使用 gdb 在指定的可执行文件之外执行单步汇编代码会导致错误“找不到当前函数的边界" [英] Using gdb to single-step assembly code outside specified executable causes error "cannot find bounds of current function"
问题描述
我在 gdb 的目标可执行文件之外,我什至没有对应于该目标的堆栈.无论如何,我想单步执行,以便我可以验证我的汇编代码中发生了什么,因为我不是 x86 汇编方面的专家.不幸的是,gdb 拒绝进行这种简单的汇编级调试.它允许我在适当的断点上设置和停止,但是一旦我尝试单步前进,gdb 就会报告错误找不到当前函数的边界"并且 EIP 不会改变.
I'm outside gdb's target executable and I don't even have a stack that corresponds to that target. I want to single-step anyway, so that I can verify what's going on in my assembly code, because I'm not an expert at x86 assembly. Unfortunately, gdb refuses to do this simple assembly-level debugging. It allows me to set and stop on appropriate breakpoint, but as soon as I try to single-step onwards, gdb reports the error "Cannot find bounds of current function" and the EIP doesn't change.
其他详细信息:
机器代码是由 gcc asm 语句生成的,我将它从 objdump -d 的输出复制到它正在执行的内核内存位置.我不介意使用加载器将目标代码加载到重定位地址的简单方法,但请记住加载必须在内核模块中完成.
The machine code was generated by gcc asm statements and I copied it to the kernel memory location where it's executing, from the output of objdump -d. I wouldn't mind a simple way to use a loader to load my object code to a relocated address, but bear in mind the loading has to be done in a kernel module.
我想另一种选择是生成一个伪造的内核模块或调试信息文件来提供给 gdb,使其相信该区域在程序代码中.gdb 在内核可执行文件本身上运行良好.
I suppose another alternative would be to produce a fake kernel module or debug info file to give to gdb, to cause it to believe this area is within the program code. gdb works fine on the kernel executable itself.
(对于那些真正想知道的人,我在运行时将代码插入到 VMware VM 内的 Linux 内核数据空间中,并通过 VMware Workstation 的内置 gdb 存根从 gdb 远程调试内核进行调试.注意我是不写内核漏洞;我是一名安全研究生,正在写一个原型.)
(For those who really want to know, I'm inserting code at runtime into Linux kernel data space inside a VMware VM and debugging it from gdb remote debugging the kernel via VMware Workstation's built-in gdb stub. Note I'm not writing kernel exploits; I'm a security graduate student writing a prototype.)
(我可以在我的程序集中的每条指令上设置一个断点.这可行,但一段时间后会变得非常费力,因为 x86 程序集指令的大小各不相同,并且每次重新启动时程序集的位置都会改变.)
(I can set a breakpoint on each instruction inside my assembly. This works but would get quite laborious after a while, since the size of x86 assembly instructions varies and the location of the assembly will change every time I reboot.)
推荐答案
您可以使用 stepi 或 nexti(可以缩写为 si> 或 ni) 以单步执行您的机器代码.
You can use stepi or nexti (which can be abbreviated to si or ni) to step through your machine code.
这篇关于使用 gdb 在指定的可执行文件之外执行单步汇编代码会导致错误“找不到当前函数的边界"的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
