Reverse Engineeringdebuggerdebuggingreverse engineeringcc++assemblycore dump

GNU Debugger

GDB is a source-level debugger capable of breaking programs at any specific line, displaying variable values, and determining where errors occurred. It supports multiple languages including C, C++, Fortran, Java, and assembly.

Description

GDB is a powerful tool for debugging programs at the source level. It allows programmers to set breakpoints, inspect variables, and trace execution to identify bugs and errors. Currently supporting languages like C, C++, D, Objective-C, Fortran, Java, OpenCL C, Pascal, assembly, Modula-2, Go, and Ada, it is essential for serious programming and reverse engineering tasks.

The tool comes with related binaries like gcore for generating core dumps from running processes, gdb-multiarch for multi-architecture support, gdbserver for remote debugging, and utilities such as gdb-add-index and gstack. These extend GDB's capabilities for analyzing core files, stack traces, and remote targets.

Installation provides access to the full suite, with dependencies ensuring compatibility across architectures and environments. GDB reads system-wide init files like /etc/gdb/gdbinit on startup.

How It Works

GDB attaches to executables, core dumps, or running processes via options like --exec, --core, or --pid. It reads symbol files for source-level debugging, supports multiple interpreters and UIs, and executes initial commands from files. Remote debugging uses gdbserver over TCP or serial connections, while gcore creates core files by dumping process memory using GDB internals.

Installation

bash

sudo apt install gdb

Flags

-h, --helpPrint this message then exit.

-v, --versionPrint version information then exit.

--core=COREFILEAnalyze the core dump COREFILE.

--pid=PIDAttach to running process PID.

--batchExit after processing options.

-aDump all memory mappings (gcore).

--attachAttach to running process PID (gdbserver).

--dwarf-5Add the DWARF-5 style .debug_names section instead of .gdb_index (gdb-add-index).

Examples

Display help for gcore, which generates core files for running processes.

gcore -h

Show usage and options for the GNU debugger.

gdb -h

Display help for adding .gdb_index section to speed up debug info loading.

gdb-add-index -h

Show help for printing stack trace of a running program.

gstack -h

Display usage for gdbserver remote debugging server.

gdbserver --help

Create core file named 'prefix.pid1' for process pid1.

gcore -o prefix pid1

Attach GDB to running process PID.

gdb --pid=PID

Print stack trace for process PID.

gstack PID

Updated 2026-04-16kali.org ↗