在Windows x86-64下，有多少壓入32位堆棧的異常？

Question

在這個this question中，我介紹了一些我已經實現的並行語言的背景知識。編譯器生成本機x86-32代碼。

一個關鍵的實現決定是從堆中爲每個函數（調用）分配堆棧空間。這允許遞歸，直到你用完虛擬機，並啓用一個仙人掌堆棧，甚至適用於嵌套並行子代的詞法範圍等。

編譯器的代碼生成器可以計算函數本身需要多少堆棧空間;這很麻煩但很簡單，它已經做得很好。操作系統調用的堆棧需求沒有問題;我的函數不做任何（如果需要的話，代碼切換到標準的「大堆棧」，系統調用，然後切換回來）。爲了在異常和異步調用的情況下安全，它會向函數所需的堆棧空間添加一個令人震驚的常量，目前大約有500個字節，旨在覆蓋x86-32完整的上下文保存，並通過windows 32體驗進行校準。

這種語言和異步異常處理在x86-32系統上都很好用。我們偶爾會在x86-64系統上運行這個32位實現的問題。我懷疑一個異常堆棧溢出。

問題是，當在Windows 64機器上運行我的32位實現時，Windows能夠將多少硬件異常或StopThread調用壓入棧中（除以零）？我很緊張，Windows推動一個完整的x86-64上下文，這比x86-32上下文更大。有人知道嗎？有沒有一個文件可以回答這個章節？

我即將準備運行一些動態實驗來查看。

Answer 1

相同的堆棧上下文，如果你在一個x64盒子上談論仿真的x32環境，那麼它的尺寸和x32上的尺寸完全一樣，在我的情況下它是0x3E0字節對齊到DWORD。

在WOW64過程中模擬的所有東西至少在功能上應該與x32計數器部分完全相同，現在如果您依賴於TEB32來檢查不同情況下的堆棧，您可以在此看到文章：

http://www.dumpanalysis.org/blog/index.php/2009/07/07/raw-stack-dump-of-wow64-process/

可悲的是沒有一個正式的論文中，我能找到的關於你的問題。

而且，這裏是一個有趣的紙，你可以閱讀了有關WOW64模擬的過程：

http://blog.rewolf.pl/blog/?p=102#.UBTmHaBEUXw

最後，如果你的意思是有一個堆棧由函數來處理異常可以無後顧之憂地完成，我可以在這裏看到異常觸發後的跟蹤日誌，堆棧中的某些函數如何在SEH之前接收到異常，它似乎是某種Avast引擎或者可能是某種間諜軟件，我無法追蹤到任何知道的模塊自從功能通過後，就被處理了。

希望我對某件事有所幫助。 PS：如果你可以發佈一些額外的信息，也許堆棧日誌和你的函數來處理異常，我們可以幫助更多。

Answer 2

[答案完整;看到具體的值]的Win32 Vista的和Win64中WOW64爲Windows7的

========================================================================== 

運行在位Windows Vista，做一個IDIV零除數，我得到以下值：

EBP@div == x01C00800 // base of heap-allocated stack frame 
ESP@div == x01C00FF8 // stack at "top" of allocated stack frame 
ESP@entry to SEH == 0x1C00C30 // ESP measured at first instruction of Structured Exception Handler 
ContextOffset[ESP]== 0x1C00D2C // Pointer to context block at entry to SEH 

所以從劃分點的ESP = 0x1C00FF8到推入的上下文塊的底部，推送0x1C00FF8-0x1C00D2C = 0x2CC = 字節。從推送的上下文塊的底部到SEH的入口，0x1C00D2C-0x1C00C30 = 0xFC == 字節被推送。所以，它出現 716 + 252 = 968字節被推（我覺得可笑）。

它變得更糟。接下來是SEH入口堆棧框的轉儲;請注意0​​x1C00C30以下的值低至0x1C00B78（請參見0x30C0BB8處的「明顯的Win32返回地址」0x77c39534），它們不是cdcdcdcd;我相信Windows已經將控制權交給了我的SEH。這是0x1C00B78-0x1C00C30 = 0xB8 = 184個附加字節。 （所以，可笑+難以置信）= 字節需要到達 SEH，最小。 [古怪，由另一個線程執行一個Win32 ThreadStop出現推沒什麼上停止的線程堆棧]

0x01C00800 01b002f0 00000001 cd4b1b19 cdcdcdcd cdcdcdcd 0000000b cdcdcdcd cdcdcdcd ð.°.......KÍÍÍÍÍÍÍÍÍ....ÍÍÍÍÍÍÍÍ 
0x01C00820 cdcdcdcd cdcdcdcd cdcdcdcd cdcdcdcd cdcdcdcd cdcdcdcd cdcdcdcd cdcdcdcd ÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍ 
0x01C00840 cdcdcdcd cdcdcdcd cdcdcdcd cdcdcdcd cdcdcdcd cdcdcdcd cdcdcdcd cdcdcdcd ÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍ 
0x01C00860 cdcdcdcd cdcdcdcd cdcdcdcd cdcdcdcd cdcdcdcd cdcdcdcd cdcdcdcd cdcdcdcd ÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍ 
0x01C00880 cdcdcdcd cdcdcdcd cdcdcdcd cdcdcdcd cdcdcdcd cdcdcdcd cdcdcdcd cdcdcdcd ÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍ 
0x01C008A0 cdcdcdcd cdcdcdcd cdcdcdcd cdcdcdcd cdcdcdcd cdcdcdcd cdcdcdcd cdcdcdcd ÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍ 
0x01C008C0 cdcdcdcd cdcdcdcd cdcdcdcd cdcdcdcd cdcdcdcd cdcdcdcd cdcdcdcd cdcdcdcd ÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍ 
0x01C008E0 cdcdcdcd cdcdcdcd cdcdcdcd cdcdcdcd cdcdcdcd cdcdcdcd cdcdcdcd cdcdcdcd ÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍ 
0x01C00900 cdcdcdcd cdcdcdcd cdcdcdcd cdcdcdcd cdcdcdcd cdcdcdcd cdcdcdcd cdcdcdcd ÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍ 
0x01C00920 cdcdcdcd cdcdcdcd cdcdcdcd cdcdcdcd cdcdcdcd cdcdcdcd cdcdcdcd cdcdcdcd ÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍ 
0x01C00940 cdcdcdcd cdcdcdcd cdcdcdcd cdcdcdcd cdcdcdcd cdcdcdcd cdcdcdcd cdcdcdcd ÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍ 
0x01C00960 cdcdcdcd cdcdcdcd cdcdcdcd cdcdcdcd cdcdcdcd cdcdcdcd cdcdcdcd cdcdcdcd ÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍ 
0x01C00980 cdcdcdcd cdcdcdcd cdcdcdcd cdcdcdcd cdcdcdcd cdcdcdcd cdcdcdcd cdcdcdcd ÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍ 
0x01C009A0 cdcdcdcd cdcdcdcd cdcdcdcd cdcdcdcd cdcdcdcd cdcdcdcd cdcdcdcd cdcdcdcd ÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍ 
0x01C009C0 cdcdcdcd cdcdcdcd cdcdcdcd cdcdcdcd cdcdcdcd cdcdcdcd cdcdcdcd cdcdcdcd ÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍ 
0x01C009E0 cdcdcdcd cdcdcdcd cdcdcdcd cdcdcdcd cdcdcdcd cdcdcdcd cdcdcdcd cdcdcdcd ÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍ 
0x01C00A00 cdcdcdcd cdcdcdcd cdcdcdcd cdcdcdcd cdcdcdcd cdcdcdcd cdcdcdcd cdcdcdcd ÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍ 
0x01C00A20 cdcdcdcd cdcdcdcd cdcdcdcd cdcdcdcd cdcdcdcd cdcdcdcd cdcdcdcd cdcdcdcd ÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍ 
0x01C00A40 cdcdcdcd cdcdcdcd cdcdcdcd cdcdcdcd cdcdcdcd cdcdcdcd cdcdcdcd cdcdcdcd ÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍ 
0x01C00A60 cdcdcdcd cdcdcdcd cdcdcdcd cdcdcdcd cdcdcdcd cdcdcdcd cdcdcdcd cdcdcdcd ÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍ 
0x01C00A80 cdcdcdcd cdcdcdcd cdcdcdcd cdcdcdcd cdcdcdcd cdcdcdcd cdcdcdcd cdcdcdcd ÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍ 
0x01C00AA0 cdcdcdcd cdcdcdcd cdcdcdcd cdcdcdcd cdcdcdcd cdcdcdcd cdcdcdcd cdcdcdcd ÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍ 
0x01C00AC0 cdcdcdcd cdcdcdcd cdcdcdcd cdcdcdcd cdcdcdcd cdcdcdcd cdcdcdcd cdcdcdcd ÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍ 
0x01C00AE0 cdcdcdcd cdcdcdcd cdcdcdcd cdcdcdcd cdcdcdcd cdcdcdcd cdcdcdcd cdcdcdcd ÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍ 
0x01C00B00 cdcdcdcd cdcdcdcd cdcdcdcd cdcdcdcd cdcdcdcd cdcdcdcd cdcdcdcd cdcdcdcd ÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍ 
0x01C00B20 cdcdcdcd cdcdcdcd cdcdcdcd cdcdcdcd cdcdcdcd cdcdcdcd ffff0000 cdcdcdcd ÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍ..ÿÿÍÍÍÍ 
0x01C00B40 00000035 00000034 00000001 cdcdcdcd cdcdcdcd f5f55f5f cdcdcdcd cdcdcdcd 5...4.......ÍÍÍÍÍÍÍÍ__õõÍÍÍÍÍÍÍÍ 
0x01C00B60 cdcdcdcd cdcdcdcd ffff0000 cdcdcdcd cdcdcdcd 0190bfa8 52b396ac 52b396ac ÍÍÍÍÍÍÍÍ..ÿÿÍÍÍÍÍÍÍͨ¿..¬–.R¬–.R 
0x01C00B80 cdcdcdcd 0190bfa8 cdcdcdcd 00000011 00000000 01c00d18 cdcdcdcd cdcdcdcd ÍÍÍͨ¿..ÍÍÍÍ..........À.ÍÍÍÍÍÍÍÍ 
0x01C00BA0 cdcdcdcd cdcdcdcd cdcdcdcd cdcdcdcd cdcdcdcd cdcdcdcd cdcdcdcd cdcdcdcd ÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍ 
0x01C00BC0 cdcdcdcd cdcdcdcd 00000000 cdcdcdcd 01c00c30 77c39534 cdcdcdcd 00000011 ÍÍÍÍÍÍÍÍ....ÍÍÍÍ0.À.4.ÃwÍÍÍÍ.... 
0x01C00BE0 00000000 01c00c30 77c39598 77c395b1 43e4d1f4 00000000 01c00d18 00456c00 ....0.À.˜.Ãw±.ÃwôÑäC......À..lE. 
0x01C00C00 cdcdcdcd cdcdcdcd cdcdcdcd cdcdcdcd 00000000 00400000 01c00bf0 cdcdcdcd ÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍ......@.ð.À.ÍÍÍÍ 
0x01C00C20 0184ff74 77c09aa2 35e18e8c 01c00c50 77c65dd9 01c00d18 0184ff74 01c00d2c tÿ..¢šÀwŒŽá5P.À.Ù]Æw..À.tÿ..,.À. 
0x01C00C40 01c00cec 0184ff74 77c65ded 0184ff74 01c00d00 77c65dab 01c00d18 0184ff74 ì.À.tÿ..í]Æwtÿ....À.«]Æw..À.tÿ.. 
0x01C00C60 01c00d2c 01c00cec 00456c00 00000000 01c00d18 0184ff74 77c39442 01c00d18 ,.À.ì.À..lE.......À.tÿ..B」Ãw..À. 
0x01C00C80 0184ff74 01c00d2c 01c00cec 00456c00 7ffde08c 01c00d18 01b00300 cdcdcdcd tÿ..,.À.ì.À..lE.Œàý...À...°.ÍÍÍÍ 
0x01C00CA0 cdcdcdcd cdcdcdcd cdcdcdcd cdcdcdcd cdcdcdcd cdcdcdcd cdcdcdcd cdcdcdcd ÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍ 
0x01C00CC0 cdcdcdcd cdcdcdcd cdcdcdcd cdcdcdcd cdcdcdcd cdcdcdcd cdcdcdcd cdcdcdcd ÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍ 
0x01C00CE0 cdcdcdcd cdcdcdcd cdcdcdcd cdcdcdcd 00000072 01850000 0184c000 00cdcdcd ÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍr........À..ÍÍÍ. 
0x01C00D00 01c00800 77c65c37 00c00d18 01c00d2c 01c00d18 01c00d2c c0000094 00000000 ..À.7\Æw..À.,.À...À.,.À.」..À.... 
0x01C00D20 00000000 023eb44c 00000000 0001003f 00000000 00000000 00000000 00000000 ....L´>.....?................... 
0x01C00D40 00000000 00000000 ffff037b ffff2120 ffffffff 02383596 051f001b 02382ecc ........{.ÿÿ !ÿÿÿÿÿÿ–58.....Ì.8. 
0x01C00D60 ffff0023 00000000 c0000000 00004000 00000000 c000c000 00000000 80000000 #.ÿÿ.......À.@.......À.À.......€ 
0x01C00D80 0000c001 00000000 c0008000 00000000 c0000000 0000c001 00000000 c002e000 .À.......€.À.......À.À.......à.À 
0x01C00DA0 00000000 80000000 00003fff 40000000 4010a51c 00000000 00000000 0000003b .......€ÿ?.....@.¥.@........;... 
0x01C00DC0 00000023 00000023 7ffde08c 01b00300 0190bfa8 00000000 00000000 00000063 #...#...Œàý...°.¨¿..........c... 
0x01C00DE0 01c00800 023eb44c 0000001b 00010246 01c00ff8 00000023 2120037b 051f0000 ..À.L´>.....F...ø.À.#...{. !.... 
0x01C00E00 02383596 0000001b 02382ecc 00000023 00001f80 0000ffff 00000000 c0000000 –58.....Ì.8.#...€...ÿÿ.........À 
0x01C00E20 00004000 00000000 00000000 c0000000 0000c000 00000000 00000000 80000000 .@.............À.À.............€ 
0x01C00E40 0000c001 00000000 00000000 80000000 0000c000 00000000 00000000 c0000000 .À.............€.À.............À 
0x01C00E60 0000c001 00000000 00000000 e0000000 0000c002 00000000 00000000 80000000 .À.............à.À.............€ 
0x01C00E80 00003fff 00000000 00000000 a51c4000 00004010 00000000 00000000 00000000 ÿ?...........@.¥.@.............. 
0x01C00EA0 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 ................................ 
0x01C00EC0 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 ................................ 
0x01C00EE0 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 ................................ 
0x01C00F00 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 ................................ 
0x01C00F20 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 ................................ 
0x01C00F40 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 ................................ 
0x01C00F60 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 ................................ 
0x01C00F80 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 ................................ 
0x01C00FA0 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 ................................ 
0x01C00FC0 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 ................................ 
0x01C00FE0 00000000 00000000 00000000 00000000 00000000 00000000 52b396ac 01c00b78 ........................¬–.Rx.À. 


======================================================================================== 

運行在64個位Windows 7，WOW64下運行32個的過程中，做一個IDIV與零除數，我得到以下值：

EBP@div == x02100800 // base of heap-allocated stack frame 
ESP@div == x02100FF8 // stack at "top" of allocated stack frame 
ESP@entry to SEH == 0x02100BD4 // ESP measured at first instruction of Structured Exception Handler 
ContextOffset[ESP]== 0x02100D10 // Pointer to context block at entry to SEH 

從ESP = 0x02100FF8在所述分割的點，到推上下文塊的底部，0x02100FF8-0x02100D10 =了0x2e8 = 字節被推

所以（ Win32 p使用）。從推送的上下文塊的底部到SEH的條目，0x02100D10-0x02100BD4 = 0x132 == 字節被推送（Windows32推送）。所以，它出現 744 + 316 = 1060個字節被推送（我發現比Win32推送的可笑量更差）。

它變得更糟。接下來是SEH入口堆棧框的轉儲;請注意0​​x02100BD4以下的值低至0x021009D8（請參閱至少「顯而易見的Win32返回地址」，地址爲0x021009D8的0x77c39534），這些地址不是cdcdcdcd;我相信Windows已經將控制權交給了我的SEH。這是0x02100BD4-0x021009D8 = 0x1FC = 508個附加字節。 （所以，可笑+難以置信）= 字節需要達到SEH，最小值。

0x02100800 020402f0 00000001 fa0ad4b0 cdcdcdcd cdcdcdcd 0000000b cdcdcdcd cdcdcdcd ð.......°Ô.úÍÍÍÍÍÍÍÍ....ÍÍÍÍÍÍÍÍ 
0x02100820 cdcdcdcd cdcdcdcd cdcdcdcd cdcdcdcd cdcdcdcd cdcdcdcd cdcdcdcd cdcdcdcd ÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍ 
0x02100840 cdcdcdcd cdcdcdcd cdcdcdcd cdcdcdcd cdcdcdcd cdcdcdcd cdcdcdcd cdcdcdcd ÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍ 
0x02100860 cdcdcdcd cdcdcdcd cdcdcdcd cdcdcdcd cdcdcdcd cdcdcdcd cdcdcdcd cdcdcdcd ÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍ 
0x02100880 cdcdcdcd cdcdcdcd cdcdcdcd cdcdcdcd cdcdcdcd cdcdcdcd cdcdcdcd cdcdcdcd ÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍ 
0x021008A0 cdcdcdcd cdcdcdcd cdcdcdcd cdcdcdcd cdcdcdcd cdcdcdcd cdcdcdcd cdcdcdcd ÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍ 
0x021008C0 cdcdcdcd cdcdcdcd cdcdcdcd cdcdcdcd cdcdcdcd cdcdcdcd cdcdcdcd cdcdcdcd ÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍ 
0x021008E0 cdcdcdcd cdcdcdcd cdcdcdcd cdcdcdcd cdcdcdcd cdcdcdcd cdcdcdcd cdcdcdcd ÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍ 
0x02100900 cdcdcdcd cdcdcdcd cdcdcdcd cdcdcdcd cdcdcdcd cdcdcdcd cdcdcdcd cdcdcdcd ÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍ 
0x02100920 cdcdcdcd cdcdcdcd cdcdcdcd cdcdcdcd cdcdcdcd cdcdcdcd cdcdcdcd cdcdcdcd ÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍ 
0x02100940 cdcdcdcd cdcdcdcd cdcdcdcd cdcdcdcd cdcdcdcd cdcdcdcd cdcdcdcd cdcdcdcd ÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍ 
0x02100960 cdcdcdcd cdcdcdcd cdcdcdcd cdcdcdcd cdcdcdcd cdcdcdcd cdcdcdcd cdcdcdcd ÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍ 
0x02100980 cdcdcdcd cdcdcdcd cdcdcdcd cdcdcdcd cdcdcdcd cdcdcdcd cdcdcdcd cdcdcdcd ÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍ 
0x021009A0 cdcdcdcd cdcdcdcd cdcdcdcd cdcdcdcd cdcdcdcd cdcdcdcd cdcdcdcd cdcdcdcd ÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍ 
0x021009C0 cdcdcdcd cdcdcdcd cdcdcdcd cdcdcdcd cdcdcdcd cdcdcdcd 74fce2d9 00000000 ÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÙâüt.... 
0x021009E0 cdcdcdcd cdcdcdcd cdcdcdcd cdcdcdcd cdcdcdcd cdcdcdcd cdcdcdcd cdcdcdcd ÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍ 
0x02100A00 cdcdcdcd cdcdcdcd cdcdcdcd cdcdcdcd 002bbfc8 00000000 02040300 00000000 ÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÈ¿+............. 
0x02100A20 fffd708c 00000000 77791266 00000000 cdcdcdcd cdcdcdcd cdcdcdcd cdcdcdcd Œpýÿ....f.yw....ÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍ 
0x02100A40 cdcdcdcd cdcdcdcd cdcdcdcd cdcdcdcd cdcdcdcd cdcdcdcd cdcdcdcd cdcdcdcd ÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍ 
0x02100A60 0010001f 00001f80 002b0023 0053002b 002b002b 00010246 00000000 00000000 ....€...#.+.+.S.+.+.F........... 
0x02100A80 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 ................................ 
0x02100AA0 00000000 00000000 00000063 00000000 00000000 00000000 00000000 00000000 ........c....................... 
0x02100AC0 002bbfc8 00000000 02100ff8 00000000 02100800 00000000 02040300 00000000 È¿+.....ø....................... 
0x02100AE0 fffd708c 00000000 0000002b 00000000 76f612ea 00000000 00000000 00000000 Œpýÿ....+.......ê.öv............ 
0x02100B00 002fe7e0 00000000 fffd5000 00000000 002ffd20 00000000 002ff170 00000000 àç/......Pýÿ.... ý/.....pñ/..... 
0x02100B20 74f32450 00000000 0281b1a4 00000000 2120037b 051f0000 027b359f 00000011 P$ót....¤±......{. !....Ÿ5{..... 
0x02100B40 00000000 02100cc0 00001f80 0000ffff 00000000 80000000 00004001 00000000 ....À...€...ÿÿ.........€.@...... 
0x02100B60 00000000 c0000000 0000c000 00000000 00000000 00000000 00000000 00000000 .......À.À...................... 
0x02100B80 02100bd8 00000011 00000000 02100bd8 7797b2da 7797b2f3 72982375 00000000 Ø...........Ø...Ú.—wó.—wu#˜r.... 
0x02100BA0 02100cc0 00456c00 0000c002 00000000 00000000 80000000 00000000 00400000 À....lE..À.............€......@. 
0x02100BC0 02100b98 dfb28000 0203ff74 779971d5 071ce70d 02100bf8 7797b459 02100cc0 ˜....€.ßtÿ..Õq™w.ç..ø...Y´—wÀ... 
0x02100BE0 0203ff74 02100d10 02100c94 0203ff74 7797b46d 0203ff74 02100ca8 7797b42b tÿ......」...tÿ..m´—wtÿ..¨...+´—w 
0x02100C00 02100cc0 0203ff74 02100d10 02100c94 00456c00 00000000 02100cc0 0203ff74 À...tÿ......」....lE.....À...tÿ.. 
0x02100C20 7797b3ce 02100cc0 0203ff74 02100d10 02100c94 00456c00 fffd708c 02100cc0 Î.—wÀ...tÿ......」....lE.ŒpýÿÀ... 
0x02100C40 02040300 00000000 00000000 00000000 00000000 00000000 00000000 00000000 ................................ 
0x02100C60 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 ................................ 
0x02100C80 00000000 00000000 00000000 00000000 00000000 00000000 00000072 02040000 ........................r....... 
0x02100CA0 0203c000 00000000 02100800 77930133 00100cc0 02100d10 02100cc0 02100d10 .À..........3.「wÀ.......À....... 
0x02100CC0 c0000094 00000000 00000000 0281b1a4 00000000 00000000 00000000 00000000 」..À........¤±.................. 
0x02100CE0 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 ................................ 
0x02100D00 00000000 00000000 00000000 00000000 0001003f 00000000 00000000 00000000 ................?............... 
0x02100D20 00000000 00000000 00000000 0000037b 00002120 0000ffff 027b359f 051f0023 ............{... !..ÿÿ..Ÿ5{.#... 
0x02100D40 027b2ecc 0000002b 00000000 80000000 00004001 00000000 c000c000 00000000 Ì.{.+..........€.@.......À.À.... 
0x02100D60 80000000 0000c001 00000000 c0008000 00000000 c0000000 0000c001 00000000 ...€.À.......€.À.......À.À...... 
0x02100D80 c002e000 00000000 80000000 00003fff 80000000 400fdfb2 00000000 0000002b .à.À.......€ÿ?.....€.ß.@....+... 
0x02100DA0 00000053 0000002b 0000002b fffd708c 02040300 002bbfc8 00000000 00000000 S...+...+...Œpýÿ....È¿+......... 
0x02100DC0 00000063 02100800 0281b1a4 00000023 00010246 02100ff8 0000002b 2120037b c.......¤±..#...F...ø...+...{. ! 
0x02100DE0 051f0000 027b359f 00000023 027b2ecc 0000002b 00001f80 0000ffff 00000000 ....Ÿ5{.#...Ì.{.+...€...ÿÿ...... 
0x02100E00 80000000 00004001 00000000 00000000 c0000000 0000c000 00000000 00000000 ...€.@.............À.À.......... 
0x02100E20 80000000 0000c001 00000000 00000000 80000000 0000c000 00000000 00000000 ...€.À.............€.À.......... 
0x02100E40 c0000000 0000c001 00000000 00000000 e0000000 0000c002 00000000 00000000 ...À.À.............à.À.......... 
0x02100E60 80000000 00003fff 00000000 00000000 dfb28000 0000400f 00000000 00000000 ...€ÿ?...........€.ß.@.......... 
0x02100E80 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 ................................ 
0x02100EA0 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 ................................ 
0x02100EC0 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 ................................ 
0x02100EE0 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 ................................ 
0x02100F00 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 ................................ 
0x02100F20 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 ................................ 
0x02100F40 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 ................................ 
0x02100F60 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 ................................ 
0x02100F80 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 ................................ 
0x02100FA0 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 ................................ 
0x02100FC0 00000000 00000000 00000000 00000000 00000000 00000000 00000000 fffffd34 ............................4ýÿÿ 
0x02100FE0 000002e4 fffffd34 000002cc 00000019 00000000 00000063 52b396ac 02100b78 ä...4ýÿÿÌ...........c...¬–.Rx... 

成本進入SEH

最後的總結：

• WINDOWS32推968個字節，象垃圾一樣清除184個字節超出;你需要1152個字節的額外堆棧，超出了你在陷阱點的地位。
• Windows64（WOW64）推1060個字節和508個象垃圾一樣清除字節超出;除了你在陷阱處的內容之外，你還需要1568個字節。

在Windows的肆意使用棧空間的時候，它很難定義一個「小型激活記錄」方案。

我猜例外Windows下的處理必須超過慢，開機;讀取和寫入所有這些字節需要時間。

我很可能會用的Windows8測試版再次嘗試。我期望會感到厭惡。