GDB python script for bounded instruction tracing

Question

I'm trying to write a GDB script to do instruction tracing in a bounded maner (i.e start addr and stop addr). Perhaps I'm failing at google but I cant seem to find this in existence already.

Here is my stab at it:

python

def start_logging():
     gdb.execute("set logging on")
     gdb.execute("while $eip != 0xBA10012E9")
     gdb.execute("x/1i $eip")
     gdb.execute("stepi")
     gdb.execute(" end")
     gdb.execute("set logging off")

gdb.execute("set pagination off")
gdb.execute("break *0xBA19912CF")
gdb.execute("command 1 $(start_logging())")
gdb.execute("continue")

In my mind this should set up a breakpoint then set the command to run when it hits. When the breakpoint hits it should single step through the code until the end address is hit and then it will turn off logging.

When I run this with gdb the application will break at the correct point but no commands are run.

What am I doing wrong? Sorry if this is the wrong way to go about this please let me know. I'm new to gdb scripting

Answer 1

I see a few odd things in here.

First, it looks like you are trying to split multi-line gdb commands across multiple calls to gdb.execute. I don't believe this will work. Certainly it isn't intended to work.

Second, there's no reason to try to do a "while" loop via gdb.execute. It's better to just do it directly in Python.

Third, I think the "command" line seems pretty wrong as well. I don't really get what it is trying to do, I guess call start_logging when the breakpoint is hit? And then continue? Well, it won't work as written.

What I would suggest is something like:

gdb.execute('break ...')
gdb.execute('run')
while gdb.parse_and_eval('$eip') != 0x...:
  gdb.execute('stepi')

If you really want logging, either do the 'set logging' business or just instruct gdb.execute to return a string and log it from Python.