flat assembler
Message board for the users of flat assembler.

Index > Windows > Viewing register values

Author
Thread Post new topic Reply to topic
Commodity



Joined: 07 Sep 2007
Posts: 3
Commodity
I'm fairly new to FASM but I'm very intrested in it and hope to learn it well. I'm having troubles understanding some of the code and I would really love to see whats going on without over complicating things by installing a large debugger.

I was wondering if anyone could tell me how to: print, output, show or debug the current register values without changing the current program state.


Last edited by Commodity on 07 Sep 2007, 19:35; edited 2 times in total
Post 07 Sep 2007, 15:27
View user's profile Send private message Reply with quote
Commodity



Joined: 07 Sep 2007
Posts: 3
Commodity
I have made a few small changes to example "SEH/Hardware Breakpoint in Win32" to make it easier for me to understand. It does exactly what I wanted now Very Happy

Maybe someone else may want this too so here's the code:

Code:
;Based on "SEH/Hardware Breakpoint in Win32" example by Bryan Power/RedGhost on FASM website

include 'seh_data.inc'
include 'win32ax.inc'

.data

        _title  db 'Debug Data', $0
        _format db 'Exception Info', $D, $A, $D, $A,\
                        'Exception Code:', $9, '0x%X', $D, $A,\
                        'Exception Address:', $9, '0x%X', $D, $A, $D, $A,\
                        'Register Values On Exception', $D, $A, $D, $A,\
                        'eax:', $9, '0x%X', $D, $A,\
                        'ebx:', $9, '0x%X', $D, $A,\
                        'ecx:', $9, '0x%X', $D, $A,\
                        'edx:', $9, '0x%X', $D, $A,\
                        'edi:', $9, '0x%X', $D, $A,\
                        'esi:', $9, '0x%X', $D, $A,\
                        'ebp:', $9, '0x%X', $D, $A,\
                        'esp:', $9, '0x%X', $D, $A,\
                        'eip:', $9, '0x%X', $0
        _buf    rb $100


.code
        start:
                ;start exception handler
                invoke  SetUnhandledExceptionFilter, exception_handler

                ;show debug info
                int3

                ;clear registers
                xor     eax, eax
                xor     ebx, ebx
                xor     ecx, ecx
                xor     edx, edx

                ;show debug info once more
                int3

                invoke  ExitProcess,$0


        exception_handler:
                push  ebp
                mov   ebp, esp
                push  ebx edi

                ; get the EXCEPTION_POINTERS structure
                mov   eax, [ebp+$8]
                mov   ebx, [eax+EXCEPTION_POINTERS.ExceptionRecord]
                mov   edi, [eax+EXCEPTION_POINTERS.ContextRecord]

                ; format the display string
                push  dword [edi+CONTEXT.Eip]
                push  dword [edi+CONTEXT.Esp]
                push  dword [edi+CONTEXT.Ebp]
                push  dword [edi+CONTEXT.Esi]
                push  dword [edi+CONTEXT.Edi]
                push  dword [edi+CONTEXT.Edx]
                push  dword [edi+CONTEXT.Ecx]
                push  dword [edi+CONTEXT.Ebx]
                push  dword [edi+CONTEXT.Eax]
                push  dword [ebx+EXCEPTION_RECORD.ExceptionAddress]
                push  dword [ebx+EXCEPTION_RECORD.ExceptionCode]
                push  _format
                push  _buf
                call  [wsprintfA]
                add   esp, $34

                ; display the info
                invoke  MessageBox,HWND_DESKTOP, _buf,_title,MB_OK

                ; increment EIP to skip the int3 instruction
                inc   dword [edi+CONTEXT.Eip]
                mov   eax, EXCEPTION_CONTINUE_EXECUTION
                pop   edi  ebx
                mov   esp, ebp
                pop   ebp
                ret   $4

.end start
    
Post 07 Sep 2007, 18:15
View user's profile Send private message Reply with quote
handyman



Joined: 04 Jun 2007
Posts: 40
Location: USA - KS
handyman
I strongly recommend that you use a debugger. Ollydbg is a VERY good one, free, and easy to install, and easy to use. You can easily link in Ollydbg to Explorer using the Options menu in Ollydbg. This enables you to start the debugger using the right click menu over the EXE files and it allows you to see EVERYTHING that is going on in the program without adding the complexity of extra code.
Post 10 Sep 2007, 14:38
View user's profile Send private message Reply with quote
Commodity



Joined: 07 Sep 2007
Posts: 3
Commodity
Thanks for your input. I'll look into it =)

I've only been playing around with fasm for a few days now an I'm loving asm. Its actually not that much more complex then a language like C. Honestly I feel like some things would take me longer in C.

When I start doing more complex things I'll probably need to install Ollydbg.
Post 10 Sep 2007, 15:14
View user's profile Send private message Reply with quote
handyman



Joined: 04 Jun 2007
Posts: 40
Location: USA - KS
handyman
You'll like it once you start using it, even for simple small projects. You cannot beat a good debugger when doing assembly programming, even with small projects. The info it gives you about what the program is doing is really amazing. I would install sooner then later, you will be glad you did. It will help with learning asm since you can see what happens at every instruction step as the program runs. It will show you all register values, stack, memory states, and much more. A lot of this information is shown on the screen at the same time. As a learning tool it is very helpful.
Post 10 Sep 2007, 22:16
View user's profile Send private message Reply with quote
Display posts from previous:
Post new topic Reply to topic

Jump to:  


< Last Thread | Next Thread >
Forum Rules:
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum


Copyright © 1999-2020, Tomasz Grysztar.

Powered by rwasa.