GDB内存断点(Memory break)的使用举例

本博客（http://blog.csdn.net/livelylittlefish）贴出作者（三二一@小鱼）相关研究、学习内容所做的笔记，欢迎广大朋友指正！

 

GDB内存断点(Memory break)的使用举例

•  

  本文是一篇使用GDB设置内存断点的例子。

   

  1. 源程序

   

  文件名：testMemBreak.c

  #include <stdio.h> #include <string.h>   int main() {     int i,j;     char buf[256]={0};     char* pp = buf;       printf("buf addr= 0x%x/r/n",buf);     for(i=0;i<16;i++)     {         printf("addr = 0x%x ~ 0x%x/r/n",pp+i*16,pp+i*16+15);         for(j=0;j<16;j++)             *(pp+i*16+j)=i*16+j;     }       printf("ASCII table:/n");     for(i=0;i<16;i++)     {         for(j=0;j<16;j++)             printf("%c  ", *(pp+i*16+j));         printf("/n");     }         return 0;   }

   

  即完成ASCII码的初始化并打印出来。

   

  要使用的GDB命令，如下。

  (gdb) help watch Set a watchpoint for an expression. A watchpoint stops execution of your program whenever the value of an expression changes. (gdb) help rwatch Set a read watchpoint for an expression. A watchpoint stops execution of your program whenever the value of an expression is read. (gdb) help awatch Set a watchpoint for an expression. A watchpoint stops execution of your program whenever the value of an expression is either read or written. (gdb)

   

  2. 调试过程

   

  2.1 设置断点并启动程序完成初始化

   

  启动程序对其进行初始化，并使用display自动显示buf的地址。

   

  $ gcc -g -o membreak testMemBreak.c   $ gdb ./membreak.exe GNU gdb 6.3.50_2004-12-28-cvs (cygwin-special) Copyright 2004 Free Software Foundation, Inc. GDB is free software, covered by the GNU General Public License, and you are welcome to change it and/or distribute copies of it under certain conditions. Type "show copying" to see the conditions. There is absolutely no warranty for GDB.  Type "show warranty" for details. This GDB was configured as "i686-pc-cygwin"... (gdb) l 1       #include <stdio.h> 2       #include <string.h> 3 4       int main() 5       { 6           int i,j; 7           char buf[256]={0}; 8           char* pp = buf; 9 10          printf("buf addr= 0x%x/r/n",buf); (gdb) 11          for(i=0;i<16;i++) 12          { 13              printf("addr = 0x%x ~ 0x%x/r/n",pp+i*16,pp+i*16+15); 14              for(j=0;j<16;j++) 15                  *(pp+i*16+j)=i*16+j; 16          } 17 18          printf("ASCII table:/n"); 19          for(i=0;i<16;i++) 20          { (gdb) 21              for(j=0;j<16;j++) 22                  printf("%c  ", *(pp+i*16+j)); 23              printf("/n"); 24          } 25 26          return 0; 27      } (gdb) b 10 Breakpoint 1 at 0x4010ae: file testMemBreak.c, line 10. (gdb) r Starting program: /cygdrive/e/study/programming/linux/2009-12-28 testMemBreak/membreak.exe   Breakpoint 1, main () at testMemBreak.c:10 10          printf("buf addr= 0x%x/r/n",buf); (gdb) step buf addr= 0x22cb70 11          for(i=0;i<16;i++) (gdb) p buf $1 = '/0' <repeats 255 times> (gdb) p &buf $2 = (char (*)[256]) 0x22cb70 (gdb) display &buf 1: &buf = (char (*)[256]) 0x22cb70 (gdb) p/x *0x22cb70@64 $3 = {0x0 <repeats 64 times>} (gdb) x/64w 0x22cb70 0x22cb70:       0x00000000      0x00000000      0x00000000      0x00000000 0x22cb80:       0x00000000      0x00000000      0x00000000      0x00000000 0x22cb90:       0x00000000      0x00000000      0x00000000      0x00000000 0x22cba0:       0x00000000      0x00000000      0x00000000      0x00000000 0x22cbb0:       0x00000000      0x00000000      0x00000000      0x00000000 0x22cbc0:       0x00000000      0x00000000      0x00000000      0x00000000 0x22cbd0:       0x00000000      0x00000000      0x00000000      0x00000000 0x22cbe0:       0x00000000      0x00000000      0x00000000      0x00000000 0x22cbf0:       0x00000000      0x00000000      0x00000000      0x00000000 0x22cc00:       0x00000000      0x00000000      0x00000000      0x00000000 0x22cc10:       0x00000000      0x00000000      0x00000000      0x00000000 0x22cc20:       0x00000000      0x00000000      0x00000000      0x00000000 0x22cc30:       0x00000000      0x00000000      0x00000000      0x00000000 0x22cc40:       0x00000000      0x00000000      0x00000000      0x00000000 0x22cc50:       0x00000000      0x00000000      0x00000000      0x00000000 0x22cc60:       0x00000000      0x00000000      0x00000000      0x00000000

   

  p/x *0x22cb70@64：以16进制方式显示0x22cb70开始的64个双字组成的数组，实际上就是256个字节的数组，只是默认以双字显示。

  可以看见，buf内存块中的所有数据被初始化为0。

   

  2.2 在buf+80处设置内存断点

   

  设置断点后，运行程序，使之停在对该内存写的动作上。

  (gdb) watch *(int*)0x22cbc0 Hardware watchpoint 2: *(int *) 2280384 (gdb) c Continuing. addr = 0x22cb70 ~ 0x22cb7f addr = 0x22cb80 ~ 0x22cb8f addr = 0x22cb90 ~ 0x22cb9f addr = 0x22cba0 ~ 0x22cbaf addr = 0x22cbb0 ~ 0x22cbbf addr = 0x22cbc0 ~ 0x22cbcf Hardware watchpoint 2: *(int *) 2280384   Old value = 0 New value = 80 main () at testMemBreak.c:14 14              for(j=0;j<16;j++) 1: &buf = (char (*)[256]) 0x22cb70 (gdb) p i $4 = 5 (gdb) p j $5 = 0 (gdb) info breakpoints Num Type           Disp Enb Address    What 1   breakpoint     keep y   0x004010ae in main at testMemBreak.c:10         breakpoint already hit 1 time 2   hw watchpoint  keep y              *(int *) 2280384         breakpoint already hit 1 time (gdb) delete 1 (gdb) delete 2 (gdb) b 18 Breakpoint 3 at 0x40113b: file testMemBreak.c, line 18. (gdb) info breakpoints Num Type           Disp Enb Address    What 3   breakpoint     keep y   0x0040113b in main at testMemBreak.c:18 (gdb) p/x *0x22cb70@64 $6 = {0x3020100, 0x7060504, 0xb0a0908, 0xf0e0d0c, 0x13121110, 0x17161514, 0x1b1a1918, 0x1f1e1d1c, 0x23222120,   0x27262524, 0x2b2a2928, 0x2f2e2d2c, 0x33323130, 0x37363534, 0x3b3a3938, 0x3f3e3d3c, 0x43424140, 0x47464544,   0x4b4a4948, 0x4f4e4d4c, 0x50, 0x0 <repeats 43 times>} (gdb) x/64w 0x22cb70 0x22cb70:       0x03020100      0x07060504      0x0b0a0908      0x0f0e0d0c 0x22cb80:       0x13121110      0x17161514      0x1b1a1918      0x1f1e1d1c 0x22cb90:       0x23222120      0x27262524      0x2b2a2928      0x2f2e2d2c 0x22cba0:       0x33323130      0x37363534      0x3b3a3938      0x3f3e3d3c 0x22cbb0:       0x43424140      0x47464544      0x4b4a4948      0x4f4e4d4c 0x22cbc0:       0x00000050      0x00000000      0x00000000      0x00000000 0x22cbd0:       0x00000000      0x00000000      0x00000000      0x00000000 0x22cbe0:       0x00000000      0x00000000      0x00000000      0x00000000 0x22cbf0:       0x00000000      0x00000000      0x00000000      0x00000000 0x22cc00:       0x00000000      0x00000000      0x00000000      0x00000000 0x22cc10:       0x00000000      0x00000000      0x00000000      0x00000000 0x22cc20:       0x00000000      0x00000000      0x00000000      0x00000000 0x22cc30:       0x00000000      0x00000000      0x00000000      0x00000000 0x22cc40:       0x00000000      0x00000000      0x00000000      0x00000000 0x22cc50:       0x00000000      0x00000000      0x00000000      0x00000000 0x22cc60:       0x00000000      0x00000000      0x00000000      0x00000000

   

  查看buf内存块,可以看见，程序按我们希望的在运行，并在buf+80处停住。此时，程序正试图向该单元即0x22cbc0写入80。

   

  2.3 使用continue执行程序直至结束

   

  (gdb) c Continuing. addr = 0x22cbd0 ~ 0x22cbdf addr = 0x22cbe0 ~ 0x22cbef addr = 0x22cbf0 ~ 0x22cbff addr = 0x22cc00 ~ 0x22cc0f addr = 0x22cc10 ~ 0x22cc1f addr = 0x22cc20 ~ 0x22cc2f addr = 0x22cc30 ~ 0x22cc3f addr = 0x22cc40 ~ 0x22cc4f addr = 0x22cc50 ~ 0x22cc5f addr = 0x22cc60 ~ 0x22cc6f   Breakpoint 3, main () at testMemBreak.c:18 18          printf("ASCII table:/n"); 1: &buf = (char (*)[256]) 0x22cb70 (gdb) p/x *0x22cb70@64 $7 = {0x3020100, 0x7060504, 0xb0a0908, 0xf0e0d0c, 0x13121110, 0x17161514, 0x1b1a1918, 0x1f1e1d1c, 0x23222120,   0x27262524, 0x2b2a2928, 0x2f2e2d2c, 0x33323130, 0x37363534, 0x3b3a3938, 0x3f3e3d3c, 0x43424140, 0x47464544,   0x4b4a4948, 0x4f4e4d4c, 0x53525150, 0x57565554, 0x5b5a5958, 0x5f5e5d5c, 0x63626160, 0x67666564, 0x6b6a6968,   0x6f6e6d6c, 0x73727170, 0x77767574, 0x7b7a7978, 0x7f7e7d7c, 0x83828180, 0x87868584, 0x8b8a8988, 0x8f8e8d8c,   0x93929190, 0x97969594, 0x9b9a9998, 0x9f9e9d9c, 0xa3a2a1a0, 0xa7a6a5a4, 0xabaaa9a8, 0xafaeadac, 0xb3b2b1b0,   0xb7b6b5b4, 0xbbbab9b8, 0xbfbebdbc, 0xc3c2c1c0, 0xc7c6c5c4, 0xcbcac9c8, 0xcfcecdcc, 0xd3d2d1d0, 0xd7d6d5d4,   0xdbdad9d8, 0xdfdedddc, 0xe3e2e1e0, 0xe7e6e5e4, 0xebeae9e8, 0xefeeedec, 0xf3f2f1f0, 0xf7f6f5f4, 0xfbfaf9f8,   0xfffefdfc} (gdb) x/64w 0x22cb70 0x22cb70:       0x03020100      0x07060504      0x0b0a0908      0x0f0e0d0c 0x22cb80:       0x13121110      0x17161514      0x1b1a1918      0x1f1e1d1c 0x22cb90:       0x23222120      0x27262524      0x2b2a2928      0x2f2e2d2c 0x22cba0:       0x33323130      0x37363534      0x3b3a3938      0x3f3e3d3c 0x22cbb0:       0x43424140      0x47464544      0x4b4a4948      0x4f4e4d4c 0x22cbc0:       0x53525150      0x57565554      0x5b5a5958      0x5f5e5d5c 0x22cbd0:       0x63626160      0x67666564      0x6b6a6968      0x6f6e6d6c 0x22cbe0:       0x73727170      0x77767574      0x7b7a7978      0x7f7e7d7c 0x22cbf0:       0x83828180      0x87868584      0x8b8a8988      0x8f8e8d8c 0x22cc00:       0x93929190      0x97969594      0x9b9a9998      0x9f9e9d9c 0x22cc10:       0xa3a2a1a0      0xa7a6a5a4      0xabaaa9a8      0xafaeadac 0x22cc20:       0xb3b2b1b0      0xb7b6b5b4      0xbbbab9b8      0xbfbebdbc 0x22cc30:       0xc3c2c1c0      0xc7c6c5c4      0xcbcac9c8      0xcfcecdcc 0x22cc40:       0xd3d2d1d0      0xd7d6d5d4      0xdbdad9d8      0xdfdedddc 0x22cc50:       0xe3e2e1e0      0xe7e6e5e4      0xebeae9e8      0xefeeedec 0x22cc60:       0xf3f2f1f0      0xf7f6f5f4      0xfbfaf9f8      0xfffefdfc (gdb) c Continuing. ASCII table:                                                  !  "  #  $  %  &  '  (  )  *  +  ,  -  .  / 0  1  2  3  4  5  6  7  8  9  :  ;  <  =  >  ? @  A  B  C  D  E  F  G  H  I  J  K  L  M  N  O P  Q  R  S  T  U  V  W  X  Y  Z  [  /  ]  ^  _ `  a  b  c  d  e  f  g  h  i  j  k  l  m  n  o p  q  r  s  t  u  v  w  x  y  z  {  |  }  ~   €  ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ?    Program exited normally. (gdb)

   

  至此，我们已经看到watch查看内存的作用了，只要被查看的单元会被修改（读/写），均会断在此处，以方便我们调试程序。