How to use a logical address with an FS or GS base in gdb?

Question

gdb provides functionality to read or write to a specific linear address, for example:

(gdb) x/1wx 0x080483e4
0x80483e4 <main>:       0x83e58955
(gdb) 

but how do you specify a logical address ? I came accross the following instruction:

   0x0804841a <+6>:     mov    %gs:0x14,%eax

how can i read the memory at "%gs:0x14" in gdb, or translate this logical address to a linear address that i could use in x command ?

note: i know that i could simply read %eax after this instruction, but that is not my concern

Answer 1

how can i read the memory at "%gs:0x14" in gdb

You can't: there is no way for GDB to know how the segment to which %gs refers to has been set up.

or translate this logical address to a linear address that i could use in x command

Again, you can't do this in general. However, you appear to be on 32-bit x86 Linux, and there you can do that -- the %gs is set up to point to the thread descriptor via set_thread_area system call.

You can do catch syscall set_thread_area in GDB, and examine the parameters (each thread will have one such call). The code to actually do that is here. Once you know how %gs has been set up, just add 0x14 to the base_addr, and you are done.

Answer 2

I think the easiest way to do this is to read the content of EAX register as you can see the value of %gs:0x14 is moved to EAX.

In GDB, set a breakpoint at the address right after 0x0804841a with break. For example

break *0x0804841e

Then run the program and you can print the contents of EAX register with

info registers eax