How to force GDB to disassemble code when it says "No function contains program counter for selected frame"?
How to force GDB to disassemble code when it says "No function contains program counter for selected frame"?
Debugging a program, starting at the absolute address 0x00402200, I get the following output when trying to disassemble the code at this address:
[New Thread 65212.0x10378]
Breakpoint 1, 0x00402200 in ?? ()
(gdb) stepi
0x00402202 in ?? ()
(gdb) stepi
0x00402207 in ?? ()
(gdb) stepi
0x0040220a in ?? ()
(gdb) stepi
0x0040220f in ?? ()
(gdb) disassemble
No function contains program counter for selected frame.
(gdb) stepi
0x00401000 in start ()
The file being debugged is a Win32 PE for educational purposes (reverse engineering).
Is there some way of telling GDB to start disassembling at the address? Otherwise, what are my alternatives (i.e. other tools)?
Answer
The documentation of disassemble: (gdb) help disassemble says that:
Disassemble a specified section of memory.
Default is the function surrounding the pc of the selected frame.
...
With a single argument, the function surrounding that address is dumped.
Two arguments (separated by a comma) are taken as a range of memory to dump,
in the form of "start,end", or "start,+length".
So, in your case, since their is no function surrounding the program counter (PE), you should use the two-argument form, like:
disassemble 0x00402200, +16 or disassemble 0x00402200, 0x00402210.
Hope this helps!