问题描述

我想全面了解如何在运行Linux操作系统的典型x86机器上进行调试过程.假设用于调试的程序是gdb.问题1:硬件是否可以促进调试过程(或者完全由软件实现?).如果是这样，那么指令集涉及哪些架构功能?

I want a comprehensive overview of how the debugging process occurs on a typical x86 machine running Linux operating system; let's say the program used for debugging is gdb. Question #1 : is the process of debugging facilitated by the hardware (or it is implemented completely in software instead?). If so, what architecture features from the instruction set are involved?

推荐答案

x86 ISA包含一个单字节 int3 编码，用于软件断点.默认情况下，GDB使用此功能(通过ptrace)作为断点.

The x86 ISA includes a single-byte int3 encoding that's intended for software breakpoints. GDB uses this (via ptrace) by default for breakpoints.

(为什么在X86上执行单步指令?)

x86在EFLAGS中还具有用于单步模式的陷阱标志(TF). ( https://en.wikipedia.org/wiki/Trap_flag ).另请参见陷阱标志(TF)与监视器陷阱标志之间的区别?

x86 also has a Trap Flag (TF) in EFLAGS for single-step mode. (https://en.wikipedia.org/wiki/Trap_flag). See also Difference between trap flag (TF) and monitor trap flag?

甚至还有用于设置硬件断点的调试寄存器"，而无需修改要运行的机器代码.以及对观察点的硬件支持，以便在写入特定地址时中断.这使GDB监视点变得高效，而无需单步执行并手动解码指令以查看其写入位置.

There are even "debug registers" for setting hardware breakpoints, without modifying the machine code to be run. And also hardware support for watch points, to break on write to a certain address. This makes GDB watch points efficient, not requiring it to single-step and manually decode the instruction to see where it writes.

https://wiki.osdev.org/CPU_Registers_x86#Debug_Registers

使用x86调试寄存器实现硬件断点 osdev论坛线程可能是相关的.

Implementing hardware breakpoints using x86 debug register osdev forum thread might be relevant.

存在一些其他ISA，但几乎没有对调试的硬件支持.例如没有单步标记，调试器可能必须始终对当前指令(由程序计数器指向)进行解码，以找到要执行的下一条指令，并在该处设置软件断点.

Some other ISAs exist without nearly as much HW support for debugging. e.g. without a single-step flag, a debugger might have to always decode the current instruction (pointed to by program counter) to find the next one to be executed, and set a software breakpoint there.

ARM Linux曾经这样做来实现ptrace单步执行，但是反汇编程序代码已从内核中删除，现在仅返回-EIO. https://git .kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id = 425fc47adb5bb69f76285be77a09a3341a30799e 是已将其删除的提交.

ARM Linux used to do that to implement ptrace single-step, but that disassembler code was removed from the kernel and now just returns -EIO. https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=425fc47adb5bb69f76285be77a09a3341a30799e is the commit that removed it.

这篇关于需要从硬件层概述调试过程的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持！