i came across a sample gdbinit file, which was having following statements. can anyone plz let me know what is so specific about the addresses (0x40000000, 0x80000000 and 0xBF000000) ? why the following check again them is letting me know of valid or invalid address ?
define dd
if ( ($arg0 & 0x40000000) || ($arg0 & 0x08000000) || ($arg0 & 0xBF000000) )
set $data_addr=$arg0
ddump 0x10 $arg0
else
printf "Invalid address: %08X\n", $arg0
end
end
Further how the following check against the same addresses again tells me which register to choose for data address ?
define datawin
if ( ($esi & 0x40000000) || ($esi & 0x08000000) || ($esi & 0xBF000000) )
set $data_addr=$esi
else
if ( ($edi & 0x40000000) || ($edi & 0x08000000) || ($edi & 0xBF000000) )
set $data_addr=$edi
else
if ( ($eax & 0x40000000) || ($eax & 0x08000000) || ($eax & 0xBF000000) )
set $data_addr=$eax
else
set $data_addr=$esp
end
any help will be greatly appreciated. thanks.
Most modern operating systems that run on a CPU which has MMU capability, provides processes a virtual memory model that is divided into certain regions. Generally, lower addresses belong to the process and higher addresses belong to the OS. Between these, there is the stack space. In your case, it is an 32-bit system. First part checks the address for validity (but this check does not guarantee the accessibility of the given address), second part just uses the given register…