All geek questions in one place

Gdb break address is different at break (function name) / break * (function name)

#include <stdio.h> int main(void){ int sum = 0; sum += 0xabcd; printf("%x", sum); return 0; }

This is my code, and when I use gdb, I can find another address if break main / break * main.

When I just type disassemble main, it looks like this:

 Dump of assembler code for function main: 0x080483c4 <+0>: push %ebp 0x080483c5 <+1>: mov %esp,%ebp 0x080483c7 <+3>: and $0xfffffff0,%esp 0x080483ca <+6>: sub $0x20,%esp 0x080483cd <+9>: movl $0x0,0x1c(%esp) 0x080483d5 <+17>:addl $0xabcd,0x1c(%esp) 0x080483dd <+25>:mov $0x80484c0,%eax 0x080483e2 <+30>:mov 0x1c(%esp),%edx 0x080483e6 <+34>:mov %edx,0x4(%esp) 0x080483ea <+38>:mov %eax,(%esp) 0x080483ed <+41>:call 0x80482f4 < printf@plt > 0x080483f2 <+46>:mov $0x0,%eax 0x080483f7 <+51>:leave 0x080483f8 <+52>:ret End of assembler dump.

So, when I type [break * main], it starts 0x080483c4, but types [break main], it starts 0x080483cd

Why is the starting address different?

+4
source share
2 answers

Why is the address different.

Because break function and break *address not the same ( *address indicates the address of the first function of the function before the frame stack and the arguments were configured).

In the first case, GDB skips the proog function (setting the current frame).

+5
source

A common conjecture - and ready to be completely wrong.

* main if function address

A break inside main is the first available address to stop inside a function when it executes.

Please note that 0x080483cd is the first place that the debugger can stop because it changes the variable (i.e. sets zero to the sum)

When you break down on 0x080483c4, it's up to the assembly assembler that C knows nothing about

0
source

Source: https://habr.com/ru/post/1436272/

More articles:


All Articles