Stepping/tracing to next function or branching call

While stepping through disassembly code you might have wondered if there is a way to jump directly to the next branching statement or the next call or the next return statement instruction. The answer is: Yes there are some very useful ones, the following table of commands is taken from WinDbg documentation.

p (Step)

clip_image001[4]

Debug | Step Over

F10

Target executes one instruction. If this instruction is a function call, that function is executed as a single step.

pa (Step to Address)

     

Target executes until it reaches the specified address. All steps in this function are displayed (but steps in called functions are not).

pc (Step to Next Call)

     

Target executes until the next call instruction. If the current instruction is a call instruction, this call is executed completely and execution continues until the next call.

pct (Step to Next Call or Return)

     

Target executes until it reaches a call instruction or a return instruction.

ph (Step to Next Branching Instruction)

     

Target executes until it reaches any kind of branching instruction, including conditional or unconditional branches, calls, returns, and system calls.

pt (Step to Next Return)

     

Target executes until it reaches a return instruction.

t (Trace)

clip_image002[4]

Debug | Step Into

F11

F8

Target executes one instruction. If this instruction is a function call, debugger traces into that call.

ta (Trace to Address)

     

Target executes until it reaches the specified address. All steps in this function and called functions are displayed.

tb (Trace to Next Branch)

     

(All modes, except kernel mode, only on x86-based systems) Target executes until it reaches the next branch instruction.

tc (Trace to Next Call)

     

Target executes until the next call instruction. If the current instruction is a call instruction, the instruction is traced into until a new call is reached.

tct (Trace to Next Call or Return)

     

Target executes until it reaches a call instruction or return instruction. If the current instruction is a call instruction or return instruction, the instruction is traced into until a new call or return is reached.

th (Trace to Next Branching Instruction)

     

Target executes until it reaches any kind of branching instruction, including conditional or unconditional branches, calls, returns, and system calls. If the current instruction is a branching instruction, the instruction is traced into until a new branching instruction is reached.

tt (Trace to Next Return)

     

Target executes until it reaches a return instruction. If the current instruction is a return instruction, the instruction is traced into until a new return is reached.

wt (Trace and Watch Data)

     

Target executes until the completion of the whole specified function. Statistics are then displayed.

Appreciate your comments...