Presentation is loading. Please wait.

Presentation is loading. Please wait.

The World Leader in High Performance Signal Processing Solutions How to Fix Bugs with Toolchain Jie Zhang.

Published byOscar Johns Modified over 8 years ago

Similar presentations

Presentation on theme: "The World Leader in High Performance Signal Processing Solutions How to Fix Bugs with Toolchain Jie Zhang."— Presentation transcript:

1 The World Leader in High Performance Signal Processing Solutions How to Fix Bugs with Toolchain Jie Zhang

2 No theory for fixing bugs  Fixing bugs is trial and error.  We needs tools, experience, imagination and a little lucky.  I will introduce some tools and facilities built in the components of the toolchain.  In these slides is my experience.

3 The components in the toolchain  GCC  Binutils as ld readelf, objcopy, objdump, ar, etc.  GDB, gdbserver  simulator  uClibc  elf2flt

4 How are the tools used?  Compile bfin-uclinux-gcc -Wl,-elf2flt -g -o helloworld helloworld.c  What does user see? helloworld.c -> helloworld helloworld.gdb  Actually bfin-uclinux-gcc calls cc1 helloworld.c -> helloworld.s bfin-uclinux-gcc calls as helloworld.s -> helloworld.o bfin-uclinux-gcc calls collect2, which in turn calls ld which is wrapper script provided by elf2flt package. bfin-uclinux-ld calls ld.real crt1.o crti.o crtbegin.o helloworld.o –lgcc –lc –lgcc crtend.o crtn.o -> helloworld.elf bfin-uclinux-ld calls elf2flt helloworld.elf -> helloworld helloworld.elf is renamed to helloworld.gdb

5 How are the tools used? (cont.)  Debug GDB + simulator GDB + gdbserver  Binary file operation Objcopy Objdump Readelf

6 helloworld does not works properly – a bug  User reports a bug for gcc  But, It’s really a bug of gcc? bfin-uclinux-gcc calls cc1 helloworld.c -> helloworld.s bfin-uclinux-gcc calls as helloworld.s -> helloworld.o bfin-uclinux-gcc calls collect2, which in turn calls ld which is wrapper script provided by elf2flt package. bfin-uclinux-ld calls ld.real crt1.o crti.o crtbegin.o helloworld.o -lgcc -lc -lgcc crtend.o crtn.o -> helloworld.elf bfin-uclinux-ld calls elf2flt helloworld.elf -> helloworld helloworld.elf is renamed to helloworld.gdb User’s error kernel, or other program’s bug, like bash.

7 helloworld does not works properly (cont.)  User uses objdump to disassemble helloworld.gdb and find that there is a wrong instruction. A bug of cc1, as, or ld? No, maybe a bug of objdump.

8 helloworld cannot be debugged properly  User report a bug for GDB, for example, breakpoint doesn’t work, print command show wrong value of variable.  But it may be a bug of simulator, gdbserver, cc1, as, ld, or elf2flt.

9 Tools used to debug Tools  Native GDB  Cross GDB + gdbserver  readelf, objdump, nm  printf () and printk ()

10 Built-in facilities in the toolchain  GCC -dletters/-fdump-rtl-pass -fdump-tree-switch-options (C and C++ only)  GDB with gdbserver set debug remote 1  elf2flt -v

11 Case 1 bug #719... rec_head_status = get_reg (RTL8019_DMA_DATA); next_packet_pointer = get_reg (RTL8019_DMA_DATA); packet_length0 = get_reg (RTL8019_DMA_DATA); packet_length1 = get_reg (RTL8019_DMA_DATA);... Instead of generating asm instruction four times for get_reg function. The toolchain optimizes & generates code for a single get_reg with optimization (-Os). get_reg () is defined as: static unsigned char get_reg (unsigned int regno) { return (*(unsigned char *) regno); }

12 Case 1 (cont.) This is not a bug of toolchain. It’s a user code bug.

13 Case 2 bug #713 Compiler reported the following error when compiling > bfin-uclinux-gcc -Os -c regex.i /tmp/ccXlEqCd.s: Assembler messages: /tmp/ccXlEqCd.s:415: Error: pcrel too far BFD_RELOC_12 It may be an assembler bug or a compiler bug.

14 Case 2 (cont.)  To find out if it’s a bug of assembler or a bug of compiler is not easy. Assembler translate one 4-byte instruction between the jump instruction and its target into a 6-byte one. Compiler has a different idea with assembler on the length of one or more instruction. One optimization pass of the compiler has a different idea with the code generation pass. There are about 1000 thousand instructions between the jump instruction and its target.  just trial and error.  There is a option -dp which can annotate the instruction with a comment including the length of the instruction, like this: if !cc jump 4 (bp); jump.s L$L$373; // 7303 cbranchbi4 [length = 4]

15 Case 2 (cont.)  Finally I found that there is an instruction whose actual length does not match the length in the comment. if !cc jump 6 (bp); jump.l L$L$893; // 3389 cbranchbi4 [length = 4]  Now things were easier. Just to find out how length attribute is computed and how it was used to generate instruction for conditional branches.

16 Thanks

17 Q & A

Download ppt "The World Leader in High Performance Signal Processing Solutions How to Fix Bugs with Toolchain Jie Zhang."

Similar presentations

Chapter 11 Introduction to Programming in C

Chapter 11 Introduction to Programming in C
Copyright 2013 – Noah Mendelsohn Compiling C Programs Noah Mendelsohn Tufts University Web:

Copyright 2013 – Noah Mendelsohn Compiling C Programs Noah Mendelsohn Tufts University Web:
Gnu Debugger (GDB) Topics Overview Quick Reference Card Readings: Quick Reference Card February 7, 2012 CSCE 212Honors Computer Organization.

Gnu Debugger (GDB) Topics Overview Quick Reference Card Readings: Quick Reference Card February 7, 2012 CSCE 212Honors Computer Organization.
SPARC Architecture & Assembly Language

SPARC Architecture & Assembly Language
Program Development Tools The GNU (GNU’s Not Unix) Toolchain The GNU toolchain has played a vital role in the development of the Linux kernel, BSD, and.

Program Development Tools The GNU (GNU’s Not Unix) Toolchain The GNU toolchain has played a vital role in the development of the Linux kernel, BSD, and.
The art of exploitation

The art of exploitation
RIVERSIDE RESEARCH INSTITUTE Helikaon Linux Debugger: A Stealthy Custom Debugger For Linux Jason Raber, Team Lead - Reverse Engineer.

RIVERSIDE RESEARCH INSTITUTE Helikaon Linux Debugger: A Stealthy Custom Debugger For Linux Jason Raber, Team Lead - Reverse Engineer.
Linking and Loading Fred Prussack CS 518. L&L: Overview Wake-up Questions Terms and Definitions / General Information LoadingLinking –Static vs. Dynamic.

Linking and Loading Fred Prussack CS 518. L&L: Overview Wake-up Questions Terms and Definitions / General Information LoadingLinking –Static vs. Dynamic.
Copyright © 2008 Pearson Addison-Wesley. All rights reserved. Chapter 12 Separate Compilation Namespaces Simple Make Files (Ignore all class references.

Copyright © 2008 Pearson Addison-Wesley. All rights reserved. Chapter 12 Separate Compilation Namespaces Simple Make Files (Ignore all class references.
Embedded Systems Programming Introduction to cross development techniques.

Embedded Systems Programming Introduction to cross development techniques.
1 UQC122S3 Real-Time and Embedded Systems GCC as a cross compiler.

1 UQC122S3 Real-Time and Embedded Systems GCC as a cross compiler.
1 Real-Time System Design Developing a Cross Compiler and libraries for a target system.

1 Real-Time System Design Developing a Cross Compiler and libraries for a target system.
C Prog. To Object Code text text binary binary Code in files p1.c p2.c

C Prog. To Object Code text text binary binary Code in files p1.c p2.c
OllyDbg Debuger.

OllyDbg Debuger.
Efficient Instruction Set Randomization Using Software Dynamic Translation Michael Crane Wei Hu.

Efficient Instruction Set Randomization Using Software Dynamic Translation Michael Crane Wei Hu.
Introduction to C. A Brief History Created by Dennis Ritchie at AT&T Labs in 1972 Originally created to design and support the Unix operating system.

Introduction to C. A Brief History Created by Dennis Ritchie at AT&T Labs in 1972 Originally created to design and support the Unix operating system.
Introduction To C++ Programming 1.0 Basic C++ Program Structure 2.0 Program Control 3.0 Array And Structures 4.0 Function 5.0 Pointer 6.0 Secure Programming.

Introduction To C++ Programming 1.0 Basic C++ Program Structure 2.0 Program Control 3.0 Array And Structures 4.0 Function 5.0 Pointer 6.0 Secure Programming.
Homework Reading –Finish K&R Chapter 1 (if not done yet) –Start K&R Chapter 2 for next time. Programming Assignments –DON’T USE and string library functions,

Homework Reading –Finish K&R Chapter 1 (if not done yet) –Start K&R Chapter 2 for next time. Programming Assignments –DON’T USE and string library functions,
Debugger Presented by 李明璋 2012/05/08. The Definition of Bug –Part of the code which would result in an error, fault or malfunctioning of the program.

Debugger Presented by 李明璋 2012/05/08. The Definition of Bug –Part of the code which would result in an error, fault or malfunctioning of the program.
Activity 1 - WBs 5 mins Go online and spend a moment trying to find out the difference between: HIGH LEVEL programming languages and LOW LEVEL programming.

Activity 1 - WBs 5 mins Go online and spend a moment trying to find out the difference between: HIGH LEVEL programming languages and LOW LEVEL programming.

Similar presentations

Ads by Google