1、简介

GDB是GNU开源组织发布的一个强大的UNIX下的程序调试工具。如果你是在 UNIX平台下做软件,你会发现GDB这个调试工具有比VC、BCB的图形化调试器更强大的功能。同时GDB也具有例如ddd这样的图形化的调试端

2、调试C/C++程序

直接上代码了

#include<iostream>

using namespace std;

long factorial(int n); 

int main()

{

    int n(0);

    cin>>n;

    long val=factorial(n);

    cout<<val<<endl;

    cin.get();

    return 0;

}

long factorial(int n)

{

    long result(1);

    while(n--)

    {

        result*=n;

    }

    return result;

}

编译

g++ k.cpp -g -Wall -Werror -o main

开始调试

[root@localhost code]# gdb ./main

GNU gdb (GDB) Red Hat Enterprise Linux (7.2-83.el6)

Copyright (C) 2010 Free Software Foundation, Inc.

License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>

This is free software: you are free to change and redistribute it.

There is NO WARRANTY, to the extent permitted by law.  Type "show copying"

and "show warranty" for details.

This GDB was configured as "i686-redhat-linux-gnu".

For bug reporting instructions, please see:

<http://www.gnu.org/software/gdb/bugs/>...

Reading symbols from /code/main...done.

(gdb) l

warning: Source file is more recent than executable.

1       #include<iostream>

2       using namespace std;

3       long factorial(int n);

4

5       int main()

6       {

7           int n(0);

8           cin>>n;

9           long val=factorial(n);

10          cout<<val<<endl;

(gdb)

设置断点 break linenumber

(gdb) b 9

Breakpoint 1 at 0x80486f9: file k.cpp, line 9.

(gdb) r

Starting program: /code/main

4

Breakpoint 1, main () at k.cpp:9

9           long val=factorial(n);

设置观察点 watch var

(gdb) s

factorial (n=4) at k.cpp:17

17          long result(1);

(gdb) l

12          return 0;

13      }

14

15      long factorial(int n)

16      {

17          long result(1);

18          while(n--)

19          {

20              result*=n;

21          }

(gdb) watch n

Hardware watchpoint 2: n

(gdb) watch result

Hardware watchpoint 3: result

(gdb) c

Continuing.

Hardware watchpoint 3: result

Old value = 0

New value = 1

factorial (n=4) at k.cpp:18

18          while(n--)

(gdb)

Continuing.

Hardware watchpoint 2: n

Old value = 4

New value = 3

0x08048764 in factorial (n=3) at k.cpp:18

18          while(n--)

(gdb)

Continuing.

Hardware watchpoint 3: result

Old value = 1

New value = 3

factorial (n=3) at k.cpp:18

18          while(n--)

(gdb)

Continuing.

Hardware watchpoint 2: n

Old value = 3

New value = 2

0x08048764 in factorial (n=2) at k.cpp:18

18          while(n--)

(gdb)

Continuing.

Hardware watchpoint 3: result

Old value = 3

New value = 6

factorial (n=2) at k.cpp:18

18          while(n--)

(gdb)

Continuing.

Hardware watchpoint 2: n

Old value = 2

New value = 1

0x08048764 in factorial (n=1) at k.cpp:18

18          while(n--)

(gdb)

Continuing.

Hardware watchpoint 2: n

Old value = 1

New value = 0

0x08048764 in factorial (n=0) at k.cpp:18

18          while(n--)

(gdb)

Continuing.

Watchpoint 2 deleted because the program has left the block in

which its expression is valid.

Watchpoint 3 deleted because the program has left the block in

which its expression is valid.

0x08048705 in main () at k.cpp:9

9           long val=factorial(n);

(gdb) p val

$1 = 11476980

(gdb)

可以看到是while那里,导致n越界了,fix

while(n>0) //doesn't let n reach 0

{

  result*=n;

  n--;        //decrements only after the evaluation

}

一些快捷命令

l – list

p – print print {variable}

c – continue

s – step

b - break  break line_number/break [file_name]:line_number/break [file_name]:func_name

r - run

set <var> = <value>

watch <var>

ENTER: pressing enter key would execute the previously executed command again.

c/n/s的区别

  • c or continue: Debugger will continue executing until the next break point.
  • n or next: Debugger will execute the next line as single instruction.
  • s or step: Same as next, but does not treats function as a single instruction, instead goes into the function and executes it line by line

3、调试PHP程序

PHP代码

<?php.

for($i = 0; $i < 10; $i++){

    echo $i."\n";

    sleep(3);

    if(in_array($i,[1,9,20])){

        print_r($i*$i);

        var_dump($i*$i);

        print $i*$i;

    }

}

开始调试,加上断点

[root@localhost code]# gdb php

GNU gdb (GDB) Red Hat Enterprise Linux (7.2-83.el6)

Copyright (C) 2010 Free Software Foundation, Inc.

License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>

This is free software: you are free to change and redistribute it.

There is NO WARRANTY, to the extent permitted by law.  Type "show copying"

and "show warranty" for details.

This GDB was configured as "i686-redhat-linux-gnu".

For bug reporting instructions, please see:

<http://www.gnu.org/software/gdb/bugs/>...

Reading symbols from /usr/bin/php...done.

(gdb) b zif_sleep

Breakpoint 1 at 0x8435180: file /usr/local/src/php-5.5.23/ext/standard/basic_functions.c, line 4449.

(gdb) b zif_in_array

Breakpoint 2 at 0x8426923: file /usr/local/src/php-5.5.23/ext/standard/array.c, line 1215.

(gdb) b zif_print_r

Breakpoint 3 at 0x8438273: file /usr/local/src/php-5.5.23/ext/standard/basic_functions.c, line 5553.

(gdb) b zif_var_dump

Breakpoint 4 at 0x847d296: file /usr/local/src/php-5.5.23/ext/standard/var.c, line 178.

(gdb) b zif_printf

Function "zif_printf" not defined.

Make breakpoint pending on future shared library load? (y or [n]) n

(gdb) b zif_sprintf

Function "zif_sprintf" not defined.

Make breakpoint pending on future shared library load? (y or [n]) n

(gdb) b printf

Breakpoint 5 at 0x806a390

(gdb) b memcpy

Breakpoint 6 at 0x8069390

(gdb) b zif_print

Function "zif_print" not defined.

Make breakpoint pending on future shared library load? (y or [n]) n

(gdb) b zif_echo

Function "zif_echo" not defined.

Make breakpoint pending on future shared library load? (y or [n]) n

(gdb) info b

Num     Type           Disp Enb Address    What

1       breakpoint     keep y   0x08435180 in zif_sleep at /usr/local/src/php-5.5.23/ext/standard/basic_functions.c:4449

2       breakpoint     keep y   0x08426923 in zif_in_array at /usr/local/src/php-5.5.23/ext/standard/array.c:1215

3       breakpoint     keep y   0x08438273 in zif_print_r at /usr/local/src/php-5.5.23/ext/standard/basic_functions.c:5553

4       breakpoint     keep y   0x0847d296 in zif_var_dump at /usr/local/src/php-5.5.23/ext/standard/var.c:178

5       breakpoint     keep y   0x0806a390 <printf@plt>

6       breakpoint     keep y   0x08069390 <memcpy@plt>

(gdb)

加几个断点测试一下 syntax:break [file_name]:func_name,这里大致可以看一下 echo print等不是函数了

然后开始调试

(gdb) run kk.php ( or set args ./kk.php && r)

Starting program: /usr/bin/php kk.php

[Thread debugging using libthread_db enabled]

0

Breakpoint 3, zif_sleep (ht=1, return_value=0xb7fbd6f0, return_value_ptr=0x0, this_ptr=0x0, return_value_used=0)

    at /usr/local/src/php-5.5.23/ext/standard/basic_functions.c:4449

4449            if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "l", &num) == FAILURE) {

(gdb)

这里我们可以看一下zif_sleep 函数 return_value 返回的是什么

(gdb) p *return_value

$1 = {value = {lval = 1515870810, dval = 1.7838867517321418e+127, str = {val = 0x5a5a5a5a <Address 0x5a5a5a5a out of bounds>,

      len = 1515870810}, ht = 0x5a5a5a5a, obj = {handle = 1515870810, handlers = 0x5a5a5a5a}}, refcount__gc = 1, type = 0 '\000', is_ref__gc = 0 '\000'}

(gdb) p return_value->value

$2 = {lval = 1515870810, dval = 1.7838867517321418e+127, str = {val = 0x5a5a5a5a <Address 0x5a5a5a5a out of bounds>,

    len = 1515870810}, ht = 0x5a5a5a5a, obj = {handle = 1515870810, handlers = 0x5a5a5a5a}}

(gdb) p return_value->value->lval

$3 = 1515870810

我们还可以使用内置的gdbinit来调试

(gdb) source /usr/local/src/php-5.5.23/.gdbinit

(gdb) zbacktrace

[0xb7fa1144] sleep(3) /code/kk.php:4

查看当前堆栈,PHP内核的执行过程

(gdb) bt

#0  zif_sleep (ht=1, return_value=0xb7fbd6f0, return_value_ptr=0x0, this_ptr=0x0, return_value_used=0)

    at /usr/local/src/php-5.5.23/ext/standard/basic_functions.c:4449

#1  0x085f6870 in execute_internal (execute_data_ptr=0xb7fa1144, fci=0x0, return_value_used=0)

    at /usr/local/src/php-5.5.23/Zend/zend_execute.c:1484

#2  0x085aea5f in dtrace_execute_internal (execute_data_ptr=0xb7fa1144, fci=0x0, return_value_used=0)

    at /usr/local/src/php-5.5.23/Zend/zend_dtrace.c:97

#3  0x00935c33 in pt_execute_core (internal=1, execute_data=0xb7fa1144, fci=0x0, rvu=0)

    at /usr/local/src/trace-0.3.0/extension/trace.c:941

#4  0x00935e49 in pt_execute_internal (execute_data=0xb7fa1144, fci=0x0, return_value_used=0)

    at /usr/local/src/trace-0.3.0/extension/trace.c:1005

#5  0x085f7523 in zend_do_fcall_common_helper_SPEC (execute_data=0xb7fa1144) at /usr/local/src/php-5.5.23/Zend/zend_vm_execute.h:552

#6  0x085fb2a9 in ZEND_DO_FCALL_SPEC_CONST_HANDLER (execute_data=0xb7fa1144) at /usr/local/src/php-5.5.23/Zend/zend_vm_execute.h:2332

#7  0x085f6deb in execute_ex (execute_data=0xb7fa1144) at /usr/local/src/php-5.5.23/Zend/zend_vm_execute.h:363

#8  0x085ae9dc in dtrace_execute_ex (execute_data=0xb7fa1144) at /usr/local/src/php-5.5.23/Zend/zend_dtrace.c:73

#9  0x00935c5e in pt_execute_core (internal=0, execute_data=0xb7fa1144, fci=0x0, rvu=0)

    at /usr/local/src/trace-0.3.0/extension/trace.c:946

#10 0x00935e10 in pt_execute_ex (execute_data=0xb7fa1144) at /usr/local/src/trace-0.3.0/extension/trace.c:1000

#11 0x085f6e4a in zend_execute (op_array=0xb7fbc7b4) at /usr/local/src/php-5.5.23/Zend/zend_vm_execute.h:388

#12 0x085c1cf2 in zend_execute_scripts (type=8, retval=0x0, file_count=3) at /usr/local/src/php-5.5.23/Zend/zend.c:1327

#13 0x085470f9 in php_execute_script (primary_file=0xbffff4a4) at /usr/local/src/php-5.5.23/main/main.c:2525

#14 0x0865af46 in do_cli (argc=2, argv=0x8b9b908) at /usr/local/src/php-5.5.23/sapi/cli/php_cli.c:994

#15 0x0865bff3 in main (argc=2, argv=0x8b9b908) at /usr/local/src/php-5.5.23/sapi/cli/php_cli.c:1378

查看代码段

(gdb) l

4444       Delay for a given number of seconds */

4445    PHP_FUNCTION(sleep)

4446    {

4447            long num;

4448

4449            if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "l", &num) == FAILURE) {

4450                    RETURN_FALSE;

4451            }

4452            if (num < 0) {

4453                    php_error_docref(NULL TSRMLS_CC, E_WARNING, "Number of seconds must be greater than or equal to 0");

(gdb) l 4450

4445    PHP_FUNCTION(sleep)

4446    {

4447            long num;

4448

4449            if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "l", &num) == FAILURE) {

4450                    RETURN_FALSE;

4451            }

4452            if (num < 0) {

4453                    php_error_docref(NULL TSRMLS_CC, E_WARNING, "Number of seconds must be greater than or equal to 0");

4454                    RETURN_FALSE;

(gdb) l zif_usleep

4463    /* }}} */

4464

4465    /* {{{ proto void usleep(int micro_seconds)

4466       Delay for a given number of micro seconds */

4467    PHP_FUNCTION(usleep)

4468    {

4469    #if HAVE_USLEEP

4470            long num;

4471

4472            if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "l", &num) == FAILURE) {

继续执行

(gdb) n

4452            if (num < 0) {

(gdb) p num

$6 = 3

(gdb) n

4457            RETURN_LONG(php_sleep(num));

(gdb) n

4462    }

(gdb) n

execute_internal (execute_data_ptr=0xb7fa1144, fci=0x0, return_value_used=0) at /usr/local/src/php-5.5.23/Zend/zend_execute.c:1488

1488    }

到了execute_internal ,可以查看一下当前函数的一个状态

(gdb) p execute_data_ptr

$7 = (zend_execute_data *) 0xb7fa1144

(gdb) p *execute_data_ptr

$8 = {opline = 0xb7fbcacc, function_state = {function = 0x8bcf3e8, arguments = 0xb7fa119c}, op_array = 0xb7fbc7b4, object = 0x0,

  symbol_table = 0x8b99cdc, prev_execute_data = 0x0, old_error_reporting = 0x0, nested = 0 '\000',

  original_return_value = 0x38b4ac9, current_scope = 0x49, current_called_scope = 0x45, current_this = 0x0, fast_ret = 0x0,

  call_slots = 0xb7fa1188, call = 0xb7fa1188}

(gdb) p *execute_data_ptr->function_state.function->common->function_name

$9 = 115 's'

(gdb) p execute_data_ptr->function_state.function->common->function_name

$10 = 0x8af03c9 "sleep"

(gdb) p execute_data_ptr->op_array->filename

$11 = 0xb7fbc8e8 "/code/kk.php"

查看当前hashtable

(gdb) p *execute_data_ptr->symbol_table

$16 = {nTableSize = 64, nTableMask = 63, nNumOfElements = 8, nNextFreeElement = 0, pInternalPointer = 0xb7fb924c,

  pListHead = 0xb7fb924c, pListTail = 0xb7fbd228, arBuckets = 0xb7fb9120, pDestructor = 0x85bf06f <_zval_ptr_dtor_wrapper>,

  persistent = 0 '\000', nApplyCount = 0 '\000', bApplyProtection = 1 '\001', inconsistent = 0}

继续执行输出c之后,回车即可,同样可以看到in_array的执行信息

(gdb) p *execute_data_ptr->function_state.function

$24 = {type = 1 '\001', common = {type = 1 '\001', function_name = 0x8af1841 "in_array", scope = 0x0, fn_flags = 256,

    prototype = 0x0, num_args = 3, required_num_args = 2, arg_info = 0x8ae7554}, op_array = {type = 1 '\001',

    function_name = 0x8af1841 "in_array", scope = 0x0, fn_flags = 256, prototype = 0x0, num_args = 3, required_num_args = 2,

    arg_info = 0x8ae7554, refcount = 0x842691d, opcodes = 0x8bcf120, last = 0, vars = 0x0, last_var = 0, T = 1,

    nested_calls = 3086618796, used_stack = 0, brk_cont_array = 0x0, last_brk_cont = 1, try_catch_array = 0xb7fa10dd,

    last_try_catch = 96, has_finally_block = 160 '\240', static_variables = 0x0, this_var = 11482064,

    filename = 0xaf1ff4 "|\035\257", line_start = 11482016, line_end = 146381272,

    doc_comment = 0xbffff238 "x\362\377\277\244\aY\b\021", doc_comment_len = 10305959, early_binding = 11085989,

    literals = 0x8b7a0a0, last_literal = 140062666, run_time_cache = 0xb7fa10d4, last_cache_slot = 90, reserved = {0x9, 0x8b5f7ac,

      0x796, 0x0}}, internal_function = {type = 1 '\001', function_name = 0x8af1841 "in_array", scope = 0x0, fn_flags = 256,

    prototype = 0x0, num_args = 3, required_num_args = 2, arg_info = 0x8ae7554, handler = 0x842691d <zif_in_array>,

    module = 0x8bcf120}}

(gdb) p execute_data_ptr->function_state.function->common->function_name

$26 = 0x8af1841 "in_array"

(gdb) p execute_data_ptr->op_array->filename

$27 = 0xb7fbc8e8 "/code/kk.php"

还可以加一下监控watch、设置一些调试变量set 等等

其他的调试工具还有 strace 查看系统调用、ltrace 查看类库的调用、vld查看opcode

  

参考文章  

http://www.cprogramming.com/gcc.html

http://www.thegeekstuff.com/2010/03/debug-c-program-using-gdb/

http://www.cprogramming.com/gdb.html

http://www.laruence.com/2011/06/23/2057.html

http://derickrethans.nl/what-is-php-doing.html

【php】使用gdb调试php程序的更多相关文章

  1. Gdb调试多进程程序

    Gdb调试多进程程序 程序经常使用fork/exec创建多进程程序.多进程程序有自己独立的地址空间,这是多进程调试首要注意的地方.Gdb功能强大,对调试多线程提供很多支持. 方法1:调试多进程最土的办 ...

  2. 使用 GDB 调试多进程程序

    使用 GDB 调试多进程程序 GDB 是 linux 系统上常用的调试工具,本文介绍了使用 GDB 调试多进程程序的几种方法,并对各种方法进行比较. 3 评论 田 强 (tianq@cn.ibm.co ...

  3. 使用gdb调试多线程程序总结

    转:使用gdb调试多线程程序总结 一直对GDB多线程调试接触不多,最近因为工作有了一些接触,简单作点记录吧. 先介绍一下GDB多线程调试的基本命令. info threads 显示当前可调试的所有线程 ...

  4. Debugging with GDB 用GDB调试多线程程序

    Debugging with GDB http://www.delorie.com/gnu/docs/gdb/gdb_25.html GDB调试多线程程序总结 一直对GDB多线程调试接触不多,最近因为 ...

  5. 【疑难杂症】gdb调试多线程程序报错:interrupted system call

    一. cmake生成可调试版本的程序,该内容参考自https://www.linuxidc.com/Linux/2014-03/98622.htm 具体内容如下: 1, 使用CMAKE编译确实很方便. ...

  6. 用GDB 调试Java程序

      陈皓 http://blog.csdn.net/haoel 背景 想要使用GDB调试程序,就需要用GNU的编译器编译程序.如:用GCC编译的C/C++的程序,才能用GDB调试.对于Java程序也是 ...

  7. 用 gdb 调试 GCC 程序【转】

    用 GDB 调试程序 原著:Rick McMullin 用 gdb 调试 GCC 程序 转自:http://blog.csdn.net/bonnshore/article/details/795542 ...

  8. gdb调试多线程程序总结

    阿里核心系统团队博客 http://csrd.aliapp.com/?tag=pstack Linux下多线程查看工具(pstree.ps.pstack) http://www.cnblogs.com ...

  9. 用GDB调试多进程程序

    在子进程中sleep.然后attach上去. gdb --pid=123456 ps出子进程的id,gdb attach 进程号. http://www.ibm.com/developerworks/ ...

随机推荐

  1. 继续谈论XSS

    这篇文章基于上篇谈论XSS ,想说下自己工作过程中遇到的xss的问题. 易出现XSS的场景 1 jsonp 说说jsonp 中也有说过,jsonp其实是很容易出现安全问题的.由于jsonp的callb ...

  2. Criteria查询数据

    Criteria介绍: Criteria查询是Hibernate提供的一种查询方式,与HQL基于字符串的查询形式完全不同.Hibernate提供了org.hiberanee.Criteria 接口.o ...

  3. MVC中在一个视图中,怎么加载另外一个视图?

    在RazorView.cshtml视图: <!--在视图中调用无返回值的方法,视图中调用无返回值的方法,要加上大括号--> <!--在一个视图中,直接加载另外一个视图--> @ ...

  4. Unity中简单使用Opengl

    简介 由于项目特殊需求,需要在unity中使用一些OpenGL的东西来绘制图形(PS:其实就是有一个拖尾算法只有OpenGL版本~~~懒得改了,直接在unity中使用OpenGL算了).所以琢磨咯下如 ...

  5. 论httpclient上传带参数【commons-httpclient和apache httpclient区别】

    需要做一个httpclient上传,然后啪啪啪网上找资料 1.首先以前系统中用到的了commons-httpclient上传,找了资料后一顿乱改,然后测试 PostMethod filePost = ...

  6. POJ 3761 Bubble Sort 快速幂取模+组合数学

    转载于:http://www.cnblogs.com/767355675hutaishi/p/3873770.html 题目大意:众所周知冒泡排序算法多数情况下不能只扫描一遍就结束排序,而是要扫描好几 ...

  7. php学习笔记:利用gd库生成图片,并实现随机验证码

    说明:一些基本的代码我都进行了注释,这里实现的验证码位数.需要用的字符串都可以再设置.有我的注释,大家应该很容易能看得懂. 基本思路: 1.用mt_rand()随机生成数字确定需要获取的字符串,对字符 ...

  8. 你还记的那一年你我学习的-->>用表组织数据*(数据表)

    不知不觉,踏上IT之路,光阴似箭,日月如梭.虽好像回到从前,回到那个无忧无虑的童年,回到那个花样少年的青春;回到那个年少幼稚的小学;回到那个整天幻想的初中;回到那个顽强不屈,誓死不弃的高中;回到那个整 ...

  9. 安装多JDK后,java编译环境和运行环境版本(JDK版本) 不一致解决:

    由于之前安装过JDK1.7 ,现在一个项目是JDK1.5的,那么需要更改了环境变量了,此处不再赘述如何设置JDK 的环境变量了.然后网上找来方法: 在安装多个jdk后,出现了java -version ...

  10. 上载EXCEL到SAP系统的方法之一

    TEXT_CONVERT_XLS_TO_SAP实例 使用:gui_upload去上传excel数据,每次都出现乱码,不管中文英文都乱码. 至今不知道gui_upload是否支持excel文件上传,. ...