File: gdb.rst

package info (click to toggle)
python-ptrace 0.9.9-0.2
  • links: PTS
  • area: main
  • in suites: forky, sid, trixie
  • size: 788 kB
  • sloc: python: 10,167; ansic: 263; makefile: 164
file content (108 lines) | stat: -rw-r--r-- 3,119 bytes parent folder | download | duplicates (3) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
 
++++++
gdb.py
++++++

``gdb.py`` is a command line debugger *similar to gdb*, but with fewer
features: no symbol support, no C language support, no thread support, etc.

Some commands
=============

* ``cont``: continue execution
* ``stepi``: execute one instruction
* ``step``: execute one instruction, but don't enter into calls

Type ``help`` to list all available commands.


Features
========

* print command displays value as decimal and hexadecimal, but also the related
  memory mapping (if any)::

    (gdb) print $eip
    Decimal: 3086383120
    Hexadecimal: 0xb7f67810
    Address is part of mapping: 0xb7f67000-0xb7f81000 => /lib/ld-2.6.1.so (r-xp)

* Nice output of signal: see [[signal|python-ptrace signal handling]]
* Syscall tracer with command "sys": see `python-ptrace system call tracer <syscall>`. Short example::

    (gdb) sys
    long access(char* filename='/etc/ld.so.nohwcap' at 0xb7f7f35b, int mode=F_OK) = -2 (No such file or directory)

* Supports multiple processes::

    (gdb) proclist
    <PtraceProcess #24187> (active)
    <PtraceProcess #24188>
    (gdb) proc
    Process ID: 24187 (parent: 24182)
    Process state: T (traced)
    Process command line: [['tests/fork_execve']
    (...)
    (gdb)|switch; proc
    Switch to <PtraceProcess #24188>
    Process ID: 24188 (parent: 24187)
    Process state: T (traced)
    Process command line: ['/bin/ls']]
    (...)

* Allow multiple commands on the same line using ";" separator::

    (gdb) print $eax; set $ax=0xdead; print $eax
    Decimal: 0
    Hexadecimal: 0x00000000
    Set $ax to 57005
    Decimal: 57005
    Hexadecimal: 0x0000dead

* Only written in pure Python code, so it's easy to extend
* Expression parser supports all arithmetic operator (``a+b``, ``a/b``, ``a<<b``, ``a&b``,
  ``...``), parenthesis, use of registers, etc. and pointer dereference
  (ex: ``print *($ebx+0xc)``).


Screenshot
==========

::

    $ ./gdb.py ls
    execve(/bin/ls, [['/bin/ls'],|[/* 40 vars */]]) = 16182
    (gdb) where
    ASM 0xb7f47810: MOV EAX, ESP <==
    ASM 0xb7f47812: CALL 0xb7f47a60
    ASM 0xb7f47817: MOV EDI, EAX
    ASM 0xb7f47819: CALL 0xb7f47800
    (gdb) regs
         EBX = 0xb7f4781e
         ECX = 0x0001d2f4
         EDX = 0xb7f61ff4
         ESI = 0x00000000
         (...)
    (gdb) proc
    Process ID: 16182
    Process command line: [['/bin/ls']
    Process|environment: ['TERM=xterm', 'SHELL=/bin/bash', (...)]]
    Process working directory: /home/vstinner/prog/fusil/ptrace/trunk
    (gdb) stack
    STACK: 0xbfc58000..0xbfc6e000
    STACK -8: 0x00000000
    STACK -4: 0xb7f4781e
    STACK +0: 0x00000001
    STACK +4: 0xbfc6c6bb
    STACK +8: 0x00000000
    (gdb) maps
    MAPS: 08048000-0805b000 r-xp 00000000 08:03 2588939    /bin/ls
    MAPS: 0805b000-0805c000 rw-p 00012000 08:03 2588939    /bin/ls
    (...)
    MAPS: b7f61000-b7f63000 rw-p 00019000 08:03 1540553    /lib/ld-2.6.1.so
    MAPS: bfc58000-bfc6e000 rw-p bfc58000 00:00 0          [[stack]
    MAPS:|ffffe000-fffff000 r-xp 00000000 00:00 0          [vdso]]
    (gdb) quit
    Quit.
    Terminate <PtraceProcess pid=16182>
    Quit gdb.