Geek asks and answers

What does the contents of general registers contain?

I have included the iOS tag, but I am working in a simulator on a Core i7 MacBook Pro (x86-64, right?), So I think this is immaterial.

I am currently debugging an accident in Flurry commercials. I have a Objective-C exception breakpoint. When a breakpoint hits, I'm at objc_msgSend. The column contains a combination of private Flurry and iOS methods, nothing public and nothing I wrote. A call register readfrom the stack frame objc_msgSendoutputs the following:

(lldb) register read
General Purpose Registers:
       eax = 0x1ac082d0
       ebx = 0x009600b5  "spaceWillDismiss:interstitial:"
       ecx = 0x03e2cddb  "makeKeyAndVisible"
       edx = 0x0000003f
       edi = 0x0097c6f3  "removeWindow"
       esi = 0x00781e65  App`-[FlurryAdViewController removeWindow] + 12
       ebp = 0xbfffd608
       esp = 0xbfffd5e8
        ss = 0x00000023
    eflags = 0x00010202  App`-[FeedTableCell setupVisibleCommentAndLike] + 1778 at FeedTableCell.m:424
       eip = 0x049bd09b  libobjc.A.dylib`objc_msgSend + 15
        cs = 0x0000001b
        ds = 0x00000023
        es = 0x00000023
        fs = 0x00000000
        gs = 0x0000000f

I have a few questions about this exit.

  • I assumed that $ ebx contains the selector that caused the failure, and $ edi is the last executable method. This case?
  • $ eip where I crashed. Is this usually the case?
  • $eflags , , , . ?
  • - , ?
+5
1

iOS/ Objective-C, EBX EDI. EIP EFLAGS ESP/EBP . (, 32- x86, , 32 .)

EIP - , , . , , , , , , , ​​ ..

EIP ( - , ). , . , segfault , EIP . , EIP, , " " "" / EIP, EIP .

EFLAGS , , . EFLAGS , . , , . , . (+ 1778 : , EFLAGS 1778 , 1778 .)

ESP - , EBP () - ( ). . . EBP . , ( ), EBP ; x86, .

SS, CS, DS, ES, FS GS , segmentation, FS GS ; , x86-64. .

+1

More articles:


All Articles