Sign in to follow this  

Starting point for writing Debuggers

This topic is 4483 days old which is more than the 365 day threshold we allow for new replies. Please post a new topic.

If you intended to correct an error in the post then please contact us.

Recommended Posts

I was wondering how difficult is it to write your own debuggers? I'm interested in writing something cheap like Debug.com, but a 32 bit version. Has anyone done this and if so what is a good starting point?

Share this post


Link to post
Share on other sites
< AFAIK>
I assume you mean a Protected Mode version. This is quite a bit more difficult than it would be in Real Mode, because you need to take advantage of the provided hardware support. I also assume you want to do this on a x86 processor.

There are 8 debug registers DR0 to DR7. DR0 to DR3 contain addresses of breakpoints. DR6 and DR7 contain various flags. These control what should be done with these addresses. (You can wait for reads/writes or program execution).

Some debug-exception (probably int1 or int3) will be generated to inform you about these events.

You also need to make sure you're running in Ring 0 for this. How to do this depends on your operating system.

This should get your [GOOGLE]-mission started (or scare you away [SMILE])
</AFAIK>

Share this post


Link to post
Share on other sites
The Windows debugging API: http://msdn.microsoft.com/library/en-us/debug/base/basic_debugging.asp

Basically you have to do a DebugActiveProcess call and then sit in a loop calling WaitForDebugEvent. Use ReadProcessMemory() to access the memory of the debuggee. You can use WriteProcessMemory() with a value of 0x3 (INT3) to set a breakpoint. GetThreadContext() will give you access to the registers.

Of course, the hard part is to get the symbols for the debuggee so you can figure out where variables and functions are stored in memory. The Debug Help API will be of help here.

The book "Debugging Applications for Microsoft .NET and Microsoft Windows" by John Robbins contains a code sample for a simple but functional debugger.

Share this post


Link to post
Share on other sites

This topic is 4483 days old which is more than the 365 day threshold we allow for new replies. Please post a new topic.

If you intended to correct an error in the post then please contact us.

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

Sign in to follow this