GdB Debugging method

(reprint) Assembly debugging in GdB I think it's very good writing.

Formerly known as GDB related (gdb 10-minute tutorial) This article is written for programmers who are primarily working on Windows operating systems and need to develop cross-platform software, as well as program enthusiasts. GDB is a command-line, powerful program debugging tool, published by the GNU Open Source organization, under the Unix/linux operating system. GDB is a lot of commands, but we only need to master about 10 of the commands, we can basically complete the day-to-day Basic program debugging work. Command Explain Example File < filename > Loads the executable program files that are being debugged. Because GDB is generally executed in the directory where the debugger is being debugged, the text name does not need to be taken with a path. (gdb) file Gdb-sample R Run, running the program that is being debugged. If the breakpoint has not been previously, the entire program is executed, and if there is a breakpoint, the program pauses at the first available breakpoint. (GDB) R C Continue, continue to execute the debugger until the next breakpoint or program ends. (GDB) C b < line number > b < function name > b *< Function name > b *< Code address > d [Numbering] B:breakpoint, set breakpoints. You can specify the location of the breakpoint by using the line number function name, execution address, and so on. The "*" symbol in front of the function name indicates that the breakpoint is set in "The compiler generated prolog code." If you do not know the compilation, you can disregard this usage. D:delete Breakpoint, remove a breakpoint from the specified number, or remove all breakpoints. The breakpoint number is incremented starting from 1. (GDB) B 8 (GDB) B main (GDB) B *main (GDB) B *0x804835c (GDB) d S, n S: Execute a line of source code, if there is a function call in this code, then enter the function; N: Executes a line of source code, and the function call in this code is also executed. S is equivalent to "step into" in other debuggers; N is equivalent to step over (Single-step tracking) in other debuggers. These two commands must be available with source debugging information (GCC compiles with the "-G" parameter). (GDB) s (GDB) n Si, ni The SI command resembles the S command, and the NI command resembles the n command. The difference is that the two commands (Si/ni) are for assembly instructions, and s/n for the source code. (GDB) Si (gdb) NI P < variable name > A shorthand for print that displays the value of a specified variable (a temporary or global variable). (GDB) P I (GDB) P Nglobalvar Display ... Undisplay < numbering > Display, set the data to display after the program is interrupted and its format. For example, if you want to see the next assembly instruction that will be executed each time the program is interrupted, you can use the command "Display/i $pc" Where $pc represents the current assembly instruction,/I is displayed as 16. This command is useful when you need to care about assembly code. Undispaly, cancels the previous display setting, numbering starts at 1 increments. (GDB) display/i $pc (GDB) Undisplay 1 I For information, please refer to "Help I" for details. (GDB) I R Q Quit, exit the GDB debugging environment. (GDB) Q Help [command name] The GDB help command provides an explanation of the GDB name command. If the command name argument is specified, a detailed description of the command is displayed, and if no parameters are specified, the category displays all GDB commands for further browsing and querying by the user. (GDB) Help display /add************************************/ J Command back Jump ret Setting return value (example ret 0/ret-1) /add************************************/ Nonsense not much to say, the following start practice. First give an example of the small program, C language code, simple can not be simpler: 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21st 22 23 24 25 26 27 28 29 30 31 32 33 //This program is only a sample code for the "GdB 10 minutes tutorial," by Liigo //email:liigo@sina.com //blog:http://blog.csdn.net/liigo // WebSite:www.liigo.com #include <stdio.h> int nglobalvar = 0; int tempfunction (int a, int b) {     printf ("Tempfunction is called, a =%d, B =%d/n", A, b);     return (A + B); } int main () {     int n;         n = 1;         n++;         n--;         Nglobalvar + +         Nglobalvar-= 12;     printf ("n =%d, Nglobalvar =%d/n", n, Nglobalvar);         n = tempfunction (1, 2);     printf ("n =%d", n);     return 0; } Please copy this code and save it to the file gdb-sample.c, and then switch to the directory where the file is located, compile it with GCC: GCC Gdb-sample.c-o gdb-sample-g On the command line above, using the-o parameter specifies that the compiled generated executable file name is gdb-sample and the source code information is compiled into the executable file using the parameter-G notation. If you do not use the parameter-G, it will cause inconvenience to the following GDB debugging. Of course, if we do not have the source code of the program, naturally also cannot use the-G parameter, debugging/tracing can only be assembly code level debugging/tracking. The following "GDB" command starts GDB, which will first display the GDB description, regardless of whether it: GNU gdb Red Hat Linux (5.3POST-0.20021129.18RH) Copyright 2003 Free Software Foundation, Inc. The GDB is free software, covered by the GNU general public License, and your are Welcome to change it and/or distribute copies of it under certain conditions. Type ' show copying ' to the conditions. There is absolutely no warranty for GDB. Type ' show warranty ' for details. This is GDB was configured as "I386-redhat-linux-gnu". (GDB) The last line above (GDB) is the GDB Internal command guide, waiting for the user to enter the GDB command. The following uses the "file" command to load the debugger gdb-sample (here's gdb-sample, the executable file of the previous GCC compilation output): (gdb) file Gdb-sample Reading symbols from Gdb-sample...done. The last line indicated above has been successfully loaded. The following uses the "R" command to execute (run) the debug file because no breakpoints have been set and will be executed directly to the end of the program: (GDB) R Starting program:/home/liigo/temp/test_jmp/test_jmp/gdb-sample n = 1, Nglobalvar = 88 Tempfunction is called, a = 1, b = 2 n = 3 Program exited normally. The following uses the "B" command to set a breakpoint at the beginning of the main function (breakpoint): (GDB) B main Breakpoint 1 at 0x804835c:file gdb-sample.c, line 19. The last line above indicates that the breakpoint has been successfully set. and gives the breakpoint information: Set the breakpoint at the 19th line of the source file gdb-sample.c; This is the first breakpoint (ordinal 1) of the program; The code address at the breakpoint is 0x804835c (this value may only be valid during the debugging process). Looking back at the source code, the code in line 19th is "n = 1", which happens to be the first executable statement (preceded by "int n;" in the main function). Defines a statement for a variable, not an executable statement. Use the "R" command again to execute (run) the debugger: (GDB) R Starting program:/home/liigo/temp/gdb-sample Breakpoint 1, Main () at gdb-sample.c:19 n = 1; The program interrupts at line 19th of GDB-SAMPLE.C, where the main function is the first executable statement. The last line of information above is: "n = 1;" Is the next source code to be executed, which is the 19th line in the source code file GDB-SAMPLE.C. Use the "s" Command (step) below to execute the next line of code (that is, line 19th "n = 1;"). ）： (GDB) s n++; The information above indicates that "n = 1;" has been executed, and that the next code to be executed is "n++;" in line 20th. Now that we have executed "n = 1;", that is to assign a value of 1 to the variable n, we use the "P" command (Print) to see if the value of the variable n is 1: (GDB) P n $ = 1 Sure enough, 1. (roughly means this is the first time you use the "P" command--executing "P n" again will show "$ = 1"--this information should be of no use. ） Below we set a breakpoint at the beginning of Line 26th, the Tempfunction function (using the command "B", "B tempfunction" respectively): (GDB) B 26 Breakpoint 2 at 0x804837b:file gdb-sample.c, line 26. (GDB) B tempfunction Breakpoint 3 at 0x804832e:file gdb-sample.c, line 12. Using the "C" command to continue (Continue) to execute the debugger, the program will break at the second breakpoint (26 lines), at which point the value of the global variable Nglobalvar should be 88, and the "C" command again, and the program will break on the third breakpoint (12 rows, tempfunction At the beginning of the function, the values of the two arguments A and b of the tempfunction function should be 1 and 2 respectively: (GDB) C Continuing. Breakpoint 2, Main () at gdb-sample.c:26 Num printf ("n =%d, Nglobalvar =%d/n", n, Nglobalvar); (GDB) P Nglobalvar $ = 88 (GDB) C Continuing. n = 1, Nglobalvar = 88 Breakpoint 3, Tempfunction (A=1, b=2) at Gdb-sample.c:12 printf ("Tempfunction is called, a =%d, B =%d/n", A, b); (GDB) p a $ = 1 (GDB) P b $ = 2 Information on the above feedback everything we expected, haha ~ ~ ~ Once again, the "C" command (Continue) is executed, because there are no more breakpoints, and the program executes to the end: (GDB) C Continuing. Tempfunction is called, a = 1, b = 2 n = 3 Program exited normally. 　 Sometimes you need to see compiler-generated assembler code for assembly-level debugging or tracking, and how to operate. This requires the display command "display/i $pc" (explained in detail earlier in this command): (GDB) display/i $pc (GDB) After the program is interrupted again, the assembly code can be displayed: (GDB) R Starting program:/home/liigo/temp/test_jmp/test_jmp/gdb-sample Breakpoint 1, Main () at gdb-sample.c:19 n = 1; 1:x/i $pc 0x804835c <main+16>: Movl $0X1,0XFFFFFFFC (%EBP) See the assembly code, "n = 1;" The corresponding assembly code is "MOVL $0X1,0XFFFFFFFC (%EBP)". And after each interrupt the program will display the next assembly designation (the "si" command is used to execute an assembly code--Different from "s" Execution line C code): (GDB) Si n++; 1:x/i $pc 0x8048363 <main+23>: Lea 0XFFFFFFFC (%EBP),%eax (GDB) Si 0x08048366 n++; 1:x/i $pc 0x8048366 <main+26>: Incl (%EAX) (GDB) Si n--; 1:x/i $pc 0x8048368 <main+28>: Lea 0XFFFFFFFC (%EBP),%eax (GDB) Si 0x0804836b n--; 1:x/i $pc 0x804836b <main+31>: Decl (%eax) (GDB) Si Nglobalvar + 100; 1:x/i $pc 0x804836d <main+33>: Addl $0X64,0X80494FC 　 Next, let's try the command "b *< function name >". To be more concise, it is necessary to remove all current breakpoints (using the "D" command--delete Breakpoint): (GDB) d Delete all breakpoints? (Y or N) y (GDB) When asked if you want to delete all breakpoints, enter "Y" and press ENTER. The following uses command "B *main" to set breakpoints in the Prolog code of the main function (Prolog, Epilog, respectively, representing the code that the compiler inserts at the beginning and end of each function): (gdb) b *main Breakpoint 4 at 0x804834c:file gdb-sample.c, line. (GDB) r The program being debugged has been started already. Start it from the beginning? (Y or N) y Starting program:/home/liigo/temp/test_jmp/test_jmp/gdb-sample Breakpoint 4, Main () at Gdb-sample . c:17 { 1:x/i $pc 0x804834c <main>: Push%EBP (gdb) Si 0x0804834d { 1:x/i $pc 0x804834d <m AIN+1>: mov%esp,%ebp (gdb) SI 0x0804834f in Main () at Gdb-sample.c:17 { 1:x/i $pc 0x804834f <main+ 3>: Sub $0x8,%esp (gdb) Si 0x08048352 { 1:x/i $pc 0x8048352 <main+6>: and $0xfffffff0,%esp (GDB) Si 0x08048355 { 1:x/i $pc 0x8048355 <main+9>: mov $0x0,%eax (gdb) Si 0x0804835a { 1:x/i $pc 0x804835a <main+14>: Sub%eax,%esp (gdb) si n = 1; 1:x/i $pc 0x804835c <main+16>: Movl $0x1,0xfffffffc (%EBP) You can now use the "I r" command to display the current value in the Register ——— "I R" that is, "infomation register": (GDB) I R EAX 0xbffff6a4-1073744220 ECX 0x42015554 1107383636 EdX 0x40016bc8 1073834952 EBX 0x42130a14 1108544020 ESP 0xbffff6a0 0xbffff6a0 EBP 0xbffff6a8 0xbffff6a8 ESI 0x40015360 1073828704 EDI 0x80483f0 134513648 EIP 0x8048366 0x8048366 EFlags 0x386 902 CS 0x23 35 SS 0X2B 43 DS 0x2b 43 Es 0x2b 43 FS 0x0 0 GS 0x33 51 Of course, you can also display any of the specified register values: (GDB) I r eax EAX 0xbffff6a4-1073744220 　 The last command to introduce is "Q", Exit (Quit) GDB Debug Environment: (GDB) Q The program is running. Exit anyway? (Y or N)