been removed in more recent linkers ).

[GoneFishing]

In the MASM32 help Chapter I there's an old good article about debugging with SoftIce.
All ML and Link command lines can be  found there.

[flipflop1]

is soft ice free?

what settings should I use instead of /coff

[GoneFishing]

AFAIK it was not free and it's out of date now. But the article is still useful.
It tells us to use :CV option  ;)
I use it and feel fine

[dedndave]

maybe what we need is a little converter program that creates the right type of symbol files for olly and windbg
i don't suppose the formats are well documented   :P

i hear softice is good, if you can get it

i am a simple guy - if i can see the disassembled asm, i can find my way around
it's not like i am going to spend a lot of time in a debugger (hopefully)
but, for those who are new to asm, it might be nice

[flipflop1]

windbg does not like the cv option as it does not produce a pdb file for the executable

I will play abit to see if it will produce anything

[GoneFishing]

i don't suppose the formats are well documented

Maybe DIA SDK incorporates some docs?

windbg does not like the cv option as it does not produce a pdb file for the executable

My WinDbg likes it 

http://msdn.microsoft.com/en-us/library/aa270751%28v=vs.60%29.aspx

[flipflop1]

ok got it to produce the pdb file however windbg does not like it

I get this

Code Select Expand

Microsoft (R) Windows Debugger Version 6.2.9200.20512 X86
Copyright (c) Microsoft Corporation. All rights reserved.

CommandLine: C:\masm32\prime.exe
Symbol search path is: C:\Symbols;srv*
Executable search path is: srv*
ModLoad: 00400000 00405000   image00400000
*** Unable to resolve unqualified symbol in Bp expression 'start' from module 'ntdll.dll'.
*** Unable to resolve unqualified symbol in Bp expression 'MAIN' from module 'ntdll.dll'.
*** Unable to resolve unqualified symbol in Bp expression 'start' from module 'ntdll.dll'.
*** Unable to resolve unqualified symbol in Bp expression 'mains' from module 'ntdll.dll'.
*** Unable to resolve unqualified symbol in Bp expression 'main' from module 'ntdll.dll'.
ModLoad: 77710000 77890000   ntdll.dll
*** Unable to resolve unqualified symbol in Bp expression 'start' from module 'C:\Windows\syswow64\kernel32.dll'.
*** Unable to resolve unqualified symbol in Bp expression 'MAIN' from module 'C:\Windows\syswow64\kernel32.dll'.
*** Unable to resolve unqualified symbol in Bp expression 'start' from module 'C:\Windows\syswow64\kernel32.dll'.
*** Unable to resolve unqualified symbol in Bp expression 'mains' from module 'C:\Windows\syswow64\kernel32.dll'.
*** Unable to resolve unqualified symbol in Bp expression 'main' from module 'C:\Windows\syswow64\kernel32.dll'.
ModLoad: 76c00000 76d10000   C:\Windows\syswow64\kernel32.dll
*** Unable to resolve unqualified symbol in Bp expression 'start' from module 'C:\Windows\syswow64\KERNELBASE.dll'.
*** Unable to resolve unqualified symbol in Bp expression 'MAIN' from module 'C:\Windows\syswow64\KERNELBASE.dll'.
*** Unable to resolve unqualified symbol in Bp expression 'start' from module 'C:\Windows\syswow64\KERNELBASE.dll'.
*** Unable to resolve unqualified symbol in Bp expression 'mains' from module 'C:\Windows\syswow64\KERNELBASE.dll'.
*** Unable to resolve unqualified symbol in Bp expression 'main' from module 'C:\Windows\syswow64\KERNELBASE.dll'.
ModLoad: 75550000 75597000   C:\Windows\syswow64\KERNELBASE.dll
(14cc.1120): Break instruction exception - code 80000003 (first chance)
eax=00000000 ebx=00000000 ecx=c1870000 edx=0008e3c8 esi=fffffffe edi=00000000
eip=777b0fab esp=0018fb08 ebp=0018fb34 iopl=0         nv up ei pl zr na pe nc
cs=0023  ss=002b  ds=002b  es=002b  fs=0053  gs=002b             efl=00000246
ntdll!LdrpDoDebuggerBreak+0x2c:
777b0fab cc              int     3


[dedndave]

you can download the symbol package appropriate for your version of windows
http://msdn.microsoft.com/en-us/windows/hardware/gg463028

as far as the path goes, that is probably a matter of setting an environment variable
or, using a switch on the command line to override the default search path

... or use C:\Symbols   

[flipflop1]

ive double checked my symbols they are correct but im also set up for svr* as well so if it had problems it would download new symbols it was working with coff setting earlier almost but just tried olly 1 and it now works like a dream so problem solved I think :icon_eek: