I started today using full segment definitions instead of the common .data or .code. I've coded this useless program:
.386
.model flat, stdcall
dseg segment para
string byte "test",0
dseg ends
cseg segment para
start:
ret
cseg ends
end start
It compiles perfectly, but when I try to debug it with ollydbg a message box appears saying that the entry point is outside of the code. Even though, the debugger works great after i press "OK" . Why does ollydbg complains?
Hmm. Try another debugger?
Quote from: Mark Jones on July 19, 2006, 11:48:16 PM
Hmm. Try another debugger?
ROFL, I love it when people present solutions like that. I don't want to be a jerk, it just doesn't seems like a spam post to me.
In any case Ollydbg complains because when you declare a segment like that without having a .code segment the linker does not know how to mark the BaseOfCode field in the Optional header of the PE so it just marks it as being 1000h, which inicidently is the same thing it marks for the BaseOfData field. You can fix it with a PE editor easily enough or just not worry about it. The solution you will probably want to use is to set the class parameter of the segment directive to 'CODE' so it will be like this:
.386
.model flat, stdcall
dseg segment para
string byte "test",0
dseg ends
cseg segment para public 'CODE'
start:
ret
cseg ends
end start
The MASM 6.1 Programmer's Guide says that if you declare .MODEL it tells the assembler and linker to use simplified segments and always defines a _TEXT code segment by default. You are essentially creating an additional code segment with your full segment directive and putting code in that, so perhaps the linker is getting confused and incorrectly setting up your entry point.
I'd stick to using one method of segment declaration. Pick simplified or use full declarations, but don't mix them.
With simplified, your code would look like:
.386
.model flat, stdcall
.data
string byte "test",0
.code
start:
ret
end start
See if that works.
Quote from: Max_Power on July 20, 2006, 12:55:55 AM
Quote from: Mark Jones on July 19, 2006, 11:48:16 PM
Hmm. Try another debugger?
ROFL, I love it when people present solutions like that. I don't want to be a jerk, it just doesn't seems like a spam post to me.
Well, I originally posted something along the lines of "where is the .code section?" but didn't have time to verify the authenticity of that statement, so rescinded it. For some reason, posts can't be deleted again... so instead of leaving it questionably wrong, I changed it to "try another debugger." [Edit]by P1[/Edit] :toothy
Thanks for the explanation, Max_Power. So, the BaseOfCode should be 00002000h, instead of 00001000h which is the value "created" by MASM. Despite this the code runs well in ollydbg, which means that BaseOfCode isn't used to locate code section.
Is it correct?
Quote from: JC1 on July 20, 2006, 01:03:02 PM
Is it correct?
You are correct.
[Edit]by P1[/Edit]
Posts in Campus are a safe zone for the new programmers.
Regards, P1 :8)
JC1,
Welcome Aboard !!! :U
The forum 'Search' and Google are your programming friends. :dance:
Regards, P1 :8)
JC1,
Welcome to the forum :U