手臂皮质m4上的总线错误调试
[英]Bus error debugging on arm cortex m4
问题描述
I am trying to debug a precise bus error on a Arm cortex m4 chip. 
我正在尝试在Arm cortex m4芯片上调试精确的总线错误。 The board is a teensy 3.1 with a freescale MK20DX256VLH7. 该主板是一款带有飞思卡尔MK20DX256VLH7的3.1。 The error only happens when i actually send characters with the uart and results in a forced hard fault because i dont have buserror and memory error handlers. 只有当我实际使用uart发送字符并导致强制硬故障时才会发生错误,因为我没有buserror和内存错误处理程序。 The fault happens after a random amount of time between 1 second and 1 minute when sending 30 integers per second with the uart. 当使用uart每秒发送30个整数时,在1秒到1分钟之间的随机时间之后发生故障。 Also when i print the values in binary, not the uartPutInt() but the uartPutBin() function, the fault does not happen. 此外,当我打印二进制值,而不是uartPutInt()而不是uartPutBin()函数时,故障不会发生。
I "hacked" the teensy so i can use SWD debugging. 我“黑客攻击”了这个问题,所以我可以使用SWD调试。 I use a arm-none-eabi toolchain gcc, gdb. 我使用arm-none-eabi工具链gcc,gdb。
I tried to double stack size but that doesn't help. 我试图加倍堆栈大小,但这没有帮助。 I tried different itoa() approaches, doesn't help. 我尝试了不同的itoa()方法,没有帮助。
full code can be accessed here: https://github.com/paulusbrand/tricopter 完整代码可以在这里访问: https : //github.com/paulusbrand/tricopter
The problem occurs in uartPutInt() function, its not the prettiest function but i tried different approaches and this one is the easiest to debug and understand. 问题出现在uartPutInt()函数中,它不是最漂亮的函数,但我尝试了不同的方法,这个是最容易调试和理解的。
original: 原版的:
void uartPutInt(int32_t data) {
char buf[16] = {0};
uint32_t tmpData;
uint8_t neg = 0;
int8_t tmp = 0;
if(data<0) { // check negative
tmpData = -data;
neg=1;
}
else {
tmpData = data;
}
while(tmpData) { // convert to chars
uint8_t num = tmpData % 10;
buf[tmp++]=num+48;
tmpData/=10;
}
if(neg) { // add minus sign
buf[tmp++] = 45;
}
while(tmp>=0) {
uartPutChar(buf[tmp--]);
}
}
new version: 新版本:
void uartPutInt(int32_t data) {
char buf[16] = {0};
uint32_t tmpData;
uint8_t neg = 0;
int8_t tmp = 0;
if(data<0) { // check negative
tmpData = -data;
neg=1;
}
else {
tmpData = data;
}
do { // convert te chars
uint8_t num = tmpData % 10;
buf[tmp++]=num+'0';
tmpData/=10;
} while(tmpData);
if(neg) { // add minus sign
buf[tmp++] = '-';
}
while(tmp>0) {
uartPutChar(buf[--tmp]);
}
}
When the bus error occurs i check the CFSR register in the SCB and find precise bus error and BFAR valid. 发生总线错误时,检查SCB中的CFSR寄存器,找到精确的总线错误,BFAR有效。
The value of BFAR and thus the problematic memory address is 0x01007fd2. BFAR的值以及有问题的存储器地址是0x01007fd2。 Which is, as far as i can tell, in the code area of the memory but far beyond the end of the code. 据我所知,在内存的代码区域,但远远超出代码的末尾。 I not really sure what to do with this number. 我真的不确定如何处理这个号码。
The program counter PC when the error occurs is 0x1033. 发生错误时程序计数器PC为0x1033。 Which is in the uartPutInt() function. 这是在uartPutInt()函数中。 Disassembled below. 拆卸下面。
00000f6c <uartPutInt>:
f6c: b580 push {r7, lr}
f6e: b088 sub sp, #32
f70: af00 add r7, sp, #0
f72: 6078 str r0, [r7, #4]
f74: f107 0308 add.w r3, r7, #8
f78: 2200 movs r2, #0
f7a: 601a str r2, [r3, #0]
f7c: 3304 adds r3, #4
f7e: 2200 movs r2, #0
f80: 601a str r2, [r3, #0]
f82: 3304 adds r3, #4
f84: 2200 movs r2, #0
f86: 601a str r2, [r3, #0]
f88: 3304 adds r3, #4
f8a: 2200 movs r2, #0
f8c: 601a str r2, [r3, #0]
f8e: 3304 adds r3, #4
f90: 2300 movs r3, #0
f92: 76fb strb r3, [r7, #27]
f94: 687b ldr r3, [r7, #4]
f96: 2b00 cmp r3, #0
f98: da05 bge.n fa6 <uartPutInt+0x3a>
f9a: 687b ldr r3, [r7, #4]
f9c: 425b negs r3, r3
f9e: 61fb str r3, [r7, #28]
fa0: 2301 movs r3, #1
fa2: 76fb strb r3, [r7, #27]
fa4: e001 b.n faa <uartPutInt+0x3e>
fa6: 687b ldr r3, [r7, #4]
fa8: 61fb str r3, [r7, #28]
faa: e01f b.n fec <uartPutInt+0x80>
fac: 69f9 ldr r1, [r7, #28]
fae: 4b23 ldr r3, [pc, #140] ; (103c <uartPutInt+0xd0>)
fb0: fba3 2301 umull r2, r3, r3, r1
fb4: 08da lsrs r2, r3, #3
fb6: 4613 mov r3, r2
fb8: 009b lsls r3, r3, #2
fba: 4413 add r3, r2
fbc: 005b lsls r3, r3, #1
fbe: 1aca subs r2, r1, r3
fc0: 4613 mov r3, r2
fc2: 767b strb r3, [r7, #25]
fc4: 7eba ldrb r2, [r7, #26]
fc6: b2d3 uxtb r3, r2
fc8: 3301 adds r3, #1
fca: b2db uxtb r3, r3
fcc: 76bb strb r3, [r7, #26]
fce: b253 sxtb r3, r2
fd0: 7e7a ldrb r2, [r7, #25]
fd2: 3230 adds r2, #48 ; 0x30
fd4: b2d2 uxtb r2, r2
fd6: f107 0120 add.w r1, r7, #32
fda: 440b add r3, r1
fdc: f803 2c18 strb.w r2, [r3, #-24]
fe0: 69fb ldr r3, [r7, #28]
fe2: 4a16 ldr r2, [pc, #88] ; (103c <uartPutInt+0xd0>)
fe4: fba2 2303 umull r2, r3, r2, r3
fe8: 08db lsrs r3, r3, #3
fea: 61fb str r3, [r7, #28]
fec: 69fb ldr r3, [r7, #28]
fee: 2b00 cmp r3, #0
ff0: d1dc bne.n fac <uartPutInt+0x40>
ff2: 7efb ldrb r3, [r7, #27]
ff4: 2b00 cmp r3, #0
ff6: d00b beq.n 1010 <uartPutInt+0xa4>
ff8: 7eba ldrb r2, [r7, #26]
ffa: b2d3 uxtb r3, r2
ffc: 3301 adds r3, #1
ffe: b2db uxtb r3, r3
1000: 76bb strb r3, [r7, #26]
1002: b253 sxtb r3, r2
1004: f107 0220 add.w r2, r7, #32
1008: 4413 add r3, r2
100a: 222d movs r2, #45 ; 0x2d
100c: f803 2c18 strb.w r2, [r3, #-24]
1010: e00d b.n 102e <uartPutInt+0xc2>
1012: 7eba ldrb r2, [r7, #26]
1014: b2d3 uxtb r3, r2
1016: 3b01 subs r3, #1
1018: b2db uxtb r3, r3
101a: 76bb strb r3, [r7, #26]
101c: b253 sxtb r3, r2
101e: f107 0220 add.w r2, r7, #32
1022: 4413 add r3, r2
1024: f813 3c18 ldrb.w r3, [r3, #-24]
1028: 4618 mov r0, r3
102a: f7ff ff87 bl f3c <uartPutChar>
102e: f997 301a ldrsb.w r3, [r7, #26]
1032: 2b00 cmp r3, #0
1034: daed bge.n 1012 <uartPutInt+0xa6>
1036: 3720 adds r7, #32
1038: 46bd mov sp, r7
103a: bd80 pop {r7, pc}
103c: cccccccd stclgt 12, cr12, [ip], {205} ; 0xcd
Can somebody please help me with this? 有人可以帮我这个吗?
Thanks! 谢谢!
1 个解决方案
解决方案1
0 2016-06-15 09:03:13
tmp is uninitialized: tmp未初始化:
void uartPutInt(int32_t data) {
char buf[16] = {0};
uint32_t tmpData;
uint8_t neg = 0;
int8_t tmp; // not initialized
if(data<0) { // check negative
tmpData = -data;
neg=1;
}
else {
tmpData = data;
}
while(tmpData) { // convert to chars
uint8_t num = tmpData % 10;
// what's in tmp right now?!?!
buf[tmp++]=num+48;
tmpData/=10;
}
if(neg) { // add minus sign
buf[tmp++] = 45;
}
while(tmp>=0) {
uartPutChar(buf[tmp--]);
}
}
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.