How to interpret fault information in SoftICE

0 Likes

Problem:

There is a page fault under SoftICE 4.05:

Break due to Page Fault (OEh). Fault=0000

MSR LastExceptionFromIp=BFF28FED

MSR LastExceptionToIp=BFF293DC

Resolution:

MSR means model specific register. Look for it on Intel's website. New Intel processors, starting with Pentium Pro have model specific registers, which record some information during a program execution, like information about last branch. Thus, if some exception occurs SI can get some info about last branch instruction.

MSR Exception to (address 1)

MSR Exception from (address 2)

We display the information about last branch instruction. So somewhere you have instruction

address1: jmp address2

and after jumping to the address2 you encounter an exception, at some address2 x. Then the processor jumps to the exception handler. The processor does not update the MSR in this case so the information from MSR does not point to the exception handler, which makes it more useful.

Fault number format:

bits: 3 2 1 0

Bit 0: P


  • 0, the fault was caused by a no present page
  • 1, the fault was caused by a page-level protection violation

Bit 1: W/R


  • 0, the access causing the fault was a read
  • 1, the access causing the fault was a write

Bit 2: U/S


  • 0, the access causing the fault originated when the processor was executing in supervisor mode
  • 1, the access causing the fault originated when the processor was executing in user mode

Bit 3: RSVD


  • 0, The fault was not caused by a reserved bit violation
  • 1, the page fault occurred because a 1 was detected in one of the reserved bit positions of a page table entry or directory entry that was marked present.

Also CR2 register holds the linear address that generated page fault.

So fault 0000 means that your driver(U/S = 0) was trying to read (W/R = 0) to no present page (P = 0).

Old KB# 11021
Comment List
Anonymous
Related Discussions
Recommended