Menu
Can some please help me to understand this:-
(gdb) info frame Stack level 0, frame at 0xb75f7390: eip = 0x804877f in base::func() (testing.cpp:16); saved eip 0x804869a called by frame at 0xb75f73b0 source language c++. Arglist at 0xb75f7388, args: this=0x0 Locals at 0xb75f7388, Previous frame's sp is 0xb75f7390 Saved registers: ebp at 0xb75f7388, eip at 0xb75f738c What is "ebp, eip Locals at and Previous Frame's sp " means? Please explain
577
The info frame command displays a lot of low-level information about a frame. Use info args and info locals commands to see more concise output.
"saved eip 0x804869a" shows the VALUE of the saved instruction pointer i.e. where exactly to return to in the program. However, this value is saved onto the stack at a particular address.
Selects a stack frame or displays the currently selected stack frame.
Able to view and traverse the function call stack using the where, up, down and frame commands.
(gdb) info frame
stack level 0
frame at 0xb75f7390
eip = 0x804877f in base::func() (testing.cpp:16); saved eip 0x804869a
eip is the register for next instruction to execute (also called program counter). so at this moment, the next to execute is at "0x804877f", which is line 16 of testing.cpp.
saved eip "0x804869a" is so called "return address", i.e., the instruction to resume in caller stack frame after returning from this callee stack. It is pushed into stack upon "CALL" instruction (save it for return).
called by frame at 0xb75f73b0
source language c++
Arglist at 0xb75f7388, args: this=0x0
Locals at 0xb75f7388,
address of local variables.
Previous frame's sp is 0xb75f7390
this is where the previous frame´s stack pointer point to (the caller frame), at the moment of calling, it is also the starting memory address of called stack frame.
Saved registers: These are the two addresses on the callee stack, for two saved registers.
ebp at 0xb75f7388 that is the address where the "ebp" register of the caller´s stack frame saved (please note, it is the register, not the caller´s stack address). i.e., corresponding to "PUSH %ebp". "ebp" is the register usually considered as the starting address of the locals of this stack frame, which use "offset" to address. In another word, the operations of local variables all use this "ebp", so you will see something like mov -0x4(%ebp), %eax, etc.
eip at 0xb75f738c as mentioned before, but here is the address of the stack (which contains the value "0x804877f").
182
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
