Posted on

Windows CE: A Quick Guide to Exception Handling

Structured Exception Handling (SEH) is a Microsoft extension to C designed to handle faults gracefully, with the intention that memory and files can be released correctly when execution is unexpectedly terminated.

There are two types of SEH mechanisms:

  • Exception Handlers, or __except blocks, which can respond or dismiss an exception
  • Termination Handlers, or __finally blocks, which are always called whether an exception causes termination or not.

When an exception occurs the stack is unwound and the OS looks for the most recent exception handler. As each layer of the stack is unwound the OS calls any termination handlers which have been written for each function, in the process cleaning up any resources which would have otherwise been left open. This might include closing critical sections, releasing mutexes, or freeing memory.

At each stage of the unwinding process the OS checks the latest functions PDATA structure to find out in an exception handler exists.

OffsetBitsFieldDescription
031-0Begin AddressVirtual address of the corresponding function
47-0Prolog LengthNumber of instructions in the function's prolog
429-8Function LengthNumber of instructions in the function
43032-bit FlagSet if the function uses 32-bit instructions, clear for 16-bit instructions
431Exception FlagSet if an exception handler exists for the function

If an exception handler is flagged to exist or the function length is zero then an additional PDATA_EH structure will precede the function in the .text section. This structure will contain pointers to the exception handler and the handler’s data record.

struct PDATA_EH {
 unsigned int* pHandler; 
 unsigned int* pHandlerData;
};

Posted on

Arm Processor Modes: What are they and Why are they

Simple processors used to have two modes. The first would handle the everyday processing tasks, whilst the second would kick in when an interrupt occurred. The interrupt would result in the processor saving its current state and then jumping to some predefined location to service the interrupt. Modern processors are required to do much more complicated things, servicing many tasks/programs at the same time. Keeping these tasks separate from each other and from the OS requires additional levels of privilege and hence a need for additional modes.

User Mode

This is the default, unprivileged mode under which most processes run.

System Mode

System Mode provides a means for the exception handler to execute subroutines without the potential for further exceptions over-writing the return address stored in R14.

Fast Interrupt Mode (FIQ)

Fast Interrupt Requests are essentially higher priority interrupts which operate in a dedicated mode. FIQ mode has seven dedicated registers (R8-R14) allowing a degree os persistence between interrupts. Under Linux, which only uses IRQs, the use of this system allows the software to implement a degree of real-time code. Writing the code does however require the use of assembler because of the register restrictions.

Normal Interrupt Mode (IRQ)

IRQ mode is entered when a regular, low priority interrupt is raised. As with all exceptions, when an IRQ occurs the processor copies the CPSR register to the mode appropriate SPSR and assigns the return address to the mode appropriate return address. The CPSR mode bits are modified as according to the new mode and the program counter is set according to an address taken from the exception vector table

Abort Mode

Abort mode is entered after a data or instruction prefetch is aborted. This occurs as a result of an application attempting to access an illegal memory location. It is usually possible to calculate the address of the instruction that caused the exception by looking at the value of the link register (R14) and subtraction 8.

Supervisor Mode (SVC)

When code executing in user mode requires access to privileged parts of the system this is typically achieved by an SVC call and a switch to Supervisor Mode.

Undefined Mode

If an unrecognised instruction is encountered the processor vectors off into undefined mode so that software emulation of co-processors or other extensions to the instruction set can be carried out.

Monitor Mode (MON)

Monitor Mode is there to facilitate the debugging of an application without stopping the core entirely. The continued servicing of critical interrupt routines can therefore continue whilst the core is being probed by the debugger.

Hypervisor Mode

Hypervisor Mode is there to facilitate virtualization. In the same way that user-space uses the SVC instruction to switch into kernel-space (SVC mode), the processor needs to be switched into Hypervisor mode in order to make use of the virtualization extensions.