Posted on

Windows CE: A Quick Guide to Exception Handling

Structured Exception Handling (SEH) is a Microsoft extension to C designed to handle faults gracefully, with the intention that memory and files can be released correctly when execution is unexpectedly terminated.

There are two types of SEH mechanisms:

  • Exception Handlers, or __except blocks, which can respond or dismiss an exception
  • Termination Handlers, or __finally blocks, which are always called whether an exception causes termination or not.

When an exception occurs the stack is unwound and the OS looks for the most recent exception handler. As each layer of the stack is unwound the OS calls any termination handlers which have been written for each function, in the process cleaning up any resources which would have otherwise been left open. This might include closing critical sections, releasing mutexes, or freeing memory.

At each stage of the unwinding process the OS checks the latest functions PDATA structure to find out in an exception handler exists.

OffsetBitsFieldDescription
031-0Begin AddressVirtual address of the corresponding function
47-0Prolog LengthNumber of instructions in the function's prolog
429-8Function LengthNumber of instructions in the function
43032-bit FlagSet if the function uses 32-bit instructions, clear for 16-bit instructions
431Exception FlagSet if an exception handler exists for the function

If an exception handler is flagged to exist or the function length is zero then an additional PDATA_EH structure will precede the function in the .text section. This structure will contain pointers to the exception handler and the handler’s data record.

struct PDATA_EH {
 unsigned int* pHandler; 
 unsigned int* pHandlerData;
};

Posted on

Linux: How to Find PID for a locked session

Recently I have been getting emacs sessions locking up on my ubuntu machine. With several emacs sessions open, and no way out other than killing the specific session, you need to find the correct PID. But which session is which?

You can get additional info regarding processes using ps. The example below gives information relating to my currently running emacs sessions.

$ ps ax | grep emacs
20284 pts/7 Sl  1:21 emacs Matrix.txt
30261 tty2  Sl+ 2:24 /usr/bin/emacs25
30674 ?     Sl  0:00 /usr/bin/emacs25 /usr/include/linux/errno.h
30713 pts/7 S+  0:00 grep emacs

The numbers at the head of the last four lines correspond to the PID for each emacs session. If you need to know the process owner call ps with the argument ‘aux’.

a - show processes for all users
u - display the process owner
x - show processes not attached to a terminal

The status flags can be interpreted as follows:

D - uninterruptible sleep (usually IO)
R - running or runnable (on run queue)
S - interruptible sleep (waiting for an event to complete)
T - stopped by job control signal
t - stopped by debugger during the tracing
W - paging (not valid since the 2.6.xx kernel)
X - dead (should never be seen)
Z - defunct ("zombie") process, terminated but not reaped by its parent

In my case the stalled session was newly opened, so the time was an indication, as was the command line used to start the session. Also, the session was not started from the command line, so without the ‘x’ argument the session did not appear.