Elay: 參考來源文章,整理出快速參考的簡單版,但是每篇原文都很有用。

 

當Windows Mobile產生錯誤時,有三種常見錯誤,格式如下:

Exception type: Thread=%x Proc=%x '%s' AKY=%x PC=%x(%s+%x) RA=%x(%s+%x) BVA=%x FSR=%x


- Thread = PTHREAD address
- Proc = PPROCESS address 『Process name'
- AKY = Access key, MSDN中對AKY的解釋是「Process slot bitmask corresponding to the processes the excepting thread has access to.」

For example, the above exception is 0x00000005, which corresponds to:

Nk.exe 0x00000001
Shell32.exe 0x00000004

簡單的說,就是32個slot都會有一個對應的Key,當意外產生時,我們可以藉由出現的數值去推斷這個錯誤(意外)產生有哪些程序去參與。

- PC = Program counter (Module name + Offset)
- RA = Return address (Module name + Offset)
- FSR = Fault status register,MSDN中對FSR的解釋是:「The FSR represents several flags that will help you understand the nature of your exception.」 For ARM devices the following flags can be set:

#define FSR_ALIGNMENT 0x01
#define FSR_PAGE_ERROR 0x02
#define FSR_TRANSLATION 0x05
#define FSR_DOMAIN_ERROR 0x09
#define FSR_PERMISSION 0x0D

Using the example above gives us:

FSR=00000007 == FSR_PAGE_ERROR | FSR_TRANSLATION

簡單的說就是對錯誤或是意外產生的分類,從FSR中,我們可以發現哪幾種類型的錯誤再次的意外中出現。

另外一個例子,以下面為例:
Data Abort: Thread=9352cc9c Proc=90876ea0 'shell32.exe'
AKY=00000005 PC=03f74680(coredll.dll+0x00014680) RA=03257104(aygshell.dll+0x00037104)
BVA=060000e0 FSR=00000007

AKY 的 value是bitmask,上例中 AKY=00000005,代表access 這個region 的thread 有 00000001 和 00000004。配合下面這個table (build map ?)
Name                   VMBase           AccessKey     TrustLevel    hProcess  
btstereoappui.exe 0x1A000000 0x00001000 Full 0xB30E2766
connmgr.exe 0x16000000 0x00000400 Full 0x5311091E
cprog.exe 0x1C000000 0x00002000 Full 0xF3030772
device.exe 0x0A000000 0x00000010 Full 0xB3CEC78E
filesys.exe 0x04000000 0x00000002 Full 0x13EEE762
gwes.exe 0x0C000000 0x00000020 Full 0x737A498A
nk.exe 0xC2000000 0x00000001 Full 0x13EFF002
pmsnserver.exe 0x10000000 0x00000080 Full 0x5333CD86
poutlook.exe 0x14000000 0x00000200 Full 0xD308FA02
sddaemon.exe 0x12000000 0x00000100 Full 0x7314C62A
services.exe 0x0E000000 0x00000040 Full 0x7352CFAA
shell.exe 0x08000000 0x00000008 Full 0xD3CD7A82
shell32.exe 0x06000000 0x00000004 Full 0xD352CEDE
srvtrust.exe 0x18000000 0x00000800 Full 0x33105BCA
就是 nk.exe 和 shell32.exe

而PC 就是 Program Counter,如果找得到,則會print出該位址的module和 offset coredll.dll+0x00014680,所以去找 coredll 的map file,可以找到..
0001:00013638       GetWindowLongW     10014638 f   coredll_ALL:twinuser.obj
0001:00013648 BeginPaint 10014648 f coredll_ALL:twinuser.obj
0001:000136cc EndPaint 100146cc f coredll_ALL:twinuser.obj
0001:00013750 GetDC 10014750 f coredll_ALL:twinuser.obj
0001:000137d4 ReleaseDC 100147d4 f coredll_ALL:twinuser.obj
0001:00013858 GetParent 10014858 f coredll_ALL:twinuser.obj
知道是 BeginPaint 這裡有問題。

RA 是 Return Address

 

來源:

Windows Mobile 6 常見三種錯誤中斷(Data Abort、Raise Exception、Prefetch abort)

Printed Exception strings - what do all those flags mean?

WinCE AP Launch Flow

在RELEASE版本中快速定位DATA ABORT的方法

huenlil 發表在 痞客邦 PIXNET 留言(0) 人氣()