Why can jmpq jump to a address different from GDB's hint on Mac OS X?

0x开发者_如何学编程0000000149ab0d2c <+0000> jmpq *0x1e04b6(%rip) # 0x149c911e8

(gdb) p $rip $1 = (void (*)(void)) 0x149ab0d2c

(gdb) p $rip+6+0x1e04b6 $4 = (void (*)(void)) 0x149c911e8

after stepi: (It should be at 0x149c911e8 then, however...)

(gdb) p $rip $5 = (void (*)(void)) 0x148c46d4a

btw, my environment is Mac OS X 10.6.4. The program loads 2 dylibs, both of which link to the same static library compiled with the -fPIC option. This issue confuses the dylibs and make one of them call functions in another one, which shouldn't, since they're actually independent with each other.

The * shows that this is an absolute jump, not a relative jump. An absolute jump will either jump to the address stored in the register, or, in this case, jump to the address stored at the given location. If you read the contents of the address 0x149c911e8 (x/gx 0x149c911e8), you will probably find that it contains the address 0x148c46d4a.