0

Having this:

0000000000001135 <f1>:
    1135:   55                      push   %rbp
    1136:   48 89 e5                mov    %rsp,%rbp
    1139:   c7 45 fc 01 00 00 00    movl   $0x1,-0x4(%rbp)
    1140:   c7 45 f8 02 00 00 00    movl   $0x2,-0x8(%rbp)
    1147:   c7 45 f4 03 00 00 00    movl   $0x3,-0xc(%rbp)
    114e:   90                      nop
    114f:   5d                      pop    %rbp
    1150:   c3                      retq  
    ....

I want to break at the beginning address (0x0000000000001135) with gdb:

Reading symbols from a.out...done.
(gdb) break *0x0000000000001135
+break *0x0000000000001135
Breakpoint 1 at 0x1135: file a.c, line 3.
(gdb) layout asm
+layout asm
(gdb) r
+r
Starting program: /home/shepherd/Desktop/bin/a.out 

[4]+  Stopped                 gdb -q -tui a.out

result: crash after spcifying the address explicitly.

however, being used symbol, no problem: Reading symbols from a.out...done.

(gdb) layout asm
+layout asm
(gdb) break *f1
+break *f1
Breakpoint 1 at 0x1135: file a.c, line 3.
(gdb) r
+r
Starting program: /home/shepherd/Desktop/bin/a.out 

Breakpoint 1, f1 () at a.c:3
(gdb) si
+si
(gdb) 
...

I have observered two addresses. Before break *f1 and after break *f1. The first one was 0x0000000000001135. after however was 0x555555555135 <f1>. Why is gdb lying about addresses then? And how can I find out which what to use?

autistic456
  • 183
  • 1
  • 10
  • 1
    `0000000000001135` is a decimal constant because you forgot the `0x`. Use `b f1` to set a breakpoint on the symbol, which will work even for a PIE executable whose actual run-time address definitely won't be in the low 64k of virtual address space. (Or use `starti` before setting breakpoints.) – Peter Cordes Jun 10 '20 at 13:09
  • Actually it's octal, but the problem is the same :) – Jester Jun 10 '20 at 13:10
  • @PeterCordes fixed, but the `run` command still pause/crash the gdb after run (even with right address now), how to fix it? – autistic456 Jun 10 '20 at 13:13
  • @Jester I have used `advance f1` after `starti` -> the question problem - program stopped/crashed. – autistic456 Jun 10 '20 at 13:16
  • @PeterCordes, no there are 2 address gdb works with (see my edit), one for symbol and the other for the address of that symbol. It should be the same, but the gdb shows 2 different – autistic456 Jun 10 '20 at 13:30
  • You have a PIE executable, like I said in my first comment. The real run-time address will be different from the disassembly address (relative to the image base address). Unless you use `starti` first and then `disas f1`, then GDB will have runtime addresses. [Why do the addresses in my assembler dump differ from the addresses of registers?](https://stackoverflow.com/q/53310872) – Peter Cordes Jun 10 '20 at 13:33
  • Also, you can use `break f1`. You only need `break *target` when target is a numeric value, like `b *0x555555555425`. – Peter Cordes Jun 10 '20 at 13:38

0 Answers0