1

I am running PEDA with GDB. By default, I see the registers, stack and the code sections. However, when I set a breakpoint to a system call, I want to see the arguments that are passed to this system call. There is supposed to be an "arguments" section just like there is a registers, stack and code sections. I tried the "dumpargs" command, and it didn't work.

Do I have to modify the configuration file or something else?

Muj Sam
  • 11
  • 1

1 Answers1

1

I want to see the arguments that are passed to this system call.

On most OSes, arguments to system calls are passed in registers.

For example, on Linux/x86_64, the system call number is passed in $rax (e.g. $rax == 0 for the read system call, 1 for the write system call, etc.), the first argument in the $rdi register, etc. See this answer.

Employed Russian
  • 182,696
  • 29
  • 267
  • 329