Debugging

Introduction

Low-level programming provides a lot of power… a lot of responsibility… and a lot of bugs (often hard to find)
Example sources of problems:
- Reading/writing outside of allowed memory
- Infinite loops
- Infinite recursions
- Uninitialised variables
- Arithmetic errors
Fortunately we can instruct C compiler to embed debugging symbols in the executable:
```
cc -g -o main main.c
```

GDB

GDB is a widely used debugger in Linux systems
It allows to:
- Start a program (with command line parameters if necessary)
- Stop execution when certain conditions are met
- Examine what happened that caused abrupt program stop
- Dynamically change the program during debugging
GDB Cheat Sheet
Online GDB

Valgrind

Valgrind is a set of tools for running programs using binary instrumentation
The idea behind all Valgrind tools is to run the program in a synthetic processor, where all essential operations are highly observed and analyzed
The most popular tool (and the default if you just run valgrind) is Memcheck
Memcheck allows finding invalid reads/writes to memory as well as memory allocation problems

IDE

You can use one of several available IDEs to write C code:
- Visual Studio Code
- Code::Blocks

Example 1

Code:

#include <stdio.h>

int main() {
    int n;
    scanf("%d", &n);

    int y;
    if (n % 2 == 0) {
        y = 2;
    }
    y++;
    for (int i = 0; i < 10; i++) {
        printf("%d\n", y + i);
    }
    return 0;
}

Execution:

$ cc -g -o main main.c
$ echo 2 | ./main
3
4
5
6
7
8
9
10
11
12
$ echo 1 | ./main 
-1976115535
-1976115534
-1976115533
-1976115532
-1976115531
-1976115530
-1976115529
-1976115528
-1976115527
-1976115526

Task:
- Execute the program using Valgrind:
  valgrind ./main
- Analyze the output when input is equal to 2
- Analyze the output when input is equal to 1
- Execute the program using Valgrind with additional option:
  valgrind --track-origins=yes ./main
- The program was supposed to write numbers 2..11 for odd input, and 3..12 for even input. How should the code be fixed?

Example 2

Code:

#include <stdio.h>
#include <stdlib.h>

int main() {
    int n;
    scanf("%d", &n);

    // alloc a NxN matrix
    int **t = malloc(n * sizeof(*t));
    for (int i = 0; i < n; i++)
        t[i] = malloc(n * sizeof(*t[i]));

    // do some matrix operations
    // ...
    // ...
    // ...

    // free the matrix
    free(t);
    return 0;
}

Execution:

$ cc -g -o main main.c
$ echo 10 | ./main

Task:
- Execute the program using Valgrind
- Try different numbers typed on input
- Observe section LEAK SUMMARY in Valigrind’s output
- Rerun Valgrind with open --leak-check=full
- A correct code should contain this message from Valgrind:
```
All heap blocks were freed -- no leaks are possible
```
- What should be changed in the code to achieve that?

Example 3

Code:

#include <stdio.h>

int main() {
    int t[4] = { 1, 2, 3, 4 };
    for (unsigned int i = 3; i >= 0; i--) {
        t[i] -= 1;
        printf("%d\n", t[i]);
    }
    return 0;
}

Execution:

$ cc -g -o main main.c
$ ./main
3
2
1
0
Bus error (core dumped)

Task:
- Execute the program under GDB: gdb ./main
- Execute command run
- When program is stopped, execute backtrace full
- Can you see what is wrong with the code? Can you fix it so that the program finishes normally?

Example 4

Code:

#include <stdio.h>

int f(int p, int r) {
    if (p == r)
        return p;
    return f(p + 1, r - 1);
}

int main() {
    int p, r;
    scanf("%d %d", &p, &r);
    printf("%d\n", f(p, r));
    return 0;
}

Execution:

$ cc -g -o main main.c
$ echo 0 6 | ./main
3
$ echo 0 5 | ./main
Segmentation fault (core dumped)

Task:
- Execute the program under GDB
- Execute command run (remember that the program waits for two integers for scanf so write 0 5 and press enter after executing run in GDB)
- Execute backtrace full
- The code tries to find arithmetic average using recurrence relation. Can you change the if statement to make it work?

Example 5

Code:

#include <stdio.h>
#include <stdlib.h>

void f(char *p, int n) {
    for (int i = 0; i < n; i++) {
        p[i] += 1;
    }
}

int main() {
    char buffer[8] = "abcdefgh";
    int length = sizeof(buffer);
    f(buffer, length + 1);
    return 0;
}

Execution:

$ cc -g -o main main.c
$ ./main
*** stack smashing detected ***: terminated
Interrupted (core dumped)

Task:
- Try executing it under Valgrind
- Try compiling it with:
```
$ cc -g -fsanitize=address -o main main.c
```
- Does it help to find the source of problem?
- If not, execute the program under GDB
- You can use break to set a breakpoint in desired code location
- You can use step instead of next to go into a function call
- The code was supposed to modify abcdefgh into bcdefghi. Can you fix the error to achieve that?

Assignment

Prepare a report about the debugging session
The report is meant to contain answers to why all the above codes were buggy and these answers must be justified
The justification comes from a log of your thoughts, actions and outcomes (e.g. “Executed xyz, the result was abc”)
Even if you are fluent in C programming and you spot the error from looking at the code alone, please do the exercise and gather evidence from Valgrind or GDB about the source of problem in every example
The log should be as verbose as to retrace and understand your every step and as concise as possible (do not copy-paste everything from the terminal into a single giant document!)

Introduction

GDB

Valgrind

IDE

Example 1

Example 2

Example 3

Example 4

Example 5

Assignment

Further reading