VOGONS


First post, by ninjalj

User metadata
Rank Newbie
Rank
Newbie

Hi,

I have patched Dosbox 0.65 so I can use the debugger to search for memory values. This only does search, which is enough for my purposes. Here's the patch:

Attachments

  • Filename
    search.diff
    File size
    5.12 KiB
    Downloads
    512 downloads
    File license
    Fair use/fair dealing exception
  • Filename
    search.txt
    File size
    4.34 KiB
    Downloads
    519 downloads
    File license
    Fair use/fair dealing exception

Reply 1 of 12, by ninjalj

User metadata
Rank Newbie
Rank
Newbie

More patches,

Somewhere in the forum someone mentioned he would like a breakpoint on memory read. The first patch does just that.

I also have made a patch for adding cheat commands to the debugger. It's basically a breakpoint on memory change, but instead of stopping, it sets memory to a value passed on the command line.

I did the cheat part after stumbling with a game that decompresses/decodes itself (don't know, have not looked, I just couldn't find the code I wanted to modify with an hex editor), just before realizing I could have set memory to nops. That's what happens when you code before you think.

As before, these are against 0.65, and the cheat patch must be applied after the memory read breakpoints patch.

Attachments

  • Filename
    memory_read_breakpoints.diff
    File size
    8.41 KiB
    Downloads
    501 downloads
    File license
    Fair use/fair dealing exception
  • Filename
    cheat.diff
    File size
    7.27 KiB
    Downloads
    419 downloads
    File license
    Fair use/fair dealing exception

Reply 2 of 12, by wd

User metadata
Rank DOSBox Author
Rank
DOSBox Author

Thanks for the patches. The memory searching looks nice, might give
a useful addition if beefed up a bit.

About the break on memory reads: this doesn't work as you implemented
it (note that there are only calls CheckBreakpoint(SegValue(cs),reg_eip)).
Really implementing this type of breakpoint requires rewriting the memory
handler functions to do the checks, which isn't the fastest thing to do.
Harekiet had some idea about using custom handlers which would be
quite fast, don't know if he actually implemented it.

Reply 3 of 12, by ninjalj

User metadata
Rank Newbie
Rank
Newbie

Thanks for the patches. The memory searching looks nice, might give
a useful addition if beefed up a bit.

What exactly would you like to see? Searching for bytes, words or dwords? Other things?

About the break on memory reads: this doesn't work as you implemented
it (note that there are only calls CheckBreakpoint(SegValue(cs),reg_eip)).

D'oh. I was too busy testing my previous patch (read: playing games with infinite lives), so I didn't test that patch. 😊

Really implementing this type of breakpoint requires rewriting the memory handler functions to do the checks, which isn't the fa […]
Show full quote

Really implementing this type of breakpoint requires rewriting the memory
handler functions to do the checks, which isn't the fastest thing to do.
Harekiet had some idea about using custom handlers which would be
quite fast, don't know if he actually implemented it.

I'm working on it. If anyone is curious, below is a (non-working) patch with my current modifications. I'll try to make it work this weekend, if I have time. Then I'll probably forward port it to a recent CVS.

Anyway, I'd really like to see the search part merged, so please tell me what you think is missing / could be done better.

Warning: Non-working patch follows

Attachments

Reply 4 of 12, by ninjalj

User metadata
Rank Newbie
Rank
Newbie

Ok, let's see if I understand this thing correctly.

IIUC, PageHandlers can be marked READABLE, which means that the host system can read memory directly from paging.tlb.read[page], and then the PageHandler must provide a method GetHostReadPt, or it doesn't have that flag, it doesn't implement the GetHostReadPt method, and all reads must be through the methods read[bwd].

Linear addresses are addresses after segmentation but before paging, and physical addresses are addresses after paging.

If you change the PageHandler for a page, it's sufficient to call PAGING_UnlinkPages(page,1) after that so dosbox's memory system uses the right methods of the PageHandler

BTW, there's a bug in the PAGING_UnlinkPages function, but it's not important for now since it never gets triggered. Attached is the fix.

Apart from that, I have memory access breakpoints mostly working, but the patch needs some serious cleanup. I'll post something tomorrow.

Attachments

  • Filename
    PAGING_UnlinkPages.diff
    File size
    426 Bytes
    Downloads
    449 downloads
    File license
    Fair use/fair dealing exception

Reply 5 of 12, by ninjalj

User metadata
Rank Newbie
Rank
Newbie

Ok, attached are memory access breakpoints for dosbox 0.65. 😎

I don't know if this works with linear memory and protected memory breakpoints. I have only tested with real mode games.

I don't know if all this should be enclosed in #if C_HEAVY_DEBUG or not. If it's not being used it shouldn't take CPU power, but with memory breakpoints set, it can be heavy.

Apart from that, uses of enum EBreakpoint are getting really ugly. Probably it should be turned into a bitfield with values for BKPNT_MEMORY_CHANGE, BKPNT_MEMORY_ACCESS, BKPNT_ACCESS, BKPNT_LINEAR_MEMORY and BKPNT_PROT_MEMORY. Opinions?

Attachments

Reply 6 of 12, by wd

User metadata
Rank DOSBox Author
Rank
DOSBox Author

Thanks again for your work.

What exactly would you like to see? Searching for bytes, words or dwords? Other things?

Something like searching for byte sequences/strings, and putting it into
one command or so. But don't bother, this is no request 😉
Think in the current layout it can trigger pagefaults (which is bad) but this
is solvable.

Reply 7 of 12, by wd

User metadata
Rank DOSBox Author
Rank
DOSBox Author

Ok memory bps don't work that way as well. You're binding the
debug pages to the code pages of the dynamic core, in the worst
case (running in the normal core) you can't set any membps at all.

But have a look at CodePageHandler (SetupAt and the read/write handlers)
as this class works as a partial wrapper. If you replace the host_read/write
calls in the read/write methods with something like
old_pagehandler->read/write (and removing all the other useless stuff
in these handlers which is for the dynamic core only) it should be suitable
for your debug handler.
Also look at MakeCodePage() as this wraps a CodePageHandler around
an existing page.

Hope this helps!

Reply 8 of 12, by ninjalj

User metadata
Rank Newbie
Rank
Newbie

Indeed I bind debug pages to every page (except InitPageHandler). I use normal core, so I don't know if setting mem bps on dynamic code makes any sense (thinking about it, maybe you can catch smc).

Anyway, mem bps do work, this time I have tested them. 😉

But, the break occurs at the next instruction. 🙁

Reply 9 of 12, by wd

User metadata
Rank DOSBox Author
Rank
DOSBox Author

> Indeed I bind debug pages to every page

I see, should work. Although it's quite an overkill as every new
page handler type has to care about this. The wrappers are
much cleaner imo.

> But, the break occurs at the next instruction.

It's not possible to break before it as the memory access happens
during the instruction execution. But if outputting the cs:eip along
with the old/new (in case of writes) memory content in should be
quite useful already 😀

Reply 11 of 12, by sergiou87

User metadata
Rank Newbie
Rank
Newbie

I just adapted ninjalj's patch for breakpoint on memory reads for a project I'm working on (https://twitter.com/sergiou87/status/1254364851419447298) and they seem to work fine, thanks ninjalj for your contribution!

Also in case it's useful to someone else, I wanted to share it 😁

Attachments

Reply 12 of 12, by dion

User metadata
Rank Newbie
Rank
Newbie
sergiou87 wrote on 2020-05-01, 22:31:

I just adapted ninjalj's patch for breakpoint on memory reads for a project I'm working on (https://twitter.com/sergiou87/status/1254364851419447298) and they seem to work fine, thanks ninjalj for your contribution!

Also in case it's useful to someone else, I wanted to share it 😁

apply diff manually on dosbox staging results dosbox hang. Could you help?

thanks