I dissambled a c++ "hello world" app and it has hundreds of assembly lines, i thought it was just about 20 if so.
why are them so many? if i made it in asm i think they would only be like 20 or 30 not more....is it because c++ puts much object oriented crap? in c the asm code would be smaller?

my ideia was to create apps in c++ and then disassemble them to see the code and then learn

thanks in advance
Posted on 2003-11-22 20:03:09 by chimaira
Was the C++ app built in debug mode or in release mode? Debug mode inserts *tons* of extra code into the executables. Also, if you're using Visual Studio you can have it print out the ASM listing so you can see which lines generated what code without having to dissassemble.
Posted on 2003-11-22 20:30:53 by Mecurius
it was in release mode
Posted on 2003-11-22 20:34:40 by chimaira
Assuming you're using the Microsoft compilers:

They tend to produce a lot of "junk" code without which your executable may not even run. This mostly happens when you've compiled your source in debug mode, which inserts all sorts of debug symbols and other crap into the executable. Try building the release version, or make Visual Studio emit assembler output.

If you want to study disassembled output, use the __asm keyword to insert a series of NOP instructions before and after the part you want to study. Hutch uses this technique to debug his apps. A debugger like OllyDebug can be useful for understanding disassembled output. That way you can concentrate on the choicest part and not bother about the junk.

Of course, you can also write much shorter code using plain vanilla asm.

Regards,
Art
Posted on 2003-11-22 20:38:34 by art_sands
Have fun looking at the c++ library.
Posted on 2003-11-22 21:37:52 by roticv
chimaira,

You can use small C run-time start-up code to get small C executables.

For GUI applications:



.386
.model flat,stdcall
option casemap:none

WinMain proto :DWORD,:DWORD,:DWORD,:DWORD

include \masm32\include\windows.inc
include \masm32\include\user32.inc
include \masm32\include\kernel32.inc

.data?
hInstance HINSTANCE ?

.code
start:
invoke GetModuleHandle, NULL
mov hInstance,eax
invoke GetCommandLine
invoke WinMain,hInstance,NULL,eax,SW_SHOWDEFAULT
invoke ExitProcess,eax
end start


For console applications:



.386
.model flat,stdcall
option casemap:none

extern main:proc
public start

include \masm32\include\windows.inc
include \masm32\include\user32.inc
include \masm32\include\kernel32.inc
include \masm32\include\gdi32.inc
includelib \masm32\lib\user32.lib
includelib \masm32\lib\kernel32.lib
includelib \masm32\lib\msvcrt.lib

extern __getmainargs:proc

.data?
argc dd ?
argv dd ?
env dd ?
.code
start:
push 0
push offset env
push offset argv
push offset argc
call __getmainargs
add esp,16
push argv
push argc
call main
add esp,8
invoke ExitProcess,0
end


Check the attachment for GUI and console examples.
Posted on 2003-11-23 05:11:52 by Vortex
chimaira, the reason there's so much stuff in the disassembly is the inclusion of the C runtime library. There are various reasons why a 'lot' of code is being included even if you seemingly don't use much of the standard c library.

If you want to study just C code, you can skip the inclusion of the standard library - which of course means you can't use things like 'printf'. That way, you can actually get programs about as small as if you coded then in assembly-only, with the advantage of using a HLL.

Using NOP insertion to locate the code you're interested in is sort of moronic. Build in release mode but include debug info (yeah, you can do this), and use a decent disassembler (since there's a freeware version of IDA around there really isn't any excuse to use anything else) the can read symbol info. Presto, much easier to see what's going on.
Posted on 2003-11-23 08:50:43 by f0dder

I dissambled a c++ "hello world" app and it has hundreds of assembly lines, i thought it was just about 20 if so.
why are them so many? if i made it in asm i think they would only be like 20 or 30 not more....is it because c++ puts much object oriented crap? in c the asm code would be smaller?

my ideia was to create apps in c++ and then disassemble them to see the code and then learn

thanks in advance


First of all, if all you want to do is print "Hello World" then make sure you're calling a simple string output routine like puts rather than printf. The printf function includes a ton of stuff (like code to convert floating point numbers to strings) that you don't really need to print "Hello World".

Second, don't disassemble the object code. Instead, use the option (almost every C compiler provides) to produce an assembly listing. This is *far* more readable. E.g.,



#include <stdlib.h>
int main( int argc, char **argv )
{
puts( "Hello World\n" );
}

when compiled with MSVC thusly:
cl /Fat.asm t.c
produces the following output




; Listing generated by Microsoft (R) Optimizing Compiler Version 12.00.9044.0

TITLE t.c
.386P
include listing.inc
if @Version gt 510
.model FLAT
else
_TEXT SEGMENT PARA USE32 PUBLIC 'CODE'
_TEXT ENDS
_DATA SEGMENT DWORD USE32 PUBLIC 'DATA'
_DATA ENDS
CONST SEGMENT DWORD USE32 PUBLIC 'CONST'
CONST ENDS
_BSS SEGMENT DWORD USE32 PUBLIC 'BSS'
_BSS ENDS
$$SYMBOLS SEGMENT BYTE USE32 'DEBSYM'
$$SYMBOLS ENDS
_TLS SEGMENT DWORD USE32 PUBLIC 'TLS'
_TLS ENDS
FLAT GROUP _DATA, CONST, _BSS
ASSUME CS: FLAT, DS: FLAT, SS: FLAT
endif

INCLUDELIB LIBC
INCLUDELIB OLDNAMES

PUBLIC _main
EXTRN _puts:NEAR
_DATA SEGMENT
$SG782 DB 'Hello World', 0aH, 00H
; Function compile flags: /Odt
_DATA ENDS
_TEXT SEGMENT
_main PROC NEAR
; File t.c
; Line 3
push ebp
mov ebp, esp
; Line 4
push OFFSET FLAT:$SG782
call _puts
add esp, 4
; Line 5
xor eax, eax
pop ebp
ret 0
_main ENDP
_TEXT ENDS
END


Finally, reading C output is interesting, but it's probably not the best way to learn assembly language programming. Stop by http://webster.cs.ucr.edu for lots of info and links on assembly.
Cheers,
Randy Hyde
Posted on 2003-11-23 10:18:12 by rhyde
ty all
Posted on 2003-11-23 15:54:30 by chimaira

chimaira, the reason there's so much stuff in the disassembly is the inclusion of the C runtime library. There are various reasons why a 'lot' of code is being included even if you seemingly don't use much of the standard c library.

If you want to study just C code, you can skip the inclusion of the standard library - which of course means you can't use things like 'printf'. That way, you can actually get programs about as small as if you coded then in assembly-only, with the advantage of using a HLL.

Using NOP insertion to locate the code you're interested in is sort of moronic. Build in release mode but include debug info (yeah, you can do this), and use a decent disassembler (since there's a freeware version of IDA around there really isn't any excuse to use anything else) the can read symbol info. Presto, much easier to see what's going on.


I tried IDA, and man holy crap that thing is awesome it can decompile code for so many CPU's including the Z80 and Intel 8085 on top of the x86 CPU's, well worth the 12MB download!
Posted on 2003-11-23 19:02:41 by x86asm



I tried IDA, and man holy crap that thing is awesome it can decompile code for so many CPU's including the Z80 and Intel 8085 on top of the x86 CPU's, well worth the 12MB download!
actually the version i downloaded was 28mb(full version)
Posted on 2003-11-23 19:04:13 by chimaira
It's well worth shelling out the cash, too.
Posted on 2003-11-23 19:05:09 by f0dder
if you're using ms vc++ anyway, why not tell the compiler to output assembly with source code so you won't even need a disassembler ;)
Posted on 2003-11-24 08:54:16 by Tola