10

A basic question & I am very new to C/C++ and GDB.

We use GDB to debug a process. We attach GDB to a process and then specify filename.c along with line number to put break point.

My question is "How would GDB or OS OR possibly anything else know that it has to break at specified line number (in filename.c) after we connect GDB to running process?"

What is coming into picture that, say, the current process is run in debug mode and a breakpoint is applied and the process execution has to break (wait for user input) at that point?

Improve this question
2
  • Take a look at ptrace(2) Commented Jun 7, 2013 at 15:07
  • 1
    @nouney: That would be a good basis for a great answer. Commented Jun 7, 2013 at 15:10

3 Answers 3

Reset to default
9

The same way that if your program stops or crashes at a particular point, the debugger can tell you where in the program that point is.

For both of these to work the program binary must contain additional debugging information that associates addresses in the program image with locations in the source code (source file and line number.)

To add a breakpoint at a particular line the debugger finds the program address closest to that line, modifies the copy of the executable in memory to insert a special "break" instruction at that location which will cause the program's execution to be interrupted, then "traces" the program's execution and waits for it to reach the breakpoint and stop.

For more details see http://eli.thegreenplace.net/2011/01/23/how-debuggers-work-part-1/ and http://www.howzatt.demon.co.uk/articles/SimplePTrace.html

Improve this answer
Sign up to request clarification or add additional context in comments.

1 Comment

On many architectures (e.g. x86) debug registers allow for a (few) breakpoints to be set without modifying program text.
6

I can't comment for the latest version of gdb - but many debuggers actually swap the assembly instruction at the desired breakpoint location (in memory) with an interrupt instruction. This "wakes up" the debugger which takes control at this point.

Using a substituted interrupt instruction means that the CPU can execute your program at full speed and "trip up" at the desired location.

Modern processors are very complex, however, and probably have far superior debugging features.

Improve this answer

Comments

1

GDB is aware of your code : it knows all about it. When you set a breakpoint at a line, GDB gets the equivalant machine instruction address : all your code (as machine instructions) is loaded in memory, so the instructions of your code have an address.

So now GDB knows the adress of the instruction you want to break. When you run your programm, GDB will use ptrace, which allow GDB to "see" each instructions before their execution. Then GDB have just to look if the current instruction (which will be executed) is the same as your instruction (that you want to break).

Improve this answer

2 Comments

The method you've described is possible, but so slow (1000x or more) as to be unusable in practice. That's not how usable debuggers actually work.
I agree...it would be too slow

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.