Using GDB

最新推荐文章于 2021-10-09 16:22:24 发布
翻译 最新推荐文章于 2021-10-09 16:22:24 发布 · 508 阅读 · 0
文章标签:

#google #android #debug #gdb #shell

本文详细介绍使用GDB调试Android应用和进程的方法。涵盖调试运行中的应用、原生进程启动、应用启动、崩溃的应用或进程等情况,还提及无符号调试和使用VS Code调试,同时说明了使用GDB的前提条件。

Using GDB

The GNU Project debugger (GDB) is a commonly used Unix debugger. This page details using gdb to debug Android apps and processes for platform developers. For third-party app development, see Debug Your App.

 

Prerequisites

To use GDB for debugging apps and processes:

  • Set up environment with envsetup.sh
  • Run the lunch command

For more help with setting up your environment, see Preparing to Build.

Debugging running apps or processes

To connect to an already-running app or native daemon, use gdbclient.py with a PID. For example, to debug the process with PID 1234, run:

gdbclient.py -p 1234

The script sets up port forwarding, starts the appropriate gdbserver on the device, starts the appropriate gdb on the host, configures gdb to find symbols, and connects gdb to the remote gdbserver.

Note: In Android 6 and lower the script was a shell script called gdbclient instead of a Python script called gdbclient.py.

 

Debugging native process startup

To debug a process as it starts, use gdbserver or gdbserver64. For a 64-bit executable:

adb shell gdbserver64 :5039 /system/bin/MY_TEST_64_BIT_APP

For a 32-bit executable:

adb shell gdbserver :5039 /system/bin/MY_TEST_32_BIT_APP

Example output:

Process MY_TEST_64_BIT_APP created; pid = 3460
Listening on port 5039

Next, identify the application PID from the gdbserver output and use it in another terminal window:

gdbclient.py -p APP_PID

Finally, enter continue at the gdb prompt.

Note: If you specify the wrong gdbserver, you'll get an unhelpful error message (such as "Reply contains invalid hex digit 59").

 

Debugging app startup

Sometimes you want to debug an app as it starts, such as when there's a crash and you want to step through code to see what happens before the crash. Attaching works in some cases, but in other cases is impossible because the app crashes before you can attach. The logwrapper approach (used for strace and valgrind) does not always work because the app might not have permissions to open a port, and gdbserver inherits that restriction.

To debug app startup, use the developer options in Settings to instruct the app to wait for a Java debugger to attach:

  • Go to Settings > Developer options > Select debug app and choose your app from the list, then press Wait for debugger.
  • Start the app, either from the launcher or by using the command line to run:
adb shell am start -a android.intent.action.MAIN -n APP_NAME/.APP_ACTIVITY
  • Wait for the app to load and a dialog to appear telling you the app is waiting for a debugger.
  • Attach gdbserver/gdbclient normally, set breakpoints, then continue the process.

To let the app actually run, attach a Java Debug Wire Protocol (JDWP) debugger such as Java Debugger (jdb):

adb forward tcp:12345 jdwp:XXX  # (Where XXX is the pid of the debugged process.)
jdb -attach localhost:12345

 

Debugging apps or processes that crash

If you want debuggerd to suspend crashed processes so you can attach gdb, set the appropriate property:

# Android 7.0 Nougat and later.
adb shell setprop debug.debuggerd.wait_for_gdb true

 

# Android 6.0 Marshmallow and earlier.
adb shell setprop debug.db.uid 999999

At the end of the usual crash output, debuggerd provides instructions on how to connect gdb using the command:

gdbclient.py -p PID

Debugging without symbols

For 32-bit ARM, if you don’t have symbols, gdb can get confused about the instruction set it is disassembling (ARM or Thumb). To specify the instruction set chosen as the default when symbol information is missing, set the following property:

set arm fallback-mode arm  # or thumb

 

Debugging with VS Code

GDB supports debugging platform code on Visual Studio Code. You can use the VS Code debugger frontend instead of the GDB CLI interface to control and debug native code running on devices.

Before using VS Code for debugging, make sure you install the C/C++ extension.

To debug code using VS Code:

  • Ensure all build artifacts (such as symbols) required to run gdbclient.py are present.
  • Run the following command:
gdbclient.py -p pid | -n proc-name | -r ... --setup-forwarding vscode ANY_OTHER_FLAGS

This prints a JSON object and gdbclient.py continues running. This is expected; do not kill the gdbclient.py program.

  • In the debugging tab in VS Code, select add configuration, then select C/C++ gdb attach. This opens a launch.json file and adds a new JSON object to a list.
  • Delete the newly added debugger configuration.
  • Copy the JSON object printed by gdbclient.py and paste it into the object you just deleted. Save the changes.
  • To reload the window to refresh the debugger list, press Ctrl+Shift+P and type "reload window".
  • Select the new debugger configuration and press run. The debugger should connect after 10 to 30 seconds.
  • When you are done debugging, go to the terminal running gdbclient.py and press enter to end the gdbclient.py program.

After setting up the debugger configuration for the first time, you can skip steps 3 through 6.

传送门https://source.android.com/devices/tech/debug/gdb

MIT6.828 Lab2-1 Using gdb
QQQ的博客
05-27 863
Lab2
MIT XV6 - 2.1 Lab: system calls - Using gdb
05-27 822
本文介绍了在Xv6操作系统学习过程中使用GDB调试器的基本方法。主要内容包括:1) 阅读教材第二章及相关代码的重要性;2) 推荐GDB学习资源;3) 详细演示了如何通过两个终端窗口连接QEMU模拟器和GDB调试器:先运行make qemu-gdb启动模拟器,再启动GDB;4) 展示了在GDB中设置断点(b syscall)、继续执行(c)、查看源码(layout src)、查看调用栈(backtrace)等基本调试操作;5) 通过检查进程结构体和寄存器值,将调试结果与user/initcode.S汇编代码进
使用GDB(二):调试程序常用命令
yelvens的博客
10-09 5916
一、启动程序 run,简写r:运行被调试的程序。如果此前没有下过断点,则执行完整个程序;如果有断点,则程序暂停在第一个可用断点处 start:开始调试,停在第一行代码处 二、改变控制流程 next,简写n:执行一行源程序代码,此行代码中的函数调用也一并执行,(gdb) n,(gdb) n line-number step,简写s:执行一行源程序代码,如果此行代码中有函数调用,则进入该函数,(gdb) s,(gdb) s line-number continue,简写c:继续执行被调试程序,直至下一个断
Android GDB的使用
Deep Lee的专栏
07-21 699
官网介绍 https://source.android.com/devices/tech/debug/gdb 简单使用 前提 source build/envsetup.sh lunch aosp_arm64-userdebug Native process development/scripts/gdbclient.py -p 例如:mediacodec 的 pid是 388 要dbg mediacodec 只需要 development/scripts/gdbclient.py -p 388 下面就是
搭建Android源码调试环境(三)——调试C/C++(使用CLion)
心中要有一片海的专栏
01-18 6909
前言 aosp自带gdbclient.py脚本用于调试 kevin@kevin-GS60-2PL /mnt/2ffc0bac-5896-499a-9ae6-79e610162482/aosp $ gdbclient.py usage: gdbclient.py [-h] [--adb ADB_PATH] [-a | -d | -e | -s SERIAL] ...
gdbclient调试Android源码
Neuuranus的专栏
02-27 2324
  由于工作需要,最近重新开始接触C/C++开发和调试,自然离不开gdb的使用,很久之前使用过的一些gdb命令都忘的差不多了,重新温习了相关操作,顺便写篇文章记录一下。   gdb是C/C++常用的开发调试工具,但是调试时需要配置symbol路径等参数,对于C/C++调试经验较少的人来说上手还是略麻烦,好在GoogleAndroid6.0和7.0相继加入了gdbclientgdbclient....
使用 gdb 调试 Android Framework Native 代码
04-04 1117
Android 系统源码中自带 gdb 调试工具,下面举例示范如何使用 gdb 来调试 framework 的 native 代码。 前提条件: 1. Android 系统源码,要调试的代码需要编译。 2. Android 设备中运行的是上一条中的代码编译出来的程序。 一、获取进程 PID 假设我们当前想要调试系统的媒体播放服务 MediaPlayerService,这个服务是在 mediaserver 进程中启动的,故需要先查找该进程的 PID。 设备连接到电脑并开启adb,在命令行中执行:
using gdb in emacs
11-10
在emacs中使用gdb,网页格式,经典。
请告诉我具体的实验步骤: Lab: system calls In the last lab you used system calls to write a few utilities. In this lab you will add some new system calls to xv6, which will help you understand how they work and will expose you to some of the internals of the xv6 kernel. You will add more system calls in later labs. Before you start coding, read Chapter 2 of the xv6 book, and Sections 4.3 and 4.4 of Chapter 4, and related source files: • The user-space "stubs" that route system calls into the kernel are in user/usys.S, which is generated by user/usys.pl when you run make. Declarations are in user/user.h • The kernel-space code that routes a system call to the kernel function that implements it is in kernel/syscall.c and kernel/syscall.h. • Process-related code is kernel/proc.h and kernel/proc.c. To start the lab, switch to the syscall branch: $ git fetch $ git checkout syscall $ make clean If you run make grade you will see that the grading script cannot exec trace and sysinfotest. Your job is to add the necessary system calls and stubs to make them work. Using gdb (easy) In many cases, print statements will be sufficient to debug your kernel, but sometimes being able to single step through some assembly code or inspecting the variables on the stack is helpful. To learn more about how to run GDB and the common issues that can arise when using GDB, check out this page. To help you become familiar with gdb, run and then fire up gdb in another window (see the gdb bullet on the guidance page). Once you have two windows open, type in the gdb window: make qemu-gdb (gdb) b syscall Breakpoint 1 at 0x80002142: file kernel/syscall.c, line 243. (gdb) c Continuing. [Switching to Thread 1.2] Thread 2 hit Breakpoint 1, syscall () at kernel/syscall.c:243 243 { (gdb) layout src (gdb) backtrace The layout command splits the window in two, showing where gdb is in the source code. The backtrace prints out the stack backtrace. See Using the GNU Debugger for helpful GDB commands. Answer the following questions in answers-syscall.txt. Looking at the backtrace output, which function called syscall? Type a few times to step past struct proc *p = myproc(); Once past this statement, type , which prints the current process's proc struct (see kernel/proc.h>) in hex. np /x *p What is the value of p->trapframe->a7 and what does that value represent? (Hint: look user/initcode.S, the first user program xv6 starts.) The processor is running in kernel mode, and we can print privileged registers such as sstatus (see RISC-V privileged instructions for a description): (gdb) p /x $sstatus What was the previous mode that the CPU was in? In the subsequent part of this lab (or in following labs), it may happen that you make a programming error that causes the xv6 kernel to panic. For example, replace the statement num = p->trapframe->a7; with num = * (int *) 0; at the beginning of syscall, run , and you will see something similar to: make qemu xv6 kernel is booting hart 2 starting hart 1 starting scause 0x000000000000000d sepc=0x000000008000215a stval=0x0000000000000000 panic: kerneltrap Quit out of qemu. To track down the source of a kernel page-fault panic, search for the sepc value printed for the panic you just saw in the file kernel/kernel.asm, which contains the assembly for the compiled kernel. Write down the assembly instruction the kernel is panicing at. Which register corresponds to the variable num? To inspect the state of the processor and the kernel at the faulting instruction, fire up gdb, and set a breakpoint at the faulting epc, like this: (gdb) b *0x000000008000215a Breakpoint 1 at 0x8000215a: file kernel/syscall.c, line 247. (gdb) layout asm (gdb) c Continuing. [Switching to Thread 1.3] Thread 3 hit Breakpoint 1, syscall () at kernel/syscall.c:247 Confirm that the faulting assembly instruction is the same as the one you found above. Why does the kernel crash? Hint: look at figure 3-3 in the text; is address 0 mapped in the kernel address space? Is that confirmed by the value in scause above? (See description of scause in RISC-V privileged instructions) Note that scause was printed by the kernel panic above, but often you need to look at additional info to track down the problem that caused the panic. For example, to find out which user process was running when the kernel paniced, you can print out the process's name: (gdb) p p->name What is the name of the binary that was running when the kernel paniced? What is its process id (pid)? This concludes a brief introduction to tracking down bugs with gdb; it is worth your time to revisit Using the GNU Debugger when tracking down kernel bugs. The guidance page also has some other other useful debugging tips.
最新发布
11-16
根据用户需求,我需要提供xv6系统调用实验的具体步骤,包括添加新系统调用、使用GDB调试、解答相关问题以及追踪内核崩溃问题。下面我将分步骤详细说明。 ### 1. **添加新系统调用** 在xv6中添加新系统调用需要修改...
使用GDB在VS Code调试Android C/C++代码(无需Android源码)
陈六生的博客
08-19 4878
需求分析 在开发Android Native程序时(仅C/C++代码,无APK应用),之前在调试的过程中一直只是使用添加LOG的方式来定位程序的问题,而在Linux上开发平台程序时,可以方便使用GDB工具来调试,所以迫切的希望在调试Android Native程序也能一样方便。 探索过程 官方文档说明 在Android官方文档使用 GDB中介绍了如何使用GDB调试。它提到的前置条件是使用Android源码中gdbclient.py脚本,此脚本会设置端口转发,在设备上启动相应的 gdbserver,在主机上启
使用VS Code调试Android C++代码
热门推荐
zhaojia的博客
08-20 1万+
本文可以转载,请注明来源:https://blog.csdn.net/zhaojia92 Android系统源码自带调试脚本gdbclient.py可调试HAL层和Native程序,该工具免除了手动配置gdb的麻烦。gdbclient.py底层调用adb与手机建立连接,调用linux gdb远程连接手机端的gdbserver进行调试;由于是在字符界面调试,有时会对查看和阅读上下文代码造成不便,a...
gdb 的调试原理 以及Android的安全机制
Mark_YPQ的专栏
07-26 2191
这两天在看NDK文档的时候,看到一句话“Native debugging ... does not require root or privileged access, aslong as your application is debuggable”。咦,NDK调试不就是通过ptrace来实现调试的么?在非Root的手机上是怎么进行ptrace的呢?借这两个问题正好可以介绍一下Android的安
使用omniORBpy开发简单CORBA程序
yhb72的专栏
12-02 2118
CORBA被认为是企业级应用采取的技术,但发展到现在已经存在许多开源的CORBA软件,如Linux操作系统的桌面管理系统Gnome就是使用开源的ORBit开发。本文将介绍如何使用omniORBpyPython脚本语言来开发简单的CORBA程序,希望对大家理解和掌握CORBA技术有所帮助。>CORBA编程的基本概念>>对象请求代理ORB(Object Request Broker)与接口定义语言
GDB调试android 的lib.so的一些体会
qushaobo的专栏
07-21 885
首先是习惯了IDE界面,在gdb命令下真的不方便。gdb调试这前是用ndk-build编译。.so。用ndk-build编译编译时,在JNI的调用用中比如 public native String stringFromJNI(); 这个函数在代码编辑中会显示找不到的错误。 build就是了,不要管它。ndk-build和AS的容合没有CMAKE做的好。要写代码的自已保证名字参数的一致性,如非必要还...
评论
成就一亿技术人!
拼手气红包6.0元
还能输入1000个字符
 
红包 添加红包
表情包 插入表情
表情包 代码片
 条评论被折叠 查看
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值