Use --silent, --quiet or -q to omit printing introductory and copyright messages.
Specifying a PID
Specifing a PID attaches to the running program with the given process ID (PID):
gdb prog 1234
gdb -p 1234
Some commands
Some commands include:
start - start the programs by temporarily setting a breakpoint on main (for c/c++ programs) and then invoking the run command. Comare with starti that sets the temprary breakpoint in _start (if the default entry point for executables is used by a program)
run
finish - run until the function returns and print returned value. Compare with return
until: run to next source line (used to «skip» a loop)
skip: Specify unininteresting functions that need not be stepped into
p - print values of variables (might use frame to change the context). Compare with x (examine)
x - examine (print) low level data structers: memory, registers …. Compare with p (print)
s - step an instruction
n - step over a function
display/i $pc - Show the current instruction.
watch - interrupt the program when the watched variable changes
rwatch (?) - interrupt the program when the value of a variable is read
list - show the program source code (if compiled with -g)
break - set a breakpoint. Use clear to remove. Use save breakpoints … to save current breakpoint definitions and source … to read them. Use commands to specify a set of commands that are automatically executed when a breakpoint is hit.
bt - backtrace
set var varName = 42 - set the value of varName to 42. set prompt … sets the prompt.
tui enable: start TUI mode (Text User Interface).
quit (compare with ctrl-c)
apropos word: searches for commands related to word (see also gdb --help)
info describe the state of the debuggee. Compare with show
show describe the state of GDB (for example show configuration). Compare with info
find: search memory for a given sequence of bytes
checkpoint: save a snapshot of the debugged program's current execution state. This execution state can later be restarted with restart <checkpoint-id>.
commands … end: specify a list of commands that are automatically executed when a breakpoint is hit.
echo, output and printf
ctrl-c does not exit GDB but rather terminates the currently executed GDB command. Compare with quit or exit
b - set breakpoints
Conditional breakpoints
b func_X if $_caller_is("func_Y") sets a breakpoint in function func_X which is only triggered if it is called by function func_Y.
$_caller_is(…) is a so-called convenience function of gdb.
bt - Show stack (backtrace)
…
p - print
p prints the value of variables. By default, p prints the value according to the variable's data type, but this can be changed with output format letters.
p respects frame for the context
TODO: is the output of p influenced by set print …?
p/C sets the output format depending on the letter (Output format letters) after p/ (here: C):
x - examine memory
x/nfu expr
x/nfu expr or x/nuf expr
n is the repeat count. A negative value can be specified to print the values of lower addresses from expr
f is the display format (output format leetters plus i for machine instruction (compare with the disassemble command) and m for displaying memory regions
u is the unit size
Unit size is one of
Number of bytes
Mnemonic
b
1
Byte
h
2
Halfword
w
4
Word
g
8
Giant
Examples:
x/hs, x/ws
Prints 16-bit or 32-bit char strings, respectively
x/4xw $sp
Prints 4 words of memory above the stack pointer, in hexadecimal
x/5i $pc-6
Print 5 instructions, starting 6 bytes before the current instruction pointer. The current instruction is marked with =>
x/3s *(char**) $addr
Interpret $addr as array of pointers to char (i. e. a string array) and display the first three strings in that array.
A nice property of the unit sizes is that they're distinct from the output format letters so the order of using unit size and format latter is irrelevant.
The default value is intially w but is changed whenever a unit size is specified.
x addr
Displays the memory starting at addr
Output format letters
Ouptut format letters can be used in the x and p commands.
x
Print the binary representation of the value in hexadecimal.
d
Print the binary representation of the value in decimal.
u
Print the binary representation of the value as an decimal, as if it were unsigned.
o
Print the binary representation of the value in octal.
t
Print the binary representation of the value in binary. The letter t stands for two
a
Print as an address, both absolute in hexadecimal and as an offset from the nearest preceding symbol. You can use this format used to discover where (in what function) an unknown address is located:
c
Cast the value to an integer (unlike other formats, this does not just reinterpret the underlying bits) and print it as a character constant. This prints both the numerical value and its character representation. The character representation is replaced with the octal escape \nnn for characters outside the 7-bit ascii range. Without this format, gdb displays char, unsigned char, and signed char data as character constants. Single-byte members of vectors are displayed as integer data.
f
Regard the bits of the value as a floating point number and print using typical floating point syntax.
s
Regard as a string, if possible. With this format, pointers to single-byte data are displayed as null-terminated strings and arrays of single-byte data are displayed as fixed-length strings. Other values are displayed in their natural types. Without this format, gdb displays pointers to and arrays of char, unsigned char, and signed char as strings. Single-byte members of a vector are displayed as an integer array.
z
Like x formatting, the value is treated as an integer and printed as hexadecimal, but leading zeros are printed to pad the value to the size of the integer type.
r
Print using the raw formatting. By default, gdb will use a Python-based pretty-printer, if one is available (see Section Pretty Printing in the manual). This typically results in a higher-level display of the value's contents. The r format bypasses any Python pretty-printer which might exist.
Breakpoints, watchpoints and catchpoints
A program is stopped when its execution reaches a breakpoint.
It's possible to assign conditions to breakpoints which must be met in order for the program to be stopped.
A watchpoint is a breakpoint that stops the program if the value of an expression changes.
A catchpoint stops the program when a given event occurs (syscalls (catch syscall write), exceptions, loading of libraries …)
Each breakpoint (and also watchpoints and catchpoint?) can be enabled and disabled.
Modifying variables
(gdb) set var foo=42
Standard register names
$pc
Program counter
$sp
Stack pointer
$fp
Frame pointer
$ps
Processor status
Print program counter in hex: p/x $c
Print instruction to be executed next: x/i $pc
Add four to the stack pointer: set $sp += 4
set
input-radix
(gdb) set input-radix 10
(gdb) set output-radix 16
(gdb) set radix 16
…
Multithreaded programs
A mutlithread program is either debugged in
all-stop mode (the default): all threads are stopped if any thread is stopped (for example because of hitting a breakpoint)
non-stop mode: all threads except the currently stopped one continue to execute.
Non-stop mode is entered by
(gdb) set pagination off
(gdb) set non-stop on
Note: the scheduling of threads is not under control of GDB, thus when stepping one statement, other threads might execute multiple statements in the mean time.
Setting the syntax of disassembled code:
set disassembly-flavor intel
Compare with
The -M option of objdump chooses the assembly dialect.