Linux 显示在给定地址 gdb 处找到的值
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/14493707/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
Display value found at given address gdb
提问by Kyle Weller
I am debugging a binary file in gdb. It was C code compiled by gcc on an Intel IA-32. I retrieved this output from objdump. I am most interested in the last line here:
我正在 gdb 中调试一个二进制文件。它是由 gcc 在 Intel IA-32 上编译的 C 代码。我从objdump. 我对这里的最后一行最感兴趣:
08048d9e <func_1>
8048d9e: 55 push %ebp
8048d9f: 89 e5 mov %esp,%ebp
8048da1: 83 ec 18 sub (gdb) x 0x8048f0b
x18,%esp
8048da4: c7 44 24 04 88 99 04 movl 0x8048f0b <strings_not_equal>: 0x57e58955
x8049988,0x4(%esp)
8048dab: 08
8048dac: 8b 45 08 mov 0x8(%ebp),%eax
8048daf: 89 04 24 mov %eax,(%esp)
8048db2: e8 54 01 00 00 call 8048f0b <strings_not_equal>
I believe this last line will compare the value found at the indicated address: 8048f0b. I attempt:
我相信最后一行将比较在指定地址处找到的值:8048f0b。我尝试:
x/s 0x8049988
and receive:
并收到:
##代码##Am I interpreting the assembly incorrectly? Is this the correct way to read the value of an address in gdb? I was kind of expecting to find a more ascii friendly hex value. I am interested in finding the stored string value that is compared against.
我是否错误地解释了程序集?这是在 gdb 中读取地址值的正确方法吗?我有点期待找到一个更 ascii 友好的十六进制值。我有兴趣找到与之比较的存储字符串值。
Also do you have a favorite gui tool that you like to use for this type of debugging? I have been thinking about trying ddd. I want to find an easier way to debug.
您还有喜欢用于此类调试的最喜欢的 gui 工具吗?我一直在考虑尝试 ddd。我想找到一种更简单的调试方法。
采纳答案by caf
You are correctly reading the value at memory address 0x8048f0b, but the line call 8048f0b <strings_not_equal>indicates that this address is the start of a function (called strings_not_equal()). You wouldn't expect that to be ASCII - you'd expect it to be more machine code.
您正确读取了内存地址处的值0x8048f0b,但该行call 8048f0b <strings_not_equal>表明该地址是函数(称为strings_not_equal())的开始。你不会期望它是 ASCII - 你会期望它是更多的机器代码。
If you're looking for the function arguments to strings_not_equal(), those are being pushed onto the stack. The first argument is being copied from 0x8(%ebp), which is the first argument of func1(). The second argument is $0x8049988, which is presumably the address of a string.
如果您正在寻找 的函数参数strings_not_equal(),则这些参数将被推送到堆栈中。第一个参数是从 复制的0x8(%ebp),这是 的第一个参数func1()。第二个参数是$0x8049988,大概是字符串的地址。
If you want to print the contents of the address as a string, you can do that with x/s:
如果要将地址的内容打印为字符串,可以使用以下命令x/s:
