The MASM Forum Archive 2004 to 2012

I have a lot of while blocks in my program and i am trying to replace them with common looping coding like this:

xor ecx,ecx
mov esi, offset w_Windows_Version
mov edi, offset s_XP
LoopXP:
mov al, [esi]
mov ah, [edi]
inc esi
inc edi
cmp al, ah
jne _not_XP
cmp al, 0
jne LoopXP

jmp _GOT_XP

Can someone translate this so it don't have to use [.while].  Then i have a good idea of how to do the rest of them.  This seems like the most compucated one in my program.  It's from the kernel zip.

Thanks in advance



GetKernelBase PROC USES EDI ESI, dwTopStack : DWORD

MOV  EDI, dwTopStack        ; start the search
AND  EDI, 0FFFF0000h        ; wipe the LOWORD !

; ....
.WHILE 1   ;TRUE
   .IF WORD PTR [EDI] == IMAGE_DOS_SIGNATURE
      MOV  ESI, EDI
      ADD  ESI, [ESI+03Ch]
      .IF  DWORD PTR [ESI] == IMAGE_NT_SIGNATURE
.BREAK
      .ENDIF
   .ENDIF
   SUB EDI, 010000h
   .IF EDI < MIN_KERNEL_SEARCH_BASE    ;;;;;;;;;;;;;;;;;;;;;;
      MOV  EDI, 0BFF70000h        ;;;;;;;;;;;;;;;;;;;;;;
   .ENDIF        ;;;;;;;;;;;;;;;;;;;;;;
.ENDW
; ....

XCHG EAX, EDI
RET
GetKernelBase ENDP

Well, I won't translate the whole thing but a WHILE loop is fairly simple. Unlike a REPEAT loop it will exit without running the code between .WHILE and .ENDW if the condition is not met upon entering the loop so it will look like this...

using MASM HLL syntax

...
.WHILE eax = 1
; code goes here
.ENDW
...

Hand coded

...
whilestart:
cmp eax,1
jne exitloop

;code goes here

jmp whilestart
exitloop:
...

To ic2,
Not to go off-topic, but WHY???  :dazzled: :eek

coding in "HLL-looking" constructs doesn't make anyone "less of an ASM programmer"!  :P :P

Is it that you to make the code compatible across different assemblers or something?

Again...I would like to ask WHY???  ::)

And also why are you asking others to translate stuff for you? You know...that might NOT be considered too polite, so...???  ::)

Regards,
Shantanu

Quote from: Shantanu Gadgil on October 14, 2006, 09:01:33 AM
To ic2,
Not to go off-topic, but WHY???  :dazzled: :eek

coding in "HLL-looking" constructs doesn't make anyone "less of an ASM programmer"!  :P :P

Is it that you to make the code compatible across different assemblers or something?

Again...I would like to ask WHY???  ::)

And also why are you asking others to translate stuff for you? You know...that might NOT be considered too polite, so...???  ::)

Regards,
Shantanu

Hi,

There are many reasons to hand code loops, MASM does a horrible job of coding both loops and .IF/.ENDIF blocks (especially the latter) in many case it will insert unnecessary jumps at the end of .IF blocks that can be eliminated by hand coding. Jumps cost cycles and can (even worse) blow the instruction cache and the whole reason that most people turn to assembly is for optimizing code, it is self-defeating to revert to HLL constructs that are inefficient in order to do something that is rather simple anyway. If you are not concerned about the speed of the routine, for example it simply waits for an API to return then by all means use the constructs but the code he posted does not contain an API call in the loop and he may want a more effiicient loop.

Donkey

Hi donkey,
I understand and appreciate the speed gains of asm over HLLs. Was just a teeny-weeny :bg :green2 bit peeved  about the "could someone translate for me", thats all!!  :bg

Also, appreciate your point about hand-coded loops over ".while".

(Don't want to start yet another "why ASM"  :bg topic here...so I guess I would say... "I stand corrected")  :bg

Cheers,
Shantanu

Hope not to be off-topic; just want to say that

.WHILE eax<=45
   inc eax
.ENDW

will be translated in something like

jmp    WhileCondition
StartWhile:
   inc   eax
WhileCondition:
cmp     eax, 45
jbe     StartWhile

Regards,
Nick

Quote from: TNick on October 14, 2006, 09:34:18 AM

Code Select Expand

.WHILE eax<=45
   inc eax
.ENDW

heh heh what about
mov ax,45
Sorry, couldn't resist... :bg ...although I've seen similar in VB code  :bdg

 :lol :lol :lol :lol :lol
What, you don't think that this is a good way to put 45 in eax? :toothy

Regards,
Nick

 :lol YOMANK

Shantanu Gadgil, I thought that if you show people that you have made an effort and that you know something about coding but having too much trouble to do something, some of us have no choice but to ask for help.  I have about 7 or 8 issues hanging over my head since July.  It may take me many more month of searching, reading, etc to move on.  So i don't ask for much help.  This is one that i have to ask about simple as it may be for you but not me.  I been at it for over 2 weeks with no luck.  Working 12 hour with 3 hours commute time per day, 5 days a week, it hard to find time to do anything but i try.  Beside who else can i turn to for help.  M$.  Evidently not YOU...hee hee ... Just joking maybe.  I don't think it bother people at this forum.  They always seems to try to help others no matter what they may think of their questions.  If they did not help others i would not know sh*t about ASM unless i go to school for the next 10 years.  That's impossible for me.

As far as your other question i am trying to code in a way that other assembler can handle it without to much changes.  POASM can do it but how about others.  And i like knowing that what i give the assembler it do exactly what i expect with no favors added.

donkey,  Im still working with it but i can't seem to get it right right now but Thanks a Lot for the lead and explanation of how while work... I never had a clue.  You explain things so well, it don't always be like that in the books.  WoW.


PS:  Shantanu Gadgil,  I should have said "could someone tranlate this code so that others who don't know like myself will learn something more about [.while]".

BTW,  Why should that bother you.  This is not your forum.

A quick macro :

.386
.model flat, stdcall
option casemap :none

_DO MACRO

@@:

ENDM

_WHILE MACRO arg1,cond,arg2

    cmp arg1,arg2
    j&cond @b

ENDM

.code

start:

xor     eax,eax

_DO
        inc eax
_WHILE  eax,b,45
   
ret

END start

ic2,

Shantanu was just passing tp you what he thought was good advice, there is no malice in it but what you are after learning is also a good idea in that it will help you to better understand branching code in assembler. Now a number of members have shown you how a .WHILE conditional works but you can in fact do it yourself with the tools in MASM32.

Write a simple .WHILE block of code, put a number of NOPs in front of it then disassemble it using DumpPE, search for the NOPs and you will get to see exactly what happens to your code. Now this is a better method than you may thnk as the pseudo high level code in MASM can handle multiple test and conditionals using the C runtime style of operators and this method helps you to understand these more complex conditional evaluations.

While the pseudo high level notation has its place in API and similar high level style code, they are often not fast enough for critical algorithms so what you are after is worth the effort as you will learn to write better algorithms over time.

Wow, so much activity in about an hour.... :bg :U

To ic2,
the most innocent of  statements/comments can get misinterpreted, which can generate "fire-in-the-belly" reactions...  :bg :bg

Let me explain...
What I was asking foremost was...
"if you already have a while loop, why do you really need to convert it into "mnemonic (is that the word?) code"
to which...
donkey answered to the point as to why you (ic2) might be wanting to do it (speed, et al)
to which...
I agreed and also said that I stood corrected.

(Also you have said that you want to make the code compatible across assemblers, so that answers my question  :bg)

My "peeved" comment was because I interpreted your statement

QuoteCan someone translate this so it don't have to use [.while]

that you wanted someone else to do the job FOR you.

Out of context, it _DOES_ seem that way, doesn't it?

Also, don't quite appreciate the "why are you bothered, its not forum" comment.  :naughty: :naughty:

I have never claimed that, so I think the last comment of yours is justified.

Anyway...let bygones be bygones...  :bg

Regards,
Shantanu

RE: the dump tool idea

Another similar method, ic2, would be to set up your debugger to break on 'int 3'
and then something like this in an empty masm project

int 3
.while blah<10
    inc blah
.endw

Then compile and run it. Your debugger should allow you to see code there and then.
Might help a bit speedwise since you're so time-starved. ;)

ps. dont take Shantanu comments to heart.
Hes a nice guy but he dont like slackers and script-kiddies that all too often frequent the forums looking for people to do their work for them.  :bdg

Keep it friendly,dude, and you'll find friends here.
good luck with you're efforts. :U

Thanks Tnick, for your quick idea's. It's very helpful here, i don't know where sinsi is coming from.

Thank you Votex and hutch.  On that note i will be able to understand even more ...

Forget it Shantanu Gadgil
I only expected some great ideas anyway but ended up with all kinds of great  suggestions.

I was tired and still woke and trying.  I could have posted a better way of asking for help like i usually do when ever i do, but WTH it turned out very fair.  I see your concern, hutch maybe be right at lease i hope so anyway, forgotten but i hope that any future infomation about (.while) will be posted here ...

Hey asmrixstar, Thanks, i will get this right.

Sorry i miss spelled your name Vortex.  Shantanu Gadgil and i has nothing on that.  I know this could MEAN war :)

I just re-read everyone comments and comments i missed and i do owe Shantanu Gadgil an apology.  Shantanu Gadgil i apologies 85% as of now.

ic2,

     The only reason I use the HLL constructs in MASM is because it makes the source look cleaner.  That's  because all those ''trash tags" needed for conditional jumps are missing.  Otherwise I can code a conditional relation almost as fast.  It helps tremendously when reading the source code to indent your conditonal relations and loops.  And, if you want to see what the output code for HLL is in the listing, without using the very verbose /Sa option, use the /Sg option along with /Sn.  Ratch

ic2,

.while arguing
    ; It is good to see friends stay friends and issues get resolved.
    mov    arguing, 0
.endw

Paul

To ic2,
No problems!  :U :U

As Paul said, I hope after all this talk the programming issue actually got resolved!!!  :bg

Regards,
Shantanu

A last comment to add to the talk here then I will leave this topic alone. Many of the posts I have read here (for example Vortex's macro) perform the compare at the end of the loop, this is incorrect. If the test is being performed at the end of the loop then it is a REPEAT loop, a WHILE loop tests at the top of the loop. Not understanding this or misinterpretting the function of different loop types will only lead to confusion (and bugs) later. This is by the way a side effect of using high level constructs for simple loops, the level of abstraction can lead to not understanding loops and their appropriate applications.

Edgar,

The compare at the end of the loop is correct because the macro simulates the do & while construct in the C language. My intend was to create a quick solution, not to copy the functionnality of MASM's WHILE statement.

#include <stdio.h>

void main(int argc,char *argv[])
{
  int var=0;
  do{
    ++var;
  }while(var<45);
  printf("%d",var);
}


Touche.

Quote from: donkey on October 15, 2006, 07:35:04 AM
Many of the posts I have read here (for example Vortex's macro) perform the compare at the end of the loop, this is incorrect. If the test is being performed at the end of the loop then it is a REPEAT loop, a WHILE loop tests at the top of the loop.

some [.while] code
.while eax<somenumber
;dosomething
inc eax
.endw

OPTIMIZED while with a compare at start and no useless jmp:
cmp eax,somenuber
jae @@endw
@@while
inc eax
cmp eax,somenuber
jb @@while
@@endw:

HLL combo that does absolutely the same:
.if eax<somenuber
.repeat
inc eax
.until eax >= somenuber
.endif


the reply was not neccessarily aimed at you donkey, but at all.

---

the biggest problem i think is people dont really know or are unsure what code HLL constructs
genereate therefore i agree to what asmrixstar said about putting INT 3 before and enabling Ollydbg
as JIT.

Hi Vortex,

The DO/WHILE loop is a REPEAT loop not a WHILE loop, it is a misnomer, the usage and rules regarding WHILE and REPEAT have been well documented for quite a long time and are consistent in every programming language. The post that started this thread was asking for a MASM .WHILE loop which is a proper WHILE, providing an example of a REPEAT loop does not answer his question.

http://research.mupad.de/doc/31/eng/stdlib_repwi.html
http://www.elated.com/tutorials/programming/asp/loops/
http://www.cprogramming.com/tutorial/lesson3.html

Donkey

Edgar,

Using a WHILE or REPEAT loop does not matter here. MASM provides you a powerfull macro engine to code your own HLL constructs if you are not satisfied with the default WHILE statement.

Quote from: Vortex on October 15, 2006, 07:50:53 PM
Edgar,

Using a WHILE or REPEAT loop does not matter here. MASM provides you a powerfull macro engine to code your own HLL constructs if you are not satisfied with the default WHILE statement.

Hi Vortex,

Yes, it does matter here, he was looking to replace a MASM WHILE loop that scanned forward through a PE header, if the loop was allowed to execute on invalid data it could cause his application to crash depending on the values it encounters. A while loop will not execute under those circumstances, a REPEAT loop will, it is a very important distinction that should be understood by newer programmers, fudlling up the works by showing C's badly named termination to a DO/UNTIL loop is counter-productive.

Donkey

To the Ineffable All,

     Let me describe the .REPEAT and .WHILE as I understand them.  A .REPEAT always allows one trip through the code before it checks the codition.  If the end conditions exists before the .REPEAT is executed, too bad, one free trip through the loop.

    Now MASM implements a .WHILE  by putting the condition check at the bottom of the loop.  BUT, it first jumps down to do the condition check. Therefore the loop will not be executed even once if the exit condition exists.  It would appear that it is more efficient to put the check at the top of the loop so it can fall through, until you realize that when the exit condition exists, a jump out is necessary.  So a the MASM way of putting the condition check at the bottom of the loop requires a jump at the start of execution, and the other way of putting the check at the top of the loop requires a jump out at the end.  Since I am a MASM freak, I don't know anything about DO-WHILE or DO-REPEAT. Ratch

Donkey,
Thank you for your help. Personally, in my mind, it is always correct to do the condition testing first and then branch accordingly. I will always do it that way as it seems logical to me. I very seldom use while loops and I never use repeat loops.

Paul

This was the post that hutch say no - no to.
So it's out of here.

Some clarifications about the various loop constructs:
repeat-until is present in Pascal, but there is no such thing in C (C has the do-while thingy)

There are very clear differences between the do-while, while and the repeat/until loop constructs.

The while is what can be called as a top-check loop, allows you to decide whether to enter the loop at all or not.
The do-while and repeat-until are bottom check loops, allowing you to execute the loop atleast once.

There is also a very obvious difference between the do-while and the repeat-until loops; one is a positive check and the other is a negative check.

do-while:

do stuff (keep looping)
WHILE condition is TRUE (meaning: if condition is TRUE, loop, else EXIT loop)


repeat-until:

do stuff (keep looping)
UNTIL condition is TRUE (meaning: if condition is TRUE, EXIT loop, else loop

The word UNTIL can be a bit confusing!!!  :bg :bg

HTH,
Regards,
Shantanu

hmmmm,

How has this topic shifted from writng code in MASM using .WHILE and similar and turned into analysis of various disassemblies of what appear to be kernel code ?

Let admin know and the topic may be re-opened if we are satisfied with the answer.

LATER : I have had a satisfactory response to the question so the thread will be reopened. Just make sure it does not turn into something else.

oh-oh hutch is on the prowl best tone it down guys  :dance:
(That lion ain't there for show,you know! GGGRRRrrr.) ;)

hehe anyways,
Exe packing code is the worst youre gonna be up to your neck
in opcodes before you know it.....

Recommend PE Executable Format Tuts by Iczillion.

They lert me gud, erm, i mean they taught me well. ;)

Hi Steve,

Thanks for re-openning the topic, it is one that I found interesting as Vortex is an excellent programmer and a formidable person to debate with, keeps the blood flowing and the mind sharp.

Thank you hutch.  If anything I do don't seem right... if possible, delete whatever parts you feel will drawn malicious people to the thread.  I personally will not be upset. Pass or present ...

I have already edit it out because of your immediate concern. Those good participants that already viewed and downloaded the file have something interesting to investigate.  It may help in finding out more facts about and replacing [.while] and [.repeat].  Hopefully the subject will continue and someone will post other respectable solutions after investigating those finding.

asmrixstar, what do you mean about Exe packing code.  Since you got that much faith I will definitely read Icz PE Format Tute but right now I don't see no relation to the subject ...  I don't think anything could discourage me in my step to go 100% opcodes in an application. I may have to use a few macros but that be fine as long as I learn how to use them and see what they are doing.

Also, I hear the Lion ROAR and never plan to hear it AGAIN.  I just stumbled on something while learning how to use a tool i never used before.  It pump out something that seems unknown... Nothing more.  Nothing less.

donkey, do you think Vortex macro is the only way to go in this situation ... I never worked with macros other that what's in masm32 examples (m2m).  I'll try to get a crash course on it tonight.

Shantanu Gadgil, Shantanu Gadgil, Great to be back.  Thanks

Quotewhat do you mean about Exe packing code.  Since you got that much faith I will definitely read Icz PE Format Tute but right now I don't see no relation to the subject ...

asmrixstar, I totally see your point.  I'm reading Icz PE Format now and it was fully related to the file i was working with.  Anyway, y0da is/was deep, I figure long before he studied well and produced that file back in the year 2000 when everything was basically STILL new technology... WoW, what a mind.

Win 95 did not take effect until around 1997.. It took a life time for people to move beyond Win3.1 ... ( suppose .net or the future do that to US ... We would CRACK for life )

Anyway, I plan to move on and should have no problem adapting these suggestion to standard [.WHILE) asm examples, one i get this tute in mind.

Thanks asmrixstar Icz PE is getting more interesting.  I'm beginning to wonder  *Do it ever END*