1

I compiled goldfish kernel with:

 [ ] Optimize for size,
 [*] Kernel hacking 
     [*] Compile the kernel with debug info 
     [*] KGDB: kernel debugging with remote gdb —>      
     [*] Enable dynamic printk() call support

I started the AVD with the compiled kernel.

emulator -kernel goldfish/arch/arm/boot/zImage -avd TestAVD

I pushed a compiled c program onto AVD.

And I downloaded the libs (I'm not sure if it's the proper way)

adb pull /system/lib ./debuginfo/lib
adb pull /system/bin/linker ./debuginfo/lib

run gdbserver:

gdbserver 127.0.0.1:7777 ./a

forward port:

adb forward tcp:7777 tcp:7777

run gdb

gdb-multiarch ./a

specify the search directory:

set solib-search-path ./debuginfo/lib

connect to device

target remote :7777

I breaked at, for example, close.

0xaf0ae228 in close () from /home/wuyihao/android_sec/debuginfo/lib/libc.so
1: x/i $pc
=> 0xaf0ae228 <close+8>:        svc     0x00000000
(gdb) list
No symbol table is loaded.  Use the "file" command.

I couln'd get the source. So I tried to recompile the kernel with variable CFLAG="-g"

Nothing different.

Thank you!

ps: I noticed the downloaded libs are all stripped.

Donald Wu
  • 107
  • 1
  • 9

1 Answers1

1

libc.so is not the Linux kernel. It is C standard library.

It is extremely unlikely you'll need to look for a problem there. If your close() call doesn't work, it's almost certain something is wrong with you using it, not its implementation.

Oleksandr Kravchuk
  • 5,963
  • 1
  • 20
  • 31
  • Thanks Kravchuk! I look into it not because something is wrong, but because I am debugging a CVE PoC program. It's not part of kernel. Can you give me some advice on how to get DWARF of /system/lib/ libraries? – Donald Wu Jul 13 '16 at 08:57
  • I want to set a break point at inet_dgram_disconnect. But, I can't go straight into kernel, can I? – Donald Wu Jul 13 '16 at 09:35
  • @吴一昊 No, you cannot just into the kernel space; you need to use kgdb instead. – Oleksandr Kravchuk Jul 13 '16 at 10:16
  • @吴一昊 If you need to debug kernel -- the best option probably is to use JTAG debugger. With it you can add breakpoint in kernel code, and JTAG will stop CPU at that line for you, so you can investigate registers, variables, stack, etc. – Sam Protsenko Jul 13 '16 at 10:29
  • 1
    @OleksandrKravchuk Thank you! It works, though I struggled for quite a while because of the mismatch of gdbsever and gdb versions. – Donald Wu Jul 13 '16 at 16:36
  • 1
    @SamProtsenko I found JTAG is usually used in real machines (If I'm right). So I decide to put it aside. When I need to debug real machine, I will come back to it. Thanks, Sam. – Donald Wu Jul 13 '16 at 16:40