使用GDB单步装配code超出了规定的可执行文件会导致错误"不能找到当前功能和QUOT的界限; [英] Using gdb to single-step assembly code outside specified executable causes error "cannot find bounds of current function"
问题描述
我之外GDB的目标可执行文件,我甚至不具有对应于该目标栈。我想单步,无论如何,这样我就可以验证这是怎么回事,我组装code,因为我不是在x86汇编的专家。不幸的是,GDB拒绝做这个简单的汇编级调试。这使我可以设置并停止适当的断点,但只要我尝试单步起,GDB报告错误无法找到当前函数的边界和EIP不会改变。
I'm outside gdb's target executable and I don't even have a stack that corresponds to that target. I want to single-step anyway, so that I can verify what's going on in my assembly code, because I'm not an expert at x86 assembly. Unfortunately, gdb refuses to do this simple assembly-level debugging. It allows me to set and stop on appropriate breakpoint, but as soon as I try to single-step onwards, gdb reports the error "Cannot find bounds of current function" and the EIP doesn't change.
其他详细信息:
是由GCC汇编语句生成的机器code和我把它复制到它的执行内核内存的位置,从objdump的-d的输出。我不介意使用加载器加载我的对象code到搬迁地址一个简单的方法,但记住装载有一个内核模块中完成。
The machine code was generated by gcc asm statements and I copied it to the kernel memory location where it's executing, from the output of objdump -d. I wouldn't mind a simple way to use a loader to load my object code to a relocated address, but bear in mind the loading has to be done in a kernel module.
我想另一个替代方案是产生假的内核模块或调试信息文件给GDB,以使其相信这个区域是程序code之内。 GDB工作在内核精细可执行文件本身。
I suppose another alternative would be to produce a fake kernel module or debug info file to give to gdb, to cause it to believe this area is within the program code. gdb works fine on the kernel executable itself.
(对于那些谁真的想知道,我插入code在运行时转换为一个VMware虚拟机内的Linux内核数据空间,并从gdb调试它的远程调试通过VMware工作站内置的GDB存根注内核我不写内核漏洞。我是一个安全的研究生写的原型)
(For those who really want to know, I'm inserting code at runtime into Linux kernel data space inside a VMware VM and debugging it from gdb remote debugging the kernel via VMware Workstation's built-in gdb stub. Note I'm not writing kernel exploits; I'm a security graduate student writing a prototype.)
(我可以设置每个指令断点我的组件内。这工作,但一段时间后会得到相当费力,因为x86汇编指令的大小而变化,组件的位置会改变我每次重新启动的时间。)
(I can set a breakpoint on each instruction inside my assembly. This works but would get quite laborious after a while, since the size of x86 assembly instructions varies and the location of the assembly will change every time I reboot.)
推荐答案
您可以使用 STEPI 或 nexti (可缩写为 SI 或 NI )的步骤,通过你的机器code。
You can use stepi or nexti (which can be abbreviated to si or ni) to step through your machine code.
这篇关于使用GDB单步装配code超出了规定的可执行文件会导致错误"不能找到当前功能和QUOT的界限;的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
