1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
|
GNU Debugger (gdb) Basic Cheat Sheet
====================================
If possible, compile program with '-ggdb' to enable GDB-specific debugging
symbols.
Getting started
---------------
Launch GDB:
> gdb <executable> # note: any arguments to the exe are supplied separately
> gdb -p <process id> # attach to an already running process (requires root)
> gdb -c <core file> # debug a core file
(gdb) run <argument0> <argument1> ... # Start running program
Quit GDB:
(gdb) quit
(gdb) q
Breakpoints
-----------
Set a breakpoint:
(gdb) break <function>
(gdb) break <function><+offset>
(gdb) break <address>
(gdb) b <arg>
List breakpoints:
(gdb) info break
(gdb) i b
Remove breakpoint:
(gdb) delete <id>
(gdb) d <id>
(gdb) d # deletes all breakpoints
Signals
-------
gdb can print a message when the program receives a signal, optionally stop
execution, or block the program from receiving the signal. By default, gdb will
stop on receipt of a typically-fatal signal, but silently pass along others
(like: SIGALRM, SIGCHLD, ...). If gdb stops, the program will not receive the
signal until execution continues.
Show current signal handling:
(gdb) info signals
(gdb) info signals <sig> # info on single signal
Control signal behavior:
(gdb) handle <sig> <keywords...>
keywords are...
stop, nostop (should the debugger break)
print, noprint (should a message appear)
pass, nopass (should the program receive signal)
Debugging
---------
Inspect registers:
(gdb) info registers
(gdb) i r
Get call stack / backtrace:
(gdb) backtrace
(gdb) bt
Single-step program:
(gdb) display/i $pc # If debugging symbols missing, set prompt to display
current instruction disassembly
(gdb) n # next source code statement
(gdb) s # step source code statement (will follow calls)
(gdb) ni # next machine instruction
(gdb) si # step machine instruction (will follow calls)
(gdb) continue # resume execution (until next breakpoint)
(gdb) c
(gdb) finish # resume execution (until ret - step out of function)
(gdb) fin
Disassemble program:
(gdb) disassemble <function>
(gdb) disassemble <address>
(gdb) disas <arg>
Memory
------
Examine memory:
(gdb) x/nfu <address> # List contents of memory starting at <address>
and interpret data according to n, f, u
'n' is a repeat count: Specifies how many values to display
'f' is the display format: one of
x, d, u, o, t, a, c, f, s, i, m
'u' is the unit size: one of
b, h, w, g
Example:
(gdb) x/32xg $sp # Display the first 32 64-bit 'giant' words on the
stack
Alter memory:
(gdb) set {type}<address> = <value>
Example:
(gdb) set {int}0x7fffffdead = 69 # Write the value 69 to given address
as a 32-bit integer
Dump memory to core file:
You can create a core file for static analysis or reproducible debugging:
(gdb) generate-core-file
Process forks
-------------
(gdb) set follow-fork-mode <parent|child> # Define debugging behavior on
fork()
(gdb) set detach-on-fork <on|off> # If set to 'off' gdb will keep a debugger
on both processes - Default is on
(gdb) show follow-fork-mode # Check config
(gdb) show detach-on-fork # Check config
|
