为什么在加载附近的代码字节时出现意外的`0xcc`字节?是因为段寄存器%es? [英] Why am I getting an unexpected `0xcc` byte when loading nearby code bytes? Is it because of segment register %es?
问题描述
我得到了一些不一致的教学结果.
我不知道为什么会这样,所以我怀疑%es寄存器做的事情很奇怪,但是我不确定.
I got some inconsistent result of instruction.
I don't know why this happens, so I suspect %es register is doing something weird, but I'm not sure.
查看以下代码段.
08048400 <main>:
8048400: bf 10 84 04 08 mov $HERE,%edi
8048405: 26 8b 07 mov %es:(%edi),%eax # <----- Result 1
8048408: bf 00 84 04 08 mov $main,%edi
804840d: 26 8b 07 mov %es:(%edi),%eax # <----- Result 2
08048410 <HERE>:
8048410: 11 11 adc %edx,(%ecx)
8048412: 11 11 adc %edx,(%ecx)
结果1:
Result 1:
%eax : 0x11111111
看到此结果,我猜想mov %es:(%edi),%eax类似于mov (%edi),%eax.
因为0x11111111存储在HERE中.
Seeing this result, I guessed that mov %es:(%edi),%eax to be something like mov (%edi),%eax.
Because 0x11111111 is stored at HERE.
结果2:
Result 2:
%eax : 0x048410cc
但是,结果2 的结果却大不相同.
我假设%eax为0x048410bf,因为此值存储在main.
但是结果却不一样,如您所见.
问题:
为什么会出现这种结果不一致的情况?
顺便说一句,在执行两条指令期间,%es的值始终为0x7b.
However, the result of Result 2 was quite different.
I assumed %eax to be 0x048410bf, because this value is stored at main.
But the result was different as you can see.
Question:
Why this inconsistency of the result happens?
By the way, value of %es was always 0x7b during execution of both instruction.
推荐答案
es是红色鲱鱼.您看到的差异是main,cc与bf处的1个字节.那是因为您在main使用了一个软件断点,并且调试器插入了int3指令,该指令的机器代码为cc暂时覆盖了您的实际代码.
es is a red herring. The difference you see is 1 byte at main, cc vs. bf. That is because you used a software breakpoint at main and your debugger inserted an int3 instruction which has machine code cc temporarily overwriting your actual code.
请勿在要读取的位置设置断点,或使用不会修改代码的硬件断点.
Do not set a breakpoint where you intend to read from, or use a hardware breakpoint instead which does not modify code.
这篇关于为什么在加载附近的代码字节时出现意外的`0xcc`字节?是因为段寄存器%es?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
