源代碼
1 section .data
2 msg db 'Hello, world!', 0xA
3 len equ $ - msg
4 section .text
5 global main
6 main:
7 mov edx, len
8 mov ecx, msg
9 mov ebx, 1
10 mov eax, 4
11 int 0x80
12 mov ebx, 0
13 mov eax, 1
14 int 0x80
開始調試
javen@javen-laptop:~/study$ nasm -f elf hello.asm -g -F stabs
javen@javen-laptop:~/study$ gcc -o hello hello.o -g
javen@javen-laptop:~/study$ gdb hello
GNU gdb 6.8-debian
Copyright (C) 2008 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law. Type "show copying"
and "show warranty" for details.
This GDB was configured as "i486-linux-gnu"
(gdb)
開始運行
(gdb) start
Breakpoint 1 at 0x80483a0: file hello.asm, line 7.
Starting program: /home/javen/study/hello
main () at hello.asm:7
7 mov edx, len
(gdb)
查看反匯編,結果是AT&T語法。
(gdb) disassemble
Dump of assembler code for function main:
0x080483a0 <main+0>: mov $0xe,%edx
0x080483a5 <main+5>: mov $0x804a010,%ecx
0x080483aa <main+10>: mov $0x1,%ebx
0x080483af <main+15>: mov $0x4,%eax
0x080483b4 <main+20>: int $0x80
0x080483b6 <main+22>: mov $0x0,%ebx
0x080483bb <main+27>: mov $0x1,%eax
0x080483c0 <main+32>: int $0x80
0x080483c2 <main+34>: nop
0x080483c3 <main+35>: nop
0x080483c4 <main+36>: nop
0x080483c5 <main+37>: nop
0x080483c6 <main+38>: nop
0x080483c7 <main+39>: nop
0x080483c8 <main+40>: nop
0x080483c9 <main+41>: nop
0x080483ca <main+42>: nop
0x080483cb <main+43>: nop
0x080483cc <main+44>: nop
0x080483cd <main+45>: nop
0x080483ce <main+46>: nop
0x080483cf <main+47>: nop
運行下一步,并查看寄存器,eip改變
(gdb) n
8 mov ecx, msg
(gdb) info register
eax 0xbfcd9864 -1077045148
ecx 0xe2d47497 -489393001
edx 0xe 14
ebx 0xb80c3ff4 -1207156748
esp 0xbfcd97dc 0xbfcd97dc
ebp 0xbfcd9838 0xbfcd9838
esi 0x80483e0 134513632
edi 0x80482e0 134513376
eip 0x80483a5 0x80483a5 <main+5>
eflags 0x246 [ PF ZF IF ]
cs 0x73 115
ss 0x7b 123
ds 0x7b 123
es 0x7b 123
fs 0x0 0
gs 0x33 51
(gdb) n
9 mov ebx, 1
(gdb) info register
eax 0xbfcd9864 -1077045148
ecx 0x804a010 134520848
edx 0xe 14
ebx 0xb80c3ff4 -1207156748
esp 0xbfcd97dc 0xbfcd97dc
ebp 0xbfcd9838 0xbfcd9838
esi 0x80483e0 134513632
edi 0x80482e0 134513376
eip 0x80483aa 0x80483aa <main+10>
eflags 0x246 [ PF ZF IF ]
cs 0x73 115
ss 0x7b 123
ds 0x7b 123
es 0x7b 123
fs 0x0 0
gs 0x33 51
(gdb)
查看內存
(gdb) x 0x80483aa
0x80483aa <main+10>: 0x000001bb
(gdb) x 0x80483a5
0x80483a5 <main+5>: 0x04a010b9
(gdb)
詳細的gdb使用網上搜索。