flat assembler
Message board for the users of flat assembler.
Index
> Windows > My code behaves properly but crashes OllyDBG? |
Author |
|
ragnar_graybeard87 11 Apr 2016, 23:11
I have a fairly simple program that I did for my Udemy course. It just finds and prints the largest number in an array. I finally got it to work, however if I try to open it in OllyDBG I get:
Exception occured @Address 00491200... I've used the included print_eax functions in many programs without error so I don't think it could be those. Just wondering if this is a normal thing or perhaps I just coded something wrong. Thanks for viewing!
|
|||||||||||
11 Apr 2016, 23:11 |
|
ragnar_graybeard87 13 Apr 2016, 13:09
Thanks a lot for the advice. I made the changes to include the
section '.text' code readable executable and added executable to the data section however I'm still getting the same. I also noticed that all other programs define entry start before doing any includes so I switched that but still no go. It's not imperative I get this code to debug it just makes me wonder why... I'll attach the training.inc incase your also curious. Thanks again!
|
|||||||||||||||||||||
13 Apr 2016, 13:09 |
|
revolution 13 Apr 2016, 13:54
It doesn't crash ollydbg on my system.
|
|||
13 Apr 2016, 13:54 |
|
system error 13 Apr 2016, 15:43
Your have a flaw in loop design. Don't use loop loop_tester and jmp loop_tester at the same time because your counter doesn't get updated accurately. It's only updated when using "loop" but not via "jmp". That may not be threatening in normal condition but in debugging mode, your flag register gets changed by the debugger due to task switch. That affects your loop condition regardless of your loop count.
|
|||
13 Apr 2016, 15:43 |
|
revolution 13 Apr 2016, 15:47
system error wrote: ... but in debugging mode, your flag register gets changed by the debugger due to task switch ... |
|||
13 Apr 2016, 15:47 |
|
system error 13 Apr 2016, 16:11
the possibility is there. A "jmp" affects the flags only when a task switch occurs. Debugging involves task switching to some degree. So a faulty jmp like this can alter the flags.
|
|||
13 Apr 2016, 16:11 |
|
l_inc 13 Apr 2016, 16:26
system error
Quote: the possibility is there. A "jmp" affects the flags only when a task switch occurs. Whoa. One never knows, what dangerous mix of information someone's mind can keep inside. Near/short jmp's never affect the flags. Windows doesn't have the referred kind of task switching. _________________ Faith is a superposition of knowledge and fallacy |
|||
13 Apr 2016, 16:26 |
|
system error 13 Apr 2016, 16:36
l_inc wrote: system error From the Manual Code: Flags affected All flags are affected if a task switch occurs; no flags are affected if a task switch does not occur. The evidence can be seen here from the OP's faulty loop - works at runtime, but fails in debugging mode but then again, it works on revo's debugger. The only logical explanation here lies in the eflags. There's no other possible answer. Hmmm.. |
|||
13 Apr 2016, 16:36 |
|
l_inc 13 Apr 2016, 16:48
system error
This statement in the manual refers to far jump's through a task gate selector (or alternatively TSS). Even if you were willing to cause a task switch with a far jump, you wouldn't be able to do so, because Windows does not create task gates. Quote: The evidence can be seen here from the OP's faulty loop I haven't looked in the source (I probably will do that in the evening), but you'd better not be looking for evidence of impossible things. _________________ Faith is a superposition of knowledge and fallacy |
|||
13 Apr 2016, 16:48 |
|
system error 13 Apr 2016, 16:56
Let's not forget the fact that it runs errant in INT 3 mode.
|
|||
13 Apr 2016, 16:56 |
|
revolution 13 Apr 2016, 16:56
system error: What you explain simply does not happen in Windows (or any well written OSes). There is just no way any task switching will change the programs view of the flags or any other register whether being debugged or not. If this were not the case then programs would be randomly crashing all the time.
|
|||
13 Apr 2016, 16:56 |
|
system error 13 Apr 2016, 17:00
LMAO
|
|||
13 Apr 2016, 17:00 |
|
l_inc 13 Apr 2016, 21:02
There's indeed no reason for the program to crash. Maybe something's misconfigured in OllyDbg or a faulty OllyDbg plugin is installed. From the first post it isn't even clear whether the program crashes or OllyDbg itself. In the former case OllyDbg should catch the exception and show what exact instruction caused it. But the wording "exception occurred at address" rather indicates the latter.
_________________ Faith is a superposition of knowledge and fallacy |
|||
13 Apr 2016, 21:02 |
|
< Last Thread | Next Thread > |
Forum Rules:
|
Copyright © 1999-2024, Tomasz Grysztar. Also on GitHub, YouTube.
Website powered by rwasa.