WEBVTT

00:00.380 --> 00:01.370
Hello, my name is Tayfun.

00:01.370 --> 00:04.970
And in this lecture we will step through the program with the debugger.

00:04.970 --> 00:08.900
Now, as we did in previous lecture, we will look at our program again.

00:08.900 --> 00:14.720
So actually, let's run it our Hello program that we will assemble a program, assembler language.

00:14.720 --> 00:17.300
And here this is our source code for it.

00:17.300 --> 00:21.560
So we will gdb hello again and that's it.

00:21.560 --> 00:26.300
So here what we're going to do is we will firstly.

00:27.150 --> 00:27.360
It.

00:28.530 --> 00:35.400
We will we will put a break in the program, which is pausing the execution and allowing us to examine

00:35.400 --> 00:36.540
a number of things.

00:36.540 --> 00:39.180
So here we will do break main.

00:39.330 --> 00:46.470
So here, as you can see here, it gave us output a breakpoint at, uh, 40 1110 file.

00:46.470 --> 00:46.740
Hello.

00:47.460 --> 00:49.950
And in line eight.

00:49.950 --> 00:53.070
And now in our case, this is the output here.

00:53.070 --> 00:53.340
So.

00:53.340 --> 00:57.900
But this memory numbers will be different at your PC.

00:58.380 --> 01:04.590
And now what we're going to do is we will run the program now run.

01:04.590 --> 01:07.590
And as you can see here, we also have the breakpoint here.

01:07.590 --> 01:13.980
So the debugger stops at the break and throws the next instruction that will be executed.

01:13.980 --> 01:20.880
So that is, uh, move here, move rax one is not executed yet.

01:21.460 --> 01:26.170
And now we will type this info registers here.

01:26.170 --> 01:31.400
And as you can see, we this is the gdb returns the output here.

01:31.420 --> 01:32.170
So.

01:32.920 --> 01:41.230
The content of these registers is not that important now, except for this recipe.

01:41.260 --> 01:44.680
Here we will, as you can see here, our IP.

01:45.100 --> 01:47.950
So the instructor instruction pointer.

01:47.950 --> 01:57.960
So the register our IP has the value of 40 1110, which is the memory address of the next instructions

01:57.970 --> 01:59.320
to execute.

01:59.350 --> 02:08.800
So remember, we put the breakpoint at the four 1110, and this is the same address for 11 1040 1110,

02:09.310 --> 02:09.880
same address.

02:09.880 --> 02:10.430
Right.

02:10.450 --> 02:15.100
So here, this points to the first instruction.

02:15.830 --> 02:19.040
And we also have mov rax one gdb.

02:19.820 --> 02:24.530
Let's actually put this somewhere move rax one gdb here.

02:25.190 --> 02:32.360
This stops and gdb stops just before the instructions and waits for your command.

02:33.180 --> 02:34.410
And it is not important.

02:34.410 --> 02:35.940
And it's sorry.

02:35.940 --> 02:42.390
It's important to remember that the instruction pointed to by RIP here.

02:42.420 --> 02:44.910
This rip is not executed.

02:45.520 --> 02:46.920
Not yet executed here.

02:46.920 --> 02:54.410
So in your case gdb may show something different from the 40 1110 that and that's okay.

02:54.420 --> 03:01.260
It is the address of that particular line in memory and which may be different depending on depending

03:01.260 --> 03:02.700
on your computer configuration.

03:02.700 --> 03:05.520
But in most cases it will be different than this.

03:05.520 --> 03:08.580
And now we will type the step.

03:09.850 --> 03:10.330
Yep.

03:10.540 --> 03:15.940
And as you can see here, we have this here now, which is the now we will also.

03:17.480 --> 03:19.900
Type I and are here.

03:19.910 --> 03:22.820
So this is the abbreviation for info registers.

03:22.820 --> 03:28.820
As you can see here I if stands for EHR info and r for registers.

03:30.460 --> 03:33.400
And after that we will get this output here.

03:33.490 --> 03:41.800
Now indeed Rax contains now zero here, 00X1 here actually.

03:42.700 --> 03:44.620
And here.

03:45.360 --> 03:47.100
0X11.

03:48.030 --> 03:50.850
And and the rip here.

03:50.880 --> 03:55.940
The rip here contains the address of the next instruction to execute.

03:55.950 --> 04:05.650
So we can also step further through the program and notice that how RSI receives the address of message.

04:05.880 --> 04:11.040
A message which prints the Hello World on the screen and exits.

04:11.040 --> 04:19.860
And notice also how Rip Rip points every time to the next instruction to execute.

04:19.950 --> 04:28.740
And here we also I want to discuss here is also some additional GDB commands here which is the break

04:28.740 --> 04:35.340
here or b sets a break point as we have done before in this lecture.

04:35.340 --> 04:39.570
So for example, we can also disable this uh, break point here.

04:39.570 --> 04:42.720
So disable break point.

04:42.990 --> 04:44.070
Uh, break.

04:45.940 --> 04:46.660
Point.

04:46.660 --> 04:49.270
And after that, you will enter the number in this case, actually.

04:49.360 --> 04:53.350
As you can see, this is the main is not the breakpoint number here.

04:54.530 --> 05:00.980
But also we also can, after disabling it, enable the break point again.

05:03.430 --> 05:04.150
Like this.

05:04.480 --> 05:06.910
And we also have the continue.

05:08.380 --> 05:14.590
Or see this is the continue the execution until the next breakpoint.

05:14.620 --> 05:21.400
As you can see here, we don't have we don't have breakpoints except that main breakpoint here with.

05:23.190 --> 05:26.160
And that's why our program exited normally.

05:26.160 --> 05:28.020
So our program done executed.

05:28.020 --> 05:35.580
And we also have the next we have this is to step over the current line and stop at the next line.

05:35.760 --> 05:38.360
So we also have help.

05:38.370 --> 05:42.310
This shows the help here, help or age.

05:43.180 --> 05:43.660
So.

05:45.070 --> 05:46.120
As you can see here.

05:46.120 --> 05:55.210
And we also have to enable this is enables the text user interface and to disable it, you can simply

05:55.210 --> 06:04.300
write why disable and we can also which you learned in previous lecture actually um, print and also

06:04.300 --> 06:07.750
print the value of a variable registers and so on.

06:08.480 --> 06:11.480
So now let's actually see some examples here.

06:11.510 --> 06:14.270
Uh, now we will print, uh, p.

06:14.570 --> 06:15.530
Racks.

06:15.560 --> 06:16.520
Racks here.

06:16.520 --> 06:21.320
And as you can see, there is a no registers because our program is already done executing.

06:21.380 --> 06:22.460
Now we will.

06:22.880 --> 06:24.710
Let's actually start this again.

06:24.740 --> 06:27.590
Clear the screen and gdb.

06:28.190 --> 06:28.580
Hello.

06:29.400 --> 06:34.800
And as you can see here, we started our, uh, debugging process from zero again.

06:34.800 --> 06:37.500
And now what we're going to do is we will start.

06:38.910 --> 06:40.410
We must set a break point.

06:40.620 --> 06:41.370
Break.

06:42.320 --> 06:43.890
Break main.

06:44.250 --> 06:48.640
And we can also enable or disable the break point as we did in previous.

06:48.660 --> 06:50.640
As you learned in here.

06:51.270 --> 06:51.960
In order to.

06:53.260 --> 06:53.680
Run it.

06:53.680 --> 06:59.290
So we will disable, as you can see here, when we set the break main here, we are getting this one

06:59.290 --> 07:03.820
number here so we can use it to disable break point.

07:03.820 --> 07:06.280
And after that we will set the number one.

07:06.280 --> 07:10.810
And as you can see, it's disabled and we can also delete the break point.

07:10.810 --> 07:13.360
So we disabled it but didn't delete it.

07:13.360 --> 07:17.320
So after that we can also enable a break point.

07:17.320 --> 07:26.710
So but if you deleted it, you need to define a Neve break Neve break here enable break point.

07:26.710 --> 07:31.840
And as you can see here, we also have the break point here enabled.

07:31.840 --> 07:34.870
And now we will delete the break point here.

07:34.870 --> 07:38.020
And after that you will enter the number and this is the list.

07:38.030 --> 07:45.610
So now if we enable this break point right now, enable break point one, we will get an error because

07:45.610 --> 07:47.710
the no break point number one.

07:47.710 --> 07:51.070
So now we will add our break point again.

07:51.070 --> 07:56.680
And after that we will run here or run our main program.

07:56.680 --> 08:01.690
And we will also use the info registers here that we did here.

08:01.690 --> 08:05.590
And as you can see, that's so this line is not executed.

08:05.590 --> 08:12.610
And now we will also get the info registers, info registers here and now.

08:14.920 --> 08:17.650
We will use this print function here.

08:17.770 --> 08:25.540
Now p here and this dollar sign rax and as you can see, we have this.

08:26.020 --> 08:26.740
And.

08:27.840 --> 08:29.250
P message here.

08:29.460 --> 08:34.510
As you can see, it's void because there's no message here, which the message is not stored.

08:35.190 --> 08:40.650
Variable type stored in the memory.

08:40.950 --> 08:44.020
So we need to get that memory address to print it out.

08:44.040 --> 08:45.930
In this case here.

08:49.700 --> 08:53.210
Of which we learned that in previous lecture.

08:53.210 --> 08:58.640
We did some examples to print the Hello world message using the GDB.

08:59.030 --> 09:07.430
And one important remark about the GDP is to properly use it, you must insert a function prologue and

09:07.430 --> 09:09.870
the function epilogue in your code.

09:09.890 --> 09:13.670
So I will show in the next sections how to do that.

09:13.670 --> 09:20.870
And in later sections we will discuss function, prologue and function epilogues when we talk about

09:20.870 --> 09:21.860
stack frames.

09:21.860 --> 09:27.980
So for short information, for short programs such as our Hello World program, there is no problem.

09:27.980 --> 09:35.810
But with longer and bigger and fancy programs, GDB will show an expected behavior if there is no prologue

09:35.810 --> 09:36.980
or epilogue.

09:36.980 --> 09:41.810
So play around with gdb refer to the online manual for example.

09:41.810 --> 09:46.190
You can also type the man gdb here man.

09:47.840 --> 09:48.380
EDB.

09:49.670 --> 09:50.900
So here.

09:51.950 --> 09:54.560
And in this case, I didn't get it any.

09:54.890 --> 09:55.610
So it's okay.

09:55.610 --> 10:02.660
But you can also find or find a lot of online manuals and get familiar with GDB because even when you

10:02.660 --> 10:09.470
use a graphical user interface debugger, some functionality may not be available or may not want to

10:09.470 --> 10:16.670
install the graphical user interface debugger on your system because GDB does all the job at 10 or 10

10:16.670 --> 10:17.390
out of ten.

10:17.390 --> 10:24.560
And now in the next lecture we will also create some assembly code, a slightly improved version of

10:24.560 --> 10:25.250
Hello World.

10:25.250 --> 10:27.200
So I'm meeting you in next lecture.