debugging segment register FS using GDB [duplicate]

Question

Is there some way to read the x86-64 model-specific registers, specifically IA32_FS_BASE and IA32_GS_BASE, while debugging a program using GDB?

Less preferable would be a solution using a dynamic instrumentation package like Intel's Pintool, but it would be appreciated all the same.

Answer 1

Since gdb 8 the registers $fs_base and $gs_base are also available. These work in code dumps too, not just live programs.

Answer 2

The x86 MSRs can be read with the RDMSR instruction, which is privileged (Ring 0). In Linux there are system calls that a user thread can invoke to read FS_BASE and GS_BASE. There are no library wrappers for them, so you have to write code to invoke them yourself.

Here's one way to do it in C++, you add these global function definitions to your program:

#include <cstdint>
#include <asm/prctl.h>
#include <sys/syscall.h>
namespace x86 {
    uint64_t fs_base() {
        uint64_t fs_base;
        syscall(SYS_arch_prctl,ARCH_GET_FS,&fs_base);
        return fs_base;
    }
    uint64_t gs_base() {
        uint64_t gs_base;
        syscall(SYS_arch_prctl,ARCH_GET_GS,&gs_base);
        return gs_base;
    }
}

Now you can call these functions from gdb and print their return value in hex, like this:

(gdb) p/x x86::fs_base()
$1 = 0x7ffff5e01780
(gdb) p/x x86::gs_base()
$2 = 0x0
(gdb)