Return Styles: Pseud0ch, Terminal, Valhalla, NES, Geocities, Blue Moon.

Pages: 1-4041-

Handling Segfaults

Name: Anonymous 2016-09-09 22:18

What is the most portable way to catch segfaults together with their addresses and then resuming at the place where it happened? I.e. to handle array out of bounds exception by expanding array.

I know it is done with signal() on POSIX and with SetUnhandledExceptionFilter() on Windows. But you cant define signal() for Windows, because it has its own stripped down version, useful only for the purpose of handling CTRL-C.

Both don't signal() and SetUnhandledExceptionFilter() have no means of recovering from error.

Name: ANDRU 2016-09-10 1:38

https://medium.com/@ashevat/common-bot-misconceptions-ad499444058a

https://groups.google.com/d/msg/comp.ai.nat-lang/UIqpSF6o3_U/SdHDnMVsDwAJ

http://mind.sourceforge.net/theory5.html

http://ai.neocities.org/mindforth.txt

Name: Cudder !cXCudderUE 2016-09-10 2:59

It's not signal() you want, it's sigaction(). Only the latter gives you the context structure which has all the details you need. But POSIX doesn't mandate that SIGSEGV is resumable.

Name: Anonymous 2016-09-10 7:47

I.e. to handle array out of bounds exception by expanding array.
By using variable arrays or malloc:
https://gcc.gnu.org/onlinedocs/gcc/Variable-Length.html

Name: Anonymous 2016-09-10 8:46

array out of bounds
array out of bounds
array out of bounds
WTF am I reading? Static type systems have already removed the need for any array bounds ever being violated.

Name: Anonymous 2016-09-10 8:56

>>5
Type-systems are snake oil and can't check arrays for bound violation, especially when index is computed at realtime.

MMU does memory protection anyway, so it can as well check array bounds for me. Wasting several kilobytes is okay, when arrays are large enough and you're debugging.

Name: Anonymous 2016-09-10 9:42

C-dder is all talk and no action.

Name: Anonymous 2016-09-10 9:44

>>6
http://okmij.org/ftp/Haskell/eliminating-array-bound-check.lhs

Name: Anonymous 2016-09-10 9:46

>>6
when arrays are large enough and you're debugging
And then you get a crash when not debugging because debugging can never prove the absence of errors.

Name: Anonymous 2016-09-10 9:48

Don't fear our local genius already solve the problem
https://gist.github.com/FrozenVoid/332e571b9ca42b2e8e97

Name: Anonymous 2016-09-10 9:55

>>8
You will still have to check the index at some stage to prove that I+1 < N. There is just no way to otherwise know that some index coming from user input or from Internet conforms to the type. So now you have two problems: bounds checks and obscure constructs, you think are helping to reduce checks.

Name: Anonymous 2016-09-10 11:45

>>11
Of course you have to check 'em. The thing static typing gives you is being sure that everywhere you get an element of an array, the bounds were duly checked so there is NO POSSIBILITY of having an out-of-bounds exception at runtime.

Name: Anonymous 2016-09-10 18:15

>>10
array[i*(i<ARRAY_SIZE)] and set Array[0] to dummy value
WOW! What is the point of doing that? Saboteur wants to hide the bug, so it will get unnoticed into production?

Name: Anonymous 2016-09-10 21:27

Wrote that:
https://github.com/saniv/symta/blob/master/runtime/w/sigaction.c

Name: Anonymous 2016-09-11 20:43

Just found about https://en.wikipedia.org/wiki/Intel_MPX

appears to be hardware support for boundary checks on any array. Yet is was introduced in 2015, so we need 10 years, before it becomes widespread enough.

Name: Anonymous 2016-09-12 0:28

>>6
Wrong

>>15
Useless

Name: Anonymous 2016-09-12 9:46

>>16
Useless
Why if it works?

Name: Anonymous 2016-09-12 10:49

>>5
WTF am I reading? Static type systems have already removed the need for any array bounds ever being violated.

What if I want my array bounds to be consensually violated? Don't kink shame, please!

Name: Anonymous 2016-09-12 11:11

You can do exception handling in Windows using Structured Exception Handling, or using Vectored Exception Handling (NT only). Most of the time, you'll either want to compiler to generate the code for you using __try/try or catch/__catch. Can't say this is portable, but you can make some shims or compatibility layers that would work on both Windows and POSIX. Or you could use C++, which has support for exception handling natively, for all its other faults.

Name: Anonymous 2016-09-12 11:27

Also you can return the handler you set in SetUnhandledExceptionFilter, look at:

The filter function has syntax congruent to that of UnhandledExceptionFilter: It takes a single parameter of type LPEXCEPTION_POINTERS, and returns a value of type LONG. The filter function should return one of the following values:
EXCEPTION_EXECUTE_HANDLER - Return from UnhandledExceptionFilter and execute the associated exception handler. This usually results in process termination.
EXCEPTION_CONTINUE_EXECUTION - Return from UnhandledExceptionFilter and continue execution from the point of the exception. Note that the filter function is free to modify the continuation state by modifying the exception information supplied through its LPEXCEPTION_POINTERS parameter.

Returning EXCEPTION_CONTINUE_EXECUTION in the handler would allow you to resume execution, and if you modify EXCEPTION_POINTERS structure passed to the handler (which has context and exception record, which lets you see what the exception was, as well as the state of the process (registers and more) when it crashed), you can even change the context, stack or return address and then continue.

Please be aware that the toplevel handler set in SetUnhandledExceptionFilter does not play well with debuggers that implement debugging facilities using standard WINAPI debugger API (there are other ways of implementing debuggers as well), so you might be better off doing what I said in >>19.

Name: Anonymous 2016-09-12 11:53

>>5
no they havent.. are you serious right now?

Has anyone noticed a whole bunch of new users that don't understand programming languages very well?

I don't mean this as an insult to >>5 if you'd like to stick around and learn you're welcome it's just quite strange i wonder where /prog/ was linked!

Name: Anonymous 2016-09-12 12:13

>>19
author wants his array accesses to be fast
C++
no, thanks.

Name: Anonymous 2016-09-12 12:23

>>22
Was just a suggestion, compatibility shims with #ifdef's will likely give >>1 what he needs, but he'll need to write new code for every OS he wants to support. What >>1 won't get will be actual safety, if his code actually goes out of bounds, that could be an exploitable vulnerability, such as a heap or stack overflow, and without bounds checking done by the language compiler or runtime or much more rarely, the hardware, if he gets as far as throwing an exception, things have already gone pretty wrong, and someone might be able to redirect code execution to anything they want.

Name: Anonymous 2016-09-12 13:37

>>23
Actually, major issue is that page traps are usable only for large arrays. If you have
int foo(void *data, data_size) {
if (data_size != expected_size)
{...annoying and expensive boilerplate...}
process(data);
}

then there is no way to eliminate the expensive data_size != expected_size check, without Intel MPX extensions.

Name: Anonymous 2016-09-12 17:08

>>15
x86 CPUs already had that feature. It was called segments.

The C language made them hard to use.

Name: Anonymous 2016-09-12 17:32

>>25
You need kernel driver to expose segments for user space. There is no standard API or any library at for them.

Also, x86 bound instruction is rubbish
https://godoc.org/rsc.io/tmp/bound
using BOUND is 9x slower than using CMP

i.e. it is here just for compatibility purposes.

Name: Anonymous 2016-09-12 19:30

>>26
BOUND could be a one-cycle instruction if Intel didn't force the operands to be in memory.

Name: Anonymous 2016-09-15 18:40

I found it to be harder that I thought, because there is just no way to restore execution without ucontext_t on Unix and PCONTEXT on Windows. Although one can express sigaction's ucontext_t through PCONTEXT, their data are non-portable even across Linux systems. I.e. instruction pointer could be called PC, IP, Rip, Eip, etc...

What a bullshit! Why there is still no portable context library? Pthreads wont help handling segfault either and are no pthreads on Windows.

Name: Anonymous 2016-09-15 19:07

>>28

Also, -fno-asynchronous-unwind-tables for some reason prevents SetUnhandledExceptionFilter from functioning properly. Probably because GCC secretly setups some handlers of its own, expecting unwind tables to be present. I when it cant find them, it crashes inside of exception handler. One more reason why GCC is a confusing crap.

Name: Anonymous 2016-09-15 20:20

>>29

My assumption was correct. Disassembling hello-world exe compiled with GCC exposes that large chunk of executable deals with catching exceptions, even if I haven't asked for that. And one can't avoid that without switching to custom libc. So much unasked for bloat!

Name: Anonymous 2016-09-15 20:22

>>30
And this bloat also appears to be part of compatibility with Java:
https://gcc.gnu.org/wiki/WindowsGCCImprovements

Name: Anonymous 2016-09-15 22:21

Ok. I've decided to throw in my own libc, calling directly into kernel32.

Name: Anonymous 2016-09-15 22:44

>>32
How exactly do you do that? Is there a header file for kernel32, or do you have to do everything in asm?

Name: Anonymous 2016-09-16 8:10

>>33
#include <windows.h>
+ a linker directive I don't remember now should be enough to give you access to kernel32 functions

Name: Anonymous 2016-09-16 8:11

or maybe you don't need a linker directive, I'm not sure. IIRC everything that runs on windows has kernel32.dll linked

Name: Anonymous 2016-09-16 11:29

>>31
Improvements

Name: Anonymous 2016-09-18 11:20

>>33
You can implement your own printf and fopen. Anyway, in my case that wont help, because SetUnhandledExceptionFilter requires UNWIND_INFO structs to be generated by compiler, and I wanted to get away without them, because unwind tables greatly increase code size and reside in .xdata section, which has to be loaded into memory. Probably one can add his own .xdata just enough so that top level exception handler will work. All this bloated nonsense is required to maintain compatibility with C++ code, even if you don't use C++ or exceptions.

https://msdn.microsoft.com/en-us/library/ft9x1kdx.aspx?f=255&MSPPError=-2147217396
https://msdn.microsoft.com/en-us/library/ddssxxy8.aspx

Name: Anonymous 2016-09-19 23:01

>>37
Why does it matter if you put a hundred kb of unused data into your binary? Are you running a 386 computer with 16mb of RAM?

Name: Anonymous 2016-09-20 0:23

>>38
Are you running a 386 computer with 16mb of RAM?
Are you not?

Name: Anonymous 2016-09-20 2:26

>>35
No Kernel32:
format PE GUI
section '.text' code readable executable
push 0
push _caption
push _message
push 0
call [MessageBoxW]
call [exit]
_caption dw 0x2764, 0x2764
_message dw 0x2764, 0x00
_exit db 0, 0, 0x65, 0x78, 0x69, 0x74, 0
_MessageBoxW db 0, 0, 0x4D, 0x65, 0x73, 0x73, 0x61, 0x67, 0x65, 0x42, 0x6F, 0x78, 0x57, 0
_libc db 'MSVCRT.DLL', 0
_user32 db 'USER32.DLL', 0

section '.idata' import data readable
dd 0, 0, 0, RVA _libc, RVA libc_table
dd 0, 0, 0, RVA _user32, RVA user32_table
dd 0, 0, 0, 0, 0

libc_table:
exit dd RVA _exit, 0
user32_table:
MessageBoxW dd RVA _MessageBoxW, 0

Name: Anonymous 2016-09-20 4:47

>>40
Kernel32/User32/Crss/Gdi32 is just a layer over
https://en.wikipedia.org/wiki/Native_API

Name: Anonymous 2016-09-20 6:05

>>38
Exceptions-related boilerplate slow down startup time and pollute CPU caches.

Name: Anonymous 2016-09-20 6:10

>>42
Only GCC hacks to emulate SEH, SEH is zero-cost itself.
https://stackoverflow.com/questions/15670169/what-is-difference-between-sjlj-vs-dwarf-vs-seh

Name: Anonymous 2016-09-20 6:12

>>41

In other words you have Python, which has bindings to C++/Boost, which wraps over libc, which wraps over kernel32, which wraps over ntdll, which wraps over ntoskrnl.exe, which wraps over device drivers, which wrap over some virtualization framework or Wine running on some OSX or Linux or even Windows. And so ad infinitum.

Name: Anonymous 2016-09-20 6:18

>>44
Not only that consider the complexity of CPUs executing microcode programs and firmware
https://github.com/jbangert/trapcc

Name: Anonymous 2016-09-20 8:27

>>42
Have you numbers to show me the difference? I suspect the difference is about 1000 cpu cycles in unneeded overhead and 1000 instances of cache misses for each time you run the program.

Name: Anonymous 2016-09-20 14:48

>>46

depends on how you use the executable. If you use it in a tight bash loop, then it counts or it is huge highly used executable, like Firefox, half of which consists of boilerplate.

Name: Anonymous 2016-09-20 19:31

>>40
Great job turbonerd, everyone now knows what a whizkid you are with your little shitsembler. Wow, no one cares! We were clearly talking about C, and the only thing you have shown is that you have nothing to offer anyone and you're going to die alone. Get a life, loser.

Name: Anonymous 2016-09-20 19:48

>>48
Rude.

Name: Anonymous 2016-09-20 20:51

>>41
RtlAdjustPrivilege
lol

Name: Anonymous 2016-09-20 21:27

>>49
I'm rude? >>40 chan just whipped out his cock and started beating off to his own self-image right in front of us. He's the rude obe!

Name: Anonymous 2016-09-21 7:44

>>48
you know it's disassembled C code, right? IHBT?

Name: Anonymous 2016-09-22 16:23

>>9
So you just run everything in debug mode. G-d, sometimes I think everyone but me is retarded.

Name: Anonymous 2016-09-22 16:54

>>53
Debug mode adds bloat.

Name: Anonymous 2016-09-22 17:27

>>52
No it isn't, stop slandering me. What makes you think that it's disassembly? What compiler would produce anything like that without startup\breakdown code, and not linking to kernel32 (you know, the entire point)? What disassembler even outputs FASM syntax? Just because you can't do something, don't assume no one can, /g/-kun.

Name: Anonymous 2016-09-22 18:50

>>41,48
Turds!

Name: Anonymous 2016-09-24 19:30

Ended up with following code: https://github.com/saniv/symta/blob/master/runtime/w/ctx.c

Name: Anonymous 2016-09-24 21:37

More like smegfaults, amirite
Don't change these.
Name: Email:
Entire Thread Thread List
All trademarks and copyrights on this site are owned by their respective parties. All comments and posts are the responsibility of their own posters.
- Tinychan + 2ch Mode + RSS -