Tuesday, July 9, 2013

How to use gdb for inspecting control flow in a Linux daemon.


             For inspecting the control flow, simply put break points on all functions of that particular process. If more functions are then, then it will be frustrating task to put break points one by one. so we automate the task of putting break points.

Step 1: Collect the function names from object file of that daemon. While compiling daemon program use -c option in gcc for creating only object file(s).

                            gcc -c sample.c

you will be using g++ for compiling c++ codes right?.

Step 2: Run the following shell script

     nm -P sample.o | awk '$2 == "T" && $1 != "main" 
     {
         print "# code for " $NF; 
         print "b " $1; 
         print "commands"; 
         print "silent"; 
         print "bt 1"; 
         print "c"; 
         print "end"; 
         print "";        
     }' 
     &> function_names

a file(function_names) with all function names(except main()) and necessary gdb commands will be created. 

Step 2: Get the Process ID of the daemon using ps -ax command.

Step 3: Start the GDB session and pass the commands file generated from that scipt as argument.

              gdb --command=function_names a.out <pid>

          now gdb will show that all functions in that executable is set with breakpoints.

Step 4: continue the execution.

Now you can see the function call made and parameters passed to it.
More Reference.



















1 comment: