首先通过命令
gdb freeswitch core.60954
进入gdb。
这里freeswitch 是产生coredump的可执行应用,core.60954是应用产生的coredump文件。
然后执行命令
bt
可以看到运行出错的堆栈信息
(gdb) bt
#0 0x00007fd372e3344d in lua_remove () from /lib64/liblua-5.1.so
#1 0x00007fd3730635ef in docall (L=0x7fd39802dcc0, narg=<optimized out>, nresults=1, perror=1, fatal=0) at mod_lua.cpp:94
#2 0x00007fd373065d94 in LUA::Session::run_dtmf_callback (this=0x7fd3980569d0, input=0x7fd39001f9f0, itype=<optimized out>) at freeswitch_lua.cpp:332
#3 0x00007fd3be601241 in audio_bridge_thread (obj=obj@entry=0x7fd398181d20, thread=0x0) at src/switch_ivr_bridge.c:599
#4 0x00007fd3be6023c2 in audio_bridge_on_exchange_media (session=0x7fd398077058) at src/switch_ivr_bridge.c:856
#5 0x00007fd3be5925ca in switch_core_session_run (session=0x7fd398077058) at src/switch_core_state_machine.c:653
#6 0x00007fd3be58be5e in switch_core_session_thread (thread=<optimized out>, obj=0x7fd398077058) at src/switch_core_session.c:1648
#7 0x00007fd3be587b53 in switch_core_session_thread_pool_worker (thread=0x7fd398096310, obj=<optimized out>) at src/switch_core_session.c:1711
#8 0x00007fd3be842210 in dummy_worker (opaque=0x7fd398096310) at threadproc/unix/thread.c:151
#9 0x00007fd3bc653dc5 in start_thread () from /lib64/libpthread.so.0
#10 0x00007fd3bbd2bd0d in clone () from /lib64/libc.so.6
到这里还可以打印此时的各个变量信息,用法为
p file::variable
p function::variable
其中file和function分别是文件名及文件的全局变量。函数名及函数里面的变量。
比如打印下面函数:
static void *audio_bridge_thread(switch_thread_t *thread, void *obj)
{
switch_ivr_bridge_data_t *data = obj;
int stream_id = 0, pre_b = 0, ans_a = 0, ans_b = 0, originator = 0;
switch_input_callback_function_t input_callback;
switch_core_session_message_t msg = { 0 };
void *user_data;
switch_channel_t *chan_a, *chan_b;
switch_frame_t *read_frame;
switch_core_session_t *session_a, *session_b;
里面的
session_a
的值:
p *audio_bridge_thread::session_a
*号表示指针的值,如果是普通结构体可以去掉。
为了输出结果更好看点,可以执行
set print pretty on
然后执行结果如下:
(gdb) p *audio_bridge_thread::session_a
$5 = {
pool = 0x7fd398075048,
thread = 0x7fd398096310,
thread_id = 140546079377152,
endpoint_interface = 0xac6860,
id = 64,
flags = (SSF_WARN_TRANSCODE | SSF_THREAD_STARTED | SSF_THREAD_RUNNING | SSF_READ_TRANSCODE),
channel = 0x7fd398075130,
event_hooks = {
outgoing_channel = 0x0,
receive_message = 0x0,
receive_event = 0x0,
read_frame = 0x0,
video_read_frame = 0x0,
write_frame = 0x0,
video_write_frame = 0x0,
kill_channel = 0x0,
send_dtmf = 0x0,
recv_dtmf = 0x7fd398181778,
state_change = 0x0,
state_run = 0x0
},
read_codec = 0x7fd398088778,
real_read_codec = 0x7fd398088778,
write_codec = 0x7fd3980887d8,
real_write_codec = 0x0,
video_read_codec = 0x7fd39808d918,
video_write_codec = 0x7fd39808d978,
........
附着到一个pid为39657对应的进程
gdb attach 39657
设置某个文件里面你的断点
break filename:linenum
break filename:func
例如: break switch_ivr_async.c:4530
常用gdb命令
gcc -g main.c //在目标文件加入源代码的信息
gdb a.out
(gdb) start //开始调试
(gdb) n //一条一条执行
(gdb) step/s //执行下一条,如果函数进入函数
(gdb) backtrace/bt //查看函数调用栈帧
(gdb) info/i locals //查看当前栈帧局部变量
(gdb) frame/f //选择栈帧,再查看局部变量
(gdb) print/p //打印变量的值
(gdb) finish //运行到当前函数返回
(gdb) set var sum=0 //修改变量值
(gdb) list/l 行号或函数名 //列出源码
(gdb) display/undisplay sum //每次停下显示变量的值/取消跟踪
(gdb) break/b 行号或函数名 //设置断点
(gdb) continue/c //连续运行
(gdb) info/i breakpoints //查看已经设置的断点
(gdb) delete breakpoints 2 //删除某个断点
(gdb) disable/enable breakpoints 3 //禁用/启用某个断点
(gdb) break 9 if sum != 0 //满足条件才激活断点
(gdb) run/r //重新从程序开头连续执行
(gdb) watch input[4] //设置观察点
(gdb) info/i watchpoints //查看设置的观察点
(gdb) x/7b input //打印存储器内容,b--每个字节一组,7--7组
(gdb) disassemble //反汇编当前函数或指定函数
(gdb) si // 一条指令一条指令调试 而 s 是一行一行代码
(gdb) info registers // 显示所有寄存器的当前值
(gdb) x/20 $esp //查看内存中开始的20个数