How can I search all process memory in gdb?

Question

How can I search all process memory in gdb?

I am trying to find a specific value (integer magic number (654321)) in the current process to which I am attached to GDB. I found the find [/sn] start_addr, +len, val1 [, val2, ...] , but it needs a start and end address, but I don’t know where my process memory starts and where it ends.

This seems to be a very common problem, but I remember how it was year after year, and I repeated it now without success, therefore .. How do I know where the process memory begins and where it ends?

+6

debugging linux gdb

user1542881 Jul 21 '12 at 16:00

source share

1 answer

Andy ross · Answer 1 · 2012-07-21T16:45:48+0000

The idea of "all memory" is becoming more complicated in the modern process. You really have a lot of mappings from different sources. You can list them (do not forget to read from cards without read access! In addition, you probably want to use some intelligence so as not to look for shared libraries in the .text section, etc.) read /proc/$pid/maps at runtime and then a script something to pass gdb to the appropriate commands. Honestly, I think the easiest way is to write a routine in binary mode to do this, and just call it from gdb.

How can I search all process memory in gdb?

More articles: