As a widely used debugger in UNIX/Linux, gdb not only provides a variety of commands, but also introduces support for scripts: one is support for existing scripting languages, such as python, you can directly write a python script, which is executed by gdb by calling the python interpreter. The other is the command file ), you can write the gdb commands that have been provided or customized by gdb in the script, and then execute them by gdb. In this article, I will introduce how to write the gdb command script.
(1) custom commands
Gdb supports custom commands in the following format:
Define commandName
Statement
......
End
Statement can be any gdb command. In addition, the custom command supports up to 10 input parameters: $ arg0, $ arg1 ...... $ Arg9, and $ argc is used to indicate the total number of parameters passed in.
The following describes how to write custom commands by combining a simple C program (test. c:
# Include <stdio. h>
Int global = 0;
Int fun_1 (void)
{
Return 1;
}
Int fun_a (void)
{
Int a = 0;
Printf ("% dn", );
}
Int main (void)
{
Fun_a ();
Return 0;
}
Compile the program into an executable file:
Gcc-g-o test. c
Then debug with gdb:
[Root @ linux: ~] $ Gdb test
GNU gdb 7.6
Copyright (C) 2013 Free Software Foundation, Inc.
License GPLv3 +: gnu gpl version 3 or later This is free software: you are free to change and redistribute it.
There is no warranty, to the extent permitted by law. Type "show copying"
And "show warranty" for details.
This GDB was configured as "x86_64-unknown-linux-gnu ".
For bug reporting instructions, please see:
<Http://www.gnu.org/software/gdb/bugs/>...
Reading symbols from/data2/home/nanxiao/test... done.
(Gdb) B fun_a
Breakpoint 1 at 0x4004d7: file test. c, line 12.
(Gdb) r
Starting program:/data2/home/nanxiao/test
Breakpoint 1, fun_a () at test. c: 12
12 int a = 0;
(Gdb) bt
#0 fun_a () at test. c: 12
#1 0x0000000000400500 in main () at test. c: 18
The bt (backtrace) command can be used to print the call stack of the current thread. Our first custom command also implements a backtrace function:
Define mybacktrace
Bt
End
How is it? Simply put, simply reuse the commands provided by gdb. The following is a verification:
(Gdb) define mybacktrace
Type commands for definition of "mybacktrace ".
End with a line saying just "end ".
> Bt
> End
(Gdb) mybacktrace
#0 fun_a () at test. c: 12
#1 0x0000000000400500 in main () at test. c: 18
Fully functional!
Next, define a value assignment command to assign the value of the second parameter to the first parameter:
Define myassign
Set var $ arg0 = $ arg1
End
Run the following command:
(Gdb) define myassign
Type commands for definition of "myassign ".
End with a line saying just "end ".
> Set var $ arg0 = $ arg1
> End
(Gdb) myassign global 3
(Gdb) p global
$1 = 3
We can see that the value of the global variable has changed to 3.
For custom commands, the passed parameters are only for simple text replacement, so you can pass in the expression of the value assignment, or even the function call:
(Gdb) myassign global fun_1 ()
(Gdb) p global
$2 = 1
The value of the global variable is changed to 1.
In addition, you can also write help documents for custom commands, that is, the information printed during the execution of the help command:
Document myassign
Assign the second parameter value to the first parameter
End
Run the help command:
(Gdb) document myassign
Type documentation for "myassign ".
End with a line saying just "end ".
> Assign the second parameter value to the first parameter
> End
(Gdb) help myassign
Assign the second parameter value to the first parameter
The help information of myassign is printed.
(2) command script
First of all, there are no special requirements for command script naming. As long as the file name is not the file name of other script languages supported by gdb (such as. py ). This will make gdb parse the command script according to the corresponding script language, and the result is naturally incorrect.
To help users write powerful scripts, gdb provides the following process control commands:
(1) conditional command: if... else... end. This is no different from the if command provided in other languages, just pay attention to the end.
(2) loop command: while... end. Gdb also provides the loop_break and loop_continue commands corresponding to the break and continue in other languages, and pay attention to the end at the end.
In addition, gdb provides many output commands. For example, the echo command is especially convenient if only a piece of text is output. In addition, there are printf commands that support formatting and output very similar to the C language, and so on.
The annotation of the script file starts with #, which is the same as that of many other script languages.
It is pointed out that the source Command should be used to execute the script in gdb, for example, "source xxx. gdb ".
(3) a complete example
Finally, we use a complete gdb script (search_byte.gdb) as an example to summarize the content mentioned in this article:
Define search_byte
If $ argc! = 3
Help search_byte
Else
Set $ begin_addr = $ arg0
Set $ end_addr = $ arg1
While $ begin_addr <= $ end_addr
If * (unsigned char *) $ begin_addr) = $ arg2
Printf "Find it! The address is 0x % xn ", $ begin_addr
Loop_break
Else
Set $ begin_addr = $ begin_addr + 1
End
End
If $ begin_addr> $ end_addr
Printf "Can't find it! N"
End
End
End
Document search_byte
Search a specified byte value (0 ~ 255) during a memory
Usage: search_byte begin_addr end_addr byte
End
This script defines the search_byte command to find a value (unsigned char type) in a specified memory segment: Enter the start address, end address, and value of the memory.
The command logic can be divided into three parts:
(A) first, judge whether there are three input parameters. If not, output the help information;
(B) search for the specified value from the starting address. If it is found, print the address value and exit the loop. Otherwise, add 1 to the address and continue searching;
(C) if it is not found in the specified memory area, print the prompt.
In addition, this script defines the help information of search_byte.
Take the above C program as an example to see how to use this gdb script:
[Root @ linux: ~] $ Gdb test
GNU gdb 7.6
Copyright (C) 2013 Free Software Foundation, Inc.
License GPLv3 +: gnu gpl version 3 or later This is free software: you are free to change and redistribute it.
There is no warranty, to the extent permitted by law. Type "show copying"
And "show warranty" for details.
This GDB was configured as "x86_64-unknown-linux-gnu ".
For bug reporting instructions, please see:
<Http://www.gnu.org/software/gdb/bugs/>...
Reading symbols from/data2/home/nanxiao/test... done.
(Gdb) p & global
$1 = (int *) 0x600900 <global>
(Gdb) p global
$2 = 0
(Gdb) source search_byte.gdb
(Gdb) search_byte 0x600900 0x600903 0
Find it! The address is 0x600900
(Gdb) search_byte 0x600900 0x600903 1
Can't find it!
The global value is 0, the starting address is 0x600900, and the ending address is 0x600903. In the global memory area, the search for 0 is successful, and the search for 1 fails.