Possessing + original works reproduced please specify the source + "Linux kernel analysis" MOOC course http://mooc.study.163.com/course/USTC-1000029000
The following is an explanation of the problem from a gdb-traced perspective.
1 prepare to generate GDB required files
Some common commands for mastering the GDB trace stack
start //运行到main程序 si //汇编里面单步 info register ebp esp eip //查看ebp esp eip寄存器的变化x/11x ADDR //以16进制查看addr地址开始的11个byte
2 Operating Procedures
throughout the execution of the process, I put the video on Youku.
(Note: The command line mode of the experimental building is not very clear under SD, please switch to HD and above)
Demo Link Here
Changes before and after ESP
Here, with the change of the ESP register, look at this graph, (SI instruction indicates that a compilation was performed)
3 after-school thinking
Problems that are actually traced:
In our classroom model, the address of the instruction is a simple abstraction of 1 , and the instruction length is 1, and the actual code in the beginning of the code is unknown, the code length (x86) is longer, there will be some challenges, but understanding the teacher's model, will reduce the difficulty.
4 Summary
This paper verifies the process of program running from the angle of actual combat. One of the most important is to be familiar with the change of the process context such as EBP/ESP and other registers (in and out).
From the perspective of programming applications here.
It is not possible for us to pull out the stack details for every program we write, but it is necessary in the following situations.
1) Code compilation level optimization
2) Find application internal call to collapse
3) Find out why the dynamic library is crashing
4) Use Strace to track why an application without source code fails to run
5) Use the context field provided by the Oops to determine the cause of the kernel collapse.
The content can also be expanded from stdcall/pascal call and other angles,
Appendix
Requirements
The topic is self-prepared, and the content revolves around how the computer works;
You need to use an experiment in your blog
Blog content requires careful analysis of stack changes during the work of the assembler code
The summary section needs to clarify its understanding of how the computer works.
See some of the great God's masterpieces on the Forum:
1) GIF of the Divine diagram, step-by-step tracking changes.
In order to understand, I made the first chapter of the work Eijsan demo diagram exploded version
http://mooc.study.163.com/learn/USTC-1000029000#/learn/forumdetail?pid=1000111081
How program is executed