我如何强制GDB进行反汇编？ [英] How can I force GDB to disassemble?

问题描述

我正在尝试反汇编一个程序，以查看系统调用汇编指令（INT指令，我相信）和GDB处理程序，并为它打开并关闭文件编写了一个小程序（见下文）。我能够跟随这个调用与GDB打成一片，直到它执行了一个调用。
当我试图告诉GDB反汇编0x ....（调用地址）时，它以'没有函数包含指定地址'作为响应。
是否可以强制GDB反汇编（或显示它在汇编中尽可能好）那个内存地址？如果是这样，怎么样？

  #include< stdio.h> 
 #include< stdlib.h> 
 
 int main（）{
 FILE * f; 
 f = fopen（main.c，r）; 
 if（！f）{
 perror（open）; 
返回-1; 
} 
 fclose（f）; 
返回0; 
} 
  

解决方案

您是否只想拆解你的实际主要？如果是这样的话：

 （gdb）info line main 
（gdb）disas STARTADDRESS ENDADDRESS 
  

如此：

  USER @ MACHINE / cygdrive / c / prog / dsa 
 $ gcc-3.exe -g main.c 
 
 USER @ MACHINE / cygdrive / c / prog / dsa 
 $ gdb a.exe 
 GNU gdb 6.8.0.20080328-cvs（cygwin-special）
 ... 
（gdb）info line main 
main.c的第3行从地址0x401050开始< main>并在0x401075 
（gdb）disas 0x401050 0x401075 
结束0x401050到0x401075的汇编代码转储：
 0x00401050< main + 0> ;: push％ebp 
 0x00401051 < main + 1> ;: mov％esp，％ebp 
 0x00401053< main + 3> ;: sub $ 0x18，％esp 
 0x00401056< main + 6> ;:和$ 0xfffffff0，％esp 
 0x00401059< main + 9>：mov $ 0x0，％eax 
 0x0040105e< main + 14> ;:添加$ 0xf，％eax 
 0x00401061< main + 17>：add $ 0xf ，％eax 
 0x00401064< main + 20> ;: shr $ 0x4，％eax 
 0x00401067< main + 23> ;: shl $ 0x4，％eax 
 0x0040106a< main + 26> ：mov％eax，-0xc（％ebp）
 0x0040106d< main + 29> ;: mov -0xc（％ebp），％eax 
 0x00401070< main + 32> ;: call 0x4010c4< _alloca> ; 
汇编器转储结束。 
  

但是，我没有看到您的系统中断调用。 （自从我上次试图在汇编中进行系统调用以来，它已经有一段时间了。尽管INT 21h，最后我还记得

I'm trying to disassemble a program to see a syscall assembly instruction (the INT instruction, I believe) and the handler with GDB and have written a little program (see below) for it that opens and closes a file. I was able to follow the call to fopen with GDB until it executed a call. When I tried to tell GDB "disassemble 0x...." (address of call) it responded with 'No function contains specified address.' Is it possible to force GDB to disassemble (or display it in assembler as good as possible) that memory address? If so, how?

#include <stdio.h>
#include <stdlib.h>

int main() {
    FILE* f;
    f = fopen("main.c", "r");
    if (!f) { 
      perror("open");
      return -1;
    }
fclose(f);
return 0;
}

解决方案

Do you only want to disassemble your actual main? If so try this:

(gdb) info line main 
(gdb) disas STARTADDRESS ENDADDRESS

Like so:

USER@MACHINE /cygdrive/c/prog/dsa
$ gcc-3.exe -g main.c

USER@MACHINE /cygdrive/c/prog/dsa
$ gdb a.exe
GNU gdb 6.8.0.20080328-cvs (cygwin-special)
...
(gdb) info line main
Line 3 of "main.c" starts at address 0x401050 <main> and ends at 0x401075 <main+
(gdb) disas 0x401050 0x401075
Dump of assembler code from 0x401050 to 0x401075:
0x00401050 <main+0>:    push   %ebp
0x00401051 <main+1>:    mov    %esp,%ebp
0x00401053 <main+3>:    sub    $0x18,%esp
0x00401056 <main+6>:    and    $0xfffffff0,%esp
0x00401059 <main+9>:    mov    $0x0,%eax
0x0040105e <main+14>:   add    $0xf,%eax
0x00401061 <main+17>:   add    $0xf,%eax
0x00401064 <main+20>:   shr    $0x4,%eax
0x00401067 <main+23>:   shl    $0x4,%eax
0x0040106a <main+26>:   mov    %eax,-0xc(%ebp)
0x0040106d <main+29>:   mov    -0xc(%ebp),%eax
0x00401070 <main+32>:   call   0x4010c4 <_alloca>
End of assembler dump.

I don't see your system interrupt call however. (its been a while since I last tried to make a system call in assembly. INT 21h though, last I recall

这篇关于我如何强制GDB进行反汇编？的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！