voltron icon indicating copy to clipboard operation
voltron copied to clipboard

Published 20 hours ago verified publisher icon snare

disassemble code at jump target

Open Grazfather opened this issue 9 years ago • 4 comments

On instructions that are jumps the code (configurable?) should be able to render some of the code at the jump target.

Grazfather avatar Sep 07 '16 20:09 Grazfather

Some issues:

  • All requests must we sent in one batch. You can't send a request, parse out the target, and then send another request to disassemble the target
    • This implies that this logic would have to be a feature of the dissassemble request handler
  • Jump taken requires access to registers to determine.
  • Jump target needs to be resolved, which can require mem reads and such.
    • Might be able to use gdb.parse_and_eval for an ISA-independent version.
    • Anything similar for WinDBG and LLDB?

Grazfather avatar Sep 10 '16 02:09 Grazfather

I might actually investigate the background thread API issue as that's been a thorn in my side for a long time. I'm always hesitant to put effort into getting stuff merged into larger projects because I just want it to work now for my thing, but maybe I'll chat to the GDB people and see if there's a way forward with async access to the API without crashing everything. Without that, gonna have to deal with the batch requests thing unfortunately, which yeah, means the request handlers have to be more complex and configurable.

I'm fine with using GDB features to expedite implementation of this stuff for GDB if you wanna do that, but I reckon Capstone and some generic disassembly helper code is gonna be the way forward eventually. Def happy to merge GDB-specific stuff that enables this though, I can look at doing the same for LLDB to just get the feature working initially.

snare avatar Sep 10 '16 02:09 snare

You've said that this issue is fixed now?

I can look into this more, but I am not sure how to calculate the jump target in an arch-agnostic way. PEDA does it very well but it's x86_* only.

Grazfather avatar Nov 08 '16 03:11 Grazfather

Yep, you can make multiple sequential requests from views now, but I'd prefer if this behaviour was wrapped in an if checking if the debugger supports the async capability (which LLDB and WinDbg [IIRC] always did, GDB does now, but VDB doesn't) so as not to break compat with VDB and potentially other hosts that don't support async. But I can add this logic in if you just wanna submit a PR that does the jump stuff.

As far as calculating the jump target in an arch-agnostic way, yeah.. not sure. I'm about to go out, but have a go if you like and we can look at refactoring it later.

snare avatar Nov 08 '16 05:11 snare