Disassembler for GFA-BASIC 32 code.
Dim name As New DisAsm
name: variable name
Like many other debug facilities of GFA-BASIC 32, the disassembler is invoked at the code level. A new instance of the disassembler object is created by using New with the DisAsm type name. The DisAsm method of the disassembler disassembles an instruction at a given address, specified with the Addr property. After disassembling the instruction, Addr is incremented with the number of bytes occupied by the instruction. The next time DisAsm is executed the next instruction is disassembled.
00D707E5: FF 55 B4 call dpt -76[ebp]
00D707E8: 68 C4 1F E8 00 push 15212484
00D707ED: B8 20 AA C3 00 mov eax,12823072
00D707F2: 50 push eax
00D707F3: FF 15 54 26 4D 00 scall DIMNEWOBJ
The first column contains the (virtual) memory address of the command. The second column shows the code bytes that are disassembled to the instruction in the third column. The second column can be omitted when you set the ByteFlag property to 0.
The HexDump property changes the output from disassembly to a hex dump. A hex dump shows the hexadecimal value of binary code and the ASCII representation. This is useful when you want to examine a piece of data memory. Here an example:
00D70965: FF 55 B4 68 C4 1F E8 00 ÿU´hÄ.è.
00D7096D: B8 20 AA C3 00 50 FF 15 ¸ ªÃ.Pÿ.
00D70975: 54 26 4D 00 FF 55 B4 FF T&M.ÿU´ÿ
00D7097D: 35 20 AA C3 00 6A FF 8B 5 ªÃ.jÿ‹
The first column contains the (virtual) memory address of the hex dump. The second column contains 8 consecutive bytes found at that address. The third column shows the ASCII representation of those bytes. The number of bytes to dump in one line can be set with the HexDumpCount property (here: 8, default = 16).
Addr [ = long ] - Returns or sets the start address of the binary code for the next disassembly or hex dump.
ByteFlag [= Bool] - Returns or sets a value determining the display of the code bytes in a disassembly listing.
HexDump [= Bool] - Returns or sets a value determining the function of the DisAsm method. When True a hex dump is performed, when False (default) the DisAsm method displays the disassembly.
HexDumpCount [= long] - Returns or sets a value determining the number of bytes to dump in one line (default = 16).
PreferHex [= Bool] - Returns or sets a value determining the display format of addresses. If True the addresses are formatted in hexadecimal format only, and if False (0 is default) in decimal as well.
DisAsm - Disassembles next instruction or displays the next HexDumpCount number of bytes as a hex dump. DisAsm is the default for the DisAsm object and can be omitted.
20
Dim dis As New DisAsm // a new instance of disassembler
dis.ByteFlag = True // code bytes as Hex bytes
dis.HexDump = True // disassembly or a HexDump
dis.HexDumpCount = 8 // bytes per line 1-32 (16=default)
dis.PreferHex = 1 // addresses in hex format
dis.Addr = LabelAddr(20)
21
Debug.Show
While dis.Addr < LabelAddr(21)
Debug.Print dis // dis.DisAsm ( = default )
Wend
The disassembler converts binary code into a sequence of assembly commands. Thus, for analysis of the disassembled code it is necessary to know machine commands, their binary format, and their Assembly representation. Also, it is important to understand the structure of data representation in computer memory, as well as to know the structure of programs written for the Windows operating system.
The disassembler recognizes all standard 80x86, protected, FPU, and MMX instructions.
Any disassembly lines containing
00D70B25: FF 55 B4 call dpt -76[ebp]
indicate a call to the GFA-BASIC 32 debugger. This call is generated before each statement to invoke a Tron procedure if it is enabled. It also allows a program to be debugged using the tray debugger. These calls are not generated when $StepOff is specified.
For more information on inline assembler see Asm
{Created by Sjouke Hamstra; Last updated: 13/08/2019 by James Gaite}