Summary0000184: [CE6.2-i386] "Execute till return Shift-F8" working incorrectly
Descriptionthis bug happened when i'm testting the "step 2" on "tutorial-i386.exe", it's only stop twice after run this command.
here is step reproduce:
set break point on "tutorial-i386.exe"+2622B and then click "hitme", ce will break at preview break point, press shift+f8 then EIP will be "tutorial-i386.exe"+AB19E, shift-f8 eip will be "tutorial-i386.exe"+146123, but at this time the title on memory view is "Running", ofcource, i'm cann't press shift-f8 any more. :D
Dark Byte (developer)

I think this is normal, there's only a limited amount of times you can go back until you get to the message loop or start of the program .
The breakpoint didn't trigger when you closed the tutorial ?

Anyhow, check the breakpoint list and see where it has set the return address breakpoint. Check that it's at a valid code address (so not in some random data/other module)


ablonevn (reporter)

Last edited: 2012-10-22 06:31

No, i do not think setting breakpoint at "return address" when you use "stack walk" method is a good idea, in many cases, it give us wrong address, even now, there is no way to make sure eip will jump-back to an address on stack pointer. The best way, i think, use "Step over until ret" intead using set breakpoint method.

about tutorial step 2: there is at least 10 address you can jump back, but in your CE "Run util ret" only have two :D


