search

ChrisZim / edb-debugger

Automatically exported from code.google.com/p/edb-debugger
GNU General Public License v2.0
0 stars 0 forks source link

"Run Until Return" doesn't work #47

Closed GoogleCodeExporter closed 9 years ago

GoogleCodeExporter commented 9 years ago 
The "Run Until Return" option (under Debug menu) is always grayed out for me, 
no matter what I do. When I've entered a subroutine/procedure/function that 
clearly ends with a RET instruction, I still can't use "Run Until Return".

Here's an example:

0804:83b0 55                    push   ebp
0804:83b1 89 e5             mov    ebp,esp
0804:83b3 83 ec 08          sub    esp,0x8
0804:83b6 c7 04 24 cc 84 04 08  mov    DWORD PTR [esp],0x80484cc
0804:83bd e8 3a ff ff ff    call   0x80482fc <puts@plt>
0804:83c2 c9                leave  
0804:83c3 c3                ret    

I've set a BP on 0804:83b0 and when I hit it, I can't use "Run Until Return" 
(grayed out), Also after one or more "step into"/"step over" commands, I'm 
never able to use "Run Until Return".

In this example, it doesn't matter ofcourse, but when you enter long library 
functions (perhaps because you wanted to step over instead of into) it would be 
nice to have a quick escape handy :)

Original issue reported on code.google.com by evan.teran on 3 Oct 2012 at 3:21

GoogleCodeExporter commented 9 years ago 
This isn't really a bug, but more of a "this feature is not implemented yet." 
That feature is entirely not present and thus the menu item will always be 
greyed out.

I intend to have it implemented in one of the upcoming versions. It is 
dependent on a more generic "run until <some_condition>" which is easier said 
that done ;).

Evan Teran

Original comment by evan.teran on 3 Oct 2012 at 3:57

GoogleCodeExporter commented 9 years ago 
Thank you for your prompt response. If I might make a suggestion: when you 
encounter a CALL instruction, save a copy of the return address that CALL puts 
on the stack. Then when the user gives the "Run until return" command, continue 
execution until EIP==return address (provided the user didn't put any BPs 
between current EIP and return address ofcourse).

I don't know all the things you want to accomplish with your "generic run until 
<some_condition>" ofcourse, but the above should work for all 'normal' function 
calls.

Original comment by evan.teran on 3 Oct 2012 at 3:58

GoogleCodeExporter commented 9 years ago 
The most recent version of edb has basic support for this feature. 
Unfortunately there is one situation which breaks it, but it is not critical.

This feature is effectively a "step repeatedly until I reach my destination, or 
a breakpoint". Unfortunately when stepping over a system call, linux delivers a 
signal which looks just like a breakpoint :-/. So it currently stops, I am 
working on a resolution to this.

Original comment by evan.teran on 3 Oct 2012 at 3:58

GoogleCodeExporter commented 9 years ago 
This is resolved in the SVN version. But there is a catch, it will stop after a 
system call as well as the next ret on Linux. This is a matter of the way the 
ptrace API works and will not trivially be dealt with.

Original comment by evan.teran on 26 Jul 2013 at 1:56