flat assembler
Message board for the users of flat assembler.

Index > Projects and Ideas > FDBG - win64 Linux64 UEFI x64 AMD64 debugger

Goto page Previous  1, 2, 3, ... 10, 11, 12  Next
Author
Thread Post new topic Reply to topic
MazeGen



Joined: 06 Oct 2003
Posts: 977
Location: Czechoslovakia
MazeGen 01 Oct 2006, 20:53
Yeah, I like it! It would still need some improvements (why can't I close some of the windows and open them when really needed, for instance?), but it goes right direction I think Very Happy

Keep up your work, Feryno!
Post 01 Oct 2006, 20:53
View user's profile Send private message Visit poster's website Reply with quote
vid
Verbosity in development


Joined: 05 Sep 2003
Posts: 7105
Location: Slovakia
vid 01 Oct 2006, 21:48
great work, really.
Post 01 Oct 2006, 21:48
View user's profile Send private message Visit poster's website AIM Address MSN Messenger ICQ Number Reply with quote
Feryno



Joined: 23 Mar 2005
Posts: 514
Location: Czech republic, Slovak republic
Feryno 02 Oct 2006, 09:02
2 mazegen:
You can't close child win but you can minimize it so it occupies small area about 10x30 pixels. Or you can have it in the background and your favorite win (usualy win showing opcodes) on the top.
This way should be better for every coder trying debugger for his first time, because he can't close any child win with some CPU registers or some debuggee memory area and then he needn't to spend the time by serching where the win is. For coder with more experiences with debugging it could be better to turn off every unnecessary child win and not to minimize it only. I know, waiting about 2 seconds for minimizing 14 children on dbg startup isn't much comfortable.
Maybe I should think about idea not to destroy child win (DestroyWindow) but hide it only (ShowWindow). It could be easier to do than destroy it and then create it on demand again.
1 question for people having higher screen resolution (on 1024*786 the default small font is on the border of comfortable readability):
Which suitable font/size/height did you find?

During weekend I managed to update disasm engine of fdbg for Linux x64 and I did one small improvement in 't' command (trace over call loop rep instructions). So don't inspect big differences like in fdbg for win64. Everything looks like in previous version.
Misdisassembled were some of SIB index opcodes like [r13+r12*2+4]
http://www.sandpile.org/aa64/opc_sib.htm

edit from 20070103
deleted attachment


Last edited by Feryno on 03 Jan 2007, 06:05; edited 1 time in total
Post 02 Oct 2006, 09:02
View user's profile Send private message Visit poster's website ICQ Number Reply with quote
vid
Verbosity in development


Joined: 05 Sep 2003
Posts: 7105
Location: Slovakia
vid 02 Oct 2006, 12:35
hiding them could be nice idea, worth of trying.

and i think 64bit debugging is still not area in which you need to focus at newbies Wink

try to add this: when you are in code window window, "R" would automaticaly bring GPR window to front, "S" would bring stack window etc. focus will remain on code window. i hope you understand
Post 02 Oct 2006, 12:35
View user's profile Send private message Visit poster's website AIM Address MSN Messenger ICQ Number Reply with quote
Feryno



Joined: 23 Mar 2005
Posts: 514
Location: Czech republic, Slovak republic
Feryno 03 Oct 2006, 12:14
vid, this is great idea and it needn't much work to do it
Post 03 Oct 2006, 12:14
View user's profile Send private message Visit poster's website ICQ Number Reply with quote
vid
Verbosity in development


Joined: 05 Sep 2003
Posts: 7105
Location: Slovakia
vid 12 Oct 2006, 20:18
feryno: i just installed 64bit gentoo, so you will be recieving some more feedback since now Wink
Post 12 Oct 2006, 20:18
View user's profile Send private message Visit poster's website AIM Address MSN Messenger ICQ Number Reply with quote
Feryno



Joined: 23 Mar 2005
Posts: 514
Location: Czech republic, Slovak republic
Feryno 30 Oct 2006, 12:31
next release,
- added initial and simple debug symbols support (thanx to dbghelp.dll, about 5 APIs only...)
- Rambo menu is back (I was very happy successfully debugging Vista x64 slc.dll using IsDebuggerPresent fight - don't play with this dll if you don't know what you want... this dll is for me the first known stuff from ms with antidebug protection - ms know why they protected it in this way...)
- switching among processes/threads

tested on Vista x64 RC2 and win2003 server x64
Would somebody test it under XP x64 please - especially installation with original dbghelp.dll would be appreciated for debug symbols support - use C sample from attachment (make the same path for it or recompile it if you put it in another path)
debug symbols support is only in an initial stage, you can see labels on begin of instruction, like:
mainCTRStartup: sub rsp,38
an you can see detailed symbols in Explore->Symbols (Ctrl-S)
like:
StartSelection Address=000000001C001020h PID=000009D4h ModBase=000000001C000000h Flags=00000000h Value=0000000000000000h Register=00000000h
d:\asm\prog\fasm64\p006\fdbg000c_samples\debug_symbols\dll\select.c LineNumber=66 FirstInstructionAddress=000000001C001020h

I plane to upgrade disasm engine to expand things like
mov rax,[rsi+rcx*8+20] (todays)
mov rax,[rsi+rcx*8+20] ; [00000001000035B0]=7785FA60=kernel32.CloseHandle (my dreams)

edit from 20070103
deleted attachment


Last edited by Feryno on 03 Jan 2007, 06:06; edited 1 time in total
Post 30 Oct 2006, 12:31
View user's profile Send private message Visit poster's website ICQ Number Reply with quote
vid
Verbosity in development


Joined: 05 Sep 2003
Posts: 7105
Location: Slovakia
vid 30 Oct 2006, 13:22
great work... what's SLC.DLL? Wink
Post 30 Oct 2006, 13:22
View user's profile Send private message Visit poster's website AIM Address MSN Messenger ICQ Number Reply with quote
Feryno



Joined: 23 Mar 2005
Posts: 514
Location: Czech republic, Slovak republic
Feryno 31 Oct 2006, 09:07
SLC maybe Software Licence Control ?
One API from slc.dll is usefull for me, because my home PC isn't connected to internet (because I use it only for asm coding, I don't have there soft from internet so I feels there very safe and malware-free without antivir soft...). I hate telefons too, but Vista RC2 requires 30 days to activate... I don't want to connect PC to inet (although I can easily ask my neighbour just opposite our door...) and I don't want to call anywhere (even it is free call) so I looked for other way of activation... I suppose this is impossible todays but I found another way - staying unactivated but reset activation timeout. It is quite easy, just calling 1 API without any param:
slc.dll SLReArmWindows
Then I wonderd what this API did, so I traced it, and I was happy because this DLL uses antidebugs and I like antidebug. You just have to turn on IsDebuggerPresent camouflage and enter some calls (don't press F8 on every CALL especially when there is garbage after call instruction which not seems like real instructions, entered calls - press F7 to do it - have pushf instruction in prologues and popf at epilogues and they return in other address than the address after instruction of call because procedure modifies return address in the stack)
Great on Vista RC2 is the fact, that you can turn off Drivers signing control on the boot (I refuse to pay for signing 2-3 kB drivers written in FASM used for fun and maybe like education samples) and not much important Aero seems to work event Vista isn't activated. So I don't plane to upgrade to RTM version of Vista... and I want to stay unactivated more than 30 days...
If it is an heretic idea on this forum, please admin correct some thoughs from this post, I will be out of internet for 2 months (thus unable to edit this post erlier than on new year)
Post 31 Oct 2006, 09:07
View user's profile Send private message Visit poster's website ICQ Number Reply with quote
comrade



Joined: 16 Jun 2003
Posts: 1150
Location: Russian Federation
comrade 08 Dec 2006, 18:31
great job

i guess Feryno didn't get his internet back
Post 08 Dec 2006, 18:31
View user's profile Send private message Visit poster's website AIM Address Yahoo Messenger MSN Messenger ICQ Number Reply with quote
Feryno



Joined: 23 Mar 2005
Posts: 514
Location: Czech republic, Slovak republic
Feryno 03 Jan 2007, 06:10
new version for Win
you can see now content of memory after disassembled instruction
exe is compressed in an experimental way (original exe is too big for asm project)


Last edited by Feryno on 15 Jan 2007, 06:42; edited 1 time in total
Post 03 Jan 2007, 06:10
View user's profile Send private message Visit poster's website ICQ Number Reply with quote
vid
Verbosity in development


Joined: 05 Sep 2003
Posts: 7105
Location: Slovakia
vid 12 Jan 2007, 10:05
feryno: your linux version uses just console, or X, or some other GUI?
Post 12 Jan 2007, 10:05
View user's profile Send private message Visit poster's website AIM Address MSN Messenger ICQ Number Reply with quote
Feryno



Joined: 23 Mar 2005
Posts: 514
Location: Czech republic, Slovak republic
Feryno 12 Jan 2007, 10:24
Yes, only console, that's a pitty.
I did some GUI samples under Linux, but they required too much time even they were the most simple programs.
So I'm afraid that I'm not able to make nice GUI interface under Linux.
Currently I'm finishing support for debug symbols (well documented in one manual from year 1997 !!! quite easy task to do).
Post 12 Jan 2007, 10:24
View user's profile Send private message Visit poster's website ICQ Number Reply with quote
vid
Verbosity in development


Joined: 05 Sep 2003
Posts: 7105
Location: Slovakia
vid 12 Jan 2007, 10:39
glad to hear that. console suits me for linux, as i haven't installed any Xs yet. got to try it
Post 12 Jan 2007, 10:39
View user's profile Send private message Visit poster's website AIM Address MSN Messenger ICQ Number Reply with quote
Feryno



Joined: 23 Mar 2005
Posts: 514
Location: Czech republic, Slovak republic
Feryno 15 Jan 2007, 06:43
Linux version
it has help file (win asm beginers may find some usefull simple info how to debug without debug symbols at the end of help)
it supports debug symbols

edit from 2007 february 21: deleted attachment (quota limit reached)


Last edited by Feryno on 21 Feb 2007, 06:37; edited 1 time in total
Post 15 Jan 2007, 06:43
View user's profile Send private message Visit poster's website ICQ Number Reply with quote
ds316



Joined: 01 Jan 2007
Posts: 7
ds316 22 Jan 2007, 07:58
An absolutely awesome app. The only thing that could really do better is a 64-bit version of OllyDbg, but I can't see that happening in the future.

Also when I was running the 000C version the exe I downloaded kept trying to execute an instruction that didn't exist. All I did was replace the suspect instruction with 9090 and everything ran sweetly. 000D is working fine though.
Post 22 Jan 2007, 07:58
View user's profile Send private message Reply with quote
Feryno



Joined: 23 Mar 2005
Posts: 514
Location: Czech republic, Slovak republic
Feryno 22 Jan 2007, 09:41
Hello ds316, would you send me that instruction or its address ? (incompactibility between AMD64 and EM64T ? - I tested it only in AMD64)
I try to make fdbg app for it's usage to be the most simple for asm beginners (priority No 1.) and powerfull enough for experienced users (priority No. 2).
Key shortcuts have been taken from legendary Borland Turbo Debugger, you can simple change them in source code if you used to debug with Olly or GoBug - it is to difficult to adapt to new shortcuts after years of usage of another debugger.
Functionality is good now, but there are some tasks which I'm not able to do better yet (e.g. terminating debugging works but isn't the best solution...).
fdbg has it's own exception handler so it shows you possible buggy instructions
after testing it in Vista RC2 I had to correct about 10 errors in procedures' prologues (unaligned stack, ...) which was silent in older versions of win but caused problems in Vista. The most difficult problem of unaligned stack is that instruction causing exception is in win DLL when API tries to access parameters in the stack with movdqa instruction. During the evolution of ms win more and more APIs access stack with movdqa instructions. I hope there amÝn't stack unaligned procedures calling APIs in fdbg anymore.
I'm still finding mistakes and missing parts in disasm engine, e.g. the last is
imul reg,[mem],value
it doesn't display the content on [mem] and shows incorrectly$úeg32 for reg16 operations...

More users of fdbg, more time of work with it -> more mistakes uncovered and fixed.
ds316 thanx for report and usage
Post 22 Jan 2007, 09:41
View user's profile Send private message Visit poster's website ICQ Number Reply with quote
mattst88



Joined: 12 May 2006
Posts: 260
Location: South Carolina
mattst88 22 Jan 2007, 17:31
Awesome program firstly. Smile

Is there any chance you can add the ability to show XMM registers' values as both 4 singles and 2 doubles? It's very difficult to try and debug something using two doubles currently.

Keep up the great work.
Post 22 Jan 2007, 17:31
View user's profile Send private message Visit poster's website Reply with quote
Feryno



Joined: 23 Mar 2005
Posts: 514
Location: Czech republic, Slovak republic
Feryno 24 Jan 2007, 07:58
special edition for mattst88

edit from 2007 february 21: deleted attachment (quota limit reached)


Last edited by Feryno on 21 Feb 2007, 06:38; edited 1 time in total
Post 24 Jan 2007, 07:58
View user's profile Send private message Visit poster's website ICQ Number Reply with quote
mattst88



Joined: 12 May 2006
Posts: 260
Location: South Carolina
mattst88 27 Jan 2007, 03:34
Awesome. Thanks Smile

Keep up the great work.
Post 27 Jan 2007, 03:34
View user's profile Send private message Visit poster's website Reply with quote
Display posts from previous:
Post new topic Reply to topic

Jump to:  
Goto page Previous  1, 2, 3, ... 10, 11, 12  Next

< Last Thread | Next Thread >
Forum Rules:
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum


Copyright © 1999-2025, Tomasz Grysztar. Also on GitHub, YouTube.

Website powered by rwasa.