ptrace is the system call used to trace a program and it's used primarly by debuggers like gdb to do their stuffs.


Idea: write a ptrace-based command that take a list of address, set breakpoint and dump a list of local variables, based with respect to the esp/ebp offset; also intercept SEGFAULT and stop. First POC's code: ptrace.

For test you can use i_crash.c

$ ./ptrace_on_segfault  ./i_crash 265
RIP: 41414141 Instruction executed: ffffffff 11
 [I] child 17148 received signal 11


Remove annoying stuffs from gdb

(gdb) set confirmation off
(gdb) set pagination off

Exist a curses interface

(gdb) tui enable
(gdb) layout asm
(gdb) focus cmd