C0000005 (ACCESS VIOLATION)

[Ficko]

I had started to play with the new RGN button controls and by trying to debug some code run into a strange thing.

ACCESS VIOLATIONs are being genarated but I wasn't able to spot the source of the truble jet.

You load the demo exe (rgn_button_test.exe) for example in OllyDbg and run it you will soon recive the first VIOLATION.

Have somebody some clue?

[sapero]

ACCESS VIOLATION is a common exception in kernel32, just check "ignore memory exceptions in kernel32" in olly debug options/exceptions.
Finally, exceptions are not reserved for program errors, they are very usefull when breaking from any bigger loop or recursive function. Doing so wiill break the loop much faster than comparing a variable and thousand times returning.

Code Select Expand

EnterLoop()

sub EnterLoop()
if (should_break) then return
while (calculating)

calculate()
if (should_break) then return
if (should_recurse) then EnterLoop()

end while
return
endsub When should_break will change to true, the loop will break, but before it breaks, the 'return' will be executed a-times. Very bad timing.
Lets say the function EnterLoop has called itself 1000 times and 'should_break' has been signalled from another thread, or from calculate() function (error or finished flag). The EnterLoop function will call 'return' 1000 times. to stop executing.

The second example will break much faster, but needs additional initialization:
SetupExceptionsHandler registers a function to handle exceptions, and saves some registers (at least ESP).
RaiseException forces the application to execure previously registered handler that will simply restore all saved registers and set EIP to next instruction after first call to EnterLoop.

Code Select Expand

SetupExceptionsHandler()
EnterLoop()
label _continue_here:
DeleteExceptionsHandler()

sub EnterLoop()
if (should_break) then RaiseException(EXCEPTION_CODE, 0,0,0)
while (calculating)

calculate()
if (should_break) then RaiseException(EXCEPTION_CODE, 0,0,0)
if (should_recurse) then EnterLoop()

end while
return
endsub

sub handle_exception(CONTEXT ctx, DWORD exception_code)
if (exception_code = STATUS_BREAKING_LOOP)
ctx.Eip = &_continue_here /* start executing at this label */
ctx.Esp = saved_Esp
return EXCEPTION_CONTINUE_EXECUTION /* problem solved */
endif
return EXCEPTION_CONTINUE_SEARCH /* other exceptions are not handled here */

The EXCEPTION_CODE can be one of predefined values like STATUS_ACCESS_VIOLATION, or any other user defined value, like STATUS_BREAKING_LOOP
This method is used in RtlMoveMemory - it is much faster to protect the code from bad pointers and handle exceprions, than validating pointers.

If your programs runs fine outside the debugger, ignore exceptions catched by olly.

[Ficko]

Thanks Sapero for the response.

Yes I thought first too that it muss be an intentionally generated exception but it behaves differently.

The program runs fine without the debugger. (Olly)

But despite clicking and adding "Ignore also following custom exception or range:"(C0000005)
and "ignore memory exceptions in kernel32"
the debugger will stop indicating that the debugged program is unable to handle the exception.

This "freeze" can be experienced on the demo prg from Paul as well.(rgn_button_test.eba)

It happens in the sub "BitMapToRegion".(Sub of "RGNTOBITMAP")

I don`t say it's a bug but I don`t know how to go around it continue debugging.
Usually it is very simple to debug Ebasic code but this one is giving me a hard time. 

I attach a jpg output from Olly you can see ESI is zero, which generating the exception.

[Ionic Wind Support Team]

Olly Debug isn't passing the exception down the chain if it is stopping at that point.

The RgnFromBitmap funciton uses GlobalAlloc with the GMEM_MOVEABLE flag.  Which will generate exceptions in the kernel when the memory isn't availble when it is being accessed.  The kernel moves the memory back, usually from the swap, when it handles that exception.

I can propbably make a change in that routine to stop that.  In the mean time just comment out the region loading code while you are debugging.

Paul

[Ionic Wind Support Team]

However looking into the code I spotted another bug.  So I will fix sooner than later.

Paul.

[Ficko]

Thank you paul that helps!