Related to this, and exposing my ignorance of the architecture, I'm confused
by register values returned by gdb during the attach case above. The value
of "$rbp" is 0x7ffff9f3bf40; the value of "$fp" is 0x7ffff9f3bf00. I
thought that RBP holds the frame pointer; what would "$fp" be then, and why
would it be different? The value at address "$fp + 0x8" is actually the
return address I'm expecting (0x402923).
$fp seems to be a variable gdb maintains to track the frame pointer.
When you use -fomit-frame-pointer on x64, $rbp becomes a scratch register for the compiler (this is the default with gcc -O2 and higher).
Otherwise, $fp and $rbp should be equal.
-Arun