gdb help

A few gdb notes that should help with the bomb-defusing and buffer-overflow projects.

Miscellaneous

$ gcc -g ...	include symbols (e.g., function & variable names) in the executable
$ gdb executable	run gdb on the specifed executable
$ gdb sourcefile.c	nope; doesn't work
(gdb) [Enter]	run the previous command again
(gdb) [Ctrl-L]	clean up the "layout" display when it gets corrupted
(gdb) help name-of-command	get help

list	View code near wherever you last left off
layout src	2-panel display, C on top and (gdb) prompt on bottom
layout asm	2-panel display, assembly on top

br 73	Set a breakpoint at line 73 of the C source code
br bomb.c:73	Set a breakpoint at line 73 of the C source code in the file bomb.c
clear bomb.c:73	Get rid of the breakpoint at line 73 of the C source code in the file bomb.c
br *0x403444	Set a breakpoint att the instruction at address 0x403444
maintenance info breakpoints	Show all breakpoints
main i br	Show all breakpoints

run	Start the program from beginning
r	Start the program from beginning
r [args...]	Include command-line arguments
continue	Continue execution from a breakpoint
c	Continue execution from a breakpoint
stepi	Execute one instruction (step into function calls)
si	Execute one instruction (step over function calls)
nexti	Execute one instruction (step into function calls)
ni	Execute one instruction (step over function calls)
finish	Step out of the current function
fi

info reg	View all register contents
i r	View all register contents
i r rax rbx	View the contents of the specified registers
i r eax	View the contents of the specified register
i r eflags	View which bits are set in the EFLAGS register

x/nfu addr allows us to examine memory starting at addr. Here:

It also lets you do x/nuf addr, but the number always has to come first.

Do help x to get the possible values of f and u.

x/1ss addr	View a null-terminated string
x/5xw addr	View the 5 4-byte words starting at addr in hexadecimal
x/5xg addr	View the 5 8-byte "giant" words starting at addr