作为x86指令的解决方法,我使用了一个看起来像.byte 0xf1, 0xc1的操作码,并试图在gdb中执行该操作码。该行的反汇编显示
f1 icebp
因此,当获取F1的第一个字节时,它将被识别为称为icebp的指令。已知这是未记录的说明。我在SDM中唯一发现的是INT部分的脚注
The mnemonic ICEBP has also been used for the instruction with opcode F1
继续说gdb
Cannot access memory at address 0x1ffffc20
那那个地址是什么?它是如何产生的?是物理的还是虚拟的?以及如何测试其实际功能?
更新:
GDB操作如下所示:
(gdb) list
1 void main()
2 {
3 __asm__(".byte 0xf1, 0xc1");
4 }
(gdb) set disassembly-flavor intel
(gdb) disass /r main
Dump of assembler code for function main:
0x00000000004004ed <+0>: 55 push rbp
0x00000000004004ee <+1>: 48 89 e5 mov rbp,rsp
0x00000000004004f1 <+4>: f1 icebp
0x00000000004004f2 <+5>: c1 5d c3 66 rcr DWORD PTR [rbp-0x3d],0x66
End of assembler dump.
(gdb) b main
Breakpoint 1 at 0x4004f3: file machine2.c, line 4.
(gdb) run
Starting program: /home/mahmood/Documents/./machine2
Program received signal SIGTRAP, Trace/breakpoint trap.
0x00000000004004f2 in main () at machine2.c:2
2 {
Missing separate debuginfos, use: debuginfo-install glibc-2.17-196.el7.x86_64
(gdb) x/i $pc
=> 0x4004f2 <main+5>: rcr DWORD PTR [rbp-0x3d],0x66
(gdb) n
Cannot access memory at address 0x1ffffc20
(gdb) x/i $pc
=> 0x4004f5: nop WORD PTR cs:[rax+rax*1+0x0]
UDPATE2:
删除c1后,调试器将无法在asm行设置断点。
(gdb) list
1 void main()
2 {
3 __asm__(".byte 0xf1");
4 }
(gdb) b machine2.c:3
Breakpoint 1 at 0x4004f2: file machine2.c, line 3.
(gdb) run
Starting program: /home/mahmood/Documents/./machine2
Breakpoint 1, main () at machine2.c:4
4 }
Missing separate debuginfos, use: debuginfo-install glibc-2.17-196.el7.x86_64