Codeview or other 16 bit debuggers with windows 7

Started by allynm, April 27, 2011, 09:38:19 PM

Previous topic - Next topic
Print
Go Down Pages 1 2
User actions

clive

#15
April 30, 2011, 02:02:43 AM
DumpCV is somewhat of a toy application, it tries to parse or break down the internal content in a semi-coherent form, but it gets updated now and again when people find files that break it. I use it as a diagnostic tool and test platform for my symbol extraction library.

The thing to remember when deciphering the symbols is to think of various scopes, the function, loops, local variables. Or compounded statements in C ie { }. A subroutine is described as several levels of nesting. Depending on the compiler and linker setting you can see more detail, including things like source files and line numbers. Symbols can be broken down by module/object, or describe the public symbols in the final executable. Finally the symbols can have hash tables, and the format/algorithms/binning of those tables have changed over time, in most cases these aren't of much interest, they just permit quick cross-referencing via symbol name. Certainly in the beginning the goal was to just load the symbols as a big binary blob the debugger could just navigate, rather than have to parse/process itself. In that respect the linker, and tools like CVPACK, basically processed the data into an easily digestible form.

I've dug around with this stuff quite a lot over the years, and played with most of the 16-bit C, Pascal, Fortran and Basic compilers Microsoft released. I have a lot of the 32-bit ones too, and also the Borland and Watcom tools.

There used to be material on the MSDN discs, but I suspect getting access to what you want might be difficult. Never was really well documented, at least in terms of being able to generate it with 100% confidence. I just built tools to extract symbols for my debuggers and disassemblers. I do a half-assed job of parsing the "type" information because I've never had a pressing need for it. The PDB files are an abstracted extension where the CodeView data evolved into a new form. The documentation on these is even more sparse, and I'd hazard Microsoft can't decipher all the formats they created simultaneously. The other draw for moving to PDB files was the ability to handle incremental compiling/linking.

The often cited spec is "Microsoft Codeview 4.0 Symbolic Debug Information Specification"

"Improve Your Debugging by Generating Symbols from COM Type Libraries"
http://www.microsoft.com/msj/0399/hood/hood0399.aspx
It could be a random act of randomness. Those happen a lot as well.

allynm

#16
April 30, 2011, 03:39:55 PM
Hello Clive,

Thank you for your elucidation of dumpcv and more generally the status of debugger documentation.  I looked at the Pietrek article and this is a start, at least, in getting a better appreciation of this extremely complex field.  I'll also look at the MSFT document reference you gave. 

As an aside (partly because it probably belongs in a different thread), I have had rotten luck making windbg work with 32 bit C programs  and I thought perhaps codeview might be a reasonable substitute, at least for 16 bit code.  And so it is, especially on XP SP3, less so for Win7.  As seems to be universally (or nearly, at any rate) true, Ollydbg has been my preferred debugger for 32 bits.  But, I always wanted to make Windbg go, although its user interface is much less friendly than Olly. 

Thanks very much for your help and for the copy of dumpcv.  It deserves a lot more study, even if it is "just a toy".

Regards,
Mark

dedndave

#17
April 30, 2011, 03:56:50 PM
as Clive mentioned, for 16-bit code (including 16-bit programs that may have 32-bit instructions) you can use SymDeb
it isn't CodeView, but it works, and it is compatible with the symbol files generated by MapSym
although you may want to use CodeView, it might be handy to have on hand for comparison testing

i never liked CodeView and used SymDeb for years
i used it to dis-assemble many 16-bit programs, including much of DOS   :P
i even used it to dis-assemble SymDeb - lol

allynm

#18
April 30, 2011, 08:18:59 PM
Hi Dedndave,

I haven't used Codeview much because I'm early on in the stages of figuring out 16 bit dos stuff.  It is certainly less user friendly than Olly!  But it is just as certainly more user friendly than Windbg.  I really struggle with that one.. and it usually wins too.  Disheartening. 

I will certainly have a look at SymDeb.  Thanks for attaching it.  I'll test drive it tomorrow afternoon and report on my experience.

Regards to you and Clive,

Mark

allynm

#19
April 30, 2011, 09:36:40 PM
Hi Dedndave,

OK, so I have been trying SymDeb.  First glance it looks a lot like Debug.exe except it has a bunch more commands.  The one I couldn't find was a Restart command....is there one?  I also couldn't figure out how to use the X commands for symbols.

Thanks for putting me onto this program.  Certainly easy to invoke.

Mark

dedndave

#20
April 30, 2011, 11:30:12 PM
well - besides the commands, there are 2 main advantages over debug:
1) it supports symbols
2) it disassemble some 32-bit code

there is no restart, that i am aware of
you can set the DS and ES regsiters to point to the PSP
set CS:IP to the entry point
set SS:SP to the stack base

that may or may not be the same as restart, because data has been modified
also easy - Q command, then F3 at the prompt   :bg

use the "r" command to set registers

clive

#21
May 17, 2011, 07:52:42 PM
I'm going to park this material here in case it's useful to anyone, and that it will show up in Google, and I can find them rapidly later.

This document covers the OMF Object and Library format used by Microsoft, along with ELF and DWARF

Tool Interface Standard (TIS)
Portable Formats Specification, Version 1.1
http://www.acm.uiuc.edu/sigops/rsrc/pfmt11.pdf

This one covers the PE format and CodeView symbols

Tool Interface Standard (TIS)
Formats Specification for Windows, Version 1.0
http://www.x-ways.net/winhex/kb/ff/PE_EXE.pdf

Robert Collins (TI, Transmeta, nVidia) has these in separate documents
http://www.rcollins.org/intel.doc/Tools.html
ftp://ftp.x86.org/manuals/tools/sym.pdf
ftp://ftp.x86.org/manuals/tools/pe.pdf
ftp://ftp.x86.org/manuals/tools/omf.pdf
ftp://ftp.x86.org/manuals/tools/elf.pdf
ftp://ftp.x86.org/manuals/tools/dwarf.pdf
ftp://ftp.x86.org/manuals/tools/winform.pdf

Here's the 1.2 ELF specification
http://refspecs.freestandards.org/elf/elf.pdf

And a repository much historical material
http://www.osdever.net/cottontail/

Tools Developer Documentation, multiple platforms and formats
http://www.openwatcom.org/index.php/Developer_Documentation
It could be a random act of randomness. Those happen a lot as well.

allynm

#22
May 18, 2011, 01:16:45 AM
Good evening, Clive

Thank you for posting this material.  Very helpful.

Regards,
Mark Allyn
Print
Go Up Pages 1 2
User actions