GDB Registers

Published 2015-02-20, last edit 2020-05-03

This will serve as a brief guide on setting up GDB to step through assembly code and witness register changes on the fly.

1. Compile the program to debug #

I’m assuming here that you have the source of the C file that you wish to step through(this post assumes you are trying to learn about registers for educational purposes).

Create a Makefile for your architecture(s) of choice. Here is an example of a Makefile for 3 of them:

all: 32bit 64bit 64bitInLine

32bit: MyProgram.c gcc -g -O1 -fno-inline -fno-omit-frame-pointer -m32
MyProgram.c -o MyProgram

64bit: MyProgram.c gcc -O1 -fno-inline MyProgram.c -o MyProgram\_64bit

64bitInLine: MyProgram.c gcc -O1 MyProgram.c -o MyProgram\_64bit\_inline

This should result in 3 output files with different assembly associated with each.

2. GDB #

The GNU Project Debugger(GDB) is a fantastic tool that I am still learning about. If you have no idea what it is, it is a fairly powerful utility for debugging primarily c/c++ as I currently understand it. I recommend this crash course guide for a quick intro. One of it’s many features is the ability to step through and view registers as they change(the purpose of this post).

So, to run GDB on a program made for this purpose you can use: {% highlight bash linenos %} $gdb MyProgram #+endsrc

once at the GDB prompt, set a breakpoint at the main() function and then run the program - this will cause the breakpoint to instantly be hit.

(gdb)break main

The command we can use from here to step through the program by assembly line is ’si’(step instruction). However, we would not be able to see the values of registers as they change on the fly - this is accomplished with a tui view. You can activate the register tui layout with the command layout reg, which will result in something like this:

Figure 1: GDB

And now you can step through each instruction using ’si’. As registers change value, they will be highlighted in the top window. Have fun!