[go: up one dir, main page]

CN101937392A - A Dynamic Defect Detection Method for Embedded Software - Google Patents

A Dynamic Defect Detection Method for Embedded Software Download PDF

Info

Publication number
CN101937392A
CN101937392A CN 201010265899 CN201010265899A CN101937392A CN 101937392 A CN101937392 A CN 101937392A CN 201010265899 CN201010265899 CN 201010265899 CN 201010265899 A CN201010265899 A CN 201010265899A CN 101937392 A CN101937392 A CN 101937392A
Authority
CN
China
Prior art keywords
module
client
data
test agent
test
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN 201010265899
Other languages
Chinese (zh)
Other versions
CN101937392B (en
Inventor
刘发贵
侯明明
刘佳欣
李胜文
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
South China University of Technology SCUT
Original Assignee
South China University of Technology SCUT
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by South China University of Technology SCUT filed Critical South China University of Technology SCUT
Priority to CN2010102658991A priority Critical patent/CN101937392B/en
Publication of CN101937392A publication Critical patent/CN101937392A/en
Application granted granted Critical
Publication of CN101937392B publication Critical patent/CN101937392B/en
Expired - Fee Related legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Landscapes

  • Debugging And Monitoring (AREA)

Abstract

The invention provides a dynamic defect detection method for precise embedded software. The embedded software comprises a test proxy module and a client module which are communicated with each other through a network, wherein a test proxy runs on a target machine to detect a detected program, sample and extract needed data and information and send the data and information to a client; the test proxy comprises a sampling module and the test proxy module; the sampling module is loaded to a kernel space in a mode of a Linux kernel module to operate a power management unit (PMU) register and sample an instruction address; the test proxy module is used for the proxy of interaction between the kernel module and the client, receiving the request, configuration and the like of the client, correspondingly setting the kernel module, reading sample data from the kernel module and sending the sample data to the client; and the client is developed and integrated to a GDIX embedded software test platform in a form of Eclipse plug-in. In the method, through the test proxy module and the client module, an embedded software dynamic defect detection service is provided and the processing and display of test result data are performed on line in real time.

Description

一种嵌入式软件动态缺陷检测方法 A Dynamic Defect Detection Method for Embedded Software

技术领域technical field

本发明属于嵌入式软件测试领域,具体涉及一种基于嵌入式软件动态缺陷检测的方法。The invention belongs to the field of embedded software testing, in particular to a method for dynamic defect detection based on embedded software.

技术背景technical background

在数字家电领域,嵌入式系统需要支持大量的高清视频和音频的播放,提供高清视听娱乐和信息服务。那么嵌入式软件势必存在大量编码、解码等CPU运算,成为CPU消耗型软件,因此运行时的效率成为提高嵌入式软件性能的关键问题之一。In the field of digital home appliances, embedded systems need to support the playback of a large number of high-definition video and audio, and provide high-definition audio-visual entertainment and information services. Then embedded software is bound to have a lot of CPU operations such as encoding and decoding, and becomes CPU-consuming software. Therefore, the efficiency of runtime becomes one of the key issues to improve the performance of embedded software.

在嵌入式系统中,各种资源相对非常有限,嵌入式软件跟硬件结合紧密,编写高效的嵌入式软件,需要考虑很多跟硬件相关的问题,例如,如何高效地利用RAM、如何合理地使用I/O端口等。然而,许多问题跟目标系统的硬件环境紧密相关,开发人员很难或者根本无法凭借静态编码来解决,如由数据的非局部性而造成的数据缓存频繁缺失、由于编译器和处理器流水线等因素造成的分支预测失效等等,这些事件的产生却能够影响嵌入式软件的运行效率。分支预测失效将造成流水线的冲洗,浪费大量的时钟周期,无法发挥微处理器乱序执行的效能;由于处理器频率和存储器访问速度之间的差异,数据缓存缺失将造成对相对慢速的存储器的大量访问,降低运行效率;等等。In an embedded system, various resources are relatively very limited. Embedded software is closely integrated with hardware. To write efficient embedded software, many hardware-related issues need to be considered, such as how to efficiently use RAM and how to use I reasonably. /O port, etc. However, many problems are closely related to the hardware environment of the target system, and it is difficult or impossible for developers to solve them with static coding, such as frequent data cache misses caused by non-locality of data, compiler and processor pipelines, etc. Caused branch prediction failure, etc., but the generation of these events can affect the operating efficiency of embedded software. Branch prediction failure will cause pipeline flushing, wasting a lot of clock cycles, and the performance of microprocessor out-of-order execution cannot be exerted; due to the difference between processor frequency and memory access speed, data cache miss will cause relatively slow memory A large number of visits, reducing operating efficiency; and so on.

这些影响指令执行效率的缺陷问题通过静态地对代码进行检查是无法消除的,它们可能不是由代码本身引起的,而是由于编译或硬件特性的改变而产生,对于不同的硬件平台、不同的编译器工具链,问题都会有所区别,没有一个统一的、静态的方法来解决,只能通过动态的方式,在软件运行的过程中去统计和定位出现缺陷的关键之处,从而使开发人员能够针对检测的结果去优化代码的实现,减少或消除缺陷所带来的影响,提高嵌入式软件的运行效率。These defects that affect the efficiency of instruction execution cannot be eliminated by statically checking the code. They may not be caused by the code itself, but due to changes in compilation or hardware characteristics. For different hardware platforms, different compilations The problem will be different in different tool chains. There is no uniform and static method to solve the problem. The only way is to use a dynamic method to count and locate the key points of defects during the running of the software, so that developers can Optimize the implementation of the code according to the detection results, reduce or eliminate the impact of defects, and improve the operating efficiency of embedded software.

目前,对于动态缺陷检测技术的研究并不多见。有使用I/O-EFA对软硬件平台本身的故障的一种检测,对于与硬件相关的软件缺陷问题,并不能很好地解决;有源代码插桩技术,能够发现软件中的异常行为,但是对于不可预见的异常行为,以及与硬件相关问题的检测,有很大的局限性;有开源软件OProfile,但是它需要Linux内核的支持,在编译内核的过程中需要指定OProfile选项,并且它需要等到被测程序运行完毕以后,才能得到测试结果,无法进行实时的在线测试。At present, there are few researches on dynamic defect detection technology. There is a kind of detection of faults on the software and hardware platform itself using I/O-EFA, which cannot solve the software defects related to hardware well; the source code instrumentation technology can find abnormal behavior in the software, However, for unforeseen abnormal behavior and detection of hardware-related problems, there are great limitations; there is open source software OProfile, but it requires the support of the Linux kernel, and the OProfile option needs to be specified in the process of compiling the kernel, and it requires The test results cannot be obtained until the program under test is finished running, and real-time online testing cannot be performed.

发明内容Contents of the invention

本发明的目的在于克服目前相关工具无法进行动态实时缺陷检测,测试结果精度不高的不足,提出了一种精确的嵌入式软件动态缺陷检测方法。The purpose of the present invention is to overcome the shortcomings that current related tools cannot perform dynamic and real-time defect detection and the accuracy of test results is not high, and propose an accurate dynamic defect detection method for embedded software.

为了实现发明目的,采用的技术方案如下:In order to realize the purpose of the invention, the technical scheme adopted is as follows:

一种嵌入式软件动态缺陷检测方法,分为客户端和测试代理端两部分,所述客户端设置在开发机中,测试代理端设置在linux目标机中,客户端和测试代理端通过网络进行通信,使得测试代理端所采集的样本数据通过网络实时发送给客户端进行分析并实时更新显示。An embedded software dynamic defect detection method, which is divided into two parts: a client and a test agent, the client is set in a development machine, the test agent is set in a linux target machine, and the client and the test agent are implemented through the network Communication, so that the sample data collected by the test agent is sent to the client in real time through the network for analysis and real-time update display.

上述技术方案中,所述测试代理端运行于目标机端的嵌入式操作系统或目标板中。其包括用于采集和统计样本数据的采样模块和进行样本数据传送的测试代理模块。In the above technical solution, the test agent runs on the embedded operating system or the target board of the target machine. It includes a sampling module for collecting and counting sample data and a test agent module for transmitting sample data.

所述采样模块运行于嵌入式Linux的内核空间中,是测试代理端的核心部分,负责缺陷样本数据的采集,并提供接口供测试代理模块进行配置和读取,分为PMU配置模块、中断处理模块,控制模块,proc文件系统接口,配置表以及样本缓存。The sampling module runs in the kernel space of embedded Linux, is the core part of the test agent, is responsible for the collection of defect sample data, and provides an interface for the test agent module to configure and read, and is divided into a PMU configuration module and an interrupt processing module , control module, proc file system interface, configuration table and sample cache.

所述PMU配置模块是基于微处理支持的PMU硬件单元,封装PMU硬件单元的操作细节,提供抽象访问接口供上层调用;The PMU configuration module is based on the PMU hardware unit supported by microprocessing, encapsulates the operation details of the PMU hardware unit, and provides an abstract access interface for upper layer calls;

所述中断处理模块是对系统运行时发生的多种硬件事件中断进行捕获处理,对引起这些事件的指令地址进行采样,组织为样本并存入样本缓存;The interrupt processing module is to capture and process various hardware event interrupts that occur when the system is running, sample the instruction addresses that cause these events, organize them into samples and store them in the sample cache;

所述控制模块通过proc文件系统与测试代理模块进行交互,接收事件配置信息,经过配置表映射为PMU事件码,通过PMU配置模块写入PMU事件选择单元,通过proc文件系统接口,返回样本缓存中的样本数据信息;The control module interacts with the test agent module through the proc file system, receives the event configuration information, maps it to the PMU event code through the configuration table, writes the PMU event selection unit through the PMU configuration module, and returns to the sample cache through the proc file system interface sample data information;

所述proc文件系统接口是内核空间和用户空间进行交互常用的接口,也是测试代理模块和采样模块进行交互的接口。采样模块通过它向测试代理模块提供样本数据访问接口,同时,测试代理模块把它作为采样模块的配置接口;The proc file system interface is a commonly used interface for interaction between kernel space and user space, and is also an interface for interaction between the test agent module and the sampling module. The sampling module provides the sample data access interface to the test agent module through it, and at the same time, the test agent module uses it as the configuration interface of the sampling module;

所述配置表属于内核的共享结构,是一个便于查找的哈希表结构,维护事件配置信息和PMU硬件单元事件码的对应关系;The configuration table belongs to the shared structure of the kernel, is a hash table structure that is convenient for searching, and maintains the correspondence between event configuration information and PMU hardware unit event codes;

所述样本缓存采用循环队列来表示,用于存放中断处理模块生成的样本数据信息,供测试代理模块通过proc文件系统接口读取并发送给开发机的客户端。The sample cache is represented by a circular queue, which is used to store the sample data information generated by the interrupt processing module for the test agent module to read and send to the client of the development machine through the proc file system interface.

所述测试代理模块运行于嵌入式Linux的用户空间中,负责监听特定端口,提供嵌入式缺陷检测测试服务,与发起连接的客户端进行交互,读取采样模块采集的样本数据,通过网络实时发送给客户端。测试代理模块包括Slave pool,连接分配器,工作线程与服务进程。The test agent module runs in the user space of embedded Linux, is responsible for monitoring a specific port, provides embedded defect detection and testing services, interacts with the client that initiates the connection, reads the sample data collected by the sampling module, and sends it in real time through the network to the client. The test agent module includes Slave pool, connection allocator, worker thread and service process.

所述Slave pool是一个简单的、专为测试代理模块实现的进程池,Slave pool通过Domain Socket同服务进程通信,传递socket句柄,并了解它们的状态;Described Slave pool is a simple process pool specially implemented for the test agent module, Slave pool communicates with service process through Domain Socket, transfers socket handle, and understands their state;

所述连接分配器负责监听服务端口,接收连接请求并调用Slave pool的接口对请求进行分配和管理;The connection allocator is responsible for listening to the service port, receiving the connection request and calling the interface of the Slave pool to allocate and manage the request;

所述工作线程通过proc文件系统接口从采样模块的样本缓存中读取测试样本数据信息,并通过客户端连接socket发送给客户端;The working thread reads the test sample data information from the sample cache of the sampling module through the proc file system interface, and sends it to the client through the client connection socket;

所述服务进程负责与客户端进行交互,并且操作与工作线程共享的数据。当它接收到连接分配器发送过来的与客户端连接的socket句柄后,服务进程进入一个循环中,对该句柄select并进行超时处理,同时进行与客户端交互、对共享数据的操作。The service process is responsible for interacting with the client and manipulating the data shared with the worker threads. When it receives the socket handle connected to the client sent by the connection allocator, the service process enters a loop, selects the handle and performs timeout processing, and at the same time interacts with the client and operates on shared data.

所述客户端以Eclipse插件的形式运行于软硬件资源丰富的宿主端开发机中,并通过网络同测试代理模块进行交互,将控制命令或者经过交叉编译工具链编译的可执行文件发送给目标机端的测试代理模块,客户端包括数据收集器和数据处理模块,数据收集器负责为客户端接收样本数据,交给数据处理模块进行数据的处理解析。数据处理模块按照一定的解析算法对数据进行分析处理,更新GUI上相应的组件。在开发机中,同样运行着符号解析器,为客户端插件提供符号解析服务。The client runs in the form of an Eclipse plug-in in the host development machine with rich hardware and software resources, and interacts with the test agent module through the network, and sends control commands or executable files compiled through the cross-compilation tool chain to the target machine The client test agent module, the client includes a data collector and a data processing module, the data collector is responsible for receiving sample data for the client, and handing it over to the data processing module for data processing and analysis. The data processing module analyzes and processes the data according to a certain analytical algorithm, and updates the corresponding components on the GUI. On the development machine, the symbol resolver is also running to provide symbol resolution services for client plug-ins.

所述数据收集器和数据处理模块从测试代理端收集数据,同时,对接收到的二进制数据进行格式的转换,主要是对字节序进行调整,将小端字节序的数据转化为大端字节序的Java结构,并保存在内存中。The data collector and the data processing module collect data from the test agent, and at the same time, convert the format of the received binary data, mainly to adjust the byte order, and convert the data of the little-endian byte order into a big-endian Java structures in byte order and stored in memory.

本发明通过客户端和测试代理端对嵌入式软件进行了实时在线的动态缺陷检测,并且能将测试数据动态直观地显示给测试用户。The invention implements real-time online dynamic defect detection on the embedded software through the client end and the test agent end, and can dynamically and visually display the test data to the test user.

附图说明Description of drawings

图1为交叉测试模型。Figure 1 shows the cross-test model.

图2为嵌入式软件动态缺陷检测的框架图。Figure 2 is a framework diagram of embedded software dynamic defect detection.

图3为测试代理模块框架图。Figure 3 is a frame diagram of the test agent module.

图4为采样模块结构图。Figure 4 is a structural diagram of the sampling module.

图5为客户端框架图。Figure 5 is a frame diagram of the client.

图6为客户端符号解析服务器功能图。Fig. 6 is a functional diagram of the client symbol parsing server.

图7为客户端控制层数据处理的过程图。FIG. 7 is a process diagram of data processing at the client control layer.

具体实施方法Specific implementation method

下面结合附图对本发明做进一步的说明。The present invention will be further described below in conjunction with the accompanying drawings.

本发明为了实现实时在线的缺陷检测,采用基于交叉测试的测试模式,如图1所示,测试工具运行在软硬件配置丰富的宿主机上,它对被测程序进行处理后,使其运行在软硬件资源相对缺乏的目标机上,产生测试信息,并通过一定的通信连接由测试代理传输到宿主机上,由测试工具接收并显示测试结果。In order to realize real-time online defect detection, the present invention adopts a test mode based on cross-test, as shown in Figure 1, the test tool runs on a host machine with rich software and hardware configuration, and after it processes the program to be tested, it runs on the Test information is generated on the target machine with relatively insufficient hardware and software resources, and is transmitted to the host machine by the test agent through a certain communication connection, and the test results are received and displayed by the test tool.

本发明中的嵌入式软件动态缺陷检测工具总体框架图如图2所示。设计上遵循交叉测试模式,分为客户端和测试代理端,客户端运行于开发机,测试代理端分为测试代理模块和内核采样模块。客户端以eclipse插件的形式运行在开发机JRE环境中,采用SWT/JFACE进行GUI设计。开发人员对程序交叉编译完毕后,可以用客户端将可执行文件上传给测试代理端,并告知测试代理端需要对哪些缺陷事件进行检测。测试代理模块接收可执行文件并将其作为子进程运行,同时将各种必需的配置信息通过字符设备接口写入内核模块中。内核模块通过字符设备接收配置信息,并且对微处理器的PMU硬件单元进行读写,根据配置信息进行各种寄存器进行配置、开始/停止PMU中断等操作;PMU中断处理负责进行具体的采样工作,对中断发生时所保存的用户态栈进行采样,提取其中的pc寄存器值,组织成样本数据结构保存到样本缓存中。测试代理模块进行完配置后,通过字符设备对样本缓存进行读取,并实时发送给客户端数据接收模块。客户端将这些样本数据进行解析,得到一系列的指令地址以及事件,通过调用地址解析服务,将指令地址与具体的源代码行进行对应,并生成渲染信息,交付给渲染模块。渲染模块对GUI进行更新,让开发人员能够从源代码中直观地获得动态缺陷事件的信息。The overall frame diagram of the embedded software dynamic defect detection tool in the present invention is shown in FIG. 2 . The design follows the cross-test mode, which is divided into a client and a test agent. The client runs on the development machine, and the test agent is divided into a test agent module and a kernel sampling module. The client runs in the JRE environment of the development machine in the form of an eclipse plug-in, and uses SWT/JFACE for GUI design. After the developer cross-compiles the program, he can use the client to upload the executable file to the test agent, and inform the test agent which defect events need to be detected. The test agent module receives the executable file and runs it as a child process, and at the same time writes various necessary configuration information into the kernel module through the character device interface. The kernel module receives the configuration information through the character device, and reads and writes the PMU hardware unit of the microprocessor, configures various registers, starts/stops the PMU interrupt and other operations according to the configuration information; the PMU interrupt processing is responsible for specific sampling work, Sampling the user state stack saved when the interrupt occurs, extracting the pc register value, organizing it into a sample data structure and saving it in the sample cache. After the test proxy module is configured, it reads the sample cache through the character device and sends it to the client data receiving module in real time. The client parses the sample data to obtain a series of instruction addresses and events. By calling the address resolution service, the client matches the instruction address with the specific source code line, generates rendering information, and delivers it to the rendering module. The rendering module updates the GUI, allowing developers to intuitively obtain the information of dynamic defect events from the source code.

测试代理端运行于目标机的嵌入式操作系统或目标板中。其包括用于采集和统计样本数据的采样模块和进行样本数据传送的测试代理模块。测试代理模块负责代理内核模块与客户端进行交互,接收客户端的请求与配置等,对内核模块做出相应的设置,并从内核模块中读取样本数据发送给客户端。它的结构如图3所示。包括Slave pool、连接分配器、工作线程与服务进程,所述连接分配器为Dispatcher处理请求和请求队列。The test agent runs on the embedded operating system of the target machine or on the target board. It includes a sampling module for collecting and counting sample data and a test agent module for transmitting sample data. The test proxy module is responsible for acting as an agent for the kernel module to interact with the client, receive client requests and configurations, etc., make corresponding settings for the kernel module, and read sample data from the kernel module and send it to the client. Its structure is shown in Figure 3. Including Slave pool, connection allocator, worker thread and service process, said connection allocator handles request and request queue for Dispatcher.

当Dispatcher接收一个客户端连接后,从客户端接收其所请求的服务类型,并生成request结构,放入请求队列中,并开始对队列中已有的请求进行调度,取出一个request交给Slave pool进行处理。Slave pool根据接收的Request类型,生成相应的服务进程,由于本发明所针对的是缺陷检测,所述的服务进程也是缺陷检测服务进程。缺陷检测服务进程只有一种服务状态,即缺陷检测服务。When Dispatcher receives a client connection, it receives the requested service type from the client, generates a request structure, puts it in the request queue, and starts scheduling the existing requests in the queue, and takes out a request to the Slave pool to process. Slave pool generates corresponding service process according to the Request type received, because what the present invention is aimed at is defect detection, described service process is also defect detection service process. The defect detection service process has only one service state, that is, the defect detection service.

服务进程负责与客户端进一步交互,处理具体的服务请求。对于缺陷检测来说,有既定的如下服务流程:The service process is responsible for further interaction with the client and processing specific service requests. For defect detection, there are established service processes as follows:

(1)接收客户端发送的缺陷事件,将其转换为PMU能够识别的事件编码后,写入采样模块的op_conf接口;(1) Receive the defect event sent by the client, convert it into an event code that can be recognized by the PMU, and write it into the op_conf interface of the sampling module;

(2)接收客户端发送的经过交叉编译的可执行文件,保存在目标机的本地文件系统中;(2) Receive the cross-compiled executable file sent by the client and save it in the local file system of the target machine;

(3)接收客户端发送的数据请求命令,将上一步接收的可执行文件作为被测子进程启动,并把它的pid写入采样模块的op_ctr接口;(3) Receive the data request command sent by the client, start the executable file received in the previous step as the subprocess to be tested, and write its pid into the op_ctr interface of the sampling module;

(4)启动工作线程。等待客户端发送命令,同时通过注册SIGCHLD信号处理函数,等待被测子进程结束。当被测子进程结束时,在信号处理函数中,向采样模块的op_ctr设备写入0,停止采样模块的工作。(4) Start the worker thread. Wait for the client to send a command, and at the same time, wait for the subprocess under test to end by registering the SIGCHLD signal processing function. When the sub-process under test ends, in the signal processing function, write 0 to the op_ctr device of the sampling module, and stop the work of the sampling module.

由于服务进程需要等待被测子进程的结束,以便停止采样模块的工作,通过向op_ctr写入0来完成,该操作需要对内核样本缓存进行冲洗,可能引起睡眠,等待op_data的读取进程来唤醒。如果服务进程既负责停止采样模块,同时也负责读取样本数据,则将产生死锁,服务进程可能会一直处于睡眠状态。Linux下线程是以独立的调度单元而存在的,因此工作线程的读取操作会唤醒服务进程,从而正常工作。Since the service process needs to wait for the end of the sub-process under test in order to stop the work of the sampling module, it is done by writing 0 to op_ctr. This operation needs to flush the kernel sample cache, which may cause sleep and wait for the read process of op_data to wake up. . If the service process is responsible for both stopping the sampling module and reading sample data, a deadlock will occur, and the service process may be in a sleep state all the time. Threads under Linux exist as independent scheduling units, so the read operation of the worker thread will wake up the service process to work normally.

测试代理端的采样模块以Linux内核模块的形式加载到内核空间中,对PMU寄存器进行操作,对指令地址进行采样。其结构如图4所示。The sampling module of the test agent is loaded into the kernel space in the form of a Linux kernel module, operates the PMU register, and samples the instruction address. Its structure is shown in Figure 4.

采样模块加载时在/dev下建立三个字符设备。提供用户空间进程与模块的交互接口,模块负责对被测程序的指令地址采样,所得地址和缺陷事件的结构被称为样本,放置在样本缓存中。测试代理工作进程对这些设备进行读写时,可能引起阻塞而睡眠。在采样模块中共有两个等待队列:wait_for_read和sync_queue。当进程通过op_data设备读取样本缓存、但缓存为空时,进程将在wait_for_read队列上进行睡眠,直到中断处理模块将新的样本加入缓存使缓存为非空状态时,将唤醒睡眠的进程,使进程读取样本数据;当进程试图使采样模块停止采样时,需要对op_ctr进行写操作,此时需要对样本缓存进行冲洗,使缓存中剩余的样本全部被读取。若缓存非空,则需要在sync_queue上进行睡眠,直到缓存为空,则由读取进程唤醒sync_queue上睡眠的进程,对缓存进行冲洗。采样模块中还维护了一个配置表,模块将用户空间传来的对模块的配置信息转换为对PMU进行读写的配置信息后,存放在配置表中。When the sampling module is loaded, three character devices are created under /dev. Provide the interactive interface between the user space process and the module. The module is responsible for sampling the instruction address of the program under test. The obtained address and defect event structure are called samples, which are placed in the sample cache. When the test agent worker process reads and writes these devices, it may cause blocking and sleep. There are two waiting queues in the sampling module: wait_for_read and sync_queue. When the process reads the sample cache through the op_data device, but the cache is empty, the process will sleep on the wait_for_read queue until the interrupt processing module adds new samples to the cache to make the cache non-empty, then wakes up the sleep process, making The process reads the sample data; when the process tries to make the sampling module stop sampling, it needs to write to op_ctr. At this time, it needs to flush the sample buffer so that all the remaining samples in the buffer are read. If the cache is not empty, it needs to sleep on the sync_queue until the cache is empty, then the reading process wakes up the sleeping process on the sync_queue to flush the cache. A configuration table is also maintained in the sampling module. After the module converts the configuration information of the module from the user space into the configuration information for reading and writing the PMU, it is stored in the configuration table.

客户端模块以Eclipse插件的形式开发并集成到GDIX嵌入式软件测试平台中,如附图5所示,按照MVC模式,即模型-视图-控制(Model-View-Control)模式进行设计,并且整个客户端以插件的形式运行于JRE之上。在开发机Linux系统上,同时运行着符号解析器,为客户端插件提供符号解析服务。开发人员将源代码利用交叉编译工具链编译成为可执行文件,并通过对视图层的操作传递给测试代理,以及发送配置信息后,便可从工程视图中打开源文件到编辑区,直观地看到源代码上对于缺陷事件的标记情况。The client module is developed in the form of an Eclipse plug-in and integrated into the GDIX embedded software test platform, as shown in Figure 5, designed according to the MVC pattern, namely the Model-View-Control (Model-View-Control) pattern, and the entire The client runs on the JRE as a plug-in. On the Linux system of the development machine, a symbol parser is running at the same time to provide symbol parsing services for client plug-ins. The developer compiles the source code into an executable file using the cross-compilation tool chain, and passes it to the test agent through the operation of the view layer, and after sending the configuration information, the source file can be opened from the engineering view to the editing area, and the To mark the defect event on the source code.

模型层为客户端提供了几个基本的数据模型,包括进行符号解析需要的地址信息、分析字节流数据转化的结构化符号信息以及更新GUI所需的渲染信息;The model layer provides several basic data models for the client, including address information required for symbol analysis, structured symbol information for analyzing byte stream data conversion, and rendering information required for updating GUI;

在控制层,客户端控制与测试代理端的网络连接、发送和接收网络数据、对接收的字节流数据进行分析以及渲染。在分析渲染的过程中,需要对地址符号进行解析,将指令地址与源文件以及代码行进行对应,才能帮助开发人员找到问题所在;其中,在客户端把符号解析模块独立成符号解析器,通过本地网络与客户端通信,符号解析服务器与客户端控制层的交互如图6所示,当控制层的渲染模块需要对获取的样本中的指令地址进行解析时,如果映射表尚未取得,则连接符号解析服务器,并将所需要解析的可执行文件所在路径告知服务器。后者对相应路径上的ELF可执行文件进行读取,获得在其中记录的地址——代码行映射的调试信息,符号解析服务器将映射关系存储为(地址,文件名,行号)三元组的数组,发送给客户端渲染模块使用。图7清楚地说明了控制层数据处理的过程,采取三个线程、两级缓存进行协作的好处在于,缓解网络数据的收集、分析和渲染之间的速度差异,使得网络访问以及GUI响应更加流畅迅速。In the control layer, the client controls and tests the network connection of the agent, sends and receives network data, analyzes and renders the received byte stream data. In the process of analyzing and rendering, it is necessary to analyze the address symbol, and match the instruction address with the source file and the code line, so as to help developers find the problem; among them, the symbol analysis module is independently formed into a symbol resolver on the client side, through The local network communicates with the client, and the interaction between the symbol analysis server and the client control layer is shown in Figure 6. When the rendering module of the control layer needs to analyze the instruction address in the obtained sample, if the mapping table has not been obtained, the connection The symbol analysis server informs the server of the path of the executable file to be analyzed. The latter reads the ELF executable file on the corresponding path to obtain the debugging information of the address-code line mapping recorded in it, and the symbol analysis server stores the mapping relationship as (address, file name, line number) triplet An array of , sent to the client rendering module for use. Figure 7 clearly illustrates the process of data processing at the control layer. The advantage of using three threads and two-level cache for collaboration is to alleviate the speed difference between network data collection, analysis and rendering, making network access and GUI response smoother fast.

展示层在MVC模式中负责对数据进行显示。它利用Eclipse的扩展点机制,对Eclipse进行扩展,以插件的形式来实现功能。The presentation layer is responsible for displaying data in the MVC pattern. It uses the extension point mechanism of Eclipse to extend Eclipse and implement functions in the form of plug-ins.

Claims (8)

1.一种嵌入式软件动态缺陷检测方法,由客户端和测试代理端两部分共同协作完成,所述客户端设置在开发机中,测试代理端设置在目标机中,客户端和测试代理端通过网络进行通信,使得测试代理端所采集的样本数据通过网络实时发送给客户端进行分析并实时更新显示;1. A dynamic defect detection method for embedded software, which is completed by the joint cooperation of the client and the test agent, the client is set in the development machine, the test agent is set in the target machine, the client and the test agent Communicate through the network, so that the sample data collected by the test agent is sent to the client through the network in real time for analysis and real-time update display; 所述测试代理端包括用于采集和统计样本数据的采样模块和进行样本数据传送的测试代理模块;The test agent includes a sampling module for collecting and counting sample data and a test agent module for sample data transmission; 其特征在于:所述采样模块分为PMU配置模块、中断处理模块、控制模块、proc文件系统接口、配置表以及样本缓存;It is characterized in that: the sampling module is divided into a PMU configuration module, an interrupt processing module, a control module, a proc file system interface, a configuration table and a sample cache; 所述PMU配置模块是基于微处理支持的PMU硬件单元,封装PMU硬件单元的操作细节,提供抽象访问接口供上层调用;The PMU configuration module is based on the PMU hardware unit supported by microprocessing, encapsulates the operation details of the PMU hardware unit, and provides an abstract access interface for upper layer calls; 所述中断处理模块是对系统运行时发生的多种硬件事件中断进行捕获处理,对引起这些事件的指令地址进行采样,组织为样本并存入样本缓存;The interrupt processing module is to capture and process various hardware event interrupts that occur when the system is running, sample the instruction addresses that cause these events, organize them into samples and store them in the sample cache; 所述控制模块通过proc文件系统接口与测试代理模块进行交互,接收事件配置信息,经过配置表映射为PMU事件码,通过PMU配置模块写入PMU事件选择单元,通过proc文件系统接口返回样本缓存中的样本数据信息;The control module interacts with the test agent module through the proc file system interface, receives the event configuration information, maps it to the PMU event code through the configuration table, writes the PMU event selection unit through the PMU configuration module, and returns to the sample cache through the proc file system interface sample data information; 所述proc文件系统接口是测试代理模块和采样模块进行交互的接口,采样模块通过它向测试代理模块提供样本数据访问接口,同时,测试代理模块把它作为采样模块的配置接口;Described proc file system interface is the interface that test proxy module and sampling module interact, sampling module provides sample data access interface to test proxy module by it, meanwhile, test proxy module uses it as the configuration interface of sampling module; 所述配置表是一个便于查找的哈希表结构,维护事件配置信息和PMU硬件单元事件码的对应关系;The configuration table is a hash table structure that is convenient for searching, and maintains the correspondence between event configuration information and PMU hardware unit event codes; 所述样本缓存采用循环队列来表示,用于存放中断处理模块生成的样本数据信息,供测试代理模块通过proc文件系统接口读取并发送给开发机的客户端;The sample cache is represented by a circular queue, which is used to store the sample data information generated by the interrupt processing module for the test agent module to read and send to the client of the development machine through the proc file system interface; 所述测试代理模块包括Slave pool、连接分配器、工作线程与服务进程;The test agent module includes Slave pool, connection allocator, working thread and service process; 所述Slave pool是一个专为测试代理模块实现的进程池,Slave pool通过Domain Socket同服务进程通信,传递socket句柄,并了解它们的状态;Described Slave pool is a process pool that is specially implemented for testing agent module, and Slave pool communicates with service process through Domain Socket, transfers socket handle, and understands their state; 所述连接分配器负责监听服务端口,接收连接请求并调用Slave pool的接口对请求进行分配和管理;The connection allocator is responsible for listening to the service port, receiving the connection request and calling the interface of the Slave pool to allocate and manage the request; 所述工作线程通过proc文件系统接口从采样模块的样本缓存中读取测试样本数据信息,并通过客户端连接socket发送给客户端;The working thread reads the test sample data information from the sample cache of the sampling module through the proc file system interface, and sends it to the client through the client connection socket; 所述服务进程与客户端进行交互,并且操作与工作线程共享的数据,当它接收到连接分配器发送过来的与客户端连接的socket句柄后,服务进程进入一个循环中,对该句柄select并进行超时处理,同时进行与客户端交互、对共享数据的操作;The service process interacts with the client, and operates the data shared with the worker thread. When it receives the socket handle connected to the client sent by the connection allocator, the service process enters a loop, selects and Perform timeout processing, and simultaneously interact with the client and operate on shared data; 所述客户端包括数据收集器和数据处理模块,数据收集器为客户端接收样本数据,并交给数据处理模块进行数据的处理解析,数据处理模块按照设定的解析算法对数据进行分析处理,并更新GUI上相应的组件。The client includes a data collector and a data processing module, the data collector receives sample data for the client, and hands it over to the data processing module for data processing and analysis, and the data processing module analyzes and processes the data according to a set analysis algorithm, And update the corresponding components on the GUI. 2.根据权利要求1所述的嵌入式软件动态缺陷检测方法,其特征在于所述测试代理端运行于目标机的嵌入式操作系统或目标板中。2. The embedded software dynamic defect detection method according to claim 1, characterized in that said test agent runs on an embedded operating system or a target board of a target machine. 3.根据权利要求2所述的嵌入式软件动态缺陷检测方法,其特征在于所述采样模块运行于嵌入式Linux的内核空间中,进行缺陷样本数据采集,并提供接口供测试代理模块进行配置和读取。3. the embedded software dynamic defect detection method according to claim 2, it is characterized in that described sampling module operates in the kernel space of embedded Linux, carries out defect sample data collection, and provides interface for testing proxy module to configure and read. 4.根据权利要求2或3所述的嵌入式软件动态缺陷检测方法,其特征在于所述测试代理模块运行于嵌入式Linux的用户空间中,监听特定端口,并提供嵌入式缺陷检测测试服务,与发起连接的客户端进行交互,读取采样模块采集的样本数据,通过网络实时发送给客户端。4. according to the described embedded software dynamic defect detection method of claim 2 or 3, it is characterized in that described test agent module runs in the user space of embedded Linux, monitors specific port, and provides embedded defect detection test service, Interact with the client that initiated the connection, read the sample data collected by the sampling module, and send it to the client in real time through the network. 5.根据权利要求1所述的嵌入式软件动态缺陷检测方法,其特征在于所述客户端以Eclipse插件的形式运行于开发机中,并通过网络同测试代理模块进行交互,将控制命令或者经过交叉编译工具链编译的可执行文件发送给目标机的测试代理模块。5. the embedded software dynamic defect detection method according to claim 1, it is characterized in that described client runs in the development machine with the form of Eclipse plug-in, and interacts with test agent module by network, will control order or pass through The executable file compiled by the cross-compilation toolchain is sent to the test agent module of the target machine. 6.根据权利要求1或5所述的嵌入式软件动态缺陷检测方法,其特征在于所述数据收集器和数据处理模块从测试代理端收集二进制格式的数据,并对接收到的二进制数据进行格式的转换,包括对字节序进行调整,将小端字节序的数据转化为大端字节序的Java结构,并保存在内存中。6. The embedded software dynamic defect detection method according to claim 1 or 5, characterized in that said data collector and data processing module collect the data in binary format from the test agent, and format the received binary data The conversion includes adjusting the byte order, converting the little-endian data into a big-endian Java structure, and storing it in memory. 7.根据权利要求1所述的嵌入式软件动态缺陷检测方法,其特征在于所述开发机还设置有符号解析器,为客户端插件提供符号解析服务。7. The embedded software dynamic defect detection method according to claim 1, characterized in that said development machine is also provided with a symbol resolver to provide symbol resolution services for client plug-ins. 8.根据权利要求7所述的嵌入式软件动态缺陷检测方法,其特征在于所述客户端以Eclipse插件的形式开发并集成到GDIX嵌入式软件测试平台中,按照模型-视图-控制三层模式进行设计,并且整个客户端以插件的形式运行于JRE之上;8. the embedded software dynamic defect detection method according to claim 7, is characterized in that described client is developed and integrated in the GDIX embedded software testing platform with the form of Eclipse plug-in, according to model-view-control three-layer pattern Design, and the entire client runs on the JRE in the form of a plug-in; 所述模型层为客户端提供基本的数据模型,包括进行符号解析需要的地址信息、分析字节流数据转化的结构化符号信息以及更新GUI所需的渲染信息;The model layer provides the client with a basic data model, including address information required for symbol analysis, structured symbol information for analyzing byte stream data conversion, and rendering information required for updating the GUI; 所述控制层控制客户端与测试代理端的网络连接、发送和接收网络数据、对接收的字节流数据进行分析以及渲染;The control layer controls the network connection between the client and the test agent, sends and receives network data, analyzes and renders the received byte stream data; 所述展示层在对数据进行显示,其利用Eclipse的扩展点机制,对Eclipse进行扩展,以插件的形式来实现。The display layer is displaying data, and it uses the extension point mechanism of Eclipse to extend Eclipse and implement it in the form of plug-ins.
CN2010102658991A 2010-08-27 2010-08-27 Dynamic defect detection system for embedded software Expired - Fee Related CN101937392B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN2010102658991A CN101937392B (en) 2010-08-27 2010-08-27 Dynamic defect detection system for embedded software

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN2010102658991A CN101937392B (en) 2010-08-27 2010-08-27 Dynamic defect detection system for embedded software

Publications (2)

Publication Number Publication Date
CN101937392A true CN101937392A (en) 2011-01-05
CN101937392B CN101937392B (en) 2012-06-20

Family

ID=43390732

Family Applications (1)

Application Number Title Priority Date Filing Date
CN2010102658991A Expired - Fee Related CN101937392B (en) 2010-08-27 2010-08-27 Dynamic defect detection system for embedded software

Country Status (1)

Country Link
CN (1) CN101937392B (en)

Cited By (16)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102393829A (en) * 2011-10-31 2012-03-28 华南理工大学 Disk I/O (Input/Output) test system oriented to embedded system
CN102654537A (en) * 2012-03-31 2012-09-05 西南大学 Alternating current-direct current space charge measuring system and method capable of improving pulsed electro-acoustic method
CN103514177A (en) * 2012-06-20 2014-01-15 盛趣信息技术(上海)有限公司 Data storage method and system
CN103793325A (en) * 2014-01-24 2014-05-14 深圳市同洲电子股份有限公司 Kernel debugging method and system
CN103955424A (en) * 2014-03-25 2014-07-30 杭州电子科技大学 Virtualized embedded type binary software defect detection system
CN104536745A (en) * 2014-12-19 2015-04-22 用友金融信息技术有限公司 Task modification method and device
WO2016019732A1 (en) * 2014-08-06 2016-02-11 中兴通讯股份有限公司 Method, device, and system for processing operation result
CN105846973A (en) * 2016-04-25 2016-08-10 北京智能综电信息技术有限责任公司 Embedded software protocol testing method and device
CN106649112A (en) * 2016-12-20 2017-05-10 中国电子科技集团公司第五十四研究所 Platform plug-in technology oriented testing method
CN106933661A (en) * 2017-02-27 2017-07-07 百富计算机技术(深圳)有限公司 A kind of method and apparatus of debugging embedded system multiple interrupt
CN108563450A (en) * 2018-04-27 2018-09-21 董利军 A kind of JAVA virtual machine adaptive optimization method, device and readable storage medium storing program for executing
CN109491923A (en) * 2018-12-14 2019-03-19 东软集团股份有限公司 Determination method, apparatus, medium and the electronic equipment of newly-increased abnormality code
CN110427316A (en) * 2019-07-04 2019-11-08 沈阳航空航天大学 Embedded software defect-restoration method therefor based on access behavior perception
CN111324527A (en) * 2019-12-09 2020-06-23 许华敏 Device and method for testing interrupt program through data acquisition mode
CN112069029A (en) * 2020-09-04 2020-12-11 北京计算机技术及应用研究所 Performance acquisition monitoring system of domestic platform PMU self-adaptation
CN116955044A (en) * 2023-09-12 2023-10-27 北京开源芯片研究院 Method, device, equipment and medium for testing cache working mechanism of processor

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101354675A (en) * 2008-08-19 2009-01-28 华南理工大学 A method for dynamic memory detection of embedded software
CN101630285A (en) * 2009-08-07 2010-01-20 华南理工大学 Software performance testing method applied in embedded system

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101354675A (en) * 2008-08-19 2009-01-28 华南理工大学 A method for dynamic memory detection of embedded software
CN101630285A (en) * 2009-08-07 2010-01-20 华南理工大学 Software performance testing method applied in embedded system

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
《计算机工程》 20091031 刘发贵等 嵌入式软件动态内存检测工具的设计与实现 44-46 1-8 第35卷, 第20期 2 *

Cited By (27)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102393829B (en) * 2011-10-31 2014-02-12 华南理工大学 Disk I/O (Input/Output) test system oriented to embedded system
CN102393829A (en) * 2011-10-31 2012-03-28 华南理工大学 Disk I/O (Input/Output) test system oriented to embedded system
CN102654537A (en) * 2012-03-31 2012-09-05 西南大学 Alternating current-direct current space charge measuring system and method capable of improving pulsed electro-acoustic method
CN103514177A (en) * 2012-06-20 2014-01-15 盛趣信息技术(上海)有限公司 Data storage method and system
CN103793325A (en) * 2014-01-24 2014-05-14 深圳市同洲电子股份有限公司 Kernel debugging method and system
CN103955424B (en) * 2014-03-25 2016-08-24 杭州电子科技大学 The embedded binary software defect detecting system of a kind of virtualization
CN103955424A (en) * 2014-03-25 2014-07-30 杭州电子科技大学 Virtualized embedded type binary software defect detection system
CN105335145B (en) * 2014-08-06 2019-06-25 中兴通讯股份有限公司 Operating result processing method, apparatus and system
WO2016019732A1 (en) * 2014-08-06 2016-02-11 中兴通讯股份有限公司 Method, device, and system for processing operation result
CN105335145A (en) * 2014-08-06 2016-02-17 中兴通讯股份有限公司 Operation result processing method, device and system
CN104536745A (en) * 2014-12-19 2015-04-22 用友金融信息技术有限公司 Task modification method and device
CN104536745B (en) * 2014-12-19 2018-01-16 用友金融信息技术有限公司 Task amending method and task modification device
CN105846973A (en) * 2016-04-25 2016-08-10 北京智能综电信息技术有限责任公司 Embedded software protocol testing method and device
CN106649112A (en) * 2016-12-20 2017-05-10 中国电子科技集团公司第五十四研究所 Platform plug-in technology oriented testing method
CN106649112B (en) * 2016-12-20 2019-02-15 中国电子科技集团公司第五十四研究所 A Testing Method Oriented to Platform Plug-in Technology
CN106933661A (en) * 2017-02-27 2017-07-07 百富计算机技术(深圳)有限公司 A kind of method and apparatus of debugging embedded system multiple interrupt
CN108563450A (en) * 2018-04-27 2018-09-21 董利军 A kind of JAVA virtual machine adaptive optimization method, device and readable storage medium storing program for executing
CN109491923A (en) * 2018-12-14 2019-03-19 东软集团股份有限公司 Determination method, apparatus, medium and the electronic equipment of newly-increased abnormality code
CN109491923B (en) * 2018-12-14 2021-11-12 东软集团股份有限公司 Method, device, medium and electronic equipment for determining newly added abnormal code
CN110427316A (en) * 2019-07-04 2019-11-08 沈阳航空航天大学 Embedded software defect-restoration method therefor based on access behavior perception
CN110427316B (en) * 2019-07-04 2023-02-14 沈阳航空航天大学 Embedded software defect repairing method based on access behavior perception
CN111324527A (en) * 2019-12-09 2020-06-23 许华敏 Device and method for testing interrupt program through data acquisition mode
CN111324527B (en) * 2019-12-09 2023-08-11 武汉滨湖电子有限责任公司 Device and method for testing interrupt program in data acquisition mode
CN112069029A (en) * 2020-09-04 2020-12-11 北京计算机技术及应用研究所 Performance acquisition monitoring system of domestic platform PMU self-adaptation
CN112069029B (en) * 2020-09-04 2023-11-14 北京计算机技术及应用研究所 Domestic platform PMU self-adaptive performance acquisition monitoring system
CN116955044A (en) * 2023-09-12 2023-10-27 北京开源芯片研究院 Method, device, equipment and medium for testing cache working mechanism of processor
CN116955044B (en) * 2023-09-12 2023-12-22 北京开源芯片研究院 Method, device, equipment and medium for testing cache working mechanism of processor

Also Published As

Publication number Publication date
CN101937392B (en) 2012-06-20

Similar Documents

Publication Publication Date Title
CN101937392B (en) Dynamic defect detection system for embedded software
CN103729288B (en) The adjustment method of application program under a kind of embedded multi-core environment
CN112463417B (en) Migration adaptation method, device and equipment based on domestically produced ICT software and hardware platform
Pathak et al. Where is the energy spent inside my app? Fine Grained Energy Accounting on Smartphones with Eprof
Ravindranath et al. {AppInsight}: Mobile App Performance Monitoring in the Wild
CN104750603B (en) A kind of multi-core DSP software simulator and its physical layer software test method
Li et al. From library portability to para-rehosting: Natively executing microcontroller software on commodity hardware
CN100435111C (en) Parallel debugging and performance analysis method supporting multi-language and multi-platform in heterogeneous environment
CN101630285A (en) Software performance testing method applied in embedded system
JPH0689200A (en) Debug system and method
CN102722434A (en) Performance test method and tool aiming at Linux process scheduling
CN112052073A (en) Script performance analysis method and device, readable storage medium and electronic device
CN100370432C (en) A device and method for automated testing of embedded software
Koehler et al. Performance analysis challenges and framework for high-performance reconfigurable computing
CN120029887B (en) Application program instrumentation method, system, electronic device, storage medium, and computer program product
Rondeau et al. Inspecting GNU radio applications with controlport and performance counters
US6986127B1 (en) Debugging apparatus and method for systems of configurable processors
CN102393829B (en) Disk I/O (Input/Output) test system oriented to embedded system
CN109542731B (en) A performance monitoring method for GPU-oriented hierarchical progressive drill-down
CN110231931A (en) A kind of power supply real-time control module and system
US20080141223A1 (en) Mock source program generation program, method and apparatus
CN118550777A (en) Debug system and method for obtaining debug information
Khamparia et al. Program analysis with dynamic instrumentation Pin and performance tools
Wen et al. s2db: A novel simulation-based debugger for sensor network applications
Zheng et al. wBPF: Efficient Edge-Case Observability for CXL Pooling systems via eBPF

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
C14 Grant of patent or utility model
GR01 Patent grant
CF01 Termination of patent right due to non-payment of annual fee
CF01 Termination of patent right due to non-payment of annual fee

Granted publication date: 20120620

Termination date: 20170827