News:

Masm32 SDK description, downloads and other helpful links
Message to All Guests
NB: Posting URL's See here: Posted URL Change

Main Menu

MASM32 debug of Windows exe

Started by bullcriss, May 10, 2019, 06:37:01 PM

Previous topic - Next topic
Print
Go Down Pages1 2
User actions

bullcriss

May 10, 2019, 06:37:01 PM
Hello friends,

I have Windows 7 and have installed MASM32
Microsoft (R) Macro Assembler Version 6.14.8444

With it I have successfully created applications that run perfectly in Windows 7.

Now I want to use a debugger and I decided to use X64DBG.
I have downloaded and installed it and it runs ok but it does not show the source code of the program I am debugging.

I am sure I have compiled the program with the proper flags for assembler :
/c /coff /Cp /nologo /Fm /Zi /Zd
and linker :
/SUBSYSTEM:WINDOWS /DEBUG /VERSION:4.0

In the log tab of x64dbg I can see this :
QuoteInitialization successful!
Loading plugins...
Handling command line...
  "C:\x64dbg\release\x32\x32dbg.exe" "C:\ASMPROJECTS\TESTWIN\TESTWIN.exe"
Debugging: C:\ASMPROJECTS\TESTWIN\TESTWIN.exe
Database file: C:\x64dbg\release\x32\db\TESTWIN.exe.dd32
Process Started: 00400000 C:\ASMPROJECTS\TESTWIN\TESTWIN.exe
  "C:\ASMPROJECTS\TESTWIN\TESTWIN.exe"
  argv[0]: C:\ASMPROJECTS\TESTWIN\TESTWIN.exe
Skipping unsupported debug type IMAGE_DEBUG_TYPE_MISC in module testwin.exe...
Skipping unsupported debug type IMAGE_DEBUG_TYPE_CODEVIEW in module testwin.exe...
Did not find any supported debug types in module testwin.exe!

Which seems to inform about a problem with DEBUG TYPE.

I have this problem also with a basic asm program like this :
Code Select

.386
.model flat, stdcall
option casemap:none

include    \masm32\include\windows.inc
include    \masm32\include\kernel32.inc
include    \masm32\include\user32.inc
includelib \masm32\lib\user32.lib
includelib \masm32\lib\kernel32.lib

.data
MyBoxTitle  db  "A Simple Little Message Box !",0
MyBoxText   db  "This is just a 'Message Box', not even a real 'window', but it's made with Masm32 Assembly code!",0

.code
MyMsgBox:
    invoke  MessageBox, 0, ADDR MyBoxText, ADDR MyBoxTitle, MB_OK
    invoke  ExitProcess,0
end MyMsgBox

Can anyone help me ?
Thank you in advance for your help!
BC

jj2007

#1
May 10, 2019, 06:57:42 PM
X64Dbg is for 64-bit code. Try OllyDbg, the interface is simpler but almost identical.

P.S.: Sorry, I just see that you use x32dbg.exe. Try to use only /debug for the linker (it works for me).

bullcriss

#2
May 10, 2019, 07:37:12 PM
Yes X64DBG has a 32 bit version.
I tried setting just
/DEBUG
in the linker options but when I link the application I get the following error:
Quote\Masm32\Bin\Link @"C:\ASMPROJECTS\TESTWIN\link.war"

Microsoft (R) Incremental Linker Version 5.12.8078
Copyright (C) Microsoft Corp 1992-1998. All rights reserved.

/DEBUG "/LIBPATH:\Masm32\Lib" "C:\ASMPROJECTS\TESTWIN\TESTWIN.obj" "/OUT:C:\ASMPROJECTS\TESTWIN\TESTWIN.exe"
LINK : fatal error LNK1221: a subsystem can't be inferred and must be defined

Make finished. 1 error(s) occured.

Do you use MASM 6.14 too?

UPDATE:
with linker settings
/DEUG /SUBSYSTEM:WINDOWS
The error is fixed but the source is not available in x64dbg...

UPDATE 2:
I've also tried using ollydbg, both version 1 and 2, and neither show the source code, just like x64dbg...  :icon_redface:

fearless

#3
May 10, 2019, 07:54:11 PM
Code Select
/SUBSYSTEM:WINDOWS /DEBUG /DEBUGTYPE:CV /PDB:"filename.pdb" /VERSION:4.0 /LIBPATH:"x:\path to lib files" /OUT:"filename.exe" filename.obj filename.res

I'm using a newer linker version (Microsoft (R) Incremental Linker Version 12.00.31101.0) than the default one that comes with masm32 (Microsoft (R) Incremental Linker Version 5.12.8078)

http://masm32.com/board/index.php?topic=7444.msg85501#msg85501

jj2007

#4
May 10, 2019, 08:03:25 PM
Quote from: bullcriss on May 10, 2019, 07:37:12 PMwith linker settings
/DEBUG /SUBSYSTEM:WINDOWS
The error is fixed but the source is not available in x64dbg...

Yes, I forgot /Subsystem, of course. Re symbols, no idea what's wrong there: No symbols with x32Dbg.exe, and I don't see anything relevant in the options. Same exe with OllyDbg shows all symbols...

Btw use polink, it's included in the Masm32 SDK and produces correct symbols.

bullcriss

#5
May 10, 2019, 08:36:27 PM
Thank you, I tried all the options you suggested, and I also tried to download previous versions of x64dbg, but no success.

At this point my main doubt is about the version of MASM32 that I'm using, with the included linker.

I've tried downloading MASM 8.0 SDK from Microsoft's website but the installer aborts with the error :
Microsoft Visual C++ Express Edition 2005 required

So now I have to find out how to dowload that one...

fearless

#6
May 10, 2019, 08:55:45 PM
Im using Microsoft (R) Macro Assembler Version 6.14.8444
I bundled up the v12 ms link/lib etc here: https://github.com/mrfearless/libraries/blob/master/Masm64/mslinkv12.zip?raw=true

jj2007

#7
May 10, 2019, 10:01:19 PM
With UAsm64 and polink (already included in the Masm32 SDK), options

/Zd /Zi /Zf for the assembler
/debug /Subsystem:console for the linker

... OllyDbg shows all symbols. The problem seems to be x32Dbg 8)

@fearless: No symbols with the link v12 from your archive.

bullcriss

#8
May 10, 2019, 10:03:01 PM
I copied the files in the zip from your link into my masm32\bin folder, overwriting the already existing files.
What I get now from the linker is :
Quote\Masm32\Bin\Link @"C:\ASMPROJECTS\TESTWIN\link.war"

Microsoft (R) Incremental Linker Version 12.00.31101.0
Copyright (C) Microsoft Corporation.  All rights reserved.

/SUBSYSTEM:WINDOWS /DEBUG /VERSION:4.0 /DEBUGTYPE:CV "/LIBPATH:\Masm32\Lib" "C:\ASMPROJECTS\TESTWIN\TESTWIN.obj" "/OUT:C:\ASMPROJECTS\TESTWIN\TESTWIN.exe"
LINK : fatal error LNK1207: incompatible PDB format in 'C:\ASMPROJECTS\TESTWIN\TESTWIN.pdb'; delete and rebuild

Make finished. 1 error(s) occured.

I want to say thank you very much to everyone for your help, I appreciate it!

UPDATE
I deleted the obj and pdb files and now it links properly but... X64DBG is not showing any errors anymore in the log, about the debug type... STILL, no source code is displayed....

fearless

#9
May 10, 2019, 10:46:43 PM
what build/version of x64dbg are you using?

do you see lines loaded in the symbols log (symbols tab, at the bottom shows pdb info, loading, line info etc)

do you see source code file line numbers in the comments in the cpu view similar to the images shown in this post (http://masm32.com/board/index.php?topic=7444.msg85501#msg85501) - MUIProgressBar.asm:14 etc - for your program i would think it should display Testwin.asm:x in comments, where x is a line no

If the line numbers are not showing then its not loading the pdb (wrong debug format, older x64dbg version, or some other issue)

Can you zip up your test project so i can check it out on my end. Thanks

BugCatcher

#10
May 10, 2019, 10:53:10 PM
The pdf file  format was changed about 6 months ago and x32debug went with the new format. I put new files ml.exe, link.exe and lib.exe version 14.16.27026.1 from visual studio 2017 into masm32\bin dir. I put rc.exe version 10.0.17763.132 from Microsoft kits into masm32\bin. Delete old pdf build new. That should give you source code.

*Also if you didn't know, x64debug doesn't show source code until you step into user code.

TimoVJL

#11
May 10, 2019, 10:55:21 PM Last Edit: May 11, 2019, 02:15:18 AM by TimoVJL
What x64dbg is able to show source ? May 9 2019 don't :(

EDIT: Thank's BugCatcher :t

An old QT4 based x32dbg works a bit better with older linker / pdb.

if you want to force x32dbg.exe to use msdia140.dll, make a copy of x32dbg.exe and add to it's manifest
Code Select
  <file name="msdia140.dll">
    <comClass clsid="{E6756135-1E65-4D17-8576-610761398C3C}" />
  </file>
May the source be with you

bullcriss

#12
May 10, 2019, 11:20:54 PM
what build/version of x64dbg are you using?


The last one, Mag 9 2019.

do you see source code file line numbers in the comments in the cpu view similar to the images shown in this post (

When I start debugging TESTWIN, I get this :
https://i.vgy.me/Boz2Vc.png

do you see lines loaded in the symbols log (symbols tab, at the bottom shows pdb info, loading, line info etc)

This is the symbols tab:
https://i.vgy.me/dLizKI.png
And I just noticed there are some error messages regarding the PDB....

Can you zip up your test project so i can check it out on my end. Thanks

I attached the TESTWIN project... :icon_confused:

fearless

#13
May 10, 2019, 11:35:16 PM
ok i adjusted the WinAsm project properties debug settings and recompiled it. Also untick in x64dbg the system breakpoint (Options->Settings->Events-System Breakpoint), keep attach and entry breakpoints - that way it wont stop in the middle of ntdll.dll and will stop at the entrypoint.


Once at entrypoint, highlight a line that has source code line number in it, right click and select open source file.





aw27

#14
May 11, 2019, 02:03:30 AM
I see that fearless x32dbg has a side bar with an option "Open Source File". I don't have it, is it some plugin?.
I noticed that fearless has a few plugins on the x32/64dbg website.

BTW, frequently, Windbg does not start the source code debugging unless we open the source file. Probably the same happens with x32dbg.
Print
Go Up Pages1 2
User actions