RISC OS Open: Forum: zeropain reports

Oct 21, 2015 3:03pm

Colin (478) 2433 posts

One for BASIC or is it Alarm or maybe ShareFS with a smidgen of SharedCLibrary. My first non NULL pointer dereference.

Time: Wed Oct 21 12:59:18 2015
Location: Offset 0003204c in module SharedCLibrary
Current Wimp task: ShareFS
Last app to start: BASIC -quit "Resources:$.Resources.Alarm.!RunLink" 

R0  = 0000000c R1  = 20110bf8 R2  = 00000005 R3  = 0000000c
R4  = 00000004 R5  = 20112034 R6  = 0300a8c0 R7  = fc04329c
R8  = 00000004 R9  = 20110ad8 R10 = fa20021c R11 = fa207cac
R12 = fa207c78 R13 = fa207c58 R14 = fc178f0c R15 = fc1792cc
DFAR = 0000000c  Mode SVC32  Flags NzcV if   PSR = 90000113

fc179284 : e3a00000 : MOV     R0,#0
fc179288 : ef02006e : SWI     XOS_SynchroniseCodeAreas
fc17928c : e49d0004 : LDR     R0,[R13],#4
fc179290 : ebfffd61 : BL      &FC17881C
fc179294 : e8bd0101 : LDMIA   R13!,{R0,R8}
fc179298 : e5d97118 : LDRB    R7,[R9,#280]
fc17929c : e3570000 : CMP     R7,#0
fc1792a0 : 1e208110 : WFSNE   R8
fc1792a4 : 1cbd420c : LFMNE   F4,4,[R13],#48
fc1792a8 : e8bd83f0 : LDMIA   R13!,{R4-R9,PC}
fc1792ac : e59f9a08 : LDR     R9,&FC179CBC
fc1792b0 : e51a121c : LDR     R1,[R10,#-540]
fc1792b4 : e0899001 : ADD     R9,R9,R1
fc1792b8 : e1a03000 : MOV     R3,R0
fc1792bc : e2891e12 : ADD     R1,R9,#&0120       ; =288
fc1792c0 : e501f004 : STR     PC,[R1,#-4]        ; *** May store PC+8 or PC+12
fc1792c4 * e4932004 * LDR     R2,[R3],#4
fc1792c8 : e4812004 : STR     R2,[R1],#4
fc1792cc : e4d32001 : LDRB    R2,[R3],#1
fc1792d0 : e4c12001 : STRB    R2,[R1],#1
fc1792d4 : e3d2201f : BICS    R2,R2,#&1F         ; =31
fc1792d8 : 1afffffb : BNE     &FC1792CC
fc1792dc : e1a0f00e : MOV     PC,R14
fc1792e0 : e1a0c00d : MOV     R12,R13
fc1792e4 : e92dda30 : STMDB   R13!,{R4,R5,R9,R11,R12,R14,PC}
fc1792e8 : e24cb004 : SUB     R11,R12,#4
fc1792ec : e59f99c8 : LDR     R9,&FC179CBC
fc1792f0 : e51ac21c : LDR     R12,[R10,#-540]
fc1792f4 : e089900c : ADD     R9,R9,R12
fc1792f8 : e2422001 : SUB     R2,R2,#1
fc1792fc : e3a03000 : MOV     R3,#0
fc179300 : e3a04003 : MOV     R4,#3

--------------------------------------------------------------------------------

Time: Wed Oct 21 12:59:18 2015
Location: Offset 00032054 in module SharedCLibrary
Current Wimp task: ShareFS
Last app to start: BASIC -quit "Resources:$.Resources.Alarm.!RunLink" 

R0  = 0000000c R1  = 20110bfc R2  = 00000000 R3  = 00000010
R4  = 00000004 R5  = 20112034 R6  = 0300a8c0 R7  = fc04329c
R8  = 00000004 R9  = 20110ad8 R10 = fa20021c R11 = fa207cac
R12 = fa207c78 R13 = fa207c58 R14 = fc178f0c R15 = fc1792d4
DFAR = 00000010  Mode SVC32  Flags NzcV if   PSR = 90000113

fc17928c : e49d0004 : LDR     R0,[R13],#4
fc179290 : ebfffd61 : BL      &FC17881C
fc179294 : e8bd0101 : LDMIA   R13!,{R0,R8}
fc179298 : e5d97118 : LDRB    R7,[R9,#280]
fc17929c : e3570000 : CMP     R7,#0
fc1792a0 : 1e208110 : WFSNE   R8
fc1792a4 : 1cbd420c : LFMNE   F4,4,[R13],#48
fc1792a8 : e8bd83f0 : LDMIA   R13!,{R4-R9,PC}
fc1792ac : e59f9a08 : LDR     R9,&FC179CBC
fc1792b0 : e51a121c : LDR     R1,[R10,#-540]
fc1792b4 : e0899001 : ADD     R9,R9,R1
fc1792b8 : e1a03000 : MOV     R3,R0
fc1792bc : e2891e12 : ADD     R1,R9,#&0120       ; =288
fc1792c0 : e501f004 : STR     PC,[R1,#-4]        ; *** May store PC+8 or PC+12
fc1792c4 : e4932004 : LDR     R2,[R3],#4
fc1792c8 : e4812004 : STR     R2,[R1],#4
fc1792cc * e4d32001 * LDRB    R2,[R3],#1
fc1792d0 : e4c12001 : STRB    R2,[R1],#1
fc1792d4 : e3d2201f : BICS    R2,R2,#&1F         ; =31
fc1792d8 : 1afffffb : BNE     &FC1792CC
fc1792dc : e1a0f00e : MOV     PC,R14
fc1792e0 : e1a0c00d : MOV     R12,R13
fc1792e4 : e92dda30 : STMDB   R13!,{R4,R5,R9,R11,R12,R14,PC}
fc1792e8 : e24cb004 : SUB     R11,R12,#4
fc1792ec : e59f99c8 : LDR     R9,&FC179CBC
fc1792f0 : e51ac21c : LDR     R12,[R10,#-540]
fc1792f4 : e089900c : ADD     R9,R9,R12
fc1792f8 : e2422001 : SUB     R2,R2,#1
fc1792fc : e3a03000 : MOV     R3,#0
fc179300 : e3a04003 : MOV     R4,#3
fc179304 : ef020023 : SWI     XOS_ReadVarVal
fc179308 : 73a00000 : MOVVC   R0,#0

--------------------------------------------------------------------------------

Oct 21, 2015 3:23pm

Dave Higton (1515) 3526 posts

It shows nicely a serious deficiency of ZeroPain: it can’t tell us what made the call into SharedCLibrary. Without that information, how can we find the real source of the problem?

Is there any way that it could be able to tell us? Presumably it would mean a lot of stack unwinding.

Oct 21, 2015 5:50pm

Steve Pampling (1551) 8170 posts

It shows nicely a serious deficiency of ZeroPain: it can’t tell us what made the call into SharedCLibrary. Without that information, how can we find the real source of the problem?

I think during earlier discussion the consensus was that two things were at fault in this sort of case:
1. SharedCLibrary shouldn’t accept the rubbish input
2. The application making the call shouldn’t produce the rubbish input.

Would I be wrong in thinking that having SharedCLib refuse to accept the rubbish would make it blindingly obvious which offender was sending it by causing the offender to simply not work?

Oct 21, 2015 6:09pm

Jon Abbott (1421) 2651 posts

Would I be wrong in thinking that having SharedCLib refuse to accept the rubbish would make it blindingly obvious which offender was sending it by causing the offender to simply not work?

Input validation would certainly help in locating many bugs that are currently hidden from sight. It’s not going to catch all of these issues though.

Oct 21, 2015 7:03pm

Steve Pampling (1551) 8170 posts

It’s not going to catch all of these issues though.

Never thought it would, but my fault elimination technique in work tends to work on fixing all visible faults and then looking to see what is revealed on the next layer.

Remove a few trees and you get to see the wood…

zeropain reports

Reply

Search forums

Social

ROOL Store

Donate! Why?

RISC OS IPR

Description

Voices

Options

Oct 21, 2015 3:03pm Colin (478) 2433 posts	One for BASIC or is it Alarm or maybe ShareFS with a smidgen of SharedCLibrary. My first non NULL pointer dereference. `Time: Wed Oct 21 12:59:18 2015 Location: Offset 0003204c in module SharedCLibrary Current Wimp task: ShareFS Last app to start: BASIC -quit "Resources:$.Resources.Alarm.!RunLink"` `R0 = 0000000c R1 = 20110bf8 R2 = 00000005 R3 = 0000000c R4 = 00000004 R5 = 20112034 R6 = 0300a8c0 R7 = fc04329c R8 = 00000004 R9 = 20110ad8 R10 = fa20021c R11 = fa207cac R12 = fa207c78 R13 = fa207c58 R14 = fc178f0c R15 = fc1792cc DFAR = 0000000c Mode SVC32 Flags NzcV if PSR = 90000113` fc179284 : e3a00000 : MOV R0,#0 fc179288 : ef02006e : SWI XOS_SynchroniseCodeAreas fc17928c : e49d0004 : LDR R0,[R13],#4 fc179290 : ebfffd61 : BL &FC17881C fc179294 : e8bd0101 : LDMIA R13!,{R0,R8} fc179298 : e5d97118 : LDRB R7,[R9,#280] fc17929c : e3570000 : CMP R7,#0 fc1792a0 : 1e208110 : WFSNE R8 fc1792a4 : 1cbd420c : LFMNE F4,4,[R13],#48 fc1792a8 : e8bd83f0 : LDMIA R13!,{R4-R9,PC} fc1792ac : e59f9a08 : LDR R9,&FC179CBC fc1792b0 : e51a121c : LDR R1,[R10,#-540] fc1792b4 : e0899001 : ADD R9,R9,R1 fc1792b8 : e1a03000 : MOV R3,R0 fc1792bc : e2891e12 : ADD R1,R9,#&0120 ; =288 fc1792c0 : e501f004 : STR PC,[R1,#-4] ; *** May store PC+8 or PC+12 fc1792c4 * e4932004 * LDR R2,[R3],#4 fc1792c8 : e4812004 : STR R2,[R1],#4 fc1792cc : e4d32001 : LDRB R2,[R3],#1 fc1792d0 : e4c12001 : STRB R2,[R1],#1 fc1792d4 : e3d2201f : BICS R2,R2,#&1F ; =31 fc1792d8 : 1afffffb : BNE &FC1792CC fc1792dc : e1a0f00e : MOV PC,R14 fc1792e0 : e1a0c00d : MOV R12,R13 fc1792e4 : e92dda30 : STMDB R13!,{R4,R5,R9,R11,R12,R14,PC} fc1792e8 : e24cb004 : SUB R11,R12,#4 fc1792ec : e59f99c8 : LDR R9,&FC179CBC fc1792f0 : e51ac21c : LDR R12,[R10,#-540] fc1792f4 : e089900c : ADD R9,R9,R12 fc1792f8 : e2422001 : SUB R2,R2,#1 fc1792fc : e3a03000 : MOV R3,#0 fc179300 : e3a04003 : MOV R4,#3 `--------------------------------------------------------------------------------` `Time: Wed Oct 21 12:59:18 2015 Location: Offset 00032054 in module SharedCLibrary Current Wimp task: ShareFS Last app to start: BASIC -quit "Resources:$.Resources.Alarm.!RunLink"` `R0 = 0000000c R1 = 20110bfc R2 = 00000000 R3 = 00000010 R4 = 00000004 R5 = 20112034 R6 = 0300a8c0 R7 = fc04329c R8 = 00000004 R9 = 20110ad8 R10 = fa20021c R11 = fa207cac R12 = fa207c78 R13 = fa207c58 R14 = fc178f0c R15 = fc1792d4 DFAR = 00000010 Mode SVC32 Flags NzcV if PSR = 90000113` fc17928c : e49d0004 : LDR R0,[R13],#4 fc179290 : ebfffd61 : BL &FC17881C fc179294 : e8bd0101 : LDMIA R13!,{R0,R8} fc179298 : e5d97118 : LDRB R7,[R9,#280] fc17929c : e3570000 : CMP R7,#0 fc1792a0 : 1e208110 : WFSNE R8 fc1792a4 : 1cbd420c : LFMNE F4,4,[R13],#48 fc1792a8 : e8bd83f0 : LDMIA R13!,{R4-R9,PC} fc1792ac : e59f9a08 : LDR R9,&FC179CBC fc1792b0 : e51a121c : LDR R1,[R10,#-540] fc1792b4 : e0899001 : ADD R9,R9,R1 fc1792b8 : e1a03000 : MOV R3,R0 fc1792bc : e2891e12 : ADD R1,R9,#&0120 ; =288 fc1792c0 : e501f004 : STR PC,[R1,#-4] ; *** May store PC+8 or PC+12 fc1792c4 : e4932004 : LDR R2,[R3],#4 fc1792c8 : e4812004 : STR R2,[R1],#4 fc1792cc * e4d32001 * LDRB R2,[R3],#1 fc1792d0 : e4c12001 : STRB R2,[R1],#1 fc1792d4 : e3d2201f : BICS R2,R2,#&1F ; =31 fc1792d8 : 1afffffb : BNE &FC1792CC fc1792dc : e1a0f00e : MOV PC,R14 fc1792e0 : e1a0c00d : MOV R12,R13 fc1792e4 : e92dda30 : STMDB R13!,{R4,R5,R9,R11,R12,R14,PC} fc1792e8 : e24cb004 : SUB R11,R12,#4 fc1792ec : e59f99c8 : LDR R9,&FC179CBC fc1792f0 : e51ac21c : LDR R12,[R10,#-540] fc1792f4 : e089900c : ADD R9,R9,R12 fc1792f8 : e2422001 : SUB R2,R2,#1 fc1792fc : e3a03000 : MOV R3,#0 fc179300 : e3a04003 : MOV R4,#3 fc179304 : ef020023 : SWI XOS_ReadVarVal fc179308 : 73a00000 : MOVVC R0,#0 `--------------------------------------------------------------------------------`

Oct 21, 2015 3:23pm Dave Higton (1515) 3526 posts	It shows nicely a serious deficiency of ZeroPain: it can’t tell us what made the call into SharedCLibrary. Without that information, how can we find the real source of the problem? Is there any way that it could be able to tell us? Presumably it would mean a lot of stack unwinding.

Oct 21, 2015 5:50pm Steve Pampling (1551) 8170 posts	It shows nicely a serious deficiency of ZeroPain: it can’t tell us what made the call into SharedCLibrary. Without that information, how can we find the real source of the problem? I think during earlier discussion the consensus was that two things were at fault in this sort of case: 1. SharedCLibrary shouldn’t accept the rubbish input 2. The application making the call shouldn’t produce the rubbish input. Would I be wrong in thinking that having SharedCLib refuse to accept the rubbish would make it blindingly obvious which offender was sending it by causing the offender to simply not work?

Oct 21, 2015 6:09pm Jon Abbott (1421) 2651 posts	Would I be wrong in thinking that having SharedCLib refuse to accept the rubbish would make it blindingly obvious which offender was sending it by causing the offender to simply not work? Input validation would certainly help in locating many bugs that are currently hidden from sight. It’s not going to catch all of these issues though.

Oct 21, 2015 7:03pm Steve Pampling (1551) 8170 posts	It’s not going to catch all of these issues though. Never thought it would, but my fault elimination technique in work tends to work on fixing all visible faults and then looking to see what is revealed on the next layer. Remove a few trees and you get to see the wood…