feat: ajout des mbs lors du debug, ajustement pour FLAT UNREAL MODE

2019-07-17 14:09:41 +02:00 · 2019-07-17 14:09:41 +02:00 · 06eb38cad0
parent dc0184f27d
commit 06eb38cad0
1 changed files with 106 additions and 47 deletions
--- a/debug/gdb_init_real_mode.txt
+++ b/debug/gdb_init_real_mode.txt
@ -1,4 +1,5 @@
-# Special mode for GDB that allows to debug/disassemble REAL MODE x86 code
+# Modified by Nicolas Horde
 # Special mode for GDB that allows to debug/disassemble FLAT OR UNREAL MODE x86 code
 #
 # It has been designed to be used with QEMU or BOCHS gdb-stub
 #
@ -70,53 +71,93 @@ Get address of interruption
 end
 define compute_regs
-  set $rax = ((unsigned long)$eax & 0xFFFF)
+  set $rax = ((unsigned long)$eax & 0xFFFFFFFF)
-  set $rbx = ((unsigned long)$ebx & 0xFFFF)
+  set $rbx = ((unsigned long)$ebx & 0xFFFFFFFF)
-  set $rcx = ((unsigned long)$ecx & 0xFFFF)
+  set $rcx = ((unsigned long)$ecx & 0xFFFFFFFF)
-  set $rdx = ((unsigned long)$edx & 0xFFFF)
+  set $rdx = ((unsigned long)$edx & 0xFFFFFFFF)
-  set $rsi = ((unsigned long)$esi & 0xFFFF)
+  set $rsi = ((unsigned long)$esi & 0xFFFFFFFF)
-  set $rdi = ((unsigned long)$edi & 0xFFFF)
+  set $rdi = ((unsigned long)$edi & 0xFFFFFFFF)
-  set $rbp = ((unsigned long)$ebp & 0xFFFF)
+  set $rbp = ((unsigned long)$ebp & 0xFFFFFFFF)
-  set $rsp = ((unsigned long)$esp & 0xFFFF)
+  set $rsp = ((unsigned long)$esp & 0xFFFFFFFF)
  set $rcs = ((unsigned long)$cs & 0xFFFF)
  set $rds = ((unsigned long)$ds & 0xFFFF)
  set $res = ((unsigned long)$es & 0xFFFF)
  set $rss = ((unsigned long)$ss & 0xFFFF)
-  set $rip = ((((unsigned long)$cs & 0xFFFF) << 4) + ((unsigned long)$eip & 0xFFFF)) & $ADDRESS_MASK
+  set $rfs = ((unsigned long)$es & 0xFFFF)
-  set $r_ss_sp = ((((unsigned long)$ss & 0xFFFF) << 4) + ((unsigned long)$esp & 0xFFFF)) & $ADDRESS_MASK
+  set $rgs = ((unsigned long)$ss & 0xFFFF)
-  set $r_ss_bp = ((((unsigned long)$ss & 0xFFFF) << 4) + ((unsigned long)$ebp & 0xFFFF)) & $ADDRESS_MASK
+  set $rip = ((((unsigned long)$cs & 0xFFFF) << 4) + ((unsigned long)$eip & 0xFFFFFFFF)) & $ADDRESS_MASK
  set $r_ss_sp = ((((unsigned long)$ss & 0xFFFF) << 4) + ((unsigned long)$esp & 0xFFFFFFFF)) & $ADDRESS_MASK
  set $r_ss_bp = ((((unsigned long)$ss & 0xFFFF) << 4) + ((unsigned long)$ebp & 0xFFFFFFFF)) & $ADDRESS_MASK
 end
 define print_regs
-  printf "AX: %04X BX: %04X ", $rax, $rbx
+  printf "EAX: %08X EBX: %08X ", $rax, $rbx
-  printf "CX: %04X DX: %04X\n", $rcx, $rdx
+  printf "ECX: %08X EDX: %08X\n", $rcx, $rdx
-  printf "SI: %04X DI: %04X ", $rsi, $rdi
+  printf "ESI: %08X EDI: %08X ", $rsi, $rdi
-  printf "SP: %04X BP: %04X\n", $rsp, $rbp
+  printf "ESP: %08X EBP: %08X\n", $rsp, $rbp
-  printf "CS: %04X DS: %04X ", $rcs, $rds
+  printf " CS: %04X  DS: %04X ", $rcs, $rds
-  printf "ES: %04X SS: %04X\n", $res, $rss
+  printf " ES: %04X  SS: %04X ", $res, $rss
  printf " FS: %04X  GS: %04X ", $rfs, $rgs
  printf "\n"
-  printf "IP: %04X EIP:%08X\n", ((unsigned short)$eip & 0xFFFF), $eip
+  printf "CS:IP: %04X:%08X (0x%05X)\n", $rcs, ((unsigned long)$eip), $rip
-  printf "CS:IP: %04X:%04X (0x%05X)\n", $rcs, ((unsigned short)$eip & 0xFFFF), $rip
+  printf "SS:SP: %04X:%08X (0x%05X)\n", $rss, $rsp, $r_ss_sp
-  printf "SS:SP: %04X:%04X (0x%05X)\n", $rss, $rsp, $r_ss_sp
+  printf "SS:BP: %04X:%08X (0x%05X)\n", $rss, $rbp, $r_ss_bp
  printf "SS:BP: %04X:%04X (0x%05X)\n", $rss, $rbp, $r_ss_bp
 end
 document print_regs
 Print CPU registers
 end
 define print_eflags
-    printf "OF <%d>  DF <%d>  IF <%d>  TF <%d>",\
+    printf "EFLAGS: %08X [",$eflags
-           (($eflags >> 0xB) & 1), (($eflags >> 0xA) & 1), \
+    if ($eflags & 1)
-           (($eflags >> 9) & 1), (($eflags >> 8) & 1)
+	printf "C"
-    printf "  SF <%d>  ZF <%d>  AF <%d>  PF <%d>  CF <%d>\n",\
+    else
-           (($eflags >> 7) & 1), (($eflags >> 6) & 1),\
+      printf "-"
-           (($eflags >> 4) & 1), (($eflags >> 2) & 1), ($eflags & 1)
+    end
-    printf "ID <%d>  VIP <%d> VIF <%d> AC <%d>",\
+    printf "-"
-           (($eflags >> 0x15) & 1), (($eflags >> 0x14) & 1), \
+    if (($eflags >> 2) & 1)
-           (($eflags >> 0x13) & 1), (($eflags >> 0x12) & 1)
+	printf "P"
-    printf "  VM <%d>  RF <%d>  NT <%d>  IOPL <%d>\n",\
+    else
-           (($eflags >> 0x11) & 1), (($eflags >> 0x10) & 1),\
+      printf "-"
-           (($eflags >> 0xE) & 1), (($eflags >> 0xC) & 3)
+    end
    printf "-"
    if (($eflags >> 4) & 1)
 	printf "A"
    else
      printf "-"
    end
    printf "-"
    if (($eflags >> 6) & 1)
 	printf "Z"
    else
      printf "-"
    end
    if (($eflags >> 7) & 1)
 	printf "S"
    else
      printf "-"
    end
    if (($eflags >> 8) & 1)
 	printf "T"
    else
      printf "-"
    if (($eflags >> 9) & 1)
 	printf "I"
    else
      printf "-"
    end
    if (($eflags >> 0xA) & 1)
 	printf "D"
    else
      printf "-"
    end
    if (($eflags >> 0xB) & 1)
 	printf "O"
    else
      printf "-"
    end
    printf "]\n"
  end
 end
 document print_eflags
 Print eflags register.
@ -161,13 +202,12 @@ define print_data
       if ($argc > 0)
       	  set $seg = $arg0
 	  set $off = $arg1
 	  set $raddr = ($arg0 << 16) + $arg1
 	  set $maddr = ($arg0 << 4) + $arg1
 	  set $w = 16
 	  set $i = (int)0
-	  while ($i < 4)
+	  while ($i < 2)
-		printf "%08X: ", ($raddr + $i * $w)
+		printf "%08X: ", ($maddr + $i * $w)
 	  	set $j = (int)0
 		while ($j < $w)
 		      printf "%02X ", *(unsigned char*)($maddr + $i * $w + $j)
@ -192,22 +232,40 @@ define print_data
       end
 end
 # affiche les mb
 define print_mb
     set $mem=1280
     set $verif = *(unsigned char*)($mem)
     set $verif2 = *(unsigned char*)($mem+1)
     set $stop = 0x01
    while ($verif == 0x4E && $verif2 == 0x48 && $stop == 0x01)
     set $stop = *(unsigned char*)($mem+2)
     set $size = *(unsigned short*)($mem+6)
     set $name = (unsigned char*)($mem+8)
     printf "%s:%4X:%4X\n",$name,$mem,$size
     set $mem=$mem+$size
     set $verif = *(unsigned char*)($mem)
     set $verif2 = *(unsigned char*)($mem+1)
    end
 end
 define context
-  printf "---------------------------[ STACK ]---\n"
+  printf "---------------------------[ STACK ]---------------------------\n"
  _dump_memw $r_ss_sp 8
  printf "\n"
  set $_a = $r_ss_sp + 16
  _dump_memw $_a 8
  printf "\n"
-  printf "---------------------------[ DS:SI ]---\n"
+  printf "---------------------------[ DS:ESI ]---------------------------\n"
  print_data $ds $rsi
-  printf "---------------------------[ ES:DI ]---\n"
+  printf "---------------------------[ ES:EDI ]---------------------------\n"
  print_data $es $rdi
-
+  printf "----------------------------[ CPU ]---------------------------\n"
  printf "----------------------------[ CPU ]----\n"
  print_regs
  print_eflags
-  printf "---------------------------[ CODE ]----\n"
+  printf "----------------------------[ MB ]---------------------------\n"
  print_mb
  printf "---------------------------[ CODE ]---------------------------\n"
  set $_code_size = $CODE_SIZE
@ -271,7 +329,7 @@ document break_int_if_ax
 Install a breakpoint on INT N only if AX is equal to the expected value
 end
-define stepo
+define so
  ## we know that an opcode starting by 0xE8 has a fixed length
  ## for the 0xFF opcodes, we can enumerate what is possible to have
@ -347,16 +405,17 @@ define stepo
  # if we have found a call to bypass we set a temporary breakpoint on next instruction and continue 
  if ($noffset != 0)
-    set $_nextaddress = $eip + $offset + $noffset
+    set $_nextaddress = $eip + $offset + $noffset+$cs*16
    printf "Setting BP to %04X\n", $_nextaddress
-    tbreak *$_nextaddress
+    break *$_nextaddress
    continue
    cl *$_nextaddress
    # else we just single step
  else
    nexti
  end
 end
-document stepo
+document so
 Step over calls
 This function will set a temporary breakpoint on next instruction after the call so the call will be bypassed
 You can safely use it instead nexti since it will single step code if it's not a call instruction (unless you want to go into the call function)