|
|
The following example illustrates how to execute a program under adb control. In particular, it shows how to set breakpoints, start the program, and examine registers and memory. The program to be examined has the following source statements:
int fcnt,gcnt,hcnt;
h(x,y)
{
int hi; register int hr;
hi = x+1;
hr = x-y+1;
hcnt++ ;
hj:
f(hr,hi);
}
g(p,q)
{
int gi; register int gr;
gi = q-p;
gr = q-p+1;
gcnt++ ;
gj:
h(gr,gi);
}
f(a,b)
{
int fi; register int fr;
fi = a+2*b;
fr = a+b;
fcnt++ ;
fj:
g(fr,fi);
}
main()
{
f(1,1);
}
The program is compiled and stored in a file named
sample.
To start the session, type:
adb sampleThis starts adb and opens the corresponding program file. There is no core image file.
The first step is to set breakpoints at the beginning of each function. Use the :br command. For example, to set a breakpoint at the start of function ``f'', type:
f:brUse similar commands for the ``g'' and ``h'' functions. Once the breakpoints are created, display their locations by typing:
$bThis command lists the address, optional count, and optional command associated with each breakpoint. In this case, the command displays:
breakpoints count bkpt command 1 h 1 g 1 fThe next step is to display the first five instructions in the ``f'' function. Type:
f,5?iaThis command displays five instructions, each proceeded by its symbolic address:
f: push ebp f+0x1: mov ebp,esp f+0x3: sub esp,0x8 f+0x9: push ebx f+0xa: push edi f+0xb:Display five instructions in the ``g'' function without their addresses by typing:
g,5?iIn this case, the display is:
g: push ebp mov ebp,esp sub esp,0x8 push ebx push ediTo begin program execution, type:
:rthen adb displays the following message and begins to execute:
sample: runningAs soon as adb encounters the first breakpoint (at the beginning of the ``f'' function), it stops execution and displays the following message:
breakpoint f: push ebpSince execution to this point caused no errors, you can remove the first breakpoint by typing:
f:dlTo continue the program, type:
:coadb displays the following message and begins program execution at the next instruction:
sample: runningExecution continues until the next breakpoint, where adb displays the following message:
breakpoint g: push ebpTo trace the path of execution, type:
$cThe commands show that only three functions are active: ``f'', ``main'', and ``_start'':
f (0x1, 0x1) from main+0x15 main(0x1, 0x187ef20, 0x187ef28) from _start+0x39The values 0x187ef20, 0x187ef28, and 0x39 will vary.
Although the breakpoint has been set at the start of function ``g'', it will not be listed in the backtrace until its first few instructions have been executed. To execute these instructions, type:
,5:sThe adb program responds with a message indicating it has single-stepped the first five instructions. Now you can list the backtrace again. Type:
$cThis time, the list shows four active functions:
g (0x2,0x3) from f+0x2c f (0x1,0x1) from main+0x15 main (0x1, 0x187ef20, 0x187ef28) from _start+0x39To display the contents of the integer variable fcnt, type:
fcnt/DThis command displays the value of fcnt found in memory. The number should be 1. To continue execution of the program and skip the first 10 breakpoints, type:
,10:coadb starts the program; then it displays the running message again. It does not stop the program until it encounters exactly ten breakpoints. It displays the following message:
breakpoint g: push ebpTo show that these breakpoints have been skipped, display the backtrace again by typing:
The system displays:
f (0x2,0x11) from h+0x29 h (0x10,0xf) from g+0x2b g (0x11,0x20) from f+0x2c f (0x2,0xf) from h+0x29 h (0xe,0xd) from g+0x2b g (0xf,0x1c) from f+0x2c f (0x2,0xd) from h+0x29 h (0xc,0xb) from g+0x2b g (0xd,0x18) from f+0x2c f (0x2,0xb) from h+0x29 h (0xa,0x9) from g+0x2b g (0xb,0x14) from f+0x2c f (0x2,0x9) from h+0x29 h (0x8,0x7) from g+0x2b g (0x9,0x10) from f+0x2c f (0x2,0x7) from h+0x29 h (0x6,0x5) from g+0x2b g (0x7,0xc) from f+0x2c f (0x2,0x5) from h+0x29 h (0x4,0x3) from g+0x2b g (0x5,0x8) from f+0x2c f (0x2,0x3) from h+0x29 h (0x2,0x1) from g+0x2b g (0x2,0x3) from f+0x2c f (0x1,0x1) from main+0x15 main (0x1,0x187ef20,0x187ef28) from _start+0x39Exit adb by typing:
$q