Debugging Android apps
Looking to dive head-first into Android application debugging? Read on and then head to the Android Debugging section.
Debuggers are special modules that attach to existing code units. They do not produce additional units; instead, they provide specialized actions, accessible graphically via the Debugger menu in the UI client.
Debugger modules offer a rich API. UI clients can only reflect those functionality partly. Visit the Resources sub-section for more information on how to use the debuggers API to perform advanced dynamic analysis of applications.
JEB ships with debuggers for:
- Android DEX bytecode: the debugger implements JDWP
- Machine code (x86/x86-64, ARM/ARM64, MIPS, etc.): the debugger implements the gdb/lldb protocol
Attaching to a Target#
- Open a code view representing the code unit to be debugged.
- Execute Debugger, Start...
- Specify the target (e.g. machine/process, hostname/port, etc.) and debugging options
- Click Attach
One or more debugger unit(s) will be created, depending on your target application.
Debugging Dalvik code is supported by JEB. More information can be found in the next section, specific to Android (APK) debugging.
Debugging native code is supported by JEB through its gdb/lldb debugging client module. After setting up gdbserver (or lldb-server) on your target, specify the hostname and port to debug x86, arm, and mips code.
The gdb/lldb client module is also used to debug native code stored inside Android applications. Refer to the next section "Android Debugging" for detailed explanations.
The UI client will also open automatically open views that represent the debugger units. Those views are:
- Local variables and registers
- Memory and live disassembly (if applicable)
- Current stack (if applicable)
- Log view
You may want to switch to a custom layout to better accommodate those additional views. The above pictures shows an on-going debugging session of an Android app. A custom layout is used:
- the bytecode debugger views are in the top-right hand quadrant
- the process code debugger views are in the bottom-right hand quadrant
A breakpoint can also be seen, as well as the about-to-be-executed line of code.
The basic commands are accessible from the Debugger menu.
- Detach from or restart the debugging session
- Pause, resume, or terminate the target
- Suspend or resume threads
- Set breakpoints
- Step execution (into, over, or out of a routine)
- Add dynamic code units to a debugger (e.g. dex units to a dalvik debugger, native code units to a native debugger) , while a debugging session is active. This is useful when code objects are retrieved and need to be added to a project after an analysis was started.
The live values of variables and registers can also be examined by hovering over an item representing them.
Advanced debugging commands can be used via the Console view. This view is linked to command interpreters offered by the currently focused unit. Debuggers offer command interpreter to perform advanced tasks such as:
- Searching patterns in memory
- Examining objects
- Creating objects or invoking methods
- Custom tasks specific to a given debugger that cannot be generically represented by the UI client
A detailed overview of the interpreters' features can be found on our blog.
Learn more about Android application debugging by going through this next manual page.