GDB/DDD Reference Sheet V1.0 (All commands work both in GDB ...

GDB/DDD Reference Sheet V1.0(All commands work both in GDB and DDD unless specified otherwise)(Examples are for the CS324 Bomb Lab)Starting:GDB:gdbgdb gdb -h(lists command line options)DDD:ddd (loads the files already)dddLoading EXE Inside DDD:Select FILE => OPEN PROGRAMExiting:GDB: quitDDD: Select FILE => EXITGeneral commandsrun (start your program) (optional Textfile for Input)DDD: Click on the Run Buttonkill(stop the program)Breakpointsb FUNCTION (set a breakpoint at the entry to the function)EX. b explode_bombb phase_1 (Puts a break at phase_1)b *ADDRESS (set a breakpoint at the specified address)DDD: Just Right-Click on the address in the Machine-Code Window andClick on “Set BreakPoint”disable (disable the breakpoint with that number)enable (enable the breakpoint with that number)clear FUNCTION (clear any breakpoints at the entry to the function)d (deletes the breakpoint with that number)DDD: (Right-Click on the Breakpoint and Select “Delete BreakPoint”)d(deletes all breakpoints)Working at breakpointsstepistepi stepnextinexti next(execute one machine code instruction)(execute NUM instructions)(execute one C statement)(like stepi, but proceed through subroutine calls)until LOCATION (continue running until LOCATION is reached)continue (resume execution)continue (continue, ignoring this breakpoint NUM times)finish(run until the current function returns)DDD: Make sure the COMMAND TOOL is Loaded (i.e. select VIEW => COMMAND TOOL)Then Click desired Command listed above to execute

Examining codeprint/a $pc (print the program counter)print $sp (print the stack pointer)disas(display the function around the current line)DDD: (Have the Machine Code Window Displaying)To Turn Machine Code Window ON/OFF (SELECT => MACHINE CODE WINDOW)disas ADDR (display the function around the address)disas ADDR1 ADDR2 (display the function between the addresses)disas FUNCTION (displays the machine instructions for that function)EX. disas phase_1 (disassembles phase_1 function instructions)Examining dataprint $eaxp/x $eaxp/a $eaxp/d $eaxp/t $eaxp/c $eaxp 0x100p/x 555(print the contents of %eax)(print the contents of %eax as hex)(print the contents of %eax as an address)(print the contents of %eax as decimal)(print the contents of %eax as binary)(print the contents of %eax as a character)(print decimal repr. of hex value)(print hex repr. of decimal value)x ADDR (print the contents of ADDR in memory)x/NFU ADDR (print the contents at ADDR in memory:N = number of units to displayF = display format-Uses all the same ones as print (p) and hasthese additional ones:s = (print-out null-terminated string)i = (print out machine instructions)U = b (bytes), h (2 bytes), w (4 bytes))Autodisplaying informationdisplay $eax (print contents of %eax every time the program stops)display(print the auto-displayed items)delete display (stop displaying item NUM)DDD (THIS WILL REALLY HELP!!):Displaying in the DATA WINDOWNote: To Turn Data Window ON/OFF (SELECT => DATA WINDOW)graph display `(p or x Command)`Ex. graph display `x/a $ebp+8`Ex. graph display `x/s *(int*)($ebp+8)`(I casted value to a pointer and than dereferenced)Ex. graph display `x/8xb 0x08048e2c`` = Tick Mark (below the Escape Key)Useful information commandshelp infoinfo r (registers and their contents)DDD: Select Status => Registersinfo b (status of user-settable breakpoints)DDD: Select Source => Breakpointsinfo stack (backtrace of the stack)DDD: Select Status => Backtraceinfo address SYMBOL (use for looking up addresses of functions)info frame (information about the current stack frame)

Other Useful commands (NOT for GDB/DDD)• objdump ­t This will print out the bomb’s symbol table. The symbol table includes the names of all functions andglobal variables in the bomb, the names of all the functions the bomb calls, and their addresses. Youmay learn something by looking at the function names!• objdump ­d Use this to disassemble all of the code in the bomb. You can also just look at individual functions.Reading the assembler code can tell you how the bomb works.Although objdump ­d gives you a lot of information, it doesn’t tell you the whole story. Calls tosystem­level functions are displayed in a cryptic form. For example, a call to sscanf might appearas:8048c36: e8 99 fc ff ff call 80488d4 To determine that the call was to sscanf, you would need to disassemble within gdb/ddd.• strings This utility will display the printable strings in your bomb.EXTRA INFO SECTIONSFor more information on Machine­Level Debugging in DDD see:http://www.gnu.org/software/ddd/manual/html_mono/ddd.htmlFor more information on Output Formats and Examining Memory see:http://sources.redhat.com/gdb/current/onlinedocs/gdb_9.html#SEC58SEE LABHANDOUT FOR MORE TIPS