load a fake debug symbol in gdb when debugging a stripped program

Question

I'm debugging a stripped program using gdb.

(gdb) bt
#0  0x00007fffcb443650 in fooSnprintf () from ./install.so.1

I know that 3rd argument is the format sting:

(gdb) print (char*)$rdx
$9 = 0x7fffe8dd4050 "%u %s"

How do I make gdb show function args at breakpoint stop, like it does, when real debug symbols are loaded?

Breakpoint 1, fooSnprintf (a=0, b=0, fmt=0x40060a "%u %s") at test.c:3

I know about hook-stop, but it's global and will trigger on any breakpoint.

This works, but inconvenient:

define hook-stop
    if $rip == fooSnprintf
        print (char*)$rdx
    end
end

Answer 1

You can associate commands with a particular breakpoint using the commands directive:

break fooSnprintf
commands
print (char*)$rdx
end

See here for more detail

Answer 2

Made a fake source file.

[root@softiwarp-1 ~]# cat fooSnprintf.c
void padding() {
__asm__ volatile (
"\n nop"
"\n nop"
"\n nop"
"\n nop"
"\n nop"
"\n nop"
"\n nop"
"\n nop"
"\n nop"
"\n nop"
"\n nop"
"\n nop"
"\n nop"
"\n nop"
);
}

int fooSnprintf(void *a, void *b, char *fmt, ...) {
        return a && b && fmt;
}

Compiled a shared library with -O2 (important, because with -O0 gdb expects the function to put registers to stack). By trial and error selected a proper load address:

[root@joe ~]# gcc -fPIC -g -O2 -shared -o fooSnprintf.so fooSnprintf.c \
-Wl,-Ttext-segment=$(printf 0x%x $((0x00007fffcb443650 - 1392)))

Load

(gdb) symbol-file /root/fooSnprintf.so
Load new symbol table from "/root/fooSnprintf.so"? (y or n) y
Reading symbols from /root/fooSnprintf.so...done.
(gdb) c
Continuing.

Breakpoint 2, fooSnprintf (a=0x7fffc9ef0560, b=0xc8, fmt=0x7fffe8dd4050 "%u %s") at fooSnprintf.c:21
21              return a && b && fmt;