flat assembler
Message board for the users of flat assembler.

Index > Windows > My program linked to kernel32 crashes, why?

Author
Thread Post new topic Reply to topic
Plue



Joined: 15 Dec 2005
Posts: 151
Plue
First of all, yes, I need to use a COFF file.

Here is my program:
Code:
format MS COFF

extrn _ExitProcess
public _mainCRTStartup

start:

push 0
call _ExitProcess

_mainCRTStartup dd start
    


Then I type
> fasm test.asm
> polink test.obj kernel32.lib (or ld test.obj kernel32.lib)
> test.exe (or a.exe if I used ld)

Why does my exe crash at offset 00003007?

_________________
Roses are red
Violets are blue
Some poems rhyme
And some don't.
Post 26 Oct 2006, 16:58
View user's profile Send private message Reply with quote
f0dder



Joined: 19 Feb 2004
Posts: 3170
Location: Denmark
f0dder
Try disassembling the executable. It would seem to me you use a weird import library, or are calling the wrong symbol. Are you, per chance, using import libraries from mingw32 or other GNU tools?
Post 26 Oct 2006, 18:50
View user's profile Send private message Visit poster's website Reply with quote
Plue



Joined: 15 Dec 2005
Posts: 151
Plue
I don't know where I got the import library Embarassed , but I tried with another import library (which should be good) and now I get an undefined reference to _ExitProcess. So there maybe is something with the import libraries, but I can't figure out what.
Post 26 Oct 2006, 19:23
View user's profile Send private message Reply with quote
Plue



Joined: 15 Dec 2005
Posts: 151
Plue
I replaced _ExitProcess with _ExitProcess@4 and then it linked against the other import library (which I'm sure is not broken, although it could be in the wrong format), but the program still crashes at the same offset.

Edit: The above applies only to polink (which I think made this import library) and not to ld, which tells me there's an undefined reference to ExitProcess@4.

Edit: Tried yet another import library (from the windows xp DDK) and the behaviour is exactly the same as with the polink library.


Last edited by Plue on 26 Oct 2006, 19:31; edited 1 time in total
Post 26 Oct 2006, 19:25
View user's profile Send private message Reply with quote
f0dder



Joined: 19 Feb 2004
Posts: 3170
Location: Denmark
f0dder
Ah, on closer glance: "_mainCRTStartup dd start" looks suspicious to me... Add a "_mainCRTStartup" right after/before your "start" label instead. Have a look at your disassembly to see why Smile

Code:
.flat:00401000    _flat           segment para public 'CODE' use32
.flat:00401000                 ;org 401000h
.flat:00401000                 assume es:nothing, ss:nothing, ds:nothing, fs:nothing, gs:nothing
.flat:00401000 6A 00           push    0
.flat:00401002 E8 F9 0F 00 00  call    ExitProcess
.flat:00401007
.flat:00401007                 start:
.flat:00401007 00 10           add     [eax], dl
.flat:00401009 40              inc     eax
.flat:004011FE    _flat           ends
    
Post 26 Oct 2006, 19:28
View user's profile Send private message Visit poster's website Reply with quote
Plue



Joined: 15 Dec 2005
Posts: 151
Plue
Thank you, I now think I understand why it breaks, but I don't know how to fix it. How can I create a "public label"?

Edit: Got it:
Code:
public _mainCRTStartup
_mainCRTStartup:    


Thanks a lot for helping me.
Post 26 Oct 2006, 19:38
View user's profile Send private message Reply with quote
vid
Verbosity in development


Joined: 05 Sep 2003
Posts: 7105
Location: Slovakia
vid
also try to go without kernel32.lib. Something like this:
Code:
format MS COFF

extrn "__imp__ExitProcess@4" as ExitProcess:dword
public _mainCRTStartup 

_mainCRTStartup:
push 0 
call [ExitProcess]     
Post 26 Oct 2006, 20:01
View user's profile Send private message Visit poster's website AIM Address MSN Messenger ICQ Number Reply with quote
Plue



Joined: 15 Dec 2005
Posts: 151
Plue
That looks good, is the performance the same? (Something tells me it's one extra memory reference?)
Post 27 Oct 2006, 14:21
View user's profile Send private message Reply with quote
Goplat



Joined: 15 Sep 2006
Posts: 181
Goplat
actually if you do "call _ExitProcess@4", that calls a stub function that does "jmp [__imp__ExitProcess@4]". So you actually save a memory access by doing the indirect call directly.
Post 27 Oct 2006, 18:54
View user's profile Send private message Reply with quote
Plue



Joined: 15 Dec 2005
Posts: 151
Plue
Thank you, then I will do it indirectly directly. (Whatever!)
Post 27 Oct 2006, 20:01
View user's profile Send private message Reply with quote
vid
Verbosity in development


Joined: 05 Sep 2003
Posts: 7105
Location: Slovakia
vid
Quote:
indirectly directly

hehe, well said :]
Post 27 Oct 2006, 21:05
View user's profile Send private message Visit poster's website AIM Address MSN Messenger ICQ Number Reply with quote
Display posts from previous:
Post new topic Reply to topic

Jump to:  


< Last Thread | Next Thread >
Forum Rules:
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum


Copyright © 1999-2020, Tomasz Grysztar. Also on YouTube, Twitter.

Website powered by rwasa.