GDB Dis-Flavor set to Intel, but showing AT&T-style

Question

I've set the disassembly-flavor of the gdb-debugger to Intel (both: su & normal user), but anyway it's still showing the assembly-code in AT&T notation:

patrick@localhost:~/Dokumente/Projekte$ gdb -q ./a.out
Reading symbols from ./a.out...done.
(gdb) break main
Breakpoint 1 at 0x40050e: file firstprog.c, line 5.
(gdb) run
Starting program: /home/patrick/Dokumente/Projekte/a.out 

Breakpoint 1, main () at firstprog.c:5
5   for(i=0; i < 10; i++)
(gdb) show disassembly
The disassembly flavor is "intel".
(gdb) info registers
rax            0x400506 4195590
rbx            0x0  0
rcx            0x0  0
rdx            0x7fffffffe2d8   140737488347864
rsi            0x7fffffffe2c8   140737488347848
rdi            0x1  1
rbp            0x7fffffffe1e0   0x7fffffffe1e0
(gdb) info register eip
Invalid register `eip'

I did restart the computer. My OS is Kali Linux amd64. I have the following questions:

• Why is gdb still showing the AT&T notation?
• Why is the register EIP (instruction pointer) shown as invalid register?

Answer 1

You are misunderstanding what disassembly flavour means. It means exactly that: what the disassembly looks like when you view machine code in a human-readable(ish) form.

To print registers (or use registers in any other context), you need to use $reg, such as $rip or $pc, $eax, etc.

If I disassemble one of my programs with at&t syntax, gdb shows this:

   0x00000000007378f0 <+0>: push   %rbp
   0x00000000007378f1 <+1>: mov    %rsp,%rbp
   0x00000000007378f4 <+4>: sub    $0x20,%rsp
   0x00000000007378f8 <+8>: movl   $0x0,-0x4(%rbp)
   0x00000000007378ff <+15>:    mov    %edi,-0x8(%rbp)
   0x0000000000737902 <+18>:    mov    %rsi,-0x10(%rbp)
=> 0x0000000000737906 <+22>:    mov    -0x10(%rbp),%rsi
   0x000000000073790a <+26>:    mov    (%rsi),%rdi
   0x000000000073790d <+29>:    callq  0x737950 <FindLibPath(char const*)>
   0x0000000000737912 <+34>:    xor    %eax,%eax

Then do this:

(gdb) set disassembly-flavor intel 
(gdb) disass main
Dump of assembler code for function main(int, char**):
   0x00000000007378f0 <+0>: push   rbp
   0x00000000007378f1 <+1>: mov    rbp,rsp
   0x00000000007378f4 <+4>: sub    rsp,0x20
   0x00000000007378f8 <+8>: mov    DWORD PTR [rbp-0x4],0x0
   0x00000000007378ff <+15>:    mov    DWORD PTR [rbp-0x8],edi
   0x0000000000737902 <+18>:    mov    QWORD PTR [rbp-0x10],rsi
=> 0x0000000000737906 <+22>:    mov    rsi,QWORD PTR [rbp-0x10]
   0x000000000073790a <+26>:    mov    rdi,QWORD PTR [rsi]
   0x000000000073790d <+29>:    call   0x737950 <FindLibPath(char const*)>
   0x0000000000737912 <+34>:    xor    eax,eax

and you can see the difference. But the names of registers and how you use registers on the gdb command-line isn't changing, you need a $reg in both cases.