Page 2 of 7 FirstFirst 1234567 LastLast
Results 16 to 30 of 95

Thread: EDB Linux Debugger 0.8.0 Release :)

  1. #16
    It's a bit of a relief that the problem you are having seems to not be directly caused by my code But it also kinda sucks that icewm has some issues with QT4.

    Anyway, thanks for the follow up on the issue, I hope the QT4/IceWM problems get worked out for very soon.

    proxy

  2. #17
    yet another release, 0.8.5 is here Anyway, I am going to ask those who are interested to try to check regularly so I don't feel like I am spamming this forums with ads for myself :-P

    I may just add a plugin to check if it is the latest version

    So enjoy and keep me posted of any requests/bugs.

    proxy

  3. #18
    Administrator dELTA's Avatar
    Join Date
    Oct 2000
    Location
    Ring -1
    Posts
    4,206
    Blog Entries
    5
    You can announce new versions in this thread whenever you release them, no problem, I'm sure many people appreciate this information, and the project looks really promising.
    "Give a man a quote from the FAQ, and he'll ignore it. Print the FAQ, shove it up his ass, kick him in the balls, DDoS his ass and kick/ban him, and the point usually gets through eventually."

  4. #19
    Well since the site admin gives it the thumbs up, I'll continue to post release notes here.

    BTW, version 0.8.7 is up

    Enjoy!

    proxy

  5. #20
    0.8.8 released, CHANGLOG:

    * Corrected bug in libdisasm which caused the instruction 8e e8 to disassemble
    incorrectly as "mov ds, ax" instead of the correct "mov gs, ax".

    2006-11-28
    ----------

    * Added ability to choose both how many bytes per "word" in the displays
    and how many "words" per row via the context menu, this setting is not
    remembered yet, but that will follow shortly.

    * Fixed very annoying bug where it was possible to make the QHexView widget
    not correctly highlight things if the origin was not aligned to the word
    width * row width.

    * Added ability for QHexView widget to display 64-bit formatted hex, once
    a bug related to selection of misaligned text is resolved this will be
    enabled.

    2006-11-27
    ----------

    * Added getBinaryStringFromUser to debugger API.

    * Added filename to title bar when opening an application.

    * Removed updating of all views when selecting a memory region to view,
    now it only updates the data view tab.

    * Fixed green arrow showing outside of viewable area sometimes.

    2006-11-25
    ----------

    * Changed string searcher to allow newlines in a string.

    * Corrected DebuggerCore's behaviour when writing less than 4 bytes from the
    edge of a memory region, previously the result was undefined, now it acts
    as expected.


    enjoy

    http://www.codef00.com/projects.php#Debugger

    proxy

  6. #21
    What's the difficulty of lowering the qt system requirement or build a static binary release? I am using fc5 and qt version is 3.3.36. I simply cannot build this debugger and I am afraid a lot of people have similar issues as well.

    Thanks,

  7. #22
    well unfortunately QT4 has a very much changed API from 3.x, so making it compile on both would be...at the very least a challenge (but that doesn't mean i wont attempt to do it).

    However, doesn't FC5 have "yum install qt4" ? i know FC6 does and I could have sworn that the rpm was available for FC5 too.

    static may also be doable, i'll look into it.

    proxy

  8. #23
    Works great on Ubuntu 6.06 , using gnome , qt 4.2 and g++ 4.1
    tested with metacity and beryl as window manager
    Thanks, Lownoise

  9. #24
    Ok, i got a vmware session with fc5 and upgraded qt and qt-devel to v4. Compilation etc is smooth. edb looks very promising. It's on par with 'kdbg'.

    Congratulations. There are a lot of room for improvement, for example, following dump, symbols, system/library call automatic recognition, etc.

  10. #25
    Ok, i got a vmware session with fc5 and upgraded qt and qt-devel to v4. Compilation etc is smooth. edb looks very promising. It's on par with 'kdbg'.

    Congratulations. There are a lot of room for improvement, for example, following dump, symbols, system/library call automatic recognition, etc.
    Glad you got it working, as far as the areas of improvement.

    Currently there is a follow in dump (right click on registers, right click on highlighted dword in either data or stack view).

    It also does have support for symbols to a certain degree, in that it will attempt to tell you the function which EIP is closest to, this only happens if you generate symbols as mentioned in the README.

    automatic system/library call identification, well ya got me there, no support for that yet, but I'm working on it. The main issue is that unlike windows linux calls system functions via an absolute address in the binaries PLT section, which does an indirect jump to the desired function (windows just does a straight up indirect call, much simpler to resolve). So bottom line is I need to figure out how to get the PLT entires and the respective names from a binary.

    BTW, doesn't FC5 let qt4 and qt co-exist, I am almost certain of this. they just have do like: qmake-qt4 instead of qmake IIRC.

    proxy
    Last edited by proxy; December 17th, 2006 at 00:32. Reason: typo

  11. #26
    0.8.9 released, adding a few fixes, a few speedups, and a few new features

    CHANGELOG:


    2006-12-12
    ----------

    * Finally added the ability to edit the bytes in the data and stack dump
    widgets! Simply right click and choose "Edit Bytes" and modify away .
    If the new string of bytes is smaller, the debugger will zero fill the
    difference, in the future this will be tunable.

    2006-12-08
    ----------

    * Improved efficiency and clarity of rendering code for some custom widgets.

    2006-12-06
    ----------

    * Started working on some html based help files in doc directory, don't
    expect anything useful in there quite yet, but it'll get there.

    * Isolated libdisasm calls to a single part of the code, this allowed
    consolodation of common functions as well as creating a central point to
    replace the code as I feel that libdisasm will likely be dropped in a later
    version.

    * Added more information in the instruction information panel.

    * Made DebuggerCore plugin readBytes fill the trailing end of the buffer with
    0xff if it could not read as many bytes as requested, this is to give more
    predictable results if only a partial read is possible.

    2006-12-01
    ----------

    * Reduced redundant drawing in QDisassembly widget, which should make things
    slightly faster due to less redraw.

    2006-11-30
    ----------

    * Added some more sanity checks to the internal reads and writes in the
    debugger core plugin, this should prevent reporting incorrect data if a
    add breakpoint failed to read/write correctly.

    * Made step over, also step over REP prefixed ops.

    * Fixed bug in indirect call/jmp analysis which resulted in the target symbol
    not being resolved even though it was in the symbol map.

    * Made it so the expression evaluator shows a ? instead of junk when it can't
    read from the effective address.


    enjoy

    http://www.codef00.com/projects.php#Debugger

    proxy

  12. #27
    0.8.10 released, mostely new features

    CHANGLOG:


    2006-12-16
    ----------

    * Added a tooltip to the disassembly view when there are too many instruction
    bytes to display which shows all bytes in the instruction.

    * Added display of ASCII strings next to registers if analysis decides that
    what the register points to is an ASCII string.

    * Added push/pop operations to the stack context menu.

    2006-12-13
    ----------

    * Added preliminary PLT support to make_symbolmap.sh, this will allow EDB
    to properly display library calls, eventually, this will lead to a database
    of known functions with parameters so the analyzier can display the paramters
    correctly.

    enjoy

    http://www.codef00.com/projects.php#Debugger

    proxy

  13. #28
    I've tried this new version, lots of improvement and very good job. Have you looked into using a version control system. I've recently played with this tool called 'trac' http://trac.edgewall.org/wiki/TracInstall, it's small and but pretty powerful interacting with subversion.

    There appears to be some memory leak issue with edb, as shown by using 'valgrind -v --leak-check=ful edb' (just a start/exit session without actually debugging something).
    ==8578== IN SUMMARY: 795 errors from 100 contexts (suppressed: 72 from 1)
    ==8578==
    ==8578== malloc/free: in use at exit: 426,187 bytes in 23,428 blocks.
    ==8578== malloc/free: 116,777 allocs, 93,349 frees, 26,282,078 bytes allocated.
    ==8578==
    ==8578== searching for pointers to 23,428 not-freed blocks.
    ==8578== checked 1,121,080 bytes.
    ==8578==
    ==8578==
    ==8578== 20 bytes in 1 blocks are definitely lost in loss record 27 of 141
    ==8578== at 0x40053D0: malloc (vg_replace_malloc.c:149)
    ==8578== by 0x16A8A0: strdup (in /lib/libc-2.4.so)
    ==8578== by 0x6474DA5: qt_init(QApplicationPrivate*, int, _XDisplay*, unsigned long, unsigned long) (in /usr/lib/libQtGui.so.4.2.1)
    ==8578== by 0x6421ECF: QApplicationPrivate::construct(_XDisplay*, unsigned long, unsigned long) (in /usr/lib/libQtGui.so.4.2.1)
    ==8578== by 0x6422A22: QApplication::QApplication(int&, char**, int) (in /usr/lib/libQtGui.so.4.2.1)
    ==8578== by 0x806CA96: main (main.cpp:82)
    ==8578==
    ==8578==
    ==8578== 112 bytes in 2 blocks are definitely lost in loss record 79 of 141
    ==8578== at 0x40053D0: malloc (vg_replace_malloc.c:149)
    ==8578== by 0x506BDF: (within /usr/lib/libXcursor.so.1.0.2)
    ==8578== by 0x5073F5: (within /usr/lib/libXcursor.so.1.0.2)
    ==8578== by 0x507E3F: XcursorXcFileLoadImages (in /usr/lib/libXcursor.so.1.0.2)
    ==8578== by 0x507F3A: XcursorFileLoadImages (in /usr/lib/libXcursor.so.1.0.2)
    ==8578== by 0x508820: XcursorLibraryLoadImages (in /usr/lib/libXcursor.so.1.0.2)
    ==8578== by 0x508A14: XcursorLibraryLoadCursor (in /usr/lib/libXcursor.so.1.0.2)
    ==8578== by 0x647A8D6: QCursorData::update() (in /usr/lib/libQtGui.so.4.2.1)
    ==8578== by 0x647AE85: QCursor::handle() const (in /usr/lib/libQtGui.so.4.2.1)
    ==8578== by 0x64892C2: qt_x11_enforce_cursor(QWidget*) (in /usr/lib/libQtGui.so.4.2.1)
    ==8578== by 0x648ADB0: QWidgetPrivate::create_sys(unsigned long, bool, bool) (in /usr/lib/libQtGui.so.4.2.1)
    ==8578== by 0x645E6E1: QWidget::create(unsigned long, bool, bool) (in /usr/lib/libQtGui.so.4.2.1)
    ==8578==
    ==8578==
    ==8578== 214 bytes in 9 blocks are definitely lost in loss record 86 of 141
    ==8578== at 0x40053D0: malloc (vg_replace_malloc.c:149)
    ==8578== by 0x4DDEA4: FcStrCopy (in /usr/lib/libfontconfig.so.1.0.4)
    ==8578== by 0x4E106C: (within /usr/lib/libfontconfig.so.1.0.4)
    ==8578== by 0x4732A5: (within /lib/libexpat.so.0.5.0)
    ==8578== by 0x473F1C: (within /lib/libexpat.so.0.5.0)
    ==8578== by 0x474F1D: (within /lib/libexpat.so.0.5.0)
    ==8578== by 0x475E64: (within /lib/libexpat.so.0.5.0)
    ==8578== by 0x46D65A: XML_ParseBuffer (in /lib/libexpat.so.0.5.0)
    ==8578== by 0x4E02E5: FcConfigParseAndLoad (in /usr/lib/libfontconfig.so.1.0.4)
    ==8578== by 0x4E05E4: FcConfigParseAndLoad (in /usr/lib/libfontconfig.so.1.0.4)
    ==8578== by 0x4E06E7: (within /usr/lib/libfontconfig.so.1.0.4)
    ==8578== by 0x4E0A23: (within /usr/lib/libfontconfig.so.1.0.4)
    ==8578==
    ==8578==
    ==8578== 216 bytes in 9 blocks are definitely lost in loss record 90 of 141
    ==8578== at 0x40053D0: malloc (vg_replace_malloc.c:149)
    ==8578== by 0x4D6854: FcPatternCreate (in /usr/lib/libfontconfig.so.1.0.4)
    ==8578== by 0x4DB55F: FcPatternFreeze (in /usr/lib/libfontconfig.so.1.0.4)
    ==8578== by 0x4E1047: (within /usr/lib/libfontconfig.so.1.0.4)
    ==8578== by 0x4732A5: (within /lib/libexpat.so.0.5.0)
    ==8578== by 0x473F1C: (within /lib/libexpat.so.0.5.0)
    ==8578== by 0x474F1D: (within /lib/libexpat.so.0.5.0)
    ==8578== by 0x475E64: (within /lib/libexpat.so.0.5.0)
    ==8578== by 0x46D65A: XML_ParseBuffer (in /lib/libexpat.so.0.5.0)
    ==8578== by 0x4E02E5: FcConfigParseAndLoad (in /usr/lib/libfontconfig.so.1.0.4)
    ==8578== by 0x4E05E4: FcConfigParseAndLoad (in /usr/lib/libfontconfig.so.1.0.4)
    ==8578== by 0x4E06E7: (within /usr/lib/libfontconfig.so.1.0.4)
    ==8578==
    ==8578==
    ==8578== 216 bytes in 1 blocks are definitely lost in loss record 92 of 141
    ==8578== at 0x40053D0: malloc (vg_replace_malloc.c:149)
    ==8578== by 0x292325: _XimOpenIM (in /usr/lib/libX11.so.6.2.0)
    ==8578== by 0x2A276F: _XimRegisterIMInstantiateCallback (in /usr/lib/libX11.so.6.2.0)
    ==8578== by 0x282AF7: XRegisterIMInstantiateCallback (in /usr/lib/libX11.so.6.2.0)
    ==8578== by 0x67F024D: QXIMInputContext::QXIMInputContext() (in /usr/lib/libQtGui.so.4.2.1)
    ==8578== by 0x67EF105: QInputContextFactory::create(QString const&, QObject*) (in /usr/lib/libQtGui.so.4.2.1)
    ==8578== by 0x641F2E1: QApplication::inputContext() const (in /usr/lib/libQtGui.so.4.2.1)
    ==8578== by 0x64598B6: QWidget::inputContext() (in /usr/lib/libQtGui.so.4.2.1)
    ==8578== by 0x648916E: QWidget::destroy(bool, bool) (in /usr/lib/libQtGui.so.4.2.1)
    ==8578== by 0x645BF4F: QWidget::~QWidget() (in /usr/lib/libQtGui.so.4.2.1)
    ==8578== by 0x66BA610: QFrame::~QFrame() (in /usr/lib/libQtGui.so.4.2.1)
    ==8578== by 0x67220E9: QAbstractScrollArea::~QAbstractScrollArea() (in /usr/lib/libQtGui.so.4.2.1)
    ==8578==
    ==8578==
    ==8578== 744 bytes in 3 blocks are possibly lost in loss record 111 of 141
    ==8578== at 0x40045D0: memalign (vg_replace_malloc.c:332)
    ==8578== by 0x400462A: posix_memalign (vg_replace_malloc.c:421)
    ==8578== by 0x55B5C8: (within /usr/lib/libglib-2.0.so.0.1000.3)
    ==8578== by 0x55C027: g_slice_alloc (in /usr/lib/libglib-2.0.so.0.1000.3)
    ==8578== by 0x52D688: g_array_sized_new (in /usr/lib/libglib-2.0.so.0.1000.3)
    ==8578== by 0x52D796: g_array_new (in /usr/lib/libglib-2.0.so.0.1000.3)
    ==8578== by 0x5633D2: g_static_private_set (in /usr/lib/libglib-2.0.so.0.1000.3)
    ==8578== by 0x544AF9: (within /usr/lib/libglib-2.0.so.0.1000.3)
    ==8578== by 0x5450B2: g_main_context_dispatch (in /usr/lib/libglib-2.0.so.0.1000.3)
    ==8578== by 0x5483EE: (within /usr/lib/libglib-2.0.so.0.1000.3)
    ==8578== by 0x548954: g_main_context_iteration (in /usr/lib/libglib-2.0.so.0.1000.3)
    ==8578== by 0x7E621D: QEventDispatcherGlib:rocessEvents(QFlags<QEventLoop::ProcessEventsFlag>) (in /usr/lib/libQtCore.so.4.2.1)
    ==8578==
    ==8578== LEAK SUMMARY:
    ==8578== definitely lost: 778 bytes in 22 blocks.
    ==8578== possibly lost: 744 bytes in 3 blocks.
    ==8578== still reachable: 424,665 bytes in 23,403 blocks.
    ==8578== suppressed: 0 bytes in 0 blocks.
    ==8578== Reachable blocks (those to which a pointer was found) are not shown.
    ==8578== To see them, rerun with: --show-reachable=yes
    --8578-- memcheck: sanity checks: 575 cheap, 24 expensive
    --8578-- memcheck: auxmaps: 0 auxmap entries (0k, 0M) in use
    --8578-- memcheck: auxmaps: 0 searches, 0 comparisons
    --8578-- memcheck: SMs: n_issued = 222 (3552k, 3M)
    --8578-- memcheck: SMs: n_deissued = 0 (0k, 0M)
    --8578-- memcheck: SMs: max_noaccess = 65535 (1048560k, 1023M)
    --8578-- memcheck: SMs: max_undefined = 7 (112k, 0M)
    --8578-- memcheck: SMs: max_defined = 276 (4416k, 4M)
    --8578-- memcheck: SMs: max_non_DSM = 222 (3552k, 3M)
    --8578-- memcheck: max sec V bit nodes: 11591 (588k, 0M)
    --8578-- memcheck: set_sec_vbits8 calls: 48744 (new: 12740, updates: 36004)
    --8578-- memcheck: max shadow mem size: 4444k, 4M
    --8578-- translate: fast SP updates identified: 75,207 ( 89.5%)
    --8578-- translate: generic_known SP updates identified: 5,505 ( 6.5%)
    --8578-- translate: generic_unknown SP updates identified: 3,315 ( 3.9%)
    --8578-- tt/tc: 423,951 tt lookups requiring 3,016,067 probes
    --8578-- tt/tc: 423,951 fast-cache updates, 4 flushes
    --8578-- transtab: new 62,281 (1,358,325 -> 22,049,244; ratio 162:10) [0 scs]
    --8578-- transtab: dumped 0 (0 -> ??)
    --8578-- transtab: discarded 82 (1,608 -> ??)
    --8578-- scheduler: 57,564,144 jumps (bb entries).
    --8578-- scheduler: 575/581,946 major/minor sched events.
    --8578-- sanity: 576 cheap, 24 expensive checks.
    --8578-- exectx: 30,011 lists, 25,881 contexts (avg 0 per list)
    --8578-- exectx: 210,566 searches, 200,768 full compares (953 per 1000)
    --8578-- exectx: 2,395,934 cmp2, 11,020 cmp4, 0 cmpAll

    Looking forward to future releases. I really should find some free time to start looking at your source code. Great work and keep it up!

  14. #29
    I am testing version 0.8.11 and 'still-reachable' memory reported by valgrind is usually also lost and potentially leaking.

  15. #30
    well if you look carefull at the report, as far as I can tell, all of the leaks are rooted in library functions (first is allocated by the QApplication object, second looks like a QWidget, 3rd/4th are part of libfontconfig, 5th is from a QAbstractScrollArea, finally the last seems to be part of the QProcessEvents system.

    QT generally does it's own memory managment, but I'll look into these to see if any of them are under my control, my gut tells me they aren't though

    One thing to test, see if there is a significant (or any) difference between opening then closing immediately and opening, then doing some work, then closing. If there is little to no difference, then it isn't a growing leak, which are the ones which are the real problems.

    thanks for the feedback and positive words

    proxy

Similar Threads

  1. EDB Linux Debugger 0.9.0 Release :)
    By proxy in forum Linux RCE
    Replies: 57
    Last Post: April 14th, 2011, 15:48
  2. Immunity Debugger v1.1 Release
    By OpenRCE_nicowow in forum Blogs Forum
    Replies: 0
    Last Post: November 24th, 2007, 18:50
  3. Syser Debugger 1.8 Release
    By wuyanfeng in forum Tools of Our Trade (TOT) Messageboard
    Replies: 11
    Last Post: July 6th, 2007, 17:06
  4. Syser Debugger 1.4 Release
    By wuyanfeng in forum Tools of Our Trade (TOT) Messageboard
    Replies: 9
    Last Post: May 24th, 2006, 20:19
  5. New Syser Debugger 1.3 Release
    By wuyanfeng in forum Advanced Reversing and Programming
    Replies: 2
    Last Post: March 12th, 2006, 05:30

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •