Why doesn't info register ebp in gdb display a decimal number?

Question

Why doesn't info register ebp in gdb display a decimal number?

I am debugging a very simple code using gdb:

mov ebp,eax ; Save # of bytes read from file for later

Here is my conclusion:

 Breakpoint 2, Read () at hexdump1.asm:44 (gdb) info register eax eax 0xd 13 (gdb) step Read () at hexdump1.asm:45 (gdb) info register ebp ebp 0xd 0xd

Why does gdb show me 0xd 13 for eax, but 0xd 0xd for ebp?

+1

assembly debugging x86 gdb

Koray tugay Jan 15 '15 at 18:12

source share

2 answers

The info registers command displays registers both in raw format (hexadecimal) and in natural format. The natural format is based on the type of register declared in xml files in the gdb source code. For example, i386/32bit-core.xml contains:

 <reg name="eax" bitsize="32" type="int32"/> <reg name="ecx" bitsize="32" type="int32"/> <reg name="edx" bitsize="32" type="int32"/> <reg name="ebx" bitsize="32" type="int32"/> <reg name="esp" bitsize="32" type="data_ptr"/> <reg name="ebp" bitsize="32" type="data_ptr"/> <reg name="esi" bitsize="32" type="int32"/> <reg name="edi" bitsize="32" type="int32"/> <reg name="eip" bitsize="32" type="code_ptr"/> <reg name="eflags" bitsize="32" type="i386_eflags"/> <reg name="cs" bitsize="32" type="int32"/> <reg name="ss" bitsize="32" type="int32"/> <reg name="ds" bitsize="32" type="int32"/> <reg name="es" bitsize="32" type="int32"/> <reg name="fs" bitsize="32" type="int32"/> <reg name="gs" bitsize="32" type="int32"/>

Inside gdb you can view the type of register:

 (gdb) whatis $eax type = int32_t (gdb) whatis $ebp type = void *

+4

Mark plotnick Jan 16 '15 at 18:31

source share

Blechdose · Accepted Answer · 2015-01-15T18:57:20+0000

Your question: why is (gdb) info register eax displaying the contents of EAX with hexadecimal and decimal, and (gdb) info register ebx uses only hexadecimal numbers for EBP, right?

This is not only the case for EBP, but also for ESP, EFLAGS and EIP. I think it does not really matter. gdb is just trying to display it in a useful way. For example, for EFLAGS you want to see the status of the flags, not the decimal number (in the IF example below). In the case of EBP and ESP, we are talking about registers, which are usually used to indicate the address in the stack / memory. So you usually don't want to know the decimal value. Well, in this case, showing the hexadecimal twice is useless though.

Here is an example that displays the contents of all registers using the info registers command ( ir is a short form, I just found out: P).

  (gdb) ir
     eax 0x0 0
     ecx 0x0 0
     edx 0x0 0
     ebx 0x0 0
     esp 0xbffff234 0xbffff234
     ebp 0x0 0x0
     esi 0x0 0
     edi 0x0 0
     eip 0x804822d 0x804822d 
     eflags 0x202 [IF]
     cs 0x73 115
     ss 0x7b 123
     ds 0x7b 123
     es 0x7b 123
     fs 0x0 0
     gs 0x0 0

Additional information: https://sourceware.org/gdb/onlinedocs/gdb/Registers.html

Why doesn't info register ebp in gdb display a decimal number?

More articles: