GDB: the GNU debugger

gdb is the command line tool to debug any Linux binary that has not been stripped or a core file. A core is a file left around by an application when it crashes.

If your lazy you can use many frontends to gdb for example:

  • cgdb – console debugger
  • ddd – ultra nice graphic debugger
  • emacs – yes, the old monster integrates gdb

You can invoke gdb in two ways:

  1. debugging a binary: gdb /usr/bin/myprogram
  2. debugging a core file: gdb crash /tmp/asterisk.core.11234

When starts gdb ready all the infoes it can from withing the binary or the core file and provide you with a propt, usually “gdb>” from where you can issue the command to operate with it.

The basic commands are:

  • “b” (break) followed by a source code line numer (i.e. 356) or by a function name (i.e. “main” ) will set a breakpoint; breakpoints are places where you (the developer) ask the debugger to stop the running of the program to inspect what’s happening at that specific point;
  • “r” (run) will make gdb to start running the program until a breakpoint (or a crash) is found;
  • “n” (next) will make gdb to execute the next line of the source program without entering any sub-functions, it will considered as a single instruction;
  • “s” (step) will make gdb to execute the next line of the source program but if there is any sub-function then it will entered;
  • “l” (list) will show a few listing of lines (usually 20) of the source code that gdb is currently inspecting;
  • “finish” will make gdb complete all the lines within the current function until its completed, i.e. the function return;
  • “c” (continue) will make gdb continue the execution of the program where its interrupted until a new breakpoint is found;
  • “q” (quit) will exit from gdb;

To inspect values you have:

  • “p” (print) followed by an expression will print the content/result of that variable/expression in the current moment;

display is like print except it keeps displaying the result of the expression everytime a new line in the source code is executed;

  • “bt” is the most important command since it will print the backtrace i.e. the program stack content that will allow you to know where are you now inside the program and ofc where your program has crashed;

More functions:

  • “d” followed by a breakpoint number will remove that breakpoint that will be ignored from now on;