How to disassemble a memory range with GDB?

Patrick picture Patrick · Aug 6, 2009 · Viewed 111.7k times · Source

I'm trying to disassemble a program to see a syscall assembly instruction (the INT instruction, I believe) and the handler with GDB and have written a little program (see below) for it that opens and closes a file.

I was able to follow the call to fopen with GDB until it executed a call.

When I tried to tell GDB "disassemble 0x...." (address of call) it responded with 'No function contains specified address.'

Is it possible to force GDB to disassemble (or display it in assembler as good as possible) that memory address? If so, how?

#include <stdio.h>
#include <stdlib.h>

int main() {
    FILE* f;
    f = fopen("main.c", "r");
    if (!f) { 
      perror("open");
      return -1;
    }
    fclose(f);
    return 0;
}

Answer

Michael Snyder picture Michael Snyder · Oct 9, 2009

Yeah, disassemble is not the best command to use here. The command you want is "x/i" (examine as instructions):

(gdb) x/i 0xdeadbeef