1 <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" 2 "http://www.w3.org/TR/html4/strict.dtd"> 3 <html> 4 <head> 5 <title>Debugging JITed Code With GDB</title> 6 <link rel="stylesheet" href="llvm.css" type="text/css"> 7 </head> 8 <body> 9 10 <h1>Debugging JITed Code With GDB</h1> 11 <ol> 12 <li><a href="#example">Example usage</a></li> 13 <li><a href="#background">Background</a></li> 14 </ol> 15 <div class="doc_author">Written by Reid Kleckner</div> 16 17 <!--=========================================================================--> 18 <h2><a name="example">Example usage</a></h2> 19 <!--=========================================================================--> 20 <div> 21 22 <p>In order to debug code JITed by LLVM, you need GDB 7.0 or newer, which is 23 available on most modern distributions of Linux. The version of GDB that Apple 24 ships with XCode has been frozen at 6.3 for a while. LLDB may be a better 25 option for debugging JITed code on Mac OS X. 26 </p> 27 28 <p>Consider debugging the following code compiled with clang and run through 29 lli: 30 </p> 31 32 <pre class="doc_code"> 33 #include <stdio.h> 34 35 void foo() { 36 printf("%d\n", *(int*)NULL); // Crash here 37 } 38 39 void bar() { 40 foo(); 41 } 42 43 void baz() { 44 bar(); 45 } 46 47 int main(int argc, char **argv) { 48 baz(); 49 } 50 </pre> 51 52 <p>Here are the commands to run that application under GDB and print the stack 53 trace at the crash: 54 </p> 55 56 <pre class="doc_code"> 57 # Compile foo.c to bitcode. You can use either clang or llvm-gcc with this 58 # command line. Both require -fexceptions, or the calls are all marked 59 # 'nounwind' which disables DWARF exception handling info. Custom frontends 60 # should avoid adding this attribute to JITed code, since it interferes with 61 # DWARF CFA generation at the moment. 62 $ clang foo.c -fexceptions -emit-llvm -c -o foo.bc 63 64 # Run foo.bc under lli with -jit-emit-debug. If you built lli in debug mode, 65 # -jit-emit-debug defaults to true. 66 $ $GDB_INSTALL/gdb --args lli -jit-emit-debug foo.bc 67 ... 68 69 # Run the code. 70 (gdb) run 71 Starting program: /tmp/gdb/lli -jit-emit-debug foo.bc 72 [Thread debugging using libthread_db enabled] 73 74 Program received signal SIGSEGV, Segmentation fault. 75 0x00007ffff7f55164 in foo () 76 77 # Print the backtrace, this time with symbols instead of ??. 78 (gdb) bt 79 #0 0x00007ffff7f55164 in foo () 80 #1 0x00007ffff7f550f9 in bar () 81 #2 0x00007ffff7f55099 in baz () 82 #3 0x00007ffff7f5502a in main () 83 #4 0x00000000007c0225 in llvm::JIT::runFunction(llvm::Function*, 84 std::vector<llvm::GenericValue, 85 std::allocator<llvm::GenericValue> > const&) () 86 #5 0x00000000007d6d98 in 87 llvm::ExecutionEngine::runFunctionAsMain(llvm::Function*, 88 std::vector<std::string, 89 std::allocator<std::string> > const&, char const* const*) () 90 #6 0x00000000004dab76 in main () 91 </pre> 92 93 <p>As you can see, GDB can correctly unwind the stack and has the appropriate 94 function names. 95 </p> 96 </div> 97 98 <!--=========================================================================--> 99 <h2><a name="background">Background</a></h2> 100 <!--=========================================================================--> 101 <div> 102 103 <p>Without special runtime support, debugging dynamically generated code with 104 GDB (as well as most debuggers) can be quite painful. Debuggers generally read 105 debug information from the object file of the code, but for JITed code, there is 106 no such file to look for. 107 </p> 108 109 <p>Depending on the architecture, this can impact the debugging experience in 110 different ways. For example, on most 32-bit x86 architectures, you can simply 111 compile with -fno-omit-frame-pointer for GCC and -disable-fp-elim for LLVM. 112 When GDB creates a backtrace, it can properly unwind the stack, but the stack 113 frames owned by JITed code have ??'s instead of the appropriate symbol name. 114 However, on Linux x86_64 in particular, GDB relies on the DWARF call frame 115 address (CFA) debug information to unwind the stack, so even if you compile 116 your program to leave the frame pointer untouched, GDB will usually be unable 117 to unwind the stack past any JITed code stack frames. 118 </p> 119 120 <p>In order to communicate the necessary debug info to GDB, an interface for 121 registering JITed code with debuggers has been designed and implemented for 122 GDB and LLVM. At a high level, whenever LLVM generates new machine code, it 123 also generates an object file in memory containing the debug information. LLVM 124 then adds the object file to the global list of object files and calls a special 125 function (__jit_debug_register_code) marked noinline that GDB knows about. When 126 GDB attaches to a process, it puts a breakpoint in this function and loads all 127 of the object files in the global list. When LLVM calls the registration 128 function, GDB catches the breakpoint signal, loads the new object file from 129 LLVM's memory, and resumes the execution. In this way, GDB can get the 130 necessary debug information. 131 </p> 132 133 <p>At the time of this writing, LLVM only supports architectures that use ELF 134 object files and it only generates symbols and DWARF CFA information. However, 135 it would be easy to add more information to the object file, so we don't need to 136 coordinate with GDB to get better debug information. 137 </p> 138 </div> 139 140 <!-- *********************************************************************** --> 141 <hr> 142 <address> 143 <a href="http://jigsaw.w3.org/css-validator/check/referer"><img 144 src="http://jigsaw.w3.org/css-validator/images/vcss-blue" alt="Valid CSS"></a> 145 <a href="http://validator.w3.org/check/referer"><img 146 src="http://www.w3.org/Icons/valid-html401-blue" alt="Valid HTML 4.01"></a> 147 <a href="mailto:reid.kleckner (a] gmail.com">Reid Kleckner</a><br> 148 <a href="http://llvm.org/">The LLVM Compiler Infrastructure</a><br> 149 Last modified: $Date: 2011-04-22 20:30:22 -0400 (Fri, 22 Apr 2011) $ 150 </address> 151 </body> 152 </html> 153
