转自:http://www.delorie.com/gnu/docs/gdb/gdb_56.html
You can use the command x
(for "examine") to examine memory in any of several formats, independently of your program's data types.
x/nfu addr
x addr
x
x
command to examine memory.
n, f, and u are all optional parameters that specify how much memory to display and how to format it; addr is an expression giving the address where you want to start displaying memory. If you use defaults for nfu, you need not type the slash `/'. Several commands set convenient defaults for addr.
print
, `s' (null-terminated string), or `i' (machine instruction). The default is `x' (hexadecimal) initially. The default changes each time you use either
x
or
print
.
b
h
w
g
Each time you specify a unit size with x
, that size becomes the default unit the next time you use x
. (For the `s' and `i' formats, the unit size is ignored and is normally not written.)
info breakpoints
(to the address of the last breakpoint listed),
info line
(to the starting address of a line), and
print
(if you use it to display a value from memory).
For example, `x/3uh 0x54320' is a request to display three halfwords (h
) of memory, formatted as unsigned decimal integers (`u'), starting at address 0x54320
. `x/4xw $sp' prints the four words (`w') of memory above the stack pointer (here, `$sp'; see section Registers) in hexadecimal (`x').
Since the letters indicating unit sizes are all distinct from the letters specifying output formats, you do not have to remember whether unit size or format comes first; either order works. The output specifications`4xw' and `4wx' mean exactly the same thing. (However, the count n must come first; `wx4' does not work.)
Even though the unit size u is ignored for the formats `s' and `i', you might still want to use a count n; for example, `3i' specifies that you want to see three machine instructions, including any operands. The command disassemble
gives an alternative way of inspecting machine instructions; see Source and machine code.
All the defaults for the arguments to x
are designed to make it easy to continue scanning memory with minimal specifications each time you use x
. For example, after you have inspected three machine instructions with `x/3i addr', you can inspect the next seven with just `x/7'. If you use RET to repeat the x
command, the repeat count n is used again; the other arguments default as for successive uses ofx
.
The addresses and contents printed by the x
command are not saved in the value history because there is often too much of them and they would get in the way. Instead, GDB makes these values available for subsequent use in expressions as values of the convenience variables $_
and $__
. After an x
command, the last address examined is available for use in expressions in the convenience variable $_
. The contents of that address, as examined, are available in the convenience variable $__
.
If the x
command has a repeat count, the address and contents saved are from the last memory unit printed; this is not the same as the last address printed if several units were printed on the last line of output.
【yasi】
int main () { char s1[] = "abcdefghijklmnopqrstuvwxyz"; char s2[] = "0123456789"; return 0; }
[root@amons02 yasi]# gdb ./s -q
Reading symbols from /home/yasi/s...done.
(gdb) b 6
Breakpoint 1 at 0x4005a4: file s.cpp, line 6.
(gdb) r
Starting program: /home/yasi/s
Breakpoint 1, main () at s.cpp:6
6 return 0;
Missing separate debuginfos, use: debuginfo-install glibc-2.12-1.80.el6_3.6.x86_64 libgcc-4.4.6-4.el6.x86_64 libstdc++-4.4.6-4.el6.x86_64
(gdb) p s1 + 0 // 查看s1的地址
$1 = 0x7fffffffe4b0 "abcdefghijklmnopqrstuvwxyz"
(gdb) x/2cb 0x7fffffffe4b0 // 查看s1开始的2个字节,以字符形式显示
0x7fffffffe4b0: 97 'a' 98 'b'
(gdb) x/2xb 0x7fffffffe4b0 // 查看s1开始的2个字节,以十六进制形式显示
0x7fffffffe4b0: 0x61 0x62
(gdb) x/2cb s1 // 查看s1开始的2个字节,以字符形式显示
0x7fffffffe4b0: 97 'a' 98 'b'
(gdb) x/2xb s1 // 查看s1开始的2个字节,以十六进制形式显示
0x7fffffffe4b0: 0x61 0x62