*** 21 May 2009. v0.1. Initial release.

*** 11 Jun 2009. v0.2. Options "quiet" and "unicode" are added to BPF:

* quiet: be quiet about specific breakpoint

* unicode: treat strings in arguments as unicode (widechar). This could be helpful if you intercept unicode win32 functions with W suffix, for example, MessageBoxW.
Unfortunately, gt can only automatically detect first half of ASCII table, so multilingual unicode strings will not be detected.

*** 05 Dec 2009. v0.3.

Option quiet is removed.

DUMP_ARGS option added to BPF.

BPX option added.

x64 support.

BPM now support QWORD.

*** 07-Jun 2010. v0.4.

* FPU registers support at BPX breakpoint

new command line options:

-fpu_always - always show FPU registers at BPX breakpoint
-fpu_never  - never show FPU registers at BPX breakpoint

In SET option of BPX command now it is possible to use FPU registers: ST0..ST7, for example:

bpx=program.exe!address,set(st0,123.4)

Note: gt never modify FPU tag word registor as well as not modify TOP register, so, if some register was marked as "empty" and gt set some value there, it will remain marked "empty".

If the float-point number is also NaN (Not-a-Number), it will be treated as MMX contents and will be dumped too

new command line option:

-dump_xmm - dump XMM registers state at BPX breakpoint

* now we attach to all processes with process name specified

* symbol defined in address can also contain "+ofs" suffix, where "ofs" is decimal or hexadecimal number with "0x" prefix

for example: "bpx=kernel32.dll!writefile+0x5" or "bpx=file.exe!base+0x1234" where base is PE file base.

* PDB files support. 

compile your program with /Zi option in MSVC and get PDB debug file for it

*** 14-Jan-2010. v0.5beta

* BPX DUMP option: if an asteriks symbol '*' is set before address or register value, then gt will read DWORD (or QWORD in x64 version), treat it as address and dump a buffer here. For example: dump(*ebx,0x100) - take address on a memory cell EBX register pointing on and dump buffer with size of 0x100 bytes.

* Fixed PDB loader bug: ("Error: SymGetModuleInfo64() failed. Error code: 87  / The parameter is incorrect.")

* Fixed bug: now 0x0A and 0x0D symbols are represented as "\r" and "\n" in function arguments instead of newlines right there.

* New BPF feature: TRACE: trace all instructions in function, collect values we are interesting in and save it to IDA script or generic text file. gt.html#bpf_trace ; gt.html#bpf_ex_trace

*** 13-Feb-2010

* (BPX) new COPY option: bpx=address,copy(address2,c_string) - copy C string to address2 while at breakpoint. C string may contain "\xXX" sequences meaning hexadecimal numbers.

* (BPX) Address in DUMP, SET and COPY can be not only register+offset, address, but also module!symbol.

*** 28-Feb-2010

* (NOTES) resulting .txt file now contain disassembled instruction as well.