[SOLVED] Help me examine this GDB output

[justin]

This piece of code in my crt0 is causing me some problems:

Code: Select all

00401080 <_start>:
  401080:	53                   	push   %ebx
  401081:	50                   	push   %eax
  401082:	e8 3d 01 00 00       	call   4011c4 <main>
  401087:	a1 46 23 00 00       	mov    0x2346,%eax
  40108c:	cd 40                	int    $0x40

When I get to 0x401087, I inspect the registers:

Code: Select all

(gdb) disassemble
Dump of assembler code for function _start:
   0x00401080 <+0>:	push   %ebx
   0x00401081 <+1>:	push   %eax
   0x00401082 <+2>:	call   0x4011c4 <main>
=> 0x00401087 <+7>:	mov    0x2346,%eax
   0x0040108c <+12>:	int    $0x40
End of assembler dump.
(gdb) info registers
eax            0x0	0
ecx            0x408940	4229440
edx            0x405eda	4218586
ebx            0x402291	4203153
esp            0xbffffeb8	0xbffffeb8
ebp            0xbfffff38	0xbfffff38
esi            0xb	11
edi            0x0	0
eip            0x401087	0x401087 <_start+7>
eflags         0x200246	[ PF ZF IF ID ]
cs             0x1b	27
ss             0x23	35
ds             0x23	35
es             0x23	35
fs             0x23	35
gs             0x23	35

Then I execute 'si' to advance one instruction. You can see that eax has changed from 0x0 to 0x20007000d but not to the value 0x2346 like I would have thought:

Code: Select all

(gdb) disassemble
Dump of assembler code for function _start:
   0x00401080 <+0>:	push   %ebx
   0x00401081 <+1>:	push   %eax
   0x00401082 <+2>:	call   0x4011c4 <main>
   0x00401087 <+7>:	mov    0x2346,%eax
=> 0x0040108c <+12>:	int    $0x40
End of assembler dump.
(gdb) info registers
eax            0x2007000d	537329677
ecx            0x408940	4229440
edx            0x405eda	4218586
ebx            0x402291	4203153
esp            0xbffffeb8	0xbffffeb8
ebp            0xbfffff38	0xbfffff38
esi            0xb	11
edi            0x0	0
eip            0x40108c	0x40108c <_start+12>
eflags         0x200246	[ PF ZF IF ID ]
cs             0x1b	27
ss             0x23	35
ds             0x23	35
es             0x23	35
fs             0x23	35
gs             0x23	35

You can see that the memory has not been altered:

Code: Select all

(gdb) x/5xb 0x401087
0x401087 <_start+7>:	0xa1	0x46	0x23	0x00	0x00

Why is eax not changing to 0x2346?

Thanks for your help.

[thepowersgang]

You've been tricked by AT&T syntax

Literal values must be prefixed with '$', otherwise they are actually encoded as memory acesses.

What that code actually does is reads 32-bits from the address 0x2346 and writes it to the register %eax.

[nerdguy]

I still didn't get WHY do GNU Products use AT&T syntax, it does make things unclean and tough to read.
Assembly Language is itself too complicated + these $'s and %'s in AT&T make it more.

[Combuster]

Then use Bochs' debugger. AT&T problem solved

[mikeee]

set disassembly-flavor intel