Through the previous example we can see that the so-called exception handling is the parameters passed to it in the abnormal processing function, according to the
Information makes a corresponding reaction, is it similar to the message loop? It is really like because they are all M $ manufacturing. Let's take a look at the thread.
Related exception handling. Thread-related exception handling only monitors the specified thread. I still follow the previous model to tell its implementation. with
When the thread-related SEH also needs to set a callback function, but the setting method is very different from the process related SEH, here, API
SetunhandledExceptionFilter () has not been used, and the specific implementation process has to start from the initialization of the thread, and the thread is initialized.
A CLP sets a Tib (Thread Infomation Block structure, this structure is a bit complicated, we don't have to be deep, SEH is used only
Is its first field exception_registration *, this field is another structure, its definition is as follows:
TypeDef struct _exception_registration {structure _exception_registration * ddprev; proc ddhandler;} Exception_registration
Simply explained: struct _exception_registration * DDPREV points to a pointer to this structure, it is clear that the linked list can be implemented because of its existence. Proc DdHandler A function pointer, this is what we need, use it to specify an exception handler. In fact, it is a linked list, and the system has set the default exception handler for threads when initialization thread. If we want to put
It replaces our own function, just add a node on the list, it is possible to form a function chain, this is not a bit like
Windows HOOK? How will a mother? One more thing to explain is that the thread is initialized, the FS register points to TIB, this
One, our handling method is coming! Pseudo code is: exception_registration myexp; myexp.ddprev = fs [iexp.ddhandler = exceptionFilterProc; fs [0] = & myExp; Next, write an exception handler, first look at the definition of this function. long __cdecl ExceptionFilter (EXCEPTION_RECORD * lpRecord, EXCEPTION_REGISTRATION * lpRegist, CONTEXT * lpContext, DWORD * dwParam); exception handling functions and processes related to a little bit different, the return value is still long, call the rule into a __cdecl, into a four parameters .
Parameter Description: First, the third two parameters are passed by the parameters of the process-related exception handler; the second parameter is FS [0], usually we don't want to pay; the fourth parameter is not used, nor It is what it will be. Return Value Description: The return value here is only two. Exception_Continue_Search = 1 does not process exception, transform system processing exception_continue_execution = 0 repair error, continued from abnormal event
Thread summarize briefly associated exception handler process C / C wording: long __cdecl ExceptionFilter (EXCEPTION_RECORD * lpRecord, EXCEPTION_REGISTRATION * lpRegist, CONTEXT * lpContext, DWORD * dwParam) {... Return 0; // (or 1)}
ASM Write ExceptionFilter Proc; acquire parameter Exception_Record * MOV ESI, [ESP 4]; acquisition parameter context * MOV EDI, [ESP 12]; exception handling...; Set return value = 0 or 1 MOV EAX, return_Value; note __cdecl rule call, do not need to do a stack correction RET ExceptionFilter Endp when returning
In order to highlight the focus, the next routine is relatively simple, only set an illegal division 0 error, the processing method, and the previous routine basics
.
*********************************************************** **; thread-related exception handling instance; ************************************************ **********. 386.Model Flat
Include ../include/perelation.inc
Extrn MessageBoxa: Procextrn EXITPROCESS: Proc
.DATA SZTITLE DB "Title", 0 SzMessage DB "except 0 errors, is it fixed?", 0
.Code_header:; This is a pseudo directive, compiler requirements. Assume fs: Nothing push eBp; definition of Exception_Registration in the stack; use stack hook an exception handler, of course, you can also use static variables push offset _exceptionFilter Push DWORD PTR FS: [0] MOV FS: [0], ESP; trigger removal 0 abnormal xor EBX, EBX DIV BL; Clear the SEH node, restore the stack POP DWORD PTR FS: [0] Add ESP, 4 POP EBP PUSH 0 CALL EXITPROCESS
; Abnormal processing function _exceptionFilter Proc Mov Eax, ESP PUSHAD
; Pay attention to the stack status; [ESP 16] dWor *; [ESP 12] context *; [ESP 8] exception_registration *; [ESP 4] exception_record *; [ESP] return address; acquisition parameter Exception_Record Mov ESI, [ EAX 4]; acquired parameter context MOV EDI, [EAX 12]; analysis of exception code MOV EAX, [ESI] .Exceptioncode; except 0 abnormal CMP Eax, 0C0000094H JE _ISDIVZERO; other exceptions Transfer system processing JMP _EXCEPTOTHER; 0 Exception Process_ISDIVZERO :; Question Whether to fix the Push Mb_yesno Push Offset Sztitle Push Offset Szmessage Push Null Call MessageBoxa; Select "NO" without repair, transfer system processing CMP Eax, IDNO JE _EXCEPTER; change EBX value inc [EDI] .C_ebx popad; return value = 0, exception has been fixed, continue to execute xor eax, eax return _exceptother: popad; return value = 1, no exception, transfer system processing xor EAX, EAX INC EAX RET _EXCEPTIONFILTER ENDPEND _HEADER
