Runtime/Execute Disassembler for x86/Windows

From Visual Basic to GNU C, this is the place to talk programming.

Moderators: SecretSquirrel, just brew it!

Post a reply

Runtime/Execute Disassembler for x86/Windows

Postposted on Tue May 04, 2004 3:48 pm

I have a problem.

Back when I was a young lad, my favorite thing to play with was a Motorola 68000 debugger called MacsBug, many of you old school Mac-ers remember this as a wonderful tool, where you would press a key combo, and poof! no matter where the CPU was, be it in a driver call, program call, interrupt handler, video blitter, or sound driver logic, you would be dropped into a beautiful debugger complete with C++ comments, menus, etc, and you could literally do anything to the running program, or OS routine, you could trace, change the inst pointer, registers, etc etc etc even do logging if the computer wasnt in a SCSI control routine or whatever.

My question is this. Does such a powerful debugger exist for Windoze/x86 and where can I get it? There seem to be plenty of compile time debuggers available, but I would like to be able to drop in on any running WIndows process and view its code/register/stack/heap usage, and even change the instructions in the code as its executing. Any ideas would be helpful. Thanks!
Shuttle SN25P nForce4 & A64 4000 939 90nm
1024MB Corsair XMS PC3200 CAS2
ATI RADEON X850XT 256MB PCIE
Dual 74GB 10K WD RaptoRAID XP Pro SP2
JediNinjaWizards
Irritating Rash
 
Posts: 1627
Joined: Tue Aug 19, 2003 8:46 am
Location: Player's Republic of Pimpachusetts
Top

Postposted on Tue May 04, 2004 4:25 pm

There's SoftICE, which has been around forever. You can just hit a hotkey and stop the PC and go into a command line type interface. The x86 has hardware breakpoint registers that can stop on an address, or a memory access or I/O instruction. It's pretty powerful but these days you might have to buy it with other stuff since Compuware bought it.

There's <a href=http://www.microsoft.com/whdc/DevTools/Debugging/default.mspx>WinDbg</a>, which is free, and has been under active development again by Microsoft for the past couple of years. This is a two machine setup for kernel type debugging; for user mode debugging you can run it on the same machine. You can debug over serial ports, 1394 or TCP/IP. You could also debug a VMWare or virtual PC install of Windows with it.

It's not got the best user interface in the world but it's probably the most powerful debugger right now. It is hard to learn though.
Flowboy
Gerbil
 
Posts: 87
Joined: Tue May 04, 2004 4:16 pm
Top

Postposted on Tue May 04, 2004 6:51 pm

SoftICE is very good.

Microsoft has a driver-level debugger that can do this, which has been used extensively for years (WinDbg mentioned above). SoftICE is probably more feature-rich, however.
Buub
Maximum Gerbil
 
Posts: 4104
Joined: Sat Nov 09, 2002 10:59 pm
Location: Seattle, WA
Top

Postposted on Wed May 05, 2004 7:04 pm

Thanks for the info guys! I will check them both out.
Shuttle SN25P nForce4 & A64 4000 939 90nm
1024MB Corsair XMS PC3200 CAS2
ATI RADEON X850XT 256MB PCIE
Dual 74GB 10K WD RaptoRAID XP Pro SP2
JediNinjaWizards
Irritating Rash
 
Posts: 1627
Joined: Tue Aug 19, 2003 8:46 am
Location: Player's Republic of Pimpachusetts
Top
Post a reply

Return to Developer's Den

Who is online

Users browsing this forum: No registered users and 3 guests

Powered by phpBB © 2000, 2002, 2005, 2007 phpBB Group