Reputation: 651
How to interpret GDB "info frame" output?
Can some please help me to understand this:
(gdb) info frame
Stack level 0, frame at 0xb75f7390:
eip = 0x804877f in base::func() (testing.cpp:16); saved eip 0x804869a
called by frame at 0xb75f73b0
source language c++.
Arglist at 0xb75f7388, args: this=0x0
Locals at 0xb75f7388, Previous frame's sp is 0xb75f7390
Saved registers:
ebp at 0xb75f7388, eip at 0xb75f738c
What do
- ebp
- eip
- Locals at
- Previous Frame's sp
mean?
Upvotes: 61
Views: 40763
Answers (3)
Reputation: 7513
(gdb) info frame
stack level 0
- Frame number in backtrace. 0 is the current executing frame, which grows downwards, in consistence with the stack.
frame at 0xb75f7390
- Starting memory address of this stack frame.
eip = 0x804877f in base::func() (testing.cpp:16); saved eip 0x804869a
eip is the register for the next instruction to execute (also called program counter). So at this moment, the next instruction to execute is at "0x804877f", which is line 16 of
testing.cpp.saved eip "0x804869a" is the so called "return address", i.e., the instruction to resume in the caller stack frame after returning from this callee stack. It is pushed onto the stack upon the "CALL" instruction (save it for return).
called by frame at 0xb75f73b0
- The address of the caller stack frame.
source language c++
- Which language is in use.
Arglist at 0xb75f7388, args: this=0x0
- The starting address of arguments.
Locals at 0xb75f7388,
- Address of local variables.
Previous frame's sp is 0xb75f7390
- This is where the previous frame's stack pointer points to (the caller frame), at the moment of calling. It is also the starting memory address of the called stack frame.
Saved registers
- These are the two addresses on the callee stack, for two saved registers.
ebp at 0xb75f7388
- That is the address where the "ebp" register of the caller's stack frame is saved (please note, it is the register, not the caller's stack address), i.e., corresponding to "PUSH %ebp". "ebp" is the register usually considered as the starting address of the locals of this stack frame, which use "offset" to address.
In other words, the operations of local variables all use this "ebp", so you will see something like
mov -0x4(%ebp), %eax, etc.
eip at 0xb75f738c
- As mentioned before, but here it is the address of the stack (which contains the value "0x804877f").
Upvotes: 100
Reputation: 361
I know this questions is from ... 8 years ago. But for future users, I found a very clear outline of the info here.
This is pulled from the aforementioned link:
info frame
info f
This command prints a verbose description of the selected stack frame, including:
the address of the frame
the address of the next frame down (called by this frame)
the address of the next frame up (caller of this frame)
the language in which the source code corresponding to this frame is written
the address of the frame’s arguments
the address of the frame’s local variables
the program counter saved in it (the address of execution in the caller frame)
which registers were saved in the frame
Upvotes: 1
Reputation: 213496
To understand what "ebp, eip Locals at and Previous Frame's sp" mean, you need to understand the x86 calling convention.
Once you understand how frames are laid out, all the other things will be obvious.
Upvotes: 4
Related Questions
- When debugging with gdb, what is the meaning of the debugging information in the front of the assembly code?
- What does ?? in gdb backtrace mean and how to get the actual stack frames?
- I was debugging a C program using gdb and I get the following output when I check the value of a variable. What does it signify?
- I can't understand the output of gdb
- Interpretation of GDB output
- How to interpret gdb disassemble output?
- Interpreting a gdb backtrace
- Understanding gdb output
- Interpreting gdb output
- What does this mean in gdb?