用gdb 查看,执行汇编代码-白红宇

用gdb 查看,执行汇编代码

阅读量：4222 次

发布时间：2019-05-26

本文共 4122 字，大约阅读时间需要 13 分钟。

用gdb 查看汇编代码，采用disassemble 和 x 命令。 nexti, stepi 可以单步指令执行

如下例：

------------------------------------------------------------

源代码：

------------------------------------------------------------

[root@hjj ~]# cat 1.c

#include <stdio.h>

int main(int argc, char *argv[])

{

int size=sizeof("hjj");

printf("size is %d\n",size);

return 0;

}

------------------------------------------------------------

编译

------------------------------------------------------------

ot@hjj ~]# gcc -g3 -o 1 1.c

------------------------------------------------------------

调试

------------------------------------------------------------

[root@hjj ~]# gdb 1

GNU gdb (GDB) 7.6

License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>

This is free software: you are free to change and redistribute it.

There is NO WARRANTY, to the extent permitted by law. Type "show copying"

and "show warranty" for details.

This GDB was configured as "x86_64-unknown-linux-gnu".

For bug reporting instructions, please see:

<http://www.gnu.org/software/gdb/bugs/>...

Reading symbols from /root/1...done.

(gdb) b main

Breakpoint 1 at 0x4004d3: file 1.c, line 5.

(gdb) r

Starting program: /root/1

Breakpoint 1, main (argc=1, argv=0x7fffffffe5c8) at 1.c:5

5 int size=sizeof("hjj");

------------------------------------------------------------

观察. 用disasseble.

/m 源码和汇编一起排列

/r 还可以看到16进制代码

------------------------------------------------------------

(gdb) disassemble /m main

Dump of assembler code for function main:

4 {

0x00000000004004c4 <+0>: push %rbp

0x00000000004004c5 <+1>: mov %rsp,%rbp

0x00000000004004c8 <+4>: sub $0x20,%rsp

0x00000000004004cc <+8>: mov %edi,-0x14(%rbp)

0x00000000004004cf <+11>: mov %rsi,-0x20(%rbp)

5 int size=sizeof("hjj");

=> 0x00000000004004d3 <+15>: movl $0x4,-0x4(%rbp)

6 printf("size is %d\n",size);

0x00000000004004da <+22>: mov $0x4005f8,%eax

0x00000000004004df <+27>: mov -0x4(%rbp),%edx

0x00000000004004e2 <+30>: mov %edx,%esi

0x00000000004004e4 <+32>: mov %rax,%rdi

0x00000000004004e7 <+35>: mov $0x0,%eax

0x00000000004004ec <+40>: callq 0x4003b8 <printf@plt>

7 return 0;

0x00000000004004f1 <+45>: mov $0x0,%eax

8 }

0x00000000004004f6 <+50>: leaveq

0x00000000004004f7 <+51>: retq

End of assembler dump.

------------------------------------------------------------

用 x/i 可以查看指令

------------------------------------------------------------

(gdb) x/15i main

0x4004c4 <main>: push %rbp

0x4004c5 <main+1>: mov %rsp,%rbp

0x4004c8 <main+4>: sub $0x20,%rsp

0x4004cc <main+8>: mov %edi,-0x14(%rbp)

0x4004cf <main+11>: mov %rsi,-0x20(%rbp)

=> 0x4004d3 <main+15>: movl $0x4,-0x4(%rbp)

0x4004da <main+22>: mov $0x4005f8,%eax

0x4004df <main+27>: mov -0x4(%rbp),%edx

0x4004e2 <main+30>: mov %edx,%esi

0x4004e4 <main+32>: mov %rax,%rdi

0x4004e7 <main+35>: mov $0x0,%eax

0x4004ec <main+40>: callq 0x4003b8 <printf@plt>

0x4004f1 <main+45>: mov $0x0,%eax

0x4004f6 <main+50>: leaveq

0x4004f7 <main+51>: retq

------------------------------------------------------------

$pc 指向当前程序运行地址

------------------------------------------------------------

(gdb) x/5i $pc

=> 0x4004d3 <main+15>: movl $0x4,-0x4(%rbp)

0x4004da <main+22>: mov $0x4005f8,%eax

0x4004df <main+27>: mov -0x4(%rbp),%edx

0x4004e2 <main+30>: mov %edx,%esi

0x4004e4 <main+32>: mov %rax,%rdi

(gdb)

--------------------------------------------------------------------------------

用gdb 调试汇编代码（二进制代码).

查看:

disassembler $pc

display/i $pc

x/i $pc

执行: 单指令。

ni;

si:

用 p $eax

p $edi 等可以查看寄存器.

在gdb中敲入help layout

(gdb) help layout

Change the layout of windows.

Usage: layout prev | next | <layout_name>

Layout names are:

src : Displays source and command windows.

asm : Displays disassembly and command windows.

split : Displays source, disassembly and command windows.

regs : Displays register window. If existing layout

is source/command or assembly/command, the

source/assembly/command (split) is displayed,

the register window is displayed with

the window that has current logical focus.

然后你可以用layout 去调试,很方便, 例如 layout asm.

https://blog.csdn.net/hejinjing_tom_com/article/details/26704487

你可能感兴趣的文章

深入Hibernate映射文件（二）——<hibernate-mapping>的属性

Effective Java 学习笔记一 Object的方法

查看>>

使用 ctypes 进行 Python 和 C 的混合编程

查看>>

用scikit-learn学习DBSCAN聚类

查看>>

机器学习：Python实现聚类算法(三)之总结

查看>>

使用sklearn做单机特征工程

查看>>

Python 多线程技巧用threading.Event代替time.sleep()

C++多继承的观察和7点体会（都是实用派的观点） good