Linux debugging 3-compile and debug

1. Four phases of Build

1) preprocessing: gcc-E (CPP)

Option:-D-u-I-m-G3 (output macro info for debugger)

2) Compilation: gcc-s (PC3)

Optimization Options:-O0,-O1,-O2,-O3,-OS

A comparison example of optimization level options,

# Include <stdio. h> <br/> int main () <br/> {<br/> char * c = malloc (8); <br/> memset (C,'s ', 8); <br/> return 0; <br/>}

No compilation Optimization

> Gcc-G2 memset. c

View the generated assembly code,

> Objdump-Ds A. Out

# Include <stdio. h> <br/> int main () <br/>{< br/> 4004e8: 55 push % RBP <br/> 4004e9: 48 89 E5 mov % RSP, % RBP <br/> 4004ec: 48 83 EC 10 sub $0x10, % RSP <br/> char * c = malloc (8); <br/> 4004f0: BF 08 00 00 00 mov $0x8, % EDI <br/> 4004f5: E8 0e FF callq 400408 <malloc @ PLT> <br/> 4004fa: 48 89 45 F8 mov % rax,-0x8 (% RBP) <br/> memset (C,'s ', 8); <br/> 4004fe: 48 8B 7d F8 mov-0x8 (% RBP), % RDI <br/> 400502: BA 08 00 00 00 mov $0x8, % edX <br/> 400507: Be 73 00 00 00 mov $0x73, % ESI <br/> 40050c: e8-e7 Fe FF callq 4003f8 <memset @ PLT> <br/> return 0; <br/> 400511: B8 00 00 00 00 mov $0x0, % eax <br/>}< br/> 400516: C9 leaveq <br/> 400517: C3 retq

Optimize Compilation

> Gcc-G2-O3 memset. c

# Include <stdio. h> <br/> int main () <br/> {<br/> 4004a0: 48 83 EC 08 Sub $0x8, % RSP <br/> char * c = malloc (8); <br/> 4004a4: BF 08 00 00 00 mov $0x8, % EDI <br/> 4004a9: e8 12 FF callq 4003c0 <malloc @ PLT> <br/> memset (C,'s ', 8); <br/> 4004ae: 48 Ba 73 73 73 73 mov $0x7373737373737373, % RDX <br/> 4004b5: 73 73 73 <br/> 4004b8: 48 89 10 mov % RDX, (% Rax) <br/> return 0; <br/>}< br/> 4004bb: 31 C0 XOR % eax, % eax <br/> 4004bd: 48 83 C4 08 add $0x8, % RSP

We recommend that you do not enable optimization in the test phase.

 

GDB information options:

-G =-G2

-G3 include symbols and extra.

The following shows the size of the code generated at different levels.

/Home/A/J/nomad2: CAT hello. c <br/> # include <stdio. h> <br/> int main () <br/>{< br/> printf ("Hello world! /N "); <br/> return 0; <br/>}< br/>/home/A/J/nomad2: CC hello. c-o Hg0 <br/>/home/A/J/nomad2: CC-G1 hello. c-o hg1 <br/>/home/A/J/nomad2: CC-G2 hello. c-o qq55526414 <br/>/home/A/J/nomad2: CC-G3 hello. c-o hg3 <br/>/home/A/J/nomad2: ls-LRT Hg * <br/>-rwxr-XR-x 1 nomad2 member 8828 Dec 11 Hg0 <br/>-rwxr-XR-x 1 nomad2 member 9444 Dec 11 hg1 <br/>-rwxr-XR-x 1 nomad2 member 9636 Dec 11 20:02 qq55526414 <br/>-rwxr-XR-x 1 nomad2 member 22468 Dec 11 hg3 <br/>

In the generated elf (executable & library format, magic is/x7felf, MAN 5 elf) file, the debug information occupies several sections,

/Home/A/J/nomad2: objdump-H hg1 | grep debug <br/> 26. debug_aranges limit 00c0 0000000000000000 0000000000000000 000009b0 2 ** 4 <br/> 27. debug_pubnames 00000040 0000000000000000 0000000000000000 00000a70 2 ** 0 <br/> 28. debug_info 00000221 0000000000000000 0000000000000000 00000ab0 2 ** 0 <br/> 29. debug_abbrev 00000094 0000000000000000 0000000000000000 00000cd1 2 ** 0 <br/> 30. debug_line 00000167 0000000000000000 0000000000000000 00000d65 2 ** 0 <br/> 31. debug_frame 00000040 0000000000000000 0000000000000000 00000ed0 2 ** 3 <br/> 32. debug_str limit 00b1 0000000000000000 0000000000000000 00000f10 2 ** 0 <br/> 33. debug_loc 0000004c 0000000000000000 0000000000000000 00000fc1 2 ** 0 <br/> 34. debug_ranges 00000090 0000000000000000 0000000000000000 00001010 2 ** 4 <br/>/home/A/J/nomad2: objdump-H hg3 | grep debug <br/> 26. debug_aranges limit 00c0 0000000000000000 0000000000000000 000009b0 2 ** 4 <br/> 27. debug_pubnames 00000040 0000000000000000 0000000000000000 00000a70 2 ** 0 <br/> 28. debug_info 000002b3 0000000000000000 0000000000000000 00000ab0 2 ** 0 <br/> 29. debug_abbrev 000000ae 0000000000000000 0000000000000000 00000d63 2 ** 0 <br/> 30. debug_line 000002aa 0000000000000000 0000000000000000 00000e11 2 ** 0 <br/> 31. debug_frame 00000040 0000000000000000 0000000000000000 limit 10c0 2 ** 3 <br/> 32. debug_str limit 00b1 0000000000000000 0000000000000000 00001100 2 ** 0 <br/> 33. debug_loc limit 004c 0000000000000000 0000000000000000 limit 11b1 2 ** 0 <br/> 34. debug_macinfo 00003085 0000000000000000 0000000000000000 running 11fd 2 ** 0 <br/> 35. debug_ranges 00000090 0000000000000000 0000000000000000 00004290 2 ** 4

You can use objdump-W to view the specific debug section information.

 

3) Assembly: gcc-C ()

You can use the-M (achine) option to specify the code that generates the target platform.

4) Link: LD

Insertion of libraries (static) or reference (dynamic ).

Option:

-L-l-shared-static

 

In the release stage, you can strip the debug information, and the "-d" option only deletes the debugging symbol information.

/Home/A/J/nomad2: strip-D hg3 <br/>/home/A/J/nomad2: strip-D qq55526414 <br/>/home/A/J/nomad2: strip-D hg1 <br/>/home/A/J/nomad2: strip-D Hg0 <br/>/home/A/J/nomad2: ls-LRT Hg * <br/>-rwxr-XR-x 1 nomad2 member 6575 Dec 11 hg3 <br/>-rwxr-XR-x 1 nomad2 member 6575 Dec 11 -rwxr-XR-x 1 nomad2 member 6575 Dec 11 hg1 <br/>-rwxr-XR-x 1 nomad2 member 6575 Dec 11 Hg0 <br/ >/home/A/J/nomad2: strip hg3 <br/>/home/A/J/nomad2: Strip Hg <br/>/home/A/J/nomad2: strip hg1 <br/>/home/A/J/nomad2: Strip Hg0 <br/>/home/A/J/nomad2: ls-LRT Hg * <br/>-rwxr-XR-x 1 nomad2 member 4496 Dec 11 hg3 <br/>-rwxr-XR-x 1 nomad2 member 4496 Dec 11 -rwxr-XR-x 1 nomad2 member 4496 Dec 11 hg1 <br/>-rwxr-XR-x 1 nomad2 member 4496 Dec 11 Hg0

 

2. parse elf tools

1) objdump

Common options:-D (disassembly code segment),-g-W (display debugging information),-s (same as-D, display source file ), -s (display all segments in hexadecimal format),-T (display symbol table),-X (display all header information)

2) readelf

3) nm: indicates the symbol table, which must not be strip

/Home/A/J/nomad2: Nm hg3 <br/> NM: hg3: no symbols

4) LDD: resolve shared library Dependencies

 

For example,

/Home/A/J/nomad2: File/lib/librt-2.7.so <br/>/lib/librt-2.7.so: Elf 64-bit LSB shared object, x86-64, Version 1 (sysv ), for GNU/Linux 2.6.8, stripped <br/>/home/A/J/nomad2: File. out <br/>. out: Elf 64-bit LSB executable, x86-64, Version 1 (sysv), for GNU/Linux 2.6.8, dynamically linked (uses SHARED libs), not stripped

The load of a dynamic library can be divided into loading time and Runtime (dl_open). The following is an example of loading a dynamic library at runtime.

Nomad2 @ Ubuntu :~ /C $ Cat D. c <br/> # include <dlfcn. h> <br/> # include <stdio. h> <br/> int main (INT argc, char ** argv) <br/>{< br/> void * So = dlopen ("/lib/libc. so.6 ", rtld_now); <br/> void * f = dlsym (So, argv [1]); <br/> If (f) <br/>{< br/> printf ("find % s in libc/N", argv [1]); <br/>}< br/> else <br/> {<br/> printf ("can't find % s in libc/N", argv [1]); <br/>}< br/> nomad2 @ Ubuntu :~ /C $ CC-LDL-G2 D. C <br/> nomad2 @ Ubuntu :~ /C $./A. Out printf <br/> Find printf in libc <br/> nomad2 @ Ubuntu :~ /C $./A. Out printfa <br/> can't find printfa in libc

 

3. GDB

Three usage modes:

1) Start a binary in the debugger, gdb a. Out

2) running process attachment, gdb a. out PID

3) post-mortem, Core File Analysis, gdb a. out core

Summary of Common commands:

Break, BT (Backtrack of stack call of current thread), disass, I R, stepi, info threads, R, C, p, x (dump memory from address)

 

About core files

1) ulimit-C-s-t

Note that the compiler also needs stack space when compiling a program. You can use the getrlimit and setrlimit functions to get/set resource limits.

/Home/A/J/nomad2: ulimit-A <br/> core file size (blocks,-C) 0 <br/> data seg size (Kbytes,-d) 100000 <br/> scheduling priority (-e) 0 <br/> file size (blocks,-f) unlimited <br/> pending signals (-I) 69632 <br/> Max locked memory (Kbytes,-l) 32 <br/> MAX memory size (Kbytes,-m) 100000 <br/> open files (-N) 1024 <br/> pipe size (512 bytes,-p) 8 <br/> POSIX message queues (bytes,-q) 819200 <br/> real-time priority (-R) 0 <br/> stack size (Kbytes,-S) 8192 <br/> CPU time (seconds,-T) 1000 <br/> MAX user processes (-u) 64 <br/> virtual memory (Kbytes,-v) unlimited <br/> File locks (-x) Unlimited

2) Core File Format

/Home/A/J/nomad2: CAT/proc/sys/kernel/core_pattern <br/> Core

MAN 5 core to reference the naming rule of core dump files.

 

Note: If a core occurs, but GDB backtrace cannot find the function core, you can first LDD the program to see which dynamic link libraries are dependent on, then, the NM dynamically links to the database and searches for the first few digits of the core address to determine the function core. The general text segment starts with 0x8.

 

For a running program, you can check the maps file to determine the so address range, for example

Nomad2 @ Ubuntu:/proc/26847 $ PWD <br/>/proc/26847 <br/> nomad2 @ Ubuntu: /proc/26847 $ cat maps <br/> 00400000-004be000 R-XP 00000000 08:01 17694722/bin/bash <br/> 006bd000-006c7000 RW-P 000bd000 08:01 17694722/bin/bash <br/> 006c7000-0097a000 RW-P 006c7000 00:00 0 [heap] <br/> lead r -- s 00000000 08:01 8323249/var/Cache/nscd/passwd <br/> lead R-XP 00000000 17825953/lib/libc-2.7.so <br/> 7fbadc033000-7fbadc233000 --- P 00158000 08:01 17825953/lib/libc-2.7.so <br/> 7fbadc233000-7fbadc236000 r -- p 00158000 08:01 17825953/lib/libc-2.7.so <br/> mongorw -P 0015b000 08:01 17825953/lib/libc-2.7.so <br/> 7fbadc238000-7fbadc23d000 RW-P 7fbadc238000 00:00 0 <br/> limit R-XP 00000000 08:01 17825970/lib/libdl-2.7.so <br/> limit --- P 00002000 17825970/lib/libdl-2.7.so <br/> mongorw-P 00002000 17825970/lib/libdl-2.7.so <br/> 7fbadc441000-7fbadc478000 R-XP 00000000 17825802/lib/libncurses. so.5.6 <br/> 7fbadc478000-7fbadc677000 --- P 00037000 01 17825802/lib/libncurses. so.5.6 <br/> 7fbadc677000-7fbadc67c000 RW-P 00036000 01 17825802/lib/libncurses. so.5.6 <br/> export R-XP 00000000 17825944/lib/ld-2.7.so <br/> export RW-P 7fbadc889000 00:00 0 <br/> export RW-P 7fbadc896000 00:00 0 <br /> export RW-P 0001d000 08:01 17825944/lib/ld-2.7.so <br/> export RW-P 7ffffea000 00:00 0 [Stack] <br/> export R-XP 7fffe49fe000 00:00 0 [vdso] <br/> ffffffffff600000-ffffffffff601000 R-XP 00000000 0 [vsyscall]