Tuesday, December 10, 2013

Win32 SEH Exceptions 

Below is the diagram of how the debugger gets the events when an exception happens.
  • The Debuggee sends a notification to the Debugger when the exception happens for the first time.
    This is event is sent to the debugger even before the debuggee gets a chance to handle it.
  • If the debugger ignores this and continues
  • 2nd Chance Exception is sent to the debugger to some handling
Here is the output of the debugger.
"First chance exceptions are reported before any exception handling."
(211c.2840): C++ EH exception - code e06d7363 (first chance)
(211c.2840): C++ EH exception - code e06d7363 (!!! second chance !!!)
Posted by at 4:00 AM 0 comments
Labels:

Tuesday, October 22, 2013

ASM code generation using the cool -FA compiler switch

Recently I was try to experiment with some calling conventions and I wanted to look at the assembly code, to better understand the behavior.
There are couple of ways.
1. Look the dis-assembly while debugging.
2. use the very cool ollydbg!
3. Generate one for yourself while building the binary!!
That is where the magical compiler -FAs switch comes in the play. Following was the code I test it with 
***********************************************************************

my 'C' code

void foo()
{
 printf("in foo");
 
}

// This code is compiled using compiler flag -FAs switch to generate and equivalent ASM code
int _tmain(int argc, _TCHAR* argv[])
{
 foo();
 return 0;
}
************************************************************************
************************************************************************
Generated Assembly code(I have only shown the main portion of the code)
PUBLIC _wmain
; Function compile flags: /Odtp /RTCsu /ZI
; COMDAT _wmain
_TEXT SEGMENT
_argc$ = 8      ; size = 4
_argv$ = 12      ; size = 4
_wmain PROC      ; COMDAT

; 16   : {

 push ebp
 mov ebp, esp
 sub esp, 192    ; 000000c0H
 push ebx
 push esi
 push edi
 lea edi, DWORD PTR [ebp-192]
 mov ecx, 48     ; 00000030H
 mov eax, -858993460    ; ccccccccH
 rep stosd

; 17   :  foo();

 call ?foo@@YAXXZ    ; foo    //call to foo

; 18   :  return 0;

 xor eax, eax

; 19   : }

 pop edi
 pop esi
 pop ebx
 add esp, 192    ; 000000c0H
 cmp ebp, esp
 call __RTC_CheckEsp
 mov esp, ebp
 pop ebp
 ret 0
*******************************************************************************************
Nevertheless a nice way to look at the Assembly code!
Posted by at 12:19 AM 0 comments
Location: Bangalore, Karnataka, India

Saturday, June 22, 2013

Hadoop installation on my linux box

Today was fun! installed Single node hadoop system and run some samples
on text search, it was just a breeze need to do more investigation on how it works.


The following blogs where helpful.
http://www.michael-noll.com/tutorials/running-hadoop-on-ubuntu-linux-single-node-cluster/
http://mohsin-junaid.blogspot.in/2013/02/how-to-install-hadoop-104-on-ubuntu.html


Posted by at 10:02 PM 0 comments
Labels: ,
Location: Pune, Maharashtra, India
Subscribe to: Posts (Atom)