WinUAE Debugger - points for clarification or improvement

[Rock'n Roll]

This is a summary of various points that I noticed during testing. Maybe some of them can be implemented in a future version?

1.
Wc <addr> <endaddr> <destaddr>, copy memory.
>Wc 30000 30030 30050
Copied from 00030000 - 0003002f to 00030050 - 0003007f

Why not Copied from 00030000 - 00030030 to 00030050 - 00030080 ? include the last byte

2.
helptext: e[x] wrong, better: e[a/x]

3.
helptext: s "<string>"/<values> [<addr>] [<length>] is wrong,
better s "<string>"/<values> [<addr>] [<end>] ; not length -> end

>s 0839000600bfe001 20000 30000
Searching from 00020000 to 00030000..

4.
I <custom event>
Is this command obsolet and free, othwise an example is needed.
What is meaned with custom event?

5.
S <file> <addr> <n> Save a block of Amiga memory.

>S m31212 $31212 !400 ; Wrote 00031212 - 000313A2 (400 bytes) to 'm31212'.
but better is ; Wrote 00031212 - 000313A1 (400 bytes)
>S m1 $1 1 ; Wrote 00000001 - 00000002 (1 bytes) to 'm1'. --> better is: Wrote 00000001 - 00000001 (1 bytes) to 'm1'.
>S m1 $1 0 ; Wrote 00000001 - 00000001 (0 bytes) to 'm1'. --> some error message like 'wrong argument'

6.
S <file> <addr> <n> Save a block of Amiga memory.

S C:\Amiga test $10 2

It is not possible to set a custom path for save. All files goes (in my case) to C:\Users\Public\Documents\Amiga Files\WinUAE

7.
helptext wrong
w <num> <address> <length> <R/W/I> <F/C/L/N> [V<value>[.x]] (read/write/opcode) (freeze/mustchange/logonly/nobreak).
better is:
w <num> [<address> [<length> [<R/W/I> <F/C/L/N> [V<value>[.x]] [<channel>]]]]]

8.
Unknown command and function unknown
>seg
No executable loaded

9.
Unknown command and function unknown
>wl
Memwatch breakpoints enabled
Memwatch DMA validator enabled
>

10.
vm [<channel> <sub index> [<hex rgb>]] show DMA channel status / DMA channel enable/disable toggle/ change color of channel

If sub index is zero: all sub index colors are changed. ok, if index 0 changed all,
then it would be good to change the order from 7,0 -> 7,7 to 7,1 -> 7,8

>vm 7 1 00123456
7,0: 00123456 * Sprite ; the answer is 7,0 and not 7,1; better is: 7,0: --> 7,1:

11.
>fl
0: PC == 0003173e [00000000 00000000]
what is the meaning of [00000000 00000000] ? [00000000 00000000] Could be erased?

I linked the other points here:
>fo ; https://eab.abime.net/showpost.php?p...18&postcount=6
>il ; https://eab.abime.net/showpost.php?p...4&postcount=3;
>smc ; https://eab.abime.net/showpost.php?p...7&postcount=21
>f ; https://eab.abime.net/showpost.php?p...4&postcount=22
>wd ; https://eab.abime.net/showpost.php?p...47&postcount=9
>vh ; https://eab.abime.net/showpost.php?p...6&postcount=28
>D ; https://eab.abime.net/showpost.php?p...65&postcount=8
>H ; https://eab.abime.net/showpost.php?p...30&postcount=3

[Rock'n Roll]

a slightly improved help with all the commands I know:

Code:

>h
          HELP for UAE Debugger
         -----------------------

  g [<addr>]		Start execution at the current address or <address>.
  c                     Dump state of the CIA, disk drives and custom registers.
  r                     Dump state of the CPU.
  r <reg> <value>       Modify CPU registers (Dx,Ax,USP,ISP,VBR,...).
  rc[d]                 Show CPU instruction or data cache contents.
  m <addr> [<lines>]	Memory dump starting at <address>.
  m r[b/w/l](addr/r(register)) [<lines>] Memory dump indirect
  a <addr>		Assembler.
  d <addr> [<lines>]	Disassembly starting at <address>.
  d r[b/w/l](address/r(register)) [<lines>] Disassembly starting indirect 
  d[o/ppc]		change disassembly to PPC or 'Original' 68k Assembly
  t [instructions]      Step one or more instructions.
  tx                    Break when any exception.
  z                     Step through one instruction - useful for JSR, DBRA etc.
  f                     Step forward until PC in RAM ("boot block finder").
  f <addr> [Nx]		Add/remove breakpoint.
  fa <addr> [<start>] [<endaddr>]
                        Find effective address <address>.
  fi                    Step forward until PC points to RTS, RTD or RTE.
  fi <opcode> [<w2>] [<w3>] Step forward until PC points to <opcode>.
  fp "<name>"/<addr>    Step forward until process <name> or <addr> is active.
  fl                    List breakpoints.
  fd                    Remove all breakpoints.
  fs <lines to wait> | <vpos> <hpos> Wait n scanlines/position.
  fc <CCKs to wait>     Wait n color clocks.
  fo <num> <reg> <oper> <val> [<mask> <val2>] [Nx] [Hx] Conditional register breakpoint.
                        reg=Dx,Ax,PC,USP,ISP,VBR,SR. oper:!=,==,<,>,>=,<=,-,!- (-=val to val2 range).
  f <addr1> <addr2>     Step forward until <addr1> <= PC <= <addr2>.
  e[a/x]                Dump contents of all custom registers, ea = AGA colors.
  i			Dump contents of interrupt and trap vectors.
  il [<mask>]           Exception breakpoint.
  o <0-2|addr> [<lines>]View memory as Copper instructions.
  od                    Enable/disable Copper vpos/hpos tracing.
  ot                    Copper single step trace.
  ob <addr>             Copper breakpoint.
  H[H] <cnt>            Show PC history (HH=full CPU info) <cnt> instructions.
  C [<value>]		Search reset or search for values like energy or lifes in games.
  Cl                    List currently found trainer addresses.
  D[idxzs [<max diff>]] Deep trainer. i=new value must be larger, d=smaller,
                        x = must be same, z = must be different, s = restart.
  W <addr> <values[.x] separated by space> Write into Amiga memory.
  W <addr> 'string'     Write into Amiga memory.
  Wf <addr> <endaddr> <bytes or string like above>, fill memory.
  Wc <addr> <endaddr> <destaddr>, copy memory.
  w <num> <address> <length> [<R/W/I>] [<F/C/L/N>] [V<value>[.x]][<channel>]
			(read/write/opcode) (freeze/mustchange/logonly/nobreak).
                        Add/remove memory watchpoints.
  wd [<0-1>]            Enable illegal access logger. 1 = enable break.
  wl			Memwatch DMA validator
  L <file> <addr> [<n>] Load a block of Amiga memory.
  S <file> <addr> <n>   Save a block of Amiga memory.
  s "<string>"/<values> [<addr>] [<endaddr>]
                        Search for string/bytes.
  T or Tt               Show exec tasks and their PCs.
  Td,Tl,Tr,Tp,Ts,TS,Ti,TO,TM,Tf Show devs, libs, resources, ports, semaphores,
                        residents, interrupts, doslist, memorylist, fsres.
  b                     Step to previous state capture position.
  M<a/b/s> <val>        Enable or disable audio channels, bitplanes or sprites.
  sp <addr> [<addr2][<size>] Dump sprite information.
  di <mode> [<track>]   Break on disk access. R=DMA read,W=write,RW=both,P=PIO.
                        Also enables level 1 disk logging.
  did <log level>       Enable disk logging.
  dj [<level bitmask>]  Enable joystick/mouse input debugging.
  smc [<0-1>]           Enable self-modifying code detector. 1 = enable break.
  dm                    Dump current address space map.
  v [<-1 to -6/o> | <vpos> [<hpos>] [<lines>]
                        Show DMA data (accurate only in cycle-exact mode).
                        v [-1 to -6] = enable visual DMA debugger.
  vh [ -1/?/c/d ] | [<channel> [<lines>]]  "Heat map"
  vm [<channel> <sub index> [<hex rgb>]] show DMA channel status / DMA channel enable/
			disable toggle/ change color of channel
  I <custom event>      Send custom event string
  reset[<h/k>]		Reset (hardware, keyboard)
  ?<value>              Hex ($ and 0x)/Bin (%)/Dec (!) converter and calculator.
  x                     Close debugger.
  xx                    Switch between console and GUI debugger.
  mg <address>          Memory dump starting at <address> in GUI.
  dg <address>          Disassembly starting at <address> in GUI.  
  q                     Quit the emulator. You don't want to use this command.
>

[Rock'n Roll]

further more points:

1. sp-command
Is it possible to show also the sprite height?

Sprite address 0002BD5C, width = 16, height = 13 ; EndY=109-StartY=96
OCS: StartX=416 StartY=96 EndY=109
ECS: StartX=1664 (416.0) StartY=96 EndY=109
Attach: 0. AGA SSCAN/SH10 bit: 1

>?!109-!96
$0000000D = %00000000`00000000`00000000`00001101 = 13 = 13
>

2. -- CYC ?
CIA A: PRA C2 PRB 00 DRA 03 DRB 00
CRA 00 CRB 08 ICR 00 IM 0a TA ffff (ffff) TB 0863 (0863)
TOD 00167f (0011aa) ALARM 000000 -- CYC=0000003427988E00

What is the normal user info about CYC=0000003427988E00?

3.
>Wf 30050 30060 $F0
Wrote data to 00030050 - 00030060
>m 30050 2
00030050 F0F0 F0F0 F0F0 F0F0 F0F0 F0F0 F0F0 F0F0 ................
00030060 0000 0000 0000 0000 0000 0000 0000 0000 ................
>

it wrotes $F0 only from 00030050 to 0003005F, it doesn't include the last byte 30060
change answer: Wrote data (16 bytes) to 00030050 - 0003005f.

4.
>s 3F 00 2000
Searching from 00000000 to 00002000..
Scanning.. 00000000 - 00010000 (Chip memory)
00000CF1 00000D78 00000D7E 00000D85 00000D89 many more unformated addresses....

Limit output to 8 entries per line, please formatting

5. fa <address> [<start>] [<end>]
>fa c02878 ; normally
Searching from 00000000 to 00C80000
Scanning.. 00000000 - 00200000 (Chip memory)
Scanning.. 00c00000 - 00c80000 (Slow memory)

[<start>] [<end>] doesn't work

>fa c02878 20000
Searching from 00020000 to 00C80000
Scanning.. 00c00000 - 00c80000 (Slow memory)

>fa c02878 $20000 $30000
Searching from 00020000 to 00030000
Scanning.. 00c00000 - 00c00000 (Slow memory)
>

6. String returned: ''
>w 0 1000 10 WR
0: 00001000 - 0000100F (16) RW CPU
>w 0 1000 10 LR
0: 00001000 - 0000100F (16) R L CPU
>w 0 1000 10 RW
String returned: ''
>w 0 1000 10 RL
String returned: ''

7. works but it doesn't break the program
w 0 22000 2 fw
works but it comes no break or it works as w 0 22000 2 fwn, without f it triggers a break

8.
>w ; if no memwatch breakpoint has been added, the answer to >w is nothing
>

>w
No breakpoints. ; expected like >fl

9.
The debugger always needs to wait until current CPU instruction has finished execution which
means above breakpoints can't be 100% exact.

>fc 1
Cycles: 1 Chip, 2 CPU. (V=105 H=166 -> V=105 H=167) ; change H=167 to 173
VPOS: 105 ($069) HPOS: 173 ($0ad) COP: $0001ede4
...
>fc 1
Cycles: 5 Chip, 10 CPU. (V=105 H=173 -> V=105 H=178) ; here is the correct elapsed cycles
VPOS: 105 ($069) HPOS: 178 ($0b2) COP: $0001ede4
...
>fc 1
Cycles: 1 Chip, 2 CPU. (V=105 H=178 -> V=105 H=179) ; change H=179 to 188
VPOS: 105 ($069) HPOS: 188 ($0bc) COP: $0001ede4

better show always the needed cycles from the current instruction
the same for fs

>fs 115 20
Cycles: 68327 Chip, 136654 CPU. (V=127 H=20 -> V=115 H=20) ; better H=23
VPOS: 115 ($073) HPOS: 023 ($017) COP: $0001ede4

I prefer the correct state, like after a >t

10.
if a program breakpoint interrupts a 'fc' and the breakpoint is deleted then
the waiting CCKs are not correct anymore

Code:

>f 23d60
Breakpoint added.
>g
Breakpoint 0 triggered.
Cycles: 30 Chip, 60 CPU. (V=111 H=106 -> V=111 H=136)		; one loop is 30 CCK
...
>fd
All breakpoints removed.
>fc 90
Cycles: 90 Chip, 180 CPU. (V=111 H=136 -> V=111 H=226)		; everything ok here
...
>fc 90
Cycles: 90 Chip, 180 CPU. (V=111 H=226 -> V=112 H=89)		; everything ok here
...
>f 23d60
Breakpoint added.
>fc 90
Breakpoint 0 triggered.										; program breakpoint interrupts a 'fc'
Cycles: 30 Chip, 60 CPU. (V=112 H=89 -> V=112 H=119)		; 30 CCK is ok
...
>fd
All breakpoints removed.
>fc 90
Cycles: 60 Chip, 120 CPU. (V=112 H=119 -> V=112 H=179)		; 60 Chip and not 90, not ok
...
>fc 90
Cycles: 30 Chip, 60 CPU. (V=112 H=179 -> V=112 H=209)		; 30 Chip and not 90, not ok
...

same problem with command 'fs'

11.
wish >d is >d pc , because I want see direct the next instruction

Example: If I open the debugger with Shift+F12 or after a triggered breakpoint my interest is on >d pc

Code:

Cycles: 4194303 Chip, 8388607 CPU. (V=122 H=131 -> V=210 H=0)
VPOS: 210 ($0d2) HPOS: 004 ($004) COP: $0001ede4
 ...
00022c10 0839 0006 00bf e001      btst.b #$0006,$00bfe001
Next PC: 00022c18
>d	; >d 'next pc'
00022c18 66f6                     bne.b #$f6 == $00022c10 (T)
...
>d pc	; I get this with a >d
00022c10 0839 0006 00bf e001      btst.b #$0006,$00bfe001
...
>

Could the first >d always show the disassembly from the current pc like >d pc not from the next pc?
Every next >d shows the next lines then.

12. >ex - reading, intepretation?
>ex
096 DMACON 03A0 83A0 00022D10 CPU 18A COLOR05 0BB9 0000 00000000 CPU
098 CLXCON 0000 0000 00000000 CPU 18C COLOR06 0DE7 0000 00000000 CPU
>d 22D10 1
00022d10 3b7c 83a0 0096 move.w #$83a0,(a5,$0096) == $00dff096

09A INTENA 0000 7FFF 00022B4E CPU 18E COLOR07 0E7D 0000 00000000 CPU
09C INTREQ 0028 7FFF 00022B4E CPU 190 COLOR08 07FF 0000 00000000 CPU
>d 22B4E 1
00022b4e 2b7c 7fff 7fff 009a move.l #$7fff7fff,(a5,$009a) == $00dff09a

This seems to be ok. But what about COP? It's in the next line?

0E0 BPL1PTH 0006 0006 00068764 COP 1C4 HBSTRT 0000 0000 00000000 CPU
0E2 BPL1PTL 8B48 8B48 00068768 COP 1C6 HBSTOP 0000 0000 00000000 CPU
>o 68764 1
00068764: 00e2 8b48 ; BPL1PTL := 0x8b48

000 BLTDDAT 0000 0000 00000000 CPU 108 BPL1MOD FFF8 FFF8 00068754 COP
002 DMACONR 03A0 0000 00000000 CPU 10A BPL2MOD FFF8 FFF8 00068758 COP
>o 68754 1
00068754: 010a fff8 ; BPL2MOD := 0xfff8
>

13. rc / rcd
Whats the different between rc and rcd? How is the interpretation?

>rc
00022AF0U:203900DF*00022AF4U:F0040280*00022AF8U:000FFF00*00022AFCU:0C800001*
...

00022af0 2039 00df f004 move.l $00dff004,d0

[Rock'n Roll]

ok, further more points
(Basically, however, the debugger works perfectly. It is nuances that are the issue here.)

1.
>C4
Scanning.. 00000000 - 00200000 (Chip memory)
Scanning.. 00c00000 - 00c80000 (Slow memory)
0000345B 00003473 000034AA 0008345B 00083473 000834AA 0010345B 00103473 001034AA 0018345B 00183473 001834AA Found 12 possible addresses with 0x4 (4) (1 bytes)
Now continue with 'g' and use 'C' with a different value
>
Format output to 8 addresses per row, please

2. after a Cl the input prompt is on the far right
>Cl
000034AA=0003 000834AA=0003 001034AA=0003 001834AA=0003 >

3. wish - Bitwise Not operation ~
>?$3
$00000003 = %00000000`00000000`00000000`00000011 = 3 = 3
>?~$3 ; ... 1111 1100
(for Blitter LF calculation: AB+!AC)

4. N counts one too much
>f 2C1FC N3
Breakpoint added.
>g
Breakpoint 0 hit: PC=0002c1fc, count=3.
Breakpoint 0 hit: PC=0002c1fc, count=2.
Breakpoint 0 hit: PC=0002c1fc, count=1.
Breakpoint 0 triggered.

5. visual DMA Debugger
transparency mode is gone?
v -5 : enable + visual mode + larger overlay with "transparency"
was till 4.9

6. DMA Debugger
- Horizontal diw ('(' and ')'), markers are on wrong positions
- missed the L mark for long line (L) in second refresh slot

7. HDIW=0/1 in >c output are wrong

8. if an exception is debugged while the DMA debugger is active, the output does not stop after the number of lines
e.g. H2 returns 500 lines

>v-2 ; DMA Debugger on
>il $08000000 ; Exception Brkpt. lvl-3
>g ; breaks the exception
>H2 ; not 2, delivers 500 (maximum?)

9. wish - Hs command
even if cycle exact or DMA debugger is active, a simplified output only CPU, without DMA channels or CPU cycles
eg. H[s] <cnt> ; short
>Hs1
0 209/199 0001fff6 0c39 00c8 00df f006 cmp.b #$c8,$00dff006
; - 00 D1 BPL2 112 0000 0001CE08 ; without these lines

10. unification
There are two differents output concepts for similar the same. The PC-History and DMA Debugger.
Why not bring both in an unifcation output? It would be more readable.

Code:

>H10		; this are the last 10 executed instructions 						
...
 0 209/199 0001fff6 0c39 00c8 00df f006      cmp.b #$c8,$00dff006
 - 00 D1 BPL2   112         0000    0001CE08
 - 00 D2 CPU-RWI            00DF    0001FFFA
 - 00 D3 BPL1   110         3C3C    00017E08
 - 00 D4 CPU-RWI            F006    0001FFFC
 - 00 D5 BPL2   112         0000    0001CE0A
 - 00 D6 CPU-RWI            66F6    0001FFFE
 - 00 D7 BPL1   110         3C00    00017E0A
 - 00 D8 CPU-RBD            00C7    00DFF006
 - 00 D9 BPL2   112         0000    0001CE0C
 - 00 DA CPU-RWI            41F9    00020000
 0 219/199 0001fffe 66f6                     bne.b #$f6 == $0001fff6 (F)
 - 00 DB BPL1   110         0000    00017E0C
 - 00 DD BPL2   112         0000    0001CE0E
 - 00 DE CPU-RWI            0C39    0001FFF6
 - 00 DF BPL1   110         0000    00017E0E
 - 00 E0 CPU-RWI            00C8    0001FFF8
 0 225/199 0001fff6 0c39 00c8 00df f006      cmp.b #$c8,$00dff006
;------------------------------------------------------------------------------
>v !199 !209 5		; this are collected cycles from the previous frame	
Line: C7 199 HPOS D1 209:
 [D1 19A -]   [D2 19C -]   [D3 19E -]   [D4 1A0 -]   [D5 1A2 -]   [D6 1A4 -]   [D7 1A6 -] B [D8 1A8 -]
 BPL2   112      CPU-RWI   BPL1   110      CPU-RBD   BPL2   112      CPU-RWI   BPL1   110 c
       0000         66F6         3C3C         00C7         0000         41F9         3C00 c
   0001CE08     0001FFFE     00017E08     00DFF006     0001CE0A     00020000     00017E0A

  004   0E7    0FF   0FF    004   0BF    103   1F8    005   0E7    100   000    005   0BF

 [D9 1AA -]   [DA 1AC -]   [DB 1AE -]   [DC 1B0 -]   [DD 1B2 -] C [DE 1B4 -]   [DF 1B6 -]   [E0 1B8 -]
 BPL2   112      CPU-RWI   BPL1   110      CPU-RWI   BPL2   112 M    CPU-RWI   BPL1   110      CPU-RWI
       0000         0C39         0000         00C8         0000 P       00DF         0000         F006
   0001CE0C     0001FFF6     00017E0C     0001FFF8     0001CE0E     0001FFFA     00017E0E     0001FFFC

  006   0E7    0FB   0FF    006   0BF    0FC   0FF    007   0E7    0FD   0FF    007   0BF    0FE   0FF

;------------------------------------------------------------------------------ 
 0 209/199     0001fff6 0c39 00c8 00df f006      cmp.b #$c8,$00dff006		; one output-concept for both?
 - 00 D1  19A  0001CE08 BPL2   112         0000  xCIAx  004   0E7 
 - 00 D2  19C  0001FFFA	CPU-RWI            00DF  xCIAx  0FF   0FF