Linux GCC GDB section II

Source: Internet
Author: User
Tags print format

Previously wanted to verify some of the problems on the stack, but there is no good way, printf is really limited, flow on the surface, only the appearance (value, scope, law) do not see the real (address, register, process), so think of gdb--a powerful debugging tool, but also to see the assembly code, Now the two days to learn the common command to do a summary, later useful to the possible to update:

The full complement is in parentheses and the abbreviated name is available.

Example: (e) x (amine) means that both X and examine can be used

(GDB) represents the GDB environment command-line prompt.

about abbreviations , very similar to the tab feature in the Linux shell, but unlike the shell there is a default choice:

You don't have to write the whole, or not only write the first letter, such as (gdb) Layout command, if you write an L, then the default is list, Rob but, write layout--and too troublesome, you just write on LA, lay, layo are line, grab not the slot does not matter, as long as there is a little different, the default is you.

1. Enter GDB:

#gdb Test-q (Uiet)

Where test is the target executable,-Q means that you do not print a brush-screen caption such as a large string of version copyright information.

Here's a little common sense is to use GCC to compile the target file test, remember-G, indicating debugging.

Also, go directly to GDB without loading the executable file, or load the target file, and want to change another--you can use

(gdb) file test2

Or

(GDB) EXEC (-file) test2

1.2 load the core file

#gdb execfile core.xxxx

Load the core file resulting from the execfile error,

[CPP]View PlainCopy
    1. Core is generated by './coretest '.
    2. Program terminated with signal one, segmentation fault.
    3. #0 0x080486e5 in Main () at coretest.cpp:16
    4. cout << s1->i << Endl;
    5. Missing separate Debuginfos, Use:debuginfo-install glibc-2.12-1.25.el6.i686 libgcc-4.4.5-6.el6.i686 libstdc++- 4.4.5-6.el6.i686

As you can see, S1 is a null pointer, looking for a member variable from a null pointer, core dumped.

Core.xxxx is the file name of the core file, and it should be in the current path without modifying the settings. But the premise is to open the core file record:

# ulimit-c

View core file size, 0 for off

# ULIMIT-C 1000

If the core file size is set and the size represents open, an error can result in the file.

2. Establishment of breakpoints:

(GDB) b (reakpoints) <rowNums...>

<rowNums...> represents the number of lines that you want to set breakpoints

Forget what line it is? It's okay, you can use list

[CPP]View PlainCopy
    1. (GDB) List
    2. 1 #include <stdio.h>
    3. 2 int main ()
    4. 3 {
    5. 4 int i = 10;
    6. 5 i = 11;
    7. 6 printf ("The address of I is%p and the value of I are%d\n", &i,i);
    8. 7}
    9. 8

In addition, the list can also set the number of rows displayed and the specified location.

(GDB) List

(GDB) List 10

(GDB) List 5,10

(GDB) Func

For example, the default display of 10 rows, you can specify lines 5th to 10th, specify the display of a function code, and so on.

But the best advice is to open two terminals, while looking at the code, while debugging, looking comfortable.

Other than that

(GDB) layout

can also display the program code, or the frame is circled, tall on.

(GDB) b func

(GDB) B *func

The function func () establishes a breakpoint, the asterisk stands before the entry, the result of interpolation--at a glance ~!

[CPP]View PlainCopy
    1. (GDB)  b *main  
    2. breakpoint 1  at 0x80483e4: file testpc.c, line 3.  
    3. (GDB)  b main  
    4. breakpoint 2 at 0x80483ed: file testpc.c,  line 4.  
    5. num      type           disp enb address     what  
    6. 1        Breakpoint     keep y   0x080483e4 in main at  testpc.c:3  
    7. 2       breakpoint      keep y   0x080483ed in main at testpc.c:4  

which

(GDB) Info B (reakpoints)

The equivalent list prints all the breakpoints that have been established. There is a break point, of course, you can also delete the breakpoint, see the left of the list of "Num", the use of:

[CPP]View PlainCopy
    1. (GDB) d 1
    2. (GDB) Info b
    3. Num Type Disp Enb Address What
    4. 2 Breakpoint Keep Y 0x080483ed in main at Testpc.c:4
    5. (GDB)

(GDB) d (elete) Num

Represents the deletion of the first num breakpoint. You can see that the first breakpoint has been deleted.

3. Basic Commissioning Process :

If you have a break, you should use it.

The first step is to start running the program:

(GDB) R (un)

(GDB) n (EXT)

(GDB) s (TEP)

Similar to other debugs, these two bars represent step over and step in, respectively,

(GDB) C (ontinue)

Run and continue function in fact, all continue to run down until the next breakpoint stop, but the situation is not the same: Run is the start command before running, continue is a running command.

4. Assembly Style:

The basic process is gone and the introduction is compiled.

I delegate instruction (instruction)

Not very sure, at least you can not use instruction instead of I, at least, first understand the meaning of the assembly.

The instruction in front Plus I shows the assembly code, for example:

N (EXT) I

S (TEP) I

To take a step-by-step look at the assembly code and the execution process,

(gdb) NI

(GDB) Si

is essential, but you can use a carriage return to continue using the last command.


Mentioned in front of the list and layout display source code, in fact, layout can also expand the use of

[CPP]View PlainCopy
    1. (GDB) Layout asm

Display assembly code in a windowed form

5.print:

GDB provides the printing function:

Example:

(GDB) p (rint) I

Prints the current value of the I variable.

Not only the variable in the program, but also the value of the register can be printed

(GDB) P $pc

Two Little questions:

5.1. What does $pc represent, but what else can I print?

This is actually the value of the Print program counter.

First say register, besides $pc, there are%ESP,%EDP and so on,

Specifically can print those, but also involved in another command, look at one example:

[CPP]View PlainCopy
  1. (GDB) I (NFO) r (eg)
  2. (GDB)
  3. EAX 0x80484f0 134513904
  4. ECX 0xbffff304-1073745148
  5. EdX 0xb 11
  6. EBX 0xb7fc2ff4-1208209420
  7. ESP 0xbffff240 0xbffff240
  8. EBP 0xbffff268 0xbffff268
  9. ESI 0x0 0
  10. EDI 0x0 0
  11. EIP 0x8048406 0x8048406 <main+34>
  12. EFlags 0x200282 [SF IF ID]
  13. CS 0x73 115
  14. SS 0x7b 123
  15. DS 0x7b 123
  16. ES 0x7b 123
  17. FS 0x0 0
  18. GS 0x33 51

All the above can print, and can find a small rule, this info reg print, in addition to the left is the register name, the middle is the register value (that is, a memory address), the right is the value corresponding to the value of the memory address. Print $eax to verify:

[CPP]View PlainCopy
    1. (GDB) P $eax
    2. $134513904

In fact, the usage is much more than that, such as P $ to print the last printed value, $$ print on the previous printed value. Print actually has a counter, each print printing, in fact, there is a similar count++ in the internal, using print $num can display the first num printing results (such as,p $ is equivalent to p $eax), and other blabla~~~.

As for why $, greedy foreigners make all kinds of variables into $ $, so this is also GDB set environment variables ~ ~ Open a joke.

In fact, I guess, $ is also to differentiate between variables and expressions bar ~print can print an expression.

Rather than print a variable (lvalue) and print an expression (rvalue), print is, by description, a print expression, except that the expression includes a variable.

For more information, you can use Help to view instructions

In the 5.2.C language, printf has a print format control, so what about GDB print?

There are also ~

(GDB) P I
(GDB) p/a I
(GDB) P/C I
(GDB) p/f I
(GDB) p/x I
(GDB) p/o I
(GDB) p/d I
(GDB) p/t I
......

The back slash behind these parameters control the printing of the binary and format respectively:
F floating-point, C-character ...
T is binary, o Eight, x 16, D 10
Also: A and X are also printed in hexadecimal, what is the difference? Maybe it's not the same name, but the same function

The idea is a bit like C programming time to add printf print variables to monitor the program. In gdb you can also print the values of variables at any time, and more powerful (do not like C everywhere to print commands, but also can be executed, print variable plus address plus register you say strong not).

6.display:

This is a setup, set up every step of the debugging process is echoed once, a bit like echo Bar ~ ~

Example:

(GDB) display/3i $pc
, 3 refers to the display of a few lines at a time, not input, the default is 1
But how to modify, and there is an illusion, usually is once defined, then how the definition will not change (sometimes it does change ~!!! ) ~~~~~~~~~~~~
Got it

[CPP]View PlainCopy
    1. (GDB) Undisplay <dnums...>

<dnums...> is numbered, but intuitively feels like it's covered, at least not knowing how to recall the original settings
In addition, there are

[CPP]View PlainCopy
    1. Delete Display <dnums...>
    2. Disable Display <dnums...>
    3. Enable Display <dnums...>


As for how flexible? Is it first info and then enable it to represent the current use of this display?
Or do they show it at the same time? So it caused me to "some of the settings do not work, some can work" illusion.
Because (number of rows) more than the original can be "immediate effect", less than the original is not?

Clear the re-Si again, the real reason is to show several times at the same time. Terminal Brush screen similarity is too high dazzling ah have wood has ~ and no clear function ~
There is also a line, two rows of also have, three rows of also have. All settings are displayed sequentially

[CPP]View PlainCopy
  1. (GDB) Si
  2. 0xb7fec1ec in?? () from/lib/ld-linux.so.2
  3. 7:x/i $pc
  4. = 0xb7fec1ec:mov%eax,%edi
  5. 6:x/2i $pc
  6. = 0xb7fec1ec:mov%eax,%edi
  7. 0xb7fec1ee:shr $0x8,%edi
  8. 5:x/3i $pc
  9. = 0xb7fec1ec:mov%eax,%edi
  10. 0xb7fec1ee:shr $0x8,%edi
  11. 0xb7fec1f1:mov%EDI,%ECX
  12. 4:x/i $pc
  13. = 0xb7fec1ec:mov%eax,%edi

You can find your own settings by printing the display table with info display.

[CPP]View PlainCopy
    1. (GDB) Info display
    2. Auto-display expressions now in effect:
    3. Num ENB Expression
    4. 7:y/1bi $pc
    5. 6:y/2bi $pc
    6. 5:y/3bi $pc
    7. 4:y/1bi $pc

Finally, to look at all the assembly code, directly

(GDB) Disassemble

or to use Objdump (outside the question)

7.bt

Recently the server found that the normal printing method has been difficult to keep up with the bug, another reason is the error of the system restart (in fact, the project set signal Processing, SIGSEGV section error signal restart system. ), and GDB can truncate the program before restarting to prevent the system from rebooting by sticking to the error point.

But the light card in that also not ah, a layer of layer, so many function calls, you do not go in to see things ah, and then enter N (next) down to see the error has been run, so the BT (backtrace) command-backtracking.

8. Running processes

All know, run gdb to load the file, or in gdb to load files with file, want to run the program equals a new process.

Now you want to debug a running process instead of starting a new process.

Use

#ps-aux | grep execfile

Locate the running Process PID,

Use

#gdb execfile PID

Or

#gdb

(gdb) Attach PID

You can connect to a running process for debugging.

9.etc.

Other mess, such as examine.

(e) Xamine: The function and display difference is not too much, the difference is that display is a set, each jump command is displayed once, X is active display.

X/3i $pc Display 3 instructions (3 for demonstration, number optional)
(GDB) (e) x (amine)
Grammar:
X/<n/f/u> <addr>
n Select to display a few backwards from the current address
F is the display format, and s string and I integer
U represents the number of bytes requested from the current address, and if not specified, gdb defaults to 4 bytes. The u parameter can be substituted with the following character, b for single byte, h for Double Byte, W for four bytes, and G for eight bytes. When we specify the byte length, GDB starts by referring to the memory address, reads and writes the specified byte, and takes it as a value.

Example:
X/3uh 0x54320, which reads from the address 0x54320, H represents a double-byte unit, 3 represents three units, and U represents a hexadecimal

=============================================================================================================== ==========2016.2.21 added,

Set variable, you can dynamically change the value of a variable at run time by a breakpoint and manually set the method. You can also set the program run parameters before the program is run set args Hello World

Shell, as the name implies, using the shell command, save to cut out, in addition, it seems to be able to achieve the set args effect. Because you can finally run the program from the command line directly in the GDB interface.

(gdb) Shell ls

(GDB) shell./a.out param1 param2

Two cases see

http://blog.csdn.NET/huqinweI987/article/details/50706743

===========================================================================================================

0.HELP:

Front print mentioned too many functions, too many ways, want to know the most detailed, please

[CPP]View PlainCopy
    1. (GDB) Help print

About the powerful and use of help, do not repeat, use

(GDB) Help

I know everything.



--------------------------------------------------------------------------------------------------------------- -

ADDITIONAL:

GDB7.0 above (7.4)

The following routines are available:

(GDB) Set disassemble-next-on

(GDB) B main
(GDB) R
(gdb) NI
(gdb) NI
.....
This is a good, more intuitive way.

disas/m Main
Let C and the assembly display simultaneously

Linux GCC GDB section II

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.