gdb : findind every jumps to an address

1
votes

I'm trying to understand a small binary using gdb but there is something I can't find a way to achieve : how can I find the list of jumps that point to a specified address? I have a small set of instructions in the disassembled code and I want to know where it is called. I first thought about searching the corresponding instruction in .text, but since there are many kind of jumps, and address can be relative, this can't work.

Is there a way to do that?

Alternatively, if I put a breakpoint on this address, is there a way to know the address of the previous instruction (in this case, the jump)?

1
gdbmemory-addressdisassembly

1 Answers

0
votes

If this is some subroutine being called from other places, then it must respect some ABI while it's called. Depending on a CPU used, the return address (and therefore a place from where it was called) will be stored somewhere (on stack or in some registers). If you replace original code with the one that examines this, you can create a list of return addresses. Or simpler, as you suggested, if you use gdb and put a breakpoint at that routine, you can see from where it was called by using a bt command.

If it was actual jump (versus a "jump to subroutine") that led you there (which I doubt, if it's called from many places, unless it's a kind of longjmp/setjmp), then you will probably not be able to determine where this was called from, unless the CPU you are using allows you to trace the execution in some way.