如何使用GDB分解内存范围? [英] How to disassemble a memory range with GDB?
问题描述
我正试图反汇编一个程序,以查看syscall汇编指令(我相信是INT指令)和带有GDB的处理程序,并为此编写了一个小程序(请参见下文)来打开和关闭文件。 / p>
在GDB执行调用之前,我就可以跟随它使用fopen进行调用。
告诉GDB disassemble 0x ....(调用地址),它以'没有函数包含指定地址来响应'。
是否可以强制GDB进行反汇编(或在汇编程序中尽可能好地显示它)那个内存地址?如果是这样,怎么办?
#include< stdio.h>
#include< stdlib.h>
int main(){
FILE * f;
f = fopen( main.c, r);
if(!f){
perror( open);
返回-1;
}
fclose(f);
返回0;
}
您只想反汇编您的实际主力?如果是这样,请尝试以下操作:
(gdb)信息行main
(gdb)disas STARTADDRESS ENDADDRESS
像这样:
USER @ MACHINE / cygdrive / c / prog / dsa
$ gcc-3.exe -g main.c
USER @ MACHINE / cygdrive / c / prog / dsa
$ gdb a.exe
GNU gdb 6.8.0.20080328-cvs(cygwin-special)
...
(gdb)信息行main
main.c的第3行从地址0x401050< main>开始并结束于0x401075< main +
(gdb)disas 0x401050 0x401075
从0x401050到0x401075的汇编代码转储:
0x00401050< main + 0> ;:推送%ebp
0x00401051 < main + 1> ;: mov%esp,%ebp
0x00401053< main + 3> ;: sub $ 0x18,%esp
0x00401056< main + 6> ;:和$ 0xfffffff0,%esp
0x00401059< main + 9> ;: mov $ 0x0,%eax
0x0040105e< main + 14> ;:添加$ 0xf,%eax
0x00401061< main + 17> ;:添加$ 0xf ,%eax
0x00401064< main + 20>:shr $ 0x4,%eax
0x00401067< main + 23> ;: shl $ 0x4,%eax
0x0040106a< main + 26> :mov%eax,-0xc(%ebp)
0x0040106d< main + 29> ;: mov -0xc(%ebp),%eax
0x00401070< main + 32> ;:调用0x4010c4< _alloca> ;
汇编器转储结束。
但是我看不到您的系统中断调用。 (自从我上次尝试在汇编中进行系统调用以来已经有一段时间了。尽管是INT 21h,最后我还是记得
I'm trying to disassemble a program to see a syscall assembly instruction (the INT instruction, I believe) and the handler with GDB and have written a little program (see below) for it that opens and closes a file.
I was able to follow the call to fopen with GDB until it executed a call.
When I tried to tell GDB "disassemble 0x...." (address of call) it responded with 'No function contains specified address.'
Is it possible to force GDB to disassemble (or display it in assembler as good as possible) that memory address? If so, how?
#include <stdio.h>
#include <stdlib.h>
int main() {
FILE* f;
f = fopen("main.c", "r");
if (!f) {
perror("open");
return -1;
}
fclose(f);
return 0;
}
Do you only want to disassemble your actual main? If so try this:
(gdb) info line main
(gdb) disas STARTADDRESS ENDADDRESS
Like so:
USER@MACHINE /cygdrive/c/prog/dsa
$ gcc-3.exe -g main.c
USER@MACHINE /cygdrive/c/prog/dsa
$ gdb a.exe
GNU gdb 6.8.0.20080328-cvs (cygwin-special)
...
(gdb) info line main
Line 3 of "main.c" starts at address 0x401050 <main> and ends at 0x401075 <main+
(gdb) disas 0x401050 0x401075
Dump of assembler code from 0x401050 to 0x401075:
0x00401050 <main+0>: push %ebp
0x00401051 <main+1>: mov %esp,%ebp
0x00401053 <main+3>: sub $0x18,%esp
0x00401056 <main+6>: and $0xfffffff0,%esp
0x00401059 <main+9>: mov $0x0,%eax
0x0040105e <main+14>: add $0xf,%eax
0x00401061 <main+17>: add $0xf,%eax
0x00401064 <main+20>: shr $0x4,%eax
0x00401067 <main+23>: shl $0x4,%eax
0x0040106a <main+26>: mov %eax,-0xc(%ebp)
0x0040106d <main+29>: mov -0xc(%ebp),%eax
0x00401070 <main+32>: call 0x4010c4 <_alloca>
End of assembler dump.
I don't see your system interrupt call however. (its been a while since I last tried to make a system call in assembly. INT 21h though, last I recall
这篇关于如何使用GDB分解内存范围?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
