目标:
gdbserver --wrapper env "LD_PRELOAD=/test.so" -- :1234 /bin/true
调试器:
# gdb-multiarch -ex 'set arc arm' -ex 'target remote :1234'
...
For help, type "help".
Type "apropos word" to search for commands related to "word".
The target architecture is set to "arm".
Remote debugging using :1234
Reading /bin/busybox.nosuid from remote target...
warning: File transfers from remote targets can be slow. Use "set sysroot" to access files locally instead.
Reading /bin/busybox.nosuid from remote target...
Reading symbols from target:/bin/busybox.nosuid...
Reading /bin/.debug/busybox.nosuid from remote target...
Reading /usr/lib/debug//bin/busybox.nosuid from remote target...
Reading /usr/lib/debug/bin//busybox.nosuid from remote target...
Reading target:/usr/lib/debug/bin//busybox.nosuid from remote target...
(No debugging symbols found in target:/bin/busybox.nosuid)
Reading /lib/ld-linux.so.3 from remote target...
Reading /lib/ld-linux.so.3 from remote target...
Reading symbols from target:/lib/ld-linux.so.3...
Reading /lib/ld-2.27.so from remote target...
Reading /lib/.debug/ld-2.27.so from remote target...
Reading /usr/lib/debug//lib/ld-2.27.so from remote target...
Reading /usr/lib/debug/lib//ld-2.27.so from remote target...
Reading target:/usr/lib/debug/lib//ld-2.27.so from remote target...
(No debugging symbols found in target:/lib/ld-linux.so.3)
0x4a490ba0 in ?? () from target:/lib/ld-linux.so.3
(gdb) info sharedlibrary
From To Syms Read Shared Object Library
0x4a4909f0 0x4a4ab644 Yes (*) target:/lib/ld-linux.so.3
(*): Shared library is missing debugging information.
(gdb) b __read
Function "__read" not defined.
Make breakpoint pending on future shared library load? (y or [n]) y
Breakpoint 1 (__read) pending.
(gdb) c
Continuing.
Reading /lib/libc.so.6 from remote target...
Reading /run/test.so from remote target...
Reading /lib/libc-2.27.so from remote target...
Reading /lib/.debug/libc-2.27.so from remote target...
Reading /usr/lib/debug//lib/libc-2.27.so from remote target...
Reading /usr/lib/debug/lib//libc-2.27.so from remote target...
Reading target:/usr/lib/debug/lib//libc-2.27.so from remote target...
Program received signal SIGSEGV, Segmentation fault.
0x00000000 in ?? ()
(gdb) info b
Num Type Disp Enb Address What
1 breakpoint keep y <PENDING> __read+10
libc 和 /bin/true 被删除。
第一次启动 gdb 时,libc 似乎没有加载。因此,libc 的特定地址(按名称+偏移量)不会发生中断。我应该怎么办?
(gdb) b *0x4a5174e0
Breakpoint 1 at 0x4a5174e0
(gdb) c
Continuing.
Warning:
Cannot insert breakpoint 1.
Cannot access memory at address 0x4a5174e0
Command aborted.
如果在加载之前在地址上打断,它甚至不会运行。