Why invest in better debugging productivity tools for your engineers? This article illustrates some real-world examples of advantages and benefits for OS/hypervisor developers, game anti-cheat companies, and EDR/malware researchers.
This article describes using JTAG in combination with Intel Trace features, specifically Last Branch Record (LBR) trace, to research the internals of System Management Mode (SMM).
As Windows boots, individual cores are enabled for HLAT for an Intel CPU that supports VT-rp. This article describes using JTAG to determine the behavior of each logical processor.
In part 1 of my explorations into Hypervisor-Managed Linear Address Translation (HLAT), I installed a Canary build on my AAEON UP Xtreme i12 Alder Lake board, and booted to the Windows desktop to see the VMCS field indicating that HLAT was enabled. This time, I isolated some of the code that actually turns it on.
Using JTAG, it is possible to combine the power of WinDbg and SourcePoint, enabling coherent simultaneous debugging of Windows Hyper-V, Secure Kernel, and Normal Kernel.
This article applies SourcePoint debug and trace features to the low-level debug of WDAC. SourcePoint uses JTAG to debug the Windows kernel as no other debugger can.