The World Leader in High Performance Signal Processing Solutions How to Fix Bugs with Toolchain Jie Zhang.

Slides:

Advertisements

Similar presentations

Chapter 11 Introduction to Programming in C

Advertisements

Copyright 2013 – Noah Mendelsohn Compiling C Programs Noah Mendelsohn Tufts University Web:

Gnu Debugger (GDB) Topics Overview Quick Reference Card Readings: Quick Reference Card February 7, 2012 CSCE 212Honors Computer Organization.

SPARC Architecture & Assembly Language

Program Development Tools The GNU (GNU’s Not Unix) Toolchain The GNU toolchain has played a vital role in the development of the Linux kernel, BSD, and.

The art of exploitation

RIVERSIDE RESEARCH INSTITUTE Helikaon Linux Debugger: A Stealthy Custom Debugger For Linux Jason Raber, Team Lead - Reverse Engineer.

Linking and Loading Fred Prussack CS 518. L&L: Overview Wake-up Questions Terms and Definitions / General Information LoadingLinking –Static vs. Dynamic.

Copyright © 2008 Pearson Addison-Wesley. All rights reserved. Chapter 12 Separate Compilation Namespaces Simple Make Files (Ignore all class references.

Embedded Systems Programming Introduction to cross development techniques.

1 UQC122S3 Real-Time and Embedded Systems GCC as a cross compiler.

1 Real-Time System Design Developing a Cross Compiler and libraries for a target system.

C Prog. To Object Code text text binary binary Code in files p1.c p2.c

OllyDbg Debuger.

Efficient Instruction Set Randomization Using Software Dynamic Translation Michael Crane Wei Hu.

Introduction to C. A Brief History Created by Dennis Ritchie at AT&T Labs in 1972 Originally created to design and support the Unix operating system.

Introduction To C++ Programming 1.0 Basic C++ Program Structure 2.0 Program Control 3.0 Array And Structures 4.0 Function 5.0 Pointer 6.0 Secure Programming.

Homework Reading –Finish K&R Chapter 1 (if not done yet) –Start K&R Chapter 2 for next time. Programming Assignments –DON’T USE and string library functions,

Debugger Presented by 李明璋 2012/05/08. The Definition of Bug –Part of the code which would result in an error, fault or malfunctioning of the program.

Activity 1 - WBs 5 mins Go online and spend a moment trying to find out the difference between: HIGH LEVEL programming languages and LOW LEVEL programming.

1 uClinux course Day 3 of 5 The uclinux toolchain, elf format and ripping a “hello world”

Introduction to The Linaro Toolchain Embedded Processors Training Multicore Software Applications Literature Number: SPRPXXX 1.

1 Introduction to Tool chains. 2 Tool chain for the Sitara Family (but it is true for other ARM based devices as well) A tool chain is a collection of.

1 ENG236: ENG236: C++ Programming Environment (2) Rocky K. C. Chang THE HONG KONG POLYTECHNIC UNIVERSITY.

F13 Forensic tool analysis Dr. John P. Abraham Professor UTPA.

1 Integrated Development Environment Building Your First Project (A Step-By-Step Approach)

Introduction Purpose This training course introduces the free GNU tools that can be used for debugging embedded system application software in the Renesas.

Homework Reading Programming Assignments

Programming Translators.

Copyright © 2009 Techtronics'09 by GCECT 1 Presents, De Code C De Code C is a C Programming competition, which challenges the participants to solve problems.

Programming Tools gcc make utility Open Source code Static and Shared Libraries gdb Memory debugging tools.

1 Agenda Administration Background Our first C program Working environment Exercise Memory and Variables.

Java Introduction to JNI Prepared by Humaira Siddiqui.

Compiling & Debugging Quick tutorial. What is gcc? Gcc is the GNU Project C compiler A command-line program Gcc takes C source files as input Outputs.

Goals: To gain an understanding of assembly To get your hands dirty in GDB.

C Tutorial Session #2 Type conversions More on looping Common errors Control statements Pointers and Arrays C Pre-processor Makefile Debugging.

CNIT 127: Exploit Development Ch 4: Introduction to Format String Bugs.

Chapter 1 Introduction. Chapter 1 - Introduction 2 The Goal of Chapter 1 Introduce different forms of language translators Give a high level overview.

1 SEEM3460 Tutorial Compiling and Debugging C programs.

Debugging Computer Networks Sep. 26, 2007 Seunghwan Hong.

#include "dump.h" int main ( int argc, char* argv[] ) { __asm { mov eax, 1// init eax to 1 mov ebx, esp; keep a copy of esp mov ecx, 3/* init ecx to 3.

Debugging 1/6/2016. Debugging 1/6/2016 Debugging  Debugging is a methodical process of finding and reducing the number of bugs, or defects, in a program.

Minimal standard C program int main(void) { return 0 ; }

Unit - V. Debugging GNU Debugger helps you in getting information about the following: 1.If a core dump happened, then what statement or expression did.

PLC '06 Experience in Testing Compiler Optimizers Using Comparison Checking Masataka Sassa and Daijiro Sudo Dept. of Mathematical and Computing Sciences.

CS429 Computer Architecture Topics Simple C program Basic structure, functions, separate files Compilation Phases, options Assembler GNU style, byte ordering,

Computer Programming A simple example /* HelloWorld: A simple C program */ #include int main (void) { printf (“Hello world!\n”); return.

Lab 9 Department of Computer Science and Information Engineering National Taiwan University Lab9 - Debugging I 2014/11/4/ 28 1.

CS252: Systems Programming Ninghui Li Based on Slides by Gustavo Rodriguez-Rivera Topic 2: Program Structure and Using GDB.

The World Leader in High Performance Signal Processing Solutions Toolchain Basics.

Chapter 2 Build Your First Project A Step-by-Step Approach 2 Exploring Microsoft Visual Basic 6.0 Copyright © 1999 Prentice-Hall, Inc. By Carlotta Eaton.

Gnu Debugger (GDB) Topics Overview Quick Reference Card Readings: Quick Reference Card February 4, 2010 CSCE 212Honors Computer Organization.

CS 404Ahmed Ezzat 1 CS 404 Introduction to Compiler Design Lecture Ahmed Ezzat.

Hank Childs, University of Oregon April 13 th, 2016 CIS 330: _ _ _ _ ______ _ _____ / / / /___ (_) __ ____ _____ ____/ / / ____/ _/_/ ____/__ __ / / /

ELC-E - October crosstool-NG

Institute of Radio Physics and Electronics ILug-Cal Introduction to GDB Institute of Radio Physics and Electronics and Indian GNU/Linux Users Group Kolkata.

Program Execution in Linux David Ferry, Chris Gill CSE 522S - Advanced Operating Systems Washington University in St. Louis St. Louis, MO

CSCI 4061 Recitation 2 1.

Static and dynamic analysis of binaries

Mixing C & Assembly.

Debugging with gdb gdb is the GNU debugger on our CS machines.

Editor, Compiler, Linker, Debugger, Makefiles

Program Execution in Linux

TRANSLATORS AND IDEs Key Revision Points.

C Prog. To Object Code text text binary binary Code in files p1.c p2.c

Homework Reading Programming Assignments Finish K&R Chapter 1

PROGRAMMING FUNDAMENTALS Lecture # 03. Programming Language A Programming language used to write computer programs. Its mean of communication between.

Program Execution in Linux

Ns-3 Training Debugging support ns-3 training, June 2016.

Presentation transcript:

The World Leader in High Performance Signal Processing Solutions How to Fix Bugs with Toolchain Jie Zhang

No theory for fixing bugs  Fixing bugs is trial and error.  We needs tools, experience, imagination and a little lucky.  I will introduce some tools and facilities built in the components of the toolchain.  In these slides is my experience.

The components in the toolchain  GCC  Binutils as ld readelf, objcopy, objdump, ar, etc.  GDB, gdbserver  simulator  uClibc  elf2flt

How are the tools used?  Compile bfin-uclinux-gcc -Wl,-elf2flt -g -o helloworld helloworld.c  What does user see? helloworld.c -> helloworld helloworld.gdb  Actually bfin-uclinux-gcc calls cc1 helloworld.c -> helloworld.s bfin-uclinux-gcc calls as helloworld.s -> helloworld.o bfin-uclinux-gcc calls collect2, which in turn calls ld which is wrapper script provided by elf2flt package. bfin-uclinux-ld calls ld.real crt1.o crti.o crtbegin.o helloworld.o –lgcc –lc –lgcc crtend.o crtn.o -> helloworld.elf bfin-uclinux-ld calls elf2flt helloworld.elf -> helloworld helloworld.elf is renamed to helloworld.gdb

How are the tools used? (cont.)  Debug GDB + simulator GDB + gdbserver  Binary file operation Objcopy Objdump Readelf

helloworld does not works properly – a bug  User reports a bug for gcc  But, It’s really a bug of gcc? bfin-uclinux-gcc calls cc1 helloworld.c -> helloworld.s bfin-uclinux-gcc calls as helloworld.s -> helloworld.o bfin-uclinux-gcc calls collect2, which in turn calls ld which is wrapper script provided by elf2flt package. bfin-uclinux-ld calls ld.real crt1.o crti.o crtbegin.o helloworld.o -lgcc -lc -lgcc crtend.o crtn.o -> helloworld.elf bfin-uclinux-ld calls elf2flt helloworld.elf -> helloworld helloworld.elf is renamed to helloworld.gdb User’s error kernel, or other program’s bug, like bash.

helloworld does not works properly (cont.)  User uses objdump to disassemble helloworld.gdb and find that there is a wrong instruction. A bug of cc1, as, or ld? No, maybe a bug of objdump.

helloworld cannot be debugged properly  User report a bug for GDB, for example, breakpoint doesn’t work, print command show wrong value of variable.  But it may be a bug of simulator, gdbserver, cc1, as, ld, or elf2flt.

Tools used to debug Tools  Native GDB  Cross GDB + gdbserver  readelf, objdump, nm  printf () and printk ()

Built-in facilities in the toolchain  GCC -dletters/-fdump-rtl-pass -fdump-tree-switch-options (C and C++ only)  GDB with gdbserver set debug remote 1  elf2flt -v

Case 1 bug # rec_head_status = get_reg (RTL8019_DMA_DATA); next_packet_pointer = get_reg (RTL8019_DMA_DATA); packet_length0 = get_reg (RTL8019_DMA_DATA); packet_length1 = get_reg (RTL8019_DMA_DATA);... Instead of generating asm instruction four times for get_reg function. The toolchain optimizes & generates code for a single get_reg with optimization (-Os). get_reg () is defined as: static unsigned char get_reg (unsigned int regno) { return (*(unsigned char *) regno); }

Case 1 (cont.) This is not a bug of toolchain. It’s a user code bug.

Case 2 bug #713 Compiler reported the following error when compiling > bfin-uclinux-gcc -Os -c regex.i /tmp/ccXlEqCd.s: Assembler messages: /tmp/ccXlEqCd.s:415: Error: pcrel too far BFD_RELOC_12 It may be an assembler bug or a compiler bug.

Case 2 (cont.)  To find out if it’s a bug of assembler or a bug of compiler is not easy. Assembler translate one 4-byte instruction between the jump instruction and its target into a 6-byte one. Compiler has a different idea with assembler on the length of one or more instruction. One optimization pass of the compiler has a different idea with the code generation pass. There are about 1000 thousand instructions between the jump instruction and its target.  just trial and error.  There is a option -dp which can annotate the instruction with a comment including the length of the instruction, like this: if !cc jump 4 (bp); jump.s L$L$373; // 7303 cbranchbi4 [length = 4]

Case 2 (cont.)  Finally I found that there is an instruction whose actual length does not match the length in the comment. if !cc jump 6 (bp); jump.l L$L$893; // 3389 cbranchbi4 [length = 4]  Now things were easier. Just to find out how length attribute is computed and how it was used to generate instruction for conditional branches.

Thanks

Q & A