Answer the question
In order to leave comments, you need to log in
How can I match the memory address to the program code of a loaded DOS program?
There is a rather large project that crashes with an error:
But how to match CS:IP with the code of the disassembled program? As far as I understand, the segment registers change their value after the program is loaded from the binary into the computer's memory in accordance with the initial load address? If so, then the main question is how to find this offset?
The program runs on a controller with an 80186 processor under the MiniOS7 operating system - a clone of MS DOS. If the offset is the same, is it possible to output the current value of CS in an arbitrary function and compare it with the CS for that function in the disassembled program? And then look at what data is adjacent to this area and thus understand the place of memory impairment. That's right?
[Unknown code]CS:IP=C031:7AA1=006E SS:SP=09B4:06D4 DS=4441 ES=CD I'm still learning about
assembler, so I'm asking for experienced advice. As far as I understand, the error appeared, because. register IP got to a cell with a value that does not correspond to possible machine commands. The project is written in C++ and is compiled without warnings, i.e. no memory violations were detected by the compiler. The only explanation I see is going beyond the array (or the like) and, as a result, overwriting a section of code with recorded data.
Answer the question
In order to leave comments, you need to log in
Converting a 32-bit address "segment:offset" into a 20-bit linear address using the formula "segment * 16 + offset" was invented in order to be able to load code and data fragments into almost any memory area without losing on fragmentation and at the same time keep the offset equal to what it was at the compilation stage, and vary when loading only the segment register. So the shift in principle should be preserved.
Another thing is that the C031 segment itself is very strange - in the classical architecture it is already outside the main RAM. So, either MiniOS has a different memory organization scheme, or your program, as a result of a logic violation or stack / code distortion, jumped / called / returned to an unintended memory area, such as ROM or a video buffer, which immediately caused an exception. In this case, the CS:IP address itself does not say anything - you need to know where the execution point was one step earlier.
Regarding the second question: honestly, I don’t know if it is possible in C ++ to find out the current CS: IP, but in Assembler, a near or far call was usually made to the address located directly by the following code, and then the CS: IP values \u200b\u200bput on the stack by this call were read regular POP :
call far x
x:
pop di
pop es
Didn't find what you were looking for?
Ask your questionAsk a Question
731 491 924 answers to any question