使用GDB并检查数据的内存布局 [英] Using GDB and checking the memory layout of Data

问题描述

假设我们有一个简单的C ++代码，如下所示:

Assume we have a simple C++ code as the following:

#include <iostream>

int main(){
  int a = 5;
}

由于每个内存位置都是8 bits，整数是32 bits，所以我假设a的内存结构是这样的:

Since each memory location is 8 bits and an integer is 32 bits I assume the memory structure for a would be like this:

0xa      0xb      0xc      0xd 
00000000 00000000 00000000 00000101

其中0xa，0xb，0xc，0xd是示例内存地址.

where 0xa,0xb,0xc,0xd are sample memory addresses.

1)是&a指向0xa还是0xd?

2)如果我使用GDB并使用x来获取真实的内存地址，则会得到以下信息:

2) if I use GDB and and use x to get real memory addresses I get the following:

(gdb) p a
$7 = 5
(gdb) p &a
$8 = (int *) 0x7ffeefbffac8
(gdb) x/bt 0x7ffeefbffac8
0x7ffeefbffac8: 00000101
(gdb) x/bt 0x7ffeefbffac8-1
0x7ffeefbffac7: 00000000
(gdb) x/bt 0x7ffeefbffac8-2
0x7ffeefbffac6: 00000000
(gdb) x/bt 0x7ffeefbffac8-3
0x7ffeefbffac5: 01111111
(gdb) 

为什么0x7ffeefbffac8-3用01111111而不是00000000填充?这个地址不等于我们的示例内存地址中的0xa吗?

why is 0x7ffeefbffac8-3 populated with 01111111 and not 00000000? ins't this address equal to 0xa in our sample memory address?

推荐答案

在小端机上，& a指向内存的最低有效字节.也就是说，如果&a == 0x7ffeefbffac8，则a驻留在字节中

On a little-endian machine, &a points to the least significant byte of memory. That is, if &a == 0x7ffeefbffac8, then a resides in bytes

0x7ffeefbffac8:  101   << least significant byte
0x7ffeefbffac9:  000
0x7ffeefbffaca:  000
0x7ffeefbffacb:  000   << most significant byte.

最好通过分配例如0x0a090705到a，然后:

This is best observed by assigning e.g. 0x0a090705 to a, and then:

Temporary breakpoint 1, main (argc=3, argv=0x7fffffffdc68) at t.c:2
2     int a = 0x0a090705;
(gdb) n
3     return 0;
(gdb) p &a
$1 = (int *) 0x7fffffffdb7c

检查从& a开始的4个字节:

Examine 4 bytes starting from &a:

(gdb) x/4bt 0x7fffffffdb7c
0x7fffffffdb7c: 00000101    00000111    00001001    00001010

或者等效地，一次执​​行一个字节:

Or, equivalently, do so one byte at a time:

(gdb) x/bt 0x7fffffffdb7c
0x7fffffffdb7c: 00000101
(gdb) x/bt 0x7fffffffdb7c+1
0x7fffffffdb7d: 00000111
(gdb) x/bt 0x7fffffffdb7c+2
0x7fffffffdb7e: 00001001
(gdb) x/bt 0x7fffffffdb7c+3
0x7fffffffdb7f: 00001010

为什么0x7ffeefbffac8-3用01111111而不是00000000填充?

因为您走错了方向:&a-3根本不是a 的一部分(这是其他东西的一部分，或者可能是未初始化的随机垃圾).

Because you are going in the wrong direction: &a-3 isn't part of a at all (it's part of something else, or possibly uninitialized random garbage).

这篇关于使用GDB并检查数据的内存布局的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！