sdb¶
The Slick/Simple Debugger – a pipeline-based debugger for Linux kernel and userland, built on drgn.
sdb attaches to a live kernel, a running process, or a crash/core dump and provides a composable set of commands connected by pipes:
sdb> stacks -m zfs | count
(unsigned long long)12
sdb> find_task 1 | member comm
(char [16])"systemd"
sdb> spa | member spa_name ! sort
(char [256])"data"
(char [256])"rpool"
Features¶
50+ built-in commands for Linux kernel internals, ZFS, and SPL data structures.
Pipeline architecture – compose commands with
|and pipe to the shell with!.Session recording – capture memory accesses into a portable vmcore and replay offline.
Extensible – write your own commands in Python and load them at runtime.
Library API – embed sdb in your own tools (see Using sdb as a library).
mdb compatibility – use the familiar
symbol::cmdsyntax.
Getting Started
Tutorials
- Using
stacks - Recording and replaying sessions
- Creating and loading external commands
- Using sdb as a library
sdb.open_dump()– the fastest way to get startedsdb.connect()andsdb.run()– the programmatic API- The
sdb.start()entry point (REPL) - Running pipelines with
sdb.invoke() - The
pre_cmd_hookpattern - Loading custom commands
- Manual setup (without
sdb.connect()orsdb.start()) - Real-world example: GhostWire
Project