ESP not changing on PUSH/POP

[ghost]

Hi I was trying the same exact example as the README.md and my esp just stays at 0x30 for any PUSH and POP operations

[yrp604]

Im going to need more information to repro this, I just ran the current master and push and pop seem to work fine for me?

$ bin/rappel
eax=00000000 ebx=00000000 ecx=00000000 edx=00000000 esi=00000000 edi=00000000
eip=00400001 esp=ff9b4be0 ebp=00000000 [cf:0, zf:0, of:0, sf:0, pf:0, af:0, df:0]
cs=0023  ss=002b  ds=002b  es=002b  fs=0000  gs=0000            efl=00000202
> push 0x41414141
eax=00000000 ebx=00000000 ecx=00000000 edx=00000000 esi=00000000 edi=00000000
eip=00400006 esp=ff9b4bdc ebp=00000000 [cf:0, zf:0, of:0, sf:0, pf:0, af:0, df:0]
cs=0023  ss=002b  ds=002b  es=002b  fs=0000  gs=0000            efl=00000202
> mov ebx, 0x42424242
eax=00000000 ebx=42424242 ecx=00000000 edx=00000000 esi=00000000 edi=00000000
eip=00400006 esp=ff9b4bdc ebp=00000000 [cf:0, zf:0, of:0, sf:0, pf:0, af:0, df:0]
cs=0023  ss=002b  ds=002b  es=002b  fs=0000  gs=0000            efl=00000202
> push ebx
eax=00000000 ebx=42424242 ecx=00000000 edx=00000000 esi=00000000 edi=00000000
eip=00400002 esp=ff9b4bd8 ebp=00000000 [cf:0, zf:0, of:0, sf:0, pf:0, af:0, df:0]
cs=0023  ss=002b  ds=002b  es=002b  fs=0000  gs=0000            efl=00000202
> pop ecx
eax=00000000 ebx=42424242 ecx=42424242 edx=00000000 esi=00000000 edi=00000000
eip=00400002 esp=ff9b4bdc ebp=00000000 [cf:0, zf:0, of:0, sf:0, pf:0, af:0, df:0]
cs=0023  ss=002b  ds=002b  es=002b  fs=0000  gs=0000            efl=00000202
> pop esi
eax=00000000 ebx=42424242 ecx=42424242 edx=00000000 esi=41414141 edi=00000000
eip=00400002 esp=ff9b4be0 ebp=00000000 [cf:0, zf:0, of:0, sf:0, pf:0, af:0, df:0]
cs=0023  ss=002b  ds=002b  es=002b  fs=0000  gs=0000            efl=00000202
>

[ghost]

I am running with the following Dockerfile on MacOS Mojave 10.14.6 (18G4032)

built with command make

cc version:

cc (Debian 8.3.0-6) 8.3.0
Copyright (C) 2018 Free Software Foundation, Inc.
This is free software; see the source for copying conditions.  There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.

make version:

GNU Make 4.2.1
Built for x86_64-pc-linux-gnu
Copyright (C) 1988-2016 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.

Dockerfile:

FROM mcr.microsoft.com/vscode/devcontainers/base:0-debian-10

ENV DEBIAN_FRONTEND=noninteractive

ARG USER_UID=1000
ARG USER_GID=$USER_UID

# Configure apt and install packages
RUN apt-get update \
    && apt-get -y install --no-install-recommends apt-utils dialog 2>&1 \ 
    #
    # Verify git and needed tools are installed
    && apt-get -y install git build-essential iproute2 procps libedit-dev nasm \
    #
    # [Optional] Update a non-root user to match UID/GID - see https://aka.ms/vscode-remote/containers/non-root-user.
    && if [ "$USER_GID" != "1000" ]; then groupmod node --gid $USER_GID; fi \
    && if [ "$USER_UID" != "1000" ]; then usermod --uid $USER_UID node; fi \
    # [Optional] Add add sudo support for non-root user
    && apt-get install -y sudo \
    && echo node ALL=\(root\) NOPASSWD:ALL > /etc/sudoers.d/node \

    #
    # Clean up
    && apt-get autoremove -y \
    && apt-get clean -y \
    && rm -rf /var/lib/apt/lists/*

# Switch back to dialog for any ad-hoc use of apt-get
ENV DEBIAN_FRONTEND=

[yrp604]

Im pretty sure docker filters the ptrace syscall unless you explicitly enable it, does running strace or gdb work inside that docker session?

[disconnect3d]

To use the ptrace syscall you need to launch the container with --cap-add=SYS_PTRACE. Though keep in mind that it lowers the bar of isolation of a given container.

[yrp604]

Feel free to re-open if this isn't resolved.