now ollydbg has a big bug,
1,load target.
2,press f9
3.and now press f12
crash ollydbg, hoo!

OS:winxp pro sp1, ollydbg 1.10(May.23.2004)

Same problem for me :-(

OS: also winxp pro sp1 ollydbg 1.10 final beta

And now i found another bug,
open ollydbg 1.1
select file-->attach,
attach a process,at this time,press f9,
crash ollydbg too!

OllyDbg crashes only with OllyScript (v0.85 - Compiled May 23 2004 22:18:32) OS: Win2k SP4 OllyDbg v1.10

Call stack of main thread
Address Stack Procedure / arguments Called from Frame
0012E000 00496BB4 Maybe OllyScri._ODBG_Pausedex OLLYDBG.00496BAE 0012E020
0012E024 00434466 OLLYDBG.00496B84 OLLYDBG._Suspendprocess+1D1 0012E020
0012E028 00000001 Arg1 = 00000001
0012E02C 00000000 Arg2 = 00000000
0012E030 00000000 Arg3 = 00000000
0012E034 00000000 Arg4 = 00000000
0012E050 0043212C OLLYDBG._Suspendprocess OLLYDBG.00432127 0012E04C
0012E054 00000001 Arg1 = 00000001

040145C0 /$ 83EC 54 sub esp,54
040145C3 |. 56 push esi
040145C4 |. 8B7424 68 mov esi,dword ptr ss:[esp+68]
040145C8 |. 57 push edi
040145C9 |. 83C6 0C add esi,0C
040145CC |. B9 15000000 mov ecx,15
040145D1 |. 8D7C24 08 lea edi,dword ptr ss:[esp+8]
040145D5 |. F3:A5 rep movs dword ptr es:[edi],dword ptr ds:[esi]
040145D7 |. 8B0D 14D90204 mov ecx,dword ptr ds:[402D914]
040145DD |. E8 BE07FFFF call OllyScri.04004DA0
040145E2 |. 83F8 03 cmp eax,3
040145E5 |. 5F pop edi
040145E6 |. A3 40E90204 mov dword ptr ds:[402E940],eax
040145EB |. 5E pop esi
040145EC |. 75 19 jnz short OllyScri.04014607
040145EE |. 817C24 58 84000000 cmp dword ptr ss:[esp+58],84
040145F6 |. 75 0F jnz short OllyScri.04014607
040145F8 |. 8B0424 mov eax,dword ptr ss:[esp]
040145FB |. 8B0D 14D90204 mov ecx,dword ptr ds:[402D914]
04014601 |. 50 push eax
04014602 |. E8 0908FFFF call OllyScri.04004E10
04014607 |> 33C0 xor eax,eax
04014609 |. 83C4 54 add esp,54
0401460C \. C3 retn

eip=040145D5
ecx=00000015 (decimal 21.)
ds:[esi]=[0000000C]=???
es:[edi]=stack [0012DFAC]=00000000
OllyScri._ODBG_Pausedex+15

You mean ALL the above crashes are because of OSC? If you remove it all is ok?

There's another starting thread about this subject

h--p://www.exetools.com/forum/showthread.php?t=4339

A temporary bugfixed version is uploaded to the OllyScript site. Please test it, I didn't have time (should work though).

I´ve got the same prob with Olly.
1.Load Executable
2. F9 to Run
3. F12 to Pause
4. Olly Crash

Prob is since 1.10c

1.10b work fine

[OS]
Win2kSP3

0llyScript 0.85
http://ollyscript.apsvans.com/getPlugin.php?ver=08 ("http://ollyscript.apsvans.com/getPlugin.php?ver=08")

and OllDbg 1.10 - preliminary release
http://home.t-online.de/home/Ollydbg/odbg110.zip
("http://home.t-online.de/home/Ollydbg/odbg110.zip
")


Work fine.

0llyScript 0.85 (Compiled May 25 2004) works fine...

anther bug in OllyDbg 1.10 - preliminary release...
Enabled OllyDbg security option “Allow code injection to get address of WinProc” randomly produces an error message “Unexpected event 00000006 in injected code. Debugged program may get unstable, please reload it as son as possible.”

Greetings,


Enabled OllyDbg security option “Allow code injection to get address of WinProc” randomly produces an error message “Unexpected event 00000006 in injected code. Debugged program may get unstable, please reload it as son as possible.”


Well it may be due to the nature, the injector code is implemented.
I've written lengthy explanations on the side effects in other thread some time ago (mainly conversation with "oh me anon" to explain why code injection sometimes fail).

In short: the injector code synchronizes its execution with the debugger with INT3's (produce EXCEPTION_DEBUG_EVENT + EXCEPTION_STATUS_BREAKPOINT).
If the debugger encounters any other event code while waiting for injector sync points, like LOAD_DLL_DEBUG_EVENT (0x6) in this case, it assumes something went wrong (it expected EXCEPTION_DEBUG_EVENT).

You might look into debugger log which module gets loaded on demand or enable "break on dll load" to catch this case.

The exercise is left to the author, which API call demands the load of additional dll in injector code.

Regards,

A. Focht

to focht: Thanks to your detailed info.