Closed GoogleCodeExporter closed 9 years ago
The problem is that this elf is a 32-bit executable. And if you build 64-bit
EDB, it can only debug 64-bit applications. I should probably have a notice for
this. Unfortunately, EDB assumes that it is debugging applications built for
the same arch it was built for.
Original comment by evan.teran
on 3 Oct 2012 at 4:07
Just to be clear, what happening is that since the ELF is 32-bit, the operating
system loads it as a 32-bit program (as it should). EDB, mistakenly assumes it
is 64-bit and shows you a disassembly based on that, but it will still execute
as 32-bit.
From here, the rest is obvious, the 0x48 is a single byte "inc" instruction on
x86 (it's the REX byte on x86-64). So when you step, the program executes one
instruction and sets EIP accordingly. Which is why the disassembly got adjusted
to what you see next.
Build your app as a 64-bit ELF file and it will not be a problem.
Original comment by evan.teran
on 3 Oct 2012 at 4:07
Original issue reported on code.google.com by
evan.teran
on 3 Oct 2012 at 3:21