[文章]Hi3861开发板LiteOs-m启动流程
0
6
鸿蒙芯片Hi3861启动流程介绍
Hi3861系统LoaderBoot启动流程
Hi3861系统FlashBoot代码介绍
之前三篇文章都介绍了鸿蒙和LiteOs-m之前的流程和代码,这篇介绍一下liteos代码,但是3861的liteos有部分代码没有源代码,还有就是有一部分虽说有源代码,但是并没有参与编译,但我们通过map文件和汇编文件一样可以捋一遍流程。文件功能如下,编译链接工具生成的,其实这俩文件主要作用不是用来分析流程的,因为汇编文件毕竟不容易看懂,主要是当板子崩溃时,分析定位问题的,我们不需要知道太多汇编,只需要知道跳转语句就够了。
先看一下启动log:
[19:38:46.442]收←◆ready to OS start
sdk ver:Hi3861V100R001C00SPC025 2020-09-03 18:10:00
formatting spiffs...
[19:38:46.754]收←◆FileSystem mount ok.
[19:38:46.803]收←◆wifi init success!
hievent init success.[HCtest Service] HCTest Framework inited.
******To Obtain Product Params Start******
The Product Type is [****]
The manuFacture is [****]
The brand is [****]
The marketName is [****]
The productSeries is [****]
The softwareModel is [****]
The HardwareModel is [****]
The HardwareProfile is [aout:true,display:true]
The serial is [1234567890]
The osName is [OpenHarmony-1.0.1.0(Beta)]
The OS Version is [OpenHarmony 1.0.1]
The bootloaderVersion is [bootloader
[19:38:46.841]收←◆]
The Security Patch is [2020-09-01]
The AbiList is [****]
The sdkApiLevel is [3]
The firstApiLevel is [1]
The productSeries is [OpenHarmony 1.0]
The VersionID is [****/****/****/****/OpenHarmony-1.0.1.0(Beta)/****/****/3/OpenHarmony 1.0/debug]
The buildType is [debug]
The buildUser is [jenkins]
The buildHost is [win]
The buildTime is [1630208743680]
The BuildRootHash is []
******To Obtain Product Params End ******
[19:38:46.979]收←◆Start to run test suite:SamgrApiTestSuite
hiview init success.00 00:00:00 0 4 D 0/HIVIEW: log limit init success.
00 00:00:00 0 4 I 1/SAMGR: Bootstrap core services(count:12).
00 00:00:00 0 4 I 1/SAMGR: Init service:0x50f514 TaskPool:0xf40b8
00 00:00:00 0 4 I 1/SAMGR: Init service:0x50f520 TaskPool:0xf4028
00 00:00:00 0 4 I 1/SAMGR: Init service:0x510c60 TaskPool:0xf4048
00 00:00:00 0 4 I 1/SAMGR: Init service:0x511fa0 TaskPool:0xf4208
00 00:00:00 0 4 I 1/SAMGR: Init service:0x518824 TaskPool:0xf40b8
[19:38:47.024]收←◆
00 00:00:00 0 4 I 1/SAMGR: Init service:0x518834 TaskPool:0xf40b8
00 00:00:00 0 4 I 1/SAMGR: Init service:0x518948 TaskPool:0xf4228
00 00:00:00 0 4 I 1/SAMGR: Init service:0x518954 TaskPool:0xf4248
00 00:00:00 0 4 I 1/SAMGR: Init service:0x518960 TaskPool:0xf4268
00 00:00:00 0 4 I 1/SAMGR: Init service:0x51896c TaskPool:0xf4288
00 00:00:00 0 4 I 1/SAMGR: Init service:0x518aa4 TaskPool:0xf42a8
00 00:00:00 0 4 I 1/SAMGR: Init service:0x518ab4 TaskPool:0xf42a8
00 00:00:00 0 92 I 1/SAMGR: Init service
[19:38:47.068]收←◆0x50f520 <time: 100ms> success!
00 00:00:00 0 24 I 1/SAMGR: Init service 0x51896c <time: 90ms> success!
00 00:00:00 0 192 I 1/SAMGR: Init service 0x50f514 <time: 100ms> success!
00 00:00:00 0 192 I 1/SAMGR: Init service 0x518824 <time: 90ms> success!
00 00:00:00 0 192 I 1/SAMGR: Init service 0x518834 <time: 90ms> success!
00 00:00:00 0 36 I 1/SAMGR: Init service 0x510c60 <time: 100ms> success!
00 00:00:00 0 136 I 1/SAMGR: Init service 0x511fa0 <time: 100ms> success!
00 00:00:00 0 180 I 1/SAMGR: Init
[19:38:47.113]收←◆service 0x518960 <time: 110ms> success!
00 00:00:00 0 124 I 1/SAMGR: Init service 0x518aa4 <time: 110ms> success!
00 00:00:00 0 124 I 1/SAMGR: Init service 0x518ab4 <time: 110ms> success!
00 00:00:00 0 80 I 1/SAMGR: Init service 0x518954 <time: 240ms> success!
00 00:00:00 0 236 I 1/SAMGR: Init service 0x518948 <time: 240ms> success!
00 00:00:00 0 236 I 1/SAMGR: Initialized all core system services!
00 00:00:00 0 192 I 1/SAMGR: Bootstrap system and application services(count:6).
00 00:00:00 0 192 I 1/SAMGR: Init service:0x5172a8 TaskPool:0xf40b8
00 00:00:00 0 192 I 1/SAMGR: Init service:0x51745c TaskPool:0xf40b8
00 00:00:00 0 192 I 1/SAMGR: Init service:0x51815c TaskPool:0xf45d8
再说一下二进制程序的分段,一个编译完成的固件通常有以下几部分:
1.RO段包括只读代码段(code段/.text段)和常量段(RO Data段/.constdata段)。
2.RW段(.data段)指已被初始化成非0值的变量段。
3. ZI段(.bss段)指未被初始化或初始化为0的变量段。
这样我们可以知道我们源代码的函数和字符串常量都位于text段,map文件中还可以看到目标文件的位置,比如main是liteos启动的主要函数,它的位置如下:
通过asm查看main文件中main函数如下:
通过查看可以看到这个函数中调用了如下函数:
change_uart
hi_patch_init
CheckChipVer
OsBoardConfig
LOS_KernelInit
AppInit
LOS_Start
AppInit函数中有app_main函数,位于
libwifiiot_app.a(app_main.o)中,app_main函数中最重要的函数就是OHOS_Main
位于libwifiiot_app.a(ohos_main.o)中,
OHOS_Main函数中有hi_at_init,G_OHOS_AT_FUNC_TBL,OHOS_SystemInit
这样一调用,终于调用到了鸿蒙的函数OHOS_SystemInit,位于system_init.c文件中
,然后我们看开发板启动时候的log打印:[19:38:46.442]收←◆ready to OS start
sdk ver:Hi3861V100R001C00SPC025 2020-09-03 18:10:00
formatting spiffs...
ready to OS start这句打印是在main函数中,main函数没有源码,但不代表改变不了这个字符串,由之前的ro,rw,bss可知,这个字符串可以找到的,我们用二进制文本工具打开liblitekernel_flash.a,搜索发现有这个字符串
我们把字符串改动一下,然后打开文件libsystem.a,搜索到Hi3861V100R001C00SPC025 2020-09-03 18:10:00相关信息,也改变一下字符串,重新编译程序,烧录后,启动信息如下:
[19:37:45.235]收←◆ready to AV start
sdk ver:Hi3861V100R001C00SPC025 2020-09-03 18:10:00
formatting spiffs...
发现第一个改动生效了,第二个改动没生效,由此可以知道第一个字符串是放到了ro段常量中,第二个改动应该是运行时读取到的,编译环境中并不存在这个信息,通过map文件也可以确认,被放到了bss段中。
回帖高级模式
声明:本文内容及配图由入驻作者撰写或者入驻合作网站授权转载。文章观点仅代表作者本人,不代表电子发烧友网立场。文章及其配图仅供工程师学习之用,如有内容图片侵权或者其他问题,请联系本站作侵删。 侵权投诉