Delve调试器 汇编



3.9.1 Delve入门



package main

import (

func main() {
    nums := make([]int, 5)
    for i := 0; i < len(nums); i++ {
        nums[i] = i * i

命令行进入包所在目录,然后输入dlv debug命令进入调试:

$ dlv debug
Type 'help' for list of commands.


(dlv) help
The following commands are available:
    args ------------------------ Print function arguments.
    break (alias: b) ------------ Sets a breakpoint.
    breakpoints (alias: bp) ----- Print out info for active breakpoints.
    clear ----------------------- Deletes breakpoint.
    clearall -------------------- Deletes multiple breakpoints.
    condition (alias: cond) ----- Set breakpoint condition.
    config ---------------------- Changes configuration parameters.
    continue (alias: c) --------- Run until breakpoint or program termination.
    disassemble (alias: disass) - Disassembler.
    down ------------------------ Move the current frame down.
    exit (alias: quit | q) ------ Exit the debugger.
    frame ----------------------- Set the current frame, or execute command...
    funcs ----------------------- Print list of functions.
    goroutine ------------------- Shows or changes current goroutine
    goroutines ------------------ List program goroutines.
    help (alias: h) ------------- Prints the help message.
    list (alias: ls | l) -------- Show source code.
    locals ---------------------- Print local variables.
    next (alias: n) ------------- Step over to next source line.
    on -------------------------- Executes a command when a breakpoint is hit.
    print (alias: p) ------------ Evaluate an expression.
    regs ------------------------ Print contents of CPU registers.
    restart (alias: r) ---------- Restart process.
    set ------------------------- Changes the value of a variable.
    source ---------------------- Executes a file containing a list of delve...
    sources --------------------- Print list of source files.
    stack (alias: bt) ----------- Print stack trace.
    step (alias: s) ------------- Single step through program.
    step-instruction (alias: si)  Single step a single cpu instruction.
    stepout --------------------- Step out of the current function.
    thread (alias: tr) ---------- Switch to the specified thread.
    threads --------------------- Print out info for every traced thread.
    trace (alias: t) ------------ Set tracepoint.
    types ----------------------- Print list of types
    up -------------------------- Move the current frame up.
    vars ------------------------ Print package variables.
    whatis ---------------------- Prints type of an expression.
Type help followed by a command for full documentation.


(dlv) break main.main
Breakpoint 1 set at 0x10ae9b8 for main.main() ./main.go:7


(dlv) breakpoints
Breakpoint unrecovered-panic at 0x102a380 for runtime.startpanic()
    /usr/local/go/src/runtime/panic.go:588 (0)
        print runtime.curg._panic.arg
Breakpoint 1 at 0x10ae9b8 for main.main() ./main.go:7 (0)



(dlv) vars main
main.initdone· = 2
runtime.main_init_done = chan bool 0/0
runtime.mainStarted = true


(dlv) continue
> main.main() ./main.go:7 (hits goroutine(1):1 total:1) (PC: 0x10ae9b8)
     3: import (
     4:         "fmt"
     5: )
=>   7: func main() {
     8:         nums := make([]int, 5)
     9:         for i := 0; i < len(nums); i++ {
    10:                 nums[i] = i * i
    11:         }
    12:         fmt.Println(nums)


(dlv) next
> main.main() ./main.go:8 (PC: 0x10ae9cf)
     3: import (
     4:         "fmt"
     5: )
     7: func main() {
=>   8:         nums := make([]int, 5)
     9:         for i := 0; i < len(nums); i++ {
    10:                 nums[i] = i * i
    11:         }
    12:         fmt.Println(nums)
    13: }


(dlv) args
(no args)
(dlv) locals
nums = []int len: 842350763880, cap: 17491881, nil



(dlv) next
> main.main() ./main.go:9 (PC: 0x10aea12)
     4:         "fmt"
     5: )
     7: func main() {
     8:         nums := make([]int, 5)
=>   9:         for i := 0; i < len(nums); i++ {
    10:                 nums[i] = i * i
    11:         }
    12:         fmt.Println(nums)
    13: }
(dlv) locals
nums = []int len: 5, cap: 5, [...]
i = 17601536



(dlv) break main.go:10
Breakpoint 2 set at 0x10aea33 for main.main() ./main.go:10
(dlv) condition 2 i==3


(dlv) continue
> main.main() ./main.go:10 (hits goroutine(1):1 total:1) (PC: 0x10aea33)
     5: )
     7: func main() {
     8:         nums := make([]int, 5)
     9:         for i := 0; i < len(nums); i++ {
=>  10:                 nums[i] = i * i
    11:         }
    12:         fmt.Println(nums)
    13: }
(dlv) locals
nums = []int len: 5, cap: 5, [...]
i = 3
(dlv) print nums
[]int len: 5, cap: 5, [0,1,4,0,0]



(dlv) stack
0  0x00000000010aea33 in main.main
   at ./main.go:10
1  0x000000000102bd60 in runtime.main
   at /usr/local/go/src/runtime/proc.go:198
2  0x0000000001053bd1 in runtime.goexit
   at /usr/local/go/src/runtime/asm_amd64.s:2361


(dlv) goroutine
Thread 101686 at ./main.go:10
Goroutine 1:
  Runtime: ./main.go:10 main.main (0x10aea33)
  User: ./main.go:10 main.main (0x10aea33)
  Go: /usr/local/go/src/runtime/asm_amd64.s:258 runtime.rt0_go (0x1051643)
  Start: /usr/local/go/src/runtime/proc.go:109 runtime.main (0x102bb90)
(dlv) goroutines
[4 goroutines]
* Goroutine 1 - User: ./main.go:10 main.main (0x10aea33) (thread 101686)
  Goroutine 2 - User: /usr/local/go/src/runtime/proc.go:292 
                runtime.gopark (0x102c189)
  Goroutine 3 - User: /usr/local/go/src/runtime/proc.go:292 
                runtime.gopark (0x102c189)
  Goroutine 4 - User: /usr/local/go/src/runtime/proc.go:292 
                runtime.gopark (0x102c189)


3.9.2 调试汇编程序



package main

func main() { asmSayHello() }

func asmSayHello()



#include "textflag.h"
#include "funcdata.h"

// "Hello World!
DATA  text<>+0(SB)/8,$"Hello Wo"
DATA  text<>+8(SB)/8,$"rld!
GLOBL text<>(SB),NOPTR,$16

// func asmSayHello()
TEXT ·asmSayHello(SB), $16-0
    MOVQ $text<>+0(SB), AX
    MOVQ AX, (SP)
    MOVQ $16, 8(SP)
    CALL runtime·printstring(SB)


(dlv) break main.main
Breakpoint 1 set at 0x105011f for main.main() ./main.go:3
(dlv) continue
> main.main() ./main.go:3 (hits goroutine(1):1 total:1) (PC: 0x105011f)
  1: package main
=>3: func main() { asmSayHello() }
  5: func asmSayHello()
(dlv) disassemble
TEXT main.main(SB) /path/to/pkg/main.go
  main.go:3 0x1050110  65488b0c25a0080000 mov rcx, qword ptr g  [0x8a0]
  main.go:3 0x1050119  483b6110           cmp rsp, qword ptr [r  +0x10]
  main.go:3 0x105011d  761a               jbe 0x1050139
=>main.go:3 0x105011f* 4883ec08           sub rsp, 0x8
  main.go:3 0x1050123  48892c24           mov qword ptr [rsp], rbp
  main.go:3 0x1050127  488d2c24           lea rbp, ptr [rsp]
  main.go:3 0x105012b  e880000000         call $main.asmSayHello
  main.go:3 0x1050130  488b2c24           mov rbp, qword ptr [rsp]
  main.go:3 0x1050134  4883c408           add rsp, 0x8
  main.go:3 0x1050138  c3                 ret
  main.go:3 0x1050139  e87288ffff         call $runtime.morestack_noctxt
  main.go:3 0x105013e  ebd0               jmp $main.main




(dlv) break main.asmSayHello
Breakpoint 2 set at 0x10501bf for main.asmSayHello() ./main_amd64.s:10
(dlv) continue
> main.asmSayHello() ./main_amd64.s:10 (hits goroutine(1):1 total:1) (PC: 0x10501bf)
     5: DATA  text<>+0(SB)/8,$"Hello Wo"
     6: DATA  text<>+8(SB)/8,$"rld!
     7: GLOBL text<>(SB),NOPTR,$16
     9: // func asmSayHello()
=>  10: TEXT ·asmSayHello(SB), $16-0
    11:         NO_LOCAL_POINTERS
    12:         MOVQ $text<>+0(SB), AX
    13:         MOVQ AX, (SP)
    14:         MOVQ $16, 8(SP)
    15:         CALL runtime·printstring(SB)


(dlv) regs
       rax = 0x0000000001050110
       rbx = 0x0000000000000000
       rcx = 0x000000c420000300
       rdx = 0x0000000001070be0
       rdi = 0x000000c42007c020
       rsi = 0x0000000000000001
       rbp = 0x000000c420049f78
       rsp = 0x000000c420049f70
        r8 = 0x7fffffffffffffff
        r9 = 0xffffffffffffffff
       r10 = 0x0000000000000100
       r11 = 0x0000000000000286
       r12 = 0x000000c41fffff7c
       r13 = 0x0000000000000000
       r14 = 0x0000000000000178
       r15 = 0x0000000000000004
       rip = 0x00000000010501bf
    rflags = 0x0000000000000206


(dlv) regs
       rax = 0x00000000010a4060
       rbx = 0x0000000000000000
       rcx = 0x000000c420000300


(dlv) print *(*[5]byte)(uintptr(0x00000000010a4060))
[5]uint8 [72,101,108,108,111]

我们可以发现输出的[5]uint8 [72,101,108,108,111]刚好是对应“Hello”字符串。通过类似的方法,我们可以通过查看SP对应的栈指针位置,然后查看栈中局部变量的值。


(dlv) disassemble
TEXT syscall.Syscall6(SB) src/syscall/asm_linux_arm64.s
        asm_linux_arm64.s:34    0x8dca0 fe0f1ff8        MOVD.W R30, -16(RSP)
        asm_linux_arm64.s:34    0x8dca4 fd831ff8        MOVD R29, -8(RSP)
        asm_linux_arm64.s:34    0x8dca8 fd2300d1        SUB $8, RSP, R29
        asm_linux_arm64.s:35    0x8dcac b592ff97        CALL runtime.entersyscall(SB)
        asm_linux_arm64.s:36    0x8dcb0 e01340f9        MOVD 32(RSP), R0
        asm_linux_arm64.s:37    0x8dcb4 e11740f9        MOVD 40(RSP), R1
        asm_linux_arm64.s:38    0x8dcb8 e21b40f9        MOVD 48(RSP), R2
        asm_linux_arm64.s:39    0x8dcbc e31f40f9        MOVD 56(RSP), R3
        asm_linux_arm64.s:40    0x8dcc0 e42340f9        MOVD 64(RSP), R4
        asm_linux_arm64.s:41    0x8dcc4 e52740f9        MOVD 72(RSP), R5
        asm_linux_arm64.s:42    0x8dcc8 e80f40f9        MOVD 24(RSP), R8
=>      asm_linux_arm64.s:43    0x8dccc 010000d4        SVC $0
        asm_linux_arm64.s:44    0x8dcd0 1ffc3fb1        CMN $4095, R0
        asm_linux_arm64.s:45    0x8dcd4 43010054        BCC 10(PC)
        asm_linux_arm64.s:46    0x8dcd8 04008092        MOVD $-1, R4
        asm_linux_arm64.s:47    0x8dcdc e42b00f9        MOVD R4, 80(RSP)
        asm_linux_arm64.s:48    0x8dce0 ff2f00f9        MOVD ZR, 88(RSP)
        asm_linux_arm64.s:49    0x8dce4 e00300cb        NEG R0, R0
        asm_linux_arm64.s:50    0x8dce8 e03300f9        MOVD R0, 96(RSP)
        asm_linux_arm64.s:51    0x8dcec b192ff97        CALL runtime.exitsyscall(SB)
        asm_linux_arm64.s:52    0x8dcf0 fd835ff8        LDUR -8(RSP), R29
        asm_linux_arm64.s:52    0x8dcf4 fe0741f8        MOVD.P 16(RSP), R30
        asm_linux_arm64.s:52    0x8dcf8 c0035fd6        RET
        asm_linux_arm64.s:54    0x8dcfc e02b00f9        MOVD R0, 80(RSP)
        asm_linux_arm64.s:55    0x8dd00 e12f00f9        MOVD R1, 88(RSP)
        asm_linux_arm64.s:56    0x8dd04 ff3300f9        MOVD ZR, 96(RSP)
        asm_linux_arm64.s:57    0x8dd08 aa92ff97        CALL runtime.exitsyscall(SB)
        asm_linux_arm64.s:58    0x8dd0c fd835ff8        LDUR -8(RSP), R29
        asm_linux_arm64.s:1     0x8dd10 fe0741f8        MOVD.P 16(RSP), R30
        asm_linux_arm64.s:1     0x8dd14 c0035fd6        RET
        asm_linux_arm64.s:1     0x8dd18 00000000        ?
        asm_linux_arm64.s:1     0x8dd1c 00000000        ?
(dlv) regs
 PC = 0x000000000008dccc
 SP = 0x0000004000691560
 X0 = 0x0000004000266000
 X1 = 0x0000000000000004
 X2 = 0x0000000000000000
 X3 = 0x0000000000000000
 X4 = 0x0000000000000000
 X5 = 0x0000000000000000
 X6 = 0x0000000000000001
 X7 = 0x0000000000000004
 X8 = 0x0000000000000049
 X9 = 0x0000004000266010
X10 = 0x0000000000000002
X11 = 0x0000000000000200
X12 = 0x0000000000000003
X13 = 0x000000000000001b
X14 = 0x0000000000000001
X15 = 0x0000000000000000
X16 = 0x0000000000000000
X17 = 0x0000000000000008
X18 = 0x0000000000000000
X19 = 0x0000000000000150
X20 = 0x0000ffffdaabb040
X21 = 0x0000000001504260
X22 = 0x0000004000002000
X23 = 0x0000000000000000
X24 = 0x0000000000000000
X25 = 0x0000000000000000
X26 = 0x0000004000691768
X27 = 0x0000000001503680
X28 = 0x0000004000001980
X29 = 0x0000004000691558
X30 = 0x000000000008dcb0