flat assembler
Message board for the users of flat assembler.

Index > Linux > GDB

Goto page Previous  1, 2
Author
Thread Post new topic Reply to topic
macomics



Joined: 26 Jan 2021
Posts: 1041
Location: Russia
macomics 02 Dec 2024, 15:45
Post 02 Dec 2024, 15:45
View user's profile Send private message Reply with quote
revolution
When all else fails, read the source


Joined: 24 Aug 2004
Posts: 20451
Location: In your JS exploiting you and your system
revolution 02 Dec 2024, 16:32
Using .inputrc affects all CLI programs using readline (i.e. many of them). Sad

Just for GDB, nothing else.
Post 02 Dec 2024, 16:32
View user's profile Send private message Visit poster's website Reply with quote
macomics



Joined: 26 Jan 2021
Posts: 1041
Location: Russia
macomics 02 Dec 2024, 17:59
~/.gdbinit
Code:
shell mv ~/.inputrc ~/.inputrc.bak
shell cp ~/.inputrc.gdb ~/.inputrc
define hook-quit
shell rm -v ~/.inputrc
shell mv ~/.inputrc.bak ~/.inputrc
end    
Post 02 Dec 2024, 17:59
View user's profile Send private message Reply with quote
revolution
When all else fails, read the source


Joined: 24 Aug 2004
Posts: 20451
Location: In your JS exploiting you and your system
revolution 03 Dec 2024, 00:17
But that still affects other CLI apps when GDB is active, right?
And if I forget to type hook-quit before exit then it makes it permanent. Confused

On another matter: I can't find a way to register a JIT debugger in Linux. Does Linux have/support it?
Post 03 Dec 2024, 00:17
View user's profile Send private message Visit poster's website Reply with quote
macomics



Joined: 26 Jan 2021
Posts: 1041
Location: Russia
macomics 03 Dec 2024, 04:14
revolution wrote:
I can't find a way to register a JIT debugger in Linux. Does Linux have/support it?
Unlike Windows, the debugger does not run for all processes for automatic activation unless the user wants it to. But you can use attach command to debug a live/broken process.
Post 03 Dec 2024, 04:14
View user's profile Send private message Reply with quote
revolution
When all else fails, read the source


Joined: 24 Aug 2004
Posts: 20451
Location: In your JS exploiting you and your system
revolution 03 Dec 2024, 08:11
macomics wrote:
Unlike Windows, the debugger does not run for all processes for automatic activation unless the user wants it to.
I am the user and I want it to. How to make it automatically activate?
macomics wrote:
But you can use attach command to debug a live/broken process.
How can I attach to a broken process? The kernel immediately kills it on my system.
Post 03 Dec 2024, 08:11
View user's profile Send private message Visit poster's website Reply with quote
macomics



Joined: 26 Jan 2021
Posts: 1041
Location: Russia
macomics 03 Dec 2024, 08:39
revolution wrote:
How to make it automatically activate?
Run all processes in the debugger during initialization.
Post 03 Dec 2024, 08:39
View user's profile Send private message Reply with quote
revolution
When all else fails, read the source


Joined: 24 Aug 2004
Posts: 20451
Location: In your JS exploiting you and your system
revolution 03 Dec 2024, 09:02
macomics wrote:
Run all processes in the debugger during initialization.
LOL. On my system there are 200+ processes at any one time. It would be wild to have 200+ terminals sessions for those 200+ processes. Plus all the transient processes opening and closing would require a new terminal session each time.
Post 03 Dec 2024, 09:02
View user's profile Send private message Visit poster's website Reply with quote
macomics



Joined: 26 Jan 2021
Posts: 1041
Location: Russia
macomics 03 Dec 2024, 09:31
revolution wrote:
LOL. On my system there are 200+ processes at any one time. It would be wild to have 200+ terminals sessions for those 200+ processes. Plus all the transient processes opening and closing would require a new terminal session each time.
What for? To run without a terminal, use gdbserver
Post 03 Dec 2024, 09:31
View user's profile Send private message Reply with quote
revolution
When all else fails, read the source


Joined: 24 Aug 2004
Posts: 20451
Location: In your JS exploiting you and your system
revolution 03 Dec 2024, 09:34
Wouldn't it be much easier to just have a basic JIT debugger interface?

Edit: gdbserver doesn't exist in my system.
Post 03 Dec 2024, 09:34
View user's profile Send private message Visit poster's website Reply with quote
Furs



Joined: 04 Mar 2016
Posts: 2564
Furs 03 Dec 2024, 16:04
There's the signal handler injection you can use. Someone posted it here: https://stackoverflow.com/questions/22509088/is-it-possible-to-attach-gdb-to-a-crashed-process-a-k-a-just-in-time-debuggin/22509089#22509089

You can also enable core dumps from the kernel and load them in gdb later, though I've never use it so can't say. I remember you had to use something in sysfs (unless you were using custom distro tools which I dislike).
Post 03 Dec 2024, 16:04
View user's profile Send private message Reply with quote
revolution
When all else fails, read the source


Joined: 24 Aug 2004
Posts: 20451
Location: In your JS exploiting you and your system
revolution 03 Dec 2024, 16:23
LD_PRELOAD only works if the app uses the "standard" linker, right? And it has to be preloaded into every application to catch the crashes. Requires much forethought.

Does the preload cascade into child process started by the main app? The main app would need to redo the preload, right? And all child apps starting grandchild apps would also need to cascade it. Sounds like a big ask to get every app in the chain to cooperate. Confused
Post 03 Dec 2024, 16:23
View user's profile Send private message Visit poster's website Reply with quote
Furs



Joined: 04 Mar 2016
Posts: 2564
Furs 04 Dec 2024, 22:28
As long as LD_PRELOAD is set, the linker will load it into the address space of the app before loading any other shared libraries. It should be set for child processes unless deliberately unset somehow. Just make sure to "export" it in bash.

What do you mean by "standard" linker though? I mean it's a linker feature yes, but I'm not aware of any app that doesn't use the linker? Even 100% statically linked apps still rely on the linker to load it. You can't execute ELF directly, it's actually the linker that does.

By linker i mean /lib/ld-linux.so or whatever.

Obviously LD_PRELOAD should not be used in release code or production but I thought this was about debugging?
Post 04 Dec 2024, 22:28
View user's profile Send private message Reply with quote
revolution
When all else fails, read the source


Joined: 24 Aug 2004
Posts: 20451
Location: In your JS exploiting you and your system
revolution 04 Dec 2024, 22:40
My hello world program doesn't use any linker. Statically linked programs also don't use the runtime linker.

Only dynamically linked programs will use the runtime linker.

I have also seem programs that use their own runtime linker and don't reference /lib/ld-linux.so at all.
Post 04 Dec 2024, 22:40
View user's profile Send private message Visit poster's website Reply with quote
Display posts from previous:
Post new topic Reply to topic

Jump to:  
Goto page Previous  1, 2

< Last Thread | Next Thread >
Forum Rules:
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum


Copyright © 1999-2025, Tomasz Grysztar. Also on GitHub, YouTube.

Website powered by rwasa.