我知道要从下面的内存位置读取:
mov %esi, (%eax)
在GDB中我可以使用
(gdb) display *(int *)$eax
如果想从内存位置读取0x8(%eax),我可以在GDB中使用哪个命令?我尝试使用上面显示命令的一些变体,但我没有成功。
答案 0 :(得分:3)
如果要在任何新步骤后查看表达式,可以使用display。如果您想要观看此表达式,这非常有用。如果您只想显示一个表达状态,请使用print。
例如:
print $eax
print *(int *)$esp
如果您想查看存储在int位置0x8(%eax)的示例,可以使用
print *(int *)($eax+8)
有时似乎你需要省略寄存器前面的$来使gdb正常工作。
这是在32位x86可执行文件上简单转储调试会话:
d:\temp\C++11>gdb test.exe
GNU gdb (GDB) 7.5
Copyright (C) 2012 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law. Type "show copying"
and "show warranty" for details.
This GDB was configured as "i686-pc-mingw32".
For bug reporting instructions, please see:
<http://www.gnu.org/software/gdb/bugs/>...
Reading symbols from d:\temp\C++11\test.exe...(no debugging symbols found)...don
e.
(gdb) start
Temporary breakpoint 1 at 0x4013c1
Starting program: d:\temp\C++11\test.exe
[New Thread 340.0x1bc0]
Temporary breakpoint 1, 0x004013c1 in main ()
(gdb) print $eax
$1 = 1
(gdb) info register $eax
eax 0x1 1
(gdb) info register
eax 0x1 1
ecx 0x28ff30 2686768
edx 0x8e3c8 582600
ebx 0x7efde000 2130567168
esp 0x28ff08 0x28ff08
ebp 0x28ff18 0x28ff18
esi 0x0 0
edi 0x0 0
eip 0x4013c1 0x4013c1 <main+17>
eflags 0x202 [ IF ]
cs 0x23 35
ss 0x2b 43
ds 0x2b 43
es 0x2b 43
fs 0x53 83
gs 0x2b 43
(gdb) print *(int *)$esp
$2 = 2686768
(gdb) print *(int *)($esp+8)
$3 = 0
(gdb)