A run-time debugging tool, shows registers and memory

[Larry Hammick]

I wrote a small but quite useful dll called peek.dll, along with two helper files
-- peek.inc, for MASM programming, which defines a macro which loads and calls the dll
-- peekobj.obj, to link into a project being written in C or VB or some other high-level language.

It's all in the attached zip file, along with my funky masm32 source. This is the README.TXT file in the attached zip:

PEEK.DLL debugging aid for Win32

The dynamic-link library peek.dll allows a program to display
the contents of memory or the CPU registers at run time.
---------------------------------------------
Using peek.dll in MASM programming:

1) put the file peek.dll in \windows\system32 or your working directory

2) in your asm source, put these two lines:
      include [path]\peek.inc
      @peek
   The macro @peek, defined in peek.inc, puts some material in the .data
   and .code segments of your program.

3) There are two functions in the dll, call regs and mem. These two
labels have already been defined for you by the macro @peek.

This line in your asm source code:
    call regs
will cause a dialog box to pop up, displaying the contents of the main
CPU registers, including the flags and ESP as they were before "regs"
was called.

These three lines:
    push (amount)
    push (address)
    call mem
will likewise bring up a dialog box, displaying (amount) bytes of memory,
beginning at (address). Valid amounts are 1 to 256. Invalid amounts will
be adjusted to 256. The dll does not handle memory access exceptions.

The dialog boxes for both "regs" and "mem" contain buttons
"Quit" and "Resume" whereby you can abort the program after seeing
the registers or memory, or allow the program to continue.
Both funtions save all registers and flags.
----------------------------------------------------
Using peek.dll with high-level languages:

In C and other high-level languages the macro called @peek
is of no use, but instead you can link a COFF object file
called peekobj.obj into your program.

peekobj.obj has three public symbols:
    regs       (a dword containing a 32-bit code address)
    mem        (a dword containing a 32-bit code address)
    unloadpeek (a 32-bit code address)
Calling regs or mem from within your high-level source will
automatically cause peek.dll to be loaded if it has not already been.
Calling unloadpeek will free the library if it has been loaded, and
will do nothing if it has not been. A subsequent call to regs or mem
will cause the dll to be reloaded.
The function unloadpeek takes no paramaters, and, as before, mem
takes two and regs takes none.

[Larry Hammick]

Here is a version for debugging console applications, writes to the screen rather than to a dialog box.