STEPPING

This steps through the program one instruction or line of code at a time.

SINGLE STEP

The stepi or si cmd will step through the assembly instructions one by one. It is the smallest level of steps possible while debugging

gef>  si
 0x0000000000401005 in _start ()
    0x400fff                  add    BYTE PTR [rax+0x1], bh
  →   0x401005 <_start+5>       mov    edi, 0x1
      0x40100a <_start+10>      movabs rsi, 0x402000
      0x401014 <_start+20>      mov    edx, 0x12
      0x401019 <_start+25>      syscall 
 ─────────────────────────────────────────────────────────────────────────────────────── threads ────
      [#0] Id 1, Name: "helloWorld", stopped 0x401005 in _start (), reason: SINGLE STEP

 * the instruction shown with the -> symbol is where , and it has not yet 
   been processed
 
 * In GDB/GEF, the arrow → points to the next instruction that will be executed.
    - To execute that instruction and step forward, use the "si" (step instruction)

STEP COUNT

The si followed by a number (si #) moves through the specified number of instruction.

gef>  si 3
 0x0000000000401019 in _start ()
 ─────────────────────────────────────────────────────────────────────────────────── code:x86:64 ────
      0x401004 <_start+4>       add    BYTE PTR [rdi+0x1], bh
      0x40100a <_start+10>      movabs rsi, 0x402000
      0x401014 <_start+20>      mov    edx, 0x12
  →   0x401019 <_start+25>      syscall 
      0x40101b <_start+27>      mov    eax, 0x3c
      0x401020 <_start+32>      mov    edi, 0x0
      0x401025 <_start+37>      syscall 
 ─────────────────────────────────────────────────────────────────────────────────────── threads ────
 [#0] Id 1, Name: "helloWorld", stopped 0x401019 in _start (), reason: SINGLE STEP
 
 * the return/enter is used to repeat the last command

STEP

The step command will continue until the following line of code is reached or until it exits from the current function

gef>  step
 Single stepping until exit from function _start,
 which has no line number information.
 Hello!
 [Inferior 1 (process 14732) exited normally]
 
 * If there's a call to another function within this function, it'll break at the 
   beginning of that function. Otherwise, it'll break after exiting this function 
   after the program's end.

NEXT

This command will also continue until the next line, but will skip any functions called in the same line of code, instead of breaking at them like step. The the nexti or ni, which is similar to si, but skips functions calls

PreviousMANUAL ANALYSIS: DISPLAY SPECIFIED VALUESNextMODIFICATION

Last updated