GDB stack trace and assembly debugging

Source: Internet
Author: User
Tags stack trace gdb debugger

GDB stack trace and assembly debugging

Analysis process

Gcc-g 32-bit assembly on a 64-bit machine using the example.c-o example-m32 Directive error: fatal error

You need to download the installation library file

Command: sudo apt-get install libc6-dev-i386

Then one more operation will produce the Assembly

? Open the GdB debugger with the gdb gdb1 directive

? Use the break main directive to set a breakpoint at the main function, and remember to run the code with the r instruction first, and you can see the error that occurs when the runtime stops at the main function position:

Use the disassemble directive to get the assembly code (because there are-m32 in the previously executed command, so here is the 32-bit assembly code shown here)

? Use the I r command to view the values of each register

Visible at this time the main function's stack base address is 0xffffd068, with the x 0xffffd068 instruction to see the values in the memory addresses:

As a result, the current%ESP refers to the stack content of 0,%EBP refers to the content is also 0

? use display/i $pc (combined with the display command and register/PC internal variables) instructions to set

This allows the currently executed statement to be displayed at each execution of the next assembly statement for easy viewing.

? Debug the assembly code as follows, and view the%esp,%EBP, and stack contents:

? (1), single-step tracking of a machine instruction using SI command

? (2), use the i r command to see the values of each register (see%EIP,%eax,%esp and%EBP here)

? (3), use x/na%esp corresponding value instruction to view stack changes

Repeat the above three steps until the end

? Main function Assembly code

? Starting with the main function, the push $0x13 allocates 4 bytes of stack space and sets the arg1=19

Call calls F (0x80483e6)

? Execute the F function, F initialize the frame pointer, put the base address of the previous function into the stack, and the current%ESP as the new base address

F Allocate stack space to prepare for the transfer of parameters

? PUSHL 0x8 (%EBP) to deposit 8 of%ESP in the stack

Call calls G (0X80483DB)

? Execute g function, g initialize stack pointer

? g Allocation Stack space

? PUSHL 0x8 (%EBP) to deposit 8 of%ESP in the stack

? Add%eax to immediate number 19

? pop%EBP the stack before G ends

RET returns the call position in G, ending the G function

? Add%esp to immediate number 4

? Leave back to prep stack

RET returns the call position in F, ending the F function

Enter the main function to add the%ESP to the immediate number 4

? Add%eax to immediate number 19

? Leave back to prep stack

? RET End Main function

GDB stack trace and assembly debugging

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.