Lab 2 : DEBUG CHƯƠNG TRÌNH DÙNG TRÌNH GDB

1. Chuẩn đầu ra : Sau bài này, người học có thể :

 Debug được chương trình
2. Chuẩn bị : Đọc trước phần lý thuyết về các lệnh của Debug.
3. Phương tiện :
 Máy vi tính.
 Chương trình gdb của hệ điều hành.
4. Thời lượng : 4 tiết
5. Tóm tắt lý thuyết : Giới thiệu về trình debug trên linux
GNU Debugger (GDB) is one of the most important tool while writing any low-
level program. We will see the basic usage of GDB. Using GDB is simple. Here
see yourself
$ gdb <options> <executable>
Well not really!!! Let me help you to understand some important options of GDB.

First type “$ gdb -h” to get all the available options. Out of all that the only option
use is “-q” which is quit start. It just suppresses licensing info. Another option
which can be helpful is “-p” which is used for attaching already running process to
GDB.

So now the program is loaded, we will see some internal options.

Inspecting loaded executable inside GDB:

- “info” (i) command is used for extracting information of various kind. Just type
“(gdb) help info” to get every available option. Some useful options are:
2. info registers — List of integer registers and their contents
3. info symbol — Describe what symbol is at location ADDR
4. info breakpoints — Status of specified breakpoints (all user-
settable breakpoints if no argument)
5. info files — Names of targets and files being debugged
- “break” (b) command is used for setting a break point. This breakpoint can be set
against “address”, “function” etc. GDB also offers facility of conditional
breakpoints, which we will be using multiple times
- “run” (r) command will run the loaded executable inside GDB.
- “disassemble” (disas) is the command to disassemble the pointed instruction.
- “stepi” command will help to execute step by step execution.

Thực hành CTMT&HN-2019 Khoa CNTT – ĐHSPKT TP.HCM Trang - 1

- “x” command is used for Examining the memory in various formats. We will look
it more details in future posts.
- “print” (p) command will print register values.
-
6. Tóm tắt các lệnh trong debug

Command Example Description

run start program

quit quit out of gdb

cont continue execution after a break

break
break [addr] sets a breakpoint
*_start+5

delete [n] delete 4 removes nth breakpoint

delete removes all breakpoints

info break lists all breakpoints

stepi execute next instruction

stepi [n] stepi 4 execute next n instructions

nexti execute next instruction, stepping over function calls

execute next n instructions, stepping over function

nexti [n] nexti 4
calls

where show where execution halted

Thực hành CTMT&HN-2019 Khoa CNTT – ĐHSPKT TP.HCM Trang - 2

disas [addr] disas _start disassemble instructions at given address

info registers dump contents of all registers

print/d
print/d $ecx print expression in decimal
[expr]

print/x
print/x $ecx print expression in hex
[expr]

print/t [expr] print/t $ecx print expression in binary

x/NFU x/12xw
Examine contents of memory in given format
[addr] &msg

display automatically print the expression each time the

display $eax
[expr] program is halted

info display show list of automatically displays

undisplay [n] undisplay 1 remove an automatic display

7. Nội dung thực hành

7.1. Nạp chương trình sau vào
6. ; This is simple hello world code
7. ; Author: SLAER (Shashank Gosavi)
8.
9. global _start
10.
11. section .text
12. _start:
13.
14. xor ecx, ecx ; Clearing ECX
15. xor ebx, ebx ; Clearing EBX
16. mul ecx ; Clearing EAX, EDX
17.
18. ; Write subroutine
Thực hành CTMT&HN-2019 Khoa CNTT – ĐHSPKT TP.HCM Trang - 3
 19.
20. mov eax, 0x4 ; Moving Write syscall number into EAX
21. mov ebx, 0x1 ; Moving file descriptor into EBX
22. mov ecx, $msg ; Moving actual buffer into ECX
23. mov edx, $len ; Moving the count into EDX
24. int 0x80 ; Interrupt 80
25.
26. ; Graceful Exit
27. mov eax, 0x1 ; Moving Exit sysscall number into EAX
28. mov ebx, 0x0 ; Moving status number = 0 in EBX
29. int 0x80 ; Interrupt 80
30.
31. section .data
32. msg: db "Hello World!",0x0A
33. len: equ $-msg
- lưu chương trình với tên là helloworld.nasm
- biên dịch chương trình với nasm
- liên kết chương trình với ld
-
7.2. Khởi động chương trình Debug :
- Load program in GDB

- Type following command to get details about list of symbols in the executable.

- Now set breakpoint for _start function.

- Now run the program.

Thực hành CTMT&HN-2019 Khoa CNTT – ĐHSPKT TP.HCM Trang - 4

 You can observe that on running the program the break point is hit. This is because
execution starts with _start.
- Now we can check the registers etc. Lets do that

As we can see since program is not running register values are mostly zero. Mind
you that these values are relative.
- Lets disassemble the code. Note that disas command can disassemble address,
function or register value. In our case we have disassembled EIP register value,
which is address of next instruction

The arrow (=>) is showing next instruction to be executed.

Thực hành CTMT&HN-2019 Khoa CNTT – ĐHSPKT TP.HCM Trang - 5

 - Now lets see one interesting feature of GDB called Hook. Hook is basically
used for binding number of instruction to be executed per instruction. So lets
“define hook-stop”

Here I have defined very simple hook. It will disassemble $eip and next 10
instructions, then display value of EAX, EBX, ECX, EDX respectively. On
running program, you’ll get following output:

We can observe the step by step changes in the value of registers. So after couple
of “stepi”s it will be something like below.
- Gõ liên tiếp một số lần lệnh stepi
- Kết quả sẽ như hình vẽ

Thực hành CTMT&HN-2019 Khoa CNTT – ĐHSPKT TP.HCM Trang - 6

Thực hành CTMT&HN-2019 Khoa CNTT – ĐHSPKT TP.HCM Trang - 7
 -
7.3. Lưu ý :
- Update: I forgot to tell you one very important thing. By default follows ATT
convention disassembled code. Above disassembly convention is ATT (full of $
and %). To change the convention to Intel, use following command:
- (gdb) set disassembly-flavor intel
- Now if you run “disas” command you can see following:

- Finally just type “c” to continue execution. It will execute the program to the
end, if no other breakpoint present.

7.4. Luyện tập thêm

Thực hành CTMT&HN-2019 Khoa CNTT – ĐHSPKT TP.HCM Trang - 8

 7.4.1. Nạp chương trình sau
; Title: Data Types

; Description: Simple code to understand datatypes and

representation in IA-32

; Author: Shashank "SLAER" Gosavi

global _start

section .text

_start:

; Graceful Exit code

mov eax, 1

mov ebx, 0

int 80h

section .data

var1: db 0x55 ; Just byte 0x55

var2: db 0x55, 0x56, 0x57 ; three bytes in succession

var3: db 'a', 0x55 ; character constant

var4: db 'hi', 14, 15, '$' ; string constant

var5: dw 0x1234 ; 0x34 0x12 due to Little

Endianness

var6: dw 'a' ; 0x61 0x00 (just number)

var7: dw 'ab' ; Character constant

var8: dw 'abc' ; 0x61 0x62 0x63 0x00 (string)

var9: dd 0x12345678 ; 0x78 0x56 0x34 0x12

var10: dd 1.234567e20 ; floating-point constant

var11: dq 0x123456789abcdef0 ; eight-byte constant

var12: dq 1.234567e20 ; double-precision float

var13: dt 1.234567e20 ; extended-precision float

Thực hành CTMT&HN-2019 Khoa CNTT – ĐHSPKT TP.HCM Trang - 9

 section .bss

buffer: resb 64 ; reserve 64 byte

wordvar: resw 1 ; reserve a word

7.4.2. Các bước tiếp theo
- Lưu tập tin với tên datatypes.nasm
- Biên dịch file nguồn bằng lệnh nasm
- Liên kết mã đối tượng bằng lệnh ld
7.4.3. Debug chương trình theo trình tự sau
- Ra lệnh gdb –q ./datatypes

- (Executable Loaded in GDB with Breakpoint set to “_start” symbol. “r” for
starting execution of code)
- First, we will list out all the variables present in the code with “info
variables” command.

Thực hành CTMT&HN-2019 Khoa CNTT – ĐHSPKT TP.HCM Trang - 10

 - To examine contents of variables and registers, “x” command is used in
GDB. “help x” command will show following output.

- Now based on above screenshot, you can understand below screenshots.

Thực hành CTMT&HN-2019 Khoa CNTT – ĐHSPKT TP.HCM Trang - 11

 - You can observe that I have tried couple of options here. You also have to
do trial and error to get intended output. Same goes with next screenshot.

Thực hành CTMT&HN-2019 Khoa CNTT – ĐHSPKT TP.HCM Trang - 12

 - You must try this all by yourself. That’s the only way to learn… Anyways,
I hope this is sufficient to help you understand how to use x command.

Thực hành CTMT&HN-2019 Khoa CNTT – ĐHSPKT TP.HCM Trang - 13