gdb 技巧
现实数组:
比如说要显示a[10]中全部的内容
用 p a显示的是地址,用p *a显示的是第一个元素
显示全部或某一个:
p (int [10])*a
或者
p *a@10
如果你使用 p *a@3 或 p *&a[0]@3 将打印从数组中从a[0]开始的3个值。如果数组元素很多比如1000个,而你想打印a[600]开始的7个,可以使用 p *&a[600]@7。
8 gdb tricks you should know
By Ksplice Post Importer on Jan 24, 2011
Despite its age, gdb remains an amazingly versatile and flexible tool, and mastering it can save you huge amounts of time when trying to debug problems in your code. In this post, I'll share 10 tips and tricks for using GDB to debug most efficiently.
I'll be using the Linux kernel for examples throughout this post, not because these examples are necessarily realistic, but because it's a large C codebase that I know and that anyone can download and take a look at. Don't worry if you aren't familiar with Linux's source in particular -- the details of the examples won't matter too much.
break WHERE if COND
If you've ever used gdb, you almost certainly know about the "breakpoint" command, which lets you break at some specified point in the debugged program.
But did you know that you can set conditional breakpoints? If you add
if CONDITION
to a breakpoint command, you can include an expression to be evaluated whenever the program reaches that point, and the program will only be stopped if the condition is fulfilled. Suppose I was debugging the Linux kernel and wanted to stop whenever init got scheduled. I could do:(gdb) break context_switch if next == init_task
Note that the condition is evaluated by gdb, not by the debugged program, so you still pay the cost of the target stopping and switching to gdb every time the breakpoint is hit. As such, they still slow the target down in relation to to how often the target location is hit, not how often the condition is met.
command
In addition to conditional breakpoints, the
command
command lets you specify commands to be run every time you hit a breakpoint. This can be used for a number of things, but one of the most basic is to augment points in a program to include debug output, without having to recompile and restart the program. I could get a minimal log of everymmap()
operation performed on a system using:(gdb) b do_mmap_pgoff
Breakpoint 1 at 0xffffffff8111a441: file mm/mmap.c, line 940.
(gdb) command 1
Type commands for when breakpoint 1 is hit, one per line.
End with a line saying just "end".
>print addr
>print len
>print prot
>end
(gdb)
gdb --args
This one is simple, but a huge timesaver if you didn't know it. If you just want to start a program under gdb, passing some arguments on the command line, you can just build your command-line like usual, and then put "gdb --args" in front to launch gdb with the target program and the argument list both set:
[~]$ gdb --args pizzamaker --deep-dish --toppings=pepperoni
...
(gdb) show args
Argument list to give program being debugged when it is started is
" --deep-dish --toppings=pepperoni".
(gdb) b main
Breakpoint 1 at 0x45467c: file oven.c, line 123.
(gdb) run
...
I find this especially useful if I want to debug a project that has some arcane wrapper script that assembles lots of environment variables and possibly arguments before launching the actual binary (I'm looking at you, libtool). Instead of trying to replicate all that state and then launch gdb, simply make a copy of the wrapper, find the final "exec" call or similar, and add "gdb --args" in front.
Finding source files
I run Ubuntu, so I can download debug symbols for most of the packages on my system from ddebs.ubuntu.com, and I can get source using
apt-get source
. But how do I tell gdb to put the two together? If the debug symbols include relative paths, I can use gdb'sdirectory
command to add the source directory to my source path:[~/src]$ apt-get source coreutils
[~/src]$ sudo apt-get install coreutils-dbgsym
[~/src]$ gdb /bin/ls
GNU gdb (GDB) 7.1-ubuntu
(gdb) list main
1192 ls.c: No such file or directory.
in ls.c
(gdb) directory ~/src/coreutils-7.4/src/
Source directories searched: /home/nelhage/src/coreutils-7.4:$cdir:$cwd
(gdb) list main
1192 }
1193 }
1194
1195 int
1196 main (int argc, char **argv)
1197 {
1198 int i;
1199 struct pending *thispend;
1200 int n_files;
1201
Sometimes, however, debug symbols end up with absolute paths, such as the kernel's. In that case, I can use
set substitute-path
to tell gdb how to translate paths:[~/src]$ apt-get source linux-image-2.6.32-25-generic
[~/src]$ sudo apt-get install linux-image-2.6.32-25-generic-dbgsym
[~/src]$ gdb /usr/lib/debug/boot/vmlinux-2.6.32-25-generic
(gdb) list schedule
5519 /build/buildd/linux-2.6.32/kernel/sched.c: No such file or directory.
in /build/buildd/linux-2.6.32/kernel/sched.c
(gdb) set substitute-path /build/buildd/linux-2.6.32 /home/nelhage/src/linux-2.6.32/
(gdb) list schedule
5519
5520 static void put_prev_task(struct rq *rq, struct task_struct *p)
5521 {
5522 u64 runtime = p->se.sum_exec_runtime - p->se.prev_sum_exec_runtime;
5523
5524 update_avg(&p->se.avg_running, runtime);
5525
5526 if (p->state == TASK_RUNNING) {
5527 /*
5528 * In order to avoid avg_overlap growing stale when we are
Debugging macros
One of the standard reasons almost everyone will tell you to prefer inline functions over macros is that debuggers tend to be better at dealing with inline functions. And in fact, by default, gdb doesn't know anything at all about macros, even when your project was built with debug symbols:
(gdb) p GFP_ATOMIC
No symbol "GFP_ATOMIC" in current context.
(gdb) p task_is_stopped(&init_task)
No symbol "task_is_stopped" in current context.
However, if you're willing to tell GCC to generate debug symbols specifically optimized for gdb, using
-ggdb3
, it can preserve this information:$ make KCFLAGS=-ggdb3
...
(gdb) break schedule
(gdb) continue
(gdb) p/x GFP_ATOMIC
$1 = 0x20
(gdb) p task_is_stopped_or_traced(init_task)
$2 = 0
You can also use the
macro
andinfo macro
commands to work with macros from inside your gdb session:(gdb) macro expand task_is_stopped_or_traced(init_task)
expands to: ((init_task->state & (4 | 8)) != 0)
(gdb) info macro task_is_stopped_or_traced
Defined at include/linux/sched.h:218
included at include/linux/nmi.h:7
included at kernel/sched.c:31
#define task_is_stopped_or_traced(task) ((task->state & (__TASK_STOPPED | __TASK_TRACED)) != 0)
Note that gdb actually knows which contexts macros are and aren't visible, so when you have the program stopped inside some function, you can only access macros visible at that point. (You can see that the "included at" lines above show you through exactly what path the macro is visible).
gdb variables
Whenever you
print
a variable in gdb, it prints this weird$NN =
before it in the output:(gdb) p 5+5
$1 = 10
This is actually a gdb variable, that you can use to reference that same variable any time later in your session:
(gdb) p $1
$2 = 10
You can also assign your own variables for convenience, using
set
:(gdb) set $foo = 4
(gdb) p $foo
$3 = 4
This can be useful to grab a reference to some complex expression or similar that you'll be referencing many times, or, for example, for simplicity in writing a conditional breakpoint (see tip 1).
Register variables
In addition to the numeric variables, and any variables you define, gdb exposes your machine's registers as pseudo-variables, including some cross-architecture aliases for common ones, like
$sp
for the the stack pointer, or$pc
for the program counter or instruction pointer.These are most useful when debugging assembly code or code without debugging symbols. Combined with a knowledge of your machine's calling convention, for example, you can use these to inspect function parameters:
(gdb) break write if $rsi == 2
will break on all writes to stderr on amd64, where the
$rsi
register is used to pass the first parameter.The
x
commandMost people who've used gdb know about the
print
orp
command, because of its obvious name, but I've been surprised how many don't know about the power of thex
command.x
(for "examine") is used to output regions of memory in various formats. It takes two arguments in a slightly unusual syntax:x/FMT ADDRESS
ADDRESS
, unsurprisingly, is the address to examine; It can be an arbitrary expression, like the argument toprint
.FMT
controls how the memory should be dumped, and consists of (up to) three components:- A numeric COUNT of how many elements to dump
- A single-character FORMAT, indicating how to interpret and display each element
- A single-character SIZE, indicating the size of each element to display.
x
displays COUNT elements of length SIZE each, starting from ADDRESS, formatting them according to the FORMAT.There are many valid "format" arguments;
help x
in gdb will give you the full list, so here's my favorites:x/x
displays elements in hex,x/d
displays them as signed decimals,x/c
displays characters,x/i
disassembles memory as instructions, andx/s
interprets memory as C strings.The SIZE argument can be one of:
b
,h
,w
, andg
, for one-, two-, four-, and eight-byte blocks, respectively.If you have debug symbols so that GDB knows the types of everything you might want to inspect,
p
is usually a better choice, but if not,x
is invaluable for taking a look at memory.[~]$ grep saved_command /proc/kallsyms
ffffffff81946000 B saved_command_line (gdb) x/s 0xffffffff81946000
ffffffff81946000 <>: "root=/dev/sda1 quiet"
x/i
is invaluable as a quick way to disassemble memory:(gdb) x/5i schedule
0xffffffff8154804a <schedule>: push %rbp
0xffffffff8154804b <schedule+1>: mov $0x11ac0,%rdx
0xffffffff81548052 <schedule+8>: mov %gs:0xb588,%rax
0xffffffff8154805b <schedule+17>: mov %rsp,%rbp
0xffffffff8154805e <schedule+20>: push %r15
If I'm stopped at a segfault in unknown code, one of the first things I try is something like
x/20i $ip-40
, to get a look at what the code I'm stopped at looks like.A quick-and-dirty but surprisingly effective way to debug memory leaks is to let the leak grow until it consumes most of a program's memory, and then attach
gdb
and justx
random pieces of memory. Since the leaked data is using up most of memory, you'll usually hit it pretty quickly, and can try to interpret what it must have come from.
gdb 技巧的更多相关文章
- GDB技巧整理
https://blog.atime.me/note/gdb-tricks.html 整理常用的gdb技巧. 常用命令 常用的gdb命令... 启动gdb 直接运行 gdb --args prog a ...
- Linux之实用GDB技巧
一.引言 在Linux下开发,肯定少不了与gdb打交道,而gdb的命令又非常多,有些是不常用的但是特殊情况下却是必须的,因此记录在此,以便翻阅 二.基本命令 前面是命令全名,在不混淆的情况下,可以简写 ...
- GDB技巧:使用终端界面模式
欢迎来到 GreatSQL社区分享的MySQL技术文章,如有疑问或想学习的内容,可以在下方评论区留言,看到后会进行解答 GreatSQL社区原创内容未经授权不得随意使用,转载请联系小编并注明来源. 简 ...
- gdb 调试多线程
基本i threads 等操作略过,只谈线程同步.异步控制: 先点到,gdb attach到主线程t1 时,所有线程都会停止,所谓同步异步效果,是指在apply continue到所有线程之后, 再切 ...
- linux内核调试指南
linux内核调试指南 一些前言 作者前言 知识从哪里来 为什么撰写本文档 为什么需要汇编级调试 ***第一部分:基础知识*** 总纲:内核世界的陷阱 源码阅读的陷阱 代码调试的陷阱 原理理解的陷阱 ...
- C 语言资源大全中文版
C 语言资源大全中文版 我想很多程序员应该记得 GitHub 上有一个 Awesome - XXX 系列的资源整理.awesome-c 是 koz.ross 发起维护的 C 语言资源列表,内容包括了: ...
- # 20145314《信息安全系统设计基础》期中复习总结 Part B
20145314<信息安全系统设计基础>期中复习总结 Part B 学习知识点内容总结 复习线索:http://group.cnblogs.com/topic/73069.html 本周的 ...
- Linux Kernel - Debug Guide (Linux内核调试指南 )
http://blog.csdn.net/blizmax6/article/details/6747601 linux内核调试指南 一些前言 作者前言 知识从哪里来 为什么撰写本文档 为什么需要汇编级 ...
- 【转贴】gdb中的信号(signal)相关调试技巧
一篇不错的帖子,讲的是gdb中的信号(signal)相关调试技巧 转自Magic C++论坛 http://www.magicunix.com/index_ch.html http://www.m ...
随机推荐
- nodejs搭配phantomjs highcharts后台生成图表
简单分享一下,后台使用nodejs结合highcharts.phantomjs生成报表图片的方法.这主要应用在日报邮件. 主要参考以下资料: http://www.highcharts.com/com ...
- IS_ERR、PTR_ERR、ERR_PTR
最近在使用filp_open打开文件时遇到到一个问题,当打开一个并不存在的文件时,filp_open返回值值为0xfffffffe,而并不是0(NULL),这是因为内核对返回指针的函数做了特殊处理.内 ...
- Windows 7下配置JDK环境变量,JAVA环境变量配置,Tomcat服务器的使用
参考来源: http://www.cnblogs.com/pannysp/archive/2012/03/07/2383364.html 1. 常识: 1.1 War包 War包一般是在进行Web开发 ...
- IDEA 创建Web项目并在Tomcat中部署运行
IDEA 14.0.5 apache-tomcat-8.0.32 步骤:File->New Project,在Java列表中勾选Web Application(3.1),点击Next 建立web ...
- java6 新特新
JAVA6新特性介绍 1. 使用JAXB来实现对象与XML之间的映射 JAXB是Java Architecture for XML Binding的缩写,可以将一个Java对象转变成为XML格式, ...
- 解析CSS加密技术之“障眼法”
CSS(Cascading Style Sheet,可译为“层叠样式表”或“级联样式表”)是一组格式设置规则,用于控制Web页面的外观.通过使用CSS样式设置页面的格式,可将页面的内容与表现形式分离. ...
- js学习总结
转自 http://blog.sina.com.cn/s/blog_75cf5f3201011csu.html 一: 关于基本数据类型在栈内存和堆内存中的关系 基本数据对于栈内存和堆内存是可以复制的, ...
- iDSDT搞定显卡和声卡 黑苹果不纠结
原帖:http://www.lovelucy.info/idsdt-mac-video-audio-drive.html 之前写过PC机上装Mac OS X系统,准备工作中最纠结的就是驱动了.在网络上 ...
- LeetCode Linked List Cycle 单链表环
题意:给一个单链表,判断其是否出现环! 思路:搞两个指针,每次,一个走两步,另一个走一步.若有环,他们会相遇,若无环,走两步的指针必定会先遇到NULL. /** * Definition for si ...
- POJ 1523 SPF (割点,连通分量)
题意:给出一个网络(不一定连通),求所有的割点,以及割点可以切分出多少个连通分量. 思路:很多种情况. (1)如果给的图已经不是连通图,直接“ No SPF nodes”. (2)求所有割点应该不难 ...