GDB（一）用户态gdb调试

参考文档

• 《Linux设备驱动开发详解》 宋宝华
• 《比较全面的gdb调试命令》 dadalan
• 《gdb 跟踪调试命令整理》 kzangv

---

gdb简介

gdb是GNU开源组织开发的Unix Like系统调试工具，实现如下基本功能：
- 打断点，单步执行
- 查看context，追溯堆栈
- 修改context，改变运行轨迹

gdb启动

可以使用gdb调试的程序，条件要素：
- 还没有被strip过，否则调试时找不到符号
- 在编译时保留debug信息

编译：

gcc -g -o struct_improved struct_improved.c

执行：

$ gdb struct_improved

打印信息：

GNU gdb (Ubuntu 7.11.1-0ubuntu1~16.5) 7.11.1
Copyright (C) 2016 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.  Type "show copying" and "show warranty" for details.
This GDB was configured as "x86_64-linux-gnu".
Type "show configuration" for configuration details.
For bug reporting instructions, please see:
<http://www.gnu.org/software/gdb/bugs/>.
Find the GDB manual and other documentation resources online at:
<http://www.gnu.org/software/gdb/documentation/>.
For help, type "help".
Type "apropos word" to search for commands related to "word"...
Reading symbols from struct_improved...done.
(gdb) 

gdb命令

gdb命令是非常多的，文档里面只列出常用的,其它命令，根据使用场景，用到哪一类命令时可以通过help命令逐步查询

help

• 用法：help [cmd name]
• 功能：显示cmds的帮助信息
• 注意：
  
  • gdb的cmd命令非常多，把这些命令依据功能归为如下几类
  • 对于某一类cmd再次进行help时又会列出具体命令

(gdb) help
List of classes of commands:

aliases -- Aliases of other commands
breakpoints -- Making program stop at certain points
data -- Examining data
files -- Specifying and examining files
internals -- Maintenance commands
obscure -- Obscure features
running -- Running the program
stack -- Examining the stack
status -- Status inquiries
support -- Support facilities
tracepoints -- Tracing of program execution without stopping the program
user-defined -- User-defined commands

Type "help" followed by a class name for a list of commands in that class.
Type "help all" for the list of all commands.
Type "help" followed by command name for full documentation.
Type "apropos word" to search for commands related to "word".
Command name abbreviations are allowed if unambiguous.


(gdb) help breakpoints
Making program stop at certain points.

List of commands:

awatch -- Set a watchpoint for an expression
break -- Set breakpoint at specified location
break-range -- Set a breakpoint for an address range
catch -- Set catchpoints to catch events
catch assert -- Catch failed Ada assertions
catch catch -- Catch an exception
catch exception -- Catch Ada exceptions
catch exec -- Catch calls to exec
catch fork -- Catch calls to fork
catch load -- Catch loads of shared libraries
catch rethrow -- Catch an exception
catch signal -- Catch signals by their names and/or numbers
catch syscall -- Catch system calls by their names and/or numbers
catch throw -- Catch an exception
catch unload -- Catch unloads of shared libraries
catch vfork -- Catch calls to vfork
clear -- Clear breakpoint at specified location
commands -- Set commands to be executed when a breakpoint is hit
condition -- Specify breakpoint number N to break only if COND is true
delete -- Delete some breakpoints or auto-display expressions
delete bookmark -- Delete a bookmark from the bookmark list
delete breakpoints -- Delete some breakpoints or auto-display expressions
delete checkpoint -- Delete a checkpoint (experimental)
delete display -- Cancel some expressions to be displayed when program stops
delete mem -- Delete memory region
delete tracepoints -- Delete specified tracepoints
delete tvariable -- Delete one or more trace state variables
disable -- Disable some breakpoints
---Type <return> to continue, or q <return> to quit---

pwd

• 用法：pwd
• 功能：显示当前工作目录，与linux命令一致

(gdb) pwd
Working directory /home/acean/Project/test.

cd

• 用法：cd
• 功能：切换工作目录，与linux命令一致

(gdb) cd ..
Working directory /home/acean/Project.
(gdb) cd test/
Working directory /home/acean/Project/test.

list

• 缩写：“l”
• 用法①：list < line number >
• 功能：以line number行为中心，显示上下5行的源码
• 注意：
  
  • 不带行号，运行即输入，表示从这个程序main函数中间行开始显示上下5行源码
  • 不带行号，运行中输入，表示显示当前行下面的10行源码
  • 带参数为-，表示显示当前行之前10行源码

(gdb) list 1
1   /*
2    * =====================================================================================
3    *
4    *       Filename:  struct.c
5    *
6    *    Description:  test struct init
7    *
8    *        Version:  1.0
9    *        Created:  08/04/2017 04:16:18 PM
10   *       Revision:  none
(gdb) list
11   *       Compiler:  gcc
12   *
13   *         Author:  Ace.An (wm), ashaoyan@gmail.com
14   *   Organization:
15   *
16   * =====================================================================================
17   */
18  
19  
20  #include<stdio.h>
(gdb) list
21  
22  struct lock {
23          int dep;
24  };
25  
26  typedef struct test {
27          union {
28                  struct lock lock;
29                  int k;
30                  int l;
(gdb) list
31          };
32  } test_struct_t;
33  
34  #define __INIT_LOCK(name) \
35                  { { .lock = {.dep = name} } }
36  
37  void lock_init(test_struct_t *lock)
38  {
39          lock->lock.dep = 0;
40  }
(gdb) list
41  
42  static test_struct_t my_lock[10];
43  
44  int main(int argc, char* argv[])
45  {
46          int i = 0;
47          for (i=0; i<10; i++) {
48                  //my_lock[i] = __INIT_LOCK(i);
49                  lock_init(&my_lock[i]);
50  
(gdb) list
51                  printf("This lock[%d] dep is %d\n", i, my_lock[i].lock.dep);
52          }
53  
54          return 0;
55  }
56  
(gdb) list
Line number 57 out of range; struct_improved.c has 56 lines.

• 用法②： list
• 功能：显示函数名字function name的源程序

(gdb) list lock_init
33  
34  #define __INIT_LOCK(name) \
35                  { { .lock = {.dep = name} } }
36  
37  void lock_init(test_struct_t *lock)
38  {
39          lock->lock.dep = 0;
40  }
41  
42  static test_struct_t my_lock[10];

run

• 缩写：“r”
• 用法①：run
• 功能：运行程序，直到结尾或者断点处

(gdb) run
Starting program: /home/acean/Project/test/struct_improved 
This lock[0] dep is 0
This lock[1] dep is 0
This lock[2] dep is 0
This lock[3] dep is 0
This lock[4] dep is 0
This lock[5] dep is 0
This lock[6] dep is 0
This lock[7] dep is 0
This lock[8] dep is 0
This lock[9] dep is 0
[Inferior 1 (process 2404) exited normally]

• 用法②：run > outfile
• 功能：运行结果重定向到outfile文件

(gdb) run > ace.log
Starting program: /home/acean/Project/test/struct_improved > ace.log

>>$ cat ace.log 
This lock[0] dep is 0
This lock[1] dep is 0
This lock[2] dep is 0
This lock[3] dep is 0
This lock[4] dep is 0
This lock[5] dep is 0
This lock[6] dep is 0
This lock[7] dep is 0
This lock[8] dep is 0
This lock[9] dep is 0

break

• 缩写：“b”
• 用法①：break [filename:][line number]
• 功能：在文件filename的line number行设置断点
• 注意：
  
  • 不带文件名和行号，则是在当前文件的当前行设置断点
  • 不带文件名，则是在当前文件line bumber行设置断点

(gdb) b 49
Breakpoint 23 at 0x40055a: file struct_improved.c, line 49.
(gdb) run
Starting program: /home/acean/Project/test/struct_improved 

Breakpoint 23, main (argc=1, argv=0x7fffffffdcc8) at struct_improved.c:49
49                  lock_init(&my_lock[i]);
(gdb) b
Note: breakpoint 23 also set at pc 0x40055a.
Breakpoint 24 at 0x40055a: file struct_improved.c, line 49.
(gdb) info breakpoints
Num     Type           Disp Enb Address            What
23      breakpoint     keep y   0x000000000040055a in main at struct_improved.c:49
    breakpoint already hit 1 time
24      breakpoint     keep y   0x000000000040055a in main at struct_improved.c:49

(gdb) b struct_improved.c:51
Breakpoint 7 at 0x400571: file struct_improved.c, line 51.
(gdb) info breakpoints
Num     Type           Disp Enb Address            What
7       breakpoint     keep y   0x0000000000400571 in main at struct_improved.c:51

• 用法②：break [filename:][function name]
• 功能：在程序filename文件的函数function入口设置断点
• 注意：
  
  • 不带文件名，则是在当前文件function处设置断点

(gdb) b struct_improved.c:main
Breakpoint 8 at 0x40054a: file struct_improved.c, line 46.
(gdb) info breakpoints
Num     Type           Disp Enb Address            What
8       breakpoint     keep y   0x000000000040054a in main at struct_improved.c:46

• 用法③：break [*address]
• 功能：在程序的内存地址address处设置断点

(gdb) b *0x400571
Breakpoint 5 at 0x400571: file struct_improved.c, line 51.
(gdb) b *0x000000000040055a
Breakpoint 6 at 0x40055a: file struct_improved.c, line 49.
(gdb) 

• 用法④：break [params] if < condition >
• 功能：条件condition成立时设置断点params可以是之前①~③中参数

(gdb) b 51 if i=8
Breakpoint 9 at 0x400571: file struct_improved.c, line 51.
(gdb) run
Starting program: /home/acean/Project/test/struct_improved 

Breakpoint 9, main (argc=1, argv=0x7fffffffdcc8) at struct_improved.c:51
51                  printf("This lock[%d] dep is %d\n", i, my_lock[i].lock.dep);
(gdb) info breakpoints
Num     Type           Disp Enb Address            What
9       breakpoint     keep y   0x0000000000400571 in main at struct_improved.c:51
    stop only if i=8
    breakpoint already hit 1 time
(gdb) clear
Deleted breakpoint 9 
(gdb) continue
Continuing.
This lock[8] dep is 0
This lock[9] dep is 0
[Inferior 1 (process 3031) exited normally]

clear

• 用法：clear < line number >
• 功能：清除break命令在line number行设置的所有断点
• 注意：
  
  • 直接输入clear是清除当前行的所有断点

(gdb) b 49
Breakpoint 21 at 0x40055a: file struct_improved.c, line 49.
(gdb) b 51
Breakpoint 22 at 0x400571: file struct_improved.c, line 51.
(gdb) info breakpoints
Num     Type           Disp Enb Address            What
21      breakpoint     keep y   0x000000000040055a in main at struct_improved.c:49
22      breakpoint     keep y   0x0000000000400571 in main at struct_improved.c:51
(gdb) clear 49
Deleted breakpoint 21 
(gdb) run
Starting program: /home/acean/Project/test/struct_improved 

Breakpoint 22, main (argc=1, argv=0x7fffffffdcc8) at struct_improved.c:51
51                  printf("This lock[%d] dep is %d\n", i, my_lock[i].lock.dep);
(gdb) clear
Deleted breakpoint 22 

continue

• 缩写：“c”
• 用法：continue [ignore number]
• 功能：从当前断点恢复程序运行，并忽略当前断点之后ignore number - 1个“该”断点（程序后续再次执行到这里时）
• 注意：
  
  • ignore number需要大于等于2，等于1的话下次仍会断住

(gdb) continue
Continuing.
This lock[0] dep is 0

Breakpoint 4, main (argc=1, argv=0x7fffffffdcc8) at struct_improved.c:49
49                  lock_init(&my_lock[i]);
(gdb) continue 1
Will stop next time breakpoint 4 is reached.  Continuing.


(gdb) continue
Continuing.
This lock[2] dep is 0

Breakpoint 4, main (argc=1, argv=0x7fffffffdcc8) at struct_improved.c:49
49                  lock_init(&my_lock[i]);
(gdb) continue 3
Will ignore next 2 crossings of breakpoint 4.  Continuing.

Breakpoint 1, lock_init (lock=0x60106c <my_lock+12>) at struct_improved.c:39
39          lock->lock.dep = 0;
(gdb) continue
Continuing.

Breakpoint 5, main (argc=1, argv=0x7fffffffdcc8) at struct_improved.c:51
51                  printf("This lock[%d] dep is %d\n", i, my_lock[i].lock.dep);
(gdb) continue
Continuing.
This lock[3] dep is 0

Breakpoint 1, lock_init (lock=0x601070 <my_lock+16>) at struct_improved.c:39
39          lock->lock.dep = 0;
(gdb) continue
Continuing.

Breakpoint 5, main (argc=1, argv=0x7fffffffdcc8) at struct_improved.c:51
51                  printf("This lock[%d] dep is %d\n", i, my_lock[i].lock.dep);
(gdb) continue
Continuing.
This lock[4] dep is 0

Breakpoint 1, lock_init (lock=0x601074 <my_lock+20>) at struct_improved.c:39
39          lock->lock.dep = 0;
(gdb) continue
Continuing.

Breakpoint 5, main (argc=1, argv=0x7fffffffdcc8) at struct_improved.c:51
51                  printf("This lock[%d] dep is %d\n", i, my_lock[i].lock.dep);
(gdb) continue
Continuing.
This lock[5] dep is 0

Breakpoint 4, main (argc=1, argv=0x7fffffffdcc8) at struct_improved.c:49
49                  lock_init(&my_lock[i]);

next

• 缩写：“n”
• 用法：next [number]
• 功能：用于单步调试，连续执行后续number条指令后停住
• 注意：
  
  • 不会进入被调函数内部执行

(gdb) b main
Breakpoint 1 at 0x40054a: file struct_improved.c, line 46.
(gdb) run
Starting program: /home/acean/Project/test/struct_improved 

Breakpoint 1, main (argc=1, argv=0x7fffffffdcc8) at struct_improved.c:46
46          int i = 0;
(gdb) next
47          for (i=0; i<10; i++) {
(gdb) next
49                  lock_init(&my_lock[i]);
(gdb) next
51                  printf("This lock[%d] dep is %d\n", i, my_lock[i].lock.dep);
(gdb) next
This lock[0] dep is 0
47          for (i=0; i<10; i++) {
(gdb) next
49                  lock_init(&my_lock[i]);
(gdb) next
51                  printf("This lock[%d] dep is %d\n", i, my_lock[i].lock.dep);
(gdb) next
This lock[1] dep is 0
47          for (i=0; i<10; i++) {
(gdb) n
49                  lock_init(&my_lock[i]);
(gdb) n
51                  printf("This lock[%d] dep is %d\n", i, my_lock[i].lock.dep);
(gdb) n 3
This lock[2] dep is 0
51                  printf("This lock[%d] dep is %d\n", i, my_lock[i].lock.dep);

step

• 缩写：“s”
• 用法：step [number]
• 功能：用于单步调试，连续执行后续number条指令后停住
• 注意：
  
  • 进入被调函数内部执行

(gdb) n 1
This lock[6] dep is 0
47          for (i=0; i<10; i++) {
(gdb) 
49                  lock_init(&my_lock[i]);
(gdb) step
lock_init (lock=0x60107c <my_lock+28>) at struct_improved.c:39
39          lock->lock.dep = 0;
(gdb) step
40  }
(gdb) step
main (argc=1, argv=0x7fffffffdcc8) at struct_improved.c:51
51                  printf("This lock[%d] dep is %d\n", i, my_lock[i].lock.dep);
(gdb) s
__printf (format=0x400634 "This lock[%d] dep is %d\n") at printf.c:28
28  printf.c: No such file or directory.
(gdb) s
32  in printf.c
(gdb) s
33  in printf.c
(gdb) s
32  in printf.c
(gdb) step
33  in printf.c
(gdb) s
_IO_vfprintf_internal (s=0x7ffff7dd2620 <_IO_2_1_stdout_>, format=0x400634 "This lock[%d] dep is %d\n", ap=ap@entry=0x7fffffffdae8)
    at vfprintf.c:1267
1267    vfprintf.c: No such file or directory.
(gdb) s
1275    in vfprintf.c
(gdb) s
1279    in vfprintf.c
(gdb) 

finish

• 用法：finish
• 功能：继续运行程序，直到当前函数完成返回，并打印返回值的参数、返回值等信息
• 注意：
  
  • 不能在最外层函数执行

(gdb) finish
Run till exit from #0  strchrnul () at ../sysdeps/x86_64/strchr.S:25
_IO_vfprintf_internal (s=0x7ffff7dd2620 <_IO_2_1_stdout_>, format=0x400634 "This lock[%d] dep is %d\n", ap=ap@entry=0x7fffffffdae8)
    at vfprintf.c:1316
1316    vfprintf.c: No such file or directory.
(gdb) finish
Run till exit from #0  _IO_vfprintf_internal (s=0x7ffff7dd2620 <_IO_2_1_stdout_>, format=0x400634 "This lock[%d] dep is %d\n", 
    ap=ap@entry=0x7fffffffdae8) at vfprintf.c:1316
This lock[7] dep is 0
__printf (format=<optimized out>) at printf.c:37
37  printf.c: No such file or directory.
Value returned is $1 = 22
(gdb) finish
Run till exit from #0  __printf (format=<optimized out>) at printf.c:37
main (argc=1, argv=0x7fffffffdcc8) at struct_improved.c:47
47          for (i=0; i<10; i++) {
Value returned is $2 = 22
(gdb) finish
"finish" not meaningful in the outermost frame.

print

• 缩写：“p”
• 用法：print [/format] < expression >
• 功能：以format格式打印expression表达式的值
• 注意：
  
  • 控制字符
  • 表达式中特殊字符
  • gdb用$i记录所有打印过的表达式

format	描述		expression	描述
/x	十六进制显示		*	用于地址前表示取内容，当用于变量名前面时，变量名就被gdb认为是一个地址
/d	十进制显示		@	打印@号前面大小的内存的X倍，X的值取@号后面的整数，注意是@号前面整体内存的X倍
/u	十进制显示无符号		::	指定的变量属于某个函数或文件中
/o	八进制显示		{}	将大括号后面地址转换为大括号中的类型变量
/t	二进制显示		&	用于变量前表示取该变量地址和类型
/a	十六进制显示
/c	字符显示
/f	浮点数显示

(gdb) p *my_lock
$35 = {{lock = {dep = 0}, k = 0, l = 0}}
(gdb) p my_lock
$36 = {{{lock = {dep = 0}, k = 0, l = 0}}, {{lock = {dep = 1}, k = 1, l = 1}}, {{lock = {dep = 0}, k = 0, l = 0}}, {{lock = {dep = 0}, 
      k = 0, l = 0}}, {{lock = {dep = 0}, k = 0, l = 0}}, {{lock = {dep = 0}, k = 0, l = 0}}, {{lock = {dep = 0}, k = 0, l = 0}}, {{lock = {
        dep = 0}, k = 0, l = 0}}, {{lock = {dep = 0}, k = 0, l = 0}}, {{lock = {dep = 0}, k = 0, l = 0}}}
(gdb) p ({test_struct_t}0x601000)
$37 = {{lock = {dep = 6295080}, k = 6295080, l = 6295080}}
(gdb) p my_lock
$38 = {{{lock = {dep = 0}, k = 0, l = 0}}, {{lock = {dep = 1}, k = 1, l = 1}}, {{lock = {dep = 0}, k = 0, l = 0}}, {{lock = {dep = 0}, 
      k = 0, l = 0}}, {{lock = {dep = 0}, k = 0, l = 0}}, {{lock = {dep = 0}, k = 0, l = 0}}, {{lock = {dep = 0}, k = 0, l = 0}}, {{lock = {
        dep = 0}, k = 0, l = 0}}, {{lock = {dep = 0}, k = 0, l = 0}}, {{lock = {dep = 0}, k = 0, l = 0}}}
(gdb) p *my_lock@2
$39 = {{{lock = {dep = 0}, k = 0, l = 0}}, {{lock = {dep = 1}, k = 1, l = 1}}}
(gdb) p *my_lock@3
$40 = {{{lock = {dep = 0}, k = 0, l = 0}}, {{lock = {dep = 1}, k = 1, l = 1}}, {{lock = {dep = 0}, k = 0, l = 0}}}
(gdb) p my_lock@3
$41 = {{{{lock = {dep = 0}, k = 0, l = 0}}, {{lock = {dep = 1}, k = 1, l = 1}}, {{lock = {dep = 0}, k = 0, l = 0}}, {{lock = {dep = 0}, 
        k = 0, l = 0}}, {{lock = {dep = 0}, k = 0, l = 0}}, {{lock = {dep = 0}, k = 0, l = 0}}, {{lock = {dep = 0}, k = 0, l = 0}}, {{
        lock = {dep = 0}, k = 0, l = 0}}, {{lock = {dep = 0}, k = 0, l = 0}}, {{lock = {dep = 0}, k = 0, l = 0}}}, {{{lock = {dep = 0}, 
        k = 0, l = 0}}, {{lock = {dep = 0}, k = 0, l = 0}}, {{lock = {dep = 0}, k = 0, l = 0}}, {{lock = {dep = 0}, k = 0, l = 0}}, {{
        lock = {dep = 0}, k = 0, l = 0}}, {{lock = {dep = 0}, k = 0, l = 0}}, {{lock = {dep = 0}, k = 0, l = 0}}, {{lock = {dep = 0}, 
        k = 0, l = 0}}, {{lock = {dep = 0}, k = 0, l = 0}}, {{lock = {dep = 0}, k = 0, l = 0}}}, {{{lock = {dep = 0}, k = 0, l = 0}}, {{
        lock = {dep = 0}, k = 0, l = 0}}, {{lock = {dep = 0}, k = 0, l = 0}}, {{lock = {dep = 0}, k = 0, l = 0}}, {{lock = {dep = 0}, 
        k = 0, l = 0}}, {{lock = {dep = 0}, k = 0, l = 0}}, {{lock = {dep = 0}, k = 0, l = 0}}, {{lock = {dep = 0}, k = 0, l = 0}}, {{
        lock = {dep = 0}, k = 0, l = 0}}, {{lock = {dep = 0}, k = 0, l = 0}}}}

(gdb) p i
$43 = 2
(gdb) p &i
$44 = (int *) 0x7fffffffdbdc
(gdb) p *0x7fffffffdbdc
$46 = 2

watch

• 用法①：watch < expression >
• 功能：expression表达式的值有变化时断住

(gdb) watch i
Hardware watchpoint 2: i
(gdb) continue
Continuing.
This lock[0] dep is 0

Hardware watchpoint 2: i

Old value = 0
New value = 1
0x000000000040059d in main (argc=1, argv=0x7fffffffdcc8) at struct_improved.c:47
47          for (i=0; i<10; i++) {
(gdb) info breakpoints
Num     Type           Disp Enb Address            What
1       breakpoint     keep y   0x000000000040055c in main at struct_improved.c:49
    breakpoint already hit 1 time
2       hw watchpoint  keep y                      i
    breakpoint already hit 1 time

• 用法②：rwatch < expression >
• 功能：expression表达式的值被读时断住

(gdb) rwatch i
Hardware read watchpoint 3: i
(gdb) continue
Continuing.

Hardware read watchpoint 3: i

Value = 1
0x00000000004005a1 in main (argc=1, argv=0x7fffffffdcc8) at struct_improved.c:47
47          for (i=0; i<10; i++) {

(gdb) continue
Continuing.

Hardware read watchpoint 3: i

Value = 1
0x000000000040057c in main (argc=1, argv=0x7fffffffdcc8) at struct_improved.c:51
51                  printf("This lock[%d] dep is %d\n", i, my_lock[i].lock.dep);
(gdb) continue
Continuing.

Hardware read watchpoint 3: i

Value = 1
0x0000000000400588 in main (argc=1, argv=0x7fffffffdcc8) at struct_improved.c:51
51                  printf("This lock[%d] dep is %d\n", i, my_lock[i].lock.dep);

• 用法③：awatch < expression >
• 功能：expression表达式的值被读/写时断住

(gdb) awatch i
Hardware access (read/write) watchpoint 4: i
(gdb) continue
Continuing.

Hardware read watchpoint 3: i

Value = 2

Hardware access (read/write) watchpoint 4: i

Value = 2
0x000000000040055f in main (argc=1, argv=0x7fffffffdcc8) at struct_improved.c:49
49                  lock_init(&my_lock[i], i);

examine

• 缩写：“x”
• 用法：examine/[len/format/bytes] < address >
• 功能：查看内存地址上的值，即，从address开始，以format的格式，显示len个内存单元，每个内存单元bytes个字节
• 注意：
  
  • 可选参数列表

len	format	bytes
正整数，显示内存的长度	s：地址上的内容按照字符串显示	默认4字节
	i: 地址上的内容按照指令显示	b： 单字节
	u：以十六进制显示	h： 两字节
	x：以十六进制显示	w： 四字节
	d：以十进制显示	g： 八字节

(gdb) x/3xh 0x000000000040053d
0x40053d <main>:    0x4855  0xe589  0x8348
(gdb) x/3xg 0x000000000040053d
0x40053d <main>:    0x20ec8348e5894855  0xc7e0758948ec7d89
0x40054d <main+16>: 0x45c700000000fc45

set

• 用法：set (type )pointer = value
• 功能：修改内存值

(gdb) p my_lock
$3 = {{{lock = {dep = 0}, k = 0, l = 0}}, {{lock = {dep = 1}, k = 1, l = 1}}, {{lock = {dep = 0}, k = 0, l = 0}}, {{lock = {dep = 0}, 
      k = 0, l = 0}}, {{lock = {dep = 0}, k = 0, l = 0}}, {{lock = {dep = 0}, k = 0, l = 0}}, {{lock = {dep = 0}, k = 0, l = 0}}, {{lock = {
        dep = 0}, k = 0, l = 0}}, {{lock = {dep = 0}, k = 0, l = 0}}, {{lock = {dep = 0}, k = 0, l = 0}}}
(gdb) p &my_lock
$4 = (test_struct_t (*)[10]) 0x601060 <my_lock>
(gdb) set *(test_struct_t *)0x601060 = 2
(gdb) p my_lock
$6 = {{{lock = {dep = 2}, k = 2, l = 2}}, {{lock = {dep = 1}, k = 1, l = 1}}, {{lock = {dep = 0}, k = 0, l = 0}}, {{lock = {dep = 0}, 
      k = 0, l = 0}}, {{lock = {dep = 0}, k = 0, l = 0}}, {{lock = {dep = 0}, k = 0, l = 0}}, {{lock = {dep = 0}, k = 0, l = 0}}, {{lock = {
        dep = 0}, k = 0, l = 0}}, {{lock = {dep = 0}, k = 0, l = 0}}, {{lock = {dep = 0}, k = 0, l = 0}}}
(gdb) set *((test_struct_t *)0x601060+1) = 3
(gdb) p my_lock
$8 = {{{lock = {dep = 2}, k = 2, l = 2}}, {{lock = {dep = 3}, k = 3, l = 3}}, {{lock = {dep = 0}, k = 0, l = 0}}, {{lock = {dep = 0}, 
      k = 0, l = 0}}, {{lock = {dep = 0}, k = 0, l = 0}}, {{lock = {dep = 0}, k = 0, l = 0}}, {{lock = {dep = 0}, k = 0, l = 0}}, {{lock = {
        dep = 0}, k = 0, l = 0}}, {{lock = {dep = 0}, k = 0, l = 0}}, {{lock = {dep = 0}, k = 0, l = 0}}}

call

• 用法：call < function >
• 功能：插入某个函数调用，直接在当前进程堆栈上执行

Starting program: /home/acean/Project/test/struct_improved 

Breakpoint 5, main (argc=1, argv=0x7fffffffdcc8) at struct_improved.c:49
49                  lock_init(&my_lock[i], i);
(gdb) call printf("%d",i)
$9 = 1

disassemble

• 用法：disassemble [function]
• 功能：反汇编

(gdb) disassemble 
Dump of assembler code for function main:
   0x000000000040053d <+0>: push   %rbp
   0x000000000040053e <+1>: mov    %rsp,%rbp
   0x0000000000400541 <+4>: sub    $0x20,%rsp
   0x0000000000400545 <+8>: mov    %edi,-0x14(%rbp)
   0x0000000000400548 <+11>:    mov    %rsi,-0x20(%rbp)
   0x000000000040054c <+15>:    movl   $0x0,-0x4(%rbp)
   0x0000000000400553 <+22>:    movl   $0x0,-0x4(%rbp)
   0x000000000040055a <+29>:    jmp    0x40059d <main+96>
   0x000000000040055c <+31>:    mov    -0x4(%rbp),%eax
=> 0x000000000040055f <+34>:    cltq   
   0x0000000000400561 <+36>:    shl    $0x2,%rax
   0x0000000000400565 <+40>:    lea    0x601060(%rax),%rdx
   0x000000000040056c <+47>:    mov    -0x4(%rbp),%eax
   0x000000000040056f <+50>:    mov    %eax,%esi
   0x0000000000400571 <+52>:    mov    %rdx,%rdi
   0x0000000000400574 <+55>:    callq  0x400526 <lock_init>
   0x0000000000400579 <+60>:    mov    -0x4(%rbp),%eax
   0x000000000040057c <+63>:    cltq   
   0x000000000040057e <+65>:    mov    0x601060(,%rax,4),%edx
   0x0000000000400585 <+72>:    mov    -0x4(%rbp),%eax
   0x0000000000400588 <+75>:    mov    %eax,%esi
   0x000000000040058a <+77>:    mov    $0x400634,%edi
   0x000000000040058f <+82>:    mov    $0x0,%eax
   0x0000000000400594 <+87>:    callq  0x400400 <printf@plt>
   0x0000000000400599 <+92>:    addl   $0x1,-0x4(%rbp)
   0x000000000040059d <+96>:    cmpl   $0x9,-0x4(%rbp)
   0x00000000004005a1 <+100>:   jle    0x40055c <main+31>
   0x00000000004005a3 <+102>:   mov    $0x0,%eax
   0x00000000004005a8 <+107>:   leaveq 


(gdb) disass lock_init
Dump of assembler code for function lock_init:
   0x0000000000400526 <+0>: push   %rbp
   0x0000000000400527 <+1>: mov    %rsp,%rbp
   0x000000000040052a <+4>: mov    %rdi,-0x8(%rbp)
   0x000000000040052e <+8>: mov    %esi,-0xc(%rbp)
   0x0000000000400531 <+11>:    mov    -0x8(%rbp),%rax
   0x0000000000400535 <+15>:    mov    -0xc(%rbp),%edx
   0x0000000000400538 <+18>:    mov    %edx,(%rax)
   0x000000000040053a <+20>:    nop
   0x000000000040053b <+21>:    pop    %rbp
   0x000000000040053c <+22>:    retq   
End of assembler dump.

info

• 用法：info < params >
• 功能：查询某些状态，比如register、breakpoints、watchpoints、stack等等。
• 注意：
  
  • 比较有用的：可以在info后面跟函数名、行号等来查找源码运行时的内存地址

(gdb) info breakpoints
Num     Type           Disp Enb Address            What
5       breakpoint     keep y   0x000000000040055c in main at struct_improved.c:49
    breakpoint already hit 1 time
(gdb) info registers 
rax            0x40053d 4195645
rbx            0x0  0
rcx            0x0  0
rdx            0x7fffffffdcd8   140737488346328
rsi            0x7fffffffdcc8   140737488346312
rdi            0x1  1
rbp            0x7fffffffdbe0   0x7fffffffdbe0
rsp            0x7fffffffdbc0   0x7fffffffdbc0
r8             0x400620 4195872
r9             0x7ffff7de7ab0   140737351940784
r10            0x846    2118
r11            0x7ffff7a2d740   140737348032320
r12            0x400430 4195376
r13            0x7fffffffdcc0   140737488346304
r14            0x0  0
r15            0x0  0
rip            0x40055c 0x40055c <main+31>
eflags         0x293    [ CF AF SF IF ]
cs             0x33 51
ss             0x2b 43
ds             0x0  0
es             0x0  0
fs             0x0  0
gs             0x0  0

(gdb) info line 49
Cannot access memory at address 0x40053d
(gdb) info line 51
Cannot access memory at address 0x40053d
(gdb) info line main
Line 45 of "struct_improved.c" starts at address 0x40053d <main> and ends at 0x40054c <main+15>

(gdb) info stack
#0  lock_init (lock=0x601060 <my_lock>, depth=0) at struct_improved.c:39
#1  0x0000000000400579 in main (argc=1, argv=0x7fffffffdcc8) at struct_improved.c:49

backtrace

• 缩写：“bt”
• 用法：bt
• 功能：回溯堆栈，该功能debug问题非常实用

(gdb) bt
#0  lock_init (lock=0x601060 <my_lock>, depth=0) at struct_improved.c:39
#1  0x0000000000400579 in main (argc=1, argv=0x7fffffffdcc8) at struct_improved.c:49