http://www.newsmth.net/bbsanc.php?path=%2Fgroups%2Fcomp.faq%2FKernelTech%2Fkernelsrc_reading_20040130%2FM.1038836997.A
1.改源代码编译的Makefile,将gcc 改成gcc -g
使成生的vmlinux中含有debug信息
2.所有生成.o的rule中再加一条gcc /*其他参数除了-c外抄生成.o文件用的参数*/-E
-dD -C $< > /preprocessing/$(shell pwd)/$<
生成预处理文件从这个文件里面能很容易找到c源文件的宏定义
3.objdump -S -l -z vmlinux > vmlinux.txt
反汇编vmlinux到vmlinux.txt,vmlinux.txt含有汇编和c源文件的混合代码,看起来很方
便。而且能一步步看linux怎么一步步运行的。
4.objdump -x vmlinux > x.txt
vmliux中所有段的头信息,其中包口vmlinux的入口地址等
5.objdump --debugging vmlinux > debugging.txt
很多有用的debug信息,如函数名,结构体定义等
我觉的用根据以上信息,ultraedit看很方便。尤其在vmlinux.txt中选中文件名,用ult
raedit右键的open能马上打开文件,很方便。
大家试试根据vmlinux.txt从头到尾看一遍linux的启动过程,肯定很有感受。
参照以上方法 对vmlinux进行分析
ENTRY(stext)
setmode PSR_F_BIT | PSR_I_BIT | SVC_MODE, r9 @ ensure svc mode
@ and irqs disabled
mrc p15, 0, r9, c0, c0 @ get processor id
bl __lookup_processor_type @ r5=procinfo r9=cpuid
movs r10, r5 @ invalid processor (r5=0)?
beq __error_p @ yes, error 'p'
bl __fixup_machine_type
bl __lookup_machine_type @ r5=machinfo
movs r8, r5 @ invalid machine (r5=0)?
beq __error_a @ yes, error 'a'
bl __vet_atags
bl __create_page_tables
/*
* The following calls CPU specific code in a position independent
* manner. See arch/arm/mm/proc-*.S for details. r10 = base of
* xxx_proc_info structure selected by __lookup_machine_type
* above. On return, the CPU will be ready for the MMU to be
* turned on, and r0 will hold the CPU control register value.
*/
ldr r13, __switch_data @ address to jump to after
@ mmu has been enabled
adr lr, BSYM(__enable_mmu) @ return (PIC) address
ARM( add pc, r10, #PROCINFO_INITFUNC )
THUMB( add r12, r10, #PROCINFO_INITFUNC )
THUMB( mov pc, r12 )
ENDPROC(stext)
__lookup_processor_type:
从__proc_info_begin到__proc_info_end的__proc_info
c002d114 T __proc_info_begin
c002d114 t __v6_proc_info
c002d114 T _einittext
c002d17c T __proc_info_end
从arch\arm\mm\proc-v6.S得到__v6_proc_info
__fixup_machine_type:
查询可以使用的machine_type
__lookup_machine_type:
从__arch_info_begin到__arch_info_end
c002d17c T __arch_info_begin
c002d17c t __mach_desc_MSM7X25_FFA
c002d1b0 t __mach_desc_MSM7X25_SURF
c002d1e4 t __mach_desc_MSM7X27_FFA
c002d218 t __mach_desc_MSM7X27_SURF
c002d24c T __arch_info_end
从board-xxx.c得到MSM7X27_SURF的machine_info
.boot_params = PHYS_OFFSET + 0x100,
.map_io = msm7x2x_map_io,
.init_irq = msm7x2x_init_irq,
.init_machine = msm7x2x_init,
.timer = &msm_timer,
这些参数在start_kernel()启动时候会用到
__vet_atags:
c002d24c T __tagtable_begin
c002d24c t __tagtable_parse_tag_cmdline
c002d254 t __tagtable_parse_tag_revision
c002d25c t __tagtable_parse_tag_serialnr
c002d264 t __tagtable_parse_tag_ramdisk
c002d26c t __tagtable_parse_tag_videotext
c002d274 t __tagtable_parse_tag_mem32
c002d27c t __tagtable_parse_tag_core
c002d284 t __tagtable_parse_tag_initrd2
c002d28c t __tagtable_parse_tag_initrd
c002d294 t __tagtable_parse_tag_msm_partition
c002d29c T __tagtable_end
#define __tagtable(tag, fn) \
static struct tagtable __tagtable_##fn __tag = { tag, fn }
__create_page_tables:
创建页表
.align 2
.type __switch_data, %object
__switch_data:
.long __mmap_switched
.long __data_loc @ r4
.long _data @ r5
.long __bss_start @ r6
.long _end @ r7
.long processor_id @ r4
.long __machine_arch_type @ r5
.long __atags_pointer @ r6
.long cr_alignment @ r7
.long init_thread_union + THREAD_START_SP @ sp
__mmap_switched:
adr r3, __switch_data + 4
ldmia r3!, {r4, r5, r6, r7}
cmp r4, r5 @ Copy data segment if needed
1: cmpne r5, r6
ldrne fp, [r4], #4
strne fp, [r5], #4
bne 1b
mov fp, #0 @ Clear BSS (and zero fp)
1: cmp r6, r7
strcc fp, [r6],#4
bcc 1b
ARM( ldmia r3, {r4, r5, r6, r7, sp})
THUMB( ldmia r3, {r4, r5, r6, r7} )
THUMB( ldr sp, [r3, #16] )
str r9, [r4] @ Save processor ID
str r1, [r5] @ Save machine type
str r2, [r6] @ Save atags pointer
bic r4, r0, #CR_A @ Clear 'A' bit
stmia r7, {r0, r4} @ Save control register values
b start_kernel---------------------------------------------------------------------->到此进入C语言代码
ENDPROC(__mmap_switched)
8630
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
