This page looks best with JavaScript enabled

gdb notes

 ·  โ˜• 5 min read  ·  โœ๏ธ Ben Mason

Other Command Lists

Remote Debugging

target extended-remote <port>

USB

target extended-remote /dev/cu.usbmodemE2C0C4C6

TCP

target extended-remote localhost:3333
arm-none-eabi-gdb -ex "target extended-remote /dev/cu.usbmodemC2D9BBC1"

dump memory

dump binary memory test.bin 0x08000000 0x080FFFFF

Program Movement

  • load firmware.elf โ€“ Load program to Remote chip
  • run โ€“ Start program
  • step โ€“ steps single instruction
  • next โ€“ steps single instruction skips lines in a subroutine
  • kill โ€“ Kill the program being debugged

Break points

break *main

show information

  • info locals โ€“ Variables in context
  • info registers โ€“ system registers
  • info proc mappings โ€“ memory mappings
  • info frame โ€“ information about the current stack frame
  • info line foo.c:42 โ€“ show PC for line
  • info line * $pc โ€“ show line begin/end for the current program counter
  • p &a โ€“ find the memory address of variable โ€˜aโ€™
  • p/x variable โ€“ Print variable in HEX
  • p/t variable โ€“ Print Variable in Binary
  • Hook โ€“ run commands when break hit
<pre class="wp-block-preformatted">define hook-stop<br></br> info registers l curr registers<br></br> x/24wx $esp ; stack<br></br> x/2i $eip ; next 2 instruction<br></br> end<br></br>

TUI

TUI Key Bindings

Debugging with GDB: TUI

The TUI installs several key bindings in the readline keymaps (see Command Line Editing). The following key bindings are installed for both TUI mode and the gdb standard mode.

  • C-x C-a, C-x a or C-x A Enter or leave the TUI mode. When leaving the TUI mode, the curses window management stops and gdb operates using its standard mode, writing on the terminal directly. When reentering the TUI mode, control is given back to the curses windows. The screen is then refreshed.
  • C-x 1 Use a TUI layout with only one window. The layout will either be โ€˜sourceโ€™ or โ€˜assemblyโ€™. When the TUI mode is not active, it will switch to the TUI mode.
  • C-x 2 Use a TUI layout with at least two windows. When the current layout already has two windows, the next layout with two windows is used. When a new layout is chosen, one window will always be common to the previous layout and the new one.
  • C-x o Change the active window. The TUI associates several key bindings (like scrolling and arrow keys) with the active window. This command gives the focus to the next TUI window.
  • C-x s Switch in and out of the TUI SingleKey mode that binds single keys to gdb commands (see TUI Single Key Mode).
  • The following key bindings only work in the TUI mode:
  • <PgUp> Scroll the active window one page up.
  • <PgDn> Scroll the active window one page down.
  • <Up> Scroll the active window one line up.
  • <Down> Scroll the active window one line down.
  • <Left> Scroll the active window one column left.
  • <Right> Scroll the active window one column right.
  • C-L Refresh the screen.

Because the arrow keys scroll the active window in the TUI mode, they are not available for their normal use by readline unless the command window has the focus. When another window is active, you must use other readline key bindings such as C-p, C-n, C-b and C-f to control the command window.

Layout options

  • info win โ€“ List and give the size of all displayed windows.
  • layout next โ€“ Display the next layout.
  • layout prev โ€“ Display the previous layout.
  • layout src โ€“ Display the source window only.
  • layout asm โ€“ Display the assembly window only.
  • layout split โ€“ Display the source and assembly window.
  • layout regs -Display the register window together with the source or assembly window.
  • tui reg general โ€“ Show the general registers in the register window.
  • start โ€“ auto breakpoint at main and continue

TUI Single Key Mode

The TUI also provides a SingleKey mode, which binds several frequently used gdb commands to single keys. Type C-x s to switch into this mode, where the following key bindings are used:

  • c continue
  • d down
  • f finish
  • n next
  • q exit the SingleKey mode.
  • r run
  • s step
  • u up
  • v info locals
  • w where

Other keys temporarily switch to the gdb command prompt. The key that was pressed is inserted in the editing buffer so that it is possible to type most gdb commands without interaction with the TUI SingleKey mode. Once the command is entered the TUI SingleKey mode is restored. The only way to permanently leave this mode is by typing q or C-x s.

misc

  • set disassembly-flavor intel

  • disassemble main

  • x/wx $esp < show stack pointer

  • x/24wx $esp stack

  • x/2i $eip next two commands

  • $ebp base pointer variable

  • $eip instruction pointer variable

  • $esp Stack pointer variable

  • tbreak โ€“ temporary breakpoint

  • rbreak โ€“ reg-ex breakpoint

  • break xxx if yyy โ€“ conditionally break at xxx if condition yyy holds

  • commands โ€“ list of commands to be executed when a breakpoint is hit

  • silent โ€“ special command to suppress output when a breakpoint is hit

  • save breakpoints โ€“ save a list of breakpoints to a script

  • save history โ€“ save the history of executed gdb commands

  • call โ€“ call a function in the inferior

  • watch -l โ€“ watchpoint based on the address (location)

  • rwatch โ€“ read watchpoint

  • thread apply all bt โ€“ backtrace for every thread dprintf โ€“ dynamic printf

Share on
Ben Mason
WRITTEN BY
Ben Mason
Computer Security โ€“ Reverse Engineering โ€“ Malware โ€“ Electronics Hobbyist โ€“ Sometimes Photographer โ€“ Spaceflight โ€“ Cat Enthusiast

See Also