GDB调试记录
2022-02-15 本文已影响0人
CurryCoder
# gdb attach 15343 # 调试某个进程
GNU gdb (GDB) 7.12
Copyright (C) 2016 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law. Type "show copying"
and "show warranty" for details.
This GDB was configured as "aarch64-unknown-linux-gnu".
Type "show configuration" for configuration details.
For bug reporting instructions, please see:
<http://www.gnu.org/software/gdb/bugs/>.
Find the GDB manual and other documentation resources online at:
<http://www.gnu.org/software/gdb/documentation/>.
For help, type "help".
Type "apropos word" to search for commands related to "word"...
attach: No such file or directory.
Attaching to process 15343
Reading symbols from /sbin/telnetd...done.
Reading symbols from /lib/libdl.so.2...done.
Reading symbols from /lib/libpthread.so.0...done.
warning: Unable to find libthread_db matching inferior's thread library, thread
debugging will not be available.
Reading symbols from /lib/libsystem.so...done.
Reading symbols from /lib/libipbase.so...done.
Reading symbols from /lib/libip6base.so...done.
Reading symbols from /lib/libdns.so...done.
Reading symbols from /lib/libcrypto.so...done.
Reading symbols from /lib/libcioctl.so...done.
Reading symbols from /lib/libutil.so.1...done.
Reading symbols from /lib/libline.so...done.
Reading symbols from /lib/libencrypt.so...done.
Reading symbols from /lib/libl3vpn.so...done.
Reading symbols from /lib/libtrange.so...done.
Reading symbols from /lib/libaclmgr.so...done.
Reading symbols from /lib/liblogin.so...done.
Reading symbols from /lib/libdombasic.so...done.
Reading symbols from /lib/libcryptoex.so...done.
Reading symbols from /lib/libtelnetd.so...done.
Reading symbols from /lib/libc.so.6...done.
Reading symbols from /lib/ld-linux-aarch64.so.1...done.
Reading symbols from /lib/libbitmap.so...done.
Reading symbols from /lib/libopencompat.so...done.
Reading symbols from /lib/libcli.so...done.
Reading symbols from /lib/libbdr.so...done.
Reading symbols from /lib/libaaatlv.so...done.
Reading symbols from /lib/libmor.so...done.
Reading symbols from /lib/libvsys_cn.so...done.
Reading symbols from /lib/libvsysbase.so...done.
warning: Unable to find libthread_db matching inferior's thread library, thread
debugging will not be available.
0x0000ffffa437f2e0 in __GI_epoll_pwait (epfd=<optimized out>,
events=0xffffe988a940, maxevents=16, timeout=-1, set=0x0)
at ../sysdeps/unix/sysv/linux/epoll_pwait.c:42
42 ../sysdeps/unix/sysv/linux/epoll_pwait.c: No such file or directory.
(gdb) set follow-fork-mode child # fork后继续调试子进程,而父进程不受影响
(gdb) b doit # 加断点
Breakpoint 1 at 0x40ee38: file telnet/tels/app/telnetd.c, line 357.
(gdb) c # 让暂停的程序继续运行程序
Continuing.
(gdb) n # next单步执行代码,不进入函数内部;而step才是真正的单步执行代码,进入函数内部
(gdb) info reg # 查看寄存器信息
x0 0x425a70 4348528
x1 0x425de8 4349416
x2 0xffffa43d0b08 281473437207304
x3 0x0 0
x4 0x8 8
x5 0x8080808080800000 -9187201950435770368
x6 0xfefefefefeff1f39 -72340172838068423
x7 0x7f7f7f7f7f7f7f7f 9187201950435737471
x8 0x101010101010101 72340172838076673
x9 0x38 56
x10 0x4f5e424aff524446 5719081466685703238
x11 0x7f7f7f7f7f7f7f7f 9187201950435737471
x12 0x101010101010101 72340172838076673
x13 0x0 0
x14 0x1 1
x15 0x20 32
x16 0x438a70 4426352
x17 0x3 3
x18 0x1 1
x19 0x425a70 4348528
x20 0x425de8 4349416
x21 0x0 0
x22 0x0 0
---Type <return> to continue, or q <return> to quit---q
Quit
(gdb) x/s $x2 # 显示内存$x2中的数据,以字符串的格式进行输出 0xffffa43d0b08: "Bad file
descriptor"
(gdb)x/3uh 0x54320 # 从地址0x54320开始,读取3个双字节(h),以十六进制方式显示(u)
(gdb) p iClientfd # 打印变量iClientfd的值
$1 = 13
# gdb /sbin/scmd # 手动启动scmd进程
GNU gdb (GDB) 7.12
Copyright (C) 2016 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law. Type "show copying"
and "show warranty" for details.
This GDB was configured as "aarch64-unknown-linux-gnu".
Type "show configuration" for configuration details.
For bug reporting instructions, please see:
<http://www.gnu.org/software/gdb/bugs/>.
Find the GDB manual and other documentation resources online at:
<http://www.gnu.org/software/gdb/documentation/>.
For help, type "help".
Type "apropos word" to search for commands related to "word"...
Reading symbols from /sbin/scmd...done.
(gdb) b main
Breakpoint 1 at 0x424f38: file scm/app/scmd.c, line 444.
(gdb) r
Starting program: /sbin/scmd
[tcsetpgrp failed in terminal_inferior: Inappropriate ioctl for device]
[tcsetpgrp failed in terminal_inferior: Invalid argument]
warning: Could not load shared library symbols for linux-vdso.so.1.
Do you need "set solib-search-path" or "set sysroot"?
[tcsetpgrp failed in terminal_inferior: Invalid argument]
warning: Unable to find libthread_db matching inferior's thread library, thread
debugging will not be available.
[tcsetpgrp failed in terminal_inferior: Invalid argument]
[tcsetpgrp failed in terminal_inferior: Invalid argument]
[tcsetpgrp failed in terminal_inferior: Invalid argument]
Breakpoint 1, main (argc=1, argv=0xfffffffffd28) at scm/app/scmd.c:444
444 scm/app/scmd.c: No such file or directory.
(gdb) b Msg_InnerEpEvent
Breakpoint 2 at 0x4162bc: file scm/app/scm_msg.c, line 518.
(gdb) b Msg_Write
Breakpoint 3 at 0x416918: file scm/app/scm_msg.c, line 962.
(gdb) c
Continuing.
(gdb) info b # 显示所有断点信息
Num Type Disp Enb Address What
1 breakpoint keep y 0x0000000000424f38 in main
at scm/app/scmd.c:444
breakpoint already hit 1 time
2 breakpoint keep y 0x00000000004162bc in Msg_InnerEpEvent
at scm/app/scm_msg.c:518
3 breakpoint keep y 0x0000000000416918 in Msg_Write
at scm/app/scm_msg.c:962
breakpoint already hit 1 time
(gdb) bt # 查看堆栈信息
#0 Msg_Write (enMsgType=SCM_SYSTEMEVENT_MSG, ulLen=260, pMsg=0xfffffffffaa8)
at scm/app/scm_msg.c:962
#1 0x0000000000416a44 in SCM_EmitSystemEvent (
enScmSysEvent=SCM_SYSTEM_STARTUP, pcEventPara=0x0)
at scm/app/scm_msg.c:1024
#2 0x0000000000424fec in main (argc=1, argv=0xfffffffffd28)
at scm/app/scmd.c:474
(gdb) n # 单步执行,不进入子函数内部
[tcsetpgrp failed in terminal_inferior: Invalid argument]
966 in scm/app/scm_msg.c
(gdb)
[tcsetpgrp failed in terminal_inferior: Invalid argument]
971 in scm/app/scm_msg.c
(gdb)
[tcsetpgrp failed in terminal_inferior: Invalid argument]
972 in scm/app/scm_msg.c
(gdb)
[tcsetpgrp failed in terminal_inferior: Invalid argument]
978 in scm/app/scm_msg.c
(gdb)
[tcsetpgrp failed in terminal_inferior: Invalid argument]
979 in scm/app/scm_msg.c
(gdb)
[tcsetpgrp failed in terminal_inferior: Invalid argument]
980 in scm/app/scm_msg.c
(gdb) info threads
Id Target Id Frame
* 1 process 8904 "scmd" Msg_Write (enMsgType=SCM_SYSTEMEVENT_MSG,
ulLen=260, pMsg=0xfffffffffaa8) at scm/app/scm_msg.c:980
(gdb) p iRet # 查看函数返回值
$1 = 65535
(gdb) info proc mappings # 查看内存分布
process 8904
Mapped address spaces:
Start Addr End Addr Size Offset objfile
0x400000 0x430000 0x30000 0x0 /sbin/scmd
0x430000 0x440000 0x10000 0x20000 /sbin/scmd
0x440000 0x4b0000 0x70000 0x0 [heap]
0xfffff7300000 0xfffff7310000 0x10000 0x0
0xfffff7310000 0xfffff7b00000 0x7f0000 0x0
0xfffff7b00000 0xfffff7b10000 0x10000 0x0 /lib/libvsysbase.s
o.0.0.0.9
0xfffff7b10000 0xfffff7b20000 0x10000 0x0 /lib/libvsysbase.s
o.0.0.0.9
0xfffff7b20000 0xfffff7b30000 0x10000 0x0 /lib/libvsys_cn.so
.0.0.0.6
0xfffff7b30000 0xfffff7b40000 0x10000 0x0 /lib/libvsys_cn.so
.0.0.0.6
0xfffff7b40000 0xfffff7c80000 0x140000 0x0 /lib/libc.so.6
0xfffff7c80000 0xfffff7c90000 0x10000 0x130000 /lib/libc.so.6
0xfffff7c90000 0xfffff7ca0000 0x10000 0x0
0xfffff7ca0000 0xfffff7cb0000 0x10000 0x0 /lib/libbitmap.so.
1.1.1.38
0xfffff7cb0000 0xfffff7cc0000 0x10000 0x0 /lib/libbitmap.so.1.1.1.38
0xfffff7cc0000 0xfffff7cd0000 0x10000 0x0 /lib/librtm.so.1.1
.1.154
0xfffff7cd0000 0xfffff7ce0000 0x10000 0x0 /lib/librtm.so.1.1
.1.154
0xfffff7ce0000 0xfffff7dc0000 0xe0000 0x0 /lib/libiconv.so.2
.6.0
0xfffff7dc0000 0xfffff7de0000 0x20000 0xd0000 /lib/libiconv.so.2
.6.0
0xfffff7de0000 0xfffff7df0000 0x10000 0x0 /lib/libcioctl.so.
1.1.1.19
0xfffff7df0000 0xfffff7e00000 0x10000 0x0 /lib/libcioctl.so.
1.1.1.19
0xfffff7e00000 0xfffff7eb0000 0xb0000 0x0 /lib/libsystem.so.
1.1.307.1
0xfffff7eb0000 0xfffff7ed0000 0x20000 0xa0000 /lib/libsystem.so.
1.1.307.1
0xfffff7ed0000 0xfffff7ef0000 0x20000 0x0
0xfffff7ef0000 0xfffff7f10000 0x20000 0x0 /lib/libpthread.so
.0
0xfffff7f10000 0xfffff7f20000 0x10000 0x10000 /lib/libpthread.so
.0
0xfffff7f20000 0xfffff7f80000 0x60000 0x0 /lib/libncurses.s
o.5
0xfffff7f80000 0xfffff7f90000 0x10000 0x50000 /lib/libncurses.so
.5
0xfffff7f90000 0xfffff7fa0000 0x10000 0x0 /lib/libdl.so.2
0xfffff7fa0000 0xfffff7fb0000 0x10000 0x0 /lib/libdl.so.2
0xfffff7fb0000 0xfffff7fc0000 0x10000 0x0 [vvar]
0xfffff7fc0000 0xfffff7fd0000 0x10000 0x0 [vdso]
0xfffff7fd0000 0xfffff7ff0000 0x20000 0x0 /lib/ld-linux-aarc
h64.so.1
0xfffff7ff0000 0xfffff8000000 0x10000 0x10000 /lib/ld-linux-aarc
h64.so.1
0xfffffffd0000 0x1000000000000 0x30000 0x0 [stack]
(gdb) x 0x004162ac
0x4162ac <Msg_InnerEpEvent>: 0xa9bc7bfd
(gdb) bt
#0 0x004162ac00000000 in ?? ()
#1 0x00000000004257fc in ScmMainThread () at scm/app/scmd.c:1000
#2 0x0000000000425004 in main (argc=1, argv=0xfffffffffd28)
at scm/app/scmd.c:484
(gdb) info locals
No symbol table info available.
(gdb) bt
#0 0x004162ac00000000 in ?? ()
#1 0x00000000004257fc in ScmMainThread () at scm/app/scmd.c:1000
#2 0x0000000000425004 in main (argc=1, argv=0xfffffffffd28)
at scm/app/scmd.c:484
(gdb) i r
x0 0x1 1
x1 0x1 1
x2 0x4162ac00000000 18404364360089600
x3 0x1 1
x4 0xfffff7ed28b0 281474841258160
x5 0xfffff7ed29b8 281474841258424
x6 0xffffffffd8ac 281474976700588
x7 0x0 0
x8 0x39 57
x9 0xfffff7f1b000 281474841554944
x10 0x101010101010101 72340172838076673
x11 0x2 2
x12 0xfffff7aff200 281474837246464
x13 0x0 0
x14 0x8 8
x15 0xfffff7ef0b5c 281474841381724
x16 0x0 0
x17 0xfffff7f00aa0 281474841447072
x18 0x0 0
x19 0x4275e8 4355560
x20 0x0 0
x21 0x0 0
x22 0x0 0
x23 0x0 0
x24 0x0 0
x25 0x0 0
x26 0x0 0
x27 0x0 0
x28 0x0 0
x29 0xfffffffffa50 281474976709200
x30 0x4257fc 4347900
sp 0xfffffffffa50 0xfffffffffa50
pc 0x4162ac00000000 0x4162ac00000000
cpsr 0x80000000 [ EL=0 N ]
fpsr 0x0 0
fpcr 0x0 0
(gdb) bt
#0 0x004162ac00000000 in ?? ()
#1 0x00000000004257fc in ScmMainThread () at scm/app/scmd.c:1000
#2 0x0000000000425004 in main (argc=1, argv=0xfffffffffd28)
at scm/app/scmd.c:484
(gdb) p $pc = 0x00000000004162ac
$4 = (void (*)()) 0x4162ac <Msg_InnerEpEvent>
(gdb) bt
#0 Msg_InnerEpEvent (uiEvent=0, iFd=0) at scm/app/scm_msg.c:517
#1 0x00000000004257fc in ScmMainThread () at scm/app/scmd.c:1000
#2 0x0000000000425004 in main (argc=1, argv=0xfffffffffd28)
at scm/app/scmd.c:484
(gdb) info locals
aiPipeFd = {0, 0}
ulErrCode = 4347704
iRecvLen = 0
chTmp = 0 '\000'
__FUNCTION__ = "Msg_InnerEpEvent"
(gdb) bt
#0 Msg_InnerEpEvent (uiEvent=0, iFd=0) at scm/app/scm_msg.c:517
#1 0x00000000004257fc in ScmMainThread () at scm/app/scmd.c:1000
#2 0x0000000000425004 in main (argc=1, argv=0xfffffffffd28)
at scm/app/scmd.c:484
(gdb) i r
x0 0x1 1
x1 0x1 1
x2 0x4162ac00000000 18404364360089600
x3 0x1 1
x4 0xfffff7ed28b0 281474841258160
x5 0xfffff7ed29b8 281474841258424
x6 0xffffffffd8ac 281474976700588
x7 0x0 0
x8 0x39 57
x9 0xfffff7f1b000 281474841554944
x10 0x101010101010101 72340172838076673
x11 0x2 2
x12 0xfffff7aff200 281474837246464
x13 0x0 0
x14 0x8 8
x15 0xfffff7ef0b5c 281474841381724
x16 0x0 0
x17 0xfffff7f00aa0 281474841447072
x18 0x0 0
x19 0x4275e8 4355560
x20 0x0 0
x21 0x0 0
x22 0x0 0
x23 0x0 0
x24 0x0 0
x25 0x0 0
x26 0x0 0
x27 0x0 0
x28 0x0 0
x29 0xfffffffffa50 281474976709200
x30 0x4257fc 4347900
sp 0xfffffffffa50 0xfffffffffa50
pc 0x4162ac 0x4162ac <Msg_InnerEpEvent>
cpsr 0x80000000 [ EL=0 N ]
fpsr 0x0 0
fpcr 0x0 0
(gdb) x/100x $sp
0xfffffffffa50: 0xfffffbb0 0x0000ffff 0x00425004 0x00000000
0xfffffffffa60: 0x00000001 0x00000000 0x00000000 0x0041c570
0xfffffffffa70: 0x00000000 0x00000001 0x00000001 0x00000000
0xfffffffffa80: 0x00000000 0x004162ac 0x00000000 0x00000000
0xfffffffffa90: 0x00000000 0x00000000 0x00000000 0x00000000
0xfffffffffaa0: 0x00000000 0x00000000 0x00000000 0x00000000
0xfffffffffab0: 0x00000000 0x00000000 0x00000000 0x00000000
0xfffffffffac0: 0x00000000 0x00000000 0x00000000 0x00000000
0xfffffffffad0: 0x00000000 0x00000000 0x00000000 0x00000000
0xfffffffffae0: 0x00000000 0x00000000 0x00000000 0x00000000
0xfffffffffaf0: 0x00000000 0x00000000 0x00000000 0x00000000
0xfffffffffb00: 0x00000000 0x00000000 0x00000000 0x00000000
0xfffffffffb10: 0x00000000 0x00000000 0x00000000 0x00000000
0xfffffffffb20: 0x00000000 0x00000000 0x00000000 0x00000000
0xfffffffffb30: 0x00000000 0x00000000 0x00000000 0x00000000
0xfffffffffb40: 0x00000000 0x00000000 0x00000000 0x00000000
0xfffffffffb50: 0x00000000 0x00000000 0x00000000 0x00000000
0xfffffffffb60: 0x00000000 0x00000000 0x00000000 0x00000000
0xfffffffffb70: 0x00000000 0x00000000 0x00000000 0x00000000
0xfffffffffb80: 0x00000000 0x00000000 0x00000000 0x00000000
0xfffffffffb90: 0x00000000 0x00000000 0x00000000 0x00000000
0xfffffffffba0: 0x00000000 0x004162ac 0x00000002 0x00000001
0xfffffffffbb0: 0xfffffbe0 0x0000ffff 0xf7b600e4 0x0000ffff
0xfffffffffbc0: 0xfffffd28 0x0000ffff 0xf7b600a8 0x00000001
0xfffffffffbd0: 0x004275e8 0x00000000 0x00000000 0x00000000
(gdb)
(gdb) disassemble ScmMainThread # 反汇编命令
Dump of assembler code for function ScmMainThread:
0x00000000004256fc <+0>: stp x29, x30, [sp,#-352]!
0x0000000000425700 <+4>: mov x29, sp
0x0000000000425704 <+8>: add x0, x29, #0x10
0x0000000000425708 <+12>: mov x2, #0x140 // #320
0x000000000042570c <+16>: mov w1, #0x0 // #0
0x0000000000425710 <+20>: bl 0x407330 <memset@plt>
0x0000000000425714 <+24>: bl 0x407aa0 <__errno_location@plt>
0x0000000000425718 <+28>: str wzr, [x0]
0x000000000042571c <+32>: adrp x0, 0x43c000 <g_astSCM_ServiceSrciptKey
+176>
0x0000000000425720 <+36>: add x0, x0, #0xa98
0x0000000000425724 <+40>: ldr w0, [x0]
0x0000000000425728 <+44>: add x1, x29, #0x10
0x000000000042572c <+48>: mov w3, #0xffffffff // #-1
0x0000000000425730 <+52>: mov w2, #0x10 // #16
0x0000000000425734 <+56>: bl 0x407410 <epoll_wait@plt>
0x0000000000425738 <+60>: str w0, [x29,#344]
0x000000000042573c <+64>: ldr w0, [x29,#344]
0x0000000000425740 <+68>: cmp w0, wzr
0x0000000000425744 <+72>: b.ge 0x425778 <ScmMainThread+124>
0x0000000000425748 <+76>: bl 0x407aa0 <__errno_location@plt>
(gdb) x/1000x $sp
0xfffffffffa50: 0xfffffbb0 0x0000ffff 0x00425004 0x00000000
0xfffffffffa60: 0x00000001 0x00000000 0x00000000 0x0041c570
0xfffffffffa70: 0x00000000 0x00000001 0x00000001 0x00000000
0xfffffffffa80: 0x00000000 0x004162ac 0x00000000 0x00000000
0xfffffffffa90: 0x00000000 0x00000000 0x00000000 0x00000000
0xfffffffffaa0: 0x00000000 0x00000000 0x00000000 0x00000000
0xfffffffffab0: 0x00000000 0x00000000 0x00000000 0x00000000
0xfffffffffac0: 0x00000000 0x00000000 0x00000000 0x00000000
0xfffffffffad0: 0x00000000 0x00000000 0x00000000 0x00000000
0xfffffffffae0: 0x00000000 0x00000000 0x00000000 0x00000000
0xfffffffffaf0: 0x00000000 0x00000000 0x00000000 0x00000000
0xfffffffffb00: 0x00000000 0x00000000 0x00000000 0x00000000
0xfffffffffb10: 0x00000000 0x00000000 0x00000000 0x00000000
0xfffffffffb20: 0x00000000 0x00000000 0x00000000 0x00000000
0xfffffffffb30: 0x00000000 0x00000000 0x00000000 0x00000000
0xfffffffffb40: 0x00000000 0x00000000 0x00000000 0x00000000
0xfffffffffb50: 0x00000000 0x00000000 0x00000000 0x00000000
0xfffffffffb60: 0x00000000 0x00000000 0x00000000 0x00000000
0xfffffffffb70: 0x00000000 0x00000000 0x00000000 0x00000000
0xfffffffffb80: 0x00000000 0x00000000 0x00000000 0x00000000
0xfffffffffb90: 0x00000000 0x00000000 0x00000000 0x00000000
0xfffffffffba0: 0x00000000 0x004162ac 0x00000002 0x00000001
0xfffffffffbb0: 0xfffffbe0 0x0000ffff 0xf7b600e4 0x0000ffff
0xfffffffffbc0: 0xfffffd28 0x0000ffff 0xf7b600a8 0x00000001
0xfffffffffbd0: 0x004275e8 0x00000000 0x00000000 0x00000000
0xfffffffffbe0: 0x00000000 0x00000000 0x00407c68 0x00000000
0xfffffffffbf0: 0x00000000 0x00000000 0x00000000 0x00000000
0xfffffffffc00: 0x00407c40 0x00000000 0x00000000 0x00000000
0xfffffffffc10: 0x00000000 0x00000000 0x00000000 0x00000000
0xfffffffffc20: 0x00407c40 0x00000000 0x00424f28 0x00000000
0xfffffffffc30: 0xfffffc70 0x00000001 0xfffffd28 0x0000ffff
0xfffffffffc40: 0x00000003 0x00000000 0x004275e8 0x00000000
0xfffffffffc50: 0x00000000 0x00000000 0x00000000 0x00000000
0xfffffffffc60: 0x00000000 0x00000000 0x00000000 0x00000000
0xfffffffffc70: 0x00000000 0x00000000 0x00000000 0x00000000
0xfffffffffc80: 0x00000000 0x00000000 0x00000000 0x00000000
0xfffffffffc90: 0x00000000 0x00000000 0xfffffbe0 0x0000ffff
0xfffffffffca0: 0xf2f34c3d 0x048b664c 0x6f732e63 0x4700362e
0xfffffffffcb0: 0xfabab775 0x048b664c 0x00000000 0x00000000
0xfffffffffcc0: 0x00000000 0x00000000 0x00000000 0x00000000
0xfffffffffcd0: 0x00000000 0x00000000 0x00000000 0x00000000
0xfffffffffce0: 0x00000000 0x00000000 0x00000000 0x00000000
0xfffffffffcf0: 0x00000000 0x00000000 0x00000000 0x00000000
0xfffffffffd00: 0x00000000 0x00000000 0x00000000 0x00000000
0xfffffffffd10: 0x0043b618 0x00000000 0x00407c68 0x00000000
0xfffffffffd20: 0x00000001 0x00000000 0xffffff1c 0x0000ffff
0xfffffffffd30: 0x00000000 0x00000000 0xffffff27 0x0000ffff
0xfffffffffd40: 0xffffff3d 0x0000ffff 0xffffff44 0x0000ffff
0xfffffffffd50: 0xffffff59 0x0000ffff 0xffffff64 0x0000ffff
0xfffffffffd60: 0xffffff6f 0x0000ffff 0xffffff7e 0x0000ffff
0xfffffffffd70: 0xffffff97 0x0000ffff 0xffffffaa 0x0000ffff
0xfffffffffd80: 0xffffffc0 0x0000ffff 0xffffffd0 0x0000ffff
0xfffffffffd90: 0xffffffd6 0x0000ffff 0xffffffdf 0x0000ffff
0xfffffffffda0: 0x00000000 0x00000000 0x00000021 0x00000000
0xfffffffffdb0: 0xf7fc0000 0x0000ffff 0x00000033 0x00000000
0xfffffffffdc0: 0x00001270 0x00000000 0x00000010 0x00000000
0xfffffffffdd0: 0x000119fb 0x00000000 0x00000006 0x00000000
0xfffffffffde0: 0x00010000 0x00000000 0x00000011 0x00000000
0xfffffffffdf0: 0x00000064 0x00000000 0x00000003 0x00000000
0xfffffffffe00: 0x00400040 0x00000000 0x00000004 0x00000000
0xfffffffffe10: 0x00000038 0x00000000 0x00000005 0x00000000
0xfffffffffe20: 0x00000007 0x00000000 0x00000007 0x00000000
0xfffffffffe30: 0xf7fd0000 0x0000ffff 0x00000008 0x00000000
0xfffffffffe40: 0x00000000 0x00000000 0x00000009 0x00000000
0xfffffffffe50: 0x00407c40 0x00000000 0x0000000b 0x00000000
0xfffffffffe60: 0x00000000 0x00000000 0x0000000c 0x00000000
0xfffffffffe70: 0x00000000 0x00000000 0x0000000d 0x00000000
0xfffffffffe80: 0x00000000 0x00000000 0x0000000e 0x00000000
0xfffffffffe90: 0x00000000 0x00000000 0x00000017 0x00000000
0xfffffffffea0: 0x00000000 0x00000000 0x00000019 0x00000000
0xfffffffffeb0: 0xfffffef8 0x0000ffff 0x0000001a 0x00000000
0xfffffffffec0: 0x00000000 0x00000000 0x0000001f 0x00000000
0xfffffffffed0: 0xffffffed 0x0000ffff 0x0000000f 0x00000000
0xfffffffffee0: 0xffffff08 0x0000ffff 0x00000000 0x00000000
0xfffffffffef0: 0x00000000 0x00000000 0x297be10c 0xe9eeb8a0
0xffffffffff00: 0x05454c95 0x048b99b3 0x63726161 0x00343668
0xffffffffff10: 0x00000000 0x00000000 0x00000000 0x6962732f
0xffffffffff20: 0x63732f6e 0x7300646d 0x73616c66 0x726e5f68
0xffffffffff30: 0x6365735f 0x73726f74 0x3030313d 0x4d4f4800
0xffffffffff40: 0x002f3d45 0x616c6673 0x705f6873 0x5f656761
0xffffffffff50: 0x657a6973 0x3030313d 0x4c4f4300 0x534e4d55
0xffffffffff60: 0x0030383d 0x4d524554 0x6e696c3d 0x73007875
0xffffffffff70: 0x73616c66 0x6c665f68 0x3d736761 0x66730030
0xffffffffff80: 0x6873616c 0x6365735f 0x5f726f74 0x657a6973
0xffffffffff90: 0x3030313d 0x64003030 0x6c646165 0x5f706f6f
0xffffffffffa0: 0x6f626572 0x6f3d746f 0x676b006e 0x636f6264
0xffffffffffb0: 0x7974743d 0x30414d41 0x3531312c 0x00303032
0xffffffffffc0: 0x5f646363 0x5f696d6e 0x696e6170 0x00303d63
0xffffffffffd0: 0x3d445750 0x494c002f 0x3d53454e 0x6d003432
0xffffffffffe0: 0x646d7861 0x363d7363 0x35333535 0x62732f00
0xfffffffffff0: 0x732f6e69 0x00646d63 0x00000000 0x00000000
0x1000000000000: Cannot access memory at address 0x1000000000000
(gdb)disassemble
Dump of assembler code for function Msg_InnerEpEvent:
=> 0x00000000004162ac <+0>: stp x29, x30, [sp,#-64]!
0x00000000004162b0 <+4>: mov x29, sp
0x00000000004162b4 <+8>: str w0, [x29,#28]
0x00000000004162b8 <+12>: str w1, [x29,#24]
0x00000000004162bc <+16>: mov w0, #0xffffffff // #-1
0x00000000004162c0 <+20>: str w0, [x29,#40]
0x00000000004162c4 <+24>: mov w0, #0xffffffff // #-1
0x00000000004162c8 <+28>: str w0, [x29,#44]
0x00000000004162cc <+32>: str xzr, [x29,#56]
0x00000000004162d0 <+36>: adrp x0, 0x43b000
0x00000000004162d4 <+40>: add x0, x0, #0xf40
0x00000000004162d8 <+44>: ldr w1, [x0]
0x00000000004162dc <+48>: ldr w0, [x29,#24]
0x00000000004162e0 <+52>: cmp w1, w0
0x00000000004162e4 <+56>: cset w0, ne
0x00000000004162e8 <+60>: uxtb w0, w0
0x00000000004162ec <+64>: uxtb w0, w0
0x00000000004162f0 <+68>: cmp x0, xzr
0x00000000004162f4 <+72>: b.eq 0x416314 <Msg_InnerEpEvent+104>
0x00000000004162f8 <+76>: adrp x0, 0x428000 <__FUNCTION__.8931>
0x00000000004162fc <+80>: add x1, x0, #0xd20
0x0000000000416300 <+84>: adrp x0, 0x428000 <__FUNCTION__.8931>
---Type <return> to continue, or q <return> to quit---
0x0000000000416304 <+88>: add x0, x0, #0xc38
0x0000000000416308 <+92>: mov x2, x1
0x000000000041630c <+96>: mov w1, #0x20b // #523
0x0000000000416310 <+100>: bl 0x407000 <AssertHandler@plt>
0x0000000000416314 <+104>: ldr w0, [x29,#28]
0x0000000000416318 <+108>: and w0, w0, #0x1
0x000000000041631c <+112>: cmp w0, wzr
0x0000000000416320 <+116>: b.eq 0x41634c <Msg_InnerEpEvent+160>
0x0000000000416324 <+120>: add x0, x29, #0x27
0x0000000000416328 <+124>: mov x2, #0x1 // #1
0x000000000041632c <+128>: mov x1, x0
0x0000000000416330 <+132>: ldr w0, [x29,#24]
0x0000000000416334 <+136>: bl 0x4078c0 <read@plt>
0x0000000000416338 <+140>: str w0, [x29,#52]
0x000000000041633c <+144>: ldr w0, [x29,#52]
0x0000000000416340 <+148>: cmp w0, wzr
0x0000000000416344 <+152>: b.gt 0x416324 <Msg_InnerEpEvent+120>
0x0000000000416348 <+156>: bl 0x4164c4 <Msg_HandleInnerMsg>
0x000000000041634c <+160>: ldr w0, [x29,#28]
0x0000000000416350 <+164>: and x0, x0, #0x18
0x0000000000416354 <+168>: cmp x0, xzr
0x0000000000416358 <+172>: b.eq 0x416434 <Msg_InnerEpEvent+392>
---Type <return> to continue, or q <return> to quit---
0x000000000041635c <+176>: adrp x0, 0x428000 <__FUNCTION__.8931>
0x0000000000416360 <+180>: add x1, x0, #0xc58
0x0000000000416364 <+184>: adrp x0, 0x428000 <__FUNCTION__.8931>
0x0000000000416368 <+188>: add x0, x0, #0xb98
0x000000000041636c <+192>: mov x2, x1
0x0000000000416370 <+196>: mov x1, x0
0x0000000000416374 <+200>: mov w0, #0x4 // #4
0x0000000000416378 <+204>: bl 0x413184 <SCM_Log>
0x000000000041637c <+208>: ldr w3, [x29,#24]
0x0000000000416380 <+212>: mov x2, #0x0 // #0
0x0000000000416384 <+216>: mov w1, #0x2 // #2
0x0000000000416388 <+220>: ldr w0, [x29,#24]
0x000000000041638c <+224>: bl 0x427420 <SCM_Epctl>
0x0000000000416390 <+228>: adrp x0, 0x43b000
0x0000000000416394 <+232>: add x0, x0, #0xf40
0x0000000000416398 <+236>: bl 0x415f30 <Msg_ClosePipe>
0x000000000041639c <+240>: add x0, x29, #0x28
0x00000000004163a0 <+244>: bl 0x415ebc <Msg_InitPipe>
0x00000000004163a4 <+248>: str x0, [x29,#56]
0x00000000004163a8 <+252>: ldr x0, [x29,#56]
0x00000000004163ac <+256>: cmp x0, xzr
0x00000000004163b0 <+260>: b.ne 0x4163dc <Msg_InnerEpEvent+304>
0x00000000004163b4 <+264>: ldr w4, [x29,#40]
0x00000000004163b8 <+268>: ldr w1, [x29,#40]
0x00000000004163bc <+272>: adrp x0, 0x416000 <Msg_ExitInnerMsgList+44>
0x00000000004163c0 <+276>: add x0, x0, #0x2ac
0x00000000004163c4 <+280>: mov w3, w1
0x00000000004163c8 <+284>: mov x2, x0
0x00000000004163cc <+288>: mov w1, #0x1 // #1
0x00000000004163d0 <+292>: mov w0, w4
0x00000000004163d4 <+296>: bl 0x427420 <SCM_Epctl>
0x00000000004163d8 <+300>: str x0, [x29,#56]
0x00000000004163dc <+304>: ldr x0, [x29,#56]
0x00000000004163e0 <+308>: cmp x0, xzr
0x00000000004163e4 <+312>: b.ne 0x41640c <Msg_InnerEpEvent+352>
0x00000000004163e8 <+316>: ldr w1, [x29,#40]
0x00000000004163ec <+320>: adrp x0, 0x43b000
0x00000000004163f0 <+324>: add x0, x0, #0xf40
0x00000000004163f4 <+328>: str w1, [x0]
0x00000000004163f8 <+332>: ldr w1, [x29,#44]
0x00000000004163fc <+336>: adrp x0, 0x43b000
0x0000000000416400 <+340>: add x0, x0, #0xf40
0x0000000000416404 <+344>: str w1, [x0,#4]
0x0000000000416408 <+348>: b 0x416434 <Msg_InnerEpEvent+392>
0x000000000041640c <+352>: add x0, x29, #0x28
0x0000000000416410 <+356>: bl 0x415f30 <Msg_ClosePipe>
0x0000000000416414 <+360>: adrp x0, 0x428000 <__FUNCTION__.8931>
0x0000000000416418 <+364>: add x1, x0, #0xc80
0x000000000041641c <+368>: adrp x0, 0x428000 <__FUNCTION__.8931>
0x0000000000416420 <+372>: add x0, x0, #0xb98
0x0000000000416424 <+376>: mov x2, x1
0x0000000000416428 <+380>: mov x1, x0
0x000000000041642c <+384>: mov w0, #0x2 // #2
0x0000000000416430 <+388>: bl 0x413184 <SCM_Log>
0x0000000000416434 <+392>: mov x0, #0x0 // #0
0x0000000000416438 <+396>: ldp x29, x30, [sp],#64
0x000000000041643c <+400>: ret
End of assembler dump.
(gdb) disassemble ScmMainThread
Dump of assembler code for function ScmMainThread:
0x00000000004256fc <+0>: stp x29, x30, [sp,#-352]!
0x0000000000425700 <+4>: mov x29, sp
0x0000000000425704 <+8>: add x0, x29, #0x10
0x0000000000425708 <+12>: mov x2, #0x140 // #320
0x000000000042570c <+16>: mov w1, #0x0 // #0
0x0000000000425710 <+20>: bl 0x407330 <memset@plt>
0x0000000000425714 <+24>: bl 0x407aa0 <__errno_location@plt>
0x0000000000425718 <+28>: str wzr, [x0]
0x000000000042571c <+32>: adrp x0, 0x43c000 <g_astSCM_ServiceSrciptKey
+176>
0x0000000000425720 <+36>: add x0, x0, #0xa98
0x0000000000425724 <+40>: ldr w0, [x0]
0x0000000000425728 <+44>: add x1, x29, #0x10
0x000000000042572c <+48>: mov w3, #0xffffffff // #-1
0x0000000000425730 <+52>: mov w2, #0x10 // #16
0x0000000000425734 <+56>: bl 0x407410 <epoll_wait@plt>
0x0000000000425738 <+60>: str w0, [x29,#344]
0x000000000042573c <+64>: ldr w0, [x29,#344]
0x0000000000425740 <+68>: cmp w0, wzr
0x0000000000425744 <+72>: b.ge 0x425778 <ScmMainThread+124>
0x0000000000425748 <+76>: bl 0x407aa0 <__errno_location@plt>
0x000000000042574c <+80>: ldr w0, [x0]
0x0000000000425750 <+84>: cmp w0, #0x4
0x0000000000425754 <+88>: b.eq 0x42581c <ScmMainThread+288>
0x0000000000425758 <+92>: adrp x0, 0x42a000
0x000000000042575c <+96>: add x1, x0, #0xef0
0x0000000000425760 <+100>: adrp x0, 0x42a000
0x0000000000425764 <+104>: add x0, x0, #0x758
0x0000000000425768 <+108>: mov x2, x1
0x000000000042576c <+112>: mov w1, #0x3df // #991
0x0000000000425770 <+116>: bl 0x407000 <AssertHandler@plt>
0x0000000000425774 <+120>: b 0x42581c <ScmMainThread+288>
0x0000000000425778 <+124>: str wzr, [x29,#348]
0x000000000042577c <+128>: b 0x425808 <ScmMainThread+268>
0x0000000000425780 <+132>: ldrsw x0, [x29,#348]
0x0000000000425784 <+136>: lsl x0, x0, #2
0x0000000000425788 <+140>: lsl x1, x0, #2
0x000000000042578c <+144>: add x0, x0, x1
0x0000000000425790 <+148>: add x1, x29, #0x160
0x0000000000425794 <+152>: add x0, x1, x0
0x0000000000425798 <+156>: sub x0, x0, #0x1, lsl #12
0x000000000042579c <+160>: add x0, x0, #0xe00
0x00000000004257a0 <+164>: ldur x0, [x0,#188]
0x00000000004257a4 <+168>: str x0, [x29,#336]
0x00000000004257a8 <+172>: ldrsw x0, [x29,#348]
0x00000000004257ac <+176>: lsl x0, x0, #2
0x00000000004257b0 <+180>: lsl x1, x0, #2
0x00000000004257b4 <+184>: add x0, x0, x1
0x00000000004257b8 <+188>: add x1, x29, #0x160
0x00000000004257bc <+192>: add x0, x1, x0
0x00000000004257c0 <+196>: sub x0, x0, #0x1, lsl #12
0x00000000004257c4 <+200>: ldr w3, [x0,#3760]
0x00000000004257c8 <+204>: ldrsw x0, [x29,#348]
0x00000000004257cc <+208>: lsl x0, x0, #2
0x00000000004257d0 <+212>: lsl x1, x0, #2
0x00000000004257d4 <+216>: add x0, x0, x1
0x00000000004257d8 <+220>: add x1, x29, #0x160
0x00000000004257dc <+224>: add x0, x1, x0
0x00000000004257e0 <+228>: sub x0, x0, #0x1, lsl #12
0x00000000004257e4 <+232>: ldr w0, [x0,#3764]
0x00000000004257e8 <+236>: sxtw x0, w0
0x00000000004257ec <+240>: ldr x2, [x29,#336]
0x00000000004257f0 <+244>: mov x1, x0
0x00000000004257f4 <+248>: mov w0, w3
0x00000000004257f8 <+252>: blr x2
0x00000000004257fc <+256>: ldr w0, [x29,#348]
0x0000000000425800 <+260>: add w0, w0, #0x1
0x0000000000425804 <+264>: str w0, [x29,#348]
0x0000000000425808 <+268>: ldr w1, [x29,#348]
0x000000000042580c <+272>: ldr w0, [x29,#344]
0x0000000000425810 <+276>: cmp w1, w0
0x0000000000425814 <+280>: b.lt 0x425780 <ScmMainThread+132>
0x0000000000425818 <+284>: b 0x425714 <ScmMainThread+24>
0x000000000042581c <+288>: nop
0x0000000000425820 <+292>: b 0x425714 <ScmMainThread+24>
End of assembler dump.
(gdb) q
A debugging session is active.
Inferior 1 [process 8904] will be killed.
Quit anyway? (y or n) y
