ptrace is the system call used to trace a program and it's used primarly by debuggers like gdb to do their stuffs.
Idea: write a ptrace-based command that take a list of address, set breakpoint
and dump a list of local variables, based with respect to the
offset; also intercept
SEGFAULT and stop. First POC's code: ptrace.
For test you can use i_crash.c
$ ./ptrace_on_segfault ./i_crash 265 RIP: 41414141 Instruction executed: ffffffff 11 [I] child 17148 received signal 11
Remove annoying stuffs from
(gdb) set confirmation off (gdb) set pagination off
(gdb) tui enable (gdb) layout asm (gdb) focus cmd