Calling in the experts. What could cause this??? (Solved)

[Shooter]

TabDemo.exe (on the left) is from a working MASM32 example project. TabDemo1.exe (on the right) is from a project that I've been working on for many hours where I've attempted to convert the MASM32 example into a GoASM example. I've gone over the code many times, and even started a thread begging for help on it (http://www.masm32.com/board/index.php?topic=15671.0), but alas I finally decided to put the working code up against the non-working code, side by side in a debugger, and I came upon something rather strange... the GoASM compiled .exe does not have CMP EAX, 4E (cmp D[uMsg],WM_NOTIFY). Instead it has gibberish, and for the life of me I can't figure out why.

Can anyone help me to understand what's causing this?

Thanks,
-Shooter

Note: TabDemo.exe from the MASM32 example was converted from RadASM 2.x (.rap) to RadASM 3.x (.prra) using the internal converter from RadASM 3.0.0.7h, and then locally compiled.

[donkey]

Well, without looking at the code I am assuming that this is some sort of Wndproc. In the MASM example it obviously moves the message value into EAX then tests that against message constants. In the GoAsm example it uses the message parameter on the stack frame (83 7D 0C 4E= cmp D[uMsg],0x4E). BTW you seem to have screwed up your heuristics for OllyDbg, there is an option that allows you to set the search algorithm for stack frame detection.

Looking at the disassembly both seem OK, the problem with the GoAsm disassembly is that Olly didn't properly detect the stack frame but the hex code looks alright.

[Shooter]

Well, without looking at the code I am assuming that this is some sort of Wndproc.

Edgar,
From what I can tell, the following is missing completely from the compiled GoASM .exe file:

Code Select Expand

DlgProc FRAME hwnd,uMsg,wParam,lParam
LOCAL ts:TC_ITEM
.WM_NOTIFY
cmp D[uMsg],WM_NOTIFY
jne >>.WM_INITDIALOG

(I realize the compiled will not include the "Local  ts:TC_ITEM" and the ".WM_NOTIFY" stuff.)

-Shooter

[donkey]

Hi Shooter, I can see the code in your image for that conditional block...

Code Select Expand

Beginning at address 40108A:
55                 PUSH EBP
89 E5              MOV EBP,ESP
83 EC 1C           ADD ESP, 1C
83 7D 0C 4E        cmp d[uMsg], WM_NOTIFY
0F 85 8D 00 00 00  JNE >>.SOMEWHERE

Just because OllyDbg doesn't decode it properly doesn't mean it isn't there, the hexcode is clear.

Edgar

[Shooter]

SHOOT! I thought I was on to something there.

Is it because I'm comparing d[uMsg], WM_NOTIFY instead of comparing EAX, WM_NOTIFY that the code does not look like:

Code Select Expand

83F8 4E       CMP EAX,4E

-Shooter

[donkey]

SHOOT! I thought I was on to something there.

Is it because I'm comparing d[uMsg], WM_NOTIFY instead of comparing EAX, WM_NOTIFY that the code does not look like:

Code Select Expand

83F8 4E       CMP EAX,4E

-Shooter

That's pretty obvious, if you're not comparing EAX it won't encode as CMP EAX... uMsg is a stack relative address not a register so the encoding is different.

[Shooter]

UGH!!! Alright. I'm giving up on this project and moving on to something else.

Thanks for your input and help. I do appreciate it, and I've learned a few things too.

-Shooter

[drizz]

right click -> remove analysis

[WillASM]

Don't give up yet, you are so close!

First off, in Tabdemo1.h...
  You do not need the Includelib lines with Goasm
  Also you do not need to define NULL, FALSE, and TRUE (Already defined in the headers)
  Change IDC_TAB3EDT1 Equate From 1001 To 4001 (Also Change Resource (ID) Value)

For your resources...
  Set all tab dialog borders to flat
  Set all tab dialogs popup to false

In WM_INITDIALOG...
  When setting up TC_ITEM, change the MOV W & MOV B - To MOV D (They are DWORD values)

  And this one was hard to spot, but is the biggest problem...
  Typo in the line,    INVOKE GetDlgItem [hwnd],IDC_TAB1
  Something is missing here, can you see it?

Keep trying, you are doing very well, WillASM

[Gunner]

  And this one was hard to spot, but is the biggest problem...
  Typo in the line,    INVOKE GetDlgItem [hwnd],IDC_TAB1
  Something is missing here, can you see it?

Keep trying, you are doing very well, WillASM

Wow, Nice catch!!  What do you do for a living?  A proofreader maybe?  If not, you should work for a magazine or something  :U , , , ,

[Shooter]

  And this one was hard to spot, but is the biggest problem...
  Typo in the line,    INVOKE GetDlgItem [hwnd],IDC_TAB1
  Something is missing here, can you see it?

I'm afraid that I am not all that familiar with Windows API calls (I'm very new to these, but eager to learn).

The GetDlgItem function retrieves the handle of a control in the specified dialog box.
HWND GetDlgItem(
    HWND  hDlg,   // handle of dialog box
    int  nIDDlgItem    // identifier of control
   );

[hwnd] is the handler of the dialog box, and
IDC_TAB1 is the control I want to watch, right?

However, changing those other things did take care of my 'ghost' dialog box and border problems, and even though the tab strip does not appear (yet), at least it's not consuming above 90% of my CPU anymore. But I'm still confused about the borders:

Question about the resource editor in RadASM 3.x:

Does the number in the xStyle have greater or lesser importance than the settings of each of the other variables?

If I set the xStyle number to 50000000 for the 1st tab (40000000 for the 2nd and 3rd tabs), and then set the Border to 'Flat', the xStyle reverts to D0000000 for the 1st tab (C0000000 for the 2nd and 3rd tabs).

In RadASM 2.x, the 1st set of values were what was set in the xStyle parameter, and the dialog borders were already set to flat. In RadASM 3.x if I set the numbers to match and then change the borders to flat, the numbers changed. (Is this a bug??)

-Shooter

[Shooter]

  And this one was hard to spot, but is the biggest problem...
  Typo in the line,    INVOKE GetDlgItem [hwnd],IDC_TAB1
  Something is missing here, can you see it?

I get it now... I had two items as 1001. I changed it, but the tab strip still doesn't show.

-Shooter

[dedndave]

something missing

:P

,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,

[WillASM]

something missing

:P

,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,

Dave spotted the problem, do you see it now?
Goasm will not warn on this error, but I'll take it over having to define all those prototypes!

WillASM

[Shooter]

Good grief, just a simple comma!?!?!?! Going from one environment to the other, I think I did a fair job of translating considering I'm new at this.

And by the way, I came to this forum in hopes of getting aid and help when I hit the brick wall of my limited knowledge, not to be ridiculed for my naivete. The last I'd seen of assembly language was just before Windows 95 rolled out, and the current help files are not complete. (B, D, W?? shouldn't that have been in the Win32 help file? And when an error returns, shouldn't there be some sort of explanation as to what 02 vs. 03 means? I miss the days of the QUE help books.)

-Shooter