Work and Note

GDB Usage

Follow me on GitHub

basic

  • backtrace: print stack
  • frame / up / down: move between frame in stack
  • finish: run until current function returns
  • next / step: step over / into next function
  • catch: catch various event
    • throw, catch: for c++ exception

https://stackoverflow.com/questions/6835728/how-to-break-when-a-specific-exception-type-is-thrown-in-gdb

fork

  • follow-fork-mode: follow either parent or child
  • detach-on-fork: whether hold the other process under control

shared library

gdb
  attach
  set auto-solib-add 0
  set solib-search-path
  set stop-on-solib-events 1
  shar <solib name>
  info shar
  • if you do not load symbol, pending breakpoint will not be found

threads

# print state for all threads
info threads
# move to thread 1
thread 1

source directory

dir
show dir

remote debug

gdbserver <comm> <exec [ args … ]>
#  comm is the how it communicate with gdb
#  can be device name or tcp host
#    0.0.0.0:4444

gdb <exec>
# by default, will need to copy debug symbol back.
# set sysroot to local path contain the target system rootfs to avoid that copy
# set sysroot <local dir containing target system rootfs>
  target remote <target>:4444
  monitor exit

gdb-multiarch
  set architecture
  show architecture

examine memory

x/nfu addr

split view

Ctrl+x a

gdbtui / gdb -tui

load plugin & pretty print

show auto-load
info auto-load
show data-directory

For local target, the auto load will be performed when a matching obj is loaded.

For remote target:

One possible solution is to set sysroot. So, auto-load is triggered on local target

Otherwise, run the following scripts in gdb console to load.

python
import sys
sys.path.insert(0, "/usr/share/gcc-8/python")
from libstdcxx.v6 import register_libstdcxx_printers
register_libstdcxx_printers(None)
end

python gdb

# install gdb extension
sudo apt install gcc-python3-dbg-plugin

# manual load if needed
source /usr/share/gdb/auto-load/usr/bin/python3.5-gdb.py

# https://wiki.python.org/moin/DebuggingWithGdb
gdb python <pid of running process>
py-bt

generate core dump

Reference

# 1. ulimit
ulimit -a # show all core dump info
ulimit -S -c unlimited # generate unlimit dump file

# 1.1 suid dump control
# 0 for not dump, 2 for dump read-only for root
echo "fs.suid_dumpable=0" >> /etc/sysctl.conf
sysctl -p # reload conf

# 2. dump to normal file
# coredump might default to report tools (ex apport)
# or systemd (ex systemd-coredump)
sysctl -w kernel.core_pattern=/var/crash/core.%u.%e.%p
# here we just generate a dump file with uid, executable name, pid
# this change will reset on reboot

# 3. trigger a core dump
killall -SIGSEGV firefox
gcore -o <file> <pid>