abnormal program termination turbo c - c

I am trying to run an combined code of C that calling assembly procedure, and I get abnormal program termination message.
Its very simple code, the assembly procedure scans a number and return the result to c.
;main code
#include<stdio.h>
extern long getPnum();
int main()
{
long x;
x = getPnum();
printf("%d", x);
return 0;
}
;getPNum
.MODEL SMALL
.STACK 100H
.DATA
NUM DD 0
.CODE
.386
PUBLIC _getPnum
_getPnum PROC NEAR
PUSH BP
MOV BP,SP
PUSH EAX
PUSH EBX
PUSH ECX
MOV EBX,10
SCAN:
MOV EAX,NUM
MUL EBX
MOV ECX,EAX
XOR EAX,EAX
MOV AH,1
INT 21H
CMP AL,13
JE NEXT
SUB AL,'0'
MOV AH,0
ADD ECX,EAX
MOV NUM,ECX
JMP SCAN
NEXT:
MOV AX,WORD PTR NUM
MOV DX,WORD PTR NUM+2
ADD SP,14
RET
_getPnum ENDP
END
I changed the %d to ld%, and now I get another error: Dimdie error
It's very strange when I run the DEBUGER I return the number through AX DX,and X gets the wrong value
debugger
result scrren
I Changed
ADD SP,14
RET
to
ADD SP,12
POP BP
RET
and now I don't get any errors, but the printed value is incorrect, despite that the returned value trough DX:AX is correct

BP must be restored when you leave the procedure.
Change
ADD SP,14
RET
to
ADD SP,12
POP BP
RET
Better is:
MOV SP, BP
POP BP
RET
BTW: Why do you push a bunch of registers which you don't restore at the end of the function?

Related

Accessing an array from the stack

I am new to assembly programming and trying to write a simple assembly level code where the intention is to send the base address of an array to a stack and access it within a procedure to find out the smallest element The array is a 5 byte array with 5 elements. Unfortunately after passing the address of the array within stack I am unable to access it back through BP register. The code snippet is as below and I am using the 8086 emulator. Any help will be very much appreciated.
START:
MOV AX,#data
MOV DS,AX
;MOV AX,STACK
;MOV SS,AX
;MOV SP,OFFSET TOP_STACK
MOV BX,OFFSET ARRAY
PUSH BX
PUSH BP
MOV BP,SP
MOV BX,[BP+4]
MOV AX,[BX]
Till the second last line I am able to follow the execution and the system is showing the correct address of the data segment. However when the last line executes I expect that the first element of the array will be available ( i.e 10 ) but in reality I get only 0.
Here is the full code:
.stack 100h
.data
ARRAY DB 10H,05H,20H,60H,35H
.code
START:
MOV AX,#data
MOV DS,AX
MOV BX,OFFSET ARRAY
PUSH BX
PUSH BP
CALL PROC1 ; CALLING POINT OF THE PROCEDURE
MOV AH,4CH
INT 21H
PROC1 PROC NEAR
MOV BP,SP
MOV BX,word[BP+3] ; ARRAY BASE ADDRESS
XOR AX,AX
MOV AL,BYTE[BX]
MOV CX,04
SMALL:
MOV AH,BYTE[BX]
CMP AL,AH
JG SWAP
INC BX
LOOP SMALL
JMP EXITPROC
SWAP:
MOV AL,AH
INC BX
JMP SMALL
EXITPROC:
POP BP
POP BX
RET
PROC1 ENDP
CODE ENDS
END START

Interaction with array results in a segfault

I'm trying to implement a simple addition calculator, but I'm not able to store the input in my array. I'm trying to read char by char because I want to use it later to implement a backend for my B compiler (which has the getchar function that reads char by char from stdin). My code is the fallowing:
segment .data
numb db 0, 0, 0, 0
indx db 0
char db '0'
newl db 0ah
msg1 db 'enter a number: '
len1 equ $ - msg1
segment .text
global _start ; defines the entry point
print: ; push msg; push len
pop eax ; removes caller address from stack
pop edx ; gets length
pop ecx ; gets msg
push eax ; pushes CA to stack again
mov ebx , 01h ; tells that it's an output call
mov eax , 04h ; system call (write)
int 80h ; calls it
ret
getc: ; push add; push len
pop eax ; removes caller address from stack
pop ecx ; gets ouput addrress
push eax ; pushes CA to stack again
mov edx , 01h
mov ebx , 00h ; tells that it's an input call
mov eax , 03h ; system call (read)
int 80h ; calls it
ret
exit:
mov ebx , 0 ; sets exit code
mov eax , 01h ; system call (exit)
int 80h ; calls it
_start:
push msg1
push len1
call print
read:
push char
call getc
mov eax , numb
add eax , indx
mov [eax], dword char
inc byte [indx]
mov eax , char
cmp eax , newl
jne read
jmp exit ; exits program
for now I'm just trying to store the input, because I got segfaults from the complete code, so I started stripping off code until I found the error cause.
You probably don't want to insert the newline in the array, so start with checking for the newline:
read:
push char
call getc
mov al, [char]
cmp al, 10
je done
Then load the byte-sized index in an address register, remembering that AL already contains the datum, so pick another register than EAX. Also, instead of adding the array address numb and the index indx yourself, let the CPU do that for your with an addressing mode that has a displacement component ([numb + ebx]):
movzx ebx, byte [indx]
mov [numb + ebx], al
inc byte [indx]
jmp read
done:
jmp exit
There's also the possibility to define the index indx as a dword with indx dd 0. Then the code becomes:
read:
push char
call getc
mov al, [char]
cmp al, 10
je done
mov ebx, [indx]
mov [numb + ebx], al
inc dword [indx]
jmp read
done:
jmp exit
The lesson here is that NASM is different from MASM in how you address memory:
MASM
mov eax, offset MyVar ; Load address of MyVar
mov eax, MyVar ; Load value stored in MyVar
NASM
mov eax, MyVar ; Load address of MyVar
mov eax, [MyVar] ; Load value stored in MyVar

Mixing C and Assembly

I'm doing a program in assembly to read a disk through ports (0x1f0-0x1f7) and I'm mixing it with c. I have a function in assembly that I will call in my c main funtion. My main function as 1 parameter: sectors to read:
Kernel.c
extern int _readd(int nmrsector);
(...)
int sector = 257;
int error = _readd(sector);
if(error == 0) PrintString("Error"); //It is declared on my screen.h file
disk.asm
global _readd
_readd:
push eax
push ebx
push ecx
push edx
push ebp
mov ebp, esp
mov eax, [ebp+8]
mov ecx, eax
cmp ecx, 256
jg short _fail
jne short _good
_fail:
xor eax, eax
leave
ret
_good:
xor eax, eax
mov eax, 12
leave
ret
It crashes when run it with VirtualBox. Any ideas?
If you save CPU registers when you enter a function, you need to restore them when you are finished. Your PUSHs need to be matched with POPs.
Also, if you use a stack frame to access local variables and parameters, setup the frame (push ebp ; mov ebp, esp) before everything, so you can more easily refer to them. Here [ebp+8] doesn't refer to a parameter, because you alter the stack before setting up the frame.

Initialize char[] fails, esi contains wrong value

I want to initialize a char array, but during I do this my programm crashes. Here's my code:
void kernelEnteredMsg() {
char str[] = "Kernel successfully entered!";
}
Here's the disassembly:
push ebp
mov ebp,esp
push edi
push esi
push ebx
sub esp,byte +0x30
lea edx,[ebp-0x2d]
mov ebx,0x402000 ; load an address outside my data segment
mov eax,0x1d
mov edi,edx
mov esi,ebx ; move this address to edi
mov ecx,eax
rep movsb ; here the programm crashes
add esp,byte +0x30
pop ebx
pop esi
pop edi
pop ebp
ret
I don't understand why it loads esi with 0x402000. But this seems to cause the error. Can somebody explain what happens here and how to fix it?
PS: "Kernel successful entered!" is at 0x1000 in binary file.
C code:
void kernelEnteredMsg();
void entryPoint() {
kernelEnteredMsg();
}
void kernelEnteredMsg() {
char str[] = "Kernel successfully entered!";
int size = 28;
}
Calling assembly code:
extern _entryPoint
global _main
section .text
_main: ; start of kernel
nop
; setup ds, es, ss and gs
mov ax, 16
mov ds, ax
mov es, ax
mov ss, ax
mov sp, 0x4000
mov ax, 24
mov gs, ax
mov [gs:0], dword 0x07690748 ; test graphics
call _entryPoint ; enter kernel C code
jmp $
This code does copy the string from the .text section to the local stack, because the char array is not 'const'. This may provide a simple solution if you do not need the string to be modified - just make it const char.
I don't understand why it loads esi with 0x402000.
ESI is the source of the string copy instruction 'rep movsb', EDI is the destination.
The address is constructed by IMAGE_BASE+SECTION (IIRC) in the PE file(assuming it is PE.)
Remember in the file there is a FILE_ALIGN and a SECTION_VIRTUAL_ADDRESS, so a section may be
at position 0x1000 in the file(FILE_ALIGN) and at 0x2000 in memory(VIRTUAL_ADDRESS) resulting in IMAGE_BASE+VIRTUAL_ADDRESS=0x402000.
You can use a PE explorer like CFF Explorer(http://www.ntcore.com/exsuite.php)
to display this(if it's a .bin file it may be unapplicable but it has to have some kind of format)
Another possibility may be a wrong state of the DF-Flag leading to wrong behaviour of the string copy instruction (should not happen, because the compiler should take care of this).
Try inserting
__asm__ ("cld");
before the char str[] or in the __main procedure to set string increment to 'UP'.

When replacing keyboard interrupt (Interrupt 9) scanf doesn't appear to accept input [duplicate]

This question already has an answer here:
How to prevent duplicate chars when I press keys on the keyboard
(1 answer)
Closed 4 years ago.
I'm writing the main program in Turbo-C and the functions are in assembly. My code is as follows:
lastc.c:
#include <stdio.h>
#include <dos.h>
#include <string.h>
extern void eliminate_multiple_press(); // save old function adress in 32bit pointer
// setvect , add new function to inturupt 9
extern void uneliminate_multiple_press(); // restore old function to inturupt 9
int main()
{
char *str;
eliminate_multiple_press();
printf("Enter a string:\n");
scanf("%s",str);
printf("the string you entered:\n");
printf("%s\n",str);
uneliminate_multiple_press();
return 0;
}
lasta.asm:
.MODEL LARGE
PUBLIC _eliminate_multiple_press
PUBLIC _uneliminate_multiple_press
.STACK 100H
.DATA
INT9SAVE DD ?
hexa_code db 0
scan_code db 0
.CODE
KEY_HANDLER PROC FAR
PUSH AX
MOV AH,0
int 16h
mov scan_code,ah
mov hexa_code,al
POP AX
iRET
KEY_HANDLER ENDP
;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
_eliminate_multiple_press PROC FAR
PUSH AX
PUSH ES
MOV AX,0
MOV ES,AX
;INT9SAVE = GETVECT(9);
MOV AX,ES:[9*4] ; **ax=c1 hex =193 dec**
MOV WORD PTR INT9SAVE,AX
MOV AX,ES:[9*4+2] **ax=15c7 hex = 5575 dec**
MOV WORD PTR INT9SAVE+2,AX
;SETVECT(9,KEY_HANDLER);
CLI
MOV WORD PTR ES:[9*4],OFFSET KEY_HANDLER ; **ES stays 0**
MOV WORD PTR ES:[9*4+2],SEG KEY_HANDLER ; **ES stays 0**
STI
POP ES
POP AX
RET
_eliminate_multiple_press ENDP
;SETVECT(9,INT9SAVE);
_uneliminate_multiple_press PROC FAR
PUSH ES
PUSH AX
MOV AX,0
MOV ES,AX
CLI
MOV AX,WORD PTR INT9SAVE
MOV ES:[9*4],AX
MOV AX,WORD PTR INT9SAVE+2
MOV ES:[9*4+2],AX
STI
POP AX
POP ES
RET
_uneliminate_multiple_press ENDP
END
I can compile the files without error using this command:
tcc -ml -r- lastc.c lasta.asm
The goal of this code is to eliminate multiple (duplicate) key presses on the keyboard. If I type this sequence of characters:
334ffffghjjjj of my keyboard
The output on the screen should be
34fghj
The Problem
When I run the program lastc.exe it gets stuck at printf("enter a string:\n");. I guess I'm having a problem changing Interrupt 9h interrupt service routine to my new function key_handler
Function key_handler is not complete but at least it should END the function and continue to the end of the code
Why does my program appear to be doing nothing when the scanf is called?
Why are eliminate_multiple_press and uneliminate_multiple_press declared as interrupt handlers? They should be normal functions with a return of RET. They are being called as functions and are not intended as responses to an interrupt.
In your C program then:
extern void eliminate_multiple_press(); // save old function adress in 32bit pointer
// setvect , add new function to inturupt 9
extern void uneliminate_multiple_press(); // restore old function to inturupt 9
And your assembly, RET instead of IRET. And you don't need to save so many registers:
_eliminate_multiple_press PROC FAR
push ES
push AX
MOV AX,0
MOV ES,AX
;INT9SAVE = GETVECT(9);
MOV AX,ES:[9*4] ; **ax=c1 hex =193 dec**
MOV WORD PTR INT9SAVE,AX
MOV AX,ES:[9*4+2] **ax=15c7 hex = 5575 dec**
MOV WORD PTR INT9SAVE+2,AX
;SETVECT(9,KEY_HANDLER);
CLI
MOV WORD PTR ES:[9*4],OFFSET KEY_HANDLER ; **ES stays 0**
MOV WORD PTR ES:[9*4+2],SEG KEY_HANDLER ; **ES stays 0**
STI
POP AX
POP ES
RET
_eliminate_multiple_press ENDP
;SETVECT(9,INT9SAVE);
_uneliminate_multiple_press PROC FAR
PUSH ES
PUSH AX
MOV AX,0
MOV ES,AX
CLI
MOV AX,WORD PTR INT9SAVE
MOV ES:[9*4],AX
MOV AX,WORD PTR INT9SAVE+2
MOV ES:[9*4+2],AX ; Was "[27*4+2]" which is incorrect.
STI
POP AX
POP ES
RET
_uneliminate_multiple_press ENDP
An End Of Interrupt (EOI) is a signal sent to a Programmable Interrupt Controller (PIC) to
indicate the completion of interrupt processing for a given interrupt.
mov al,020h ; =EOI
out 020h,al

Resources