GDB debugging (2)

GDB command Overview
-------

After starting GDB, you will be brought into the debugging environment of GDB. You can use the gdb command to start debugging the program. The command of GDB can be viewed using the Help Command, as shown below:

/Home/hchen> GDB
Gnu gdb 5.1.1
Copyright 2002 Free Software Foundation, Inc.
GDB is free software, covered by the GNU General Public License, and you are
Welcome to change it and/or distribute copies of it under certain conditions.
Type "show copying" to see the conditions.
There is absolutely no warranty for GDB. Type "show warranty" for details.
This GDB was configured as "i386-suse-linux ".
(GDB) Help
List of classes of commands:

Aliases -- aliases of other commands
Breakpoints -- making program stop at certain points
Data -- examining data
Files -- specifying and examining files
Internals -- maintenance commands
Obscure -- obscure features
Running -- running the program
Stack -- examining the stack
Status -- Status inquiries
Support -- Support Facilities
Tracepoints -- tracing of program execution without stopping the program
User-Defined -- user-defined commands

Type "help" followed by a class name for a list of commands in that class.
Type "help" followed by command name for full documentation.
Command name abbreviations are allowed if unambiguous.
(GDB)

GDB has many commands, which are divided into many types by GDB. The Help Command is just an example of the command type of GDB. If you want to view the commands in the Command type, you can use the help command, for example, help breakpoints, to view all the commands for setting breakpoints. You can also directly help to view the Command help.

In GDB, when you enter a command, you do not need to execute a full command. You only need to use the first few characters of the command. Of course, the first few characters of the command should mark a unique command, in Linux, you can press the tab twice to fill in the full name of the command. If there are duplicates, GDB will give it an example.

Example 1: Set a breakpoint when entering the function func. You can enter break func or B func.
(GDB) B func
Breakpoint 1 at 0x8048458: file hello. C, line 10.

Example 2: Press B twice to press the tab key. You will see all the commands for B headers:
(GDB) B
Backtrace break BT
(GDB)

Example 3: only remember the prefix of the function, which can be as follows:
(GDB) B Make _ <press the tab key>
(Press the tab key again and you will see :)
Make_a_section_from_file make_environ
Make_abs_section make_function_type
Make_blockvector make_pointer_type
Make_cleanup make_reference_type
Make_command make_symbol_completion_list
(GDB) B Make _
GDB will show you all the functions starting with make.

Example 4: When debugging a c ++ program, the function name can be the same. For example:
(GDB) B 'bubble (m -?
Bubble (double, double) bubble (INT, INT)
(GDB) B 'bubble (
You can view all the overload functions and parameters in C ++. (Note: M -? And press the tab key twice)

To exit GDB, you only need to send quit or Q for short.

Running UNIX Shell programs in GDB
------------

In the gdb environment, you can execute the Unix shell command and use the gdb shell command to complete it:

Shell
Call the Unix shell for execution. The Unix shell defined in the environment variable shell will be used for execution. If the shell is not defined, the standard UNIX shell:/bin/sh will be used. (Use command.comor cmd.exe in Windows)

Another GDB command is make:
Make
You can execute the make command in GDB to build your own program again. This command is equivalent to "shell make ".

Run the program in GDB
--------

After GDB is started as GDB, GDB searches the path and source files in the current directory. To check whether GDB reads the source file, run the L or LIST command to check whether GDB can list the source code.

In GDB, run the R or run command. For program running, you may need to set the following four things.

1. program running parameters.
Set ARGs can Specify runtime parameters. (For example, set ARGs 10 20 30 40 50)
Run the show ARGs command to view the set running parameters.

2. Running environment.
Path

You can set the program running path.
Show paths to view the program running path.
Set environment varname [= value] To set environment variables. For example, set env user = hchen
Show Environment [varname] to view environment variables.

3. working directory.
CD

It is equivalent to the CD command of shell.
PWD displays the current directory.

4. input and output of the program.
Info terminal shows the terminal mode used by your program.
Use the redirection control program output. For example, run> OUTFILE
The tty command can be a terminal device that writes input and output data. For example, tty/dev/ttyb.

Debug a running program
--------

Two methods:
1. Run PS on UNIX to view the PID (process ID) of the running program, and then mount the running program in gdb pid format.
2. Associate the source code with GDB and execute GDB. Use the attach command in GDB to mount the PID of the process. Use detach to cancel the attached process.

Pause/resume program running
---------

In the debugging program, it is necessary to pause the running of the program. GDB can conveniently pause the running of the program. You can set where the program stops, under what conditions, and when it receives signals. This allows you to view runtime variables and processes.

When the process is stopped by GDB, you can use info program to check whether the program is running, process number, and reason for suspension.

In GDB, we can use the following pause Methods: breakpoint, watchpoint, catchpoint, signals, and thread stops ). To resume the program running, run the C or continue command.

1. Set a breakpoint)

We use the break command to set breakpoints. There are several ways to set breakpoints on the front:

Break
Stops when you enter the specified function. In C ++, you can use the class: function or function (type, type) format to specify the function name.

Break
Stops at the specified row number.

Break + offset
Break-offset
Stop the offset row before or after the current row number. Offiset is a natural number.

Break filename: linenum
Stop at the linenum line of the source file filename.

Break filename: Function
Stop at the entrance of the function of the source file filename.

Break * address
Stop at the memory address where the program runs.

Break
If the break command does not have a parameter, it indicates that it stops at the next command.

Break... if
... It can be the preceding parameter. condition indicates the condition and stops when the condition is set. For example, you can set break if I = 100 in the Environment body to stop the program when I is 100.

When viewing breakpoints, you can use the info command as follows: (Note: N indicates the breakpoint number)
Info breakpoints [N]
Info break [N]

2. Set the watchpoint)

An observation point is usually used to check whether the value of an expression (a variable is also an expression) has changed. If the value changes, stop the program immediately. We have the following methods to set observation points:

Watch
Set an observation point for the expression (variable) expr. When the expression value changes, stop the program immediately.

Rwatch
When the expression (variable) expr is read, stop the program.

Awatch
When the value of an expression (variable) is read or written, stop the program.

Info watchpoints
Lists all the observed points currently set.

3. Set a capture point)

You can set capture points to catch up with some events when the program is running. For example, load the Shared Library (Dynamic Link Library) or C ++ exception. Set the capture point format:

Catch
When an event occurs, stop the program. Event can be the following content:
1. Throw an exception thrown by C ++. (Throw is the keyword)
2. Catch an exception caught by C ++. (Catch is a keyword)
3. When exec is called by the system. (Exec is a keyword, which is currently only useful in HP-UX)
4. When fork calls fork. (Fork is a keyword, which is currently only useful in HP-UX)
5. When vfork calls vfork. (Vfork is a keyword, which is currently only useful in HP-UX)
6. load or load when loading a shared library (dynamic link library. (Load is a keyword, which is currently only useful in HP-UX)
7. When unload or unload is used to detach a shared library (Dynamic Link Library. (Unload is a keyword, which is currently only useful in HP-UX)

Tcatch
Set only one capture point. When the program stops, the point is automatically deleted.

4. Maintenance stop point

The above describes how to set the stop point of the program. The stop point in GDB is also the three types mentioned above. In GDB, if you think the predefined stop point is useless, you can use the delete, clear, disable, and enable commands for maintenance.

Clear
Clear all defined stop points.

Clear
Clear
Clear all stop points set on the function.

Clear
Clear
Clear all stop points set on the specified row.

Delete [breakpoints] [range...]
Delete the specified breakpoint. breakpoints is the breakpoint number. If no breakpoint number is specified, all breakpoints are deleted. Range indicates the range of the breakpoint number (for example, 3-7 ). The short command is D.

A better method than deleting is disable stop point. GDB does not delete the stop point after disable. When you still need it, enable it, just like the recycle bin.

Disable [breakpoints] [range...]
The stop point specified by disable. breakpoints is the stop point number. If nothing is specified, it indicates all the stop points of disable. The abbreviated command is dis.

Enable [breakpoints] [range...]
The stop point specified by enable. breakpoints is the stop point number.

Enable [breakpoints] Once range...
Enable: The stop point specified by enable is automatically disable by GDB immediately after the program is stopped.

Enable [breakpoints] Delete range...
The stop point specified by enable is automatically deleted by GDB immediately after the program is stopped.

5. Stop condition maintenance

As mentioned earlier, when setting breakpoints, we mentioned that you can set a condition. When a condition is set, the program stops automatically. This is a very powerful function. Here, I want to talk about the maintenance commands for this condition. Generally, we use the if keyword to set a condition for a breakpoint, followed by its breakpoint condition. In addition, after the conditions are set, we can use the condition command to modify the breakpoint conditions. (Only the break and watch commands support if. Catch currently does not support if)

Condition
Modify the Stop Condition of breakpoint number bnum to expression.

Condition
Clear the stop condition with the breakpoint number bnum.

There is also a special maintenance command ignore, you can specify the number of times when the program runs, ignore the stop condition.

Ignore
Indicates that the count of the Stop condition with the breakpoint number bnum is ignored.

6. Set the running command for the stop point

We can use the command Command provided by GDB to set the running command of the stop point. That is to say, when the running program is stopped, we can let it automatically run some other commands, which is advantageous for automatic debugging. It provides powerful support for automated debugging Based on GDB.

Commands [bnum]
... Command-list...
End

For the breakpoint bnum, write a command list. When the program is stopped by the breakpoint, GDB runs the commands in the command list in sequence.

For example:

Break Foo if x> 0
Commands
Printf "X is % d/N", X
Continue
End
The breakpoint is set in function Foo. the breakpoint condition is x> 0. If the program is disconnected, that is, once the value of X is greater than 0 in function Foo, GDB automatically prints the value of X and continues to run the program.

If you want to clear the command sequence on the breakpoint, you only need to simply execute the commands command and directly create an end.

VII. breakpoint menu

In C ++, a function with the same name may appear multiple times (function overloading). In this case, break cannot tell GDB which function to stop at the entry. Of course, you can use break to tell GDB about the function parameter type to specify a function. Otherwise, GDB will list a breakpoint menu for you to choose the breakpoint you need. You only need to enter the number in your menu list. For example:

(GDB) B string: After
[0] cancel
[1] All
[2] File: String. CC; line number: 867
[3] File: String. CC; line number: 860
[4] File: String. CC; line number: 875
[5] File: String. CC; line number: 853
[6] File: String. CC; line number: 846
[7] File: String. CC; line number: 735
> 2 4 6
Breakpoint 1 at 0xb26c: file string. CC, line 867.
Breakpoint 2 at 0xb344: file string. CC, line 875.
Breakpoint 3 at 0 xafcc: file string. CC, line 846.
Multiple breakpoints were set.
Use the "delete" command to delete unwanted
Breakpoints.
(GDB)

It can be seen that GDB lists all the after overload functions. You can select the list number. 0 indicates that the breakpoint is not set. 1 indicates that all functions are set to the breakpoint.

8. Resume program running and single-step debugging

When the program is stopped, you can run the "continue" command to restore the program until the program ends or the next breakpoint arrives. You can also use the step or next command to track a single step.

Continue [ignore-count]
C [ignore-count]
FG [ignore-count]
Resume the program running until the program ends or the next breakpoint arrives. Ignore-count indicates the number of breakpoints that are ignored. The continue, C, and Fg commands all share the same meaning.

Step
One-step tracking. If a function is called, it enters the function. The premise for entering the function is that the function is compiled with debug information. Similar to step in VC and other tools. You can add count or not. If you do not add count, it means to execute the Count command next to it, and then stop.

Next
Similarly, if a function is called, it does not enter the function. Similar to step over in VC and other tools. You can add count or not. If you do not add count, it means to execute the Count command next to it, and then stop.

Set step-Mode
Set step-mode on
When the step-mode is enabled, the program does not stop without the debug information during the single-step tracking. This parameter is helpful for viewing the machine code.

Set step-mod off
Disable step-mode.

Finish
Run the program until the current function is complete. The stack address, return value, and parameter value returned by the function are printed.

Until or U
When you get tired of one-step tracking in a loop body, this command can run the program until you exit the loop body.

Stepi or Si
Nexti or Ni
Track One machine command in one step! A program code may be executed by several machine commands. stepi and nexti can execute machine commands in one step. The command with the same functions is "display/I $ PC". After running this command, A single-step trace will execute machine commands (that is, compile code) while executing program code)

9. Signal)

A signal is a soft interrupt and a method for processing asynchronous events. Generally, the operating system supports many signals. Especially for UNIX, important applications generally process signals. UNIX defines many signals. For example, SIGINT indicates the interrupt character signal, that is, CTRL + C signal, sigbus indicates the hardware fault signal, and sigchld indicates the sub-process status change signal; sigkill indicates the signal to terminate the program, and so on. Semaphore programming is a very important technology in UNIX.

GDB can process any signal when you debug the program. You can tell GDB which signal to process. You can ask GDB to immediately stop the running program when receiving the signal you specified for debugging. You can use the gdb handle command to complete this function.

Handle
Define a signal processing in GDB. A signal can start with or not with SIG and define a range of signals to be processed (for example, a SIGIO-SIGKILL that represents a signal from sigio signal to sigkill, including sigio, sigiot, sigkill), or you can use the keyword "all" to indicate all signals to be processed. Once the debugged program receives a signal, the running program will be immediately stopped by GDB for debugging. It can be one or more of the following keywords.

Nostop
When the program to be debugged receives a signal, GDB will not stop the program running, but will send a message to tell you to receive this signal.
Stop
When the program to be debugged receives a signal, GDB stops your program.
Print
When the program to be debugged receives a signal, GDB displays a message.
Noprint
When the program to be debugged receives a signal, GDB will not tell you the signal information.
Pass
Noignore
When the program to be debugged receives a signal, GDB does not process the signal. This indicates that GDB will hand over the signal to the debugged program for processing.
Nopass
Ignore
When the program to be debugged receives a signal, GDB will not let the program to be debugged process the signal.

Info Signals
Info handle
Check which signals are being detected by GDB.

10. Thread stops)

If your program is multi-threaded, you can define whether your breakpoint is on all threads or on a specific thread. GDB can easily help you complete this task.

Break thread
Break thread if...
Linespec specifies the line number of the source program where the breakpoint is set. Threadno specifies the thread ID. Note that this ID is allocated by GDB. You can run the "info Threads" command to view the thread information in the running program. If you do not specify a thread, your breakpoint is set on all threads. You can also specify breakpoint conditions for a thread. For example:

(GDB) Break Frik. C: 13 thread 28 If bartab> Lim

When your program is stopped by GDB, all running threads are stopped. This allows you to view the overall situation of the running program. When you resume the program running, all threads will be resumed. Even when the main process is being debugged in a single step.

View stack information
-----

When the program is stopped, the first thing you need to do is to check where the program stops. When your program calls a function, the function address, function parameters, and local variables in the function will be pushed into the stack. You can use the gdb command to view information in the current stack.

The following are some gdb commands for viewing the stack information of function calls:

Backtrace
BT
Print all information about the current function call stack. For example:

(GDB) BT
#0 func (n = 250) at TST. C: 6
#1 0x08048524 in main (argc = 1, argv = 0xbffff674) at TST. C: 30
#2 0x400409ed in _ libc_start_main () from/lib/libc. so.6

From the above we can see the call stack information of the function: __libc_start_main --> main () --> func ()

Backtrace
BT
N is a positive integer, indicating that only stack information of N layers on top of the stack is printed.

Backtrace <-N>
BT <-N>
-N indicates that only stack information of N layers under the stack is printed.

If you want to view the information of a certain layer, you need to switch the current stack. Generally, when the program stops, the top stack is the current stack, if you want to view the details of the layer below the stack, you must first switch the current stack.

Frame
F
N is an integer starting from 0 and a layer number in the stack. For example, frame 0 indicates the top of the stack, frame 1 indicates the second layer of the stack.

Up
It indicates moving N layers to the top of the stack. If n is not required, it indicates moving up a layer.

Down
It indicates moving N layers to the bottom of the stack. If n is not used, it indicates moving down a layer.

The above command will print the information to be moved to the stack layer. If you do not want them to output information. You can use these three commands:

Select-frame corresponds to the frame command.
Up-silently corresponds to the up command.
The down-silently command corresponds to the down command.

To view information about the current stack layer, run the following GDB command:

Frame or F
The following information is printed: the stack layer number, the current function name, function parameter value, the file and row number of the function, and the statement executed by the function.

Info Frame
Info F
This command prints more detailed information about the current stack layer, except that most of the information is the inner address of the runtime. For example, the function address, the address of the called function, the address of the called function, the current program language of the function, the address and value of the function parameter, the address of the local variable, and so on. For example:
(GDB) info F
Stack level 0, frame at 0xbffff5d4:
EIP = 0x804845d in func (TST. C: 6); saved EIP 0x8048524
Called by frame at 0xbffff60c
Source Language C.
Arglist at 0xbffff5d4, argS: N = 250
Locals at 0xbffff5d4, previous frame's SP is 0x0
Saved registers:
EBP at 0xbffff5d4, EIP at 0xbffff5d8

Info ARGs
Print the parameter name and value of the current function.

Info locals
Print all local variables and their values in the current function.

Info catch
Print the exception handling information in the current function.

View Source program
-----

1. display source code

GDB can print the source code of the program to be debugged. Of course, you must add the-G parameter during program compilation to compile the source program information into the execution file. Otherwise, you will not be able to see the source program. When the program stops, GDB will report the row on which the program stops. You can use the LIST command to print the program source code. Let's take a look at the source code's GDB command.

List
Displays the source code around the linenum line of the program.

List
Displays the source program of the function named function.

List
Displays the source code behind the current row.

List-
Displays the source code before the current row.

It is usually used to print the top 5 rows and the next 5 rows of the current row. If the display function is the top 2 and the next 8 rows, the default value is 10. Of course, you can also customize the display range. You can use the following command to set the number of lines that display the source program at a time.

Set listsize
Set the number of lines for displaying source code at a time.

Show listsize
View the current listsize settings.

The list command also has the following usage:

List,
Displays the source code from the first row to the last row.

List,
Displays the source code from the current row to the last row.

List +
The source code is displayed later.

Generally, the following parameters can be followed after the list:

The row number.
<+ Offset> the positive offset of the current row number.
<-Offset> the negative offset of the current row number.
The row of the file.
Function name.
The function in the file.
<* Address> the address of the statement in the memory when the program runs.

2. Search source code

Besides, GDB provides the following source code search commands:

Forward-search
Search
Search forward.

Reverse-search
Search all.

Here, it is a regular expression and also the matching mode of the Main string. I will not talk about the regular expression here. Please check the relevant information.

3. Specify the source file path

In some cases, the execution program compiled with-G only contains the name of the source file without a path name. GDB provides commands that allow you to specify the path of the source file for GDB to search.

Directory
Dir
Add a source file path to the front of the current path. If you want to specify multiple paths, you can use ":" in UNIX, and ";" in windows.
Directory
Clear all custom source file search paths.

Show Directories
Displays the defined source file search path.

4. Source Code memory

You can use the info line command to view the address of the source code in the memory. Info line can be followed by "row number", "function name", "File Name: line number", and "File Name: function name ", this command prints out the memory address of the specified source code at runtime, for example:

(GDB) info line TST. C: func
Line 5 of "TST. c" starts at address 0x8048456 and ends at 0x804845d.

There is also a command (disassemble) that you can view the machine code of the current execution of the source program. This command will dump the commands in the current memory. The following example shows the assembly code of the function func.

(GDB) disassemble func
Dump of worker er code for function FUNC:
0x8048450: Push % EBP
0x8048451: mov % ESP, % EBP
0x8048453: Sub $0x18, % ESP
0x8048456: movl $0x0, 0 xfffffffc (% EBP)
0x804845d: movl $0x1, 0xfffffff8 (% EBP)
0x8048464: mov 0xfffffff8 (% EBP), % eax
0x8048467: CMP 0x8 (% EBP), % eax
0x804846a: jle 0x8048470
0x804846c: JMP 0x8048480
0x804846e: mov % ESI, % ESI
0x8048470: mov 0xfffffff8 (% EBP), % eax
0x8048473: Add % eax, 0 xfffffffc (% EBP)
0x8048476: incl 0xfffffff8 (% EBP)
0x8048479: JMP 0x8048464
0x804847b: NOP
0x804847c: Lea 0x0 (% ESI, 1), % ESI
0x8048480: mov 0 xfffffffc (% EBP), % edX
0x8048483: mov % edX, % eax
0x8048485: JMP 0x8048487
0x8048487: mov % EBP, % ESP
0x8048489: Pop % EBP
0x804848a: Ret
End of worker er dump.