an annotated example of using gdb --------------------------------- Here's what's in the demo.c folder : $ ls demo demo.c demo_objdump.txt demo_strings.txt Makefile _readme_demo.txt And here's what the demo.c program does when I run it : $ ./demo It's demo.c !!! -- part 0 -- What is your favorite color? blue You said 'blue'. -- part1 -- before: n1 = 12, n2 = 34, n3 = 5, n4 = 0 after: n1 = 34, n2 = 12, n3 = 5, n4 = 483 -- part2 -- fibbo(5) is 8 -- part3 -- (a (b) (c (d) (e))) (Are we having fun yet?) Now let's run gdb (the gnu debugger) on it. I've annotated the shell with comments starting with // ; the "(gdb)" that starts a line is a prompt; I type a command after that. --------------------------------------------------------------- $ gdb demo // run gdb GNU gdb ... (gdb) start // I always do this. Temporary breakpoint 1 at 0xb41 Starting program: .../demo Temporary breakpoint 1, 0x0000555555554b41 in main () (gdb) break swap // set a breakpoint at swap() Breakpoint 2 at 0x555555554916 (gdb) continue // run the program Continuing. It's demo.c !!! -- part 0 -- What is your favorite color? blue You said 'blue'. -- part1 -- before: n1 = 12, n2 = 34, n3 = 5, n4 = 0 Breakpoint 2, 0x0000555555554916 in swap () (gdb) disass swap // disassemble swap() Dump of assembler code for function swap: => 0x0000555555554916 <+0>: mov (%rdi),%eax // next line to run 0x0000555555554918 <+2>: mov (%rsi),%edx 0x000055555555491a <+4>: mov %edx,(%rdi) 0x000055555555491c <+6>: mov %eax,(%rsi) 0x000055555555491e <+8>: retq End of assembler dump. (gdb) info reg // look at all the registers rax 0x22 34 // return value rbx 0x5 5 rcx 0xd 13 rdx 0x5 5 rsi 0x7fffffffe324 140737488347940 // 2nd argument rdi 0x7fffffffe320 140737488347936 // 1st argument rbp 0x8 0x8 rsp 0x7fffffffe2d0 0x7fffffffe2d0 // stack pointer r8 0x24 36 r9 0x8 8 r10 0x0 0 r11 0x246 582 r12 0xd 13 r13 0x7fffffffe324 140737488347940 r14 0x7fffffffe320 140737488347936 r15 0x24 36 rip 0x555555554916 0x555555554916 // instruction pointer eflags 0x216 [ PF AF IF ] cs 0x33 51 // condition codes ss 0x2b 43 ds 0x0 0 es 0x0 0 fs 0x0 0 gs 0x0 0 (gdb) print /d $rdi // print as decimal register rdi $1 = 140737488347936 // ... which is this in base 10 (gdb) print /d *$rdi // dreference pointer; *ptr is C syntax $3 = 12 (gdb) x /d $rdi // another way; using gdb "examine" 0x7fffffffe320: 12 // address : value at that address (gdb) stepi // step one instruction forward 0x0000555555554918 in swap () // new program location (gdb) disass swap // look at code again Dump of assembler code for function swap: 0x0000555555554916 <+0>: mov (%rdi),%eax => 0x0000555555554918 <+2>: mov (%rsi),%edx // next instruction 0x000055555555491a <+4>: mov %edx,(%rdi) 0x000055555555491c <+6>: mov %eax,(%rsi) 0x000055555555491e <+8>: retq End of assembler dump. (gdb) info reg // look at the registers again rax 0xc 12 // CHANGED: value 12 was copied here rbx 0x5 5 rcx 0xd 13 rdx 0x5 5 rsi 0x7fffffffe324 140737488347940 rdi 0x7fffffffe320 140737488347936 rbp 0x8 0x8 rsp 0x7fffffffe2d0 0x7fffffffe2d0 r8 0x24 36 r9 0x8 8 r10 0x0 0 r11 0x246 582 r12 0xd 13 r13 0x7fffffffe324 140737488347940 r14 0x7fffffffe320 140737488347936 r15 0x24 36 rip 0x555555554918 0x555555554918 eflags 0x216 [ PF AF IF ] cs 0x33 51 ss 0x2b 43 ds 0x0 0 es 0x0 0 fs 0x0 0 gs 0x0 0 (gdb) x /x $rsp // stack pointer 0x7fffffffe2d0: 0x5555493f // ... which has address of return (gdb) backtrace // The functions now running. #0 0x0000555555554918 in swap () #1 0x000055555555493f in swap_and_stuff () #2 0x0000555555554a98 in part1 () #3 0x0000555555554b65 in main () (gdb) disass swap_and_stuff // Is 0x5555493f in swap_and_stuff? Dump of assembler code for function swap_and_stuff: 0x000055555555491f <+0>: push %r15 0x0000555555554921 <+2>: push %r14 0x0000555555554923 <+4>: push %r13 0x0000555555554925 <+6>: push %r12 0x0000555555554927 <+8>: push %rbp 0x0000555555554928 <+9>: push %rbx 0x0000555555554929 <+10>: mov %rdi,%r14 0x000055555555492c <+13>: mov %rsi,%r13 0x000055555555492f <+16>: mov %edx,%ebx 0x0000555555554931 <+18>: mov %ecx,%r12d 0x0000555555554934 <+21>: mov %r8d,%r15d 0x0000555555554937 <+24>: mov %r9d,%ebp 0x000055555555493a <+27>: callq 0x555555554916 0x000055555555493f <+32>: imul (%r14),%ebx // <<< HERE ! 0x0000555555554943 <+36>: mov %ebx,%eax 0x0000555555554945 <+38>: add 0x0(%r13),%eax 0x0000555555554949 <+42>: lea (%r12,%r12,2),%edx 0x000055555555494d <+46>: lea (%rdx,%r15,4),%ebx 0x0000555555554951 <+50>: lea 0x0(%rbp,%rbp,4),%edx 0x0000555555554955 <+54>: add %edx,%ebx 0x0000555555554957 <+56>: mov 0x38(%rsp),%esi 0x000055555555495b <+60>: lea (%rsi,%rsi,2),%ecx 0x000055555555495e <+63>: lea (%rcx,%rcx,1),%edx 0x0000555555554961 <+66>: add %edx,%ebx 0x0000555555554963 <+68>: add %ebx,%eax 0x0000555555554965 <+70>: pop %rbx 0x0000555555554966 <+71>: pop %rbp 0x0000555555554967 <+72>: pop %r12 0x0000555555554969 <+74>: pop %r13 0x000055555555496b <+76>: pop %r14 0x000055555555496d <+78>: pop %r15 0x000055555555496f <+80>: retq End of assembler dump.