一、應用調試1:使用strace命令來跟蹤系統調用1.strace移植 cd /work/debug/strace-4.5.15 tar xjf strace-4.5.15.tar.bz2 cd strace-4.5.15 patch -p1 ../strace-fix-arm-bad-syscal ...
一、應用調試1:使用strace命令來跟蹤系統調用
1.strace移植
cd /work/debug/strace-4.5.15
tar xjf strace-4.5.15.tar.bz2
cd strace-4.5.15
patch -p1 ../strace-fix-arm-bad-syscall.patch
配置
./configure --host=arm-linux CC=arm-linux-gcc
編譯
make
會生成一個strace的可執行文件,將其複製到文件系統的/bin目錄下即可。
2.程式測試
strace -o log.txt ./firstdrvtest on
vi log.txt可以得到以下結果
1 execve("./firstdrvtest", ["./firstdrvtest", "on"], [/* 7 vars */]) = 0 2 uname({sys="Linux", node="(none)", ...}) = 0 3 brk(0) = 0x11000 4 access("/etc/ld.so.preload", R_OK) = -1 ENOENT (No such file or directory) 5 open("/etc/ld.so.cache", O_RDONLY) = -1 ENOENT (No such file or directory) 6 open("/lib/v4l/half/libc.so.6", O_RDONLY) = -1 ENOENT (No such file or directory 7 stat64("/lib/v4l/half", 0xbea5e4f0) = -1 ENOENT (No such file or directory) 8 open("/lib/v4l/libc.so.6", O_RDONLY) = -1 ENOENT (No such file or directory) 9 stat64("/lib/v4l", 0xbea5e4f0) = -1 ENOENT (No such file or directory) 10 open("/lib/half/libc.so.6", O_RDONLY) = -1 ENOENT (No such file or directory) 11 stat64("/lib/half", 0xbea5e4f0) = -1 ENOENT (No such file or directory) 12 open("/lib/libc.so.6", O_RDONLY) = 3 13 read(3, "\177ELF\1\1\1a\0\0\0\0\0\0\0\0\3\0(\0\1\0\0\0\330o\1\000"..., 512) = 51 14 fstat64(3, {st_mode=S_IFREG|0755, st_size=1435660, ...}) = 0 15 mmap2(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x40 16 mmap2(NULL, 1150612, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x4 17 mprotect(0x40129000, 56980, PROT_NONE) = 0 18 mmap2(0x40131000, 16384, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRI 19 mmap2(0x40135000, 7828, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOU 20 close(3) = 0 21 open("/dev/xyz", O_RDWR) = 3 22 write(3, "\1\0\0\0", 4) = 0 23 exit_group(0) = ?測試程式
分析可知程式出錯都是由於沒有相對應的文件所造成的,而且使用這種方法調試比較直觀。
二、應用調試2:使用GDB來調試應用程式
編譯gdb,gdbserver
tar xjf gdb-7.4.tar.bz2
cd gdb-7.4/
./configure --target=arm-linux
make
把arm-linux-gdb複製到/bin目錄
cd gdb/gdbserver/
./configure --host=arm-linux
cp gdbserver /work/nfs_root/first_fs/bin
編譯要調試的應用,編譯時加上-g選項
調試:
1. 在ARM板上
gdbserver 192.168.1.17:2345 ./test_debug
2. 在PC上
/bin/arm-linux-gdb ./test_debug
輸入:target remote 192.168.1.17:2345
然後: 使用gdb命令來控製程序
另一種方法:
讓程式在開發板上直接運行,當它發生錯誤時,令它產生core dump文件
然後使用gdb根據core dump文件找到發生錯誤的地方
在ARM板上:
1. ulimit -c unlimited
2. 執行應用程式 : 程式出錯時會在當前目錄下生成名為core的文件
在PC上:
3. /bin/arm-linux-gdb ./test_debug ./core
三、應用調試3:配置內核輸出應用程式的段錯誤信息
arch/arm/mm/fault.c
__do_user_fault(struct task_struct *tsk, unsigned long addr,
unsigned int fsr, unsigned int sig, int code,
struct pt_regs *regs)
{
struct siginfo si;
#ifdef CONFIG_DEBUG_USER // 1. 配置內核
if (user_debug & UDBG_SEGV) {
printk(KERN_DEBUG "%s: unhandled page fault (%d) at 0x%08lx, code 0x%03x\n",
tsk->comm, sig, addr, fsr);
show_pte(tsk->mm, addr);
show_regs(regs);
}
#endif
2. uboot: set bootargs user_debug=0xff
set bootargs console=ttySAC0 root=/dev/nfs nfsroot=192.168.1.123:/work/nfs_root/first_fs ip=192.168.1.17 ipaddr=192.168.1.17 user_debug=0xff
3. 執行APP
./test_debug
a = 0x12
pgd = c04c8000
[00000000] *pgd=33d08031, *pte=00000000, *ppte=00000000
Pid: 772, comm: test_debug
CPU: 0 Not tainted (2.6.22.6 #1)
PC is at 0x84ac
LR is at 0x84d0
pc : [<000084ac>] lr : [<000084d0>] psr: 60000010
sp : bed9fe40 ip : bed9fe54 fp : bed9fe50
r10: 4013365c r9 : 00000000 r8 : 00008514
r7 : 00000001 r6 : 000085cc r5 : 00008568 r4 : bed9fec4
r3 : 00000012 r2 : 00000000 r1 : 00001000 r0 : 00000000
Flags: nZCv IRQs on FIQs on Mode USER_32 Segment user
Control: c000717f Table: 304c8000 DAC: 00000015
[<c002cd1c>] (show_regs+0x0/0x4c) from [<c0031a98>] (__do_user_fault+0x5c/0xa4)
r4:c04a6840
[<c0031a3c>] (__do_user_fault+0x0/0xa4) from [<c0031d38>] (do_page_fault+0x1dc/0x20c)
r7:c00261e0 r6:c0024cf8 r5:c04a6840 r4:ffffffec
[<c0031b5c>] (do_page_fault+0x0/0x20c) from [<c002b224>] (do_DataAbort+0x3c/0xa0)
[<c002b1e8>] (do_DataAbort+0x0/0xa0) from [<c002be48>] (ret_from_exception+0x0/0x10)
Exception stack(0xc3e7bfb0 to 0xc3e7bff8)
bfa0: 00000000 00001000 00000000 00000012
bfc0: bed9fec4 00008568 000085cc 00000001 00008514 00000000 4013365c bed9fe50
bfe0: bed9fe54 bed9fe40 000084d0 000084ac 60000010 ffffffff
r8:00008514 r7:00000001 r6:000085cc r5:00008568 r4:c039bfc8
Segmentation fault
Stack:
00000000 becd3e64 becd3e54 000084d0 000084a0 00000000 becd3e78 becd3e68
C's sp return addr B's sp
000084f0 000084c4 00000000 becd3e98 becd3e7c 00008554 000084e4 00000000
ret addr A's sp ret addr main's sp
00000012 becd3ec4 00000001 00000000 becd3e9c 40034f14 00008524 00000000
ret addr caller's sp
對於動態鏈接,已經退出的程式不好確定動態庫的地址
00000000 0000839c 00000000 00000000 4001d594 000083c4 000085cc 4000c02c
becd3ec4 becd3f7b 00000000 becd3f88 becd3f92 becd3f99 becd3fad becd3fb8
becd3fdb becd3fe9 00000000 00000010 00000003 00000006 00001000 00000011
00000064 00000003 00008034 00000004 00000020 00000005 00000006 00000007
40000000 00000008 00000000 00000009 0000839c 0000000b 00000000 0000000c
00000000 0000000d 00000000 0000000e 00000000 00000017 00000000 0000000f
becd3f77 00000000 00000000 00000000 00000000 76000000 2e006c34 7365742f
65645f74 00677562 52455355 6f6f723d 4f480074 2f3d454d 61706900 3d726464
2e323931 2e383631 37312e31 52455400 74763d4d 00323031 48544150 62732f3d
2f3a6e69 2f727375 6e696273 69622f3a 752f3a6e 622f7273 53006e69 4c4c4548
69622f3d 68732f6e 44575000 2e002f3d 7365742f 65645f74 00677562 00000000
4. 反彙編app:
arm-linux-objdump -D test_debug > test_debug.dis
對於靜態鏈接的test_debug
PC is at 0x81e0
LR is at 0x8204
pc : [<000081e0>] lr : [<00008204>] psr: 60000010
sp : be93dc60 ip : be93dc74 fp : be93dc70
r10: 000085f4 r9 : 00008248 r8 : be93deb4
r7 : 00000001 r6 : 00000000 r5 : be93dd3e r4 : 00000000
r3 : 00000012 r2 : 00000000 r1 : 00001000 r0 : 00000000
Flags: nZCv IRQs on FIQs on Mode USER_32 Segment user
Stack:
00000000 be93dc84 be93dc74 00008204 000081d4 00000000 be93dc98 be93dc88
C'sp ret addr B'sp
00008224 000081f8 00000000 be93dcb8 be93dc9c 00008288 00008218 00000000
ret addr A'sp ret addr main'sp
00000012 be93deb4 00000001 00000000 be93dcbc 000084ac 00008258 756e694c
ret addr __libc_start_main'sp
00000078 00000000 00000000 00000000 00000000 00000000 00000000 00000000
00000000 00000000 00000000 00000000 00000000 00000000 00000000 32393100
3836312e 312e312e 00000037 00000000 00000000 00000000 00000000 00000000
00000000 00000000 00000000 00000000 00000000 00000000 00000000 2e320000
32322e36 0000362e 00000000 00000000 00000000 00000000 00000000 00000000
00000000 00000000 00000000 00000000 00000000 00000000 00000000 23000000
54203335 4d206575 31207961 31322035 3a34303a 43203834 32205453 00323130
00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000
766d7261 006c7434 00000000 00000000 00000000 00000000 00000000 00000000
00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000
6f6e2800 0029656e 00000000 00000000 00000000 00000000 00000000 00000000
00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000
00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000
00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000
00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000
00000000 000080f8 00008680 00000000 be93deb4 be93df6a 00000000 be93df77
be93df81 be93df92 be93df99 be93dfad be93dfb8 be93dfdb be93dfe9 00000000
00000010 00000003 00000006 00001000 00000011 00000064 00000003 00008034
00000004 00000020 00000005 00000003 00000007 00000000 00000008 00000000
00000009 000080d0 0000000b 00000000 0000000c 00000000 0000000d 00000000
0000000e 00000000 00000017 00000000 0000000f be93df66 00000000 00000000
00000000 34760000 2f2e006c 74736574 6265645f 55006775 3d524553 746f6f72
444c4f00 3d445750 6f72702f 34372f63 4f480033 2f3d454d 61706900 3d726464
2e323931 2e383631 37312e31 52455400 74763d4d 00323031 48544150 62732f3d
2f3a6e69 2f727375 6e696273 69622f3a 752f3a6e 622f7273 53006e69 4c4c4548
69622f3d 68732f6e 44575000 2e002f3d 7365742f 65645f74 00677562 00000000
四、應用調試4:自製系統調用、編寫進程查看器
把29th_app_system_call\kernel里的文件複製到內核目錄
syscalls.h ==> include/linux
read_write.c ==> fs/
calls.S ==> arch/arm/kernel
五、應用調試5:編寫輸入模擬器
1. 產品要經過測試才能發佈,一般都是人工操作,比如手機觸摸屏、遙控器
2. 操作過程中發現錯誤,要再次復現,找到規律,修改程式
3. 能否在驅動程式里把所有的操作記錄下來,存為文件
當出錯時,可以通過文件里的數據來"復現"輸入
input_event
