GDB
gdb安裝
brew update
brew install gdb
然后將gdbserver push到手機
cd /Users/chennan/Library/Android/sdk/ndk/21.3.6528147/prebuilt/android-arm/gdbserver
adb push gdbserver /data/local/tmp
chmod u+x gdbserver
./gdbserver :11678 ./hello
adb forward tcp:11678 tcp:11678
安裝gdb的插件gef
wget -q -O- https://github.com/hugsy/gef/raw/master/gef.sh | sh
初識Gef界面
使用到的指令
target remote localhost:11678
b main #給函數main下斷點
disassemble main #查看main函數匯編代碼
b *0xaaaaa3d4 #地址下斷點
info b 查看有哪些斷點,會顯示斷點類型
ni 單步步過
n 源碼層面步過
p/x *0xaaaaa3d4 #按照16進制打印地址的內容
首先給main函數位置打個斷點,
通過 disassemble main可以dump出main函數的匯編代碼
gef➤ b main
Breakpoint 1 at 0xaaaaa3e0
gef➤ disassemble main
Dump of assembler code for function main:
0xaaaaa3d4 <+0>: push {r11, lr}
0xaaaaa3d8 <+4>: mov r11, sp
0xaaaaa3dc <+8>: sub sp, sp, #24
0xaaaaa3e0 <+12>: mov r2, #0
0xaaaaa3e4 <+16>: str r2, [r11, #-4]
0xaaaaa3e8 <+20>: str r0, [r11, #-8]
0xaaaaa3ec <+24>: str r1, [sp, #12]
0xaaaaa3f0 <+28>: ldr r0, [pc, #32] ; 0xaaaaa418 <main+68>
0xaaaaa3f4 <+32>: add r0, pc, r0
0xaaaaa3f8 <+36>: str r2, [sp, #8]
0xaaaaa3fc <+40>: bl 0xaaaaa340 <printf@plt>
0xaaaaa400 <+44>: ldr r1, [sp, #8]
0xaaaaa404 <+48>: str r0, [sp, #4]
0xaaaaa408 <+52>: mov r0, r1
0xaaaaa40c <+56>: mov sp, r11
0xaaaaa410 <+60>: pop {r11, lr}
0xaaaaa414 <+64>: bx lr
0xaaaaa418 <+68>: andeq r0, r0, r8, lsr #32
End of assembler dump.
gef➤ b *0xaaaaa3d4 #地址下斷點的方式前面加*
Breakpoint 2 at 0xaaaaa3d4
gef➤ info b 查看有哪些斷點,會顯示斷點類型
Num Type Disp Enb Address What
1 breakpoint keep y 0xaaaaa3e0 <main+12>
2 breakpoint keep y 0xaaaaa3d4 <main>
gef➤ c 執行到斷點
注意觀察下圖變化
