Skip to content

AndroidGdbDebugging

Jump to bottom Edit New page
Kees Jongenburger edited this page May 5, 2011 · 11 revisions

Android gdb debugging

Android provides great development tools and make great use of the available Java tools (eclipse debugging , junit tests ). It also provide stack-traces in it’s log and tool to upload crashed to a central server. These tools will work for you most of the time but not always. To be able to debug SEGFAULTS and such it can be very handy to have a proper gdb setup in place. Android provide good support (but poor documentation on this).

The setup

 target file system                               host file system
    target process                    host files containing debugging symbols out/device/symbols out/device
       |                              (e.g. memory address to code line mapping)
debugging syscall (ptrace)                              |
       |                                                |
       |----Process to debug                            |
       |                                                |
    gdb server                        gdb with support for the target architecture.
       |                                                |
      Socket                                          Socket
       |                                                |
      adbd multiplex----------------------------adbd multiplex

debugging processes that are started by init

adb forward tcp:5039 tcp:5039
adb shell gdbserver :5039 \`pidof rild\` (Android 2.2) in Android 2.3 pidof was removed….

gdbclient rild

Sample debugging the system_server(2.3)

kejo@kejo-fakedistro:~$ adb forward tcp:5039 tcp:5039
kejo@kejo-fakedistro:~$ adb shell ps  | grep system_ | awk '{print $2}'
63
kejo@kejo-fakedistro:~$ adb shell gdbserver :5039 --attach 63
Attached; pid = 63
Listening on port 5039
Remote debugging from host 127.0.0.1
gdb: Unable to get location for thread creation breakpoint: requested event is not supported

Alternatively you can instruct the JVM to suspend a crashing process by calling “adb shell setprop debug.db.uid 32767” 
kejo@kejo-fakedistro:~/projects/android-gingerbread$ gdbclient 

If you haven't done so already, do this first on the device:
    gdbserver :5039 /system/bin/app_process
 or
    gdbserver :5039 --attach 

GNU gdb (GDB) 7.1-android-gg2
Copyright (C) 2010 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.  Type "show copying"
and "show warranty" for details.
This GDB was configured as "--host=x86_64-linux-gnu --target=arm-elf-linux".
For bug reporting instructions, please see:
<http://www.gnu.org/software/gdb/bugs/>...
Reading symbols from /home/kejo/projects/android-gingerbread/out/target/product/generic/symbols/system/bin/app_process...done.
BFD: /home/kejo/projects/android-gingerbread/out/target/product/generic/symbols/system/bin/linker: warning: sh_link not set for section `.ARM.exidx'
Error while mapping shared library sections:
gralloc.default.so: No such file or directory.
Error while mapping shared library sections:
libGLES_android.so: No such file or directory.
Error while mapping shared library sections:
sensors.goldfish.so: No such file or directory.
Error while mapping shared library sections:
gps.goldfish.so: No such file or directory.
__ioctl () at bionic/libc/arch-arm/syscalls/__ioctl.S:15
15      ldmfd   sp!, {r4, r7}
(gdb) bt
#0  __ioctl () at bionic/libc/arch-arm/syscalls/__ioctl.S:15
#1  0xafd25ca8 in ioctl (fd=-512, request=1) at bionic/libc/bionic/ioctl.c:41
#2  0x80419fd6 in android::IPCThreadState::talkWithDriver (this=0x8d900, 
    doReceive=<value optimized out>)
    at frameworks/base/libs/binder/IPCThreadState.cpp:791
#3  0x8041a990 in android::IPCThreadState::joinThreadPool (this=0x8d900, 
    isMain=<value optimized out>)
    at frameworks/base/libs/binder/IPCThreadState.cpp:446
#4  0x82f0169c in system_init ()
    at frameworks/base/cmds/system_server/library/system_init.cpp:112
#5  0x82e0a46a in android_server_SystemServer_init1 (env=0xfffffe00, 
    clazz=0xc0186201)
    at frameworks/base/services/jni/com_android_server_SystemServer.cpp:28
#6  0xaca11d38 in dvmPlatformInvoke () at dalvik/vm/arch/arm/CallEABI.S:243
#7  0xaca42f0e in dvmCallJNIMethod_general (args=<value optimized out>, 
    pResult=<value optimized out>, method=0x412883dc, self=0xce48)
    at dalvik/vm/Jni.c:1729
#8  0xaca3bace in dvmCheckCallJNIMethod_general (args=0xfffffe00, 
    pResult=0xc0186201, method=0xbeeaf358, self=0xbeeaf34c)
    at dalvik/vm/CheckJni.c:136
#9  0xaca16f98 in dalvik_mterp ()
    at dalvik/vm/mterp/out/InterpAsm-armv5te.S:10541
#10 0xaca1c0a0 in dvmMterpStd (self=<value optimized out>, glue=0xbeeaf500)
---Type <return> to continue, or q <return> to quit---q
 at dQuit
(gdb) detach
Ending remote debugging.
(gdb) quit

Debugging other processses

If you wan to debug other processes it is best to just run gdbclient
and set the file begin debugged using the file command

Parsing the log backtraces using addr2line

If you can not directly debug the progress you can to the following

1) Using addr2line to get a backtrace

If you get a backtrace in a log can convert the addresses back to source using addr2line

Apr 21 14:38:27 I/DEBUG   (  946):          #03  pc 0005946e  /system/lib/libdvm.so
. build/envsetup.sh
lunch mytarget-eng << change this
cd $OUT
arm-eabi-addr2line -fC -e symbols/system/lib/libdvm.so  0005946e
dvmInvokeMethod
/home/kejo/projects/android-gingerbread/dalvik/vm/interp/Stack.c:726
Add a custom footer
Add a custom sidebar

Clone this wiki locally