GDB踪函数的完整调用过程 及原理

Posted zengkefu

tags:

篇首语:本文由小常识网(cha138.com)小编为大家整理,主要介绍了GDB踪函数的完整调用过程 及原理相关的知识,希望对你有一定的参考价值。

http://www.lenky.info/archives/2013/02/2202

Breakpoint 1, 0x0000003c4e417410 in open64 () from /lib64/ld-linux-x86-64.so.2
(gdb) bt
#0  0x0000003c4e417410 in open64 () from /lib64/ld-linux-x86-64.so.2
#1  0x0000003c4e40f789 in _dl_sysdep_read_whole_file () from /lib64/ld-linux-x86-64.so.2
#2  0x0000003c4e408d78 in _dl_load_cache_lookup () from /lib64/ld-linux-x86-64.so.2
#3  0x0000003c4e408612 in _dl_map_object () from /lib64/ld-linux-x86-64.so.2
#4  0x0000003c4e40c3a2 in openaux () from /lib64/ld-linux-x86-64.so.2
#5  0x0000003c4e40e286 in _dl_catch_error () from /lib64/ld-linux-x86-64.so.2
#6  0x0000003c4e40ca85 in _dl_map_object_deps () from /lib64/ld-linux-x86-64.so.2
#7  0x0000003c4e403310 in dl_main () from /lib64/ld-linux-x86-64.so.2
#8  0x0000003c4e4160ae in _dl_sysdep_start () from /lib64/ld-linux-x86-64.so.2
#9  0x0000003c4e4014a4 in _dl_start () from /lib64/ld-linux-x86-64.so.2
#10 0x0000003c4e400b08 in _start () from /lib64/ld-linux-x86-64.so.2
#11 0x0000000000000001 in ?? ()
#12 0x00007fffffffe85b in ?? ()
#13 0x0000000000000000 in ?? ()
(gdb) bt 1
#0  0x0000003c4e417410 in open64 () from /lib64/ld-linux-x86-64.so.2
(More stack frames follow...)
(gdb) bt 2
#0  0x0000003c4e417410 in open64 () from /lib64/ld-linux-x86-64.so.2
#1  0x0000003c4e40f789 in _dl_sysdep_read_whole_file () from /lib64/ld-linux-x86-64.so.2
(More stack frames follow...)
(gdb) bt 3
#0  0x0000003c4e417410 in open64 () from /lib64/ld-linux-x86-64.so.2
#1  0x0000003c4e40f789 in _dl_sysdep_read_whole_file () from /lib64/ld-linux-x86-64.so.2
#2  0x0000003c4e408d78 in _dl_load_cache_lookup () from /lib64/ld-linux-x86-64.so.2
(More stack frames follow...)
(gdb) bt -1
#13 0x0000000000000000 in ?? ()
(gdb) bt -2

 

[[email protected] ~]# cat test.c

   #include <stdio.h>   
   #include <stdlib.h>      
   main()
   {
       int *p1=malloc(4);
       int *p2=malloc(4);
       int *p3=malloc(4);
       int *p4=malloc(4);
       int *p5=malloc(4);
       printf("%p\n",p1);
       printf("%p\n",p2);
       printf("%p\n",p3);
       printf("%p\n",p4);
       printf("%p\n",p5);
       printf("1231238888::");
            
   }
[[email protected] ~]# readelf -s ./test

Symbol table .dynsym contains 5 entries:
   Num:    Value          Size Type    Bind   Vis      Ndx Name
     0: 0000000000000000     0 NOTYPE  LOCAL  DEFAULT  UND 
     1: 0000000000000000     0 FUNC    GLOBAL DEFAULT  UND [email protected]_2.2.5 (2)
     2: 0000000000000000     0 NOTYPE  WEAK   DEFAULT  UND __gmon_start__
     3: 0000000000000000     0 FUNC    GLOBAL DEFAULT  UND [email protected]_2.2.5 (2)
     4: 0000000000000000     0 FUNC    GLOBAL DEFAULT  UND [email protected]_2.2.5 (2)

Symbol table .symtab contains 72 entries:
   Num:    Value          Size Type    Bind   Vis      Ndx Name
     0: 0000000000000000     0 NOTYPE  LOCAL  DEFAULT  UND 
     1: 0000000000400200     0 SECTION LOCAL  DEFAULT    1 
     2: 000000000040021c     0 SECTION LOCAL  DEFAULT    2 
     3: 000000000040023c     0 SECTION LOCAL  DEFAULT    3 
     4: 0000000000400260     0 SECTION LOCAL  DEFAULT    4 
     5: 0000000000400280     0 SECTION LOCAL  DEFAULT    5 
     6: 00000000004002f8     0 SECTION LOCAL  DEFAULT    6 
     7: 000000000040033e     0 SECTION LOCAL  DEFAULT    7 
     8: 0000000000400348     0 SECTION LOCAL  DEFAULT    8 
     9: 0000000000400368     0 SECTION LOCAL  DEFAULT    9 
    10: 0000000000400380     0 SECTION LOCAL  DEFAULT   10 
    11: 00000000004003c8     0 SECTION LOCAL  DEFAULT   11 
    12: 00000000004003e0     0 SECTION LOCAL  DEFAULT   12 
    13: 0000000000400420     0 SECTION LOCAL  DEFAULT   13 
    14: 00000000004006c8     0 SECTION LOCAL  DEFAULT   14 
    15: 00000000004006d8     0 SECTION LOCAL  DEFAULT   15 
    16: 00000000004006fc     0 SECTION LOCAL  DEFAULT   16 
    17: 0000000000400720     0 SECTION LOCAL  DEFAULT   17 
    18: 00000000006007a0     0 SECTION LOCAL  DEFAULT   18 
    19: 00000000006007b0     0 SECTION LOCAL  DEFAULT   19 
    20: 00000000006007c0     0 SECTION LOCAL  DEFAULT   20 
    21: 00000000006007c8     0 SECTION LOCAL  DEFAULT   21 
    22: 0000000000600958     0 SECTION LOCAL  DEFAULT   22 
    23: 0000000000600960     0 SECTION LOCAL  DEFAULT   23 
    24: 0000000000600990     0 SECTION LOCAL  DEFAULT   24 
    25: 0000000000600998     0 SECTION LOCAL  DEFAULT   25 
    26: 0000000000000000     0 SECTION LOCAL  DEFAULT   26 
    27: 0000000000000000     0 SECTION LOCAL  DEFAULT   27 
    28: 0000000000000000     0 SECTION LOCAL  DEFAULT   28 
    29: 0000000000000000     0 SECTION LOCAL  DEFAULT   29 
    30: 0000000000000000     0 SECTION LOCAL  DEFAULT   30 
    31: 0000000000000000     0 SECTION LOCAL  DEFAULT   31 
    32: 0000000000000000     0 SECTION LOCAL  DEFAULT   32 
    33: 0000000000000000     0 SECTION LOCAL  DEFAULT   33 
    34: 000000000040044c     0 FUNC    LOCAL  DEFAULT   13 call_gmon_start
    35: 0000000000000000     0 FILE    LOCAL  DEFAULT  ABS crtstuff.c
    36: 00000000006007a0     0 OBJECT  LOCAL  DEFAULT   18 __CTOR_LIST__
    37: 00000000006007b0     0 OBJECT  LOCAL  DEFAULT   19 __DTOR_LIST__
    38: 00000000006007c0     0 OBJECT  LOCAL  DEFAULT   20 __JCR_LIST__
    39: 0000000000400470     0 FUNC    LOCAL  DEFAULT   13 __do_global_dtors_aux
    40: 0000000000600998     1 OBJECT  LOCAL  DEFAULT   25 completed.6349
    41: 00000000006009a0     8 OBJECT  LOCAL  DEFAULT   25 dtor_idx.6351
    42: 00000000004004e0     0 FUNC    LOCAL  DEFAULT   13 frame_dummy
    43: 0000000000000000     0 FILE    LOCAL  DEFAULT  ABS crtstuff.c
    44: 00000000006007a8     0 OBJECT  LOCAL  DEFAULT   18 __CTOR_END__
    45: 0000000000400798     0 OBJECT  LOCAL  DEFAULT   17 __FRAME_END__
    46: 00000000006007c0     0 OBJECT  LOCAL  DEFAULT   20 __JCR_END__
    47: 0000000000400690     0 FUNC    LOCAL  DEFAULT   13 __do_global_ctors_aux
    48: 0000000000000000     0 FILE    LOCAL  DEFAULT  ABS test.c
    49: 0000000000600960     0 OBJECT  LOCAL  DEFAULT   23 _GLOBAL_OFFSET_TABLE_
    50: 000000000060079c     0 NOTYPE  LOCAL  DEFAULT   18 __init_array_end
    51: 000000000060079c     0 NOTYPE  LOCAL  DEFAULT   18 __init_array_start
    52: 00000000006007c8     0 OBJECT  LOCAL  DEFAULT   21 _DYNAMIC
    53: 0000000000600990     0 NOTYPE  WEAK   DEFAULT   24 data_start
    54: 0000000000000000     0 FUNC    GLOBAL DEFAULT  UND [email protected]@GLIBC_2.2.5
    55: 00000000004005f0     2 FUNC    GLOBAL DEFAULT   13 __libc_csu_fini
    56: 0000000000400420     0 FUNC    GLOBAL DEFAULT   13 _start
    57: 0000000000000000     0 NOTYPE  WEAK   DEFAULT  UND __gmon_start__
    58: 0000000000000000     0 NOTYPE  WEAK   DEFAULT  UND _Jv_RegisterClasses
    59: 00000000004006c8     0 FUNC    GLOBAL DEFAULT   14 _fini
    60: 0000000000000000     0 FUNC    GLOBAL DEFAULT  UND [email protected]@GLIBC_2.2.5
    61: 0000000000000000     0 FUNC    GLOBAL DEFAULT  UND [email protected]@GLIBC_
    62: 00000000004006d8     4 OBJECT  GLOBAL DEFAULT   15 _IO_stdin_used
    63: 0000000000600990     0 NOTYPE  GLOBAL DEFAULT   24 __data_start
    64: 00000000004006e0     0 OBJECT  GLOBAL HIDDEN    15 __dso_handle
    65: 00000000006007b8     0 OBJECT  GLOBAL HIDDEN    19 __DTOR_END__
    66: 0000000000400600   137 FUNC    GLOBAL DEFAULT   13 __libc_csu_init
    67: 0000000000600994     0 NOTYPE  GLOBAL DEFAULT  ABS __bss_start
    68: 00000000006009a8     0 NOTYPE  GLOBAL DEFAULT  ABS _end
    69: 0000000000600994     0 NOTYPE  GLOBAL DEFAULT  ABS _edata
    70: 0000000000400504   223 FUNC    GLOBAL DEFAULT   13 main
    71: 00000000004003c8     0 FUNC    GLOBAL DEFAULT   11 _init
[[email protected] trace]# readelf -s ./test | gawk ‘

{

  if($4 == "FUNC" && $2 != 0) {

    print "# code for " $NF;

    print "b *0x" $2;

    print "commands";

    print "silent";

    print "bt 1";

    print "c";

    print "end";

    print "";

  }

}‘ > sym;
[[email protected] ~]# cat sym
# code for call_gmon_start
b *0x000000000040044c
commands
silent
bt 1
c
end

# code for __do_global_dtors_aux
b *0x0000000000400470
commands
silent
bt 1
c
end

# code for frame_dummy
b *0x00000000004004e0
commands
silent
bt 1
c
end

# code for __do_global_ctors_aux
b *0x0000000000400690
commands
silent
bt 1
c
end

# code for __libc_csu_fini
b *0x00000000004005f0
commands
silent
bt 1
c
end

# code for _start
b *0x0000000000400420
commands
silent
bt 1
c
end

# code for _fini
b *0x00000000004006c8
commands
silent
bt 1
c
end

# code for __libc_csu_init
b *0x0000000000400600
commands
silent
bt 1
c
end

# code for main
b *0x0000000000400504
commands
silent
bt 1
c
end

# code for _init
b *0x00000000004003c8
commands
silent
bt 1
c
end

[[email protected] ~]#  gdb --command=sym ./test -q
Reading symbols from /root/test...done.
Breakpoint 1 at 0x40044c
Breakpoint 2 at 0x400470
Breakpoint 3 at 0x4004e0
Breakpoint 4 at 0x400690
Breakpoint 5 at 0x4005f0
Breakpoint 6 at 0x400420
Breakpoint 7 at 0x4006c8
Breakpoint 8 at 0x400600
Breakpoint 9 at 0x400504: file test.c, line 5.
Breakpoint 10 at 0x4003c8
(gdb) r
Starting program: /root/test 
#0  0x0000000000400420 in _start ()
#0  0x0000000000400600 in __libc_csu_init ()
#0  0x00000000004003c8 in _init ()
#0  0x000000000040044c in call_gmon_start ()
#0  0x00000000004004e0 in frame_dummy ()
#0  0x0000000000400690 in __do_global_ctors_aux ()
#0  main () at test.c:5
0x601010
0x601030
0x601050
0x601070
0x601090
#0  0x00000000004006c8 in _fini ()
#0  0x0000000000400470 in __do_global_dtors_aux ()
1231238888::
Program exited with code 014.
Missing separate debuginfos, use: debuginfo-install glibc-2.12-1.166.el6_7.7.x86_64

 

以上是关于GDB踪函数的完整调用过程 及原理的主要内容,如果未能解决你的问题,请参考以下文章

gdb调试原理及qemu中的gdbserver

Vue数据绑定原理及简单实现

C函数调用过程原理及函数栈帧分析(转)

函数调用过程原理及栈帧分析

GDB调试汇编堆栈过程分析

Linux系统下GDB调试