Cheat Engine

karmah · Posted: Wed Jul 29, 2009 7:00 am Post subject:

Yeah, that would rock.. I miss my old softice Sad

But DBVM's a step in the right direction Smile

Dark Byte · Posted: Wed Jul 29, 2009 7:21 am Post subject:

With kernelmode debugging in my todo list I actually meant debugging usermode application and handling all debugging(single stepping, breakpointsm, debug register read faking,etc...) in the kernel. So no api or flag would be set when debugging.
I have a fairly good idea on how to implement that (bp->save state->wait for event, usermode changes by ce to saved state, awake->set state->continue according to state)

But kernel debugging itself is a bit more complex. If it's halted in kernelmode, then how does a taskswitch to usermode go to update the gui ?

With dbvm I can probably do that, but here's the gui problem again. I can write directly to the display device, but each graphics card is different. (e.g my nvidia seems to have split up the screen into little rectangular blocks) So if someone feels like writing a display driver that works on an already initialized graphicscard, let me know

karmah · Posted: Wed Jul 29, 2009 10:19 am Post subject:

Wouldnt every card on the market these days having VESA support help at all?
Not very familliar with working at levels that low... just a thought..

Dark Byte · Posted: Wed Jul 29, 2009 12:52 pm Post subject:

yes, vesa is most likely supported, but that doesn't take away that the graphics driver may be running in a non-vesa supported mode (e.g to make acceleration, or sli easier)

anyhow, right now you can debug the kernel with dbvm and a serial port (but most new systems these days don't have one, I had to buy a separate pci one and had to code in pci support in dbvm)

karmah · Posted: Wed Jul 29, 2009 1:41 pm Post subject:

Dark Byte · Posted: Wed Jul 29, 2009 3:33 pm Post subject:

I read somewhere that they used some kind of display driver, or display filter driver, but I never tried softice myself and not sure if it interfered with 3d graphics or not
Also, another thing I noticed today is that if a cpu is frozen but the rest of the system isn't, windows(vista 64) will bsod

Dark Byte · Posted: Sun Aug 02, 2009 3:36 pm Post subject:

Little bump to keep myself up to date, looks like you can cause a kernel routine to go to sleep inside the kernel if it's running inside a normal process context while keeping a working gui to display the state and allow for user options, so I could probably add in breakpoints in code that goes "usermode->kernelmode->usermode" Of course, there's still the thing about critical section locks though

Dark Byte · Posted: Fri Aug 28, 2009 2:24 am Post subject:

screenshots of the current progress:

azmodeus · Cheater Reputation: 0 Joined: 17 Sep 2009 Posts: 42

Is this with the DVBM or your own dbk64 driver? Oh, and if ya need any testers.. Smile

Dark Byte · Posted: Sat Sep 19, 2009 4:14 pm Post subject:

this screenshot is in 32-bit without dbvm (with dbvm should probably work too as it's all based on int1)

as for 64-bit, there's some commits in the svn with a semi workable driver, but the debugging hasn't been properly ported yet (and there it will certainly need dbvm, but I'm also working on a runtime off-loading to dbvm routine in the kernel that might help with that part (so no annoying guessing which disk is the right one))
also, for the 64-bit driver you either have to press f8 during boot and allow the option for unsigned drivers, or sign the driver yourself

Dark Byte · Posted: Wed Dec 09, 2009 10:37 pm Post subject:

update on the debugger port so kernelmode debugging works in win64:

and yes, it's using dbvm, but the launch dbvm routine should make the switch to dbvm mode less painful (sorry for amd users though)