In GDB (gnu v 7.1-ubuntu) I am getting really weird results when I try to use strcmp to determine if two strings are equal. p strcmp("hello","hello") is giving me the result -145947168.
Everything I try with strcmp or strncmp is returning -145947168 in gdb. What am I doing wrong?
EDIT (thanks to Carl for the pointer to a related answer in the comments):
See the answer to this question: How to evaluate functions in GDB?
Apparently sometimes the compiler optimizes out functions called from external libraries, and defining a function in code that calls the function of the external library you want access to in GDB will make it available.
I added this to my code:
#ifdef DEBUG
int mystrcmp(char *a, char *b){
return strcmp(a,b);
}
int mystrncmp(char *a, char *b, int n){
return strncmp(a,b,n);
}
#endif
and then re-made with -DDEBUG -g to enable the compilation of those helper functions for my gdb debugging.
(gdb) p mystrcmp("hello","hello")
$1 = 0
(gdb) p strcmp("hello","hello")
$2 = -145947168
Related
As per K&R, Reverse Polish Calculator, decreased the main function, in order to get better understanding:
#include <stdio.h>
#include <stdlib.h>
#define NUMBER '0'
#define MAXOP 5
void push(double);
int pop(void);
int getop(char []);
int main(){
int type;
char s[MAXOP];
double op2;
while ((type=getop(s))!=EOF){
switch(type):
case NUMBER:
push(atof(s));
printf("\t%s\n",s);
}
}
#define MAXVAL 100
char val[MAXVAL];
int sp;
void push(double f){
if (sp<MAXVAL)
val[sp++]=f;
}
int pop(void){
if (sp>0)
return val[--sp];
}
#include <ctype.h>
int getch(void);
void ungetch(int);
int getop(char s[]){
int i,c;
while (s[0]=c=getch())==' '||c=='\t')
;
s[1]='\0';
if (!isdigit(c)&&c!='.')
return c;
i=0;
if (isdigit(c))
while (isdigit(s[++i]=c=getch()))
;
if (c=='.')
while (isdigit(s[++i]=c=getch()))
;
s[i]='\0';
if (c!=EOF)
ungetch(c);
return NUMBER;
}
#define BUFSIZE 100
char buf[BUFSIZE];
int bufp=0;
int getch(void){
return (bufp>0)?buf[--bufp]:getchar();
}
int ungetch(int c){
if (bufp>=BUFSIZE)
printf("ungetch: too many characters\n");
else
buf[bufp++]=c;
}
I can see, that the MAXOP 5 is /* max size of operand or operator */, which is being defined as external variable, using #define. What I can't figure out, is how can I actually track the value of of MAXOP, at each stage of the program run, using gdb?
After I have provided the number 10 to the getchar(), while debugging:
14 while ((type=getop(s))!=EOF){
(gdb) n
Breakpoint 14, getop (s=0x7efff5dc "\n") at t.c:47
47 while ((s[0]=c=getch())==' '||c=='\t')
(gdb) p c
$22 = 10
(gdb) n
Breakpoint 31, getch () at t.c:72
72 return (bufp>0)?buf[--bufp]:getchar();
(gdb) n
10
Breakpoint 34, getch () at t.c:73
73 }
(gdb) n
At some point, when reaching the end of getop function:
Breakpoint 30, getop (s=0x7efff5dc "10") at t.c:62
62 return NUMBER;
(gdb) p number
No symbol "number" in current context.
(gdb) p (NUMBER)
No symbol "NUMBER" in current context.
(gdb) p $NUMBER
$39 = void
(gdb) n
63 }
(gdb) n
Breakpoint 2, main () at t.c:15
15 switch(type){
(gdb) p type
$40 = 48
(gdb) p NUMBER
No symbol "NUMBER" in current context.
(gdb) p /s NUMBER
No symbol "NUMBER" in current context.
(gdb) p /d $NUMBER
$41 = Value can't be converted to integer.
(gdb) p $NUMBER
$42 = void
Questions:
Can the value of NUMBER be accessed from the shell of linux, after the above program has been compiled, and run? In other words, does the preprocessing directive #define NUMBER '0' creates the external variable NUMBER that is the same as, for instance, variable $PATH on Linux?
Why does the p $NUMBER command is showing void value for the external variable NUMBER?
Why does the p NUMBER command show No symbol "NUMBER" in current context.? Does it mean, that the external variable is blocked for gdb?
Can the value of NUMBER be accessed from the shell of linux, after the above program has been compiled, and run? In other words, does the preprocessing directive #define NUMBER '0' creates the external variable NUMBER that is the same as, for instance, variable $PATH on Linux?
No, fortunately the preprocessor symbols and the C symbols are not mapped in shell variables when you execute a program.
Why does the p $NUMBER command is showing void value for the external variable NUMBER?
Why does the p NUMBER command show No symbol "NUMBER" in current context.? Does it mean, that the external variable is blocked for gdb?
NUMBER is a preprocessor symbol, it disappear during the preprocessing phase because it is replaced by its value, the compiler by itself doesn't see that symbol in the source it compiles, so it cannot put information about it in the debug datas (e.g. tags), so it is unknown for the debugger
So p $NUMBER is equivalent of p $KQHJDSFKJQHKJSDHKJHQSJHDKJHQKJHDSJHSQD and value void
And p NUMBER is equivalent of p KQHJDSFKJQHKJSDHKJHQSJHDKJHQKJHDSJHSQD and says the symbol doesn't exist
If I just do the preprocessing phase after I put your #include in comment (to not get thousands of lines from them) :
/tmp % gcc -E c.c
# 1 "c.c"
# 1 "<built-in>"
# 1 "<command-line>"
# 1 "c.c"
void push(double);
int pop(void);
int getop(char []);
int main(){
int type;
char s[5];
double op2;
while ((type=getop(s))!=EOF){
switch(type):
case '0':
push(atof(s));
printf("\t%s\n",s);
}
}
char val[100];
int sp;
void push(double f){
if (sp<100)
val[sp++]=f;
}
int pop(void){
if (sp>0)
return val[--sp];
}
int getch(void);
void ungetch(int);
int getop(char s[]){
int i,c;
while (s[0]=c=getch())==' '||c=='\t')
;
s[1]='\0';
if (!isdigit(c)&&c!='.')
return c;
i=0;
if (isdigit(c))
while (isdigit(s[++i]=c=getch()))
;
if (c=='.')
while (isdigit(s[++i]=c=getch()))
;
s[i]='\0';
if (c!=EOF)
ungetch(c);
return '0';
}
char buf[100];
int bufp=0;
int getch(void){
return (bufp>0)?buf[--bufp]:getchar();
}
int ungetch(int c){
if (bufp>=100)
printf("ungetch: too many characters\n");
else
buf[bufp++]=c;
}
/tmp %
As you see NUMBER, MAXOP, MAXVAL and BUFSIZE are replaced by their value
C’s #define statement does not create an external variable. It creates what is called a macro.
Macros are replaced during program translation, before or early in compilation. For example, with #define NUMBER '0', the result is as if every instance of NUMBER in the source code were replaced with '0'.
Regarding your specific questions:
These macro definitions are typically not tracked in the debugging information that the compiler produces (although such tracking may be offered as a feature), and they are not made visible to command shells or the debugger.
In GDB, $foo refers to a GDB variable named foo, not a program variable named foo. GDB provides separate variables as a convenience to use during debugging. They are for interacting with GDB and do not come fro the program. So the command p $NUMBER asks GDB to print the value of its variable named NUMBER. There is no such variable, so GDB reports it as void.
p NUMBER shows “No symbol "NUMBER" in current context” because there is no symbol NUMBER that is known to GDB.
I can see that you have some very dire misunderstanding of the C language syntax. Not to berate you, but have you tried learning C from some other source? K&R is a great book, but it is notoriously concise and assumes that you already know programming. Try going through the lists here: The Definitive C Book Guide and List
======
NUMBER, MAXOP and MAXVAL are constants. They are defined through a pre-processor directive, and are NOT variables. And definitely not external variables which is a vastly different concept.
When you write #define NUMBER '0', it instructs the compiler to replace every instance of NUMBER in the source with '0'. It is simple search and replace on your original source code. It does not create a variable and you cannot assign a value to it. So, asking to follow the value of a #define'ed value makes no sense. It is always going to be the same value that was written in the source.
Also, please be clear that there is no direct relation between variables you define in your program and the environment variables on your system.
About the next two questions, the short answer is, "Because GDB doesn't know they exist".
Longer Answer: As mentioned earlier, your pre-processor directives are simply instructions to your compiler for a search and replace. Once done with them, there is no need to keep them around for any longer and hence the compiler will discard them.
GDB only knows as much about your program as is available in the final binary that the compiler generates. If the compiler doesn't mention anything about NUMBER in the binary, GDB cannot even know that it ever existed.
Now, that does not mean that it is impossible to see this data in GDB. When compiling, you can pass the -ggdb3 option to GCC to enable GCC to generate debugging code specific to GDB. This includes detailed information about the program including all the macros and pre-processor directives. With this extra flag, you can see the value of your #define'ed constants, however, remember, they will never change. This is generally only useful for seeing the execution of macro functions which is a much more advanced topic.
I am trying to do this (is this possible?) with GCC compiler:
Specifiy a function but this function if is not implemented point to a NULL. Example:
extern void something(uint some);
And if this is unimplemented point to a NULL value.
So it's possible check like this:
something != NULL ? something(222) : etc.;
I would like solution with trough GCC (this could be solvable with function pointers).
This is definitely not portable, but gcc can do this with weak symbols on some platforms. I know this works on Linux and *BSD, but doesn't work on MacOS.
$ cat weak.c
#include <stdio.h>
extern int foo(void) __attribute__((__weak__));
int
main(int argc, char **argv)
{
int x = foo ? foo() : 42;
printf("%d\n", x);
return 0;
}
$ cat weak2.c
int
foo(void)
{
return 17;
}
$ cc -o weak weak.c && ./weak
42
$ cc -o weak weak.c weak2.c && ./weak
17
$
You can do this using GCC's weakref attribute:
extern void something(int);
static void something_else(int) __attribute__((weakref("something")));
int main()
{
if (something_else)
something_else(122);
}
If something is not defined in the program then the weak alias something_else will have an address of zero. If something is defined, something_else will be an alias for it.
Essentially you are trying to get the compiler to locate a function at the memory address 0 (NULL). This cannot be done in C without platform/compiler specific constructs.
One question though, is why you would ever want to do this. C is a static language, so if you know that the function will never exist during compilation you might as well just use the pre-processor to tell the rest of the program about this at compile time. Indeed these sorts of compile time substitutions are precisely why the preprocessor is there in the first place.
I would create a macro that you define if your function exists as follows:
#define THE_SOMETHING_FUNCTION_EXISTS
Then replace anywhere you would have tested for something == NULL with an #ifdef instead.
Of course, if the function’s existence might change at run-time then the correct way to implement the behaviour you want is to make something a function pointer.
In code reviews I ask for option (1) below to be used as it results in a symbol being created (for debugging) whereas (2) and (3) do not appear to do so at least for gcc and icc. However (1) is not a true const and cannot be used on all compilers as an array size. Is there a better option that includes debug symbols and is truly const for C?
Symbols:
gcc f.c -ggdb3 -g ; nm -a a.out | grep _sym
0000000100000f3c s _symA
0000000100000f3c - 04 0000 STSYM _symA
Code:
static const int symA = 1; // 1
#define symB 2 // 2
enum { symC = 3 }; // 3
GDB output:
(gdb) p symA
$1 = 1
(gdb) p symB
No symbol "symB" in current context.
(gdb) p symC
No symbol "symC" in current context.
And for completeness, the source:
#include <stdio.h>
static const int symA = 1;
#define symB 2
enum { symC = 3 };
int main (int argc, char *argv[])
{
printf("symA %d symB %d symC %d\n", symA, symB, symC);
return (0);
}
The -ggdb3 option should be giving you macro debugging information. But this is a different kind of debugging information (it has to be different - it tells the debugger how to expand the macro, possibly including arguments and the # and ## operators) so you can't see it with nm.
If your goal is to have something that shows up in nm, then I guess you can't use a macro. But that's a silly goal; you should want to have something that actually works in a debugger, right? Try print symC in gdb and see if it works.
Since macros can be redefined, gdb requires the program to be stopped at a location where the macro existed so it can find the correct definition. In this program:
#include <stdio.h>
int main(void)
{
#define X 1
printf("%d\n", X);
#undef X
printf("---\n");
#define X 2
printf("%d\n", X);
}
If you break on the first printf and print X you'll get the 1; next to the second printf and gdb will tell you that there is no X; next again and it will show the 2.
Also the gdb command info macro foo can be useful, if foo is a macro that takes arguments and you want to see its definition rather than expand it with a specific set of arguments. And if a macro expands to something that's not an expression, gdb can't print it so info macro is the only thing you can do with it.
For better inspection of the raw debugging information, try objdump -W instead of nm.
However (1) is not a true const and cannot be used on all compilers as an array size.
This can be used as array size on all compilers that support C99 and latter (gcc, clang). For others (like MSVC) you have only the last two options.
Using option 3 is preferred 2. enums are different from #define constants. You can use them for debugging. You can use enum constants as l-value as well unlike #define constants.
I have a question regarding glibc function calls. Is there a flag to tell gcc not to inline a certain glibc function, e.g. memcpy?
I've tried -fno-builtin-memcpy and other flags, but they didn't work. The goal is that the actual glibc memcpy function is called and no inlined code (since the glibc version at compile time differs from the one at runtime). It's for testing purposes only. Normally I wan't do that.
Any solutions?
UPDATE:
Just to make it clearer: In the past memcpy works even with overlapping areas. This has changed meanwhile and I can see this changes when compiling with different glibc versions. So now I want to test if my old code (using memcpy where memmove should have been used) works correct or not on a system with a newer glibc (e.g. 2.14). But to do that, I have to make sure, that the new memcpy is called and no inlined code.
Best regards
This may not be exactly what you're looking for, but it seems to force gcc to generate an indirect call to memcpy():
#include <stdio.h>
#include <string.h>
#include <time.h>
// void *memcpy(void *dest, const void *src, size_t n)
unsigned int x = 0xdeadbeef;
unsigned int y;
int main(void) {
void *(*memcpy_ptr)(void *, const void *, size_t) = memcpy;
if (time(NULL) == 1) {
memcpy_ptr = NULL;
}
memcpy_ptr(&y, &x, sizeof y);
printf("y = 0x%x\n", y);
return 0;
}
The generated assembly (gcc, Ubuntu, x86) includes a call *%edx instruction.
Without the if (time(NULL) == 1) test (which should never succeed, but the compiler doesn't know that), gcc -O3 is clever enough to recognize that the indirect call always calls memcpy(), which can then be replaced by a movl instruction.
Note that the compiler could recognize that if memcpy_ptr == NULL then the behavior is undefined, and again replace the indirect call with a direct call, and then with a movl instruction. gcc 4.5.2 with -O3 doesn't appear to be that clever. If a later version of gcc is, you could replace the memcpy_ptr = NULL with an assignment of some actual function that behaves differently than memcpy().
In theory:
gcc -fno-inline -fno-builtin-inline ...
But then you said -fno-builtin-memcpy didn't stop the compiler from inlining it, so there's no obvious reason why this should work any better.
#undef memcpy
#define mempcy your_memcpy_replacement
Somewhere at the top but after #include obviously
And mark your_memcpy_replacement as attribute((noinline))
How to get function's name from function's pointer in C?
Edit: The real case is: I'm writing a linux kernel module and I'm calling kernel functions. Some of these functions are pointers and I want to inspect the code of that function in the kernel source. But I don't know which function it is pointing to. I thought it could be done because, when the system fails (kernel panic) it prints out in the screen the current callstack with function's names. But, I guess I was wrong... am I?
I'm surprised why everybody says it is not possible. It is possible on Linux for non-static functions.
I know at least two ways to achieve this.
There are GNU functions for backtrace printing: backtrace() and backtrace_symbols() (See man). In your case you don't need backtrace() as you already have function pointer, you just pass it to backtrace_symbols().
Example (working code):
#include <stdio.h>
#include <execinfo.h>
void foo(void) {
printf("foo\n");
}
int main(int argc, char *argv[]) {
void *funptr = &foo;
backtrace_symbols_fd(&funptr, 1, 1);
return 0;
}
Compile with gcc test.c -rdynamic
Output: ./a.out(foo+0x0)[0x8048634]
It gives you binary name, function name, pointer offset from function start and pointer value so you can parse it.
Another way is to use dladdr() (another extension), I guess print_backtrace() uses dladdr(). dladdr() returns Dl_info structure that has function name in dli_sname field. I don't provide code example here but it is obvious - see man dladdr for details.
NB! Both approaches require function to be non-static!
Well, there is one more way - use debug information using libdwarf but it would require unstripped binary and not very easy to do so I don't recommend it.
That's not directly possible without additional assistance.
You could:
maintain a table in your program mapping function pointers to names
examine the executable's symbol table, if it has one.
The latter, however, is hard, and is not portable. The method will depend on the operating system's binary format (ELF, a.out, .exe, etc), and also on any relocation done by the linker.
EDIT: Since you've now explained what your real use case is, the answer is actually not that hard. The kernel symbol table is available in /proc/kallsyms, and there's an API for accessing it:
#include <linux/kallsyms.h>
const char *kallsyms_lookup(unsigned long addr, unsigned long *symbolsize,
unsigned long *ofset, char **modname, char *namebuf)
void print_symbol(const char *fmt, unsigned long addr)
For simple debug purposes the latter will probably do exactly what you need - it takes the address, formats it, and sends it to printk, or you can use printk with the %pF format specifier.
In the Linux kernel, you can use directly "%pF" format of printk !
void *func = &foo;
printk("func: %pF at address: %p\n", func, func);
The following works me on Linux:
printf the address of the function using %p
Then do an nm <program_path> | grep <address> (without the 0x prefix)
It should show you the function name.
It works only if the function in question is in the same program (not in a dynamically linked library or something).
If you can find out the load addresses of the loaded shared libraries, you can subtract the address from the printed number, and use nm on the library to find out the function name.
You can't diectly but you can implement a different approach to this problem if you want. You can make a struct pointer instead pointing to a function as well as a descriptive string you can set to whatever you want.
I also added a debugging posebilety since you problably do not want these vars to be printet forever.
// Define it like this
typedef struct
{
char *dec_text;
#ifdef _DEBUG_FUNC
void (*action)(char);
#endif
} func_Struct;
// Initialize it like this
func_Struct func[3]= {
#ifdef _DEBUG_FUNC
{"my_Set(char input)",&my_Set}};
{"my_Get(char input)",&my_Get}};
{"my_Clr(char input)",&my_Clr}};
#else
{&my_Set}};
{&my_Get}};
{&my_Clr}};
#endif
// And finally you can use it like this
func[0].action( 0x45 );
#ifdef _DEBUG_FUNC
printf("%s",func.dec_text);
#endif
There is no way how to do it in general.
If you compile the corresponding code into a DLL/Shared Library, you should be able to enlist all entry points and compare with the pointer you've got. Haven't tried it yet, but I've got some experience with DLLs/Shared Libs and would expect it to work. This could even be implemented to work cross-plarform.
Someone else mentioned already to compile with debug symbols, then you could try to find a way to analyse these from the running application, similiar to what a debugger would do.
But this is absolutely proprietary and not portable.
If the list of functions that can be pointed to is not too big or if you already suspect of a small group of functions you can print the addresses and compare them to the one used during execution. Ex:
typedef void (*simpleFP)();
typedef struct functionMETA {
simpleFP funcPtr;
char * funcName;
} functionMETA;
void f1() {/*do something*/}
void f2() {/*do something*/}
void f3() {/*do something*/}
int main()
{
void (*funPointer)() = f2; // you ignore this
funPointer(); // this is all you see
printf("f1 %p\n", f1);
printf("f2 %p\n", f2);
printf("f3 %p\n", f3);
printf("%p\n", funPointer);
// if you want to print the name
struct functionMETA arrFuncPtrs[3] = {{f1, "f1"}, {f2, "f2"} , {f3, "f3"}};
int i;
for(i=0; i<3; i++) {
if( funPointer == arrFuncPtrs[i].funcPtr )
printf("function name: %s\n", arrFuncPtrs[i].funcName);
}
}
Output:
f1 0x40051b
f2 0x400521
f3 0x400527
0x400521
function name: f2
This approach will work for static functions too.
Use kallsyms_lookup_name() to find the address of kallsyms_lookup.
Use a function pointer that points to kallsyms_lookup, to call it.
Check out Visual Leak Detector to see how they get their callstack printing working. This assumes you are using Windows, though.
Alnitak's answer is very helpful to me when I was looking for a workaround to print out function's name in kernel module. But there is one thing I want to supplyment, which is that you might want to use %pS instead of %pF to print function's name, becasue %pF not works anymore at some newer verions of kernel, for example 5.10.x.
Not exactly what the question is asking for but after reading the answers here
I though of this solution to a similar problem of mine:
/**
* search methods */
static int starts(const char *str, const char *c);
static int fuzzy(const char *str, const char *c);
int (*search_method)(const char *, const char *);
/* asign the search_method and do other stuff */
[...]
printf("The search method is %s\n", search_method == starts ? "starts" : "fuzzy")
If your program needs this a lot you could define the method names along with a string in an XMacro and use #define X(name, str) ... #undef X in the code to get the corresponding string from the function name.
You can't. The function name isn't attached to the function by the time it's compiled and linked. It's all by memory address at that point, not name.
You wouldn't know how you look like without a reflecting mirror. You'll have to use a reflection-capable language like C#.