How to walk through disassembly from the beginning on Linux?
Question
│0x565554fd <main> lea 0x4(%esp),%ecx │
│0x56555501 <main+4> and $0xfffffff0,%esp │
│0x56555504 <main+7> pushl -0x4(%ecx) │
│0x56555507 <main+10> push %ebp │
│0x56555508 <main+11> mov %esp,%ebp │
│0x5655550a <main+13> push %ebx │
│0x5655550b <main+14> push %ecx │
│0x5655550c <main+15> call 0x56555529 <__x86.get_pc_thunk.ax> │
│0x56555511 <main+20> add $0x1acb,%eax │
B+>│0x56555516 <main+25> mov %eax,%ebx │
│0x56555518 <main+27> call 0x5655552d <swap> │
│0x5655551d <main+32> mov $0x0,%eax │
│0x56555522 <main+37> pop %ecx │
│0x56555523 <main+38> pop %ebx │
│0x56555524 <main+39> pop %ebp │
│0x56555525 <main+40> lea -0x4(%ecx),%esp │
│0x56555528 <main+43> ret │
│0x56555529 <__x86.get_pc_thunk.ax> mov (%esp),%eax │
│0x5655552c <__x86.get_pc_thunk.ax+3> ret │
│0x5655552d <swap> push %ebp │
│0x5655552e <swap+1> mov %esp,%ebp │
│0x56555530 <swap+3> sub $0x10,%esp │
│0x56555533 <swap+6> call 0x56555529 <__x86.get_pc_thunk.ax> │
│0x56555538 <swap+11> add $0x1aa4,%eax │
│0x5655553d <swap+16> lea 0x3c(%eax),%edx │
│0x56555543 <swap+22> lea 0x2c(%eax),%ecx │
│0x56555549 <swap+28> lea 0x4(%ecx),%ecx
Here is the thing. Plz give me any clue how to use GDB walk through the assembly from the very beginning? Every time I start the program, it goes from the main() function, rather than the beginning of the __libc_start_main().
I would be hugely appreciate if anyone can do me this favour.
1 answers
solution1
3 2019-11-19 08:30:41
Use GDB's starti command to run , but stop before the first user-space instruction (even if that's inside the dynamic linker). It's like setting a temporary breakpoint on the entry point before run . With older GDB versions that don't support starti , there are hacks like b *0 to create an invalid breakpoint which you then remove after using run . ( Stopping at the first machine code instruction in GDB )
Or if you only want to start at __libc_start_main instead of your _start or the dynamic linker's _start , set a breakpoint there.
From there you can use si (aka stepi ) to single-step by instructions.
You probably want layout reg or layout asm for this.
You might want to build a non-PIE executable ( gcc -no-pie -fno-pie ), although either way the dynamic linker will execute some code before jumping to your executable's _start .
how to start from 0x565554fd on my code snippet?
That's a totally different question.
That's just the top of main
GDB is partly designed for C debugging, and sometimes likes to save you the trouble of dealing with function prologues. In this case, 32-bit main 's prologue aligns the stack and gets a GOT pointer using PC-relative methods (because it's a PIE executable).
You could just b *0x565554fd and run your program again.
Or with a non-PIE, you can easily get the real address of main before running the first time.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.