2

I am running PEDA with GDB. By default, I see the registers, stack and the code sections. However, when I set a breakpoint to a system call, I want to see the arguments that are passed to this system call. There is supposed to be an "arguments" section just like there is a registers, stack and code sections. I tried the "dumpargs" command, and it didn't work.

Do I have to modify the configuration file or something else?

Muj Sam
  • 21
  • 1

1 Answers1

2

I want to see the arguments that are passed to this system call.

On most OSes, arguments to system calls are passed in registers.

For example, on Linux/x86_64, the system call number is passed in $rax (e.g. $rax == 0 for the read system call, 1 for the write system call, etc.), the first argument in the $rdi register, etc. See this answer.

Employed Russian
  • 199,314
  • 34
  • 295
  • 362