#+OPTIONS: toc:nil date:nil #+CREATOR: Emacs 26.1 (Org mode 9.1.9) #+TITLE: GDB Intro #+AUTHOR: Sergio Durigan Junior @@latex:\\@@ sergiodj@{sergiodj.net,redhat.com,debian.org} #+LANGUAGE: en * License - License: *Creative Commons Attribution 4.0 International License (CC-BY-4.0)* - https://creativecommons.org/licenses/by/4.0/ * Introduction - =GDB=: =GNU= project's Debugger @@latex:\pause@@ (it is *not* a /database/...). Supports several programming languages. - Started around 1986 by Richard Stallman (after *GNU Emacs*, but likely before *GCC*). * Compiling your program for GDB - Your program needs to contain *debug information* (also called =DWARF=) for GDB to consume. #+BEAMER: \pause - The GCC flag to include debug information is =-g=. We also use =-g3=, which includes information about macros (=#define=). #+BEAMER: \pause - It's common to *disable optimizations* when building the binary, by using the flag =-O0= (it's /dash-oh-zero/). #+BEAMER: \pause - =# gcc -O0 -g program.c -o program=, /or/ - ~# CFLAGS='-O0 -g' ./configure && make~ * Running your program using GDB - In GDB's parlance, the program being debugged is called the *inferior*. #+BEAMER: \pause - Some ways to start the debugger: #+BEAMER: \pause - =# gdb ./program= #+BEAMER: \pause - =# gdb --args ./program arg1 arg2= #+BEAMER: \pause - =# gdb= @@latex: \\@@ =(gdb) file ./program= @@latex: \\@@ =(gdb) run arg1 arg2= * {Break,Catch,Watch}points - A *breakpoint* is related to /source code/ (location, function). A *watchpoint* is related to /data/ (read/write of a variable). A *catchpoint* is related to an /event/ (enter/exit a syscall, fork, receive a signal). #+BEAMER: \pause - Breakpoints (/code/) - =break= - =tbreak= (temporary) #+BEAMER: \pause - Watchpoints (/data/) - =watch= (write), =rwatch= (read), =awatch= (access) - Conditional watchpoints are supported. #+BEAMER: \pause - Catchpoints (/events/) - =catch fork= - =catch syscall= * Resuming the execution - After GDB has stopped the inferior (because a =*point= has been hit, for example), you will probably want to resume its execution. #+BEAMER: \pause - You may just want to continue the program: - =continue= #+BEAMER: \pause - Or maybe go to the next statement/instruction: - =next= (/statement/), or =nexti= (/instruction/) #+BEAMER: \pause - Or step into a function: - =step= (/statement/), or =stepi= (/instruction/) #+BEAMER: \pause - Or finish executing the current function, but stop at the end: - =finish= * Examining data - The inferior has stopped... Now what? #+BEAMER: \pause - You may want to print the value of some variable: - =print VAR= #+BEAMER: \pause - Or examine a memory location: - =x ADDRESS= #+BEAMER: \pause - The type of a variable? Easy: - =whatis VARIABLE= #+BEAMER: \pause - Hint: you may want to enable pretty-printing: - =set print pretty on= * Examining the code - Yes, we have =ncurses=! The @@latex:\textbf{T}@@ext @@latex:\textbf{U}@@user @@latex:\textbf{I}@@nterface! - =C-x a= (that's =CTRL x a=). #+BEAMER: \pause - If you want to list the current region, or if you don't want/can't to use TUI: - =list= #+BEAMER: \pause - You can also disassemble code: - =disassemble= #+BEAMER: \pause - If GDB can't find the source code, you can specify its location using the =dir= command. * Examining the call stack - If you want to see the call stack (A.K.A. stack trace) that lead to the current function: - =bt= #+BEAMER: \pause - And you can move through it: - =up= and =down= - You can also go to a specific frame: =frame NUMBER= * Corefiles - *Corefiles* are frozen images of the inferior. You can inspect everything that was happening when the process was running (but you can't resurrect it). #+BEAMER: \pause - You can generate them /outside/ GDB, when a program crashes. Make sure you: - =ulimit -c unlimited= - Check if =systemd= is handling them (=/proc/sys/kernel/core_pattern=). #+BEAMER: \pause - You can also generate them /inside/ GDB, at any moment: - =generate-core-file= #+BEAMER: \pause - You can open a corefile using GDB: - =# gdb program -c corefile.PID= * Other interesting information - =info breakpoints= - =info locals= - =info registers= - Many others! * Who you gonna call? - Our online documentation (=info=) is very good! - Every command has a =help=. - You can also use =apropos= when searching for a term. - =TAB=-completion is also useful. * Other advanced features - Python support. - Reverse debugging. - Support for /SystemTap SDT probes/. * Thank you - Thanks to Red Hat for the support. - Thanks to Paul Nijjar and Bob Jonkman for the invitation. - Thanks to you for watching!