Linux Applications Debugging Techniques/The debugger

Preparations
Someday some hard to reproduce issue will be found on a production machine. Typically, such a machine is difficult to access, has no development environment and nothing can be installed on it. At most it will have gdb, but very likely not. Typically also, the heaviest user will be the one to find the issue and typically still, the heaviest user is the one being the bigger -- money-wise. And that issue has to be root cause diagnosed and fixed.

Unless the application has been prepared for this forensic gathering moment, not much can be done to diagnose where the issue is. Thus, preparations should start with compilation:


 * Have a "symbol server" and make sure it is reacheable. Compile on the symbol server.
 * Compile the release with debugging symbols. Strip them if you do not want to ship them but keep them.
 * Ship gdbserver with the application for remote debugging.

These preparations will allow one to:


 * Debug the application running on any machine, including machines where there is no gdb installed.
 * Debug from any machine that has network visibility to the symbol server.

Also, think beforehand how would you debug on the machine:


 * Embed a breakpoint in the code, at hard of reach places of interest, then
 * Start the application
 * Attach to it with the debugger
 * Wait until the breakpoint is hit

The "symbol server"
One way to easily reach the right code from within the debugger is to build the binaries within an auto-mounted folder, each build in its own sub-folder. The same auto-mount share should be accessible from the machine you are debugging on.

Debian

 * Install autofs


 * In /etc/auto.master uncomment the line:


 * In /etc/exports export the folder:


 * As root: restart autofs & nfs and export the build share:

Redhat

 * Export the folder: edit /etc/exports
 * As root (RedHat): service autofs start

Finally, build the binaries within the automounted directory on the build machine (here the build machine is bear):

Notice the filename path that is resolved with the symbol information:

If the symbols have been stripped from the binaries, point gdb to the folders where the symbols are with the debug-file-directory directive.

Source Code
To point the debugger to the source files:

Remote debugging

 * On the machine where the application runs (<tt>appmachine</tt>):
 * If gdbserver is not present, copy it over.
 * Start the application.
 * Start gdbserver: <tt>gdbserver gdbmachine:2345 --attach program</tt>
 * On <tt>gdbmachine</tt>:
 * At the gdb prompt, enter: <tt>target remote appmachine:2345</tt>

Sometimes you may have to tunnel over ssh:


 * On gdbmachine:
 * <tt>ssh -L 5432:appmachine:2345 user@appmachine</tt>
 * At the gdb prompt: <tt>target remote localhost:5432</tt>

Attaching to a process
Find out the PID of the process, then:

Debugging programs that spawn multiple children

 * set detach-on-fork off
 * see "all-stop" vs "non-stop" modes in the GDB documentation and their related settings

Embedding breakpoints in the source
On x86 platforms:

Or a more elaborate one:

This will break into the debugger on hard to reach conditions:

Data breakpoints (watchpoints)
Watchpoints can be implemented either in software either in hardware if the CPU supports it. Typically on an Intel processor there are eight debug registers out of which only four can be used for hardware breakpoints and this limits the number of watchpoints system wide.

Install a condition on a hardware watchpoint so that only accesses are stopped that increase the value of the variable:

Breakpoints conditional on caller
This requires gdb 7.9 or later, configured with python support:


 * 

The text user interface


GDB features a text user interface for code, disassembler and registers. For instance:


 * Ctrl-x 1 will show the code pane
 * Ctrl-x a will hide the TUI panes

None of the GUI interfaces to <tt>gdb</tt> (Qt Creator stands out for being intuitive and easy to use) can offer access to all of the <tt>gdb</tt> functionality.

curses gdb offers an improved TUI. A comprehensive list of debugger GUIs is available here.

Reverse debugging
As an example, reverse debugging is a functionality no GUI offers access to:

See also
 * rr & gdbgui

Register watch
You can watch registers. Note this will force the debugger to single step the debugged program and it will run very slowly:

.gdbinit
As a note, in upcoming gdb releases, <tt>.gdbinit</tt> will be replaced by <tt>gdb-gdb.gdb</tt>:

gdb-gdb.gdb ^  ^   ^ |   |   | It's a gdb script. |  |         If it were Python this would be .py. |  | |   - "-gdb" is a gdb convention, it's the suffix added to a file |            for auxiliary support. |            E.g., gdb will auto-load libstdc++.so-gdb.py (version elided) |            which contains the std c++ pretty-printers. | - This init script is for the program named "gdb". If this were for readelf the script would be named readelf-gdb.gdb.

Canned gdb macros

 * gdb STL support
 * STL macros (and more)

Mangling
<tt>gdb</tt> might need a bit of guidance with C++11 binaries:


 * 

Templates
One can eventually use templight to debug and profile templates.