I'm trying to my fasm conversion of Tut 3 to work but I'm getting:

     PAINT executed an invalid instruction in
     module PAINT.EXE at 0167:0040106c.
     Registers:
     EAX=00001537 CS=0167 EIP=0040106c EFLGS=00010246
     EBX=00520000 SS=016f ESP=0053fe2c EBP=0053ff78
     ECX=00000000 DS=016f ESI=81776f2c FS=7b7f
     EDX=00017e27 ES=016f EDI=00000000 GS=0000
     Bytes at CS:EIP:
     0f 5a f5 bf 1d 2f f5 bf 71 5c f5 bf 98 20 f5 bf 
     Stack dump:
     004030b2 00000000 00007f00 0000000a bff8b560 00000000
     81776f2c 00520000 6e696150 58450074 00000045
     00000000 00000000 00000000 00000000 00000000
I have a disassembler, but it only shows the code section, and it crashes when it tries to load my program.
Posted on 2001-06-26 02:07:00 by eet_1024
Windbg is available for free from MS... I have never used it... but here is the link:- Windbg umbongo
Posted on 2001-06-26 04:10:00 by umbongo
0F 5A is the opcode for a CMOV instruction, maybe your CPU doesn't support them.
Posted on 2001-06-26 04:12:00 by karim
karim, maybe im wrong, but my desassembler tolds me that CMOVx instructions are opcodes 0Fh 40h - 0Fh 04Fh. japheth
Posted on 2001-06-26 04:29:00 by japheth
From "IA-32 Intel Architecture Software Developer's Manual":
CMOVcc Conditional Move register2 to register1 0000 1111: 0100 tttn : 11 reg1 reg2 memory to register 0000 1111: 0100 tttn : mod mem r/m
So yes CMOV is "0F 4 Mirno
Posted on 2001-06-26 05:06:00 by Mirno
You are right. I misread the opcode map in Intel's manual volume 2. Actually 0f 5a is not listed in the map.
Posted on 2001-06-26 05:34:00 by karim
umbongo, those debuggers are for winNT. is there one like that but for win98?
Posted on 2001-06-26 10:30:00 by disease_2000
you can probably get turbo debugger from http://www.borland.com/bcppbuilder/turbodebugger/ its for win32 apps japheth
Posted on 2001-06-26 11:32:00 by japheth
Thanks for the links. Does MS have a Win 98 debugger? I don't have any cmov's in my code. The Borland debugger said that my prog don't have a symbol table.
Posted on 2001-06-26 21:53:00 by eet_1024
That is so tight! :) I was tracing through my prog and came accross a
call address
, instead of
call 
Posted on 2001-06-26 22:50:00 by eet_1024
Here is another debugger, it provides the best information on NT. http://home.t-online.de/home/Ollydbg/
Posted on 2001-06-27 00:15:00 by SFinegan