how does wow64 support KiUserExceptionDispatcher

OSR_Community_User · July 13, 2013, 12:28pm

as we know,when runs a 32bit process on wow64,there is a simulate layer help us run the program properly.
like apc,when 32bit program inserts a apc, the ntdll!KiUserExceptionDispatcher (wow64) is invoked ,then it
finds out the apc is from 32bit program,so the KiUserExceptionDispatcher will use a function named wow64apcrouting,which is a wapper,to transfer the control 32bit space,like a far jmp to ntdll_7xxxxxx!KiUserExceptionDispatcher

so,my question is ,does the os do the same thing when a 32bit exception occurs??
so far i’ve done some research.and yet no answers found…

OSR_Community_User · July 13, 2013, 1:23pm

Have you done a __try/__except which contains a RaiseException call? If
it works, the answer is “it does the right thing”. If it doesn’t work,
something very strange is going on, becausse it’s supposed to work.
joe

as we know,when runs a 32bit process on wow64,there is a simulate layer
help us run the program properly.
like apc,when 32bit program inserts a apc, the
ntdll!KiUserExceptionDispatcher (wow64) is invoked ,then it
finds out the apc is from 32bit program,so the KiUserExceptionDispatcher
will use a function named wow64apcrouting,which is a wapper,to transfer
the control 32bit space,like a far jmp to
ntdll_7xxxxxx!KiUserExceptionDispatcher

so,my question is ,does the os do the same thing when a 32bit exception
occurs??
so far i’ve done some research.and yet no answers found…

NTDEV is sponsored by OSR

Visit the list at: http://www.osronline.com/showlists.cfm?list=ntdev

OSR is HIRING!! See http://www.osr.com/careers

For our schedule of WDF, WDM, debugging and other seminars visit:
http://www.osr.com/seminars

To unsubscribe, visit the List Server section of OSR Online at
http://www.osronline.com/page.cfm?name=ListServer

OSR_Community_User · July 14, 2013, 12:32am

im pretty sure it works,and it should be.

if it dont, then every wow64 process 's seh should fail,but as we know ,they works find as usual

OSR_Community_User · July 14, 2013, 2:20am

sorry my mistake!!!
therr r some errors in the first message i posted!!

here is the correct version

as we know,when runs a 32bit process on wow64,there is a simulate layer help us
run the program properly.
like apc,when 32bit program inserts a apc, the ntdll!KiApcDispatch
(wow64) is invoked ,then it
finds out the apc is from 32bit program,so the KiApcDispatch will
use a function named wow64ApcRouting,which is a wrapper,to transfer the control
32bit space,like a far jmp to ntdll_7xxxxxx!KiApcDispatch

so,my question is ,does the os do the same thing when a 32bit exception occurs??
so far i’ve done some research.and yet no answers found…

OSR_Community_User · July 15, 2013, 8:52am

im grad to tell u guys,with raymond’s great help,i’ve had a good understanding of that problem.

here is the link:
http://advdbg.org/blogs/advdbg_system/articles/5884.aspx