1. What means "abc equ $"
As i know, equ is somehow like the #define Preprocessor-directive in C, but what is, if a '$' is behind it?
2. My second question:
if in C:
Code:
if(a == b) {
printf("%c", c);
}
in asm:
Code:
cmp ebx, eax
jne abc
call something
abc:
...
For an "if-flow control/control structure" i need a label with a name (e.g. abc:)
In C there is no need for this, because you specify a command-block with { }
In MASM, too... with these Pseudo-High Level- F.C./C.S. .IF, .WHILE, etc.
in masm:
Code:
.IF a == b
call something
.ENDIF
So I don't need a label/labelname..
But how does MASM do this?
Does it generate a random label-name or something like that?
What is, if I accidentally use the same label name?
3.:
How would look this MASM code in ASM?
Code:
.IF a == 2 && b == 3 || c == 1
invoke MessageBox, 0, 0, 0, 0
.ENDIF
And can i use parentheses like this?:
Code:
.IF a == 2 && (b == 3 || c == 1)
invoke MessageBox, 0, 0, 0, 0
.ENDIF
And another question:
How do @@-Labels work?
And for what is jmp @B and jmp @F?
Thanks in Advance!
Hi nob,,
i will try on some of your qestions.
The "$" by itself is called the "current location pointer" and it literally is the current instruction pointer or IP. It means the OFFSET in memory of where the current location is.
An equate to it means you can use the "abc" in the same way.
The "something" you call when you call a function by its name is actualy an OFFSET in memory, it behaves exactly like a label. I fact you can write very low level function that start with a label and exit on the RET at the other end.
The @@: labels are called anonymous laels and they save you from having to invent new names for at least some labels where the context is understoof from the code. The jmp @F means jump to the NEXT @@: label, the jmp @B means jump BACK to the last @@: label.
hi,nob
all of the three questions could be solved by a piece of sample code...
.386
.model flat,stdcall
option casemap:none
include windows.inc
include user32.inc
include kernel32.inc
includelib kernel32.lib
includelib user32.lib
.const
db 'just for test'
abc equ $
a db 1
b db 2
d db 3 ;pay attention:not c
.code
start:
mov eax,abc
invoke MessageBox,0,0,0,0
.if a==1&&(b==2||d==3)
invoke MessageBox,0,0,0,0
.endif
.if a==1&&b==2||d==3
invoke MessageBox,0,0,0,0
.endif
invoke ExitProcess,0
end start
after compile and link,u can use od and ida pro to watch the result.
1.u'll find that abc will be 0x40201d just the address after the string "just for test".[in ollydbg]
2.u'll find that MessageBox is address of another instruction like jmp imp_MessageBox,which is exactly the code which calls the API function.[in IDA pro]
3.u'll find that the assembly code as follows:
public start
.text:00401000 start proc near
.text:00401000 mov eax, offset byte_40201D
.text:00401005 push 0 ; uType
.text:00401007 push 0 ; lpCaption
.text:00401009 push 0 ; lpText
.text:0040100B push 0 ; hWnd
.text:0040100D call MessageBoxA
.text:00401012 cmp ds:byte_40201D, 1 ;here 40201d mean a
.text:00401019 jnz short loc_40103A
.text:0040101B cmp ds:byte_40201E, 2 ;d<---->we cannot ues c as variable in Masm32v9
.text:00401022 jz short loc_40102D
.text:00401024 cmp ds:byte_40201F, 3 ;b
.text:0040102B jnz short loc_40103A
.text:0040102D
.text:0040102D loc_40102D: ; CODE XREF: start+22�j
.text:0040102D push 0 ; uType
.text:0040102F push 0 ; lpCaption
.text:00401031 push 0 ; lpText
.text:00401033 push 0 ; hWnd
.text:00401035 call MessageBoxA
.text:0040103A
.text:0040103A loc_40103A: ; CODE XREF: start+19�j
.text:0040103A ; start+2B�j
.text:0040103A cmp ds:byte_40201D, 1
.text:00401041 jnz short loc_40104C
.text:00401043 cmp ds:byte_40201E, 2
.text:0040104A jz short loc_401055
.text:0040104C
.text:0040104C loc_40104C: ; CODE XREF: start+41�j
.text:0040104C cmp ds:byte_40201F, 3
.text:00401053 jnz short loc_401062
.text:00401055
.text:00401055 loc_401055: ; CODE XREF: start+4A�j
.text:00401055 push 0 ; uType
.text:00401057 push 0 ; lpCaption
.text:00401059 push 0 ; lpText
.text:0040105B push 0 ; hWnd
.text:0040105D call MessageBoxA
======
so just use the tool to dig out what u r wondering.
Also, you can get a listing from Masm by adding the /Fl parameter.
Just remember to put .nolist, .list around the library includes-
.nolist
include windows.inc
include user32.inc
include kernel32.inc
includelib kernel32.lib
includelib user32.lib
.list
or your listing will be huge.
Thanks!!
I'll read it now :-)
Edit:
Does db save bytes at the current position?
And if you specify a name, you can use the name as a pointer for the address (so it is like a variable)?
tt db "a", "b", 13, 10 ; pos(a) = 0x100, pos(b) = 0x101, pos(\n) = 0x102, pos(\r) = 0x103
db "c", "defg", 0 ; pos(c) = 0x104, pos(defg) = 0x105 - 0x108, pos(\0) = 0x109
If I use tt, the whole bytes will be read until a \0 occurs, isn't it so?
So I can also access the "cdefg", because they are directly behind "ab\n\r" and because there was no \0?
Edit2:
So if I write:
start equ $
text db "aaaaaaaaaaaaaaaaaaa",0
a dd 10
b dw 5
d db "c"
end equ $ - start
The equ/constant end stands for the size of bytes which where reserved by the variables?
dd stands for DWORD, dw WORD and db BYTE, but does it make a difference if I write DWORD or BYTE, like?:
.data
a dw 10
k BYTE 1
b dd 20
.data?
z WORD ?
u dd ?
l DWORD ?
k db ?
noob,
With BYTE data in the iniialised data section, it is written sequentially so you can write code like this.
.data
item db "line 1",13,10
db "line 2",13,10
db "line 3",13,10
db "last line",13,10,0 ;< note the only zero terminator
.code
invoke StdOut,OFFSET item
Quote
dd stands for DWORD, dw WORD and db BYTE, but does it make a difference if I write DWORD or BYTE, like?:
db, dw, dd etc are used to "define data"
BYTE, WORD, DWORD are considered more like types of data
Hence by convention it is more stylish to used db,dw,dd and friends to define data and variables and it is considered more stylish to used BYTE WORD, DWORD and friends inside STRUCture definition to define the sizes and types of data members. However you could used DB,DW,DD in structures.
You should used BYTE, WORD, DWORD when declaring LOCAL variables inside a PROC because there you do no "define" any data just the size/type of it.
The intermix of DB/DW/DD and BYTE/WORD/DWORD is confusing for beginner so use the above rule of thumb:
1) when you declare or define data variables use DB/DW/DD
2) in STRUC use what you prefer
3) in PROC LOCAL variables use BYTE,WORD,DWORD.
Note that STRUCTURES are in somehow the middle being both data types and data define keywords at times.
Bogdan-
Can one use dd,dw,and db in locals in SolAsm? Masm absolutely chokes on this
xxx proc
local aq2:dd,aq3:db
to n00b:
whether you can acess the "cdefg" or not depend on which insturction/API you use.
for example:
i>if you use:cmp al,ttit will never acess "cdefg" even "b"
ii>if you use:invoke MessageBox,offset tt,0,0,0surely the API will acess tt till encout the '\0'.
Ok, I think I got the most, thanks :U
But something's left...
1.
db, dw, dd, ... save bytes at a specific (current?) memory position.
If you specify a name in front of the instruction, the name is like a pointer to the memory address of the specified bytes (behaves like a variable)..
Is that correct?
2.
start equ $
text db "aaaaaaaaaaaaaaaaaaa",0
a dd 10
b dw 5
d db "c"
end equ $ - start
The equ/constant "end" contains the size of bytes which where reserved by the variables?
3.
What do I have to write in the const section?
Variables, Includes, equs, ...?
4.
When I write sources with brackets, I'll get the memory position, like:
mov al, [ebx]
Will the source have the size of 1 BYTE because of the brackets?
So that I can't write:
mov ebx, [ax]
;ebx = 4 Bytes (32bit), ax = 2 Bytes (16bit), [ax] = 1 Byte (8bit) because of brackets
But I have to write:
mov ebx, DWORD ptr [ax]
;[ax] = 1 Byte, but DWORD ptr = get 4 Bytes from [..] as memory position?
Is this correct? :-/
to n00b!:
1.yes,you can take the label as a pointer,but not a variable anyway.To be exactly,the label is just the address of the data or code.
--
2.yes. it is.
--
3.in const section.you should define constant data.ie.strings as the caption of one MessageBox;
equ could be define anyway of the file header(means before the .code section);
include should be placed just after the code:
.386
.model flat,stdcall
option casemap:none
anyway,thx to jj2007,we get to know that just use
include /masm32/include/masm32crt.inc to replace all the include like directives.
---
4.to get the address of one variable.
we can use:
xxx db 123
mov eax,offset xxx lea eax,xxx
and we can get the value of the variable by following code:
mov eax,xxx
or
lea eax,offset xxx
mov ebx,[eax]
and we cannot get the address of one register like eax.
we can just get the address of data in the memory....
ps:
u should read some introduction book like <the art of assembly language> to gain the basis of assembly language.[and i guess you 're a high language victim.]..he..he
-------
regs,
gxm.
Quote from: gxm on June 11, 2008, 02:18:46 PM
include /masm32/include/masm32crt.inc
No "c"... correct version:
include \masm32\include\masm32rt.inc
This file starts with .486 etc., and includes everything you need in practice, e.g. the Masm32 macros (a must! e.g. m2m ="mem to mem").
.486 ; create 32 bit code
.model flat, stdcall ; 32 bit memory model
option casemap :none ; case sensitive
; include files
... lots of ...
include \masm32\macros\macros.asm ; masm32 macro file
Sorry, I'm not good in expressing something in English ._.
I meant with the 4th point something like this:
.386
.model flat, stdcall
option casemap :none
.data
text db "abcde", 0
.code
start:
mov eax, DWORD ptr [text + 1] ;eax = bcde eax & DWORD = 4 bytes
mov ax, WORD ptr [text + 1] ;eax = bc ax & WORD = 2 bytes
mov al, BYTE ptr [text + 1] ;eax = b al & BYTE = 1 byte
mov al, [text + 1] ;eax = b al & BYTE = 1 byte
mov eax, WORD ptr [text + 1] ;does'nt work: eax = 4 bytes, WORD = 2 bytes
mov al, DWORD ptr [text + 1] ;does'nt work: al = 1 byte , DWORD = 4 bytes
end start
The Instruction "mov al, [text + 1]" works without specifieng the size of the bytes ("XXX ptr").
I gather from this that the size of the bytes, which are got from a value in brackets, ever is 1 byte.
So the following should work:
mov BYTE ptr eax, [text + 1]
mov al, [text + 1]
Is this so, that when I use the brackets I don't have to specify another size, when I need (1) byte, because it is ever 1 byte with brackets?
When this is true, why does this not work?
cmp [eax + ecx], 22h ;"BYTE ptr [eax + ecx]" would work
"[eax + ecx]" = 1 Byte
" 22h" = 1 Byte?
PS: Sorry for my bad English
Basically, Masm wants to know the size of operands. If there is ambiguity, it will choke.
.data
vdw dd 0
vw dw 0
vb db 0
.code
mov eax, vdw
mov ax, vw
mov al, vb
mov ah, vb
cmp eax, 12345
cmp ax, 1234
cmp al, 123
cmp [vdw+eax], 123
cmp [vdw+ax], 123 ; ok...!
; cmp [vdw+al], 123 ; no
; cmp [vdw+ax], ax ; no
; cmp [vdw+ax], al ; no
I don't get it, sorry :eek
ps: Does my last example maybe have something to do with immerdiate values (I don't know how they're called, but I mean some kind of direct values...)
Masm can be sure that [eax+ecx] is a 32-bit address. So far, so good...
cmp [eax + ecx], 22h ; so what do you mean here, the byte 22h, the word 22h, or the dword 22h?
cmp [eax + ecx], ax ; you mean the word ax
cmp [eax + ecx], al ; you mean the byte al
cmp [eax + ecx], ah ; you mean the byte ah, thanks for telling me...
Hope it's clear enough...
1. Ah, ok.
But what do I have to write instead of
cmp [eax + ecx], 22h
2. Sorry, i missed something:
.data
text db "test",0
.code
mov [edx + text], al
I used inside the brackets a variable..
I noticed that when i declare text as DWORD I have to use eax instead of al...
But how exactly does a variable effect the whole instruction?
noob,
The problem is that MASM is a fully specified language which means that it can handle the notation that specifies the size of a memory operand but it is also smart enough to know the memory size in most instances. When it cannot it displays an error if the size is not specified.
cmp [eax + ecx], 22h
The problem here is that [eax+ecx] is a memory address and there is no way to determine if you write a BYTE, WORD or DWORD to that address.
To clear this up so the assembler knows what size it should be you specify the size as follows.
cmp BYTE PTR [eax+ecx], 22h
If its a 16 bit value use WORD and if its a 32 bit value use DWORD.
Ah.. Ok, so... would the following be correct?
mov [eax+ ebx], BYTE ptr [ecx + edx] ;MASM know the size (BYTE ptr)
mov BYTE ptr [eax + ebx], [ecx + edx] ;MASM know the size (BYTE ptr)
mov eax, [ecx + edx] ;MASM know the size (eax = 4bytes)
mov [ecx + edx], bx ;MASM know the size (bx = 2bytes)
mov [eax+ ebx], [ecx + edx] ;would not work, MASM don't know the size
mov al, 22h ;MASM know the size (al = 1byte)
text db "Hello", 0
mov [edx + text], 22h ;MASM know the size (text = 1byte)??
num dd 55
mov eax, [num + ecx] ;MASM know the size (num = 4bytes)??
mov bl, [num + ecx] ;would not work, bl = 1byte/num = 4bytes??
mov bl, BYTE ptr [num + ecx] ;MASM know the size (BYTE ptr)??
Is "[num + ecx]" equal "addr num + ecx" or "55 + ecx"?
Well, more or less. Why don't you just put it in some proggie and wait for the error messages?
No 1, 2, 5 don't work because there is no direct move from memory to memory. You can use the m2m macro but only for DWORDS.
; mov [eax+ ebx], BYTE ptr [ecx + edx] ;MASM know the size (BYTE ptr)
; mov BYTE ptr [eax + ebx], [ecx + edx] ;MASM know the size (BYTE ptr)
mov eax, [ecx + edx] ;MASM know the size (eax = 4bytes)
mov [ecx + edx], bx ;MASM know the size (bx = 2bytes)
; mov [eax+ ebx], [ecx + edx] ;would not work, MASM don't know the size
mov al, 22h ;MASM know the size (al = 1byte)
mov [edx + text], 22h ;MASM know the size (text = 1byte)??
mov eax, [num + ecx] ;MASM know the size (num = 4bytes)??
; mov bl, [num + ecx] ;would not work, bl = 1byte/num = 4bytes??
mov bl, BYTE ptr [num + ecx] ;MASM know the size (BYTE ptr)??
Here is a skeleton for testing what works and what doesn't. Code before "start:" will be assembled but not executed, so you can use the area between .code and start: for testing syntax.
include \masm32\include\masm32rt.inc
.data?
buffer db 256 dup (?)
.data
AppName db "Test bits and pieces:", 0
MyDword dd 12345678
MyWord dw 12345
MyByte db 123
MyText db "This is a simple test", 0
num dd 123
text db "test test", 0
.code
; ---------- for syntax checks, use the area between <code> and <start> -------------
; mov [eax+ ebx], BYTE ptr [ecx + edx] ; invalid instruction operands
; mov BYTE ptr [eax + ebx], [ecx + edx]
mov eax, [ecx + edx] ;MASM know the size (eax = 4bytes)
mov [ecx + edx], bx ;MASM know the size (bx = 2bytes)
m2m [eax+ ebx], [ecx + edx] ;OK as m2m! MASM knows the size for a push is DWORD
mov al, 22h ;MASM know the size (al = 1byte)
mov [edx + text], 22h ;MASM know the size (text = 1byte)??
mov eax, [num + ecx] ;MASM know the size (num = 4bytes)??
; mov bl, [num + ecx] ;would not work, bl = 1byte/num = 4bytes??
mov bl, BYTE ptr [num + ecx] ;MASM know the size (BYTE ptr)??
; ---------- for syntax checks, use the area between <code> and <start> -------------
start: invoke MessageBox, NULL, addr MyText, addr AppName, MB_OK
invoke ExitProcess, 0
end start
Cool, thanks :-)
Oh yeah, I forgot that memory to memory or 2 variables in 1 incstruction don't work.
Ok, I think the following are my last questions ._.
1.
But are the reasons on these instructions correct?
.data
num dd 55
mov [edx + text], 22h ;MASM know the size (text = 1byte) ??
mov eax, [num + ecx] ;MASM know the size (num & eax = 4bytes) ??
; mov bl, [num + ecx] ;would not work, bl = 1byte/num = 4bytes ??
mov bl, BYTE ptr [num + ecx] ;MASM know the size (bl = 1byte/num = 4bytes, but BYTE ptr) ??
2.
Is "[num + ecx]" equal to "addr num + ecx" or "55 + ecx"?
Quote from: n00b! on June 12, 2008, 07:10:25 PM
But are the reasons on these instructions correct?
.data
num dd 55
mov [edx + text], 22h ;MASM know the size (text = 1byte) ?? YES INDEED, text is "db"
mov eax, [num + ecx] ;MASM know the size (num & eax = 4bytes) ?? eax is DWORD
; mov bl, [num + ecx] ;would not work, bl = 1byte/num = 4bytes ??
Good questions, NO CLUE why Masm doesn't understand it... bl is clearly a BYTE
mov bl, BYTE ptr [num + ecx] ;MASM know the size (bl = 1byte/num = 4bytes, but BYTE ptr) ??
2.
Is "[num + ecx]" equal to "addr num + ecx" or "55 + ecx"?
mov eax, [num + ecx]
means "move the 32 bit that you find at [address of num plus ecx] into eax"
The other ones will not assemble - test yourself ;-)