error in ollydbg

JC1 · July 19, 2006, 09:45:43 PM

I started today using full segment definitions instead of the common .data or .code. I've coded this useless program:

.386
.model flat, stdcall


dseg segment para
	string byte		"test",0
dseg ends


cseg segment para
start:
	
	ret
	
cseg ends
end start

It compiles perfectly, but when I try to debug it with ollydbg a message box appears saying that the entry point is outside of the code. Even though, the debugger works great after i press "OK" . Why does ollydbg complains?

Mark Jones · July 19, 2006, 11:48:16 PM

Hmm. Try another debugger?

Max_Power · July 20, 2006, 12:55:55 AM

Quote from: Mark Jones on July 19, 2006, 11:48:16 PM
Hmm. Try another debugger?

ROFL, I love it when people present solutions like that. I don't want to be a jerk, it just doesn't seems like a spam post to me.

In any case Ollydbg complains because when you declare a segment like that without having a .code segment the linker does not know how to mark the BaseOfCode field in the Optional header of the PE so it just marks it as being 1000h, which inicidently is the same thing it marks for the BaseOfData field. You can fix it with a PE editor easily enough or just not worry about it. The solution you will probably want to use is to set the class parameter of the segment directive to 'CODE' so it will be like this:

Code Select


.386
.model flat, stdcall


dseg segment para
string byte "test",0
dseg ends


cseg segment para public 'CODE'
start:

ret

cseg ends
end start

Wistrik · July 20, 2006, 01:10:18 AM

The MASM 6.1 Programmer's Guide says that if you declare .MODEL it tells the assembler and linker to use simplified segments and always defines a _TEXT code segment by default. You are essentially creating an additional code segment with your full segment directive and putting code in that, so perhaps the linker is getting confused and incorrectly setting up your entry point.

I'd stick to using one method of segment declaration. Pick simplified or use full declarations, but don't mix them.

With simplified, your code would look like:

Code Select

.386
.model flat, stdcall
.data
               string byte "test",0
.code

start:
               ret

end          start

See if that works.

Mark Jones · July 20, 2006, 06:47:29 AM

Quote from: Max_Power on July 20, 2006, 12:55:55 AM
Quote from: Mark Jones on July 19, 2006, 11:48:16 PM
Hmm. Try another debugger?

ROFL, I love it when people present solutions like that. I don't want to be a jerk, it just doesn't seems like a spam post to me.

Well, I originally posted something along the lines of "where is the .code section?" but didn't have time to verify the authenticity of that statement, so rescinded it. For some reason, posts can't be deleted again... so instead of leaving it questionably wrong, I changed it to "try another debugger." [Edit]by P1[/Edit] :toothy

JC1 · July 20, 2006, 01:03:02 PM

Thanks for the explanation, Max_Power. So, the BaseOfCode should be 00002000h, instead of 00001000h which is the value "created" by MASM. Despite this the code runs well in ollydbg, which means that BaseOfCode isn't used to locate code section.
Is it correct?

Max_Power · July 25, 2006, 04:43:37 AM

Quote from: JC1 on July 20, 2006, 01:03:02 PM
Is it correct?

You are correct.

[Edit]by P1[/Edit]

P1 · July 25, 2006, 02:09:19 PM

Posts in Campus are a safe zone for the new programmers.

Regards, P1 :8)

P1 · July 25, 2006, 02:10:53 PM

JC1,

Welcome Aboard !!! :U

The forum 'Search' and Google are your programming friends. :dance:

Regards, P1 :8)

Vortex · July 26, 2006, 05:00:19 PM

JC1,

Welcome to the forum :U

News:

error in ollydbg

JC1

Mark Jones

Max_Power

Wistrik

Mark Jones

JC1

Max_Power

P1

P1

Vortex