gdb实现原理
参考链接。
gdb命令
thread apply [threadno] [all] args- 将命令传递给一个或多个线程,参见链接。
比如,thread apply all continue表示将continue命令传递给所有线程,也就是让所有线程都继续运行。rbreak- Set a breakpoint for all functions matching REGEXP. 参考链接。e.g.
rbreak file.C:.*- 给file.C的所有函数加上断点。infoshowshow environment查看全局变量set environment <var>=<value>设置环境变量
attach- 连接到正在运行的进程。与gdb -p效果相同。detach- 取消连接的进程。handle <signal> print pass nostop- 捕获信号(比如SIGSEGV)并且忽略它。handle <signal nostop。pass表示 gdb 会将捕获到的信号发回给被调试的进程。
set- 修改变量的值,比如set x=10(或set var x=10)将变量x的值改为10。参考博客。show directoriesprint- gdb默认设置打印字符串的长度为200;更改打印最大长度:set print elements <number-of-elements>,0表示unlimited.
- 打印数组:print arr[0]@3,其中@3表示打印 3 个元素。
- 以十六进制打印:p/x <var>ptype <variable name>- 打印变量类型。finish- 从函数中返回,并打印函数返回值(即使函数的return语句很复杂,也可以获取返回值)。frame <n>- 跳转到某个栈f帧。
环境变量
见链接
断点
添加断点:
1 | break file:line_no |
查看断点:
1 | info break |
删除第2个断点:
1 | delete 2 |
条件断点
break ... if cond
观察断点
捕捉断点
1 | try...catch |
打印长度的限制
- Value sizes - 参考:文档
1 | set max-value-size bytes |
打印字符长度限制
gdb默认设置打印字符串的长度为200;更改打印最大长度:
set print elements
coredump
gdb命令:gcore。
WSL无法使用gdb
WSL指Windows虚拟机。
解决方法:
1 | sudo add-apt-repository ppa:ubuntu-support-team/gdb |
gdb attach 权限报错
This is due to kernel hardening in Linux; you can disable this behavior by echo 0 > /proc/sys/kernel/yama/ptrace_scope or by modifying it in /etc/sysctl.d/10-ptrace.conf.
How to solve “ptrace operation not permitted” when trying to attach GDB to a process?
gdb debug forks
By default, when a program forks, gdb will continue to debug the parent process and the child process will run unimpeded.
If you want to follow the child process instead of the parent process, use the command set follow-fork-mode.
set follow-fork-mode mode
Set the debugger response to a program call of fork or vfork. A call to fork or vfork creates a new process. The mode argument can be:parent
The original process is debugged after a fork. The child process runs unimpeded. This is the default.child
The new process is debugged after a fork. The parent process runs unimpeded.ask
gdb 会提示让你选择 parent 还是 child 。
show follow-fork-mode
Display the current debugger response to a fork or vfork call.
On Linux, if you want to debug both the parent and child processes, use the command set detach-on-fork.
set detach-on-fork mode
Tells gdb whether to detach one of the processes after a fork, or retain debugger control over them both.on
The child process (or parent process, depending on the value of follow-fork-mode) will be detached and allowed to run independently. This is the default.off
Both processes will be held under the control of gdb. One process (child or parent, depending on the value of follow-fork-mode) is debugged as usual, while the other is held suspended.
show detach-on-fork
Show whether detach-on-fork mode is on/off.
If you issue a run command to gdb after an exec call executes, the new target restarts. To restart the parent process, use the file command with the parent executable name as its argument. By default, after an exec call executes, gdb discards the symbols of the previous executable image. You can change this behaviour with the set follow-exec-mode command.
set follow-exec-mode mode
Set debugger response to a program call of exec. An exec call replaces the program image of a process.
follow-exec-mode can be:
new
gdb creates a new inferior and rebinds the process to this new inferior. The program the process was running before the exec call can be restarted afterwards by restarting the original inferior.
For example:
1 | (gdb) info inferiors |
same
gdb keeps the process bound to the same inferior. The new executable image replaces the previous executable loaded in the inferior. Restarting the inferior after the exec call, with e.g., the run command, restarts the executable the process was running after the exec call. This is the default mode.
For example:
1 | (gdb) info inferiors |
Setting Catchpoints
gdb redirect to a log file
You need to enable logging:
1 | (gdb) set logging on |
更新:新版本 gdb 采用 set logging enabled on 。
记录输入的命令:
1 | (gdb) set trace-commands on |