I was having fun writing some php extension, when suddenly, in GDB:
$ gdb -q --args php -dextension=./src/modules/mymodule.so ./test.php
Reading symbols from php...(no debugging symbols found)...done.
gdb-peda$ symbol-file ./src/modules/mymodule.so
Reading symbols from ./src/modules/mymodule.so...done.
gdb-peda$ b my_function
Breakpoint 1 at 0x8e17: file /home/jvoisin/Dev/mymodule/src/myfile.c, line 5.
gdb-peda$ r
Starting program: /usr/bin/php -dextension=./src/modules/mymodule.so ./test.php
warning: Probes-based dynamic linker interface failed.
Reverting to original interface.
1[Inferior 1 (process 27468) exited normally]
Warning: not running or target is remote
gdb-peda$
The solution is dead-simple: Don't use symbol-file on .so files that are
dynamically loaded at runtime. GDB isn't clever enough to deal with this.
The right™ solution is simply to use set breakpoint pending on:
$ gdb --args php -dextension=./src/modules/mymodule.so ~/shells/shell.php
Reading symbols from php...(no debugging symbols found)...done.
gdb-peda$ set breakpoint pending on
gdb-peda$ b my_function
Function "my_function" not defined.
Breakpoint 1 (my_function) pending.
gdb-peda$ r
Starting program: /usr/bin/php -dextension=./src/modules/my_extension.so ./test.php
[Thread debugging using libthread_db enabled]
Using host libthread_db library "/lib/x86_64-linux-gnu/libthread_db.so.1".
[----------------------------------registers-----------------------------------]
RAX: 0x0
RBX: 0x7fffe2cae010 --> 0x7fffe2cad010 --> 0x10600000002
RCX: 0x7ffff3808000 ("/home/jvoisin/Dev/my_extension/src/main.ini")
RDX: 0x7ffff3808000 ("/home/jvoisin/Dev/my_extension/src/main.ini")
RSI: 0x7ffff7e08028 ("/home/jvoisin/Dev/my_extension/src/main.ini")
RDI: 0x7ffff3808000 ("/home/jvoisin/Dev/my_extension/src/main.ini")
RBP: 0x7fffffffc940 --> 0x7fffffffc980 --> 0x7fffe63e8ce0 --> 0x7fffe61e6794 ("my_extension.configuration_file")
RSP: 0x7fffffffc910 --> 0x7ffff3800000 --> 0x7ffff3800040 --> 0x0
RIP: 0x7fffe61def36 (<my_function+8>: mov rax,QWORD PTR fs:0x28)
R8 : 0x8
R9 : 0x7ffff3800000 --> 0x7ffff3800040 --> 0x0
R10: 0x66 ('f')
R11: 0x7fffe61def2e (<my_function>: push rbp)
R12: 0x7ffff3b5bff0 --> 0x7ffff7e08010 --> 0x10600000001
R13: 0x2f ('/')
R14: 0x15
R15: 0x7fffe61e6794 ("my_module.config_var")
EFLAGS: 0x202 (carry parity adjust zero sign trap INTERRUPT direction overflow)
[-------------------------------------code-------------------------------------]
0x7fffe61def2e <my_function>: push rbp
0x7fffe61def2f <my_function+1>: mov rbp,rsp
0x7fffe61def32 <my_function+4>: sub rsp,0x30
=> 0x7fffe61def36 <my_function+8>: mov rax,QWORD PTR fs:0x28
0x7fffe61def3f <my_function+17>: mov QWORD PTR [rbp-0x8],rax
0x7fffe61def43 <my_function+21>: xor eax,eax
0x7fffe61def45 <my_function+23>: mov rax,QWORD PTR [rip+0x20b974] # 0x7fffe63ea8c0 <__gcov0.my_function>
0x7fffe61def4c <my_function+30>: add rax,0x1
[------------------------------------stack-------------------------------------]
0000| 0x7fffffffc910 --> 0x7ffff3800000 --> 0x7ffff3800040 --> 0x0
0008| 0x7fffffffc918 --> 0x7ffff3b5bff0 --> 0x7ffff7e08010 --> 0x10600000001
0016| 0x7fffffffc920 --> 0x2f ('/')
0024| 0x7fffffffc928 --> 0x555555791c66 (<_estrdup+54>: mov rcx,rax)
0032| 0x7fffffffc930 --> 0x7fffe2cae010 --> 0x7fffe2cad010 --> 0x10600000002
0040| 0x7fffffffc938 --> 0x7fffe6d6e010 --> 0x7fffe61da000 --> 0x10102464c457f
0048| 0x7fffffffc940 --> 0x7fffffffc980 --> 0x7fffe63e8ce0 --> 0x7fffe61e6794 ("sp.configuration_file")
0056| 0x7fffffffc948 --> 0x7fffe61de1c5 (<OnUpdateConfiguration+173>: test eax,eax)
[------------------------------------------------------------------------------]
Legend: code, data, rodata, value
Breakpoint 1, my_function () at /home/jvoisin/Dev/my_module/src/file.c:242
242 int my_function() {
gdb-peda$