Debugger updates (was: WinUAE Debugger HH PC history)

[selco]

Hi,
(How) is the PC history working?

I try to find an Enforcer-Hit. My Program reads a byte from Address 0. The hit seems to point into the linker-library function vprintf, so I have probably passed a Null-Ptr somewhere to a printf-family function, but where?

I did
Shift F12
w 1 0 1 r ; Mem watch point to stop after the illegal read
run my program
WinUAE stops, Rgister A0 is 1

Ok. I see the instruction after my illegal access. One Instruction before is
TST.B (A0)+
So I think this looks like the offending instruction.

Now I thought I can find out where the program came from by typing H or HH or HH 100 or something like that.

But what I see cannot be correct, the instructions in the history do not access memory nor is A1 0 or 1!?

What do I have to do to get a history before the illegal access?
Is Jit or MMU or the selected CPU important?

(I tried with winUAE 3.4.0)

selco

[Toni Wilen]

At least one normal break point (f) must be active. It also enables history collection.

EDIT: JIT must be off. MMU is supported (but it can get confusing if MMU is used to translate addresses)

[selco]

Thanks Toni, now it works.

But...
I have the impression it does not work as expeced in GUI-debugger? (Only in console debugger)

If I do
Shift F12 ; Enter (GUI) debugger
w 1 0 1 R ; Memwatchpoint Read Byte from addr $00000000
f 100 ; add a dummy brakpoint to start history collection
g ; attempt to contininue emulation

It immidetaly stops again as if a breakoint or watchpoint had been reached.
g ; immidetly stop again
g ; immidetly stop again
g ; immidetly stop again

When I switch do console debugger it works
xx ; switch to console
g ; emulation runs until I start my bad program and the memwatch point is reached
HH ; show history, nice!


Is there still a bug or do I something wrong?

[Toni Wilen]

GUI debugger is not supported. I didn't make it and I don't use it. Basic options probably work, most GUI-only features probably have problems.

[selco]

OK, I will try to remember next time ;-)

Thanks Toni, I found the hit with the help of the PC history eventually. There was a snprintf-call that used getenv("HOME") as an argument and HOME was not set... (porting a linux-program with gcc and libnix)

Thanks Alexander

[Toni Wilen]

It usually is null pointer (or null pointer + offset). It is too common

Perhaps some kind of UAE AmigaOS "debug" mode would be useful, for example internal segtracker like thingy (which would be nearly completely in UAE side so that debugger can easily access the data even when AmigaOS side is too corrupted) and hooking to LoadSeg() so that debugged program gets loaded to special reserved debug memory space, no more annoying changing segment addresses between debug sessions!

[alpine9000]

Quote:

Originally Posted by Toni Wilen

It usually is null pointer (or null pointer + offset). It is too common

Perhaps some kind of UAE AmigaOS "debug" mode would be useful, for example internal segtracker like thingy (which would be nearly completely in UAE side so that debugger can easily access the data even when AmigaOS side is too corrupted) and hooking to LoadSeg() so that debugged program gets loaded to special reserved debug memory space, no more annoying changing segment addresses between debug sessions!

Yes please!

[Toni Wilen]

Quote:

Originally Posted by Toni Wilen

Perhaps some kind of UAE AmigaOS "debug" mode would be useful, for example internal segtracker like thingy (which would be nearly completely in UAE side so that debugger can easily access the data even when AmigaOS side is too corrupted) and hooking to LoadSeg() so that debugged program gets loaded to special reserved debug memory space, no more annoying changing segment addresses between debug sessions!

Old post but I finally started implementing this..

Already done:

- segtracker like functionality. (loadseg/newloadseg/unloadseg)
- special "debug ram" address space where debugged program is loaded using custom loader (executed from shell). This guarantees identical load addresses in each debug session. Also each segment is separated by adjustable gap/alignment (default 32k). Any non-allocated memory (not used by any program segment) is marked as invalid and any access will break to debugger. Each CPU access to "debug ram" is real-time validated, check is also byte based.
- stack is moved to debug ram, stack overflow is immediately detected.
- hunk_symbol support, disassembler shows symbol name when instruction's address or instruction's effective address match symbol value. All debugger commands also accept symbol name as address value.

TODO:

- AllocMem()/FreeMem() tracing, if called by debugged program (task matches), memory allocations are allocated from "debug ram" with same real-time byte based access validations (also if memory was allocated without MEMF_CLEAR, read access without previous write breaks to debugger). Memory freeing will be also validated, unmatched length or size = break to debugger.
- gcc -g debugging information support. (enables at least partial source level debugging)

[Toni Wilen]

More UAE debugger improvements, now it parses and loads symbols and gcc stabs debugging information, including source file lines:

(pfs3aio entrypoint function)

Code:

>d _entrypoint
_EntryPoint:
70008170 000168 598f                     SUBA.L #$04 [24780004],A7
{
70008172 00016A 48e7 3f3e                MOVEM.L D2-D7/A2-A6,-(A7)
70008176 00016E 2478 0004                MOVEA.L $0004 [08000810],A2
        SysBase =  *((struct ExecBase **)4);
7000817A 000172 2c4a                     MOVEA.L A2,A6
        g = AllocMem(sizeof(struct globaldata), MEMF_CLEAR);
7000817C 000174 203c 0000 09d0           MOVE.L #$000009d0,D0
70008182 00017A 7201                     MOVE.L #$01 [414eaeff],D1
70008184 00017C 4841                     SWAP.W D1
70008186 00017E 4eae ff3a                JSR (A6, -$00c6) == $0800074a
7000818A 000182 2640                     MOVEA.L D0,A3
7000818C 000184 4a80                     TST.L D0
        if (!g)
7000818E 000186 660e                     BNE.B #$0e == $7000819e (T)
70008190 000188 7e01                     MOVE.L #$01 [474eaeff],D7
                Alert (AG_NoMemory);
70008192 00018A 4847                     SWAP.W D7
70008194 00018C 4eae ff94                JSR (A6, -$006c) == $080007a4
70008198 000190 200b                     MOVE.L A3,D0
                Wait (0);
7000819A 000192 4eae fec2                JSR (A6, -$013e) == $080006d2
7000819E 000196 274a 000c                MOVE.L A2,(A3, $000c) == $080009b6 [3b500000]
        g->g_SysBase = SysBase;
700081A2 00019A 43fa ff9c                LEA.L (PC,$ff9c) == $70008140,A1
        IntuitionBase = (APTR)OpenLibrary ("intuition.library", MIN_LIB_VERSION);
700081A6 00019E 7021                     MOVE.L #$21 [c0488044],D0
700081A8 0001A0 4eae fdd8                JSR (A6, -$0228) == $080005e8
700081AC 0001A4 2740 0010                MOVE.L D0,(A3, $0010) == $080009ba [00000800]
700081B0 0001A8 43fa ffa0                LEA.L (PC,$ffa0) == $70008152,A1
        DOSBase = (struct DosLibrary *)OpenLibrary ("dos.library", MIN_LIB_VERSION);
700081B4 0001AC 7021                     MOVE.L #$21 [40002452],D0
700081B6 0001AE 4eae fdd8                JSR (A6, -$0228) == $080005e8

(lots more still to do..)