Why does stepping every instruction crashes while launching the program works? [debugging]

I'm trying to follow the execution instructions of a simple program I compiled with C++ (it calculates some prime numbers then exits) in a debugger (ollydbg) but I have several questions:

  • Why the first instruction isn't the entry point of the "CODE" section? It is different
  • As soon as I "step over" a few instructions the debugger crashes and writes "Single step event at ntdll.someaddress, press shift+F7/F8/F9 to pass the exception to the program" and crashes. If I run the program without stepping the instructions it works fine and the program loads without problems

Why does this happen? This doesn't happen only with my program but with several others (almost every other 32 bit exe in my system)

Answers


If you're running OllyDbg under a 64-bit OS, that I believe you are out of luck, because OllyDbg doesn't support x86-64 Windows, not even as a debugger used to debug 32-bit apps. See this forum thread, it's from 2006, but I don't thing anything has changed since that. What they suggest is using a different debugger, for example the 64-bit version of WinDbg (which is a great debugger).

Why the first instruction isn't the entry point of the "CODE" section? It is different

You can set this in OllyDbg: Options - Debugging options - Events - "Make first pause at". You can start at the "system breakpoint", which is located in ntdll and is called even before the starting module's entry point is called.


Need Your Help

Play audio after recording using Phonegap 2.9 and iOS7

audio cordova media ios7 record

I'm having problem with Phonegap 2.9 and iOS7. Using the Media API, the recording works, but the file seems to be blocked (even after using release()) and I can't play it. The same script works fin...

To have an Integer pointing to 3 ordered lists in Java

java sorting merge data-structures

Which datastructure would you use in the place of X to have efficient merges, sorts and additions as described below?