Global exception handler (access violations) under Windows

Question

I'm trying to install some sort of first-chance exception handler which can resume execution after unprotecting (VirtualProtect()) the memory page.

(I'm trying to install some watchpoints; and no, the possibility of the VirtualAlloc function to set watchpoints is not what I need; there I cannot dynamically set and unset the watching state of memory regions/pages)

I've read in the last couple of days a lot about these SEH things, but actually most I can find is for setting function local exception handlers etc....

If I'm not wrong I need to set somehow something called FS[0] (which is thread-local?).

---

tl;dr

I'd like to know how to install a global first-chance (= possibility to resume code and retry last instruction) exception handler which can catch hardware exceptions (like access violations).

P.s.: I can use Assembly, C or C++, but no C# etc.

---

Note: I have the whole thing working under POSIX systems via sigaction on SIGSEGV, but there's no such thing for Windows as far as I can see…

Answer 1

#include <windows.h>
#include <stdio.h>

int xfilter(EXCEPTION_POINTERS *xp) {
    int rc;
    EXCEPTION_RECORD *xr = xp->ExceptionRecord;
    CONTEXT *xc = xp->ContextRecord;
    if(xr->ExceptionCode == EXCEPTION_ACCESS_VIOLATION) {
        ++xc->Eip;//Advanced by one(Probably xc->Eip += 2)//http://msdn.microsoft.com/en-us/library/ms679284(v=vs.85).aspx
        rc = EXCEPTION_CONTINUE_EXECUTION;
    } else {
        rc = EXCEPTION_CONTINUE_SEARCH;
    }
    return rc;
}

int main() {
    EXCEPTION_POINTERS * xp;
    char *p = NULL;
    __try {
        fprintf(stderr, "%s", "before\n");
        *p = 'X';//Access Violation
        fprintf(stderr, "%s", "after\n");
    }
    __except(xfilter(xp = GetExceptionInformation())) {
        fprintf(stderr, "%s", "Exception occurred\n");//NO EXECUTE WHEN EXCEPTION_CONTINUE_EXECUTION
    }
    return 0;
}
/* result
before
after
*/