From: Francois <rigault.francois@gmail.com>
To: gdb@sourceware.org
Subject: better assembly level debugging
Date: Mon, 02 May 2011 15:34:00 -0000 [thread overview]
Message-ID: <BANLkTi=NhwR2_F584nsxVhvDtTuxPMB0Ag@mail.gmail.com> (raw)
Hello
I'm trying to do some machine code-level debugging using GDB.
Basically, I'm debugging a C application that provides no debugging
symbol.
GDB works greatly, and I think a few customization could make it as
nice as the other popular debugging alternatives for this task (like
OllyDbg for Win32).
- defining labels
reverse engineering is very difficult without debugging symbols. It
would be very handy if I could (like on IDA or OllyDbg) define my own
labels. That would be for example user-defined symbols, which could be
used to get a nicer output.
For example
set label 0x402000 log_error
would define a new symbol "log_error". Further disassembly of "call
0x402000" instruction, or stepping near this address would give a
cleaner output.
- pretty printer for instructions
GDB could pretty print what it disassembles so that values of operands
are introspected (looking for strings or functions especially)
Let's take an example :
#include <stdio.h>
#include <wchar.h>
int main() {
int (*printIt) (const wchar_t*, ...) = wprintf;
const wchar_t* foo = L"foo 42";
printIt(foo);
}
compiled with g++ -o wide wide.cpp, I see:
=> 0x0000000000400690 <+4>: sub $0x10,%rsp
0x0000000000400694 <+8>: movq $0x400578,-0x10(%rbp)
0x000000000040069c <+16>: movq $0x4007ac,-0x8(%rbp)
...
which contains zero indication for reading.
I would expect
0x400578 to be commented as # <wprintf@plt> and
0x4007ac to be commented as # L"foo 42"
moreover, if compiled with g++ -o wide wide.cpp -fPIC, the first lines
above change to
=> 0x400680 <main+4>: sub $0x10,%rsp
0x400684 <main+8>: mov 0x1003fd(%rip),%rax # 0x500a88
0x40068b <main+15>: mov %rax,-0x10(%rbp)
0x40068f <main+19>: lea 0x106(%rip),%rax # 0x40079c
once again, we need to run
x/a 0x500a88
x/ws 0x40079c
to get an understandable disassembly.
Do you think these features could be integrated in GDB? If yes I could
send some code for review.
Francois
next reply other threads:[~2011-05-02 15:34 UTC|newest]
Thread overview: 2+ messages / expand[flat|nested] mbox.gz Atom feed top
2011-05-02 15:34 Francois [this message]
2011-05-02 16:13 ` Phil Muldoon
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to='BANLkTi=NhwR2_F584nsxVhvDtTuxPMB0Ag@mail.gmail.com' \
--to=rigault.francois@gmail.com \
--cc=gdb@sourceware.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).