使用 gdb 调试反汇编库

发布于 2024-08-08 01:41:51 字数 740 浏览 5 评论 0原文

在Linux和Mac OS XI中，可以使用stepi和nexti来调试应用程序，而无需调试信息。

在 Mac OS X 上，gdb 显示在库内部调用的函数，尽管有时会在每个 stepi 指令中推进多个汇编程序指令。

在 Linux 上，当我进入动态库时，gdb 就会迷失方向。例如，对于 put()，puts() 内部有 3 个汇编指令，一旦 gdb 到达 0x080482bf 处的跳转，它就会失败并显示消息“没有函数包含所选帧的程序计数器”。

0x080482ba in puts@plt ()
(gdb) disassemble
Dump of assembler code for function puts@plt:
0x080482b4 <puts@plt+0>:        jmp    *0x8049580
0x080482ba <puts@plt+6>:        push   $0x10
0x080482bf <puts@plt+11>:       jmp    0x8048284 <_init+48>
End of assembler dump.
(gdb) stepi
0x080482bf in puts@plt ()
(gdb) stepi
0x08048284 in ?? ()
(gdb) disassemble
No function contains program counter for selected frame.

您知道如何使用 gdb 调试这些库调用吗？

原文

in Linux and Mac OS X I can use stepi and nexti to debug an application without debugging information.

On Mac OS X gdb shows the functions that are called inside the library, although sometimes advancing several assembler instructions in each stepi instruction.

On Linux, when I step into a dynamic library gdb gets lost. For instance, with puts() there are three assembler instructions inside puts(), once gdb reaches the jump at 0x080482bf, it fails with the message "No function contains program counter for selected frame".

0x080482ba in puts@plt ()
(gdb) disassemble
Dump of assembler code for function puts@plt:
0x080482b4 <puts@plt+0>:        jmp    *0x8049580
0x080482ba <puts@plt+6>:        push   $0x10
0x080482bf <puts@plt+11>:       jmp    0x8048284 <_init+48>
End of assembler dump.
(gdb) stepi
0x080482bf in puts@plt ()
(gdb) stepi
0x08048284 in ?? ()
(gdb) disassemble
No function contains program counter for selected frame.

Do you know how to debug these library calls with gdb.

分享到QQ

分享到微博

如果你对这篇内容有疑问，欢迎到本站社区发帖提问参与讨论，获取更多帮助，或者扫码二维码加入 Web 技术交流群。

发布评论

需要登录才能够评论，你可以免费注册一个本站的账号。

妄想挽回 2024-08-15 01:41:51

如果 GDB 没有您尝试调试的函数的调试符号，GDB 将无法确定要反汇编的内存地址范围。要解决此问题，您可以将范围传递到 disassemble 命令中。例如：

(gdb) p $pc
$4 = (void (*)()) 0x70c72d <_IO_puts+29>
(gdb) disassemble 0x70c72d 0x70c740
Dump of assembler code from 0x70c72d to 0x70c740:
0x0070c72d <_IO_puts+29>:   mov    %eax,(%esp)
0x0070c730 <_IO_puts+32>:   call   0x721f10 <strlen>
0x0070c735 <_IO_puts+37>:   mov    0x84c(%ebx),%edx
0x0070c73b <_IO_puts+43>:   cmpw   $0x0,(%edx)
0x0070c73f <_IO_puts+47>:   mov    %edx,-0x10(%ebp)
End of assembler dump.

可能有一种安装调试符号的方法。在我的 Ubuntu 系统上，我安装了 libc6-dbg 包，它允许我单步执行标准库中的函数。

If GDB does not have debug symbols for the function you are trying to debug, GDB will not be able to determine the range of memory addresses to disassemble. To work around this, you can pass the range into the disassemble command. For example:

(gdb) p $pc
$4 = (void (*)()) 0x70c72d <_IO_puts+29>
(gdb) disassemble 0x70c72d 0x70c740
Dump of assembler code from 0x70c72d to 0x70c740:
0x0070c72d <_IO_puts+29>:   mov    %eax,(%esp)
0x0070c730 <_IO_puts+32>:   call   0x721f10 <strlen>
0x0070c735 <_IO_puts+37>:   mov    0x84c(%ebx),%edx
0x0070c73b <_IO_puts+43>:   cmpw   $0x0,(%edx)
0x0070c73f <_IO_puts+47>:   mov    %edx,-0x10(%ebp)
End of assembler dump.

There may be a way to install debug symbols. On my Ubuntu system, I installed the package libc6-dbg, which allows me to step into functions in the standard library.

回复收藏 0 原文

~没有更多了~