How to change the eflags register value in GDB?
set $eflags does not change eflags value.
The old eflags value remains after eg. =>$set $eflag=0x243 [this is just an example input].
Alternatively, is there any way to set individual flags of eflags?
I'm looking for something like: set ZF[zero flag]. Is there a gdb command to do that?
Answer
set $eflags without parenthesis works in GDB 7.7.1
To set an individual flag, use its index. E.g., ZF is the 6th bit, so we can set it with:
set $ZF = 6 # define a GDB variable: no effect on registers
set $eflags |= (1 << $ZF) # set bit 6 in EFLAGS, the ZF bit.
The same goes for all other bitwise operations: How do you set, clear, and toggle a single bit?
# Clear
set $eflags &= ~(1 << $ZF)
# Toggle
set $eflags ^= (1 << $ZF)
What causes confusion is that many bits are either reserved, cannot be modified directly by any instruction, or cannot be modified from user mode, see also: How to read and write x86 flags registers directly? and so GDB does not touch them.
For example:
(gdb) set $eflags = 0
(gdb) i r eflags
eflags 0x202 [ IF ]
(gdb) set $eflags = 0xFFFFFFFF
(gdb) i r eflags
eflags 0x54fd7 [ CF PF AF ZF SF TF IF DF OF NT RF AC ]
0x202 in binary is:
0010 0000 0010
0x54fd7 in binary is:
0101 0100 1111 1101 0111
TODO understand why each of those bits were set or not, by looking at the manual http://www.intel.com/content/dam/www/public/us/en/documents/manuals/64-ia-32-architectures-software-developer-vol-1-manual.pdf and GDB source code.
Ones that I understand:
- all reserved registers were left at their fixed value: 1 for bit 1, and 0 for bits 3, 5, 15 and 22-31