libr/anal/p/anal_x86_cs.c use static variable for `op->{dst,src[0]}->reg` because they are not freed in `r_anal_op_fini`.
libr/core/cmd_anal.c
+ r_anal_op fields of `op` should be freed.
+ cmd_esil_mem leaks are not addressed.
libr/anal/esil.c esil->db_trace should be freed.
Also fix a trivial memset bug in libr/bin/format/elf/elf.c
* Duplicate atl and atd commands
* Merge and duplicate att, ata and at- commands
* Merged at* to dt*
* Merged at+ to dt+
* Moved atr to dtr
* Modified dt* message
* Moved atD to dtD
* Moved esil trace commands, ate to dte
* Duplicate at command
* Fixed some bugs
Enabling stepping over
Basic (sym.imp.*) call catching routines
Fixing esil tracing bug and verbosity
Adding some apis for handling function prototypes and abstacting sbd queries
Fixing the double execusion bug in esil tracing
passing types into vars for `stack`
fixing trailing spaces
doing the regester branch
doing the stack_rev
The major contribution here is completely re-worked breakpoint hit/recoil
handling. This work fixes#4907 and lays the ground work for future native
debugger improvements (multi-threading, etc).
* Give a human friendly type to enums
* Change many wait functions to return RDebugReasonType
* Better return checking (from r_debug_reg_sync, r_bp_restore)
* Optimized register synchronization
* Lots of comments and whitespace changes
* Improved inferior death detection
Handle EXIT_PID events differently than DEAD process events
* Move breakpoint/recoil handling to wait/cont/step
Rather than handing breakpoint related things inside cmd_debug.c, do that
inside the r_debug API functions. This seems like the most logical place for it
to live since it should apply to just about any platform/architecture. This
also centralizes calling into "cmd.bp" handling via the CoreBind callback.
* Track how the caller wishes to continue
It turns out that handling break point recoils is very complicated. The ptrace
API on Linux returns SIGTRAP for just about every type of operation (not just
breakpoints getting hit). Add the "recoil_mode" flag to indicate whether we are
single-stepping or continuing and whether or not we are inside the recoil.
* Proper handling for swstep=true
Since r_debug_step_soft calls r_debug_continue, it's already hitting the recoil
case there. Move the recoil handling from r_debug_step to r_debug_step_hard
only.
For the swstep=true case, special handling is required inside r_debug_recoil.
By resetting all of the breakpoints except the one we just hit, we ensure we
can step the original instruction and hit the new swstep breakpoint. Add a new
bp function called r_bp_restore_except to do this.
To make matters worse, we cannot use a BreakpointItem pointer because that
leads to a use-after-free condition. Instead, we the breakpoint address
instead.
Now breakpoints should work regardless of the swtep setting.
* Always call the recoil before continuing
Some callers of r_debug_continue might not have ever inserted any breakpoints
before. If we don't restore breakpoints before each call to the underlying
continue we won't hit them.
* Hide software step breakpoint events from the user
When a breakpoint even happens due to a software-step, hide it from the user.
They aren't really breakpoints as far as they are concerned.
* Improve process exit handling on Linux
There are three types of process exiting events on Linux:
1. PTRACE_EVENT_EXIT occurs just before a process exits. It's not possible to
prevent it from exiting, but it can be used to inspect the pre-exit state.
2. The process can exit for a variety of reasons and we can notice when we call
waitpid(2).
3. The process could die randomly on us :-/
On Windows, h->wait will return R_DEBUG_REASON_EXIT_PID, but it's more likely
on Linux to find out the process is already dead.
* Check more bits within waitpid status
We can often make a decision about what happened strictly by looking at the
status returned from waitpid. In other cases, we need to call
r_debug_handle_signals.
If we reach the end of this function without knowing what happened, consider it
an error.
Fix memory leak in r_config_new.
cfg->nodes->free should be a custom function that frees RConfigNode
structure correctly, but not the ordinary free.
Fix memory leak in r_anal_new.
In r_anal_free need to call r_meta_free to free the
whole RMeta structure, not only it's data list.
The r_meta_free doesn't seem to have any leak itself.
Fix leaking anal->hints.
Fix memory leaks in r_cmd_free
Fix memory leak in r_cmd_plugin_init
Fix memleak in r_lib_new
Fix memory leak in r_io_plugin_init
Fix memory leak in r_debug_trace_new
Fix memory leaks in r_io_new
Fix memory leak in r_graph_new
Fix memory leak in r_sys_getdir.
Note: calling getcwd with dir=NULL is a Linux-specific extension
of POSIX, not sure if works on other non-windows platforms.
Fixes a typo
See the '.:' command
Full integration with awk bindings
Add install make target for the awk bindings
Handle as debug mode if io->file->debug
Fix typo quite/quiet in rabin2
Resolve $pc,$bp,$sp,$a0.. in r_core_num
Minor random fixups
- Added breakpoint and code analysis plugins for bf
- *mem++ != mem[0]++
- Full register get/set support
- Support for step and continue-until-syscall
- Work in progress breakpoint support
* Added bfvm_reset() hooked to plugin->kill
* Enhacements in r_core and r_debug for better debugger support
- Added plugin->step_over delegate
* Show call decompilations under the opcode as a comment
* Rename RRegister as RReg
- Deprecate r_reg_init and use r_reg_new
- Rewrite the list.h dependency in r_reg in order to use r_list
- Fix some memory leaks
* Implement push/pop methods in RReg class
- add test case using it
- will be used for register diffing and tracing
- Implemented in anal_reflines to skip call analysis for lines
* Set dbg.trace=true by default
* Display trace count and times in 'pd' (asm.trace)
- counter starts as 1, not 0 :)
* Added 'absolute' variable in RAnalValue (not yet used..)
- Defines the sign of the value (needs arch-dependent code)
* Sync TODO files
