fix breakpoint strategy in mcu and add parse_int function decorator

ucgJhe · ucgJhe · commit 93bb98469ac7 · 2021-11-15T22:20:53.000-08:00
diff --git a/qiling/debugger/qdb/frontend.py b/qiling/debugger/qdb/frontend.py
@@ -11,7 +11,7 @@
 
 from qiling.const import QL_ARCH
 
-from .utils import dump_regs, get_arm_flags, disasm, parse_int, handle_bnj
+from .utils import dump_regs, get_arm_flags, disasm, _parse_int, handle_bnj
 from .const import *
 
 
@@ -59,7 +59,7 @@ def extract_count(t):
     elif ql.archtype == QL_ARCH.MIPS:
         addr = addr.replace("fp", "s8")
 
-    addr = getattr(ql.reg, addr) if addr in ql.reg.register_mapping.keys() else parse_int(addr)
+    addr = getattr(ql.reg, addr) if addr in ql.reg.register_mapping.keys() else _parse_int(addr)
 
     def unpack(bs, sz):
         return {
diff --git a/qiling/debugger/qdb/qdb.py b/qiling/debugger/qdb/qdb.py
@@ -13,7 +13,7 @@
 from qiling.debugger import QlDebugger
 
 from .frontend import context_reg, context_asm, examine_mem
-from .utils import parse_int, handle_bnj, is_thumb, CODE_END
+from .utils import _parse_int, handle_bnj, is_thumb, CODE_END, parse_int
 from .utils import Breakpoint, TempBreakpoint
 from .const import *
 
@@ -42,7 +42,7 @@ def dbg_hook(self: QlQdb, init_hook: str):
         if self.ql.archtype != QL_ARCH.CORTEX_M:
 
             if init_hook:
-                init_hook = parse_int(init_hook)
+                init_hook = _parse_int(init_hook)
 
                 self.set_breakpoint(init_hook, is_temp=True)
 
@@ -112,16 +112,22 @@ def _run(self: Qldbg, address: int = 0, end: int = 0, count: int = 0) -> None:
             address = self.cur_addr
 
         if self.ql.archtype == QL_ARCH.CORTEX_M and self.ql.count != 0:
-            count = self.ql.count
+
+            while self.ql.count:
+                self.ql.arch.step()
+                self.ql.count -= 1
+                if self.cur_addr in self.bp_list.keys():
+                    print(f"{color.CYAN}[+] hit breakpoint at 0x{self.cur_addr:08x}{color.END}")
+                    break
+
+            self.do_context()
+            return
 
         if self.ql.archtype in (QL_ARCH.ARM, QL_ARCH.ARM_THUMB, QL_ARCH.CORTEX_M) and is_thumb(self.ql.reg.cpsr):
             address |= 1
 
         self.ql.emu_start(begin=address, end=end, count=count)
 
-        if self.ql.count:
-            self.ql.count -= count
-
     def parseline(self: QlQdb, line: str) -> Tuple[Optional[str], Optional[str], str]:
         """
         Parse the line into a command name and a string containing
@@ -203,7 +209,7 @@ def do_step(self: QlQdb, *args) -> Optional[bool]:
             print(f"{color.RED}[!] The program is not being run.{color.END}")
 
         else:
-            # save reg dump for data highliting changes
+            # save reg dump for data highlighting changes
             self._saved_reg_dump = dict(filter(lambda d: isinstance(d[0], str), self.ql.reg.save().items()))
 
             if self.rr:
@@ -244,7 +250,7 @@ def del_breakpoint(self: QlQdb, bp: Union[Breakpoint, TempBreakpoint]) -> None:
         if self.bp_list.pop(bp.addr, None):
             bp.hook.remove()
 
-    def do_start(self: QlQdb, address: str = "", *args) -> None:
+    def do_start(self: QlQdb, *args) -> None:
         """
         restore qiling instance context to initial state
         """
@@ -253,43 +259,29 @@ def do_start(self: QlQdb, address: str = "", *args) -> None:
 
         self.do_context()
 
-    def do_breakpoint(self: QlQdb, address: str = "") -> None:
+    @parse_int
+    def do_breakpoint(self: QlQdb, address: Optional[int] = 0) -> None:
         """
         set breakpoint on specific address
         """
 
-        address = parse_int(address) if address else self.cur_addr
+        if address is None:
+            address = self.cur_addr
 
         self.set_breakpoint(address)
 
         print(f"{color.CYAN}[+] Breakpoint at 0x{address:08x}{color.END}")
 
-    def do_continue(self: QlQdb, address: str = "") -> None:
+    @parse_int
+    def do_continue(self: QlQdb, address: Optional[int] = 0) -> None:
         """
-        continue execution from current address if no specified 
+        continue execution from current address if not specified
         """
 
-        if address:
-            address = parse_int(address)
-
-        print(f"{color.CYAN}continued from 0x{self.cur_addr:08x}{color.END}")
-
-        if self.ql.archtype == QL_ARCH.CORTEX_M:
-            end = 0
-
-            if len(self.bp_list) > 0:
-                end = next(filter(lambda x: x > self.cur_addr, sorted(self.bp_list.keys())))
-
-            self._run(address, end=end)
-
-            if end != 0:
-                print(f"{color.CYAN}[+] hit breakpoint at 0x{self.cur_addr:08x}{color.END}")
-
-            if self.ql.count:
-                # print context if still running
-                self.do_context()
+        if address is None:
+            address = self.cur_addr
 
-            return
+        print(f"{color.CYAN}continued from 0x{address:08x}{color.END}")
 
         self._run(address)
 
@@ -315,13 +307,14 @@ def do_show(self: QlQdb, *args) -> None:
         self.ql.mem.show_mapinfo()
         print(f"Breakpoints: {[hex(addr) for addr in self.bp_list.keys()]}")
 
-    def do_disassemble(self: QlQdb, address: str, /, *args, **kwargs) -> None:
+    @parse_int
+    def do_disassemble(self: QlQdb, address: Optional[int] = 0, *args) -> None:
         """
         disassemble instructions from address specified
         """
 
         try:
-            context_asm(self.ql, parse_int(address), 4)
+            context_asm(self.ql, _parse_int(address), self.ql.pointersize)
         except:
             print(f"{color.RED}[!] something went wrong ...{color.END}")
 
diff --git a/qiling/debugger/qdb/utils.py b/qiling/debugger/qdb/utils.py
@@ -77,10 +77,21 @@ def _get_mode(bits):
 
 
 # parse unsigned integer from string
-def parse_int(s: str) -> int:
+def _parse_int(s: str) -> int:
     return int(s, 0)
 
 
+# function dectorator for parse argument as integer
+def parse_int(func: Callable) -> Callable:
+    def wrap(qdb, s: str) -> int:
+        assert type(s) is str
+        try:
+            ret = _parse_int(s)
+        except:
+            ret = None
+        return func(qdb, ret)
+    return wrap
+
 # check wether negative value or not
 def is_negative(i: int) -> int:
     return i & (1 << 31)
@@ -250,7 +261,7 @@ def regdst_eq_pc(op_str):
 
     if to_jump:
         if '#' in line.op_str:
-            ret_addr = parse_int(line.op_str.split('#')[-1])
+            ret_addr = _parse_int(line.op_str.split('#')[-1])
         else:
             ret_addr = read_reg_val(line.op_str)
 
@@ -298,7 +309,7 @@ def regdst_eq_pc(op_str):
 
             if "]" in rn_offset.split(", ")[1]: # pre-indexed immediate
                 _, r, imm = line.op_str.replace("[", "").replace("]", "").replace("!", "").replace("#", "").split(", ")
-                ret_addr = ql.unpack32(ql.mem.read(parse_int(imm) + read_reg_val(r), 4))
+                ret_addr = ql.unpack32(ql.mem.read(_parse_int(imm) + read_reg_val(r), 4))
 
             else: # post-indexed immediate
                 # FIXME: weired behavior, immediate here does not apply
@@ -353,7 +364,7 @@ def regdst_eq_pc(op_str):
 
     elif line.mnemonic == "sub" and regdst_eq_pc(line.op_str):
         _, r, imm = line.op_str.split(", ")
-        ret_addr = read_reg_val(r) - parse_int(imm.strip("#"))
+        ret_addr = read_reg_val(r) - _parse_int(imm.strip("#"))
 
     elif line.mnemonic == "mov" and regdst_eq_pc(line.op_str):
         _, r = line.op_str.split(", ")
@@ -390,7 +401,7 @@ def _read_reg(regs, _reg):
         # get registers or memory address from op_str
         targets = [
                 read_reg_val(each)
-                if '$' in each else parse_int(each)
+                if '$' in each else _parse_int(each)
                 for each in line.op_str.split(", ")
                 ]
 
