1

I'm trying to write a GDB script to do instruction tracing in a bounded maner (i.e start addr and stop addr). Perhaps I'm failing at google but I cant seem to find this in existence already.

Here is my stab at it:

python

def start_logging():
     gdb.execute("set logging on")
     gdb.execute("while $eip != 0xBA10012E9")
     gdb.execute("x/1i $eip")
     gdb.execute("stepi")
     gdb.execute(" end")
     gdb.execute("set logging off")

gdb.execute("set pagination off")
gdb.execute("break *0xBA19912CF")
gdb.execute("command 1 $(start_logging())")
gdb.execute("continue")

In my mind this should set up a breakpoint then set the command to run when it hits. When the breakpoint hits it should single step through the code until the end address is hit and then it will turn off logging.

When I run this with gdb the application will break at the correct point but no commands are run.

What am I doing wrong? Sorry if this is the wrong way to go about this please let me know. I'm new to gdb scripting

Improve this question

1 Answer 1

Reset to default
1

I see a few odd things in here.

First, it looks like you are trying to split multi-line gdb commands across multiple calls to gdb.execute. I don't believe this will work. Certainly it isn't intended to work.

Second, there's no reason to try to do a "while" loop via gdb.execute. It's better to just do it directly in Python.

Third, I think the "command" line seems pretty wrong as well. I don't really get what it is trying to do, I guess call start_logging when the breakpoint is hit? And then continue? Well, it won't work as written.

What I would suggest is something like:

gdb.execute('break ...')
gdb.execute('run')
while gdb.parse_and_eval('$eip') != 0x...:
  gdb.execute('stepi')

If you really want logging, either do the 'set logging' business or just instruct gdb.execute to return a string and log it from Python.

Improve this answer
Sign up to request clarification or add additional context in comments.

2 Comments

Thanks for the response, I thought the gdb.execute was required to execute a command, when I just have them in the file it fails? The multiline gdb commands I tried to put as one string in gdb.execute and it didnt seem to like that either thats why they are multi commands. As for your proposed example I'll give it a try instead of using a break command (which is what my intention was with my code)
Updated my script with your updates and now I'm having the problem that the breakpoint gets set and on the gdb side it seems to think that it told the application to run, as its just hanging waiting. But the application still thinks its stopped. If I ctrl+c gdb then manually type continue it works. But why isint my continute in my script working?

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.