From c8529af1769235f46b1149a78a6712f61c905c21 Mon Sep 17 00:00:00 2001 From: johannst Date: Fri, 13 Mar 2020 21:58:49 +0100 Subject: added mdbook + migrated first chapter as test (gdb) --- src/SUMMARY.md | 3 ++ src/gdb.md | 153 +++++++++++++++++++++++++++++++++++++++++++++++++++++++++ 2 files changed, 156 insertions(+) create mode 100644 src/SUMMARY.md create mode 100644 src/gdb.md (limited to 'src') diff --git a/src/SUMMARY.md b/src/SUMMARY.md new file mode 100644 index 0000000..f31e217 --- /dev/null +++ b/src/SUMMARY.md @@ -0,0 +1,3 @@ +# Summary + +- [gdb](./gdb.md) diff --git a/src/gdb.md b/src/gdb.md new file mode 100644 index 0000000..c11a85d --- /dev/null +++ b/src/gdb.md @@ -0,0 +1,153 @@ +# gdb(1) + +# CLI + +```markdown + gdb [opts] [prg [-c coredump | -p pid]] + gdb [opts] --args prg + opts: + -p attach to pid + -c use + -x execute script before prompt + -ex execute command before prompt + --tty set I/O tty for debugee +``` + +# Interactive usage + +```markdown + tty + Set as tty for debugee. + Make sure nobody reads from target tty, easiest is to spawn a shell + and run following in target tty: + > while true; do sleep 1024; done + + set follow-fork-mode + Specify which process to follow when debuggee makes a fork(2) + syscall. + + sharedlibrary [] + Load symbols of shared libs loaded by debugee. Optionally use + to filter libs for symbol loading. + + break [-qualified] thread + Set a breakpoint only for a specific thread. + -qualified: Tred as fully qualified symbol (quiet handy to set + breakpoints on C symbols in C++ contexts) + + rbreak + Set breakpoints matching , where matching internally is done + on: .*.* + + command [] + Define commands to run after breakpoint hit. If is not + specified attach command to last created breakpoint. Command block + terminated with 'end' token. + + : Space separates list, eg 'command 2 5-8' to run command + for breakpoints: 2,5,6,7,8. + + info functions [] + List functions matching . List all functions if no + provided. + + info variables [] + List variables matching . List all variables if no + provided. + + info handle [] + Print how to handle . If no specified print for all + signals. + + handle + Configure how gdb handles sent to debugee. + : + stop/nostop Catch signal in gdb and break. + print/noprint Print message when gdb catches signal. + pass/nopass Pass signal down to debugee. + + catch signal + Create a catchpoint for . +``` + +# User commands (macros) + +```markdown + define + # cmds + end + + document + # docu + end + + help user-defined List user defined commands. + help List documentation for command . +``` + +# Hooks + +Gdb allows to create two types of command `hooks` which will be either executed +before or after a certain command. + +```markdown + define hook- Run commands defined in hook before + # cmds executing . + end + + define hookpost- Run commands defined in hookpost after + # cmds executing . + end +``` + +# Flows + +## Catch SIGSEGV and execute commands on occurrence +```markdown + catch signal SIGSEGV + command + bt + c + end +``` + +## Run `backtrace` on thread 1 (batch mode) +```markdown + gdb --batch -ex 'thread 1' -ex 'bt' -p +``` + +## Script gdb for automating debugging sessions +```markdown +# run.gdb + set pagination off + + break mmap + command + info reg rdi rsi rdx + bt + c + end + + #initial drop + c +``` +This script can be used as: +```markdown + gdb -p -x ./run.gdb --batch &> run.log +``` + +## Workaround `command + finish` bug +When using `finish` action inside a `command` block, actions after `finish` are +not executed anymore. To workaround that bug one can create a wrapper function +which calls `finish`. +```markdown + define handler + bt + finish + info reg rax + end + + command + handler + end +``` -- cgit v1.2.3