代碼調試篇(1):gdb調試快速入門指南
Author:StormQ
Monday, 25. February 2019 10:31PM
啓動 gdb
啓動一個不帶參數的進程
命令:
# executable-file 爲可執行文件的路徑
$ gdb <executable-file>
示例:
# 啓動一個不帶參數的可執行程序 main,位於./samples目錄下
$ gdb ./samples/main
啓動一個帶參數的進程
命令:
# executable-file 爲可執行文件的路徑
# arg1 爲可執行文件的第一個參數
# argn 爲可執行文件的第n個參數
$ gdb --args <executable-file> <arg1> <argn>
示例:
# 啓動一個帶參數的可執行程序 main,位於./samples目錄下
# 假設程序參數只有一個,爲配置文件 ./config.txt
$ gdb --args ./samples/main ./config.txt
調試一個正在運行的進程
命令:
$ gdb
# process-id爲要調試進程的進程ID
(gdb) attach <process-id>
示例:
$ gdb
# 假設要調試進程的進程ID爲8888
(gdb) attach 8888
使用命令文件調試進程
命令:
# command-file爲存放gdb命令的文件
# 爲了便於區分,該文件使用.gdb結尾(當然也可以使用其他格式結尾,比如:.txt)
$ gdb -x <command-file>
示例:
$ gdb -x main.gdb
假設 main.gdb 文件的內容爲:
# 指定可執行文件的路徑
file ./samples/main
# 設置可執行文件的參數(如果有的話)
set args ./config.txt
# 啓動進程
start
# 繼續執行
c
調試進程
查看進程信息
- 查看進程ID、可執行文件路徑、當前目錄
命令:
# info命名可縮寫爲i
(gdb) info proc
示例:
(gdb) i proc
process 11356
cmdline = '/home/tmp/b_Og'
cwd = '/home/tmp'
exe = '/home/tmp/b_Og'
從輸出結果中可以看出,進程ID爲 11356,進程啓動項爲 /home/tmp/b_Og,當前目錄(即啓動gdb時所在的目錄)爲 /home/tmp,可執行程序爲 /home/tmp/b_Og。
- 查看所有線程
命令:
(gdb) i threads
示例:
(gdb) i threads
Id Target Id Frame
* 1 Thread 0x7ffff7fce740 (LWP 1549) "main" 0x00007ffff7626c1d in nanosleep ()
at ../sysdeps/unix/syscall-template.S:84
2 Thread 0x7ffff6f42700 (LWP 1553) "main" 0x00007ffff7626c1d in nanosleep ()
at ../sysdeps/unix/syscall-template.S:84
打印結果中Id列左側帶*的爲當前線程,ID列爲 gdb 自定義的線程ID,Target Id爲真實的線程ID(這裏有兩個線程,線程ID分別爲:1549、1553),Frame爲線程的當前幀(包含:線程運行到什麼位置了等信息)。
- 查看斷點當前所在的線程
命令:
(gdb) p $_thread
示例:
(gdb) p $_thread
$1 = 1
注意: 打印結果所顯示的線程ID(這裏是1)是 gdb 內部自定義的(即i threads命令輸出結果中最左側的Id列的值),而不是真實的線程ID。
查看堆棧信息
- 查看當前線程的堆棧信息
命令:
# 只打印堆棧信息的調用層次
(gdb) bt
# 打印堆棧信息的調用層次,並打印函數參數和局部變量的值
(gdb) bt full
示例:
(gdb) bt
#0 0x00007ffff7626c1d in nanosleep () at ../sysdeps/unix/syscall-template.S:84
#1 0x0000000000401633 in std::this_thread::sleep_for<double, std::ratio<1l, 1000l> > (
__rtime=...) at /usr/include/c++/6/thread:323
#2 0x00000000004010ad in main () at main.cpp:11
(gdb) bt full
#0 0x00007ffff7626c1d in nanosleep () at ../sysdeps/unix/syscall-template.S:84
No locals.
#1 0x0000000000401633 in std::this_thread::sleep_for<double, std::ratio<1l, 1000l> > (
__rtime=...) at /usr/include/c++/6/thread:323
__s = {__r = 0}
__ns = {__r = 10000000}
__ts = {tv_sec = 0, tv_nsec = 7543688}
#2 0x00000000004010ad in main () at main.cpp:11
No locals.
- 查看所有線程的堆棧信息
命令:
# 只打印堆棧信息的調用層次
(gdb) thread apply all bt
或
# 只打印堆棧信息的調用層次
(gdb) thread apply all where
示例:
(gdb) thread apply all bt
Thread 2 (Thread 0x7ffff6f42700 (LWP 1553)):
#0 0x00007ffff7626c1d in nanosleep () at ../sysdeps/unix/syscall-template.S:84
#1 0x0000000000401633 in std::this_thread::sleep_for<double, std::ratio<1l, 1000l> > (
__rtime=...) at /usr/include/c++/6/thread:323
#2 0x00000000004019d7 in ShmManager::threadFunc (this=0x61fc20) at shm_manager_sim.cpp:49
#3 0x0000000000401841 in ShmManager::<lambda()>::operator()(void) const (
__closure=0x61fc68) at shm_manager_sim.cpp:28
#4 0x0000000000401e74 in std::_Bind_simple<ShmManager::start()::<lambda()>()>::_M_invoke<>(std::_Index_tuple<>) (this=0x61fc68) at /usr/include/c++/6/functional:1391
#5 0x0000000000401dfe in std::_Bind_simple<ShmManager::start()::<lambda()>()>::operator()(void) (this=0x61fc68) at /usr/include/c++/6/functional:1380
#6 0x0000000000401dce in std::thread::_State_impl<std::_Bind_simple<ShmManager::start()::<lambda()>()> >::_M_run(void) (this=0x61fc60) at /usr/include/c++/6/thread:197
#7 0x00007ffff7b0857f in ?? () from /usr/lib/x86_64-linux-gnu/libstdc++.so.6
#8 0x00007ffff761d6ba in start_thread (arg=0x7ffff6f42700) at pthread_create.c:333
#9 0x00007ffff735341d in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:109
Thread 1 (Thread 0x7ffff7fce740 (LWP 1549)):
#0 0x00007ffff7626c1d in nanosleep () at ../sysdeps/unix/syscall-template.S:84
#1 0x0000000000401633 in std::this_thread::sleep_for<double, std::ratio<1l, 1000l> > (
__rtime=...) at /usr/include/c++/6/thread:323
#2 0x00000000004010ad in main () at main.cpp:11
(gdb) thread apply all where
Thread 2 (Thread 0x7ffff6f42700 (LWP 1553)):
#0 0x00007ffff7626c1d in nanosleep () at ../sysdeps/unix/syscall-template.S:84
#1 0x0000000000401633 in std::this_thread::sleep_for<double, std::ratio<1l, 1000l> > (
__rtime=...) at /usr/include/c++/6/thread:323
#2 0x00000000004019d7 in ShmManager::threadFunc (this=0x61fc20) at shm_manager_sim.cpp:49
#3 0x0000000000401841 in ShmManager::<lambda()>::operator()(void) const (
__closure=0x61fc68) at shm_manager_sim.cpp:28
#4 0x0000000000401e74 in std::_Bind_simple<ShmManager::start()::<lambda()>()>::_M_invoke<>(std::_Index_tuple<>) (this=0x61fc68) at /usr/include/c++/6/functional:1391
#5 0x0000000000401dfe in std::_Bind_simple<ShmManager::start()::<lambda()>()>::operator()(void) (this=0x61fc68) at /usr/include/c++/6/functional:1380
#6 0x0000000000401dce in std::thread::_State_impl<std::_Bind_simple<ShmManager::start()::<lambda()>()> >::_M_run(void) (this=0x61fc60) at /usr/include/c++/6/thread:197
#7 0x00007ffff7b0857f in ?? () from /usr/lib/x86_64-linux-gnu/libstdc++.so.6
#8 0x00007ffff761d6ba in start_thread (arg=0x7ffff6f42700) at pthread_create.c:333
#9 0x00007ffff735341d in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:109
Thread 1 (Thread 0x7ffff7fce740 (LWP 1549)):
#0 0x00007ffff7626c1d in nanosleep () at ../sysdeps/unix/syscall-template.S:84
#1 0x0000000000401633 in std::this_thread::sleep_for<double, std::ratio<1l, 1000l> > (
__rtime=...) at /usr/include/c++/6/thread:323
#2 0x00000000004010ad in main () at main.cpp:11
- 查看指定線程的堆棧信息
命令:
# 先切換到指定線程,線程ID爲gdb自定義的
(gdb) thread <thread-id-by-gdb>
# 只打印堆棧信息的調用層次
(gdb) bt
示例:
(gdb) thread 2
[Switching to thread 2 (Thread 0x7ffff6f42700 (LWP 1553))]
#0 0x00007ffff7626c1d in nanosleep () at ../sysdeps/unix/syscall-template.S:84
84 in ../sysdeps/unix/syscall-template.S
(gdb) bt
#0 0x00007ffff7626c1d in nanosleep () at ../sysdeps/unix/syscall-template.S:84
#1 0x0000000000401633 in std::this_thread::sleep_for<double, std::ratio<1l, 1000l> > (
__rtime=...) at /usr/include/c++/6/thread:323
#2 0x00000000004019d7 in ShmManager::threadFunc (this=0x61fc20) at shm_manager_sim.cpp:49
#3 0x0000000000401841 in ShmManager::<lambda()>::operator()(void) const (
__closure=0x61fc68) at shm_manager_sim.cpp:28
#4 0x0000000000401e74 in std::_Bind_simple<ShmManager::start()::<lambda()>()>::_M_invoke<>(std::_Index_tuple<>) (this=0x61fc68) at /usr/include/c++/6/functional:1391
#5 0x0000000000401dfe in std::_Bind_simple<ShmManager::start()::<lambda()>()>::operator()(void) (this=0x61fc68) at /usr/include/c++/6/functional:1380
#6 0x0000000000401dce in std::thread::_State_impl<std::_Bind_simple<ShmManager::start()::<lambda()>()> >::_M_run(void) (this=0x61fc60) at /usr/include/c++/6/thread:197
#7 0x00007ffff7b0857f in ?? () from /usr/lib/x86_64-linux-gnu/libstdc++.so.6
#8 0x00007ffff761d6ba in start_thread (arg=0x7ffff6f42700) at pthread_create.c:333
#9 0x00007ffff735341d in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:109
查看/設置源碼的搜索路徑
- 查看源碼搜索路徑
命令:
(gdb) show directories
示例:
(gdb) show directories
Source directories searched: $cdir:$cwd
- 添加源碼搜索路徑
命令:
# source-code-path 爲要添加的源碼搜索路徑
(gdb) directory <source-code-path>
示例:
# 添加源碼搜索路徑爲 /usr/include/boost/
(gdb) directory /usr/include/boost/
Source directories searched: /usr/include/boost:$cdir:$cwd
- 重置爲默認的源碼搜索路徑
命令:
(gdb) directory
示例:
(gdb) directory
Reinitialize source path to empty? (y or n) y
Source directories searched: $cdir:$cwd
查看源碼/彙編
注意: 要查看源碼,需要在編譯時帶-g選項。
- 查看當前文件的源碼
命令:
(gdb) list <line-number>
示例:
(gdb) list 1
warning: Source file is more recent than executable.
1 #include "shm_manager_sim.h"
2 #include "topic_manager_sim.h"
3
4 int main()
5 {
6 TopicManager::instance();
7
8 ShmManager::instance()->start();
9
10 while(true)
- 查看指定文件的源碼
命令:
(gdb) list <file-name>:<line-number>
示例:
(gdb) list shm_manager_sim.h:10
5 #include <thread>
6
7 class ShmManager;
8 typedef std::shared_ptr<ShmManager> ShmManagerPtr;
9
10 class ShmManager
11 {
12 public:
13 static const ShmManagerPtr& instance();
14 void start();
- 上翻/下翻源碼
命令:
# 上翻源碼
(gdb) list -
# 下翻源碼
(gdb) list
示例:
(gdb) list shm_manager_sim.h:10
5 #include <thread>
6
7 class ShmManager;
8 typedef std::shared_ptr<ShmManager> ShmManagerPtr;
9
10 class ShmManager
11 {
12 public:
13 static const ShmManagerPtr& instance();
14 void start();
(gdb) list -
1 #ifndef ROS_SHM_MANAGER_H
2 #define ROS_SHM_MANAGER_H
3
4 #include <memory>
(gdb) list
5 #include <thread>
6
7 class ShmManager;
8 typedef std::shared_ptr<ShmManager> ShmManagerPtr;
9
10 class ShmManager
11 {
12 public:
13 static const ShmManagerPtr& instance();
14 void start();
- 查看指定函數的彙編代碼
命令:
# 只打印彙編代碼
(gdb) disas <function-name>
# 打印彙編代碼和對應的源碼
(gdb) disas /m <function-name>
示例:
(gdb) disas main
Dump of assembler code for function main():
0x0000000000401046 <+0>: push %rbp
0x0000000000401047 <+1>: mov %rsp,%rbp
0x000000000040104a <+4>: sub $0x20,%rsp
0x000000000040104e <+8>: mov %fs:0x28,%rax
0x0000000000401057 <+17>: mov %rax,-0x8(%rbp)
0x000000000040105b <+21>: xor %eax,%eax
0x000000000040105d <+23>: callq 0x405248 <TopicManager::instance()>
0x0000000000401062 <+28>: callq 0x401776 <ShmManager::instance()>
0x0000000000401067 <+33>: mov %rax,%rdi
0x000000000040106a <+36>: callq 0x401172 <std::__shared_ptr<ShmManager, (__gnu_cxx::_Lock_policy)2>::operator->()
const>
0x000000000040106f <+41>: mov %rax,%rdi
0x0000000000401072 <+44>: callq 0x40184a <ShmManager::start()>
...
(gdb) disas /m main
Dump of assembler code for function main():
5 {
0x0000000000401046 <+0>: push %rbp
0x0000000000401047 <+1>: mov %rsp,%rbp
0x000000000040104a <+4>: sub $0x20,%rsp
0x000000000040104e <+8>: mov %fs:0x28,%rax
0x0000000000401057 <+17>: mov %rax,-0x8(%rbp)
0x000000000040105b <+21>: xor %eax,%eax
6 TopicManager::instance();
0x000000000040105d <+23>: callq 0x405248 <TopicManager::instance()>
7
8 ShmManager::instance()->start();
0x0000000000401062 <+28>: callq 0x401776 <ShmManager::instance()>
0x0000000000401067 <+33>: mov %rax,%rdi
0x000000000040106a <+36>: callq 0x401172 <std::__shared_ptr<ShmManager, (__gnu_cxx::_Lock_policy)2>::operator->() const>
0x000000000040106f <+41>: mov %rax,%rdi
0x0000000000401072 <+44>: callq 0x40184a <ShmManager::start()>
...
查看/設置/調試斷點
- 添加斷點(所有線程)
命令:
(gdb) b <file-name>:<line-number>
示例:
(gdb) b main.cpp:13
Breakpoint 2 at 0x40108c: file main.cpp, line 13.
- 添加斷點(指定線程)
命令:
(gdb) b <file-name>:<line-number> thread <thread-id-by-gdb>
示例:
(gdb) b main.cpp:13 thread 1
Breakpoint 5 at 0x40108c: file main.cpp, line 13.
- 在指定的內存地址添加斷點
命令:
(gdb) b *<address>
示例:
(gdb) b *0x00000000004010a1
Breakpoint 7 at 0x4010a1: file main.cpp, line 13.
- 添加條件斷點
命令:
(gdb) b <file-name>:<line-number> if <expresion>
示例:
(gdb) b main.cpp:14 if TopicManager::instance()->getNumSubscriptions() > 1000
Breakpoint 6 at 0x4010b2: file main.cpp, line 14.
(gdb) i breakpoints
Num Type Disp Enb Address What
5 breakpoint keep y 0x000000000040108c in main() at main.cpp:13 thread 1
stop only in thread 1
6 breakpoint keep y 0x00000000004010b2 in main() at main.cpp:14
stop only if TopicManager::instance()->getNumSubscriptions() > 1000
- 查看所有斷點
命令:
(gdb) i breakpoints
示例:
(gdb) i breakpoints
Num Type Disp Enb Address What
2 breakpoint keep y 0x000000000040108c in main() at main.cpp:13
3 breakpoint keep y 0x000000000040105d in main() at main.cpp:6
- 查看指定斷點
命令:
(gdb) i breakpoints <breakpoint-number>
示例:
(gdb) i breakpoints 2
Num Type Disp Enb Address What
2 breakpoint keep y 0x000000000040108c in main() at main.cpp:13
- 查看指定範圍的斷點
命令:
(gdb) i breakpoints <breakpoint-number>-<breakpoint-number>
示例:
(gdb) i breakpoints 2-3
Num Type Disp Enb Address What
2 breakpoint keep y 0x000000000040108c in main() at main.cpp:13
3 breakpoint keep y 0x000000000040105d in main() at main.cpp:6
- 刪除所有斷點
命令:
(gdb) d
示例:
(gdb) d
Delete all breakpoints? (y or n) y
(gdb) i breakpoints
No breakpoints or watchpoints.
- 刪除指定斷點
命令:
(gdb) d breakpoints <breakpoint-number>
示例:
(gdb) i breakpoints
Num Type Disp Enb Address What
4 breakpoint keep y 0x000000000040108c in main() at main.cpp:16
5 breakpoint keep y 0x000000000040105d in main() at main.cpp:8
(gdb) d breakpoints 4
(gdb) i breakpoints
Num Type Disp Enb Address What
5 breakpoint keep y 0x000000000040105d in main() at main.cpp:8
- 刪除指定範圍的斷點
命令:
(gdb) d breakpoints <breakpoint-number>-<breakpoint-number>
示例:
(gdb) i breakpoints
Num Type Disp Enb Address What
5 breakpoint keep y 0x000000000040108c in main() at main.cpp:13 thread 1
stop only in thread 1
6 breakpoint keep y 0x00000000004010b2 in main() at main.cpp:14
stop only if TopicManager::instance()->getNumSubscriptions() > 1000
(gdb) d 5-6
(gdb) i breakpoints
No breakpoints or watchpoints.
- 單步調試(語句級別)
命令:
# next命令可縮寫爲n
(gdb) next
示例:
(gdb) l
4 L_Subscription getAllSubscription();
5
6 TopicManagerPtr g_topic_manager;
7 std::mutex g_topic_manager_mutex;
8 const TopicManagerPtr& TopicManager::instance()
9 {
10 if (!g_topic_manager)
11 {
12 std::lock_guard<std::mutex> lock(g_topic_manager_mutex);
13 if (!g_topic_manager)
(gdb) n
10 if (!g_topic_manager)
(gdb) n
19 return g_topic_manager;
- 單步調試(指令級別)
命令:
# nexti命令可縮寫爲ni
(gdb) nexti
示例:
(gdb) ni
0x0000000000405265 10 if (!g_topic_manager)
(gdb) ni
0x000000000040526a 10 if (!g_topic_manager)
- 跳入函數(語句級別)
命令:
# step命令可縮寫爲s
(gdb) step
示例:
(gdb) c
Continuing.
Thread 1 "main" hit Breakpoint 6, main () at main.cpp:14
14 if (TopicManager::instance()->getNumSubscriptions() > 1000)
(gdb) s
TopicManager::instance () at topic_manager_sim.cpp:9
9 {
(gdb) l
4 L_Subscription getAllSubscription();
5
6 TopicManagerPtr g_topic_manager;
7 std::mutex g_topic_manager_mutex;
8 const TopicManagerPtr& TopicManager::instance()
9 {
10 if (!g_topic_manager)
11 {
12 std::lock_guard<std::mutex> lock(g_topic_manager_mutex);
13 if (!g_topic_manager)
- 跳入函數(指令級別)
命令:
# stepi命令可縮寫爲si
(gdb) stepi
示例:
(gdb) si
TopicManager::instance () at topic_manager_sim.cpp:9
- 跳出函數
命令:
(gdb) finish
示例:
(gdb) s
TopicManager::instance () at topic_manager_sim.cpp:9
9 {
(gdb) finish
Run till exit from #0 TopicManager::instance () at topic_manager_sim.cpp:9
0x00000000004010b7 in main () at main.cpp:14
14 if (TopicManager::instance()->getNumSubscriptions() > 1000)
Value returned is $2 =
std::shared_ptr<TopicManager> (use count 1, weak count 0) = {get() = 0x620c30}
- 繼續執行
命令:
# continue命令可縮寫爲c
(gdb) continue
示例:
(gdb) c
Continuing.
Thread 1 "main" hit Breakpoint 6, main () at main.cpp:14
14 if (TopicManager::instance()->getNumSubscriptions() > 1000)
打印/更改變量的值
- 打印變量的值(只打印一次)
命令:
# print命令可縮寫爲p
(gdb) print <variable-name>
示例:
(gdb) p g_shm_manager
$3 = std::shared_ptr<ShmManager> (use count 1, weak count 0) = {get() = 0x620c80}
- 打印變量的值(自動打印)
命令:
(gdb) display <variable-name>
示例:
(gdb) display g_shm_manager
1: g_shm_manager = std::shared_ptr<ShmManager> (use count 1, weak count 0) = {get() = 0x620c80}
(gdb) n
13 std::this_thread::sleep_for(std::chrono::duration<double, std::milli>(10));
1: g_shm_manager = std::shared_ptr<ShmManager> (use count 1, weak count 0) = {get() = 0x620c80}
- 更改變量的值
命令:
(gdb) p <variable-name>=<new-value>
示例:
(gdb) p g_shm_manager._M_ptr
$5 = (ShmManager *) 0x620c80
(gdb) p g_shm_manager._M_ptr=0
$6 = (ShmManager *) 0x0
打印函數參數/局部變量的值
- 打印函數參數的值
命令:
(gdb) i args
- 打印局部變量的值
命令:
(gdb) i locals
查看/更改寄存器的值
- 查看常見寄存器的值
命令:
(gdb) i registers
示例:
(gdb) i registers
rax 0x0 0
rbx 0x0 0
rcx 0x7ffff7626c1d 140737343810589
rdx 0x0 0
rsi 0x7fffffffd8e0 140737488345312
rdi 0x0 0
rbp 0x7fffffffd930 0x7fffffffd930
rsp 0x7fffffffd910 0x7fffffffd910
r8 0x0 0
r9 0x7ffff6f42700 140737336583936
r10 0x1381 4993
r11 0x0 0
r12 0x400f50 4198224
r13 0x7fffffffda10 140737488345616
r14 0x0 0
r15 0x0 0
rip 0x4010b2 0x4010b2 <main()+108>
eflags 0x246 [ PF ZF IF ]
cs 0x33 51
ss 0x2b 43
ds 0x0 0
es 0x0 0
fs 0x0 0
gs 0x0 0
- 查看所有寄存器的值
命令:
(gdb) i registers all
- 查看指定寄存器的值
命令:
(gdb) p $<register-name>
示例:
(gdb) p $rcx
$9 = 140737343810589
- 更改指定寄存器的值
命令:
(gdb) p $<register-name>=<new-value>
示例:
(gdb) p $rcx
$9 = 140737343810589
(gdb) p $rcx=1
$10 = 1
(gdb) p $rcx
$11 = 1
查看內存的值
- 查看內存的值
命令:
(gdb) x/<n><f><u> <address>
注:
-
n 表示要打印多少個單元(1個單元是指即參數u所指定的字節數),默認值爲1。如果爲正數,那麼打印從地址addr後面的;否則打印從地址addr前面的。
-
f 表示輸出格式,默認值爲
x(十六進制)。其他可選值:i,機器指令,忽略輸出單元的大小;d,(有符號的)十進制;u,(無符號的)十進制;o,八進制;t,二進制;a,十六進制,省略最前面的0;s,字符串,且默認輸出單元大小爲b(bytes)。 -
u 表示輸出單元大小,默認值爲
w(Words,4 bytes)。其他可選值:b,bytes;h,Halfwords,2 bytes;g,Giant words,8 bytes。**注意:**執行命令x時,如果沒有顯示指定輸出單元大小,會默認使用上次所指定的值。
示例:
# 查看起始地址爲0x7fb00008f0後面的4字節的內容,並以十六進制的格式輸出
(gdb) x/wx 0x7fb00008f0
調用C/C++函數
- 調用C/C++函數
命令:
(gdb) call <function-name>
示例:
(gdb) call TopicManager::instance()->subscribe()
$13 = true
如果你覺得本文對你有所幫助,歡迎關注公衆號,支持一下!
