I am trying to set a breakpoint on the entry point in a stripped ELF. The ELF was compiled and stripped on Virtual Box Linux Machine.
root@xxxx:~# readelf -e yyyy_not_patched
ELF Header:
Magic: 7f 45 4c 46 02 01 01 00 00 00 00 00 00 00 00 00
Class: ELF64
Data: 2's complement, little endian
Version: 1 (current)
OS/ABI: UNIX - System V
ABI Version: 0
Type: DYN (Shared object file)
Machine: Advanced Micro Devices X86-64
Version: 0x1
Entry point address: 0x650
Start of program headers: 64 (bytes into file)
Start of section headers: 6792 (bytes into file)
Flags: 0x0
Size of this header: 64 (bytes)
Size of program headers: 56 (bytes)
Number of program headers: 9
Size of section headers: 64 (bytes)
Number of section headers: 31
Section header string table index: 30
Program Headers point to:
Program Headers:
Type Offset VirtAddr PhysAddr
FileSiz MemSiz Flags Align
PHDR 0x0000000000000040 0x0000000000000040 0x0000000000000040
0x00000000000001f8 0x00000000000001f8 R E 0x8
INTERP 0x0000000000000238 0x0000000000000238 0x0000000000000238
0x000000000000001c 0x000000000000001c R 0x1
[Requesting program interpreter: /lib64/ld-linux-x86-64.so.2]
LOAD 0x0000000000000000 0x0000000000000000 0x0000000000000000
0x00000000000009ec 0x00000000000009ec R E 0x200000
LOAD 0x0000000000000dd8 0x0000000000200dd8 0x0000000000200dd8
0x0000000000000268 0x0000000000000278 RW 0x200000
DYNAMIC 0x0000000000000df0 0x0000000000200df0 0x0000000000200df0
0x00000000000001e0 0x00000000000001e0 RW 0x8
NOTE 0x0000000000000254 0x0000000000000254 0x0000000000000254
0x0000000000000044 0x0000000000000044 R 0x4
GNU_EH_FRAME 0x00000000000008a0 0x00000000000008a0 0x00000000000008a0
0x000000000000003c 0x000000000000003c R 0x4
GNU_STACK 0x0000000000000000 0x0000000000000000 0x0000000000000000
0x0000000000000000 0x0000000000000000 RW 0x10
GNU_RELRO 0x0000000000000dd8 0x0000000000200dd8 0x0000000000200dd8
0x0000000000000228 0x0000000000000228 R 0x1
"
When setting a breakpoint in the GDB I am getting "Cannot access memory at address 0x650"
root@xxxx:~# gdb yyyy_not_patched
Reading symbols from login_not_patched...(no debugging symbols found)...done.
(gdb) b *0x650
Breakpoint 1 at 0x650
(gdb) r
Starting program: /root/yyyy_not_patched
Warning:
Cannot insert breakpoint 1.
Cannot access memory at address 0x650
Any idea what could be the issue?
Any idea what could be the issue?
This:
Type: DYN (Shared object file)
means that you are looking at a position-independent executable (a special form of a shared library). Such executables are relocated to a random address before they start running, so setting breakpoint on unrelocated address 0x650 will not work.
What works:
(gdb) set stop-on-solib-events 1
(gdb) run
(gdb) info proc map
# Figure out where the executable got loaded
(gdb) b *($exe_load_address + 0x650)
Example:
$ readelf -h a.out | grep 'Entry point'
Entry point address: 0x620
$ gdb -q ./a.out
(gdb) set stop-on-solib-events 1
(gdb) run
Starting program: /tmp/a.out
Stopped due to shared library event (no libraries added or removed)
(gdb) info proc map
process 67394
Mapped address spaces:
Start Addr End Addr Size Offset objfile
0x555555554000 0x555555555000 0x1000 0x0 /tmp/a.out
0x555555754000 0x555555756000 0x2000 0x0 /tmp/a.out
0x7ffff7dda000 0x7ffff7dfd000 0x23000 0x0 /lib/x86_64-linux-gnu/ld-2.19.so
...
(gdb) b *(0x555555554000+0x620)
Breakpoint 1 at 0x555555554620
(gdb) c
Continuing.
Stopped due to shared library event:
Inferior loaded /lib/x86_64-linux-gnu/libc.so.6
(gdb) c
Continuing.
Breakpoint 1, 0x0000555555554620 in _start ()
(gdb) bt
#0 0x0000555555554620 in _start ()