gdb:当寄存器的值为0xffaa时的断点

时间:2010-02-08 17:14:35

标签: debugging unix gdb

我可以在gdb中为寄存器值设置断点/观察点/ smth吗?

我希望在$ eax的值为0x0000ffaa时中断。

是否可以使用gdb或dbx或任何其他unix调试器?

4 个答案:

答案 0 :(得分:27)

是的,在gdb中你可以像这样设置一个观察点:

watch $eax == 0x0000ffaa

但它取决于可用于目标的观察点支持。您应该注意,这可能会显着降低执行

如果您希望在特定位置中断,可以通过设置条件断点来实现:

break test.c:120 if $eax == 0x0000ffaa

答案 1 :(得分:2)

致白:

如果使用$ eax,则忽略条件,它将成为无条件监视/断点。


(gdb) disass print_hello
Dump of assembler code for function print_hello:
0x000000000040058c :     push   %rbp
0x000000000040058d :     mov    %rsp,%rbp
0x0000000000400590 :     sub    $0x20,%rsp
0x0000000000400594 :     movl   $0x1,-0x4(%rbp)
0x000000000040059b :    movl   $0x5,-0x4(%rbp)
0x00000000004005a2 :    mov    -0x4(%rbp),%esi
0x00000000004005a5 :    mov    $0x4006dc,%edi
0x00000000004005aa :    mov    $0x0,%eax
0x00000000004005af :    callq  0x400468 
0x00000000004005b4 :    leaveq 
0x00000000004005b5 :    retq

End of assembler dump.



(gdb) break *0x00000000004005af if $eax==0
Breakpoint 1 at 0x4005af: file hello.c, line 7.
(gdb) info break
Num     Type           Disp Enb Address            What
1       breakpoint     keep y   0x00000000004005af in print_hello at hello.c:7
        stop only if $eax==0
(gdb) run
Starting program: /home/dg/hello/hello 
hello world 2
Error in testing breakpoint condition:
Invalid type combination in equality test.



Breakpoint 1, 0x00000000004005af in print_hello () at hello.c:7
7               printf("hello %d\n", value);



(gdb) condition 1 $eax != 0
(gdb) run
The program being debugged has been started already.
Start it from the beginning? (y or n) y
Starting program: /home/dg/hello/hello 
hello world 2
Error in testing breakpoint condition:
Invalid type combination in equality test.



Breakpoint 1, 0x00000000004005af in print_hello () at hello.c:7
7               printf("hello %d\n", value);
(gdb)
但是$ rax的工作原理应该是: 

(gdb) condition 1 $rax != 0
(gdb) info break
Num     Type           Disp Enb Address            What
1       breakpoint     keep y   0x00000000004005af in print_hello at hello.c:7
        stop only if $rax != 0
        breakpoint already hit 1 time
(gdb) run
The program being debugged has been started already.
Start it from the beginning? (y or n) y
Starting program: /home/dg/hello/hello 
hello world 2
hello 5



Program exited normally.
(gdb) condition 1 $rax == 0
(gdb) run
Starting program: /home/dg/hello/hello 
hello world 2



Breakpoint 1, 0x00000000004005af in print_hello () at hello.c:7
7               printf("hello %d\n", value);
(gdb)

这是在gdb 6.8.50上测试的全部: GNU gdb(GDB; SUSE Linux Enterprise 11)6.8.50.20081120-cvs

答案 2 :(得分:1)

我无法直接观看eax,因此我插入了一些asm指令将所需值存储到垃圾变量并观察 。我无法说服gcc使用eax,所以这段代码“监视”了ebx。

#include <stdio.h>
int tmp;
int main(void)
{
  int i;
  printf("tmp is originally %d\n",tmp);
  for(i=0;i<20;i++)
  {
    asm (
    "cmpl $10,%ebx\n"
    "jne dont\n"
    "movl %ebx,tmp\n"
    "dont:\n"
        );
    printf("%d\n",i);
  printf("\nnow tmp is %d\n",tmp);
  return 0;
}

现在你可以“观看tmp”

答案 3 :(得分:1)

如果您使用的是64位计算机,则必须先看$rax,而不是$eax

相关问题
最新问题