add control point for unhandled fault

DynamoRIO / dynamorio

Dynamic Instrumentation Tool Platform

Other

2.61k stars 554 forks source link

add control point for unhandled fault #966

Open derekbruening opened 9 years ago

derekbruening commented 9 years ago

From bruen...@google.com on November 01, 2012 21:23:15

currently we have a dumpcore point for all app faults:

/* Note this is ALL app exceptions (including those the app may expect and
 * handle without issue) except those created via RaiseException (note
 * dr forged exceptions use the eqv. of RaiseException).  Would be nice to
 * have a flag for just unhandled app exceptions but that's harder to
 * implement. */
DUMPCORE_APP_EXCEPTION      = 0x40000,

easy on linux to see if the app has a handler. on windows we'll need to wait for ntcontinue or sthg.

we should also augment the ldmp format w/ a (symbolic) app callstack at the top.

we should also implement issue #397 to get tools/ldmp working on Vista+.

xref drmem issue #1015: https://code.google.com/p/drmemory/issues/detail?id=1015

Original issue: http://code.google.com/p/dynamorio/issues/detail?id=966

derekbruening commented 9 years ago

From bruen...@google.com on November 02, 2012 21:00:03

Owner: zhao...@google.com

derekbruening commented 9 years ago

From zhao...@google.com on November 12, 2012 14:47:16

xref issue #552 to get an exit event call back on app crash

derekbruening commented 9 years ago

From bruen...@google.com on November 13, 2012 08:00:26

my proposal is to ignore SEH details and just look at the exit code when the app exits. an unhandled exception will call ExitProcess with the 0xc....... status code of the fault. IMHO it's perfectly fine to treat a non-fault exit that happens to pass that code (extremely unlikely: would only be done to fake a fault) as an unhandled fault.

so if the appfault_mask is on, on every fault we record a simple (ebp walk) callstack w/ module info. and on the exit w/ a fault status code we do the report. the module info involves a lock and binary tree lookup, but is probably low enough overhead on a fault to be on by default but we can decide that later.

derekbruening commented 9 years ago

From bruen...@google.com on November 13, 2012 08:44:07

while you're changing stuff here, I believe I forgot to raise an app fault report for os_forge_exception() => RaiseException side of intercept_exception so perhaps you could add that

derekbruening commented 9 years ago

From bruen...@google.com on April 17, 2014 14:52:55

xref issue #1260