How to use GDB to find what function a memory address corresponds to

Question

I am using google\'s heap checker to track down a memory leak. It gives me a stack trace such as:

Leak of 21 bytes in 1 objects allocated from:                          


        

Answer 1

The original question asked how to do this in GDB:

# NOT what you want; note the lack of '*':
(gdb) info symbol 0xfde09edc
blah() + 388 in section .text of /tmp/libblah.so

# IS what you want; note the presence of '*':
(gdb) info line *0xfde09edc
Line 91 of "blah.cc"
   starts at address 0xfde09ebc <blah()+356>
   and ends at 0xfde09ee4 <blah()+396>

The * is necessary for info line and shouldn't be used for info symbol.

You can also use the disassemble command with its /m flag:

(gdb) disassemble /m 0xfde09edc

... though it's rather verbose and info line gives exactly what was requested.

Answer 2

Assuming your binary has debug information g++ -g you may be able to use x/ to get the info, I know that works for vtables.

x/<num>xw to print <num> hex words of memory, and gdb will annotate the left side with information about what's at the address.

Answer 3

Use info symbol gdb command. 16 Examining the Symbol Table.

info symbol addr

Print the name of a symbol which is stored at the address addr. If no symbol is stored exactly at addr, gdb prints the nearest symbol and an offset from it:

(gdb) info symbol 0x54320
_initialize_vx + 396 in section .text

This is the opposite of the info address command. You can use it to find out the name of a variable or a function given its address.

For dynamically linked executables, the name of executable or shared library containing the symbol is also printed:

(gdb) info symbol 0x400225
_start + 5 in section .text of /tmp/a.out
(gdb) info symbol 0x2aaaac2811cf
__read_nocancel + 6 in section .text of /usr/lib64/libc.so.6