GDB commands for WinDbg users

Most of the debugging I’ve done has been on Windows using WinDbg (or kd, cdb, ntsd). Now I’m doing some GDB debugging on Linux, so I’m trying overcome my muscle memory of typing WinDbg commands. I’m sharing my table for translating WinDbg commands to GDB.

Action WinDbg GDB
Set breakpoint bp [addr]
bp [name]
b[reak] *[addr]
b[reak] [name]
List breakpoints bl i[nfo] b[reakpoints]
Enable breakpoint be [n] en[able] [n]
Disable breakpoint bd [n] dis[able] [n]
Clear one breakpoint bc [n] d[elete] [n]
Clear all breakpoints bc * d[elete]
Disassemble u
u [addr]
disas[semble] /r
disas[semble] /r [addr]
Run g
g [addr]
r[un]
sta[rt]
Continue g
gc
c[ontinue]
Restart .restart r[un]
Trace (into calls) t s[tep]
Step (over calls) p n[ext]
Trace (into calls)
by machine instruction
t s[tep]i
Step (over calls)
by machine instruction
p n[ext]i
Toggle source mode
for stepping
l+t
l-t
n/a - See above.
(use si and ni
)
List modules lm i[nfo] sh[aredlibrary]
View registers r
r [name]
i[nfo] r
i[nfo] r [name]
View call stack k[b|v|p] i s[tack]
bt f[ull]
View threads ~ i[nfo] th[reads]
Switch thread ~[n]s thr[ead] [n]
View all thread stacks ~*k thread apply all bt
Switch frame .frame [n] f[rame] [n]
View memory (8 bytes) dq [addr] L[n] x/[n]xg [addr]
View memory (4 bytes) dd [addr] L[n] x/[n]xw [addr]
View memory (2 bytes) dw [addr] L[n] x/[n]xh [addr]
View memory (1 byte) db [addr] L[n] x/[n]xb [addr]
View memory (ascii) da [addr] L[n] p[rint] (char*)[addr]
x/s [addr]
x/20c [addr]
View memory (stacked) dds [addr] L[n] x/xw [addr]
repeat Enter key
View local variables dv /v
x
i[nfo] lo[cals]
print [var_name]
x &[var_name]
View global variables x [mod]!* i[nfo] va[riables]
info address [g_name]
print [g_name]
x &[g_name]
View frame args x
kP L1
i[nfo] ar[gs]
View type dt [type] explore [type]
Break on syscall catch syscall [i]
catch syscall [name]
Set register r [name]=[value] set $[name]=[value]
Evaluate ? [expr]
e.g. ? rax+5
p [expr]
e.g. p $r11+5
Quit q q

Notes:

  • GDB: Prefix breakpoint memory addresses with *
  • GDB: “set disassembly-flavor intel” for disassembly more like WinDbg
  • GDB: “start” runs to the entry point (if named “main”)
  • In the View memory commands, “n” represents the number of values
  • For viewing local variables, be sure to compile with symbolic information:
      • gcc -g
      • cl /Zi

     

Advertisements