26425

How to read local variables with gdb?

Question:

I know that you can find any parameters by looking at a positive offset from $ebp using gdb:

(gdb) x/4wx $ebp

Then, I would look at the 3rd and 4th addresses using x/s because they would be the first and second parameter. What about for local variables? How would I look at the values at a negative offset from $ebp? Also, is there anyway to look at the value of $eax? Whenever I try to print the value of $eax using x/s $eax, the address is out of bound or the value is 0, which I am sure that it is not because I just put a constant value in the register.

I tried info locals but I get the message "No symbol table info available".

Answer1:

First you need to compile debugging the symbols into your binary. Use the -g option on gcc with your current command to do this. If you're using a different compiler you will need to consult its documentation. After this, 'info locals' and the print command will work.

To look at any local variable all you need to do is use the 'print' command. For example to look at the local variable 'i' it's as easy as 'print i'.

You should be able to handle $eax in the same way as $ebp. I suspect you have problems because you're using x/s. x/s will try and print out a string, and so it will continue until it hits a null character. If this doesn't happen for a long time then the length of the string will go out of bounds. Try 'x/d $eax'. You can even do 'print $eax'. You can also use 'info registers' to get all the register data.

Answer2:

<blockquote>

I know that you can find any parameters by looking at a positive offset from $ebp using gdb

</blockquote>

This only works for some processors and some calling conventions, and is by no means universal.

Assuming you only care about x86, and that your code is compiled with frame pointers (which used to be the default, but no longer is the default for GCC 4.6 in opt mode), locals are allocated at a fixed negative offset from %ebp.

Obviously if you can rebuild your code with debug symbols (with -g), then GDB will be able to just print their values, and you don't need to care how GDB finds them.

If you can't (e.g. because the code came from third party), you'll have to carefully look at disassembly, and guess. If you guess that some value is stored at %ebp-8, you can examine that value with GDB exactly the same way you examine positive offsets: (gdb) x/wx $ebp-8.

Beware: the compiler is free to lay out local any way it wants, so if you declare

int x, y, z;

the compiler is free to store x at %ebp-16, y at %ebp-20, and z at %ebp-12.

Recommend

  • Failed to execute 'getComputedStyle' on 'Window': parameter 1 is not of type �
  • How to add different enum values to a Set as unique entities?
  • Jquery's Ajax Property For Asp.Net 2.0
  • Tap Gesture on List View Items
  • Java Regex Finding digits in a String
  • Removing URL .php extension gives 404 error
  • Quartz clustering load balancing algorithm internal implementation in Jdbcjobstore
  • NOTE or WARNING from package check when README.md includes images
  • Fixing corrupt encoding (with Python)
  • Spring batch pause/resume vs stop/restart
  • Encode string to Base64 in Inno Setup (Unicode Version of Inno Setup)
  • can I build CMakeLists.txt from a set of smaller files (to improve the readability and maintainabili
  • Arc gradients in Flutter?
  • the IBM_JAVA error for running jobs in Hadoop 2.2.0
  • Can Node.JS on OpenShift be upgraded?
  • Threads and Concurrent Modification Exception working with a list
  • I need a PHP mySQL Login script that directs user to specific URL based on username and password
  • Facebook friend list in Facebook Android SDK 3.14
  • Sample deviceQuery cuda program
  • Java Collections.shuffle() weird behaviour [closed]
  • How to join two tables from different databases
  • Thumbnails for mxml components in Flex
  • Separating definition/instantiation of template classes without 'extern'
  • How to check if a database and tables exist in sql server in a vb .net project?
  • When to use the tag in the head and body section of a html page? [duplicate]
  • Can I read another applications memory?
  • Create an average of multiple excel chart without the data source
  • Rotating Towards Path in OpenGL
  • Is there a better way for handling SpatialPolygons that cross the antimeridian (date line)?
  • How to make 100% div height between header and footer?
  • Why is ordered choice in pyparsing failing for my use case?
  • Terminal run dalvikvm with am.jar
  • Stacked bar chart with continuous time-axis as x-axis
  • How to change user identity when git pushing via ssh?
  • Why isn't stemDocument stemming?
  • Apple Mach-O Linker error (“duplicate symbol”)
  • Excel VBA : conditional formatting of sheet1 cells from sheet2 values in excel 2007
  • Angular FormGroup won't update it's value immediately after patchValue or setValue
  • No OpKernel was registered to support Op 'Conv2D' with these attrs
  • ARKit code issue {unknown error -1=ffffffffffffffff error: Task failed with exit 1}