Menu
I'm trying to disassemble a program to see a syscall assembly instruction (the INT instruction, I believe) and the handler with GDB and have written a little program (see below) for it that opens and closes a file.
I was able to follow the call to fopen with GDB until it executed a call.
When I tried to tell GDB "disassemble 0x...." (address of call) it responded with 'No function contains specified address.'
Is it possible to force GDB to disassemble (or display it in assembler as good as possible) that memory address? If so, how?
#include <stdio.h> #include <stdlib.h> int main() { FILE* f; f = fopen("main.c", "r"); if (!f) { perror("open"); return -1; } fclose(f); return 0; } 
644
From within gdb press Ctrl x 2 and the screen will split into 3 parts. First part will show you the normal code in high level language. Second will show you the assembly equivalent and corresponding instruction Pointer .
Function. Specifies the function to disassemble. If specified, the disassemble command will produce the disassembly output of the entire function. Address. Specifies the address inside a function to disassemble.
The objdump command is generally used to inspect the object files and binary files. It prints the different sections in object files, their virtual memory address, logical memory address, debug information, symbol table, and other pieces of information. Here we'll see how we can use this tool to disassemble the files.
Yeah, disassemble is not the best command to use here. The command you want is "x/i" (examine as instructions):
(gdb) x/i 0xdeadbeef If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
