flat assembler
Message board for the users of flat assembler.

Index > Projects and Ideas > FDBG - win64 Linux64 UEFI x64 AMD64 debugger

Goto page Previous  1, 2, 3 ... 8, 9, 10, 11, 12  Next
Author
Thread Post new topic Reply to topic
Feryno



Joined: 23 Mar 2005
Posts: 509
Location: Czech republic, Slovak republic
Feryno 31 Jul 2012, 07:41
I understand
then it will be possible to trace things like Console services... (currently impossible because fdbg uses them to get input from keyboard and write output to the screen)
serial port is simple (I may program it via ports) and I have null modem serial cable for few years (still unpacked)
USB is quite complicated (but much much much faster)
Post 31 Jul 2012, 07:41
View user's profile Send private message Visit poster's website ICQ Number Reply with quote
magicSqr



Joined: 27 Aug 2011
Posts: 105
magicSqr 06 Aug 2012, 23:30
Hi,

I'm only just starting coding in x64 and downloaded fdbg0023. When I click 'open executable' I don't get any dialog box to choose a file. Same with Ctrl-E. Downloaded fdbg0022 and same problem.

I'm running Win7 Home Premium 64-bit
Post 06 Aug 2012, 23:30
View user's profile Send private message Reply with quote
Feryno



Joined: 23 Mar 2005
Posts: 509
Location: Czech republic, Slovak republic
Feryno 07 Aug 2012, 09:15
hi, strange...
I'm always using server versions of x64 win but the kernels should be identical to "workstation" versions (the preference of servers is because they are available to download from microsoft few weeks earlier than workstations)
you can still run the executable from command line without necessity of Open File Dialog, command like
fdbg yourprog.exe
not so comfortable as gui but should work and bypasses open file dialog

years ago I found that open file dialog produced some exception with exotic error number (no result what the error code means) and wasn't able to find where is the problem, I can't remember exactly whether it appeared in win 2008 server (the same kernel as vista) or in win2008 R2 (the same kernel as win 7)
the exception generated by open file dialog is handled transparently and silently ingored, appears only when you run fdbg from another debugger or when adding exception handling into fdbg
I've never observed the exception in win 2003 server (win XP x64)

the gui seems to be only a source of problems, maybe I should do win version to be command line (like Linux, UEFI), I just wanted it to be very easy for everybody running debugger for the first time in the life (max. 2-3 clicks and some result available already = debuggee halted at entrypoint, registers visible, code / stack / memory dump visible, ...)
Post 07 Aug 2012, 09:15
View user's profile Send private message Visit poster's website ICQ Number Reply with quote
magicSqr



Joined: 27 Aug 2011
Posts: 105
magicSqr 07 Aug 2012, 09:47
ok, thanks Feryno,

I'll go with command line then Wink

magicĀ²
Post 07 Aug 2012, 09:47
View user's profile Send private message Reply with quote
XVilka



Joined: 04 May 2011
Posts: 42
Location: Russia
XVilka 14 Aug 2012, 09:41
Feryno: can you put code of fdbg into one of versioning system? It will be great and let improve by others too Smile At least i want contribute in it (bit later - this autumn, i suppose)
Post 14 Aug 2012, 09:41
View user's profile Send private message Visit poster's website Reply with quote
Feryno



Joined: 23 Mar 2005
Posts: 509
Location: Czech republic, Slovak republic
Feryno 16 Aug 2012, 11:42
Hi,
you can post you work here
and don't forget to add you to the list of developers
cores of all 3 free versions of debugger are healthy
gui of win version should be rewritten from base
Linux version seems to be finished (I don't see anything to improve there)
in uefi version there should be added choice of entering register as input (not only hexa values, e.g. d rsi instead of d 264e00, also something like r rip=rip-1, etc.)
disasm engine lacks of updates for years (disassembling of instructions using 256 bit multimedia registers is not implemented although core of all versions support them)
in uefi support for symbols should be added
in uefi version I slightly improved loading of executable to be more clean and readable so update these parts before you start to contribute:

a00.asm
Code:
format PE64 dll efi at 0 on 'nul'        ; possible subsystems are: EFI, EFIBOOT, EFIRUNTIME
entry start

include   'uefi.inc'
include 'keycodes.inc'
include     'padAMD64.inc'
include     'constants.inc'
include    'registers.inc'


section '.text' code readable executable

start:
; rcx = ImageHandle
; rdx = SystemTable

 push    rbx rsi rdi
 sub     rsp,8*(4+0)

     mov     rax,[rdx+60h]           ; EFI_BOOT_SERVICES
 mov     [ImageHandle],rcx
   mov     [SystemTable],rdx
   mov     [BootServicesTable],rax

 call    set_best_text_mode

      lea     rcx,[msg_welcome]
   call    print

   call    check_lahf_sahf

 call    cpu_features_enable

     lea     rcx,[msg_executable]
        call    print

   call    get_executable_name
 jc      egzyd

   call    load_executable
     jc      egzyd
; rax = image handle

   mov     rbx,rax

 mov     rcx,rax
     call    get_executable_base_and_size
; CF=0 -> rax = base, rdx = size
; CF=1 -> error
   jnc     .L1

.L0:
 mov     rcx,rbx
     call    unload_executable
   jmp     egzyd

.L1:
; rax = base, rdx = size
   mov     rsi,rax
     mov     rdi,rdx

;        mov     rdx,rdx
     mov     rcx,rax
     call    PE32x64_AddressOfEntryPoint
 jc      .L0

; rax = AddressOfEntryPoint, this is an offset

       add     rax,rsi
; rax = virtual memory of the image entrypoint
   call    set_SW_BP               ; or should we call set_temporary_execute_HW_BP

 call    hook_exceptions

 xor     r8,r8
       xor     edx,edx
     mov     rcx,rbx                 ; ImageHandle
       mov     rax,[BootServicesTable]
     call    qword [rax+0D0h]        ; EFI_IMAGE_START

       call    unhook_exceptions

       call    remove_all_HW_BP_SW_BP

  lea     rcx,[msg_executable_exited]
 call    print

egzyd:

if EFI_SUCCESS = 0
   xor     eax,eax
else
     mov     rax,EFI_SUCCESS
end if

       add     rsp,8*(4+0)
 pop     rdi rsi rbx
 ret    

exec.asm
Code:
align 10h
get_executable_name:
; out: CF=0 success
;      CF=1 errror
        push    rax rcx rdx rsi rdi

     call    cli_reset

get_executable_name_wait_for_key:
      call    get_key
; eax=key
        cmp     eax,key_ENTER
       jz      get_executable_name_done

        call    cli_update              ; update command line interface with the new key received

       lea     rcx,[msg_clt_all]
   call    print                   ; print the updated command line

        jmp     get_executable_name_wait_for_key

get_executable_name_done:
       call    print_new_line

  lea     rsi,[msg_clt]
       lea     rdi,[path_to_exec]
; mov     ecx,[msg_clt_pointer]
       mov     ecx,[msg_clt_pointer + rsi-msg_clt]     ; rsi = msg_clt
;    jrcxz   get_executable_name_fail
    or      ecx,ecx
     jz      get_executable_name_fail

        cld

     mov     eax,060404h
 stosd

   mov     eax,'\'
  stosw
;align 10h
get_executable_name_convert_01:
  cmp     word [rsi],ax
       jnz     get_executable_name_convert_02
      add     rsi,2
       loop    get_executable_name_convert_01

get_executable_name_convert_02:
;  jrcxz   get_executable_name_fail
    or      ecx,ecx
     jz      get_executable_name_fail

get_executable_name_convert_03:
 call    more_backslashes
    jnz     get_executable_name_convert_06

;align 10h
get_executable_name_convert_05:
; ax = '\'
    add     word [path_to_exec+2],2
     cmp     word [rsi],ax
       movsw
       loopnz  get_executable_name_convert_05
      or      ecx,ecx
     jnz     get_executable_name_convert_03

get_executable_name_convert_06:

; the last backslash has to be removed at my UEFI else LoadImage fails
     cmp     word [path_to_exec+2],6
     jz      get_executable_name_convert_07
; remove the last '\'
  sub     word [path_to_exec+2],2
     sub     rdi,2
get_executable_name_convert_07:

    xor     eax,eax
     add     word [path_to_exec+2],2
     stosw
; path node done

; now executable node
      mov     eax,040404h
 stosd
       lea     rdx,[rdi-2]
 lea     eax,[rcx+rcx*1]
     add     word [rdx],ax
       repz movsw

; suffix '.efi'
 mov     rcx,[rdi-8]
 mov     rax,0020002000200000h
       or      rcx,rax                 ; convert capitals to lowercase
     mov     rax,'.' + ('e' shl 16) + ('f' shl 32) + ('i' shl 48)
        cmp     rcx,rax
     jz      get_executable_name_convert_08
      stosq
       add     word [rdx],8

get_executable_name_convert_08:
     xor     eax,eax
     stosw                           ; 0-terminator
      add     word [rdx],2

; end node:
 mov     eax,04FF7Fh
 stosd

   call    cli_reset
   clc                             ; success

get_executable_name_epi:
       pop     rdi rsi rdx rcx rax
 ret

get_executable_name_fail:
    call    cli_reset
   stc                             ; failure
   jmp     get_executable_name_epi

align 10h
more_backslashes:
; in: RSI unicode string
; in: ECX string size
; out: ZF=0 no more backslashes
; out: ZF=1 backslash found
    push    rax rcx rdi
 lea     rdi,[rsi]
   mov     eax,'\'
  cld
 repnz scasw
 pop     rdi rcx rax
 ret


align 10h
load_executable:
; returns: CF=0 success, RAX = image handle
;          CF=1 failure
      push    rbx rbp

struc    load_executable_frame
{
.reserved            rq      4
.fifth_param               dq      ?
.sixth_param               dq      ?
.img_handle                dq      ?
.full_path         dq      ?
.img_dev_handle            dq      ?
.loaded_image              dq      ?
.dev_path_util_protocol    dq      ?
}


virtual at 0
tmp_load_executable_frame        load_executable_frame
sizeof_load_executable_frame   =       $
end virtual


a=1                                 ; return address from procedure
b=2                                  ; pushed qwords
d=(sizeof_load_executable_frame+7)/8 ; stack frame in qwords
c=(a+b+d) and 1                              ; align stack at 10h

    sub     rsp,8*(c+d)

virtual at rsp
ld_exec_f  load_executable_frame   
end virtual

 xor     ebx,ebx                 ; status

        mov     rbp,[BootServicesTable]

 lea     r8,[ld_exec_f.dev_path_util_protocol]
       xor     edx,edx
     lea     rcx,[EFI_DEVICE_PATH_UTILITIES_PROTOCOL_GUID]
       call    qword [rbp+140h]        ; EFI_LOCATE_PROTOCOL
if EFI_SUCCESS = 0
 or      rax,rax
else
     cmp     rax,EFI_SUCCESS
end if
   jnz     load_executable_result

  mov     dword [ld_exec_f.sixth_param],EFI_OPEN_PROTOCOL_GET_PROTOCOL
        and     qword [ld_exec_f.fifth_param],0
     mov     r9,[ImageHandle]
    lea     r8,[ld_exec_f.loaded_image]     ; LoadedImage
       lea     rdx,[EFI_LOADED_IMAGE_PROTOCOL_GUID]
        mov     rcx,[ImageHandle]
   call    qword [rbp+118h]        ; EFI_OPEN_PROTOCOL
if EFI_SUCCESS = 0
   or      rax,rax
else
     cmp     rax,EFI_SUCCESS
end if
   jnz     load_executable_result

virtual at 0
LIP       EFI_LOADED_IMAGE_PROTOCOL
end virtual

        mov     dword [ld_exec_f.sixth_param],EFI_OPEN_PROTOCOL_GET_PROTOCOL
        and     qword [ld_exec_f.fifth_param],0
     mov     r9,[ImageHandle]
    lea     r8,[ld_exec_f.img_dev_handle]   ; ImageDevicePath
   lea     rdx,[EFI_DEVICE_PATH_PROTOCOL_GUID]
 mov     rax,[ld_exec_f.loaded_image]    ; LoadedImage
       mov     rcx,[rax + LIP.DeviceHandle]
        call    qword [rbp+118h]        ; EFI_OPEN_PROTOCOL
if EFI_SUCCESS = 0
   or      rax,rax
else
     cmp     rax,EFI_SUCCESS
end if
   jnz     load_executable_failure_close_protocol

  lea     rdx,[path_to_exec]
  mov     rcx,[ld_exec_f.img_dev_handle]  ; ImageDevicePath
   mov     rax,[ld_exec_f.dev_path_util_protocol]  ; EFI_DEVICE_PATH_UTILITIES_PROTOCOL
        call    qword [rax+8*2]         ; AppendDevicePath
  or      rax,rax
     jz      load_executable_failure_close_protocols

 mov     [ld_exec_f.full_path],rax

       lea     rax,[ld_exec_f.img_handle]      ; Pointer to the returned image handle that is created when the image is successfully loaded.
       mov     [ld_exec_f.sixth_param],rax     ; ImageHandle
       and     qword [ld_exec_f.fifth_param],0
     xor     r9,r9
       mov     r8,[ld_exec_f.full_path]        ; path to execute
   mov     rdx,[ImageHandle]       ; ParentImageHandle
 xor     ecx,ecx
     call    qword [rbp+0C8h]        ; EFI_IMAGE_LOAD
if EFI_SUCCESS = 0
      or      rax,rax
else
     cmp     rax,EFI_SUCCESS
end if

       setz    bl                      ; status

        mov     rcx,[ld_exec_f.full_path]
   call    qword [rbp+48h]         ; FreePool

load_executable_failure_close_protocols:
      xor     r9,r9
       mov     r8,[ImageHandle]
    lea     rdx,[EFI_DEVICE_PATH_PROTOCOL_GUID]
 mov     rax,[ld_exec_f.loaded_image]    ; LoadedImage
       mov     rcx,[rax + LIP.DeviceHandle]
        call    qword [rbp+120h]        ; EFI_CLOSE_PROTOCOL

load_executable_failure_close_protocol:
     xor     r9,r9
       mov     r8,[ImageHandle]
    lea     rdx,[EFI_LOADED_IMAGE_PROTOCOL_GUID]
        mov     rcx,[ImageHandle]
   call    qword [rbp+120h]        ; EFI_CLOSE_PROTOCOL

load_executable_result:
     sub     bl,1

    mov     rax,[ld_exec_f.img_handle]

load_executable_epi:
  lea     rsp,[rsp+8*(c+d)]       ; the LEA doesn't touch Carry flag
 pop     rbp rbx                 ; neither the POP alters CF
 ret


align 10h
unload_executable:
; in: RCX ImageHandle
; out: CF=0 success
;      CF=1 error
     sub     rsp,8*(4+1)
 mov     rax,[BootServicesTable]
;    mov     rcx,rcx
     call    qword [rax+0E0h]        ; EFI_IMAGE_UNLOAD
  add     rsp,8*(4+1)
if EFI_SUCCESS <> 0
    sub     rax,EFI_SUCCESS
end if
   add     rax,-1
      ret


align 10h
get_executable_base_and_size:
; in: RCX ImageHandle
; out: CF=0 success, rax=base, rdx=size
;      CF=1 error
      push    rbx rsi rdi
 sub     rsp,8*(4+4)

     mov     rbx,rcx

 mov     dword [rsp+8*(4+1)],EFI_OPEN_PROTOCOL_GET_PROTOCOL
  and     qword [rsp+8*(4+0)],0
       mov     r9,[ImageHandle]
    lea     r8,[rsp+8*(4+3)]        ; Interface
 lea     rdx,[EFI_LOADED_IMAGE_PROTOCOL_GUID]
;       mov     rcx,rcx
     mov     rax,[BootServicesTable]
     call    qword [rax+118h]        ; EFI_OPEN_PROTOCOL

     mov     [rsp+8*(4+2)],rax       ; status

if EFI_SUCCESS = 0
  or      rax,rax
else
     cmp     rax,EFI_SUCCESS
end if
   jnz     get_executable_base_and_size_epi

        mov     rdx,[rsp+8*(4+3)]
   mov     rsi,[rdx + LIP.ImageBase]
   mov     rdi,[rdx + LIP.ImageSize]

       xor     r9,r9
       mov     r8,[ImageHandle]
    lea     rdx,[EFI_LOADED_IMAGE_PROTOCOL_GUID]
        mov     rcx,rbx
     mov     rax,[BootServicesTable]
     call    qword [rax+120h]        ; EFI_CLOSE_PROTOCOL

get_executable_base_and_size_epi:
if EFI_SUCCESS <> 0
      sub     qword [rsp+8*(4+2)],EFI_SUCCESS
end if
   add     qword [rsp+8*(4+2)],-1  ; CF=0 if STATUS_SUCCESS, CF=1 otherwise
    mov     rax,rsi                 ; base
      mov     rdx,rdi                 ; size
      lea     rsp,[rsp+8*(4+4)]       ; the LEA doesn't change CF (the ADD does !!!)
     pop     rdi rsi rbx
 ret


align 10h
PE32x64_AddressOfEntryPoint:
; in: RCX ImageBase
;     RDX ImageSize
; out: CF=0 success, RAX = AddressOfEntryPoint (this is an offset)
;      CF=1 error
       push    rsi

include      'WinNT.h.inc'

virtual at 0
.pehdr0  IMAGE_DOS_HEADER
sizeof.IMAGE_DOS_HEADER = $
end virtual
      cmp     rdx,sizeof.IMAGE_DOS_HEADER
 jc      PE32x64_AddressOfEntryPoint_epi

virtual at rcx
.pehdr IMAGE_DOS_HEADER
end virtual
     cmp     [.pehdr.e_magic],IMAGE_DOS_SIGNATURE
        jnz     PE32x64_AddressOfEntryPoint_fail
    mov     eax,[.pehdr.e_lfanew]

   lea     rsi,[rcx+rax*1]
virtual at rsi
.nthdr     IMAGE_NT_HEADERS64
end virtual

virtual at 0
.nthdr0        IMAGE_NT_HEADERS64
sizeof.IMAGE_NT_HEADERS64 = $
end virtual
  add     rax,sizeof.IMAGE_NT_HEADERS64
       cmp     rdx,rax
     jc      PE32x64_AddressOfEntryPoint_epi ; we don't have enough of image to access it (have only part of image)

 cmp     [.nthdr.Signature],IMAGE_NT_SIGNATURE
       jnz     PE32x64_AddressOfEntryPoint_fail
    cmp     [.nthdr.FileHeader.Machine],IMAGE_FILE_MACHINE_AMD64
        jnz     PE32x64_AddressOfEntryPoint_fail
    cmp     [.nthdr.FileHeader.SizeOfOptionalHeader],IMAGE_SIZEOF_NT_OPTIONAL64_HEADER
  jnz     PE32x64_AddressOfEntryPoint_fail
    cmp     [.nthdr.OptionalHeader.Magic],IMAGE_NT_OPTIONAL_HDR64_MAGIC
 jnz     PE32x64_AddressOfEntryPoint_fail
;   cmp     [.nthdr.OptionalHeader.DllCharacteristics],     ; bullshit
; bullshits
;  movzx   eax,[.nthdr.OptionalHeader.Subsystem]
;      cmp     eax,IMAGE_SUBSYSTEM_EFI
;    jz      img_OK_0
;   cmp     eax,IMAGE_SUBSYSTEM_EFIBOOT
;        jz      img_OK_0
;   cmp     eax,IMAGE_SUBSYSTEM_EFIRUNTIME
;     jnz     PE32x64_AddressOfEntryPoint_fail
;
;img_OK_0:

 mov     eax,[.nthdr.OptionalHeader.SizeOfImage]
     cmp     rdx,rax
     jc      PE32x64_AddressOfEntryPoint_epi

 mov     eax,[.nthdr.OptionalHeader.AddressOfEntryPoint]

 cmp     rdx,rax
; CF set if AddressOfEntryPoint is more than ImageSize

;      clc                                     ; success
; no need as the above CMP cleared Carry Flag

PE32x64_AddressOfEntryPoint_epi:
      pop     rsi
 ret

PE32x64_AddressOfEntryPoint_fail:
    stc
 pop     rsi
 ret    
Post 16 Aug 2012, 11:42
View user's profile Send private message Visit poster's website ICQ Number Reply with quote
alorent



Joined: 05 Dec 2005
Posts: 221
alorent 29 Aug 2012, 10:42
Hi Feryno,

I have tried FDBG under Windows 8 x64 but it fails with exception in most cases (before fully loading all child Windows)

When I click on "Open Executable" there are no Windows dialogs to open a file.

Please, do we need any special settings to make it work under Windows 8?

Thanks for you great work!

Also, I saw you HDBG project. Can I purchase it? I don't see any payment link Smile

Thanks!
Post 29 Aug 2012, 10:42
View user's profile Send private message Reply with quote
Feryno



Joined: 23 Mar 2005
Posts: 509
Location: Czech republic, Slovak republic
Feryno 03 Sep 2012, 07:51
Hi alorent, I saw that under developmental versions of win8 and was unable to find where is the problem. As I wrote previously the GUI should be completely rewritten.
hdbg - it is not question of money - some parts were developed for somebody else so obtaining hdbg requires their permission (identifying PID/TID of running thread using hypervisor, identifying context switches using hypervisor, freezing/unfreezing running thread using hypervisor, walking + dumping memory of given process using hypervisor - after these parts were done and my tasks were succesfully finished I had an idea that I can extend that and make a debugger)
Post 03 Sep 2012, 07:51
View user's profile Send private message Visit poster's website ICQ Number Reply with quote
Feryno



Joined: 23 Mar 2005
Posts: 509
Location: Czech republic, Slovak republic
Feryno 19 Sep 2012, 06:37
support for most important symbols from UEFI spec
command k (kill program)
GPR64 and RIP as input on some commands

link for all-in one pack with emulator for everybody not owning UEFI hardware (external link, the archive doesn't fit to board because of board quota limit)
http://fdbg.x86asm.net/fdbg.uefi.0002.qemu.zip
(see the images and run the bat file)


Description:
Download
Filename: fdbg.uefi.0002.zip
Filesize: 132.67 KB
Downloaded: 2329 Time(s)

Post 19 Sep 2012, 06:37
View user's profile Send private message Visit poster's website ICQ Number Reply with quote
Feryno



Joined: 23 Mar 2005
Posts: 509
Location: Czech republic, Slovak republic
Feryno 01 Oct 2012, 09:48
windows server 2012 / windows 8 users shouldn't suffer anymore


Description: fdbg version 0024 for windows x64
supports windows server 2012 / windows 8

Download
Filename: fdbg0024.zip
Filesize: 533.01 KB
Downloaded: 3098 Time(s)

Post 01 Oct 2012, 09:48
View user's profile Send private message Visit poster's website ICQ Number Reply with quote
farrier



Joined: 26 Aug 2004
Posts: 274
Location: North Central Mississippi
farrier 01 Oct 2012, 14:26
Feryno,

Thanks for your fine program, I am just getting started in the 64 bit world and fdbg has made it possible to find out what is actually happening, as opposed to what I thought should happen.

farrier

_________________
Some Assembly Required
It's a good day to code!
U.S.Constitution; Bill of Rights; Amendment 1:
... the right of the people peaceably to assemble, ...
The code is dark, and full of errors!
Post 01 Oct 2012, 14:26
View user's profile Send private message Reply with quote
Feryno



Joined: 23 Mar 2005
Posts: 509
Location: Czech republic, Slovak republic
Feryno 02 Oct 2012, 05:18
Hi, farrier,
thank for your report. When I started the project years ago (maybe 7 or 8 years) I wanted to create something like turbo debugger (td.exe) for win64. Just 2-3 clicks and your program already loaded in debugger, some keystrokes and see result what is your program doing. Easy-to-use. For everybody compiling its first program trying to observe what the program is really doing. I grew up on turbo debugger in ms dos era, interner was in nappies, no so much documentation, no so much source code, learned most from debugging some small demos / viruses. Later I found CPU manuals but at that time I already knew most important instructions. When release candidates of win x64 came I realized there is a need for something similar as turbo debugger for win x64.

btw the problem causing crashes in win 8 / win server 2012 was 6 years old and silent through older win x64 versions (appeared in fdbg000B)
Post 02 Oct 2012, 05:18
View user's profile Send private message Visit poster's website ICQ Number Reply with quote
yoshimitsu



Joined: 07 Jul 2011
Posts: 96
yoshimitsu 14 Oct 2012, 18:27
fdbg is a must-have.
Post 14 Oct 2012, 18:27
View user's profile Send private message Reply with quote
XVilka



Joined: 04 May 2011
Posts: 42
Location: Russia
XVilka 22 Oct 2012, 08:02
About serial and USB debugging - it is possible to use standard UEFI's feature - Debugport protocol. Its GUID:
Code:
#define EFI_DEBUGPORT_PROTOCOL_GUID \
{0xEBA4E8D2,0x3858,0x41EC,0xA2,0x81,0x26,0x47,\
0xBA,0x96,0x60,0xD0}
    

Protocol Interface Structure
Code:
typedef struct {
EFI_DEBUGPORT_RESET  Reset;
EFI_DEBUGPORT_WRITE  Write;
EFI_DEBUGPORT_READ  Read;
EFI_DEBUGPORT_POLL  Poll;
} EFI_DEBUGPORT_PROTOCOL;
    

Parameters
Reset Resets the debugport hardware.
Write Send a buffer of characters to the debugport device.
Read Receive a buffer of characters from the debugport device.
Poll Determine if there is any data available to be read from the
debugport device.

See Section 17.3 of UEFI 2.3 specification
Post 22 Oct 2012, 08:02
View user's profile Send private message Visit poster's website Reply with quote
dmitriy566



Joined: 19 Jun 2012
Posts: 25
Location: Saint-Petersburg, Russia
dmitriy566 17 Dec 2012, 09:59
Hello!
I have a question. Why when i load 32-bit executable into fdbg it happens nothing? Why it cannot debug it? I think it will be useful to debug any executable in fdbg, despite it is 64-bit.
Post 17 Dec 2012, 09:59
View user's profile Send private message Reply with quote
Feryno



Joined: 23 Mar 2005
Posts: 509
Location: Czech republic, Slovak republic
Feryno 19 Dec 2012, 10:59
Hi, only 64 bits supported. There are some free debuggers for 32 bits available. At the time I started fdbg (years ago) there was only windbg for x64 which is not trivial to use for beginners so I decided to write x64 debugger with functionality close to turbo debugger (I used 16 bit td.exe under ms dos a lot).
Post 19 Dec 2012, 10:59
View user's profile Send private message Visit poster's website ICQ Number Reply with quote
mm1991



Joined: 27 Dec 2012
Posts: 1
mm1991 27 Dec 2012, 16:23
Hello Feryno and thanks for your nice work but I have some ideas
can you make only the current instruction ribbon moving not whole code window while stepping the code ?
also can you add a just in time assembler and some asm coloring
really fdbg is getting better but can you implement those features ?
Really with those features fdbg will be the best available x64 debugger
last but not least thank you for your nice work Smile
Post 27 Dec 2012, 16:23
View user's profile Send private message Reply with quote
Feryno



Joined: 23 Mar 2005
Posts: 509
Location: Czech republic, Slovak republic
Feryno 28 Dec 2012, 16:09
mm1991 wrote:

can you make only the current instruction ribbon moving not whole code window while stepping the code ?
also can you add a just in time assembler and some asm coloring

use the second code window (only ribbon is moving, the address where the disasm starts doesn't change), to update this window just click on the start address and write RIP there (3 bytes string, no need to write hexa number)
I don't plane to add inline asm either coloring (but the source is open - ask Tomasz for permission to use FASM and put them together)
If I improve something it will be adding new multimedia instructions in disasm but I doubt I'll have time/power for that.
Post 28 Dec 2012, 16:09
View user's profile Send private message Visit poster's website ICQ Number Reply with quote
a rabbit



Joined: 12 Oct 2009
Posts: 13
a rabbit 13 Apr 2013, 18:25
Hi Feryno,

Do you mind if I fork your source on GitHub?
Post 13 Apr 2013, 18:25
View user's profile Send private message Reply with quote
Feryno



Joined: 23 Mar 2005
Posts: 509
Location: Czech republic, Slovak republic
Feryno 15 Apr 2013, 09:46
Hi, you may do anything you want. Maybe you will be the only one fdbg developer at GitHub, but I wish you to attract more developers.
I don't have enough time to improve fdbg, it is usable and stable for few years but no much progress in it. Especially it lacks support for disassembling new instructions (but the core is already capable, only the disasm not yet).
The first supported platform was win x64, the second Linux x64, the third UEFI x64. When I have enough time I will attempt fourth port and it will be platform independent, a hypervisor will be running and controlling guest (no matter OS), communication via null modem serial cable and second PC. SMP support and virtualization of physical memory. Intel CPU only, newer models with unrestricted guest. Hypervisor loaded before OS (under BIOS similarly to bootkit, under UEFI as boot menu). I'm not sure whether it will be successfull or not. I will start to work on in after about 1 month if nothing more relevant appear. Such source won't be shared for public, only binaries (because high risk that somebody insane will use this technology to create ugly malware).
Post 15 Apr 2013, 09:46
View user's profile Send private message Visit poster's website ICQ Number Reply with quote
Display posts from previous:
Post new topic Reply to topic

Jump to:  
Goto page Previous  1, 2, 3 ... 8, 9, 10, 11, 12  Next

< Last Thread | Next Thread >
Forum Rules:
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum


Copyright © 1999-2024, Tomasz Grysztar. Also on GitHub, YouTube.

Website powered by rwasa.