GDB problem solved!

[tester90]

1) CIS --> Defense+ --> Computer Security Policy --> Protected Files and Folders --> Groups --> Add --> New Group... Now click once on "add files here" and Add then Add --> Select Fromand --> Browse... and add find the wanted folder

2) CIS --> Defense+ --> Computer Security Policy --> Add --> Select --> File Groups and make mark "Use a Predefined Policy" and select "Trusted program"

3) CIS --> Defense+ --> Computer Security Policy --> select Comodo Internet Securiy and press edit --> Customize --> Interprocess Memory Accesses --> Modify --> Add --> File Groups --> select the wanted group.

=====================================================================================

Look if they are in  trusted files (CIS---> Defense+ ---> Trusted files). If they aren't then add them.

=====================================================================================

Regards,
            Valentin N

oookay did it (even though I added every file in my C::B-Folder to Trusted files by myself).
Sadly I was unable to perform step 3 - since im using the Firewall only (with "optimized" Defense+ settings).
Still debugging leads to a segmentation fault in guard32.dll. 
Im testing if i can attach gdb manually to the process...

//edit:
I can execute the programs, but i have to jump over the segmentation fault.. so im able to work, but its kind of annoying, to click before i reach the breakpoint i've set.

Maybe there is an other way to fix this.

[*Jasper*]

Thanks very much for your fast answer. I added gdb, codeblocks and console_runner to the exclusions and restarted my system. Sadly I still encounter the same problem. And I cannot find the mentioned "lazarous.exe" neither in my Codeblocks nor in my System directory.
Any Ideas?... :/

You don't need to add any of those. The catch is that instead, you should add the file you are trying to debug.

edit: nor do you need any of the trusted settings. All you need is the file you are debugging on the list so it doesn't get injected.

[tester90]

You don't need to add any of those. The catch is that instead, you should add the file you are trying to debug.

edit: nor do you need any of the trusted settings. All you need is the file you are debugging on the list so it doesn't get injected.

I was guessing, that this would be a solution. But there must be a way to automate this process...!?
Before re-setting-up my OS i never had this Problem - it might have been a older Comodo-version though...

[roland2011]

Hello to Jasper, Valentin, Migueal, tester...

I also have problem with SIGSEGV message when running a new program with gdb.exe under lazarus.
I then ran gdb.exe through windows cmd.exe, and found out the dgb.exe detected problem with guard32.dll. (Running dgb.exe under lazarus does not show this level of detail).

I tried all of your suggestions, and I have come up with the following steps that works for me.
I am using Comodo version 5.3.

Step 1. (Make a group of folder that contains the gdb's working directory, and your program's directory). This is the most elaborate part).

CIS --> Defense+ --> Computer Security Policy --> Protected Files and Folders --> Groups.

You are now in File Groups. Click Add --> A New Group.

Give the new group a name (I used "lazarus GDB" but you can name it anything you want). Click Apply.

You are back in File Groups. Find the new group in the list and select "add files here" underneath. Then Click Add --> Browse.

Find the gdb.exe directory in the treeview presented and select it. (In my case, I selected "c:\lazarus\mingw\bin*"). Do not select gdb.exe itself.

Find the directory of your program that dgb.exe debugs and select it. Do not select the program itself. For example, I have "c:\lazarus-projects*", I did not select "c:\larazus-projects\project1.exe".

Click Apply. Now you have a group of folders (not group of files).

Step 2. Add the group you have created to "Protected Files and Folders".

CIS --> Defense+ --> Computer Security Policy --> Protected Files and Folders --> Add --> File Groups.

You should be able to find the Group of Folders that you just created (In my case, "Lazarus GDB").

Select it, so that you can go to Step 3.

Step 3. (Add to the Exclusion List). The Image Execution Control Settings have been relocated and renamed. In my version of Comodo, it is under...

CIS --> Defense+ --> Defense+ Settings --> Execution Control Settings.

There is a button "Exclusions" next to "Detect Shellcode Injections (i.e. Buffer Overflow Protection)". Click it.

The Exclusion list comes up. Click Add --> File Groups. Pick the Group of Folders you created. Click Apply.

Back in Defense+ Settings. Click OK.

All done.

With this I have no problem with SIGSEGV ... so far. Hope it helps.

If it works, credit goes to all of you who have all supplied the bits of information that led to this.
I have attached a pdf of the forum for you to see my comments. No disrepect intended, and I appreciate your comments / feedbacks.


[attachment deleted by admin]

[*Jasper*]

Roland2011: If that works for you, that's great. However, from what I gather you are doing a lot of things of which exactly one is equivalent to what I did (except for the fact that you used a folder instead of just the executable - as my projects don't necessarily reside in the same place it was little extra effort to add every new executable I want to debug).

Basically, adding "c:\larazus-projects\" to the Image Execution Control exclusions you should get the exact same result you are getting now, it's basically one of the things you do this way and as far as I  know, it's the job that does the trick.

[roland2011]

Hi Jasper, you are right.
To avoid SIGSEGV exception, you do not need gdb.exe in the Exclusion List; You only need the project.exe to be on the list. This can be achieved by simply going to the Exclusion List section and pick the file (No need for steps 1 and 2 at all).

I wasted too much effort into making a group list, when it is quite easy just to go directly to the Exclusion List and pick either a file or a folder.

I am always obsessive about making sure, so I went back and checked the 9 combinations of specifying the Exclusion List:

project  \  gdb	Off list	gdb.exe	gdb directory
Off list	Exception raised	Exception raised	Exception raised
project1.exe	OK*	OK*	OK*
project directory	OK*	OK*	OK*

*I noticed that running debugging build causes Comodo to flash warnings, in the following order:

• 1. Lazarus --> fpc
• 2. fpc --> ppc386
• 3. ppc386 --> windres
• 4. windres --> cpp
• 5. windres --> cmd
• 6. cpp --> cpp
• 7. ppc386 --> content of project1
• 8. gdb --> project1
• 9. lazarus --> project1

I allowed them all, and as a result , Comodo put the following 6 executables into the Protected File and Folder list:

• lazarus.exe
• fpc.exe
• ppc386.exe
• windres.exe
• cpp.exe
• gdb.exe

These executables, if I removed them, will cause Comodo to flash warnings again on the next debug run. If I leave them in the Protected Files and Folders list, there was no further warnings from Comodo when I debug.

My conclusion:
1. I think we can avoid future SIGSEGV exceptions by making sure that the project you are debugging is in the Exclusion list. You do not need the gdb.exe in the Exclusion List for this purpose. I fully agree with Jasper.
2. I think the 6 executables listed above are the common files that operates when you do a debugging build run, and so it is good to have these in the Protected Files and Folders List.

Thank you again.

[mouse1]

I'd like to transfer this trace to the FAQ if I may. Is that Ok?

Adding a note at the start.

Best wishes

Mouse