如何使用 GDB 反汇编内存范围? [英] How to disassemble a memory range with GDB?

问题描述

我正在尝试反汇编程序以查看 syscall 汇编指令(我相信是 INT 指令)和带有 GDB 的处理程序，并为它编写了一个小程序(见下文)，用于打开和关闭文件.

I'm trying to disassemble a program to see a syscall assembly instruction (the INT instruction, I believe) and the handler with GDB and have written a little program (see below) for it that opens and closes a file.

我能够使用 GDB 跟踪对 fopen 的调用，直到它执行调用为止.

I was able to follow the call to fopen with GDB until it executed a call.

当我试图告诉 GDB反汇编 0x...."(调用地址)时，它的响应是没有函数包含指定的地址."

When I tried to tell GDB "disassemble 0x...." (address of call) it responded with 'No function contains specified address.'

是否可以强制 GDB 反汇编(或在汇编器中尽可能好地显示)该内存地址?如果是这样，怎么做?

Is it possible to force GDB to disassemble (or display it in assembler as good as possible) that memory address? If so, how?

#include <stdio.h>
#include <stdlib.h>

int main() {
    FILE* f;
    f = fopen("main.c", "r");
    if (!f) { 
      perror("open");
      return -1;
    }
    fclose(f);
    return 0;
}

推荐答案

你只想反汇编你的实际 main 吗?如果是这样试试这个:

Do you only want to disassemble your actual main? If so try this:

(gdb) info line main 
(gdb) disas STARTADDRESS ENDADDRESS

像这样:

USER@MACHINE /cygdrive/c/prog/dsa
$ gcc-3.exe -g main.c

USER@MACHINE /cygdrive/c/prog/dsa
$ gdb a.exe
GNU gdb 6.8.0.20080328-cvs (cygwin-special)
...
(gdb) info line main
Line 3 of "main.c" starts at address 0x401050 <main> and ends at 0x401075 <main+
(gdb) disas 0x401050 0x401075
Dump of assembler code from 0x401050 to 0x401075:
0x00401050 <main+0>:    push   %ebp
0x00401051 <main+1>:    mov    %esp,%ebp
0x00401053 <main+3>:    sub    $0x18,%esp
0x00401056 <main+6>:    and    $0xfffffff0,%esp
0x00401059 <main+9>:    mov    $0x0,%eax
0x0040105e <main+14>:   add    $0xf,%eax
0x00401061 <main+17>:   add    $0xf,%eax
0x00401064 <main+20>:   shr    $0x4,%eax
0x00401067 <main+23>:   shl    $0x4,%eax
0x0040106a <main+26>:   mov    %eax,-0xc(%ebp)
0x0040106d <main+29>:   mov    -0xc(%ebp),%eax
0x00401070 <main+32>:   call   0x4010c4 <_alloca>
End of assembler dump.

但是，我没有看到您的系统中断调用.(自从我上次尝试在汇编中进行系统调用以来已经有一段时间了.不过，INT 21h，最后我记得

I don't see your system interrupt call however. (its been a while since I last tried to make a system call in assembly. INT 21h though, last I recall

这篇关于如何使用 GDB 反汇编内存范围?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！