在Windows x86-64下,在异常情况下将多少推送到32位堆栈? [英] How much is pushed onto a 32-bit stack under Windows x86-64 on an exception?
问题描述
在这个这个问题中,我给出了一些我已经实现的并行语言的背景知识。编译器生成本机x86-32代码。
一个关键的实现决定是从堆中为每个函数(调用)分配堆栈空间。这允许递归,直到你用完了VM,并且为词法范围甚至嵌套的并行子代等启用仙人掌栈。
编译器的代码生成器可以计算多少功能本身需要堆栈空间;这是凌乱而直截了当的,它已经做得很好。操作系统调用的堆栈需求没有问题;我的功能没有任何(如果需要的话,代码切换到标准的大堆栈,系统是否调用,然后切换回来)。为了在面对异常和异步调用时安全起见,它增加了一个非常严格的常量,目前大约有500个字节到函数所需的堆栈空间,旨在覆盖从Windows 32体验中校准的x86-32完整上下文保存。 p>
这种语言和异步处理在x86-32系统上都很出色。我们偶尔会在x86-64系统上运行这个32位的实现问题。我怀疑一个异常的堆栈溢出。
问题是,Windows推送到一个(除以零)硬件异常的堆栈或StopThread调用当在Windows 64机箱上运行我的32位实现时?我很紧张,Windows推出了一个完整的x86-64上下文,这比x86-32上下文更大。有人知道吗有没有一篇文章可以回答这个章节?
我准备好运行一些动态实验来查看。
同样的堆栈上下文,如果你在x64框上讨论模拟的x32环境,那么它的大小与x32上的大小一样,在我的情况下是0x3E0字节与DWORD对齐。
至少在功能方面,WOW64进程上的所有仿真都应该在x32计数器部分处理完全一样,现在如果依靠TEB32检查不同案例的堆栈,您可以在本文中看到:
http://www.dumpanalysis.org/blog/index.php/2009/07/07/ raw-stack-dump-of-wow64-process /
令人遗憾的是,我没有关于你的问题的官方文章。
此处还有一篇有趣的文章,您可以阅读关于WOW64模拟过程:
http://blog.rewolf.pl/blog/?p=102#.UBTmHaBEUXw
最后,如果你的意思是有一个堆栈功能来处理异常,可以做到没有任何担心,我可以看到这里的跟踪日志在异常被触发之后,如何在堆栈中做一些功能,在我的SEH之前收到异常,似乎是某种Avast引擎或者可能是一些间谍软件,我不能追踪到任何已知的模块,因为在功能通过后,它被执行。
希望我帮助了一些东西。 >
PS:如果您可以发布一些额外的信息,也许堆栈日志和函数来处理异常,我们可以帮助更多。
In this this question, I give some background on a parallel language I have implemented. The compiler generates native x86-32 code.
A key implementation decision is to allocate stack space from the heap for every function (call). This allows for recursion until you run out of VM, and enables a cactus stack for lexical scopes even for nested parallel children, etc.
The compiler's code generator can compute how much stack space is needed by the function itself; that's messy but straightforward and it already does that well. There's no problem with stack demands from OS calls; my functions don't make any (if that's needed, the code switches to a standard "big stack", does the system calls, and then switches back). To be safe in the face of exceptions and asynchronous calls, it adds an egregious constant, presently about 500 bytes to that stack space needed by a function, intended to cover a x86-32 complete context save, calibrated from windows 32 experience.
This language and the asynch exception handling all work great on x86-32 systems. We have occasional problems running this 32 bit implementation on x86-64 systems. I suspect a stack overflow on an exception.
The question is, how much can Windows push onto a stack for a (divide by zero) hardware exception, or a StopThread call, when running my 32 bit implementation on a Windows 64 box? I'm nervous that Windows pushes a complete x86-64 context, which is way bigger than an x86-32 context. Does anybody know? Is there a document that answers this chapter-and-verse?
I'm about ready to run some dynamic experiments to see.
The same stack context, if you talking about emulated x32 environment on a x64 box, then its exactly the same size as on a x32 which in my case is 0x3E0 bytes aligned to DWORD.
Everything emulated on WOW64 process should be handled exactly the same at is x32 counter part at least when it comes to functionality, now if you rely on TEB32 for inspect the stack that is a different case, as you can see on this article:
http://www.dumpanalysis.org/blog/index.php/2009/07/07/raw-stack-dump-of-wow64-process/
Sadly there isn't an official paper i could find regarding your question.
Also here is an interesting paper you can read regarding WOW64 emulated process:
http://blog.rewolf.pl/blog/?p=102#.UBTmHaBEUXw
Finally if what you meant is to have an stack made function to handle exceptions it can be done without any worry, i can see here on trace logs after the exception is trigger, how some function made in stack, is receiving the exception before the mine SEH, it seems to be some kind of Avast engine or maybe some spyware, i cant trace it to any knowed module since after the function pass, it is dealloced.
Hope that i've helped on something.
PS: If you can post some extra info maybe the stack log and your function to handle exceptions, we could help more.
这篇关于在Windows x86-64下,在异常情况下将多少推送到32位堆栈?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
