Structured Exception Handling

0. General
Take care of the difference between Exception Filter and Exception Handler.
A try block can't have both a finally block and an except block, and a try block can't have multiple finally or except blocks.
Although return, goto, continue, and break statements are strongly discouraged in the try block of a termination handler, no speed or code-size penalty is associated with using these statements inside the try block of an exception handler. Such a statement in the try block associated with an except block won't incur the overhead of a local unwind. 

Unlike termination handlers, exception filters and exception handlers are executed directly by the operating system—the compiler has little to do with evaluating exception filters or executing exception handlers.

1. Global Unwind : When an exception filter evaluates to EXCEPTION_EXECUTE_HANDLER, the system must perform a global unwind. The global unwind causes all of the outstanding try-finally blocks that started executing below the try-except block that handles the exception to resume execution.

2. Halting Global Unwind: We may halting the Global Unwind through putting a return statement inside a finally block. Note: this will cause all the following(which after the return statement) finally block and the exception handler to be skipped.

3. EXCEPTION_CONTINUE_EXECUTION: When the system sees that the filter evaluated to EXCEPTION_CONTINUE_EXECUTION, it jumps back to the instruction that generated the exception and tries to execute it again. Note: this may be problem, since the invalid address is pre-loaded in the original instructions, not the current instruction.

4. Exception Stack: When an exception occurs, the operating system pushes the following three structures on the stack of the thread that raised the exception: the EXCEPTION_RECORD structure, the CONTEXT structure, and the EXCEPTION_POINTERS structure.
The most important thing to remember about the GetExceptionInformation function is that it can be called only in an exception filter—because the CONTEXT, EXCEPTION_RECORD, and EXCEPTION_POINTERS data structures are valid only during the exception filter processing. Once control has been transferred to the exception handler, the data on the stack is destroyed.

5. Software Exception: Microsoft has done some trickery for EXCEPTION_CONTINUE_EXECUTION so that execution continues after the call to the RaiseException function.(Not re-execute the RaiseException )

6. Exception Chains:  if during the processing of one exception another exception is raised, the first EXCEPTION_RECORD structure contains information about the most recently raised exception and the ExceptionRecord member of this first EXCEPTION_RECORD structure points to the EXCEPTION_RECORD structure for the previously raised exception.

7. Unhandled Exception: We may turn of Unhandled Exception dialog through SetErrorMode(SEM_ NOGPFAULTERRORBOX)

When a debugger is attached to the application, if all the exception filters in debuggee return EXCEPTION_CONTINUE_SEARCH, the system knows to contact the debugger and tell the debugger that the debuggee has just had an unhandled exception.(So windows' default Unhandled Exception dialog just invoke a debugger and return EXCEPTION_CONTINUE_SEARCH for debbuger to process)

8. First-chance notification and Last-chance notification
First-chance notification:
The notification before the Exception Filter is executed.
Last-chance notification: If all of the exception filters return EXCEPTION_CONTINUE_SEARCH, the operating system notifies the debugger again with a last-chance notification

你可能感兴趣的:(exception)