CN115080096A - Patching method and device - Google Patents

Patching method and device Download PDF

Info

Publication number
CN115080096A
CN115080096A CN202110265595.3A CN202110265595A CN115080096A CN 115080096 A CN115080096 A CN 115080096A CN 202110265595 A CN202110265595 A CN 202110265595A CN 115080096 A CN115080096 A CN 115080096A
Authority
CN
China
Prior art keywords
function
address
program
chip
instruction
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202110265595.3A
Other languages
Chinese (zh)
Inventor
王大耀
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Shenzhen Goodix Technology Co Ltd
Original Assignee
Shenzhen Goodix Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Shenzhen Goodix Technology Co Ltd filed Critical Shenzhen Goodix Technology Co Ltd
Priority to CN202110265595.3A priority Critical patent/CN115080096A/en
Priority to PCT/CN2021/142350 priority patent/WO2022188516A1/en
Publication of CN115080096A publication Critical patent/CN115080096A/en
Pending legal-status Critical Current

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F8/00Arrangements for software engineering
    • G06F8/60Software deployment
    • G06F8/65Updates
    • G06F8/656Updates while running
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F8/00Arrangements for software engineering
    • G06F8/60Software deployment
    • G06F8/65Updates
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F8/00Arrangements for software engineering
    • G06F8/60Software deployment
    • G06F8/65Updates
    • G06F8/66Updates of program code stored in read-only memory [ROM]

Landscapes

  • Engineering & Computer Science (AREA)
  • Software Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Debugging And Monitoring (AREA)

Abstract

The application provides a patching method and a patching device, wherein a chip comprises a first program, and when the first program is executed to a first function, an interrupt service program is operated, wherein the first function is a problem function determined in the debugging process of the chip; acquiring an address of a second function based on a preset address mapping relation between the first function and the second function, wherein the first function and the second function are stored in different memories, and the second function is a patch function of the first function; running the second function based on the address of the second function to complete patching processing on the chip; and returning to execute the third function positioned after the first function in the first program.

Description

Patching method and device
Technical Field
The present application relates to the field of chip technologies, and in particular, to a patching method and apparatus.
Background
In the existing chip system, a CPU peripheral IP, and hardware units such as RAM and ROM are generally provided, a ROM boot code is used for powering on and booting a chip, and chip firmware is placed in a ROM space. However, if a software problem is discovered after the device is programmed, resetting the memory device may require a significant cost.
Therefore, there is a need to provide a patching method to solve or partially solve the above technical problems.
Disclosure of Invention
In order to solve the above technical problem, in a first aspect, the present application provides a patching method applied to a chip, where the chip includes a first program, and the first program includes a first function and a third function, and the method includes:
when the first program is executed to the first function, running an interrupt service program, wherein the first function is a problem function determined in the chip debugging process;
acquiring an address of a second function based on a preset address mapping relation between the first function and the second function, wherein the first function and the second function are stored in different memories, and the second function is a patch function of the first function;
running the second function based on the address of the second function to complete patching processing on the chip;
and returning to execute the third function positioned after the first function in the first program.
In one possible implementation manner, the running an interrupt service program when the first program executes to the first function includes:
when the first program is executed to the first function, comparing the address of the first function with at least one preset address, wherein the preset address comprises the addresses of a plurality of problem functions determined in the chip debugging process;
and if the comparison result is that the address of the first function is matched with any one preset address, running a first preset instruction to run the interrupt service program.
In one possible implementation, the first preset instruction is an SVC instruction.
In a possible implementation manner, the obtaining an address of the second function based on a preset address mapping relationship between the first function and the second function includes:
acquiring the content of a first instruction in an instruction address in a PC pointer;
and if the content of the first instruction is in a preset numerical range, acquiring the address of the second function based on a preset address mapping relation between the first function and the second function.
In one possible implementation manner, the preset address is stored in a register of a target component, and the target component is an FPB of the chip.
In one possible implementation manner, the first function and the third function are stored in a ROM of the chip, and the second function is stored in a flash of the chip.
In a second aspect, the present application provides a patching device, including a first program, the first program including a first function and a third function, the patching device including:
the first running module is used for running an interrupt service program when the first program is executed to the first function, wherein the first function is a problem function determined in the chip debugging process;
an obtaining module, configured to obtain an address of a second function based on a preset address mapping relationship between the first function and the second function, where the first function and the second function are stored in different memories, and the second function is a patch function of the first function;
the second operation module is used for operating the second function based on the address of the second function so as to complete patching processing on the chip;
and the return module is used for returning and executing the third function positioned after the first function in the first program.
Drawings
Fig. 1 is a schematic diagram of a patching method proposed in the related art;
fig. 2 is a diagram illustrating the acquisition of a call number of an SVC system in the related art;
fig. 3 is a flowchart of a patching method according to an embodiment provided in the present application;
FIG. 4 is a diagram illustrating triggering an SVC exception to run a second function in an embodiment of the present application;
FIG. 5 is a diagram illustrating a function call tree in one embodiment of the present application;
FIG. 6 is a diagram illustrating a dynamic patch tree of the function call tree shown in FIG. 5 according to an embodiment of the present application;
fig. 7 is a patching device provided in an embodiment of the present application.
Detailed Description
The technical solutions in the embodiments of the present application will be described below with reference to the drawings in the embodiments of the present application. In the description of the embodiments herein, "/" means "or" unless otherwise specified, for example, a/B may mean a or B; "and/or" herein is merely an association describing an associated object, and means that there may be three relationships, e.g., a and/or B, which may mean: a exists alone, A and B exist simultaneously, and B exists alone.
In the following, the terms "first", "second" are used for descriptive purposes only and are not to be understood as indicating or implying relative importance or implicitly indicating the number of technical features indicated. Thus, a feature defined as "first" or "second" may explicitly or implicitly include one or more of that feature. In the description of the embodiments of the present application, "a plurality" means two or more unless otherwise specified.
Under the current high-speed development of technology, the development of integrated circuits is very rapid, and the demand of Micro Controller (MCU) type chips is also rapidly developed due to market influence. However, the MCU type chip has a feature that when the chip is manufactured, a code (i.e., a program) is stored in an internal read-only memory (ROM) space to execute a boot (boot) program or other program with a specific function. After the chips are completely downloaded, the programs on the chips cannot be modified again, which requires that the stored programs absolutely have no problem, otherwise the chips with the problems cannot be used again.
In order to solve the high risk problem, various techniques for modifying the error function in the program have been proposed in the related art. For example, a dedicated hardware patch (patch) unit may be provided to implement the hardware patch mechanism, which requires modifying the code of the core of the chip, and is technically difficult, and may increase the complexity and cost of the system.
In the related art, a technique that can replace an error function in a program has also been proposed. According to Chapter23.10 in ARM Cortex-M3 and Cortex-M4 Authority guidelines (The Definitive Guide to ARM Cortex-M3 and Cortex-M4 Processors in English edition), by modifying a function call, a chip does not execute a problem function but executes a problem-free function corresponding to The problem function, The basic idea is as follows: if a function is problematic, it is preferable to replace the jump instruction that called the function, rather than attempting to fix the problem function.
In some types of chips, such as the ARM family of chips, including flash cache and breakpoint (FPB) units, the FPB is a CPU-select component. The operation mechanism of the FPB is that the FPB temporarily takes over the access of the CPU core to the Flash memory of certain addresses, replaces the Flash content of the corresponding addresses with breakpoint instructions and returns the breakpoint instructions to the CPU core, so that the CPU core stops operating because the breakpoint instructions are executed, or the FPB temporarily takes over the access of the CPU core to the Flash memory of certain addresses, replaces the Flash content of the corresponding addresses with instruction codes stored in the designated RAM of the FPB, and allows the CPU core to execute the replaced target instruction codes. Based on this, the related art patches a problem function in the ROM of the chip using the FPB.
Referring to fig. 1, a schematic diagram of a patching method proposed based on an FPB operation mechanism in the related art is specifically related.
The problem function 102 in the program of fig. 1 is located in a storage device such as a one-time programmable (OTP) ROM, and the patch function 104 is located in a Flash memory (Flash) or an Electrically Erasable Programmable Read Only Memory (EEPROM) 106. A processing device such as a chip may call the problem function 102 based on a jump instruction 110 (e.g., a B/BL/bl.w instruction, etc.). To avoid a processing device, such as a chip, executing the problem function 102, the chip, upon fetching the jump instruction 110, may respond based on the address of the jump instruction 110 to replace the jump instruction 110 with a jump instruction 112 in a register of the FPB, with the jump instruction 112 being used to jump to the patch function 104. In this way, after the processing device executes the patch function, the processing device returns to the original program to continue executing, thereby completing the patching processing. It can be understood that, in the scheme shown in fig. 1, a patch (patch) technology is used to replace an incorrect function in a program, so that the program can operate correctly, and the chip can continue to be used, so that a problem function is never executed, and thus, the modification of the program is completed.
However, the same hardware unit is used for the Patch property in the FPB and the breakpoint debugging function supported by the DeBugger (DeBugger), which is used to capture an exception \ event and determine whether the DeBugger needs to take over the exception \ event according to its own logic. When the debugger is connected to the controller, the debugger breakpoint debugging function will cover the patch configuration function in the FPB, and the patch and breakpoint debugging function cannot be realized simultaneously.
Further, in the technique shown in fig. 1, since the jump instruction (e.g., bl.w/BL, etc.) adopts a fixed length of 32 bits, if the register size is 32 bits, the jump instruction needs to ensure that the address of the jump instruction is 4-byte aligned, and if the address of the jump instruction cannot be 4-byte aligned, a joint implementation of 2 registers is needed, which may affect the execution efficiency of the processor.
Based on this, the application provides a new patching method, which is applied to processing equipment such as chips.
It should be noted that the patching method disclosed in the present application may be applied to a native program in a chip, that is, a non-editable program, and may also be applied to an editable program in a chip. Further, the chip may be an MCU chip, for example, an ARM series chip.
The core of the chip may be an ARM, or may also be an X86, a Million Instructions Per Second (MIPS), a PowerPC, and the like.
The present application takes an ARM kernel as an example for explanation, and it has been shown above that ARM provides a patch manner based on flash address reload and breakpoint FPB hardware.
In the patching method disclosed by the application, when the application program is operated, the problem function is replaced by triggering interruption, namely, the interruption service program is operated.
The interrupt handling process is described below.
The interrupt is that when the processor executes the program normally, the processor suspends the currently executing program due to the triggering of the internal or external event or the presetting of the program, and saves the relevant information of the executed program into the stack, and then executes the internal or external event or the interrupt service program for the time preset by the program, after the interrupt service program is executed, the processor acquires the information of the interrupted program saved in the stack, and continues to execute the interrupted program, which is called interrupt.
The types of interrupts may include three types: 1. soft interrupts (also called intra-interrupts); 2. external interrupt (also called hard interrupt) hard interrupt; 3. and (6) abnormal. The interrupts described in the embodiments of the present application may be of any of these three types.
The soft interrupt is realized based on an interrupt instruction, and the internal interrupt and interrupt request mode does not need to be triggered by an external applied signal but is called by internal interrupt control logic.
The interrupt processing method comprises the steps that an external interrupt is generated by an external device, an interrupt request signal is applied to an NMI pin or an INTR pin of a processor, and the processor identifies whether an interrupt request occurs or not by continuously detecting the NMI pin or the INTR pin signal.
The exception is an interrupt generated inside the CPU, that is, an illegal case such as a divisor of 0 or the like, which occurs when the CPU executes a specific instruction, so that it is impossible to generate an exception during execution of an instruction, and it is possible to generate an exception only after execution of one instruction, so that it is also called a synchronous interrupt.
It is to be understood that the interrupt service routine may include an exception handler, such as an SVC (SVC Call) exception handler.
In the following, an example of generating an SVC exception based on an SVC instruction in the related art and running an SVC exception handler is described.
The SVC instruction, with an 8-bit immediate (SVC num), can be considered as a parameter thereof, is encapsulated in the instruction itself, such as: SVC 3, indicating call to system service No. 3. An 8-bit immediate is encapsulated in this SVC instruction. Therefore, in the SVC service routine, it is necessary to read the SVC command triggering the SVC exception this time, and extract the bit segment where the 8-bit immediate is located, so as to determine the system call number (e.g. 3).
Specifically, after the SVC exception handler executes, the SVC instruction address of the last execution may be calculated from the return address of the automatic stacking. After the SVC instruction is found, the machine code of the SVC instruction can be read, the immediate value is extracted from the machine code, and the function code number requested to be executed, namely the system calling number, is obtained.
If the user program uses the Process Stack Pointer (PSP), the server program needs to first execute the instruction to obtain the stack pointer of the application program, and by analyzing the value of the LR register, it can know which stack is being used when the SVC instruction is executed. If a user program uses a Master Stack Pointer (MSP), the stack of the application program can be directly acquired.
Referring to fig. 2, a schematic diagram of obtaining a call number of an SVC system in the related art is shown.
Referring to fig. 2, a schematic diagram of obtaining a call number of an SVC system in the related art is shown in detail.
When the chip triggers an SVC exception, the chip hardware will automatically push the 8 registers, the program counter PC, the status word register Xpsr, the general purpose registers R0-R3, R12, and the link register LR, to form a stack 202. The program counter PC points to the address where the current instruction is executed, and the link register LR is used to store the address where the program returns and the return address of the PC.
After the stack is pushed, the LR register bit 2 value is tested, and the LR register bit 2 value is used to indicate which stack is being used when the SVC instruction executes. Specifically, if the value of bit 2 of the LR register is 1, it indicates that the process stack pointer is being used, and if the value of bit 2 of the LR register is 0, it indicates that the Main Stack Pointer (MSP) is being used.
After finding the stack 202 according to the stack pointer, the PC pointer value is read from the stack 202, and it can be understood that, at this time, the value in the PC pointer is an SVC instruction, an immediate number is read from the SVC instruction and put into a general purpose register (e.g., R0), and the system call number is obtained based on the immediate number, so that the system service function can be called by using the system call number.
In an embodiment of the application, in the running process of the first program, when a problem function is called, an SVC exception may be triggered to run an SVC exception handling program, then an address of a patch function is obtained based on a preset address mapping relationship between the problem function and the patch function, and after the running of the SVC exception handling program is completed, the address of the patch function is directly returned to, so that the problem function is prevented from being executed, and the patching processing on the chip is completed.
Referring to fig. 3, a flowchart of a patching method according to an embodiment of the present application is specifically described.
Step 302, when the first program is executed to the first function, the interrupt service program is run.
The first program is a program currently being executed by the processor, and is illustratively an inherent program of the chip.
The first program comprises at least one function, and the first program can call the functions in the first program according to the execution sequence of the first program. Wherein the first function indicates a problem function in the first program, i.e. a function that needs to be replaced.
It should be noted that the exception may be triggered in a variety of ways to run the interrupt service routine.
In one embodiment, a developer, through testing or programming, may determine one or more problem functions and the address of each problem function, which may be stored in a register in the FPB. When the first program runs to the first function, the address of the first function is compared with the addresses of all problem functions of a register in the FPB, if the comparison result shows that the address of the first function is matched with any one of the addresses of all the problem functions, the first function belongs to the problem functions, and a first preset instruction needs to be run to trigger the interrupt service program.
In one example, the first preset instruction comprises an SVC instruction, and it is understood that when the first preset instruction is the SVC instruction, the SVC exception handler is triggered.
In one example, the address of the first function may be configured directly as the address of the register of the FPB, such that when the first instruction of the first function is read, a jump is made directly to the register for comparison. It should be noted that, taking the ARM cutex M4 core as an example, wherein the FPB includes 6 registers for address comparison, the address of the first function can be compared with all the addresses in the 6 registers, and then whether the addresses match is determined.
Step 304, acquiring an address of the second function based on a preset address mapping relationship between the first function and the second function.
In an embodiment, a mapping relationship between the first function and the second function may be preset, such as an address mapping relationship, specifically, an address mapping table may be established in advance for an address of each problem function and an address of a corresponding patch function, and the address mapping table is stored in the FPB register, so that an address of the second function may be queried through an address of the first function based on the address mapping table to run the second function.
Referring to fig. 4, a schematic diagram of triggering an SVC exception to run a second function in one embodiment of the present application is specifically described.
Step 402, when the first program runs to the first function and the address of the first function matches with the preset address, an SVC exception is triggered.
The first program includes one or more main functions, for example, a main function 404 and a main function 406, which are stored in the ROM memory 400. Illustratively, when the main function 404 calls the first function 402, the address of the first function is matched with the address of the problem function stored in the register of the FPB, and if the addresses match, it is indicated that the first function belongs to the problem function.
When the address matches, the FPB is caused to return an arbitrary SVC instruction, not the first instruction of the first function, thereby triggering an SVC exception.
In step 404, the chip determines the triggering mode of the SVC. Specifically, this step is used to determine whether SVC is triggered by normal use or by address matching as described above.
Fig. 2 already shows that in the SVC process, the SVC hardware mechanism automatically stores the relevant registers (e.g., PC pointer) in the stack, and when an SVC exception is triggered, the value in the PC instruction address should be an SVC instruction. Therefore, it is known whether SVC is normally triggered by call _ SVC () or triggered in the manner shown in the above embodiments, i.e., triggered by address matching, by acquiring the instruction content at the PC pointer address.
It should be noted that the command content of the SVC command (SVC #0XFF) is 0XDF00 to 0XDFFF, and if the command content in the command address in the PC pointer is between 0XDF00 and 0XDFFF, it is indicated that the abnormality is triggered by _ SVC (), and a normal SVC jump should be performed by taking out the SVC registration address from the SVC command according to SVC num.
However, if the instruction content in the PC pointer instruction address is the instruction content of the first function, that is, the instruction content in the instruction address in the fetch PC pointer is out of the values of 0XDF00 to 0XDFFF, it indicates that the SVC exception is triggered by address matching.
And step 406, if the SVC exception is the address matching trigger, replacing the value in the PC pointer with the address of the second function.
If the SVC exception is triggered by address matching, the PC pointer instruction address can be replaced by the second function address, so that the SVC exception handler returns to the address execution of the second function after the SVC exception handler is executed. The second function 410 is a patch function of the first function 402 and is typically stored in Flash 408.
Specifically, when the instruction content pointed by the fetched PC pointer is not between 0XDF00 and 0XDFFF, the second function address may be obtained according to the preset address mapping relationship between the address of the first function and the second function address, and the instruction address in the PC pointer may be replaced by the address of the second function.
Therefore, after the SVC exception handler is executed, the instruction address in the PC pointer is the address of the second function, and the second function can be directly run. In this application, through step 302, the call number of the SVC does not need to correspond to each patch function or problem function one to one, and the SVC num does not need to be occupied, and the function implementation of the SVC is not affected. The jump can be completed only by establishing an address mapping table of the first function and the second function, and the realization is more convenient and simple.
And step 306, operating the second function to complete the patching processing of the chip.
After the address of the second function is obtained, the second function can be directly operated, so that the patching processing of the chip is completed.
In one embodiment, the first program further comprises a third function, the third function is a next function after the first function in the first program, and after the second function is called based on the address of the second function, the PC pointer points to the third function to sequentially execute the third function after the first function in the first program.
In the method shown in the application, because the size of the SVC instruction is only 16 bits (the bit number of the jump instruction such as BL is 32 bits), even if the address of the SVC cannot be aligned with 4 bytes, the SVC can be realized without combining 2 32-bit registers, thereby improving the execution efficiency of the processor.
Furthermore, the patching method triggers the SVC exception handling program through function address matching, does not occupy SVC num, and does not influence the function realization of SVC.
In the prior art, some chips including the FPB, for example, some serial chips related to ARM, the Patch characteristic and the breakpoint function in the debugger use the same hardware unit, if the controller is connected to the debugger, the breakpoint debugging function of the debugger will cover the Patch configuration function in the FPB, and the Patch and the breakpoint debugging function cannot be simultaneously realized.
Because the FPB breakpoint function is implemented in the application layer (not located in the ROM), the application can implement the breakpoint function through the time division multiplexing technology, and implement the patch function in the ROM based on the patching method shown in the application.
Further, the function and its subfunctions may be patched dynamically based on the method presented in the present application. Referring to fig. 5, a diagram of a function call tree in one embodiment of the present application is shown.
The main function (main function) may call a plurality of functions, such as func _ num3_0, fun _ num4_0, and func _ num3_1, wherein any one of the functions may include a problem sub-function (e.g., a function with a bug prefix in the figure).
The dynamic patching shown in the application indicates that a function and sub-functions thereof are dynamically patched, for example, func _ num3_0 and sub-functions thereof, fun _ num4_0 and sub-functions thereof, and func _ num3_1 and sub-functions thereof are patched in sequence.
Referring to fig. 6, a diagram of a dynamic patch tree of the function call tree shown in fig. 5 in an embodiment of the present application is described in detail.
It will be appreciated that the problem function may be located in a memory such as a ROM/OTP ROM (OTP ROM) and the patch function corresponding to the problem function may be located in a memory such as a Flash/EEPROM.
In one embodiment, there are 6 registers in the FPB, when the number of functions and their sub-functions belonging to the problem function (function with bug prefix in the figure) exceeds 6, for example, func _ num3_0 and fun _ num4_0 need to be patched by more than 6 functions, even though func _ num3_0 and fun _ num4_0 are not problem functions themselves, func _ num3_0 and fun _ num4_0 should be patched when the functions func _ num3_0 and fun _ num4_0 are called, and the patch function in Flash patch its sub-functions. When the main function calls the func _ num3_1 function, as the subfunctions of the main function only have 3 problem functions to be patched, the three subfunctions can be patched directly without realizing the func _ num3_1 function again.
Specifically, when the main function calls func _ num3_0 and func _ num4_0, func _ num3_0 and func _ num4_0 are regarded as problem functions, the patching processing is performed on func _ num3_0 and func _ num4_0 by executing the patching method shown in the application, and then after the patching processing is completed on func _ num3_0, the patching processing is continued on the basis of the patching method shown in the application, and the four problem sub-functions are respectively subjected to patching processing. Meanwhile, two problem sub-functions in func _ num4_0 can be patched.
After completing the patching process on the four problem sub-functions of func _ num4_0, the patching process on other problem functions can be continued, for example, the patching process is performed on the remaining two problem sub-functions in func _ num4_ 0.
In one example, when a main function calls func _ num3_1, the 3 problem sub-functions of func _ num3_1 can be patched directly.
The patching mechanism of the function can be arranged on the SDK layer, so that a user does not need to care how to patch, and developers can modify lib files of the function of the SDK layer.
Referring to fig. 7, the present application further provides a patching device, comprising
In one embodiment, the present application provides a patching device 700 comprising a first program including a first function and a third function, the patching device comprising:
a first running module 702, configured to run an interrupt service program when the first program is executed to the first function, where the first function is a problem function determined in a chip debugging process;
an obtaining module 704, configured to obtain an address of a second function based on a preset address mapping relationship between the first function and the second function, where the first function and the second function are stored in different memories, and the second function is a patch function of the first function;
a second running module 706, configured to run the second function based on an address of the second function, so as to complete patching processing on the chip;
a returning module 708, configured to return to execute the third function after the first function in the first program.
In one possible implementation, the first operation module is further configured to
When the first program is executed to the first function, comparing the address of the first function with at least one preset address, wherein the preset address comprises the addresses of a plurality of problem functions determined in the chip debugging process;
and if the comparison result is that the address of the first function is matched with any one preset address, running a first preset instruction to run the interrupt service program.
In one possible implementation, the first preset instruction is an SVC instruction.
In one possible implementation manner, the second operation module is configured to obtain content of a first instruction in an instruction address in a PC pointer;
and if the content of the first instruction is in a preset numerical range, acquiring the address of the second function based on the preset address mapping relation between the first function and the second function.
In one possible implementation manner, the preset address is stored in a register of a target component, and the target component is an FPB of the chip.
In one possible implementation manner, the first function and the third function are stored in a ROM of the chip, and the second function is stored in a flash of the chip.
Embodiments of the present application further provide a computer-readable storage medium, which includes computer instructions, when the computer instructions are executed on the electronic device, cause the electronic device to perform the method described in the present application.
Each functional unit in the embodiments of the present application may be integrated into one processing unit, or each unit may exist alone physically, or two or more units are integrated into one unit. The integrated unit can be realized in a form of hardware, and can also be realized in a form of a software functional unit.
The integrated unit, if implemented in the form of a software functional unit and sold or used as a stand-alone product, may be stored in a computer readable storage medium. Based on such understanding, the technical solutions of the embodiments of the present application may be essentially implemented or make a contribution to the prior art, or all or part of the technical solutions may be implemented in the form of a software product stored in a storage medium and including several instructions for causing a computer device (which may be a personal computer, a server, or a network device) or a processor to execute all or part of the steps of the methods described in the embodiments of the present application. And the aforementioned storage medium includes: flash memory, removable hard drive, read only memory, random access memory, magnetic or optical disk, and the like.
The above description is only an embodiment of the present application, but the scope of the present application is not limited thereto, and any changes or substitutions within the technical scope of the present disclosure should be covered by the scope of the present application. Therefore, the protection scope of the present application shall be subject to the protection scope of the claims.

Claims (12)

1. A patching method applied to a chip, the chip including a first program, the first program including a first function and a third function, the method comprising:
when the first program is executed to the first function, running an interrupt service program, wherein the first function is a problem function determined in the chip debugging process;
acquiring an address of a second function based on a preset address mapping relation between the first function and the second function, wherein the first function and the second function are stored in different memories, and the second function is a patch function of the first function;
running the second function based on the address of the second function to complete patching processing on the chip;
and returning to execute the third function positioned after the first function in the first program.
2. The patching method of claim 1, wherein running an interrupt service routine when the first program executes to the first function comprises:
when the first program is executed to the first function, comparing the address of the first function with at least one preset address, wherein the preset address comprises the addresses of a plurality of problem functions determined in the chip debugging process;
and if the comparison result is that the address of the first function is matched with any one preset address, running a first preset instruction to run the interrupt service program.
3. The patching method of claim 2,
the first preset instruction is an SVC instruction.
4. The patching method of any one of claims 1-3, wherein the obtaining the address of the second function based on a preset address mapping relationship between the first function and the second function comprises:
acquiring the content of a first instruction in an instruction address in a PC pointer;
and if the content of the first instruction is in a preset numerical range, acquiring the address of the second function based on a preset address mapping relation between the first function and the second function.
5. The patching method of claim 2, wherein the preset address is saved in a register of a target component, the target component being an FPB of the chip.
6. The patching method of claim 1, wherein the first function and the third function are stored in a ROM of the chip, and the second function is stored in a flash of the chip.
7. A patching device comprising a first program, the first program comprising a first function and a third function, the patching device comprising:
the first running module is used for running an interrupt service program when the first program is executed to the first function, wherein the first function is a problem function determined in the chip debugging process;
an obtaining module, configured to obtain an address of a second function based on a preset address mapping relationship between the first function and the second function, where the first function and the second function are stored in different memories, and the second function is a patch function of the first function;
the second operation module is used for operating the second function based on the address of the second function so as to complete patching processing on the chip;
a return module, configured to return to execute the third function located after the first function in the first program.
8. The patching device of claim 7, wherein the first operation module is further configured to
When the first program is executed to the first function, comparing the address of the first function with at least one preset address, wherein the preset address comprises the addresses of a plurality of problem functions determined in the chip debugging process;
and if the comparison result is that the address of the first function is matched with any one preset address, running a first preset instruction to run the interrupt service program.
9. The patching device of claim 8, wherein the first preset instruction is an SVC instruction.
10. The patching device of claim 7, wherein the second running module is configured to obtain the content of the first instruction in the instruction address in the PC pointer;
and if the content of the first instruction is in a preset numerical range, acquiring the address of the second function based on a preset address mapping relation between the first function and the second function.
11. The patching device of claim 8, wherein the preset address is saved in a register of a target component, the target component being an FPB of the chip.
12. The patching device of claim 7, wherein the first function and the third function are stored in a ROM of the chip, and the second function is stored in a flash of the chip.
CN202110265595.3A 2021-03-11 2021-03-11 Patching method and device Pending CN115080096A (en)

Priority Applications (2)

Application Number Priority Date Filing Date Title
CN202110265595.3A CN115080096A (en) 2021-03-11 2021-03-11 Patching method and device
PCT/CN2021/142350 WO2022188516A1 (en) 2021-03-11 2021-12-29 Patching method and apparatus

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202110265595.3A CN115080096A (en) 2021-03-11 2021-03-11 Patching method and device

Publications (1)

Publication Number Publication Date
CN115080096A true CN115080096A (en) 2022-09-20

Family

ID=83227376

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202110265595.3A Pending CN115080096A (en) 2021-03-11 2021-03-11 Patching method and device

Country Status (2)

Country Link
CN (1) CN115080096A (en)
WO (1) WO2022188516A1 (en)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN116414424A (en) * 2023-06-09 2023-07-11 建信金融科技有限责任公司 Thermal updating method, device, equipment and storage medium
CN118094653A (en) * 2024-04-26 2024-05-28 深圳市纽创信安科技开发有限公司 Chip password function realization method, system, readable medium and product

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110192178A (en) * 2017-09-08 2019-08-30 深圳市汇顶科技股份有限公司 Method, apparatus, micro-control unit and the terminal device of program patch installing
CN111694594A (en) * 2020-05-18 2020-09-22 成都盛芯微科技有限公司 Control method and system of patch program
CN111868684A (en) * 2020-01-17 2020-10-30 深圳市汇顶科技股份有限公司 Method for patching chip and chip

Family Cites Families (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106775671A (en) * 2016-11-30 2017-05-31 武汉虹信通信技术有限责任公司 A kind of hot patch restorative procedure in the linux environment for communication system
CN110187920B (en) * 2019-04-01 2022-06-10 深圳市德明利技术股份有限公司 BOOT code expansion method of OTP-based main control chip
CN110162328B (en) * 2019-05-28 2023-11-03 东信和平科技股份有限公司 Method and device for upgrading intelligent card operating system

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110192178A (en) * 2017-09-08 2019-08-30 深圳市汇顶科技股份有限公司 Method, apparatus, micro-control unit and the terminal device of program patch installing
CN111868684A (en) * 2020-01-17 2020-10-30 深圳市汇顶科技股份有限公司 Method for patching chip and chip
CN111694594A (en) * 2020-05-18 2020-09-22 成都盛芯微科技有限公司 Control method and system of patch program

Cited By (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN116414424A (en) * 2023-06-09 2023-07-11 建信金融科技有限责任公司 Thermal updating method, device, equipment and storage medium
CN116414424B (en) * 2023-06-09 2023-09-12 建信金融科技有限责任公司 Thermal updating method, device, equipment and storage medium
CN118094653A (en) * 2024-04-26 2024-05-28 深圳市纽创信安科技开发有限公司 Chip password function realization method, system, readable medium and product
CN118094653B (en) * 2024-04-26 2024-08-13 深圳市纽创信安科技开发有限公司 Chip password function realization method, system, readable medium and product

Also Published As

Publication number Publication date
WO2022188516A1 (en) 2022-09-15

Similar Documents

Publication Publication Date Title
US6915416B2 (en) Apparatus and method for microcontroller debugging
US8261130B2 (en) Program code trace signature
US7752427B2 (en) Stack underflow debug with sticky base
RU2281547C2 (en) Method for data exchange using several sets of commands
US7661035B2 (en) Method and system for instruction tracing with enhanced interrupt avoidance
WO2022188516A1 (en) Patching method and apparatus
US11645068B2 (en) Method for implementing function jump, apparatus, and computer storage medium
US9459991B2 (en) Heap dump object identification in a heap dump analysis tool
US7793160B1 (en) Systems and methods for tracing errors
US11693760B2 (en) System and methods for live debugging of transformed binaries
CN107506638B (en) Kernel control flow abnormity detection method based on hardware mechanism
US7162611B2 (en) Unhandled operation handling in multiple instruction set systems
CN114625660A (en) Debugging method and device
US11599342B2 (en) Pathname independent probing of binaries
US6907515B2 (en) Configuration control within data processing systems
WO2020101928A1 (en) Efficient register breakpoints
US11720474B2 (en) System and methods for post mortem debugging of transformed binaries
CN114047952B (en) Processor and method for single chip microcomputer, single chip microcomputer and storage medium
CN114942779A (en) Patch implementation method and device, embedded system and storage medium
CN110096888B (en) Method and system for accelerating verification and analyzing SMM potential safety hazard
CN114238153B (en) Binary file detection method in Linux system
CN113535249B (en) Data processing method, apparatus, device, storage medium, and program product
US11816487B2 (en) Method of converting extended instructions based on an emulation flag and retirement of corresponding microinstructions, device and system using the same
JPH06103109A (en) Data processor and debugging device using the same
CN112084112A (en) Hot patch testing method and device and server

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination