As a built-in and most commonly used debugger, GDB is obviously irrefutable. Familiar with GDB is like all Linux developers suggest using vim, which is a "strange" plot.
Source code for testing.
#include <stdio.h>int test(int a, int b){ int c = a + b; return c;}int main(int argc, char* argv[]){ int a = 0x1000; int b = 0x2000; int c = test(a, b); printf("%d/n", c); printf("Hello, World!/n"); return 0;}
Compile the command (use the "-G" parameter to generate the debugging symbol ):
$ gcc -g -o hello hello.c
Start debugging:
$ gdb helloGNU gdb 6.8-debianCopyright (C) 2008 Free Software Foundation, Inc.License GPLv3+: GNU GPL version 3 or later
1. Source Code
It is required to view the source code during debugging. List (l) supports multiple ways to view the source code.
(GDB) L # display source code 23 int test (int A, int B) 4 {5 Int c = a + B; 6 RETURN C; 7} 89 int main (INT argc, char * argv []) 10 {11 int A = 0x1000;
(GDB) L # continue to display 12 INT B = 0x2000; 13 int c = test (a, B); 14 printf ("% d/N", C ); 1516 printf ("Hello, world! /N "); 17 return 0; 18}
(GDB) L 3, 10 # display source code of a specific range 3 int test (int A, int B) 4 {5 Int c = a + B; 6 RETURN C; 7} 89 int main (INT argc, char * argv []) 10 {
(GDB) l main # display the source code of a specific function 5 Int c = a + B; 6 RETURN C; 7} 89 int main (INT argc, char * argv []) 10 {11 int A = 0x1000; 12 INT B = 0x2000; 13 int c = test (a, B); 14 printf ("% d/N ", c );
Run the following command to modify the number of lines displayed in the source code.
(gdb) set listsize 50
2. breakpoint
You can use the function name or source code line number to set the breakpoint.
(GDB) B Main # Set the function breakpoint 1 at 0x804841b: file hello. C, line 11.
(GDB) B 13 # Set the source code line breakpoint 2 at 0x8048429: file hello. C, line 13.
(GDB) B # set the next line as a breakpoint (debugging such as loop and recursion is useful) breakpoint 5 at 0x8048422: file hello. C, line 12.
(GDB) tbreak main # Set a temporary breakpoint (expired after interruption) breakpoint 1 at 0x804841b: file hello. C, line 11.
(GDB) info breakpoints # view all breakpoints num type disp ENB address what2 breakpoint keep y 0x0804841b in main at hello. C: 113 breakpoint keep y 0x080483fa in test at hello. C: 5
(GDB) D 3 # Delete: delete a breakpoint (you can also use the range "d 1-3" to delete all breakpoints if no parameter exists) (GDB) disable 2 # disable a breakpoint (you can also use the range "Disable 1-3") (GDB) Enable 2 # enable a breakpoint (you can also use the range "enable 1-3") (GDB) ignore 2 1 # ignore 2 interruptions once
Of courseConditional interruption.
(gdb) b test if a == 10Breakpoint 4 at 0x80483fa: file hello.c, line 5.
(gdb) info breakpointsNum Type Disp Enb Address What4 breakpoint keep y 0x080483fa in test at hello.c:5 stop only if a == 10
You can use condition to modify the condition. Note that the expression does not contain "if ".
(gdb) condition 4 a == 30
(gdb) info breakpointsNum Type Disp Enb Address What2 breakpoint keep y 0x0804841b in main at hello.c:11 ignore next 1 hits4 breakpoint keep y 0x080483fa in test at hello.c:5 stop only if a == 30
3. Execute
Generally, we will set the main entry breakpoint first.
(gdb) b mainBreakpoint 1 at 0x804841b: file hello.c, line 11.
(GDB) R # Run starting program:/home/yu.pdf/learn. c/hellobreakpoint 1, main () at hello. c: 1111 int A = 0x1000;
(GDB) N # single-step execution (step over is not tracked inside the function) 12 INT B = 0x2000;
(gdb) n13 int c = test(a, b);
(GDB) s # single-step execution (trace to the function, step in) test (A = 4096, B = 8192) at hello. C: 55 int c = A + B;
(GDB) finish # continue execution until the current function ends (Step out) Run till exit from #0 test (A = 4096, B = 8192) at hello. c: 50x0804843b in main () at hello. c: 1313 int c = test (a, B); value returned is $1 = 12288
(GDB) C # continue: continue execution until the next breakpoint. Continuing.12288hello, world! Program exited normally.
4. Stack
Viewing call Stacks is undoubtedly an important part of the debugging process.
(GDB) where # view the call stack (commands with the same function include Info S and BT) #0 test (A = 4096, B = 8192) at hello. c: 5 #1 0x0804843b in main () at hello. c: 13
(GDB) frame # view the current stack frame. The current Code #0 test (A = 4096, B = 8192) at hello. C: 55 int c = a + B can also be displayed;
(GDB) info frame # obtain more detailed information about the current stack frame stack level 0, frame at 0xbfad3290: EIP = 0x80483fa in test (hello. c: 5); saved EIP 0x804843b called by frame at 0xbfad32c0 Source Language C. arglist at 0xbfad3288, argS: A = 4096, B = 8192 locals at 0xbfad3288, previous frame's SP is 0xbfad3290 saved registers: EBP at 0xbfad3288, EIP at 0xad328c
FrameModify current stack frameAnd view its details.
(gdb) frame 1#1 0x0804843b in main () at hello.c:1313 int c = test(a, b);
(gdb) info frameStack level 1, frame at 0xbfad32c0: eip = 0x804843b in main (hello.c:13); saved eip 0xb7e59775 caller of frame at 0xbfad3290 source language c. Arglist at 0xbfad32b8, args: Locals at 0xbfad32b8, Previous frame's sp at 0xbfad32b4 Saved registers: ebp at 0xbfad32b8, eip at 0xbfad32bc
5. variables and parameters
(GDB) info locals # Show local variable C = 0
(GDB) info ARGs # display function parameters (independent variables) A = 4096b = 8192
We can also switch the frame and view the information of different stack frames.
(GDB) p a # print command to display local variables and parameter values $2 = 4096
(GDB) P/x a # hexadecimal output (D: decimal; U: decimal unsigned; X: hexadecimal; O: octal; T: Binary; C: character) $10 = 0x1000
(GDB) p a + B # expressions can also be calculated $5 = 12288
Set variable can be used to modify variable values.
(gdb) set variable a=100(gdb) info argsa = 100b = 8192
6. Memory and registers
The X command displays the memory data of the specified address.
Format: X/NFU [address]
- N: displays the memory unit (group or row ).
- F: Format (in addition to the print format, there are strings S and Assembly I ).
- U: Memory Unit (B: 1 byte; H: 2 byte; W: 4 byte; G: 8 byte ).
(GDB) X/8 W 0x0804843b # display eight groups of memory data 0x804843b <main + 49>: 0x8bf04589 0x4489f045 0x04c70424 0x048530x240804844b <main + 65>: 0xfecbe808 0x04c7ffff 0x04853424 0xfecfe808
(GDB) x/8i 0x0804843b # display 8 lines of Assembly command 0x804843b <main + 49>: mov dword ptr [ebp-0x10], eax0x804843e <main + 52>: mov eax, dword ptr [ebp-0x10] 0x8048441 <main + 55>: mov dword ptr [esp + 0x4], eax0x8048445 <main + 59>: mov dword ptr [esp], 0x80485300x804844c <main + 66>: Call 0x804831c <printf @ PLT> 0x8048451 <main + 71>: mov dword ptr [esp], 0x80485340x8048458 <main + 78>: Call 0x804832c <puts @ PLT> 0x804845d <main + 83>: mov eax, 0x0
(GDB) x/S 0x08048530 # display string 0x8048530: "% d/N"
Besides"View register valueYou can also use the following command.
(GDB) info registers # Show all register data eax 0x1000 4096ecx register-register 0x1 1ebx register-1208344588esp 0xbfad3278 register 0x8048480 134513792edi 0x8048340 0x80483fa 0x80483fa <Test + 6> eflags 0x286 [pf SF if] CS 0x73 115ss 0x7b 123ds 0x7b 123es 0x7b 123fs 0x0 0gs 0x33 51
(GDB) p $ eax # display data in a single register $11 = 4096
7. Disassembly
I am not very familiar with at&t assembly, or set it to Intel format.
(GDB) set disassembly-flavor intel # sets the disassembly format
(GDB) disass main # disassembly function dump of javaser code for function main: 0x0804840a <main + 0>: Lea ECx, [esp + 0x4] 0x0804840e <main + 4>: and ESP, 0xfffffff00x08048411 <main + 7>: Push dword ptr [ecx-0x4] 0x08048414 <main + 10>: Push ebp0x08048415 <main + 11>: mov EBP, esp0x08048417 <main + 13>: Push ecx0x08048418 <main + 14>: Sub ESP, 0x240x0804841b <main + 17>: mov dword ptr [ebp-0x8], 0x10000x08048422 <main + 24>: mov dword ptr [ebp-0xc], 0x20000x08048429 <main + 31>: mov eax, dword ptr [ebp-0xc] 0x0804842c <main + 34>: mov dword ptr [esp + 0x4], eax0x08048430 <main + 38>: mov eax, dword ptr [ebp-0x8] 0x08048433 <main + 41>: mov dword ptr [esp], eax0x08048436 <main + 44>: Call 0x80483f4 <Test> 0x0804843b <main + 49>: moV dword ptr [ebp-0x10], eax0x0804843e <main + 52>: mov eax, dword ptr [ebp-0x10] 0x08048441 <main + 55>: moV dword ptr [esp + 0x4], eax0x08048445 <main + 59>: mov dword ptr [esp], 0x80485300x0804844c <main + 66>: call 0x804831c <printf @ PLT> 0x08048451 <main + 71>: mov dword ptr [esp], 0x80485340x08048458 <main + 78>: call 0x804832c <puts @ PLT> 0x0804845d <main + 83>: mov eax, 0x00x08048462 <main + 88>: Add ESP, 0x240x08048465 <main + 91>: Pop ecx0x08048466 <main + 92>: Pop ebp0x08048467 <main + 93>: Lea ESP, [ecx-0x4] 0x0804846a <main + 96>: retend of worker er dump.
You can use "B * address" to set the Assembly breakpoint, and then use "Si" and "Ni"Assembly-Level One-step executionThis is very useful for analyzing pointers and addressing.
8. Process
It is very useful to view process-related information, especially map memory data.
(gdb) help info proc statShow /proc process information about any running process.Specify any process id, or use the program being debugged by default.Specify any of the following keywords for detailed info: mappings -- list of mapped memory regions. stat -- list a bunch of random process info. status -- list a different bunch of random process info. all -- list all available /proc info.
(GDB) info proc mappings # equivalent to CAT/proc/{pid}/mapsprocess 22561 export line = '/home/yu.pdf/learn. c/Hello 'cwd = '/home/yujia/learn. c 'exe = '/home/yu.pdf/learn. c/Hello 'ed ed address spaces: Start ADDR end ADDR size offset objfile 0x8048000 0x8049000 0x1000 0/home/yu.pdf/learn. c/Hello 0x8049000 0x804a000 0x1000 0/home/yu.pdf/learn. c/Hello 0x804a000 0x804b000 0x1000 0x1000/home/yu.pdf/learn. c/Hello drawing 0x21000 drawing [heap] 0xb7565000 0xb7f67000 0xa02000 0xb7565000 0x15c000 0/lib/tls/i686/cmov/libc-2.9.so 0xb80c3000 0xb80c4000 0x1000 0x15c000/lib//i686/cmov/libc-2.9.so 0xb80c4000 0xb80c6000 0x2000 0x15c000/lib/tls/i686/cmov/libc-2.9.so 0xb80c6000 00000x1000 0x15e000/lib/tls/i686/cmov/libc-2.9.so too large 0x3000 0000000000000x2000 0xb80d9000 0xb80da000 0x1000 0xb80d9000 [vdso] 0xb80da000 00000x1c000 0/lib/ld-2.9.so 0xb80f6000 00000x1000 0x1b000/lib/ld-2.9.so limit 0x1000 0x1c000/lib/ld-2.9.so 0xbfee2000 0xbfef7000 0x15000 0xbffeb000 [Stack]
9. threads
You can set a breakpoint at pthread_create. A prompt is generated when the thread is created.
(gdb) cContinuing.[New Thread 0xb7e78b70 (LWP 2933)]
(GDB) info threads # view the list of all threads * 2 thread 0xb7e78b70 (lwp 2933) test (ARG = 0x804b008) at main. c: 24 1 thread 0xb7e796c0 (lwp 2932) 0xb7fe2430 in _ kernel_vsyscall ()
(GDB) where # display the current thread call stack #0 test (ARG = 0x804b008) at main. c: 24 #1 0xb7fc580e in start_thread (ARG = 0xb7e78b70) at pthread_create.c: 300 #2 0xb7f478de in clone () .. /sysdeps/Unix/sysv/Linux/i386/clone. s: 130
(GDB) thread 1 # Switch thread [Switching to thread 1 (thread 0xb7e796c0 (lwp 2932)] #0 0xb7fe2430 in _ kernel_vsyscall ()
(GDB) where # view the thread call stack after switching #0 0xb7fe2430 in _ kernel_vsyscall () #1 0xb7fc694d in pthread_join (threadid = 3085405040, thread_return = 0xbffff744) at pthread_join.c: 89 #2 0x08048828 in main (argc = 1, argv = 0xbffff804) at main. c: 36
10. Others
Debug sub-processes.
(gdb) set follow-fork-mode child
Temporarily go to shell to execute the command and exit to return.
(gdb) shell
Call the function directly during debugging.
(gdb) call test("abc")
You can use the "-- Tui" parameter to display a source code display window in the upper part of the terminal window.
$ gdb --tui hello
View the Command help.
(gdb) help b
Finally, exit the command.
(gdb) q
Like Linux base shell, you can enter the first few letters and press tab to complete unremembered commands.
----------- Separator ---------------
GDB also has many commands and functions are extremely powerful. But for those familiar with the luxury ide of Vs, such Command Line Debugging is a huge pain. Although I personally suggest using GDB, I do not want to use a GUI debugger to speed up the debugging process. Nemiver is good. I recommend it.