用gdb 查看汇编代码, 采用disassemble 和 x 命令。 nexti, stepi 可以单步指令执行
如下例:
------------------------------------------------------------
源代码:
------------------------------------------------------------
[root@hjj ~]# cat 1.c
#include <stdio.h>
int main(int argc, char *argv[])
{
int size=sizeof("hjj");
printf("size is %d
",size);
return 0;
}
------------------------------------------------------------
编译
------------------------------------------------------------
ot@hjj ~]# gcc -g3 -o 1 1.c
------------------------------------------------------------
调试
------------------------------------------------------------
[root@hjj ~]# gdb 1
GNU gdb (GDB) 7.6
Copyright (C) 2013 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law. Type "show copying"
and "show warranty" for details.
This GDB was configured as "x86_64-unknown-linux-gnu".
For bug reporting instructions, please see:
<http://www.gnu.org/software/gdb/bugs/>...
Reading symbols from /root/1...done.
(gdb) b main
Breakpoint 1 at 0x4004d3: file 1.c, line 5.
(gdb) r
Starting program: /root/1
Breakpoint 1, main (argc=1, argv=0x7fffffffe5c8) at 1.c:5
5 int size=sizeof("hjj");
------------------------------------------------------------
观察. 用disasseble.
/m 源码和汇编一起排列
/r 还可以看到16进制代码
------------------------------------------------------------
(gdb) disassemble /m main
Dump of assembler code for function main:
4 {
0x00000000004004c4 <+0>: push %rbp
0x00000000004004c5 <+1>: mov %rsp,%rbp
0x00000000004004c8 <+4>: sub $0x20,%rsp
0x00000000004004cc <+8>: mov %edi,-0x14(%rbp)
0x00000000004004cf <+11>: mov %rsi,-0x20(%rbp)
5 int size=sizeof("hjj");
=> 0x00000000004004d3 <+15>: movl $0x4,-0x4(%rbp)
6 printf("size is %d
",size);
0x00000000004004da <+22>: mov $0x4005f8,%eax
0x00000000004004df <+27>: mov -0x4(%rbp),%edx
0x00000000004004e2 <+30>: mov %edx,%esi
0x00000000004004e4 <+32>: mov %rax,%rdi
0x00000000004004e7 <+35>: mov $0x0,%eax
0x00000000004004ec <+40>: callq 0x4003b8 <printf@plt>
7 return 0;
0x00000000004004f1 <+45>: mov $0x0,%eax
8 }
0x00000000004004f6 <+50>: leaveq
0x00000000004004f7 <+51>: retq
End of assembler dump.
------------------------------------------------------------
用 x/i 可以查看指令
------------------------------------------------------------
(gdb) x/15i main
0x4004c4 <main>: push %rbp
0x4004c5 <main+1>: mov %rsp,%rbp
0x4004c8 <main+4>: sub $0x20,%rsp
0x4004cc <main+8>: mov %edi,-0x14(%rbp)
0x4004cf <main+11>: mov %rsi,-0x20(%rbp)
=> 0x4004d3 <main+15>: movl $0x4,-0x4(%rbp)
0x4004da <main+22>: mov $0x4005f8,%eax
0x4004df <main+27>: mov -0x4(%rbp),%edx
0x4004e2 <main+30>: mov %edx,%esi
0x4004e4 <main+32>: mov %rax,%rdi
0x4004e7 <main+35>: mov $0x0,%eax
0x4004ec <main+40>: callq 0x4003b8 <printf@plt>
0x4004f1 <main+45>: mov $0x0,%eax
0x4004f6 <main+50>: leaveq
0x4004f7 <main+51>: retq
------------------------------------------------------------
$pc 指向当前程序运行地址
------------------------------------------------------------
(gdb) x/5i $pc
=> 0x4004d3 <main+15>: movl $0x4,-0x4(%rbp)
0x4004da <main+22>: mov $0x4005f8,%eax
0x4004df <main+27>: mov -0x4(%rbp),%edx
0x4004e2 <main+30>: mov %edx,%esi
0x4004e4 <main+32>: mov %rax,%rdi
(gdb)
--------------------------------------------------------------------------------
用gdb 调试汇编代码(二进制代码).
查看:
disassembler $pc
display/i $pc
x/i $pc
执行: 单指令。
ni;
si:
用 p $eax
p $edi 等可以查看寄存器.
在gdb中 敲入help layout
(gdb) help layout
Change the layout of windows.
Usage: layout prev | next | <layout_name>
Layout names are:
src : Displays source and command windows.
asm : Displays disassembly and command windows.
split : Displays source, disassembly and command windows.
regs : Displays register window. If existing layout
is source/command or assembly/command, the
register window is displayed. If the
source/assembly/command (split) is displayed,
the register window is displayed with
the window that has current logical focus.
然后你可以用layout 去调试,很方便, 例如 layout asm.