How the debugger works)

How the debugger works

How debuggers work
Http://www.douban.com/subject/1970421/
Translated by Liu Jianwen (http://blog.csdn.net/keminlau)

 
 

  
  
Author: Jonathan B. Rosenberg Subtitle: algorithms, data structures, and architecture ISBN: 9780471149668 pages: 272 pricing: USD 49.99 Press: Wiley frame: paperback publishing year:
 
 

Perfacewho shocould read this book

This book is for people Wha are curious about how debuggers work. It is also for those brave individuals who are embarking on the creation of
New debugger or a tool similar to a debuggers. even for developers who are not building a debugger, this book has a lot to offer. every developer has spent-and will spend-an enormous time in front of one debugger or another, and if you understand a complex tool -- which debuggers most certainly are -- you can use it and understand what it is telling you and why much better. debuggers, very complex beasts, have direct interactions with the CPU and intimate dealings with the operating system; they must be built closely is conjunction with the complier, linker and other applicatian development tools. people interested in systems technology will find a lot to dig into in this book. finally, anyone interested in algrithrns will find a lot of unique and interesting algorithms that debuggers use to perform their normal functions.

This book is intended for those curious about how the debugger works. This book is also written to brave programmers who are writing a new debugger or tools similar to the debugger. Even programmers who do not plan to write a debugger, this book is of great benefit to them, because programmers have to spend a lot of time dealing with one or more debuggers every day, if programmers can understand this complicated guy, isn't it easier to control it to complete the work? The debugger, a complex monster, interacts directly with the CPU and is closely related to the operating system. It has an inseparable partnership with compilers, connectors, and development tools. Readers who are interested in system technology will also find that this book has a deep understanding of this aspect. Finally, Readers interested in algorithms can find the unique and interesting algorithms used by the debugger.

What will you get out of this book?

You will see how hardware has evolved to support debugging. this dimension is important because debugging keeps getting more and more essential and the requirements on debuggers and the functionality they offer keep rising. similar to the hardware evolution, the operating systems and their support and understanding of debuggers have grown enormously in the past ten years. but it is clear -- and I will show why-that operating systems have a long way to go to provide what debuggers really need to develop outstanding functionality for debugging the kinds of applications now in demand. I will give you a much better understanding of how these vital and very complex tools work-I will give you a detailed look "under the hood. "If you shoshould ever need to build a debugger-from a simple, specialized debugging tool to be used only, by you, all the way up to a battle-hardened, production-quality, mass marker debugger-I try to document here the collective knowledge of a broad array of Debugger technology. and finally, you will learn about some very interesting and sometimes very clever algorism employed in debuggers. wherever possible, I will call out, in a stylized fashion, the most interesting, must important debugger algorithms.

You will understand how hardware evolved to support debugging. The hardware dimension is very important, because the debugging needs to be more and more aggressive, and the debugger functions are constantly increasing. Similar to the evolution of hardware, the operating system and its support for debuggers have undergone dramatic changes over the last decade. However, it is clear that the operating system (we explain why) has gone a long way to provide the functions required by the debugger. We will unveil the mystery and complexity of the debugger so that you can better understand how it works. If you want to write a debugger, whether it is a simple, special, or complex Debugger for your own use, here are some techniques related to writing the debugger. Finally, you will learn some interesting things used by the debugger implementation, sometimes a pretty clever algorithm implementation.

Layout of this book

. Chapter 1 is introductory and covers basic principals of debuggers and the environments in which they operate.
. Chapter 2 gives an overview of Debugger architecture-what the interface and paradigms are, how a debugger is put together, and how the various components interact.
. Chapters 3 and 4 cover basic underlying infrastructure: hardware and operating system support needed by debuggers to be able to provide the most basic functionality.
. Chapter 5 delves into the details of how a debugger controls the execution of a child process (which we will usually call the debuggee .)
. Chapter 6 then encounter es the algorithms and data structures behind breakpoints and single-Stepping-the two most important ways in which a debugger control the execution of the debuggee. breakpoints like probes placed into a running program to observe it during operation (and without changing the program beforehand ). single-stepping is a way to carefully "Walk through" a program to watch its behavior step-by-step and observe its control flow

Chapter 1 describes the basic principle and operating environment of the debugger;
Chapter 2 describes the debugger architecture-what are the structures and interfaces, and how elements are integrated and interacted with each other;
Chapter 3 Chapter 4 describes the foundation of the debugger-the support provided by hardware and operating systems for the debugger to complete the most basic functions;
Chapter 5 discusses in depth the details of debugging how to control the sub-processes to be debugged (usually called debuggee;
Chapter 6 analyzes the algorithms and data structures used behind the breakpoint and one-step debugging technologies. A breakpoint is like a probe sticking to a running program. You do not have to modify the program before observing its status. While single-step debugging ......

. Chapters 7 and 8 focus on three aspects of observing a program's context. first, I examines stack back traces. next I need e the why's and wherefores of disconfiguring hardware instructions and relating them back to the user's original source code. and finally, I need e in derail the very large topic of inspecting program variables in the debuggee. this operation des symbol table lookup, scope resolution, address mappings, expression evaluation, function evaluation and more.
Chapter 9 covers the complex and vitally important issues of multi-threaded debugging. the modern operating systems provide "just enough rope" to start using threads and to quickly run into serious programming -- and debugging -- issues with threads. debuggers are still supposed to help you solve the resulting difficult multithreaded bugs.
. Chapter 10 addresses the special circumstances of debugging gui (graphical user interface) applications. because almost all applications have a major user interface component and because almost all modern GUI systems are event-based, there are a lot of important common issues to cover.
. Chapter 11 focuses on special uses of debuggers for debugger-related tools such as memory resume uption failed, reverse execution, hooking debuggers, remote resume, architecture machines, and the role of distributed objects.
, Chapter 12 covers the very complex issues surrounding debugging optimized code. the microprocessors industry trend is toward more and mere RISC processors (even intel is moving in this direction), and Proteus demands better and better Compiler optimization work to meet its performance goals. this will put more and more pressure on debuggers to handle these optimizations, without having to pull out all optimizations just to debug application.

Chapter 7 Chapter 8 focuses on three aspects of the context of the debugger. The first is stack back traces, followed by source code disassembly, and the last is a major topic-checking program variables. This section describes symbolic search, scope resolution, address ing, expression evaluation, and function evaluation.
Chapter 9 describes multi-thread debugging;
Chapter 10 describes the debugging of GUI applications. Most applications have user interfaces, while most user interfaces are event-driven. event-driven has many common and important problems to deal.
Chapter 2 describes special applications of the debugger, such as debugging Memory Corruption, reverse execution, hook sub-debugger, remote debugging, parallel system debugging, and distributed object debugging.
Chapter 2 describes various complex problems arising from debugging and optimization code.

Introduction

Debuggers are critical tools for the development of software. they are studied very little, as compared, for example, to compilers. but more hours are typically spent debugging programs than compiling them. debuggers are very difficult tools to build robustly because they depend heavily on relatively weak portions of operating systems and because they tend to stress the underlying operating system's capabilities. more sophisticated operating system features and the relentless trend toward mare advanced graphical programs put increased demands an debugger capabilities. this book is an introduction to how debuggers operate, and it discusses algorithm used by production debuggers.

Debugger is an important tool in software development, but it has been studied too little compared with the compiler. The debugging time is much longer than the Compilation Time. The debugger is very difficult to write robust because it is heavily dependent on the operating system because it ......

Basic concepts of debuggers

The term debugger is something of a misnomer. strictly speaking, a debugger is a tool to help track down, isolate, and remove bugs from software programs. bugs are Software defects that have been affectionately known as "bugs" 'since the infamous math of the Harvard mark I ". in truth, debuggers are tools to illuminate the dynamic nature of a program -- they are used to understand a program as well as find and fix defects. debuggers are the magnifying glass, the microscope, the logic analyzer, the profiler, And the browser with which a program can be examined. in spite of the limited scope of the term debugger, l will still use this term to describe these software analyzers.

The word "Debugger" is a false name. Strictly speaking, the debugger is a tool used to help track, isolate, and remove errors of the software program itself. Programs with "Bugs" are unqualified products. More importantly, a debugger is a tool that shows the dynamic nature of a software program. It helps you understand the software program and find and remove its errors. The debugger is a magnifier, a microscope, a logic analyzer, a profiling tool, and a browser used to check software programs. It can be seen that the "Debugger" is actually a software analysis tool.

Debuggers are quite complex pieces of software. their inner workings require a suite of sophisticated algorithm and data structures to accomplish their tasks. debuggers also require an exceptionally close cooperation with and intimate knowledge of the operating system. these algorithms and interfaces are one of the subjects of this book. to discuss debuggers adequately, I must first cover some background information and terminology here are some basic questions about debuggers I will answer to provide the necessary background from which to start:
U what are they?
U who uses them?
U how are they used?
U why are they used?
U when are they used?
U how do they work?

Why are they used? Why?

Debuggers are a necessary part of the engineering process when dealing with something as complex as software systems. all interactions cannot be predicted, specifications usually are not written to the level of programming details, and implementation is an inherently difficult and error-prone process. as software gets continuously mare complex, debuggers become more and more important in tracking down problems.

Debugger becomes more and more important as the complexity of software systems increases. Because various (CODE) interactions cannot be predicted, but the specification often does not specify the details of the code, and the implementation of the code is an inherently error-prone process.

How do they work? How does it work?

How debuggers work and how they will change over time are the primary subjects of this book. first, to present a complete overview, the various types of debuggers, the variety of approaches used to accomplish debugging, and a brief history of debugging are covered.
There are numerous approaches to debugging-perhaps as same as there are bugs. A few of the techniques used include using print statements, printing to log files, sprinkling the Code with assertions, using post-mortem dumps, having programs that provide function call stacks an termination, profiling, heap checking, automatic data flow analysis, reverse execution, system call tracing tool and, of course, interactive source-level debugging.

How a debugger works and its evolution is one of the main contents of this book. First, let's take a comprehensive look at how different debuggers are used. Then, let's take a look at the history of debugging technology. There are as many debugging methods as there are bugs. These debugging methods include printing expression values, output log files, sprinkling the Code with assertions, post-mortem dumps) check the function call stack program, heap check, automatic data flow analysis, reverse execution, system call tracking tools, and of course source code-level interactive debugging.

A very important class of debugging is source-level symbolic debugging-the primary emphasis of this back. the model presented to the user is that the user's high-level language source code is executed directly by the CPU.
Source-level symbolic debugging proves to be the most valid tive and most frequently used technique for debugging end-user applications.
The historical progression of debugging tools has gone from static past-mortem dumps, to more interactive dump analyzers, to machine-level debuggers, to basic symbolic debuggers, to command-line symbolic debuggers, to full-screen text mode debuggers, to graphical user interface (GUI) debuggers, to the current state-of-the-arc, full-fledged programming environments that integrate editor compiler, debugger, browser, profiler; and more.

Source code-level debugging is an important debugging method and a debugging method concentrated in this book. The model you see is like the CPU directly executes the advanced language code instead of the machine code. This source code-level debugging symbol debugging method is currently the most effective, because it finds a balance between the user's understanding and controllability. The history of debugging tools has gone through static memory dump, interactive memory dump analysis, machine-level debugger, simple symbol debugger, command line symbol debugger, and full-screen character mode debugger, to the GUI debugger, to the present full-featured debugger integrated with IDE (Editor, compiler, linker, browser and Profiler.

Current state-of-the-art

The state-of-the-art "Debugger" covers a lot more, functionality than its name implies. for example, it may log all cballs to certain APIs, and it may provide sophisticated profiling capabilities as well as other capabilities that stretch the traditional view of "debugging."

Current debuggers can all control the execution of the program under scrutiny using breakpoints and instruction-level single-step. a breakpoint is a special code placed in the executing code stream that, when executed, causes a special trap to occur that the processor and the operating system report to the debugger. most CPUs have special instructions far this purpose, provided explicitly for use by a debugger. single-step allows the debugger to control the processor executing the subject Program at such a fine-grained level that only a single machine instruction may be executed. again, most modern processors have a special mode that can be set by a debugger that causes the processor, when told to commence execution, to execute only a single instruction before stopping and giving control hack to the debugger program.

In spite of how much can be gained by building debugging tools that model the High-level source being directly executed, it is also important that debuggers show clue underlying implementation this is why debuggers provide disassembly views and direct access to hardware registers.

The user gains a lot of confidence from these views because, when chasing a bug, the user must believe that some aspects of the program or its environment are acting as expected and can be counted on. users typically keep trying our theories that explain a bug by checking all the things that must he true in order to support that theory.