#nuvie@irc.freenode.net logs for 19 Sep 2009 (GMT)

Archive Today Yesterday Tomorrow
Nuvie homepage

[07:51:25] --> Yuv422 has joined #nuvie
[07:52:36] <Yuv422> hi guys
[07:52:57] <Yuv422> http://efry.users.sourceforge.net/idados/
[07:53:15] <Yuv422> the ida pro dosbox debugger works fairly well
[07:53:29] <Yuv422> you can trace, set breakpoints
[07:53:35] <Yuv422> view registers
[07:53:39] <Yuv422> memory
[07:53:44] <Yuv422> stack
[07:55:27] <Yuv422> hexrays were quite helpful getting 16bit debug support into IDA Pro
[07:56:15] <QbixAway> ah you tried it ?
[07:56:31] <QbixAway> I didn't try it yet. Did you try it under linux or windows ?
[07:56:37] <QbixAway> did you ahve to do special things ?
[07:58:26] <Yuv422> mac and windows
[07:58:39] <Yuv422> I worte it :)
[07:58:57] <QbixAway> ah. cool. I was looking for you then :)
[07:59:08] <QbixAway> I wrote dosbox and wanted to try it out once :)
[07:59:14] <Yuv422> or should I say "hacked it"
[07:59:16] <QbixAway> would make my debugging easier as well :)
[08:00:20] <Yuv422> yeah I found it quite useful
[08:00:25] <Yuv422> debugging ultima 6
[08:00:31] <Yuv422> dosbox is a great app btw
[08:00:38] <Yuv422> use it all the time for testing u6
[08:00:40] <Yuv422> :)
[08:01:51] <Yuv422> you'll probably laugh at the way I show horned the ida debugger into dosbox
[08:02:28] <QbixAway> well if it works then it works :)
[08:03:14] <QbixAway> the dosbox debugger itself is pretty nice, but ida with codeflow stuff and easier browsing would be more convient
[08:03:36] <Yuv422> yeah code flow debugging is really nice
[08:05:41] <Yuv422> I included a precompiled binary for windows in the zip
[08:06:18] <QbixAway> i run linux :)
[08:06:26] <Yuv422> ah k
[08:06:43] <QbixAway> but could switch to windows, but didn't really understand on how to run ida and dosbox togheter
[08:07:58] <Yuv422> I run dosbox on the mac and IDA Pro on windows with virtualbox
[08:09:30] <QbixAway> guess I got some experimenting to do :)
[08:10:10] <Yuv422> if you have any issues with it just let me know
[08:10:35] <QbixAway> i'll hang around here and or email you if that is alright
[08:10:59] <Yuv422> yeah that's ok. :)
[08:11:08] <Yuv422> I'm in australia
[08:11:21] <Yuv422> so might be online at weird times
[08:11:23] <QbixAway> netherlands here
[08:11:31] <Yuv422> ah k :)
[08:11:35] <QbixAway> but I chat throught a screen :)
[08:11:41] <QbixAway> so I am always "online"
[08:11:59] <Yuv422> :)
[08:12:22] <QbixAway> nice to meet you. I am off for some tea and such
[08:12:25] <Yuv422> are you needing to debug anything inparticular
[08:12:35] <QbixAway> i always need to debug
[08:12:42] <Yuv422> :-)
[08:12:48] <Yuv422> nice to meet you too.
[08:12:53] <QbixAway> supporting over 1000 games doesn't come without debugging lot's of dos apps :)
[08:12:57] <Yuv422> enjoy the tea. :)
[08:13:02] <Yuv422> hehe
[08:13:04] <QbixAway> thanks :)
[08:13:05] <Yuv422> I can imagine
[08:13:32] <Yuv422> oh I haven't completely filled out the dos memory map in ida
[08:13:47] <Yuv422> but it wouldn't be hard to add the extra memory regions
[08:13:58] <Yuv422> like video ram etc
[08:38:10] <QbixAway> well those are tricky. in a way
[08:38:25] <QbixAway> with those write masks and xorring
[08:40:27] <QbixAway> and planes offcourse
[08:41:07] <Yuv422> yeah
[08:41:27] <Yuv422> I'm just using a flat memory range
[08:41:39] <QbixAway> does ida support break on memory read ?
[08:41:48] <QbixAway> as that is a feature our debugger currently lacks
[08:42:22] <Yuv422> hmm that breakpoint would need to be driven from dosbox
[08:42:41] <Yuv422> I haven't added break on read
[08:42:49] <Yuv422> I'm not sure if it can be done
[08:43:08] <QbixAway> well I can code it in dosbox, been planning that, but would save me time if ida supported it :)
[08:44:23] <Yuv422> It should support break on memory change
[08:44:46] <Yuv422> and could probably handle a memory read breakpoint as an exception
[08:44:49] <Yuv422> generated from dosbox
[08:45:20] <QbixAway> dosbox needs to generate it first then. Guess I got to code those special overlay pagehandlers then
[08:46:08] <Yuv422> that would be quite costly I imagine
[08:46:25] <Yuv422> checking each read for a brkpt
[08:46:44] <QbixAway> hence the pagehandler idea
[08:46:53] <QbixAway> so only a block of 4k with a breakpoint is checked
[08:46:57] <QbixAway> other blocks not
[08:47:10] <Yuv422> :)
[08:47:46] <QbixAway> but it is not really fun coding it as page handlers can be changed by programming the graphics card and the paging
[08:48:02] <QbixAway> so need to make those calls aware of an overlay pagehandler
[08:49:02] <Yuv422> break on read would be quite handy
[08:49:26] <QbixAway> yes, I agree.
[08:49:40] <QbixAway> dosbox supports break on memory change
[08:49:46] <QbixAway> but it is rather slow
[08:49:59] <QbixAway> and not break on write (which is different from change) :)
[08:50:27] <Yuv422> yeah that would be harder to trap
[08:50:45] <QbixAway> if I have break on read, break on write but be similar
[08:52:05] <Yuv422> yeah
[08:54:16] <Yuv422> I was thinking about a gdb interface for dosbox too
[08:54:34] <Yuv422> not too sure if that would be usefull
[08:54:43] <Yuv422> or possible
[08:54:54] <QbixAway> what would it add ? gdb_server stuff ?
[08:55:19] <Yuv422> yeah then you could connect with a gdb client
[08:55:21] <Yuv422> and debug
[08:55:39] <QbixAway> i haven't discovered a well working and pretty gdb client yet
[08:56:00] <QbixAway> maybe ida :)
[08:56:01] <Yuv422> I think IDA also has a gdb debug stub
[08:56:10] <Yuv422> but not too sure if it is 16bit ready
[08:56:30] <QbixAway> doubt it. linux has always been 32bit +
[08:56:40] <Yuv422> They had to add some special functions into their debug API so I could get the dosbox debugger running.
[08:56:55] <Yuv422> which was nice of them
[08:56:57] <QbixAway> convert 16 to 32 bit or so ?
[08:57:23] <QbixAway> i got a discount on buying ida because i was from dosbox. so they support programs well :)
[08:57:41] <Yuv422> yeah they are nice guys
[08:58:09] <QbixAway> well I could update their interrupt description list a bit in return I think. Several things I know are missing :)
[08:58:24] <Yuv422> hehe
[08:58:33] <Yuv422> the dosbox int list is a monster. :-)
[08:58:39] <Yuv422> dos
[08:58:44] <Yuv422> I should say
[08:59:42] <QbixAway> yes.
[09:00:50] <QbixAway> btw do you have any updates planned for that idados 0.1 ?
[09:00:52] <Yuv422> I ended up learning more than I wanted to about dos while working on my nuvie ultima 6 project. ;-)
[09:01:07] <QbixAway> or is "safe" to play around with
[09:01:12] <Yuv422> mainly cleanup
[09:01:33] <Yuv422> I kinda hacked it in
[09:01:42] <Yuv422> so just chopped out bits I didn't need
[09:02:08] <Yuv422> rather than making a clean modular implementation
[09:02:26] <Yuv422> so I'd probably like to make it a bit more managible
[09:03:08] <Yuv422> and add a more comprehensive memory layout map
[09:07:32] <Yuv422> IDA has a map_address that builds 32bit addresses from their 16bit counterparts
[09:08:22] <Yuv422> so IDA asks for the address of EIP and the function just returns (regs[R_CS].ival<<4) + regs[R_EIP].ival;
[09:08:47] <Yuv422> that's how they added support for 16bit debugging
[09:10:51] <QbixAway> guess I got to get it compiling/running on linux then. Too bad the nice graphic menu doesn't exist in the linux version
[09:11:07] <Yuv422> yeah same with the mac
[09:11:17] <Yuv422> virtualbox is my friend ;-)
[09:11:55] <Yuv422> It supports seamless windows so I can almost run graphical IDA on my mac
[09:12:06] <QbixAway> nice
[09:12:37] <QbixAway> never played with virtual box.
[09:12:57] <Yuv422> it's quite easy to setup
[09:13:00] <Yuv422> and free
[09:13:25] <QbixAway> quite easy sounds scary already :)
[09:13:46] <Yuv422> building the idados IDA plugin on linux might be a challenge
[09:14:44] <Yuv422> I might give it a go tomorrow
[09:14:53] <Yuv422> if I get some time
[09:15:39] <QbixAway> awesome
[09:17:40] <Yuv422> are you running a stock distro?
[09:17:51] <Yuv422> I've got a ubuntu virtual machine
[09:17:57] <Yuv422> that I use for linux work
[09:18:44] <QbixAway> i run ubuntu 8.04 in 64 bit mode. but my ida is 32 bit
[09:19:07] <QbixAway> but I am used to compiling stuff. so I might succeed myself
[09:20:30] <Yuv422> cool
[09:23:01] <Yuv422> you might need to make your own makefile
[09:23:12] <QbixAway> no problem
[09:23:20] <Yuv422> or adapt my mingw file
[09:23:30] <Yuv422> or IDA's standard build files
[09:24:07] <QbixAway> i'll try to figure it out next week. Don't have time this weekend. too much social stuff
[09:25:14] <QbixAway> <- away again
[09:25:22] <Yuv422> cool
[09:25:43] <Yuv422> I'll have a play round myself if I get time
[09:41:50] <Yuv422> bbl
[09:41:54] <-- Yuv422 has left IRC ()
[10:18:26] --> Yuv422 has joined #nuvie
[10:23:29] <-- Yuv422 has left IRC ()
[12:06:50] --> Yuv422 has joined #nuvie
[12:11:50] <wjp> hi Eric
[12:11:59] <Yuv422> Hey Willem
[12:12:04] <Yuv422> How's things?
[12:12:39] <wjp> am trying out idados in linux :-)
[12:12:45] <Yuv422> cool
[12:12:50] <Yuv422> any luck?
[12:13:23] <Yuv422> I was telling qbix that I haven't looked at the state of the linux build environment
[12:14:07] <wjp> "Needs Work"(tm) :-)
[12:14:15] <wjp> but I have it building now
[12:14:16] <Yuv422> hehe :)
[12:14:30] <Yuv422> ah k good to hear
[12:14:34] <Yuv422> 64bit?
[12:14:35] <wjp> there was a nice crash in qsnprintf
[12:14:43] <Yuv422> ouch!
[12:15:02] <wjp> apparently it uses a non-standard '%a' format
[12:15:10] <Yuv422> ah yes
[12:15:22] <wjp> so I'm now doing a small translation on the format
[12:15:26] <Yuv422> IDA uses that to display ea_t types
[12:16:12] <Yuv422> are the IDA q helper functions available in the lmiux SDK?
[12:16:26] <Yuv422> they were'nt included in the win32 gcc SDK
[12:17:58] <wjp> there's no separate linux SDK
[12:18:15] <wjp> so unfortunately not
[12:18:25] <Yuv422> ah k
[12:18:29] <Yuv422> :(
[12:18:43] <wjp> but you fortunately already supplied some replacements :-)
[12:18:54] <Yuv422> hehe
[12:19:08] <wjp> next problem: maybe I just forgot how to use it, but:
[12:19:20] <wjp> I start dosbox and do 'debug ultima6.exe'
[12:19:32] <Yuv422> yup
[12:19:37] <wjp> then start ida, open ultima6.exe, select the dosbox debugger, ...
[12:19:59] <wjp> ..., start process, select the right port
[12:20:09] <wjp> then the u6 intro starts running in dosbox
[12:20:22] <wjp> but ida freezes at that point
[12:20:37] <Yuv422> hmm
[12:20:49] <Yuv422> can you press the pause button?
[12:21:00] <wjp> alt-pause in dosbox doesn't seem to do anything other than printing DEBUG_Continue()
[12:21:17] <Yuv422> how about pausing in ida
[12:21:24] <Yuv422> or has it completely frozen?
[12:21:38] <wjp> ida's interface is completely frozen
[12:21:57] <wjp> (to the point where the window isn't even being redrawn)
[12:22:23] <wjp> if I ctrl-c dosbox, it is restored, though
[12:22:28] <wjp> (with an rpc protocol error dialog box)
[12:23:00] <Yuv422> have you tried setting the break on program start option in IDA?
[12:23:48] <Yuv422> I think the debug_heavy define needs to be set in dosbox
[12:23:55] <wjp> ah, now something happens
[12:25:17] <Yuv422> there is also a define in the IDA plugin to hack around a bug in IDA for breakpoint handling
[12:25:30] <Yuv422> but that was fixed after 5.4 was released
[12:25:34] <wjp> 'run to cursor' didn't quite work as expected
[12:25:46] <wjp> is that that problem?
[12:25:54] <Yuv422> yeah probably
[12:26:03] <Yuv422> did ida not update the EIP properly?
[12:26:18] <wjp> yes
[12:26:27] <wjp> but after another step it was restored
[12:26:30] <Yuv422> the bug was that IDA would convert EIP into the 32bit linear address
[12:26:47] <wjp> ok, sounds like I hit that bug then
[12:26:52] <wjp> so 5.5 should be fine?
[12:26:55] <Yuv422> yes
[12:27:02] <wjp> I'll try moving things to 5.5 soon
[12:27:20] <Yuv422> you can also try using my hack to work around the bug
[12:27:35] <wjp> I'll just move to 5.5; I want to do that anyway
[12:27:42] <Yuv422> cool
[12:27:56] <Yuv422> 5.5 changes the stack display
[12:28:05] <Yuv422> I think I liked the old 5.4 display
[12:28:09] <wjp> I'll also try to move to dosbox 0.73
[12:28:21] <Yuv422> but in 5.5 you can easily edit the stack memory which is nice
[12:28:27] <Yuv422> ah k
[12:28:28] <Yuv422> cool
[12:28:48] <Yuv422> I'm off to bed now
[12:28:56] <wjp> good night
[12:28:59] <Yuv422> cya
[12:29:24] <Yuv422> hopefully it ports to 5.5 and .73 nicely
[12:29:48] <wjp> I'll send you some updated files if I get the linux build working properly/cleanly
[12:29:58] <Yuv422> cool, thanks
[12:30:15] <Yuv422> cya
[12:30:22] <-- Yuv422 has left IRC ()
[13:41:38] <-- Kirben has left IRC (Read error: 145 (Connection timed out))
[17:09:44] <wjp> the dosbox part of the ida/dosbox debugger is building cleanly with dosbox 0.73 in linux now
[17:11:32] <wjp> there don't appear to be any relevant changes to the debugger since 0.73 in CVS, so it'll most likely work with current CVS too
[21:25:37] <wjp> got everything building/running with dosbox 0.73 and ida 5.5 now
[21:26:18] <wjp> build is almost clean; only needs a small patch to ida's default tcpip.cpp because it tries to cast a pointer to/from an int