Problems with reverse debugging

[dukebarman]

I try examples about reverse debugging from Radare2 book:

$ r2 /bin/ls
[0x004049a0]> dts+
[0x004049a0]> dso 2
[0x00000000]> dr rip
0x00000000
[0x00000000]>

But rip by default is 0x0. It should be equal entrypoint and start to debug with ESIL.

The other problem. I try to debug:

$ r2 -d /bin/ls
Process with PID 19843 started...
= attach 19843 19843
bin.baddr 0x00400000
Using 0x400000
Assuming filepath /bin/ls
asm.bits 64
 -- What is the most complex r2 command? q - then you have to deal with real life /o\
[0x7f2ff54c8c30]> dts+
Reading 8192 bytes from 0x0061d000...
Reading 4096 bytes from 0x0061f000...
Reading 8192 bytes from 0x7f2ff56ed000...
Reading 4096 bytes from 0x7f2ff56ef000...
Reading 135168 bytes from 0x7ffe1b1a7000...
[0x7f2ff54c8c30]> dso 2
hit breakpoint at: 7f2ff54c8c38
[0x7f2ff54c8c30]> dsb

After last command I can't stop working with ctrl+c and see these errors:

[Maijin]

@RKX1209 ^ See this

[RKX1209]

At first, you need to add '-d' option when use 'dts+', and in ESIL mode, 'aets+' should be.
And second problem can be occurred when program execute some non deterministic events
like system calls.
I'm gonna work this problem. Sorry for inconvenience.

[radare]

I make dso call aeso when cfg .debug is false

…

On 13 Aug 2017, at 03:01, Ren Kimura ***@***.***> wrote: At first, you need to add '-d' option when use 'dts+', and in ESIL mode, 'aets+' should be. And second problem can be occurred when program execute some non deterministic events like system calls. I'm gonna work this problem. Sorry for inconvenience. — You are receiving this because you are subscribed to this thread. Reply to this email directly, view it on GitHub, or mute the thread.

[radare]

are you on latest r2? try typing aeip first if you are on esil

[dukebarman]

Yeap!

$ r2 -v
radare2 1.7.0-git 16223 @ linux-x86-64 git.1.6.0-955-g05315c9
commit: 05315c92702b2be3754c3f66fca87162c7b8b5cb build: 2017-09-27__16:48:51

The first bug with ESIL is fixed for me:

$ r2 /bin/ls
 -- Move around the bytes with h,j,k,l! Arrow keys are neither portable nor efficient
[0x004049a0]> dts+
[0x004049a0]> dso 2
[0x004049a0]> dr rip
0x004049a2
[0x004049a0]> 

The second about debugger - nope :(

[XVilka]

Still reproducible :( @RKX1209 do you have time to check this please?

[radare]

yep reverse debugging is pretty buggy. ive seen a bunch of problems and i'll probably give a try after the 2.1 release

[XVilka]

Good thing for GSoC microtask, imho

[dukebarman]

Confirm, fix works for second case too

[radare]

cool!

…

On 4 Apr 2018, at 18:57, Boris Ryutin ***@***.***> wrote: Confirm, fix works for second case too — You are receiving this because you modified the open/close state. Reply to this email directly, view it on GitHub <#8198 (comment)>, or mute the thread <https://github.com/notifications/unsubscribe-auth/AA3-ltS8k3AenPz9P7Q1YQSesRSoa6LZks5tlPtkgaJpZM4O1dqb>.