How to set earliest possible breakpoint

2019-01-25 20:06发布

问题:

I'm trying to stop right after the module is loaded in gdb. Let's assume that the binary is completely stripped out of all symbol informations, so there's no main.

Ideally I'd set the breakpoint on the entry point, but that idea breaks down due to relocations:

(gdb) info target
Symbols from "./application".
Local exec file:
    `./application', file type elf64-x86-64.
    Entry point: 0xc154
...
(gdb) break *0xc154
Breakpoint 1 at 0xc154
(gdb) r
Starting program: ./application 
Warning:
Cannot insert breakpoint 1.
Error accessing memory address 0xc154: Input/output error.

(gdb) info target
Symbols from "./application".
Unix child process:
    Using the running image of child process 22835.
    While running this, GDB does not access memory from...
Local exec file:
    `./application', file type elf64-x86-64.
    Entry point: 0x555555560154

Even though that kind-of works (I could set a new breakpoint on the new address and disable the original), it cannot be easily executed via gdb script / batch mode, because it has a failing instruction in the middle.

Is there a way to do that? Ideally something like "run single instruction", rather than "run" would be useful.

回答1:

Entry point: 0xc154

This is a dynamically-linked, position-independent (PIE) binary.

You want to stop in the dynamic linker after that binary is loaded and relocated, but before it executed anything.

(gdb) set stop-on-solib-events 1
(gdb) run
Starting program: /tmp/a.out 
Stopped due to shared library event (no libraries added or removed)
(gdb) info target
Symbols from "/tmp/a.out".
Unix child process:
        Using the running image of child process 13746.
        While running this, GDB does not access memory from...
Local exec file:
        `/tmp/a.out', file type elf64-x86-64.
        Entry point: 0x5555555545f0
        ...

(gdb) bt
#0  __GI__dl_debug_state () at dl-debug.c:77
#1  0x00007ffff7ddd488 in dl_main (phdr=<optimized out>, phnum=<optimized out>, user_entry=<optimized out>, auxv=0x7ffff7ffe870) at rtld.c:1678
#2  0x00007ffff7defb24 in _dl_sysdep_start (start_argptr=<optimized out>, dl_main=0x7ffff7ddc6e0 <dl_main>) at ../elf/dl-sysdep.c:244
#3  0x00007ffff7ddf365 in _dl_start_final (arg=0x7fffffffe440) at rtld.c:338
#4  _dl_start (arg=0x7fffffffe440) at rtld.c:564
#5  0x00007ffff7ddb6b8 in _start () from /lib64/ld-linux-x86-64.so.2