How to set a breakpoint on imported Win32 function?

Eli Zaretskii eliz@gnu.org
Thu Jan 16 18:28:00 GMT 2020


> Cc: gdb@gnu.org, Eli Zaretskii <eliz@gnu.org>
> From: Luis Machado <luis.machado@linaro.org>
> Date: Thu, 16 Jan 2020 15:13:55 -0300
> 
> >>> I have a program without any debug info, which has an import table
> >>> with some functions imported by name. E.g. kernel32!ExitProcess is
> >>> imported, and the debugger should know its name and address.
> >>>
> >>> But whenever I run GDB (from mingw-w64) with my test exe and try to
> >>> set breakpoint on ExitProcess, GDB complains that no symbol table is
> >>> loaded and asks if I want it set on future library load. After I agree
> >>> and let the debuggee run, the debuggee exits without any trap
> >>> (although it does exit via this exact function).
> >>>
> >>> OTOH, on Linux I can set a breakpoint on e.g. exit, which gets located
> >>> in /lib/i386-linux-gnu/libc.so.6 for which I don't have any debug
> >>> symbols, and the breakpoint successfully traps.
> >>>
> >>> So, how can I set a breakpoint on an imported function in Windows? Or
> >>> is the handling of PE import table to fill GDB's symbol table not
> >>> implemented?
> >>>
> >>> Thanks,
> >>> Ruslan
> >>>
> >>
> >> Given what you described, i think GDB doesn't know how to properly
> >> locate that symbol. Can you at least see the symbol somewhere, in
> >> disassemble output for example?
> > 
> > No, apparently GDB doesn't indeed know about this symbol. The
> > disassembly (both at the call site and in the function itself) simply
> > shows the address, without any hints about symbols.
> > Has this ever worked on Windows GDB? Or was it simply not implemented?
> > 
> 
> I'm not well versed in GDB on Windows, so i'm not so sure. It could be both.
> 
> I've cc-ed Eli, who tends to touch more mingw stuff.

I'll try to help, although I don't think understand well enough the
use case.

If I start a MinGW program under GDB, and then put a breakpoint on
ExitProcess, I get this:

  Temporary breakpoint 2, main (argc=2, argv=0xa42848) at emacs.c:934
  934       bool no_loadup = false;
  (gdb) break ExitProcess
  Breakpoint 3 at 0x7c81bfa7
  (gdb) info breakpoints
  Num     Type           Disp Enb Address    What
  3       breakpoint     keep y   0x7c81bfa7 <KERNEL32!ExitProcess+5>

So it seems that GDB already knows how to put breakpoints on such
functions: you just need to name them without the DLL-name part.
However, I'm not sure I understand what is meant above by "functions
imported by name".  How exactly were they imported?  Does the above
technique work for you?



More information about the Gdb mailing list