SEH Problem

[Astro]

Hi,

The following is strange, and I'm too tired/stressed (unrelated) to see quite what is going on with it.

I've commented the code where the problem is, but I just can't quite figure out why it is behaving the way it is. I can only presume that my code is generating a (genuine) exception, resulting in the exception handler being fired again, ad infinitum?

Seems the instruction rdmsr can only be called from Ring 0 which is useless anyway, but if it was to work, only works on certain processors. My idea was to catch the error (meaning it is not supported on that processor) and just say that the instruction is not supported (but that is a side-issue anyway - I ultimately wanted to try and read the DTR register of Intel processors but it seems I need to be in Ring 0 to do this).

Note that when it errors, it prints the error handler message once in the console.

Build as a console app.

Code Select Expand

include \masm32\include\masm32rt.inc

.686p
option casemap:none

.code

Error db "The instruction is not supported by the processor.",0

start:

    ;=================================================
    ; Configure SEH

    assume fs:nothing
    lea eax,ERR
    push eax
    push fs:[0]
    mov fs:[0],esp

    ;=================================================
    ; Protected code

    mov ecx,019ch ; select IA32_THERM_STATUS register
    rdmsr       ; read manufacturer specific data - edx:eax contains 64-bit data

    ;=================================================
    ; Restore error handler

    pop fs:[0]
    add esp,4

    xor eax,eax
    ret

ERR:
    ; Adding the next 2 lines results in exception c000001d (EXCEPTION_ILLEGAL_INSTRUCTION)
    ; Without, it loops the error message forever
    ;pop fs:[0]
    ;add esp,4

    lea eax,Error
    print eax

    xor eax,eax
    ret

end start

Best regards,
Robin.

[drizz]

Inside your seh handler you return ExceptionContinueExecution(=0) without modifying EIP.

[Antariy]

Change SE Handler as:

Code Select Expand


ERR:
    ; Adding the next 2 lines results in exception c000001d (EXCEPTION_ILLEGAL_INSTRUCTION)
    ; Without, it loops the error message forever
    ;pop fs:[0]
    ;add esp,4

    lea eax,Error
    print eax
   
    mov ecx,[esp+12]
    add dword ptr [ecx].CONTEXT.regEip,2 ; step over exceptionee instruction rdmsr

    xor eax,eax
    ret


[Astro]

Hi,

Change SE Handler as:

I just tried this - it loops the error handler multiple times then crashes with memory access violation.

Best regards,
Robin.

[Antariy]

I just tried this - it loops the error handler multiple times then crashes with memory access violation.

It works for me. Just the same as full

Code Select Expand


include \masm32\include\masm32rt.inc

.686p
option casemap:none

.code

Error db "The instruction is not supported by the processor.",0

start:

    ;=================================================
    ; Configure SEH

    assume fs:nothing
    lea eax,ERR
    push eax
    push fs:[0]
    mov fs:[0],esp

    ;=================================================
    ; Protected code

    mov ecx,019ch ; select IA32_THERM_STATUS register
    rdmsr       ; read manufacturer specific data - edx:eax contains 64-bit data

    ;=================================================
    ; Restore error handler

    pop fs:[0]
    add esp,4

    xor eax,eax
    ret

ERR:
    ; Adding the next 2 lines results in exception c000001d (EXCEPTION_ILLEGAL_INSTRUCTION)
    ; Without, it loops the error message forever
    ;pop fs:[0]
    ;add esp,4

    lea eax,Error
    print eax
   
    mov ecx,[esp+12]
    add dword ptr [ecx].CONTEXT.regEip,2

    xor eax,eax
    ret

end start


[Astro]

Ahh ha! Found it. :)

Code Select Expand

ERR:
    ; Adding the next 2 lines results in exception c000001d (EXCEPTION_ILLEGAL_INSTRUCTION)
    ; Without, it loops the error message forever
    ;pop fs:[0]
    ;add esp,4

    lea eax,Error
    print eax

    mov ecx,[esp+12]
    add dword ptr [ecx].CONTEXT.regEip,2
    xor eax,eax ; Failure to set eax == 0 causes the error handler to be called again <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<

    ret


Best regards,
Robin.

[clive]

To read MSR's and determine which were valid/invalid, I wrote a kernel mode device driver, and used the SEH to catch the ones that faulted. The user mode app could load the kernel driver, and call it, this probably can't be done like that these days.

[Antariy]

To read MSR's and determine which were valid/invalid, I wrote a kernel mode device driver, and used the SEH to catch the ones that faulted. The user mode app could load the kernel driver, and call it, this probably can't be done like that these days.

BTW, is Win7 allows loading of the drivers by non-admin user? Is it requires to have drivers signed in general?

[clive]

BTW, is Win7 allows loading of the drivers by non-admin user? Is it requires to have drivers signed in general?

Yeah, a whole load of inconvenience I really don't have time for any more.

http://www.masm32.com/board/index.php?topic=13752.msg108107#msg108107

http://www.masm32.com/board/index.php?topic=13686.msg107661#msg107661

[Antariy]

BTW, is Win7 allows loading of the drivers by non-admin user? Is it requires to have drivers signed in general?

Yeah, a whole load of inconvenience I really don't have time for any more.

http://www.masm32.com/board/index.php?topic=13752.msg108107#msg108107

http://www.masm32.com/board/index.php?topic=13686.msg107661#msg107661

Interesting links, thank you :thumbu