How can i access the exception chain (SEH) using masm64?
Using masm32, I get the first exception looking into fs:[0]
But when I checked in Windbg if fs:[0] still pointed at the first exception in x64, I figured that it wasn't.
I'd like to set an exception in x64 the same way I did in x86. Is it feasible (maybe looking at gs register)?
If this is coding related then you use
ml64seh PROC FRAME:ExceptionFilter
this adds your exception handler to .PDATA section RUNTIME_FUNCTION
if this is how to find this exception handler in windbg when the exception has been raised
use !exchain command
or if you want to find it before executing a specific function use .fnent command
a sample for x64 seh and finding it in windbg is as follows
;assemble and link with
;ml64 /Zi ml64seh.asm /link /debug /entry:ml64seh /subsystem:console
.data
safeplace DWORD ?
.code
ExceptionFilter PROC
jmp Handler
ExceptionFilter ENDP
PUBLIC ml64seh
ml64seh PROC FRAME:ExceptionFilter
.ENDPROLOG
mov rax, 0
mov [rax], rax ;access violation
jmp exit
Handler::
lea rax, safeplace
mov [r8+078h], rax ; replacing rax in exception handler so access is possible
mov rax, 0
ret
Exit:
ret
ml64seh ENDP
END
run without stopping in windbg
:\>cdb -g ml64seh.exe
(2aa0.3024): Access violation - code c0000005 (first chance)
ml64seh!ml64seh+0x7:
00007ff7`0e3b1029 488900 mov qword ptr [rax],rax ds:00000000`00000000=????????????????
0:000>
it crashed and broke now locating exception handlers
0:000> .fnent .
Debugger function entry 0000020b`e36c47a8 for:
(00007ff7`0e3b1022) ml64seh!ml64seh+0x7 | (00007ff7`0e3b32b0) ml64seh!$xdatasym
BeginAddress = 00000000`00001022
EndAddress = 00000000`00001042
UnwindInfoAddress = 00000000`000032b0
Unwind info at 00007ff7`0e3b32b0, c bytes
version 1, flags 3, prolog 0, codes 0
handler routine: ml64seh!ILT+0(ExceptionFilter) (00007ff7`0e3b1005), data 0 <<<<<<<<<
0:000> !exchain
3 stack frames, scanning for handlers...
Frame 0x00: ml64seh!ml64seh+0x7 (00007ff7`0e3b1029)
ehandler ml64seh!ILT+0(ExceptionFilter) (00007ff7`0e3b1005) <<<<<<<<<<<<
Frame 0x02: ntdll!RtlUserThreadStart+0x21 (00007ffe`213c26a1)
ehandler ntdll!_C_specific_handler (00007ffe`213fc720)
0:000>
lets see if we go to the handler and return back to re access the faulting place
0:000> bp .
0:000> bp 00007ff7`0e3b1005
0:000> bl
0 e 00007ff7`0e3b1029 0001 (0001) 0:**** ml64seh!ml64seh+0x7
1 e 00007ff7`0e3b1005 0001 (0001) 0:**** ml64seh!ILT+0(ExceptionFilter)
0:000> g
Breakpoint 1 hit
ml64seh!ILT+0(ExceptionFilter):
00007ff7`0e3b1005 e916000000 jmp ml64seh!ExceptionFilter (00007ff7`0e3b1020)
0:000> g
Breakpoint 0 hit
ml64seh!ml64seh+0x7: is accessible now
00007ff7`0e3b1029 488900 mov qword ptr [rax],rax ds:00007ff7`0e3b4000=0000000000000000
0:000>
btw you can use dumpbin or linker to spit out all the unwindinfos in a specific binary using -unwindinfo switch
:\>dumpbin /unwindinfo ml64seh.exe
Microsoft (R) COFF/PE Dumper Version 14.29.30146.0
Copyright (C) Microsoft Corporation. All rights reserved.
Dump of file ml64seh.exe
File Type: EXECUTABLE IMAGE
Function Table (1)
Begin End Info Function Name
00000000 00001022 00001042 000032B0 ml64seh
Unwind version: 1
Unwind flags: EHANDLER UHANDLER
Size of prologue: 0x00
Count of codes: 0
Handler: 00001005 #ILT+0(ExceptionFilter)
everyone,
I'm trying to do some calculations and plot the results, but it seems that these are too heavy for Maxima. When I try to calculate N1 and N2 the program crashes when parameter j is too high or when I try to plot them, the program displays the following error message: "Heap exhausted, game over." What should I do? I've seen some people saying to try to compile Maxima with ccl, but I don't know how to do it or if it will work.
I usually receive error messages like:
Message from maxima's stderr stream: Heap exhausted during garbage collection: 0 bytes available, 16 requested.
Gen Boxed Unboxed LgBox LgUnbox Pin Alloc Waste Trig WP GCs Mem-age
0 0 0 0 0 0 0 0 20971520 0 0 0,0000
1 0 0 0 0 0 0 0 20971520 0 0 0,0000
2 0 0 0 0 0 0 0 20971520 0 0 0,0000
3 16417 2 0 0 43 1075328496 707088 293986768 16419 1 0,8032
4 13432 21 0 1141 70 955593760 838624 2000000 14594 0 0,2673
5 0 0 0 0 0 0 0 2000000 0 0 0,0000
6 741 184 34 28 0 63259792 1424240 2000000 987 0 0,0000
7 0 0 0 0 0 0 0 2000000 0 0 0,0000
Total bytes allocated = 2094182048
Dynamic-space-size bytes = 2097152000
GC control variables:
*GC-INHIBIT* = true
*GC-PENDING* = true
*STOP-FOR-GC-PENDING* = false
fatal error encountered in SBCL pid 13884(tid 0000000001236360):
Heap exhausted, game over.
Here goes the code:
enter code here
a: 80$;
b: 6*a$;
h1: 80$;
t: 2$;
j: 5$;
carga: 250$;
sig: -carga/2$;
n: 2*q*%pi/b$;
m: i*%pi/a$;
i: 2*p-1$;
i1: 2*p1-1$;
/*i1: p1$;*/
Φ: a/b$;
τ: cosh(x) - (x/sinh(x))$;
σ: sinh(x) - (x/cosh(x))$;
Ψ: sinh(x)/τ$;
Χ: cosh(x)/σ$;
Λ0: 1/(((i/2)^2+Φ^2*q^2)^2)$;
Λ1: sum((((i/2)^3*subst([x=(i*%pi/(2*Φ))],Ψ))/(((i/2)^2+Φ^2*q1^2)^2))*Λ0, p, 1, j)$;
Λ2: sum(((q1^3*subst([x=(q1*%pi*Φ)],Χ))/(((i/2)^2+Φ^2*q1^2)^2))*Λ1, q1, 1, j)$;
Λ3: sum((((i/2)^3*subst([x=(i*%pi/(2*Φ))],Ψ))/(((i/2)^2+Φ^2*q1^2)^2))*Λ2, p, 1, j)$;
Λ4: sum(((q1^3*subst([x=(q1*%pi*Φ)],Χ))/(((i/2)^2+Φ^2*q1^2)^2))*Λ3, q1, 1, j)$;
Λ5: sum((((i/2)^3*subst([x=(i*%pi/(2*Φ))],Ψ))/(((i/2)^2+Φ^2*q1^2)^2))*Λ4, p, 1, j)$;
Ζ0: sum(((q^3*subst([x=(q*%pi*Φ)],Χ))/(((i1/2)^2+Φ^2*q^2)^2))*Λ0, q, 1, j)$;
Ζ2: sum(((q^3*subst([x=(q*%pi*Φ)],Χ))/(((i1/2)^2+Φ^2*q^2)^2))*Λ2, q, 1, j)$;
Ζ4: sum(((q^3*subst([x=(q*%pi*Φ)],Χ))/(((i1/2)^2+Φ^2*q^2)^2))*Λ4, q, 1, j)$;
E: 200000$;
ν: 0.3$;
λ: (ν*E)/((1+ν)*(1-2*ν))$;
μ: E/(2*(1+ν))$;
a0: float(1/(b/2)*integrate(0, y, -(b/2), -h1/2)+1/b*integrate(sig, y, -h1/2, h1/2)+1/(b/2)*integrate(0, y, h1/2, (b/2)))$;
aq: float(1/(b/2)*integrate(0*cos(q*y*%pi/(b/2)), y, -(b/2), - h1/2)+1/(b/2)*integrate(sig*cos(q*y*%pi/(b/2)), y, -h1/2, h1/2)+1/(b/2)*integrate(0*cos(q*y*%pi/(b/2)), y, h1/2, (b/2)))$;
aq1: float(1/(b/2)*integrate(0*cos(q1*y*%pi/(b/2)), y, -(b/2), - h1/2)+1/(b/2)*integrate(sig*cos(q1*y*%pi/(b/2)), y, -h1/2, h1/2)+1/(b/2)*integrate(0*cos(q1*y*%pi/(b/2)), y, h1/2, (b/2)))$;
Bq: aq/((λ+μ)*subst([x=q*%pi*Φ],σ))+((16*Φ^4*q^2*(-1)^q)/((λ+μ)*%pi^2*subst([x=q*%pi*Φ],σ)))*sum(q1*aq1*(-1) ^q1*subst([x=q1*%pi*Φ],Χ)*(Λ1+(16*Φ^4/(%pi^2))*Λ3+((16*Φ^4/(%pi^2))^2)*Λ5), q1, 1, j)+(8*λ*Φ^3*q^2*(-1)^q*a0)/((λ+μ)*(λ+2*μ)*(%pi^3)*subst([x=q*%pi*Φ],σ))*sum(subst([x=i*%pi/(2*Φ)],Ψ)/(i/ 2)*(Λ0+(16*Φ^4/(%pi^2))*Λ2+((16*Φ^4/(%pi^2))^2)*Λ4), p, 1, j)$;
βp: -(2*λ*a0*(-1)^((i-1)/2))/((λ+μ)*(λ+2*μ)*(i/2)^2*%pi^2*subst([x=i*%pi/(2*Φ)],τ))-((32*λ*Φ^4*(i/2)^2*a0*(-1)^((i-1)/2))/((λ+μ)*(λ+2*μ)*%pi^2*subst([x=i*%pi/(2*Φ)],τ)))*sum(((subst([x=i1*%pi/(2*Φ)],Ψ))/(i1/2))*(Ζ0+Ζ2*((16*Φ^4)/%pi^2)+Ζ4*(((16*Φ^4)/%pi^2)^2)),p1,1,j)-((4*Φ*(i/2)^2*(-1)^((i-1)/2))/((λ+μ)*%pi*subst([x=i*%pi/(2*Φ)],τ)))*sum(q*aq*(-1)^q*subst([x=q*%pi*Φ],Χ)*(Λ0+Λ2*(16*Φ^4/%pi^2)+Λ4*(16*Φ^4/%pi^2)^2),q,1,j)$;
N1: (2*a0/a)*x+(λ+μ)*sum(Bq*((1+((n*a*sinh(n*a/2))/(2*cosh(n*a/2))))*sinh(n*x)-n*x*cosh(n*x))*cos(n*y),q,1,j)+(λ+μ)*sum(βp*((1-((m*b*cosh(m*b/2))/(2*sinh(m*b/2))))*cosh(m*y)+m*y*sinh(m*y))*sin(m*x),p,1,j)$;
N2: ((2*λ*a0)/(a*(λ+2*μ)))*x+(λ+μ)*sum(Bq*((1-((n*a*sinh(n*a/2))/(2*cosh(n*a/2))))*sinh(n*x)+n*x*cosh(n*x))*cos(n*y),q,1,j)+(λ+μ)*sum(βp*((1+((m*b*cosh(m*b/2))/(2*sinh(m*b/2))))*cosh(m*y)-m*y*sinh(m*y))*sin(m*x),p,1,j);
wxplot3d(N1, [x,-a/2,a/2], [y,-b/2,b/2])$;
wxplot3d(N2, [x,-a/2,a/2], [y,-b/2,b/2])$;
This is not a complete answer, since I don't know how this should work with wxMaxima: I would suggest that you ask the developers. However it's too long for a comment and I think might be useful to people, and it does answer the question of how you solve the heap-size limit for Maxima itself when using SBCL, at least when run on Linux or some other platform with a command-line.
As a note, I suspect that the underlying problem is not the heap size, but that the calculation is blowing up in some horrible way: the best fix is probably to understand what's blowing up and fix that. See Robert Dodier's answer, which is probably going to be a lot more helpful. However, if heap size is the problem, this is how you deal with it for Maxima.
The trick is that you can tell SBCL what the heap limit should be by passing it the --dynamic-space-size <MB> argument, and you can pas arguments through the maxima wrapper to do this.
Here is a transcript of Maxima, being run on Linux, with SBCL as a back end (this is a version built from source: the packaged version will I assume be the same):
$ maxima
Maxima 5.43.2 http://maxima.sourceforge.net
using Lisp SBCL 2.0.0
Distributed under the GNU Public License. See the file COPYING.
Dedicated to the memory of William Schelter.
The function bug_report() provides bug reporting information.
(%i1) :lisp (sb-ext:dynamic-space-size)
1073741824
So, on this system the defaule heap limit is 1GB (this is SBCL's default limit on the platform).
Now we can pass the -X <lisp options> aka --lisp-options=<lisp options> option to the maxima wrapper to pass the appropriate option through to sbcl:
$ maxima -X '--dynamic-space-size 2000'
Lisp options: (--dynamic-space-size 2000)
Maxima 5.43.2 http://maxima.sourceforge.net
using Lisp SBCL 2.0.0
Distributed under the GNU Public License. See the file COPYING.
Dedicated to the memory of William Schelter.
The function bug_report() provides bug reporting information.
(%i1) :lisp (sb-ext:dynamic-space-size)
2097152000
As you can see this has doubled the heap size.
If someone knows the answer for wxMaxima then please do add an edit to this answer: I can't experiment it because all my Linux VMs are headless.
Also not a complete answer here, but some more notes and pointers which I hope will help.
To make the problem easier for Maxima to digest, use only exact numbers (integers and ratios), and avoid float and numer. (Plotting functions will apply float and numer automatically.) I changed 0.3 to 3/10 and cut out the calls to float.
Also, try setting j to a smaller number (I tried j equal to 1) to try to work all the way through the problem before increasing it to 5 again.
Also, replace all sum and integrate with 'sum and 'integrate (i.e. noun expressions instead of verb expressions). Take a look at the summands and integrands to see if they look right. You can evaluate the sums and/or integrals or both via ev(expr, sum) or ev(expr, integrate) or ev(expr, nouns) to evaluate 'sum, 'integrate, or all noun expressions, respectively.
With j equal to 1, I get the following expression for N1:
(2500000*((-(13*cosh(%pi/6)
*((8503056*cosh(%pi/6)^2*sinh(3*%pi)^2)
/(9765625*%pi^4
*(sinh(%pi/6)-%pi/(6*cosh(%pi/6)))^2
*(cosh(3*%pi)-(3*%pi)/sinh(3*%pi))^2)
+(52488*cosh(%pi/6)*sinh(3*%pi))
/(15625*%pi^2*(sinh(%pi/6)-%pi/(6*cosh(%pi/6)))
*(cosh(3*%pi)-(3*%pi)/sinh(3*%pi)))
+324/25))
/(120000*%pi^2*(sinh(%pi/6)-%pi/(6*cosh(%pi/6)))
*(cosh(3*%pi)-(3*%pi)/sinh(3*%pi))))
+(13*sinh(3*%pi)
*((2754990144*cosh(%pi/6)^3*sinh(3*%pi)^2)
/(244140625*%pi^4
*(sinh(%pi/6)-%pi/(6*cosh(%pi/6)))^3
*(cosh(3*%pi)-(3*%pi)/sinh(3*%pi))^2)
+(17006112*cosh(%pi/6)^2*sinh(3*%pi))
/(390625*%pi^2
*(sinh(%pi/6)-%pi/(6*cosh(%pi/6)))^2
*(cosh(3*%pi)-(3*%pi)/sinh(3*%pi)))
+(104976*cosh(%pi/6))
/(625*(sinh(%pi/6)-%pi/(6*cosh(%pi/6))))))
/(22680000*%pi^2*(cosh(3*%pi)-(3*%pi)/sinh(3*%pi))^2)
+13/(35000*%pi^2*(cosh(3*%pi)-(3*%pi)/sinh(3*%pi))))
*sin((%pi*(2*p-1)*x)/80)
*((%pi*(2*p-1)*y*sinh((%pi*(2*p-1)*y)/80))/80
+(1-(3*%pi*(2*p-1)*cosh(3*%pi*(2*p-1)))
/sinh(3*%pi*(2*p-1)))
*cosh((%pi*(2*p-1)*y)/80)))
/13
+(2500000*((-(13*cosh(%pi/6)
*((344373768*cosh(%pi/6)^2*sinh(3*%pi)^3)
/(244140625*%pi^4
*(sinh(%pi/6)-%pi/(6*cosh(%pi/6)))
^2
*(cosh(3*%pi)-(3*%pi)/sinh(3*%pi))
^3)
+(2125764*cosh(%pi/6)*sinh(3*%pi)^2)
/(390625*%pi^2
*(sinh(%pi/6)-%pi/(6*cosh(%pi/6)))
*(cosh(3*%pi)-(3*%pi)/sinh(3*%pi))^2)
+(13122*sinh(3*%pi))
/(625*(cosh(3*%pi)-(3*%pi)/sinh(3*%pi)))))
/(1620000*%pi^3*(sinh(%pi/6)-%pi/(6*cosh(%pi/6)))^2))
+(13*sinh(3*%pi)
*((8503056*cosh(%pi/6)^2*sinh(3*%pi)^2)
/(9765625*%pi^4
*(sinh(%pi/6)-%pi/(6*cosh(%pi/6)))^2
*(cosh(3*%pi)-(3*%pi)/sinh(3*%pi))^2)
+(52488*cosh(%pi/6)*sinh(3*%pi))
/(15625*%pi^2*(sinh(%pi/6)-%pi/(6*cosh(%pi/6)))
*(cosh(3*%pi)-(3*%pi)/sinh(3*%pi)))
+324/25))
/(3780000*%pi^3*(sinh(%pi/6)-%pi/(6*cosh(%pi/6)))
*(cosh(3*%pi)-(3*%pi)/sinh(3*%pi)))
-13/(20000*%pi*(sinh(%pi/6)-%pi/(6*cosh(%pi/6)))))
*(((%pi*sinh(%pi/6))/(6*cosh(%pi/6))+1)
*sinh((%pi*x)/240)
-(%pi*x*cosh((%pi*x)/240))/240)*cos((%pi*y)/240))
/13-(25*x)/48$
Now in order to plot that, it should be a function of x and y only. However listofvars reports that it contains x, y, and p. Hmm. I see that βp has a summation over p1 but it contains Ζ0, which contains Λ0, which contains p. Is the summation over p1 supposed to be over p? Is the summand supposed to contain p1 instead of p?
Likewise it appears that N2, after evaluating the sums and integrals with j equal to 1, contains p.
Maybe you need to rework the formulas somewhat? I don't know what the correct form might be.
I have some trouble with very long subroutine with hypnotoad.
I need to run 1 minute subroutine (hardware connected requirements).
Firsly, i discover this behavior with:
my $var = 0;
Mojo::IOLoop->recurring(60 => sub {
$log->debug("starting loop: var: $var");
if ($var == 0) {
#...
#make some long (30 to 50 seconds) communication with external hardware
sleep 50; #fake reproduction of this long communication
$var = 1;
}
$log->debug("ending loop: var: $var");
})
Log:
14:13:45 2018 [debug] starting loop: var: 0
14:14:26 2018 [debug] ending loop: var: 1 #duration: 41 seconds
14:14:26 2018 [debug] starting loop: var: 0
14:15:08 2018 [debug] ending loop: var: 1 #duration: 42 seconds
14:15:08 2018 [debug] starting loop: var: 0
14:15:49 2018 [debug] ending loop: var: 1 #duration: 42 seconds
14:15:50 2018 [debug] starting loop: var: 0
14:16:31 2018 [debug] ending loop: var: 1 #duration: 41 seconds
...
3 problems:
1) Where do these 42 seconds come from? (yes, i know, 42 seconds is the answer of the universe...)
2) Why the IOLoop recuring loses his pace?
3) Why my variable is setted to 1, and just one second after, the if get a variable equal to 0?
When looped job needs 20 seconds or 25 seconds, no problem.
When looped job needs 60 secondes and used with morbo, no problem.
When looped job needs more than 40 seconds and used with hypnotoad (1 worker), this is the behavior explained here.
If i increase the "not needed" time (e.g. 120 seconds IOLoop for 60 seconds jobs, the behaviour is always the same.
It's not a problem about IOLoop, i can reproduce the same behavior outside loop.
I suspect a problem with worker killed and heart-beat, but i have no log about that.
I'm not talking about the call stack.
I want to count how many times a certain function is called when at the address hold by ESP there is a certain value. Before you tell me to check the return address, I'm not interested in that - the return address is at ESP+4 in this case, [ESP] holding a value that is popped before the function will return. Details unimportant.
I can count function calls with the following syntax:
bp MyFunction "r #$t0 = #$t0 + 1; r #$t0; gc"
I can display the double word at [ESP] by adding
dd $csp L1
to the above command.
The problem is that there are quite a lot of calls and I'm only interested in certain calls and tracking them down manually after each break point is annoying and time consuming.
I'm still getting used with WinDbg's syntax. How should the condition look in my .if statement?
I tried some crazy things like
.if( (dd $csp L1) == 2 )
But that is obviously wrong.
I also though about setting the breakpoint somewhere in the function after the value at [ESP] is moved in a local variable (something like bp MyFunction+eip_after_assignment), but that is a bit too late. I think I can work with that, but it will make things simpler if I could just check [ESP] at the beginning.
0:000> lsa .
2: int dummy=0;
3: void useless(int in) {
4: dummy=in;
5: }
> 6: void main(void) {
7: for(int i=0;i<0xffffffff;i++)
8: useless(i);
9: }
0:000> uf countfunc!useless
countfunc!useless [c:\countfunc.cpp # 3]:
3 00401000 55 push ebp
3 00401001 8bec mov ebp,esp
4 00401003 8b4508 mov eax,dword ptr [ebp+8]
4 00401006 a320bb4000 mov dword ptr [countfunc!dummy (0040bb20)],eax
5 0040100b 5d pop ebp
5 0040100c c3 ret
0:000> bl
0:000> bp 0040100b ".if ( poi(#$csp+8) != 1337 ) {gc}"
0:000> .bpcmds
bp0 0x0040100b ".if ( poi(#$csp+8) != 1337 ) {gc}";
0:000> g
> eax=00001337 ebx=7ffdf000 ecx=00001337 edx=0040c340 esi=00000000
> edi=0098f6ee eip=0040100b esp=0013ff68 ebp=0013ff68 iopl=0 nv
> up ei pl nz ac po cy cs=001b ss=0023 ds=0023 es=0023 fs=003b
> gs=0000 efl=00000213 countfunc!useless+0xb: 0040100b 5d
> pop ebp
0:000> ?? in
int 0n4919
0:000> dv
in = 0n4919
0:000> ? 0n4919/1
Evaluate expression: 4919 = 00001337
a bit more complex conditional break on same code conditional breaks do take a lot of time debugging time sensitive code can be quiet challenging
0:000> r $t0 = 0; bp 0040100b ".if ( poi(#$csp+8) != #$t0*1337 ) {gc} .else { .echotime ;? poi(#$csp+8) ; r$t0 = #$t0+1 ;gc }"
0:000> .bpcmds
bp0 0x0040100b ".if ( poi(#$csp+8) != #$t0*1337 ) {gc} .else { .echotime ;? poi(#$csp+8) ; r$t0 = #$t0+1 ;gc }";
0:000> .echotime
Debugger (not debuggee) time: Tue Sep 30 12:12:15.890 2014
0:000> g
Debugger (not debuggee) time: Tue Sep 30 12:12:24.062 2014
Evaluate expression: 0 = 00000000
Debugger (not debuggee) time: Tue Sep 30 12:12:32.578 2014
Evaluate expression: 4919 = 00001337
Debugger (not debuggee) time: Tue Sep 30 12:12:41.093 2014
Evaluate expression: 9838 = 0000266e
Debugger (not debuggee) time: Tue Sep 30 12:12:49.609 2014
Evaluate expression: 14757 = 000039a5
Debugger (not debuggee) time: Tue Sep 30 12:12:58.156 2014
Evaluate expression: 19676 = 00004cdc
Debugger (not debuggee) time: Tue Sep 30 12:13:06.687 2014
Evaluate expression: 24595 = 00006013
Debugger (not debuggee) time: Tue Sep 30 12:13:15.218 2014
Evaluate expression: 29514 = 0000734a
Debugger (not debuggee) time: Tue Sep 30 12:13:23.765 2014
Evaluate expression: 34433 = 00008681
Debugger (not debuggee) time: Tue Sep 30 12:13:32.828 2014
Evaluate expression: 39352 = 000099b8
Debugger (not debuggee) time: Tue Sep 30 12:13:40.906 2014
Evaluate expression: 44271 = 0000acef
this simple code may take 86 days to complete if it continued like this it seems it takes ~8.5 seconds to process 4919 function calls in windbg