Merge pull request #7 from cs-ieee-ist/gdb

Add GDB topic

Author: mgoulao

content/topics/gdb/assembly.md

@@ -1 +1,109 @@
 # GDB - Assembly
+
+There are several occasions where you need to debug at the assembler level. It can be, for example, to understand how the compiler is generating your code and how that code is behaving. 
+
+## Machine Language related commands
+
+Before we start going through an example, we need to introduce some Assembly related commands:
+
+| Command | Short version | Description |
+| ------- | ------------- | ----------- |
+| info line | | Displays the start and end position of the compiled code for the current line |
+| info line number | | Display position in object code for a specified line |
+| disassemble *start_address*  *end_address* | | Displays machine code for positions in object code specified, start and end memory values are optional |
+| stepi | si | step assembly instruction |
+| nexti | ni | next assembly instruction |
+| x *address* | | Examine the contents of memory |
+x/nfu *address* | | Examine the contents of memory with a specific format. n: number of display items to print (default is 1), f: specify the format for the output i - instr, s-string, x-hex, d-sdecimal, u-udecimal, o-octal, t-binary, a-addr, c-char ,f-float, u: specify the size of the data unit b-byte, h-halfword, w-word, g-giant (8 bytes)|
+
+## Debug
+
+**Program**
+
+```c
+#include <stdio.h>
+
+int main() {
+      int a = 1;
+      a = a + 2;  
+      printf("a: %d\n", a);
+    return 0;
+}
+```
+
+**Compile and open GDB**
+
+```bash
+~ $ gcc -g hello.c
+~ $ gdb ./a.out
+```
+
+**Start execution**
+
+```bash
+(gdb) b main
+(gdb) r
+```
+
+So far everything we have done is just the usual setup. Now we want to start analysing the machine code. You can find the Assembly code specific commands at the table above. To start let's display the start and end memory position of the current line. 
+
+```bash
+(gdb) info line
+Line 3 of "hello.c" starts at address 0x8001149 <main> and ends at 0x8001155 <main+12>.
+```
+
+We can also display the compiled code that corresponds to the "main" function.
+
+```bash
+(gdb) disassemble
+=> 0x0000000008001149 <+0>:     endbr64
+   0x000000000800114d <+4>:     push   %rbp
+   0x000000000800114e <+5>:     mov    %rsp,%rbp
+   0x0000000008001151 <+8>:     sub    $0x10,%rsp
+   0x0000000008001155 <+12>:    movl   $0x1,-0x4(%rbp)
+   0x000000000800115c <+19>:    addl   $0x2,-0x4(%rbp)
+   0x0000000008001160 <+23>:    mov    -0x4(%rbp),%eax
+   0x0000000008001163 <+26>:    mov    %eax,%esi
+   0x0000000008001165 <+28>:    lea    0xe98(%rip),%rdi        # 0x8002004
+   0x000000000800116c <+35>:    mov    $0x0,%eax
+   0x0000000008001171 <+40>:    callq  0x8001050 <printf@plt>
+   0x0000000008001176 <+45>:    mov    $0x0,%eax
+   0x000000000800117b <+50>:    leaveq
+   0x000000000800117c <+51>:    retq
+```
+
+Now we can follow the execution one instruction at a time using the "stepi" command.
+
+```bash
+(gdb) stepi
+(gdb) disassemble
+   0x0000000008001149 <+0>:     endbr64
+=> 0x000000000800114d <+4>:     push   %rbp
+   0x000000000800114e <+5>:     mov    %rsp,%rbp
+   0x0000000008001151 <+8>:     sub    $0x10,%rsp
+   0x0000000008001155 <+12>:    movl   $0x1,-0x4(%rbp)
+   0x000000000800115c <+19>:    addl   $0x2,-0x4(%rbp)
+   0x0000000008001160 <+23>:    mov    -0x4(%rbp),%eax
+   0x0000000008001163 <+26>:    mov    %eax,%esi
+   0x0000000008001165 <+28>:    lea    0xe98(%rip),%rdi        # 0x8002004
+   0x000000000800116c <+35>:    mov    $0x0,%eax
+   0x0000000008001171 <+40>:    callq  0x8001050 <printf@plt>
+   0x0000000008001176 <+45>:    mov    $0x0,%eax
+   0x000000000800117b <+50>:    leaveq
+   0x000000000800117c <+51>:    retq
+```
+
+To finish we can set a new breakpoint at the line where we add plus 2 to the "a" variable and watch the value at the memory address change.
+
+```bash
+(gdb) b 5
+(gdb) c
+(gdb) p &a
+$3 = (int *) 0x7ffffffedebc
+(gdb) x/1d 0x7ffffffedebc
+0x7ffffffedebc: 1
+(gdb) x/1d 0x7ffffffedebc
+0x7ffffffedebc: 3
+```
+
+

content/topics/gdb/commands.md

@@ -0,0 +1,70 @@
+# GDB - List of Commands
+
+## Basic Commands
+
+| Command | Short version | Description |
+| ------- | ------------- | ----------- |
+| run | r | The run command causes execution of the program to start from the beginning |
+| quit | q | Exit GDB debugger |
+| breakpoint *location* | b *location* | The breakpoint command sets a breakpoint in a certain location. (line, function, etc) |
+| print *expression* | p *expression* | This will print the value of the given expression. |
+| continue | c | Continues execution following a breakpoint, until the next breakpoint or the termination of the program. |
+| step | s | Executes a single line after a breakpoint. |
+| next | n | Executes a single line. If this line is a subprogram call, executes and returns from the call. |
+| list | l | Lists a few lines around the current source location. |
+| backtrace | bt | Displays a backtrace of the call chain. |
+
+## Execution control
+
+| Command | Short version | Description |
+| ------- | ------------- | ----------- | 
+| run | r | Start program execution |
+| run  *command-line-arguments* | r *command-line-arguments* | Start program execution |
+| run < *stdin-file* > *stdout-file* | r < *stdin-file* > *stdout-file* | Start program execution  with IO redirection |
+| continue | c | Continues program execution until encounters a breakpoint |
+| kill | | Kills the current process |
+| quit | q | Exit GDB debugger |
+
+## Breakpoint management
+
+| Command | Description |
+| ------- | ----------- |
+| break function-name | Set a breakpoint at specified function |
+| break line-number | Set a breakpoint at specified line number |
+| break ClassName::functionName | Set a breakpoint at specified class function |
+| break +offset | Set a breakpoint specified number of lines forward from the current position |
+| break -offset | Set a breakpoint specified number of lines back from the current position |
+| break filename:function | Set a breakpoint at specified function inside a file |
+| break filename:line-number | Set a breakpoint at specified line number of a file |
+| break *address | Set a breakpoint at specified instruction address |
+| break line-number if condition | Set a breakpoint if the condition is met |
+| break line thread thread-number | Set a breakpoint in the thread specified by the line number |
+| tbreak | Set a temporary break (break once only) |
+| watch condition | Suspend execution when the condition is met |
+| clear | Delete breakpoints |
+| clear function | Delete all breakpoints in function |
+| clear *line-number* | Delete breakpoints at specified line number |
+| delete |  Delete all breakpoints, watchpoints, or catchpoints |
+| delete *breakpoint-number* | Delete the breakpoint specified |
+| delete *breakpoint-number*-*breakpoint-number* | Delete the breakpoints inside the specified range. ex: delete 1-4 |
+| disable *breakpoint-number* |  Disable the breakpoint specified |
+| disable *breakpoint-number*-*breakpoint-number* | Disable the breakpoints inside the specified range, ex: disable 1-4 |
+| enable *breakpoint-number* | Enable the breakpoint specified |
+| enable *breakpoint-number*-*breakpoint-number* | Enable the breakpoints inside the specified range, ex: enable 1-4
+
+## Analyse stack
+
+| Command | Short version | Description |
+| ------- | ------------- | ----------- |
+| backtrace | bt | Print stack backtrace |
+| backtrace full | | Print values of local variables |
+| frame | f | Show current stack frame
+| frame number | f number | Show the specified frame number |
+| up | | Move up a single frame |
+| down | | Move down a single frame |
+| up number | | Move up the specified number of frames in the stack |
+| down number | | Move down the specified number of frames in the stack |
+| info frame | | List address, language, address of arguments/local variables and which registers were saved in a frame.
+| info args | | Info arguments of the selected frame |
+| info locals | | Info arguments of the selected local variables |
+| info catch | | Info arguments of the selected exception handlers |

content/topics/gdb/core-files.md

@@ -0,0 +1,76 @@
+# GDB - Debug with core files
+
+A Core Dump is a file containing a process's address space (memory) when the process terminates unexpectedly. This file is very useful for debugging, for example, segmentation faults.
+
+## Generate a Core Dump file
+
+Most systems by default have the core dump file generation disabled. We can check by running the following command:
+
+```bash
+~ $ ulimit -c
+0
+```
+
+To enable the creation we need to run the following commands:
+
+```bash
+~ $ ulimit -c unlimited
+```
+
+## The program
+
+To examplify how you can use the Core Dump and the GDB to better debug your programs, we will use this very simple program:
+
+```c
+int main() {
+        char* s = 0;
+        char c = s[0];
+        return 0;
+}
+```
+
+Now we can compile and run the program.
+
+```bash
+~ $ gcc -g example.c
+~ $ ./a.out
+Segmentation fault (core dumped)
+```
+
+Make sure that the Core Dump file was created, you can use the "ls" command.
+
+## Debug
+
+Now that we have the core file we can start the debug process.
+
+### Open GDB
+
+```bash
+~ $ gdb a.out core
+Core Dump was generated by `./a.out'.
+Program terminated with signal SIGSEGV, Segmentation fault.
+#0  0x0000563a5b9f160a in nullPtr () at hello.c:3
+3               char c = s[0];
+```
+
+The first thing we are going to do is use the "backtrace" command. A program when running maintains a call stack that contains information about the functions that have been called so far. Each item in the stack is a call frame, and each frame contains both the information needed to return to its caller and the information needed to provide the local variables of the function. Backtrace is used to get a stack trace from the time when the SIGSEGV was raised. Each frame in the stack has a number, where 0 is the most recent call. 
+
+```bash
+(gdb) bt
+#0  0x0000563a5b9f160a in nullPtr () at hello.c:3
+#1  0x0000563a5b9f1621 in main () at hello.c:7
+```
+
+This example is trivial, but in normal cases, this backtrace is essential and gives the programmer a good idea of what the problem might be.
+
+In some cases it might be useful to use the "frame" command to gives us more information about each frame. For example the frame 0:
+
+```bash
+(gdb) frame 0
+#0  0x0000563a5b9f160a in nullPtr () at hello.c:3
+3               char c = s[0];
+```
+
+This information is the same given by the debugger when we started. This is because the operation "s[0]" is trying to access an invalid memory position (0x0), which is the problem with our program.
+
+

content/topics/gdb/gui.md

@@ -0,0 +1,89 @@
+# GDB - GUI
+
+There are plenty of Front Ends you can use to debug your code. Here we will only talk about TUI which is built-in GDB. To see more options you can check out this [website](https://sourceware.org/gdb/wiki/GDB%20Front%20Ends).
+
+## TUI
+
+The GDB Text User Interface (TUI) is a terminal interface which can be used to show the source file, the assembly output, the program registers and GDB commands in separate text windows. The TUI mode is enabled by default when you invoke GDB as `gdb -tui`. You can also switch in and out of TUI mode using `tui enable` or the keyboard shortcuts `CTRL+x CTRL+a`. 
+
+TUI behaves the same way as the normal mode. Although it has some specific commands that can be useful
+
+## TUI specific commands
+
+| Command | Description |
+| ------- | ---------- |
+| layout next | Display the next layout. |
+|layout prev | Display the previous layout. |
+|layout src |Display the source window only. |
+|layout asm |Display the assembly window only. |
+|layout split |Display the source and assembly window. |
+|layout regs |Display the register window together with the source or assembly window. |
+|focus next, prev, src, asm, regs, split | Set the focus to the named window. This command allows changing the active window so that scrolling keys can be affected by another window. |
+|refresh |Refresh the screen. This is similar to using C-L key. |
+|update |Update the source window and the current execution point. |
+|winheight name +count | Increase the height of the window name by count lines. |
+| winheight name -count | Decrease the height of the window name by count lines. |
+
+## Example
+
+Hello World program:
+
+```c
+#include <stdio.h>
+
+int main() {
+    int a = 0;
+    a = 2;  
+    printf("%s\n", "Hello World");
+    return 0;
+}
+```
+
+Compile and run:
+
+```bash
+~ $ gcc -g hello.c
+~ $ ./a.out
+Hello World
+```
+
+Start GDB:
+
+```bash
+~ $ gdb -tui ./a.out
+```
+
+You will see that you have the same GDB layout with the prompt but now you also have a big rectangle at the top. This is where all the information will be shown, for example, the source code or the executable disassembled. To show the source code you can run the following command:
+
+```bash
+(gdb) layout src
+```
+
+Let's create a breakpoint at lines 4, 5 and 6:
+
+```bash
+(gdb) b hello.c:4
+(gdb) b hello.c:5
+(gdb) b hello.c:6
+```
+
+Now at the source code will appear b+ in lines 4, 5 and 6.
+
+Run:
+
+```bash
+(gdb) run
+(gdb) p a
+(gdb) c
+(gdb) p a
+(gdb) c
+```
+
+Everything works as expected, and now we have a graphical interface that helps us making the debug more visual. Let's continue the execution:
+
+```bash
+(gdb) layout next
+```
+
+This will show the assembly code of our example from the current breakpoint. This can be a little bit overwhelming, but if you look carefully to the line after the current you will see that the program will call the "puts" function `callq  0x8001050 <puts@plt>x,1)`. Which makes sense since our current breakpoint is supposed to be the "printf" and if we run `layout src` we can confirm that.
+