Microsoft-specific exception handling mechanisms

From Wikipedia, the free encyclopedia
  (Redirected from Structured Exception Handling)
Jump to: navigation, search

Microsoft Windows OS family employs some exception handling mechanisms that are based on the operating system specifics.

Structured Exception Handling[edit]

Microsoft Structured Exception Handling is the native exception handling mechanism for Windows and a forerunner technology to VEH.[1] It features the finally mechanism not present in standard С++ exceptions (but present in most imperative languages introduced later). SEH is set up and handled separately for each thread of execution.

The Microsoft implementation of SEH is based on a patent licensed from Borland, U.S. Patent 5,628,016. Open-source operating systems have resisted adopting a SEH-based mechanism due to this patent.[2]

Usage[edit]

Microsoft supports SEH as a programming technique at the compiler level only. MS Visual C++ compiler features three non-standard keywords: __try, __except and __finally — for this purpose. Other exception handling aspects are backed by a number of Win32 API functions,[3] for example, RaiseException to raise SEH exceptions manually.

Implementation[edit]

Each thread of execution in Windows has a link to an undocumented _EXCEPTION_REGISTRATION_RECORD list at the start of its Thread Information Block. The __try statement essentially calls a compiler-defined EH_prolog function. That function allocates an _EXCEPTION_REGISTRATION_RECORD on the stack pointing to __except_handler3[a] function in msvcrt.dll,[b] then adds the record to the list's head. At the end of the __try block a compiler-defined EH_epilog function is called that does the reverse operation. Either of these compiler-defined routines can be inline. All the programmer-defined __except and __finally blocks are called from within __except_handler3. If such blocks are present, _EXCEPTION_REGISTRATION_RECORD being created is extended with a few additional fields used by __except_handler3.[4]

In a case of an exception in a user mode code, the operating system[c] parses the thread's _EXCEPTION_REGISTRATION_RECORD list and calls each exception handler in sequence until a handler signals it has handled the exception (by return value) or the list is exhausted. The last one in the list is always the kernel32!UnhandledExceptionFilter which displayes the General protection fault error message.[d] Then the list is traversed once more giving handlers a chance to clean up any resources used. Finally, the execution returns to kernel mode[e] where the process is either resumed or terminated.

Vectored Exception Handling[edit]

Vectored Exception Handling was introduced in Windows XP.[5] Vectored Exception Handling is made available to Windows programmers using languages such as C++ and Visual Basic. VEH does not replace Structured Exception Handling (SEH), rather VEH and SEH coexist with VEH handlers having priority over SEH handlers.[1][5] Compared with SEH, VEH works more like a traditional notification callback scheme.[6]

Notes[edit]

  1. ^ The name varies in different versions of VC runtime
  2. ^ ntdll.dll and kernel32.dll, as well as other programs linked statically with VC runtime, have this function compiled-in instead
  3. ^ More specifically, ntdll!RtlDispatchException system routine called from ntdll!KiUserExceptionDispatcher which is in turn called from the nt!KiDispatchException kernel function. (See Ken Johnson (November 16, 2007). "A catalog of NTDLL kernel mode to user mode callbacks, part 2: KiUserExceptionDispatcher".  for details)
  4. ^ The message can be silenced by altering the process's error mode; the default last handler can be replaced with SetUnhandledExceptionFilter API
  5. ^ ntdll!KiUserExceptionDispatcher calls either nt!ZwContinue or nt!ZwRaiseException

References[edit]

  1. ^ a b "Vectored Exception Handling in Windows Server 2003 (Through Internet Archive)". Archived from the original on 2008-01-18. 
  2. ^ Matt Miller [aka skape] (September 2006). "Preventing the Exploitation of SEH Overwrites". Uninformed Journal. 
  3. ^ Microsoft Corp. (11/12/2009). "Structured Exception Handling Functions". MSDN Library. Retrieved 2009-11-17. 
  4. ^ Peter Kleissner (February 2009). "Windows Exception Handling". Retrieved 2009-11-21. , Compiler based Structured Exception Handling section
  5. ^ a b "New Vectored Exception Handling in Windows XP". 
  6. ^ "Windows Server 2003 Discover Improved System Info, New Kernel, Debugging, Security, and UI APIs". 

External links[edit]