RISC-V反汇编调试记录分享

螺丝松掉的人

于 2024-08-08 12:37:09 发布

阅读量63

点赞数

文章标签： risc-v linux 运维

本文链接：https://blog.csdn.net/m0_59551305/article/details/141023837

版权

RISC-V反汇编调试记录分享

本文记录一次使用反汇编进行调试分析。

最近在 rtthread 下适配 MilkV Duo 的硬件定时器驱动时遇到了一些问题，demo 运行时报以下错误：

Unhandled Exception 2:Illegal Instruction
scause:0x0x0000000000000002,stval:0x0x000000000007a787,sepc:0x0x0000000080232a72  
--------------Dump Registers-----------------                                      
Function Registers:                                                               
        ra(x1) = 0x0x0000000080232f88   user_sp = 0x0x000000008029f5d8                
        gp(x3) = 0x0x0000000080262a68   tp(x4) = 0x0x00000000deadbeef             
Temporary Registers:                                                              
        t0(x5) = 0x0x0000000000000120   t1(x6) = 0x0x00000000deadbeef     
        t2(x7) = 0x0x000000008029f518                                         
        t3(x28) = 0x0x00000000deadbeef  t4(x29) = 0x0x00000000deadbeef         
        t5(x30) = 0x0x00000000deadbeef  t6(x31) = 0x0x00000000deadbeef         
Saved Registers:                                                                 
        s0/fp(x8) = 0x0x000000008029f618        s1(x9) = 0x0x00000000deadbeef    
        s2(x18) = 0x0x00000000deadbeef  s3(x19) = 0x0x00000000deadbeef
        s4(x20) = 0x0x00000000deadbeef  s5(x21) = 0x0x00000000deadbeef
        s6(x22) = 0x0x00000000deadbeef  s7(x23) = 0x0x00000000deadbeef
        s8(x24) = 0x0x00000000deadbeef  s9(x25) = 0x0x00000000deadbeef
        s10(x26) = 0x0x00000000deadbeef s11(x27) = 0x0x00000000deadbeef
Function Arguments Registers:                 
        a0(x10) = 0x0x00000000802604c0  a1(x11) = 0x0x000000008029f6b0
        a2(x12) = 0x0x000000008029f6b0  a3(x13) = 0x0x0000000000000008   
        a4(x14) = 0x0x0000000000000004  a5(x15) = 0x0x0000000080256080 
        a6(x16) = 0x0x0000000000000065  a7(x17) = 0x0x00000000deadbeef
sstatus = 0x0x0000000200040120               
        Supervisor Interrupt Disabled     
        Last Time Supervisor Interrupt Enabled
        Last Privilege is Supervisor Mode
        Permit to Access User Page
        Not Permit to Read Executable-only Page
satp = 0x0x0000000000000000
        Current Page Table(Physical) = 0x0x0000000000000000
        Current ASID = 0x0x0000000000000000
        Mode = No Address Translation/Protection Mode
-----------------Dump OK---------------------
--------------Thread list--------------
current thread: tshell
--------------Backtrace--------------

想要查看 0x80232a72 处的程序指令，确认是否有非法指令。由于身边没有合适的调试器，不方便通过GDB对出错地址的代码进行定位。于是尝试通过反汇编进行分析：

$ objdump -l -S rtthread.elf > out.c

运行提示不支持当前架构，于是安装对应架构的反汇编工具：

$ sudo apt install binutils-riscv64-unknown-elf

安装完成后，即可进行反汇编：

$ riscv64-unknown-elf-objdump -l -S rtthread.elf > out.c

在反汇编得到的 out.c 中即可快速搜索定位到目标程序：

/home/Project/rt-thread/components/drivers/hwtimer/hwtimer.c:43
    float tv_sec;
    float devi_min = 1;
    80232a6e:	00023797          	auipc	a5,0x23
    80232a72:	61a78793          	addi	a5,a5,1562 # 80256088 <rt_system_timer_thread_init+0x6a6e>
    80232a76:	0007a787          	flw	fa5,0(a5)
    80232a7a:	fef42027          	fsw	fa5,-32(s0)

即可继续进行分析调试。