I am debugging some code, but the MessageBoxes are intereferring with finding out what it's doing in Olly.
I put in some int 3's, but it passes them up.
Tried setting break points as well.
i sometimes use the Beep function - just to let me know a certain section of code executed
if you are using vista, Beep doesn't work, but there is MessageBeep
very few forum members use vista - lol
INVOKE Beep,800,40
in some cases, several passes on the beep occur
so, i put some dead space in between them
INVOKE Beep,800,40
INVOKE Beep,30000,40
you could also use Sleep :P
and, of course, you can use different tones in different places
another thing i find handy, if you need to see some kind of value or string, is a status bar :t
i can fix most problems without the use of a debugger
here is a little rountine that uses Beep to send numbers 0 to 9 in morse code :biggrin:
binary 0 to 9 in AL....
MorseNum PROC
;sends morse code representing a number from 0 to 9
MorseTime = 90
and eax,0Fh
cmp al,9
ja Morse8
push ebx
push esi
push edi
mov ebx,eax
mov esi,5
mov edi,10
cmp bl,5
jbe Morse0
mov bl,bh
Morse0: sub edi,eax
cmp edi,4
jbe Morse1
xor edi,edi
Morse1: sub esi,ebx
sub esi,edi
or ebx,ebx
jz Morse3
Morse2: INVOKE Beep,750,MorseTime
INVOKE Beep,32000,MorseTime
sub ebx,1
jnz Morse2
Morse3: or esi,esi
jz Morse5
Morse4: INVOKE Beep,750,3*MorseTime
INVOKE Beep,32000,MorseTime
sub esi,1
jnz Morse4
Morse5: or edi,edi
jz Morse7
Morse6: INVOKE Beep,750,MorseTime
INVOKE Beep,32000,MorseTime
sub edi,1
jnz Morse6
Morse7: INVOKE Beep,32000,2*MorseTime
pop edi
pop esi
pop ebx
Morse8: ret
MorseNum ENDP
Dave,
I was thinking more on the lines of code that would stop the debugger at certain places.
I'll ask around some more.
Andy
I will try out the morse code routine.
hi Andy
the int 3 (or int3) that you have should do the trick if you have olly installed as the default jit debugger
perhaps the code is never getting to that spot ?
i think if you set a breakpoint in olly, it simply replaces a byte of code with an int3,
then restores the original code byte when the int3 is executed
that is why int 3 has a special single-byte encoding
other int's are 2 bytes :P
As Dave says, INT3 and Breakpoints are the same. If Olly is passing the INT3's that you've inserted in the code then the program flow never gets to them, try single stepping the program from a point close to the section you're interest in to find where its going.
I think that ml.exe took out those 3 nops ?
So I put a marker in there, but it lumped it with the other .data.
I will try jumping over it.
Gotta learn how write some scripts to add to Qeditor. :t
Andy
.IF eax!=INVALID_HANDLE_VALUE
nop
nop
nop
.data
mark db "After CreateFile",0
.code
;int 3
jmp next
place db "Open Sesamee",0
next:
hmmm
didn't know that masm would take out NOP's
maybe you can use
xchg eax,eax
or
db 90h
Quote from: Donkey on December 17, 2012, 09:29:24 AM
As Dave says, INT3 and Breakpoints are the same. If Olly is passing the INT3's that you've inserted in the code then the program flow never gets to them, try single stepping the program from a point close to the section you're interest in to find where its going.
Thanks Edgar.
The single stepping along with the jumping over got me to where I wanted to go.
My program opens the file O.K., now I need to see if my search routine works correctly.
Andy
Hi Andy
To debug a code or procedur of your executable use i a Macro from Shoorick
_deb MACRO
pusha
call IsDebuggerPresent
test eax,eax
popa
jz @F
db 0Ch
@@:
ENDM
Example
.IF eax!=INVALID_HANDLE_VALUE
..anysomthingcode
..
...
_deb
...
..
.anysomthingcode
.data