Kernel panic了?怎么调试?这堆寄存器表示啥?
ERROR: exception reason=1 syndrome=0x92000010
Unhandled Exception from EL1
x0 = 0xffff80001162b090
x1 = 0xffff0000001be200
x2 = 0x0000000000000000
x3 = 0xffff000005cff800
x4 = 0xffff00000033b610
x5 = 0x000000000e021000
x6 = 0x000000000000008b
x7 = 0x0000000000000041
x8 = 0xffff8000110aa48c
x9 = 0xffff8000111c4000
x10 = 0x0000000000001000
x11 = 0xffff80001162d000
x12 = 0xffff800011645000
x13 = 0x0000000000000000
x14 = 0x00000000000002a5
x15 = 0x0000000000000000
x16 = 0x0000000000000000
x17 = 0x0000000000000000
x18 = 0x0000000000000003
x19 = 0xffff000003d74c80
x20 = 0xffff00000033b410
x21 = 0xffff000003d74c90
x22 = 0xffff00000033b400
x23 = 0xffff000003d74d20
x24 = 0x000000000000003a
x25 = 0xffff8000111723a0
x26 = 0x0000000000000003
x27 = 0xffff8000100f6118
x28 = 0xffff000003f4c800
x29 = 0xffff80001171b920
x30 = 0xffff800008b74330
scr_el3 = 0x000000000000073d
sctlr_el3 = 0x0000000030cd183f
cptr_el3 = 0x0000000000000000
tcr_el3 = 0x0000000080803520
daif = 0x00000000000002c0
mair_el3 = 0x00000000004404ff
spsr_el3 = 0x0000000080000005
elr_el3 = 0xffff800008b74340
ttbr0_el3 = 0x000000009e7910c0
esr_el3 = 0x0000000092000010
far_el3 = 0xffff80001162b090
spsr_el1 = 0x0000000000000005
elr_el1 = 0xffff8000104a0be4
spsr_abt = 0x0000000000000000
spsr_und = 0x0000000000000000
spsr_irq = 0x0000000000000000
spsr_fiq = 0x0000000000000000
sctlr_el1 = 0x0000000034d4d91d
actlr_el1 = 0x0000000000000000
cpacr_el1 = 0x0000000000300000
csselr_el1 = 0x0000000000000000
sp_el1 = 0xffff80001171b920
esr_el1 = 0x0000000092000047
ttbr0_el1 = 0x0000000083f47000
ttbr1_el1 = 0x00bc000082ed2000
mair_el1 = 0x000c0400bb44ffff
amair_el1 = 0x0000000000000000
tcr_el1 = 0x00000032b5d03590
tpidr_el1 = 0xffff80006ec1e000
tpidr_el0 = 0x0000ffffa234eb40
tpidrro_el0 = 0x0000000000000000
par_el1 = 0x0000000000000000
mpidr_el1 = 0x0000000080000000
afsr0_el1 = 0x0000000000000000
afsr1_el1 = 0x0000000000000000
contextidr_el1 = 0x0000000000000000
vbar_el1 = 0xffff800010010800
cntp_ctl_el0 = 0x0000000000000005
cntp_cval_el0 = 0x000000555280f6fd
cntv_ctl_el0 = 0x0000000000000000
cntv_cval_el0 = 0x0000000000000000
cntkctl_el1 = 0x00000000000000d6
sp_el0 = 0x000000009e78b440
isr_el1 = 0x0000000000000040
dacr32_el2 = 0x0000000000000000
ifsr32_el2 = 0x0000000000000000
cpuectlr_el1 = 0x0000000000000040
cpumerrsr_el1 = 0x000000000900003f
l2merrsr_el1 = 0x0000000010244ef0
cpuactlr_el1 = 0x00001000090ca000MMU工作不正常?TCR,TTBR设置对没?GIC ICC寄存器的值怎么解释?……
这个时候你需要翻开8,9千页的arm构架文档,打开你的计算器,仔细算bit,认真对文档查寄存器信息。
最好别头昏眼花,这时你可能会想有个工具帮助输入寄存器名字和它的值,自动解析寄存器信息多好。
我利用业余时间创建的这个小工具正是这样的。
这个python小工具提取了arm官方免费提供的system register描述的xml文件中的信息来分析寄存器值的意义。它的好处是可以解释所有的aarch32和aarch64系统寄存器,可以随着arm公布的system register xml文件更新到最新的构架功能。
只需要输入寄存器的名字和它的16进制值,就可以详细解释。
随着这个小工具可以满足大部分人的需求,但作为利用的不多业余时间完成的项目,应会有些不足之处。
下面拿常用的esr_el1和spsr_el1来举例。
esr_el1
esr_el1=0x0000000096000005
-------------------------------------------------------------
bit[ 63 : 56 ] is 0b0
Field Description: Reserved, RES0.
-------------------------------------------------------------
bit[ 55 : 32 ] is 0b0
Field Name: ISS2
Field Description: ISS2 encoding for an exception, the bit assignments are:
-------------------------------------------------------------
bit[ 31 : 26 ] is 0b100101
Field Name: EC
Field Description: Exception Class. Indicates the reason for the exception that this register holds information about.
0b100101:Data Abort exception taken without a change in Exception level.
-------------------------------------------------------------
bit[ 24 : 24 ] is 0b0
Field Name: ISV
Field Description: Instruction Syndrome Valid. Indicates whether the syndrome information in ISS[23:14] is valid.
0b0:No valid instruction syndrome. ISS[23:14] are RES0.
-------------------------------------------------------------
bit[ 23 : 22 ] is 0b0
Field Name: SAS
Field Description: Syndrome Access Size. Indicates the size of the access attempted by the faulting operation.
When ISV == 1
0b00:Byte
-------------------------------------------------------------
bit[ 23 : 22 ] is 0b0
Field Description: Reserved, RES0.
Otherwise
-------------------------------------------------------------
bit[ 21 : 21 ] is 0b0
Field Name: SSE
Field Description: Syndrome Sign Extend. For a byte, halfword, or word load operation, indicates whether the data item must be sign extended.
When ISV == 1
0b0:Sign-extension not required.
-------------------------------------------------------------
bit[ 21 : 21 ] is 0b0
Field Description: Reserved, RES0.
Otherwise
-------------------------------------------------------------
bit[ 20 : 16 ] is 0b0
Field Name: SRT
When ISV == 1
-------------------------------------------------------------
bit[ 20 : 18 ] is 0b0
Field Description: Reserved, RES0.
When ISV == 0, FEAT_RASv2 is implemented and (DFSC == 0b010000, or DFSC == 0b01001x or DFSC == 0b0101xx)
-------------------------------------------------------------
bit[ 17 : 16 ] is 0b0
Field Name: WU
Field Description: Write Update. Describes whether a store instruction that generated an External abort updated the location.
When ISV == 0, FEAT_RASv2 is implemented and (DFSC == 0b010000, or DFSC == 0b01001x or DFSC == 0b0101xx)
0b00:Not a store instruction or translation table update, or the location might have been updated.
-------------------------------------------------------------
bit[ 20 : 16 ] is 0b0
Field Description: Reserved, RES0.
Otherwise
-------------------------------------------------------------
bit[ 15 : 15 ] is 0b0
Field Name: SF
Field Description: Sixty Four bit general-purpose register transfer. Width of the register accessed by the instruction is 64-bit.
When ISV == 1
0b0:Instruction loads/stores a 32-bit general-purpose register.
-------------------------------------------------------------
bit[ 15 : 15 ] is 0b0
Field Name: FnP
Field Description: FAR not Precise.
When ISV == 0
0b0:The FAR holds the faulting virtual address that generated the Data Abort.
-------------------------------------------------------------
bit[ 15 : 15 ] is 0b0
Field Description: Reserved, RES0.
Otherwise
-------------------------------------------------------------
bit[ 14 : 14 ] is 0b0
Field Name: AR
Field Description: Acquire/Release.
When ISV == 1
0b0:Instruction did not have acquire/release semantics.
-------------------------------------------------------------
bit[ 14 : 14 ] is 0b0
Field Name: PFV
Field Description: FAR Valid. Describes whether the PFAR_EL1 is valid.
When FEAT_PFAR is implemented and (DFSC == 0b010000, or DFSC == 0b01001x or DFSC == 0b0101xx)
0b0:PFAR_EL1 is UNKNOWN.
-------------------------------------------------------------
bit[ 14 : 14 ] is 0b0
Field Description: Reserved, RES0.
Otherwise
-------------------------------------------------------------
bit[ 13 : 13 ] is 0b0
Field Name: VNCR
Field Description: Indicates that the fault came from use of VNCR_EL2 register by EL1 code.
0b0:The watchpoint was not generated by the use of VNCR_EL2 by EL1 code.
-------------------------------------------------------------
bit[ 12 : 11 ] is 0b0
Field Name: LST
Field Description: Load/Store Type. Used when a Translation fault, Access flag fault, or Permission fault generates a Data Abort.
When (DFSC == 0b00xxxx || DFSC == 0b101011) && DFSC != 0b0000xx
0b00:The instruction that generated the Data Abort is not specified.
-------------------------------------------------------------
bit[ 12 : 11 ] is 0b0
Field Name: SET
Field Description: Synchronous Error Type. Used when a Syncronous External abort, not on a Translation table walk or hardware update of the Translation table, generated the Data Abort. Describes the PE error state after taking the Data Abort exception.
When FEAT_RAS is implemented and (DFSC == 0b010000, or DFSC == 0b01001x or DFSC == 0b0101xx)
0b00:Recoverable state (UER).
-------------------------------------------------------------
bit[ 12 : 11 ] is 0b0
Field Description: Reserved, RES0.
Otherwise
-------------------------------------------------------------
bit[ 10 : 10 ] is 0b0
Field Name: FnV
Field Description: FAR not Valid, for a synchronous External abort other than a synchronous External abort on a translation table walk.
0b0:FAR is valid.
-------------------------------------------------------------
bit[ 9 : 9 ] is 0b0
Field Name: EA
Field Description: External abort type. This bit can provide an IMPLEMENTATION DEFINED classification of External aborts.
-------------------------------------------------------------
bit[ 8 : 8 ] is 0b0
Field Name: CM
Field Description: Cache maintenance. Indicates whether the Data Abort came from a cache maintenance or address translation instruction:
0b0:The Data Abort was not generated by the execution of one of the System instructions identified in the description of value 1.
-------------------------------------------------------------
bit[ 7 : 7 ] is 0b0
Field Name: S1PTW
Field Description: For a stage 2 fault, indicates whether the fault was a stage 2 fault on an access made for a stage 1 translation table walk:
0b0:Fault not on a stage 2 translation for a stage 1 translation table walk.
-------------------------------------------------------------
bit[ 6 : 6 ] is 0b0
Field Name: WnR
Field Description: Write not Read. Indicates whether a synchronous abort was caused by an instruction writing to a memory location, or by an instruction reading from a memory location.
0b0:Abort caused by an instruction reading from a memory location.
-------------------------------------------------------------
bit[ 5 : 0 ] is 0b101
Field Name: DFSC
Field Description: Data Fault Status Code.
0b000101:Translation fault, level 1.
-------------------------------------------------------------
bit[ 25 : 25 ] is 0b1
Field Name: IL
Field Description: Instruction Length for synchronous exceptions. Possible values of this bit are:
0b1:32-bit instruction trapped. This value is also used when the exception is one of the following:
-------------------------------------------------------------
bit[ 24 : 0 ] is 0b101
Field Name: ISS
Field Description: Instruction Specific Syndrome. Architecturally, this field can be defined independently for each defined Exception class. However, in practice, some ISS encodings are used for more than one Exception class.
轻松看出是由于一个load指令Translation fault, level 1导致的data abort。
spsr_el1
######################
When exception taken from AArch64 state
######################
-------------------------------------------------------------
bit[ 63 : 35 ] is 0b0
Field Description: Reserved, RES0.
-------------------------------------------------------------
bit[ 34 : 34 ] is 0b0
Field Name: EXLOCK
Field Description: Exception return state lock. Set to the value of PSTATE.EXLOCK on taking an exception to EL1, and copied to PSTATE.EXLOCK on executing an exception return operation in EL1.
When FEAT_GCS is implemented
-------------------------------------------------------------
bit[ 34 : 34 ] is 0b0
Field Description: Reserved, RES0.
Otherwise
-------------------------------------------------------------
bit[ 33 : 33 ] is 0b0
Field Name: PPEND
Field Description: PMU exception pending bit. Set to the value of PSTATE.PPEND on taking an exception to EL1, and conditionally copied to PSTATE.PPEND on executing an exception return operation in EL1.
When FEAT_SEBEP is implemented
-------------------------------------------------------------
bit[ 33 : 33 ] is 0b0
Field Description: Reserved, RES0.
Otherwise
-------------------------------------------------------------
bit[ 32 : 32 ] is 0b0
Field Name: PM
Field Description: PMU exception mask bit. Set to the value of PSTATE.PM on taking an exception to EL1, and copied to PSTATE.PM on executing an exception return operation in EL1.
When FEAT_EBEP is implemented
-------------------------------------------------------------
bit[ 32 : 32 ] is 0b0
Field Description: Reserved, RES0.
Otherwise
-------------------------------------------------------------
bit[ 31 : 31 ] is 0b0
Field Name: N
Field Description: Negative Condition flag. Set to the value of PSTATE.N on taking an exception to EL1, and copied to PSTATE.N on executing an exception return operation in EL1.
-------------------------------------------------------------
bit[ 30 : 30 ] is 0b1
Field Name: Z
Field Description: Zero Condition flag. Set to the value of PSTATE.Z on taking an exception to EL1, and copied to PSTATE.Z on executing an exception return operation in EL1.
-------------------------------------------------------------
bit[ 29 : 29 ] is 0b1
Field Name: C
Field Description: Carry Condition flag. Set to the value of PSTATE.C on taking an exception to EL1, and copied to PSTATE.C on executing an exception return operation in EL1.
-------------------------------------------------------------
bit[ 28 : 28 ] is 0b0
Field Name: V
Field Description: Overflow Condition flag. Set to the value of PSTATE.V on taking an exception to EL1, and copied to PSTATE.V on executing an exception return operation in EL1.
-------------------------------------------------------------
bit[ 27 : 26 ] is 0b0
Field Description: Reserved, RES0.
-------------------------------------------------------------
bit[ 25 : 25 ] is 0b0
Field Name: TCO
Field Description: Tag Check Override. Set to the value of PSTATE.TCO on taking an exception to EL1, and copied to PSTATE.TCO on executing an exception return operation in EL1.
When FEAT_MTE is implemented
-------------------------------------------------------------
bit[ 25 : 25 ] is 0b0
Field Description: Reserved, RES0.
Otherwise
-------------------------------------------------------------
bit[ 24 : 24 ] is 0b0
Field Name: DIT
Field Description: Data Independent Timing. Set to the value of PSTATE.DIT on taking an exception to EL1, and copied to PSTATE.DIT on executing an exception return operation in EL1.
When FEAT_DIT is implemented
-------------------------------------------------------------
bit[ 24 : 24 ] is 0b0
Field Description: Reserved, RES0.
Otherwise
-------------------------------------------------------------
bit[ 23 : 23 ] is 0b0
Field Name: UAO
Field Description: User Access Override. Set to the value of PSTATE.UAO on taking an exception to EL1, and copied to PSTATE.UAO on executing an exception return operation in EL1.
When FEAT_UAO is implemented
-------------------------------------------------------------
bit[ 23 : 23 ] is 0b0
Field Description: Reserved, RES0.
Otherwise
-------------------------------------------------------------
bit[ 22 : 22 ] is 0b0
Field Name: PAN
Field Description: Privileged Access Never. Set to the value of PSTATE.PAN on taking an exception to EL1, and copied to PSTATE.PAN on executing an exception return operation in EL1.
When FEAT_PAN is implemented
-------------------------------------------------------------
bit[ 22 : 22 ] is 0b0
Field Description: Reserved, RES0.
Otherwise
-------------------------------------------------------------
bit[ 21 : 21 ] is 0b0
Field Name: SS
Field Description: Software Step. Set to the value of PSTATE.SS on taking an exception to EL1, and conditionally copied to PSTATE.SS on executing an exception return operation in EL1.
-------------------------------------------------------------
bit[ 20 : 20 ] is 0b0
Field Name: IL
Field Description: Illegal Execution state. Set to the value of PSTATE.IL on taking an exception to EL1, and copied to PSTATE.IL on executing an exception return operation in EL1.
-------------------------------------------------------------
bit[ 19 : 14 ] is 0b0
Field Description: Reserved, RES0.
-------------------------------------------------------------
bit[ 13 : 13 ] is 0b0
Field Name: ALLINT
Field Description: All IRQ or FIQ interrupts mask. Set to the value of PSTATE.ALLINT on taking an exception to EL1, and copied to PSTATE.ALLINT on executing an exception return operation in EL1.
When FEAT_NMI is implemented
-------------------------------------------------------------
bit[ 13 : 13 ] is 0b0
Field Description: Reserved, RES0.
Otherwise
-------------------------------------------------------------
bit[ 12 : 12 ] is 0b0
Field Name: SSBS
Field Description: Speculative Store Bypass. Set to the value of PSTATE.SSBS on taking an exception to EL1, and copied to PSTATE.SSBS on executing an exception return operation in EL1.
When FEAT_SSBS is implemented
-------------------------------------------------------------
bit[ 12 : 12 ] is 0b0
Field Description: Reserved, RES0.
Otherwise
-------------------------------------------------------------
bit[ 11 : 10 ] is 0b0
Field Name: BTYPE
Field Description: Branch Type Indicator. Set to the value of PSTATE.BTYPE on taking an exception to EL1, and copied to PSTATE.BTYPE on executing an exception return operation in EL1.
When FEAT_BTI is implemented
-------------------------------------------------------------
bit[ 11 : 10 ] is 0b0
Field Description: Reserved, RES0.
Otherwise
-------------------------------------------------------------
bit[ 9 : 9 ] is 0b0
Field Name: D
Field Description: Debug exception mask. Set to the value of PSTATE.D on taking an exception to EL1, and copied to PSTATE.D on executing an exception return operation in EL1.
-------------------------------------------------------------
bit[ 8 : 8 ] is 0b0
Field Name: A
Field Description: SError interrupt mask. Set to the value of PSTATE.A on taking an exception to EL1, and copied to PSTATE.A on executing an exception return operation in EL1.
-------------------------------------------------------------
bit[ 7 : 7 ] is 0b0
Field Name: I
Field Description: IRQ interrupt mask. Set to the value of PSTATE.I on taking an exception to EL1, and copied to PSTATE.I on executing an exception return operation in EL1.
-------------------------------------------------------------
bit[ 6 : 6 ] is 0b0
Field Name: F
Field Description: FIQ interrupt mask. Set to the value of PSTATE.F on taking an exception to EL1, and copied to PSTATE.F on executing an exception return operation in EL1.
-------------------------------------------------------------
bit[ 5 : 5 ] is 0b0
Field Description: Reserved, RES0.
-------------------------------------------------------------
bit[ 4 : 4 ] is 0b0
Field Name: M[4]
Field Description: Execution state. Set to 0b0, the value of PSTATE.nRW, on taking an exception to EL1 from AArch64 state, and copied to PSTATE.nRW on executing an exception return operation in EL1.
0b0:AArch64 execution state.
-------------------------------------------------------------
bit[ 3 : 0 ] is 0b0
Field Name: M[3:0]
Field Description: AArch64 Exception level and selected Stack Pointer.
0b0000:EL0t.
代码可以在
https://github.com/zenonxiu81...
找到。使用指南 https://github.com/zenonxiu81...
希望对大家和arm生态有些帮忙。
