gdb(1)

CLI

  gdb [opts] [prg [-c coredump | -p pid]]
-  gdb [opts] --args prg <prg-args>
-    opts:
-      -p <pid>        attach to pid
-      -c <coredump>   use <coredump>
-      -x <file>       execute script <file> before prompt
-      -ex <cmd>       execute command <cmd> before prompt
-      --tty <tty>     set I/O tty for debugee
-

Interactive usage

  tty <tty>
-          Set <tty> as tty for debugee.
-          Make sure nobody reads from target tty, easiest is to spawn a shell
-          and run following in target tty:
-          > while true; do sleep 1024; done
-
-  set follow-fork-mode <child | parent>
-          Specify which process to follow when debuggee makes a fork(2)
-          syscall.
-
-  sharedlibrary [<regex>]
-          Load symbols of shared libs loaded by debugee. Optionally use <regex>
-          to filter libs for symbol loading.
-
-  break [-qualified] <sym> thread <tnum>
-          Set a breakpoint only for a specific thread.
-          -qualified: Tred <sym> as fully qualified symbol (quiet handy to set
-          breakpoints on C symbols in C++ contexts)
-
-  rbreak <regex>
-          Set breakpoints matching <regex>, where matching internally is done
-          on: .*<regex>.*
-
-  command [<bp_list>]
-          Define commands to run after breakpoint hit. If <bp_list> is not
-          specified attach command to last created breakpoint. Command block
-          terminated with 'end' token.
-
-          <bp_list>: Space separates list, eg 'command 2 5-8' to run command
-          for breakpoints: 2,5,6,7,8.
-
-  info functions [<regex>]
-          List functions matching <regex>. List all functions if no <regex>
-          provided.
-
-  info variables [<regex>]
-          List variables matching <regex>. List all variables if no <regex>
-          provided.
-
-  info handle [<signal>]
-          Print how to handle <signal>. If no <signal> specified print for all
-          signals.
-
-  handle <signal> <action>
-          Configure how gdb handles <signal> sent to debugee.
-          <action>:
-            stop/nostop       Catch signal in gdb and break.
-            print/noprint     Print message when gdb catches signal.
-            pass/nopass       Pass signal down to debugee.
-
-  catch signal <signal>
-          Create a catchpoint for <signal>.
-

User commands (macros)

Gdb allows to create & document user commands as follows:

  define <cmd>
-    # cmds
-  end
-
-  document <cmd>
-    # docu
-  end
-

To get all user commands or documentations one can use:

  help user-defined
-  help <cmd>
-

Hooks

Gdb allows to create two types of command hooks

hook- will be run before <cmd>
hookpost- will be run after <cmd>

  define hook-<cmd>
-    # cmds
-  end
-
-  define hookpost-<cmd>
-    # cmds
-  end
-

Examples

Catch SIGSEGV and execute commands

This creates a catchpoint for the SIGSEGV signal and attached the command -to it.

  catch signal SIGSEGV
-  command
-    bt
-    c
-  end
-

Run `backtrace` on thread 1 (batch mode)

  gdb --batch -ex 'thread 1' -ex 'bt' -p <pid>
-

Script gdb for automating debugging sessions

To script gdb add commands into a file and pass it to gdb via -x. -For example create run.gdb:

  set pagination off
-
-  break mmap
-  command
-    info reg rdi rsi rdx
-    bt
-    c
-  end
-
-  #initial drop
-  c
-

This script can be used as:

  gdb --batch -x ./run.gdb -p <pid>
-

Know Bugs

Workaround `command + finish` bug

When using finish inside a command block, commands after finish are not -executed. To workaround that bug one can create a wrapper function which calls -finish.

  define handler
-    bt
-    finish
-    info reg rax
-  end
-
-  command
-    handler
-  end
-

- -

Notes