I have a pointer to a string
void *s = "now is the time for all"
and I wish to print it as an integer of 32-bit size:
gdb) p /x *((int *)s)
What is the equivalence in lldb parlance?
Exactly that, except you can't put a space between the p and the /x.
lldb's command syntax is not the same as lldb's (for more details see:
http://lldb.llvm.org/tutorial.html
) but p (among others) was added (as an alias to the lldb expr command) for people more familiar with gdb's commands. However, to get the /x part working through lldb's command parser it has to be directly postpended to the actual command name so it isn't confused with arguments and options. So:
(lldb) p/x *((int *) text_to_use)
(int) $1 = 0x8f06c8c0
There's also a cheat sheet for lldb <-> gdb commands here:
http://lldb.llvm.org/lldb-gdb.html
which you might find handy.
Related
I was using GDB on a 64-bit machine:
(gdb) show arch
The target architecture is set automatically (currently i386:x86-64)
(gdb) p sizeof(void*)
$1 = 8
I had a pointer stored on 0x600fe8:
(gdb) x /xg 0x600fe8
0x600fe8: 0x00007ffff7bd5680
I tried to examine what the pointer stored here was pointing to, so I used:
(gdb) x *0x600fe8
0xfffffffff7bd5680: Cannot access memory at address 0xfffffffff7bd5680
(gdb) x /g *0x600fe8
0xfffffffff7bd5680: Cannot access memory at address 0xfffffffff7bd5680
It seems that gdb took only 4 bytes as a pointer from 0x600fe8 and sign extended it.
How could I fix this? Thanks.
Research I've done:
Didn't find my scenario on:
GDB doc
Google
Try:
x *(void**)0x600fe8
As #zwol mentioned in the comment, gdb needs type information about the operand to decide its size. This type casting tells gdb that 0x600fe8 is a pointer to a pointer.
Say for instance I have a 32 element unsigned char array at address 0xdeadbeef. I would like to overwrite the contents of the array in memory. I am not compiled with -g, and so cannot just do a "set [variable name] = [my value]".
Is it possible to set the contents of the memory all at once?
I've seen someone try set *((unsigned char*) 0xdeadbeef) = "abcdefghijklmnop", but this doesn't appear to work.
Alternatively, if it isn't possible (for instance, because how would gdb know to convert that to the hex ascii representation?), is it possible to give multiple bytes, words, etc all at once? For example, I could just calculate the value in hex that I want the array to represent, but can I feed it all at once? Something like: set 0xdeadbeef = 0x4142434445464748495051
There's alternative of writing char array in one command, without standard functions like strcpy().
set *(char [CHAR_ARRAY_SIZE] *) <WRITE_ADDRESS> = "YOUR_CHAR_ARRAY"
where CHAR_ARRAY_SIZE is the size of YOUR_CHAR_ARRAY, plus extra NULL byte (null-terminated string).
e.g.
set *(char [15] *) 0x20018000 = "Write a string"
(Posting this just so the question has an "official" answer)
Carl's statements in the comments are entirely correct. You can do the following in gdb:
call strcpy(0xdeadbeef, "mystring")
This works for any of the functions included in the statically linked C library (memset, strncpy, etc).
I have this address, 0x8002bf20, and I need to see what's inside there. I know GDB does nice things like "print x" and I'll see something like struct ex {x: 1, y: 2}
I need to see that kind of print output for this address I need to examine.
Thanks.
If you know the type of the structure at that address, you can coerce GDB to print it with:
(gdb) print *(struct mystruct *) 0x8002bf20
If you do not know the type of the structure, then the best you can do is the x command which you already mentioned -- although do be aware that there's no harm in casting to the 'wrong' type, so you can try various structures with print *(struct mystruct *) until the output looks plausible.
Ok, so I'm trying to learn gdb. I know most of the basics but I have not been able to figure out how to examine a pointer to a pointer in a oneliner. It might be possible by defining a macro/command but I haven't been able to do so.
This question began when learning the cdecl calling convention where $esp contained a pointer to a string, passed as an argument to a function. In order to get this out I had to do the following:
gdb$ x $esp+0x08
0xbffff6a4: 0x980eb192
gdb$ x/s 0x980eb192
0x980eb192: "Hello world"
So, the question is. Can this be done in an easier way? Cutting and pasting just feels too slow.
Appreciate any hints/ideas!
(gdb) x/s *(char**)($esp+8) might do the trick.
You can reuse results of print in subsequent expressions:
(gdb) p *(void **)($esp + 4)
$4 = (void *) 0x80aec48
(gdb) x/s $4
0x80aec48: "alabala"
Is it Possible to get the name of array the pointer pointing to?
example:
char name[20];
char *p = name
int door_no;
int *q = &door_no
In the above example we are giving the base address of the array with the array name and pointer q pointing to door_no but what if, I have to know the name of the variable the array is pointing to? What is the variable name pointer q is pointing to? Is it possible? I tried and came to the conclusion that it's not possible but still I am trying to get the solution. What you think guys? Is there any way to make it possible?
No, you can't do that. The names of variables do not even exist after your code is compiled and linked (unless you're keeping debugging information around), so you can't get at it at run time.
In C (in contrast to very dynamic languages such as JavaScript or classical Lisp), the only role of variable names is to tell the compiler/linker which declaration you're pointing at when you mention a variable in the source code. Once these connections have been made and represented in the compiler's internal data structures, there is no further use for the names (again, except for debugging and/or pretty-printing of error messages from the compiler).
Everything that Henning said before me is correct. In addition, the target of a pointer might not even have a variable name. For example, consider:
char a;
char *ptr = &a + 5;
Now ptr is pointing somewhere that doesn't have anything to do with a (and in fact might be pointing outside of the memory allocated for your program and doing anything with that pointer could cause a segmentation fault).
It is not possible to get the name of the variables p or q point to if you compile and execute the program traditionally, because one of the things the compiler does is forget the name of the variables, keeping only addresses.
Depending on what you are trying to do, you may execute the program in a non-traditional execution environment where the names are preserved. For instance,
~ $ cat t.c
main(){
char name[20];
char *p=name;
int door_no;
int *q= & door_no;
}
~ $ frama-c -val t.c
[kernel] preprocessing with "gcc -C -E -I. t.c"
...
[value] ====== VALUES COMPUTED ======
[value] Values for function main:
p ∈ {{ &name ;}}
q ∈ {{ &door_no ;}}
__retres ∈ {0; }