My daily tools-gdb
03 Apr 2014
1. gdb principles
If you are familiar with linux, the interviewer will ask you if you have used gdb? Well, how does gdb work? And then directly dummies... How does gdb take over a process? In addition, what information can be obtained for this process, such as variables, stacks, registers, and memory images? Can I execute a breakpoint? These are some basic functions of gdb. Ptrace is simple. Let's take a look at the definition of this System Call on manual.
#include <sys/ptrace.h> ptrace( __ptrace_request request, pid_t pid, * *data);
Simple Description: Ptrace system calls provide a method for a parent process (called "tracer") to observe and control the execution of another process (called "tracee, you can also check and change the memory image and register when the tracee process is executed. This system call is mainly used for breakpoint debugging and function call tracking (It is primarily used to implement breakpoint debugging and system call tracing ).
2. gdb converts an advanced language into an assembly
For languages such as c and c ++, if you do not pay attention to memory release, "Wild Pointer" and "Null Pointer" will often appear, when the program is dumped, you need to find out the crash. The Assembly command is very important. For example:
Procedure 1:
#include <stdio.h> a[ foo * fool test={(test.henry->,test.henry->
Procedure 2:
#include <stdio.h> * foo * fool test={(test.henry->,test.henry->
The first program won't perform core dump, but the second program core dump. The reason is that, In line 2, program 1 accesses a as an array address, while Program 2 accesses the content of pointer a, and a isNULL
Pointer, which is invalid when accessing its content. You may ask, why do you know that program 1 accesses the address and Program 2 accesses the content? Then we need to compile the command for help.
Problem: The program 2dump will generate a core file. If no core file exists, use the ulimit-c unlimited command to generate the file.
[henry@localhost core]$ gdb -c core..-+: GNU GPL version or later
The above shows that when the program is executed, the bt prompts that the program has dumped 12 lines of dump, and then converted to the assembly code. We can see the mov command when 12 lines are executed.
For char a [0], the Assembly Code uses the lea command, lea 0 × 8 (% rax), % rax
For char * a, the Assembly Code uses the mov command, mov 0 × 8 (% rax), % rax
The lea command is to put the address in, while mov is to put the content in, and
NULL PointerContent is inaccessible. This is the difference between * a and a [0] mentioned above.
1
ni
Andsi
Is to execute Assembly commands in one step, andnext
Andstep
In the same way, n indicates that the current function is executed step by step, and s indicates that the function is tracked. You can jump from the current function to another function.display
Some register content can be displayed, suchdisplay /x $pc
Show Program counters.info reg
Displays the content of all registers. Tips -- NULL pointer:
If there is a NULL pointer in the program, the NULL pointer will point to the beginning of the segment address allocated by the system for the program. The system requires a 64 K segment at the beginning. The 64 K memory that requires high Access permissions in the Program (with low Access permissions) is considered as not allowed and will cause an Access Volitation error. 64 K memory is a reserved memory (that is, it cannot be allocated, accessed, or used by the program dynamic memory distributor.2 (whether this paragraph is correct or not remains to be studied)
The following code tests null pointers:
NULL (void*)0 *p1 = *p2 = *p3 =
The following is a gdb test:
[henry@localhost core]$ -g null_point_test.c -.-+: GNU GPL version or later
It can be seen that the gdb test result does not point to the beginning of 64 kB according to the NULL pointer mentioned above. (Let me know if anyone knows this problem)
3. debug the core file using gdb
UseGdb-c core File
Command to debug the core file. The debugging process may always have a bunch of question marks.Bind file corresponding to the symbol-file core file
Command to add a character set.
4. gdb condition breakpoint
The breakpoint break_num has been enabled to convert it into a conditional breakpoint:Condition break_num (breakpoint number) cond (condition)
When the condition cond is met, GDB will suspend the program execution at the breakpoint break_num.
Break break_num if cond (condition)
Define a breakpoint and make it a conditional breakpoint.
tbreak break_num
Temporary breakpoint. This segment is invalid after the breakpoint is executed once.
commands breakpoint_number
You can set to execute a program when the breakpoint breakpoint_number is executed. It means batch execution and ends with end.
Reference: