I am debugging a program crash of a released build, that is, no debug info is available in GDB, all I can get is a callstack of the crash point. Due to some restrictions, using a debug build is not on the table.
However, I was wondering whether I can still get the funtion args in the callframe? say, by p $rdi in GDB, can I still get the first arg of the real scene of current function frame?
In short, no. RDI is call-clobbered in the SYSV ABI, and GCC can dynamically reassign registers based as needed. If the argument that was in RDI is already consumed, GCC knows it can freely reuse RDI for other purposes. And under register pressure, GCC may push RDI to the stack.
When the function at hand is not a leaf function, there's an additional observation. GCC will not blindly try to restore RDI to its old value after calling another function. That's just a special case of "freely reuse RDI".