• Welcome to Final Fantasy Hacktics. Please login or sign up.
 
March 19, 2024, 06:14:17 am

News:

Please use .png instead of .bmp when uploading unfinished sprites to the forum!


Breakpoints in pSX

Started by nitwit, September 11, 2014, 01:30:22 am

nitwit

http://ngemu.com/threads/psx-debugger.69378/

Quote from: pSX_AuthorBreakpoints also support condition expressions (eg. r2==0x123456), these also support a few functions like read_long(..addr...) but I haven't documented them anywhere.


Could someone explain what all the things do in the Breakpoint pop-up menu in pSX?  I googled it but I didn't find much:
http://psxemulator.proboards.com/thread/3240/using-execute-breakpoints-debugger
http://ngemu.com/threads/psx-debugger.69378/
http://lparchive.org/Policenauts/Update%2051/
http://lparchive.org/Policenauts/Update%2052/

Right-click in Breakpoints -> Add -> Breakpoint pop-up menu
Breakpoint
     Address (enter a number, use 0x prefix to denote hex)
          Execute (checkbox)
          Memory (checkbox)
               Read (checkbox)
               Write (checkbox)
     Size
     Condition (Definitely need some examples on this, only one I see is r2==0x123456.  I need examples of the syntax as well as known commands it supports)
     Count


Right-click in Breakpoints -> Add -> DMA pop-up menu
DMA
     Type (MDEC in, MDEC out, GPU in, GPU out, CDROM, SPU in, SPU out, ClearOTagr)
     Address range
          (checkbox, no name)
          Address (enter number)
          Size (enter number)
    Condition
    Count


Beyond that, how do I find what is stored in a register when and only when a specific instruction is stored in a specific address?  Break on read?

Choto

 As to the other "DMA" breakpoints, i've never thought about that popup menu or anything. And I've never heard of a conditional breakpoint like that. If that works it would be pretty sweet though.

The main ones you'll use are Read/Write and Execute.

A Read/Write will freeze the game when a specific value is loaded or stored to in memory. So typically this happens on lbu, lb, lw, lh, lhu and sb, sh, sw commands.

An Execute breakpoint will freeze the game if code execution reaches a certain command. So if I set a breakpoint on 0x18b43c, code will stop at the first command of the pre-formula routine.

By freeze the game I mean code execution will halt and you can then step through each command, set the PC, run to the cursor, and any other debugging commands. You can also view what values are in the registers at each command execution.

This is from http://www.raphnet.net/electronique/psx_adaptor/Playstation.txt <-- this is more info than you ever wanted about the playstation architecture:

DMA
   From time to time the PSX will need to take the CPU off the main bus in order to give a device access directly to Memory.  The devices able to take control of the bus are the CD-ROM, MDEC, GPU, SPU, and the Parallel port. There are 7 DMA channels in all (The GPU and MDEC use two)  The DMA registers reside between 0x1f80_1080 and 0x1f80_10f4. The DMA channel registers are located starting at 0x1f80_1080. The base address for each channel is as follows

Base Address   Channel Number   Device   
0x1f80_1080   DMA channel 0   MDECin   
0x1f80_1090   DMA channel 1   MDECout   
0x1f80_10a0   DMA channel 2   GPU (lists + image data)   
0x1f80_10b0   DMA channel 3   CD-ROM   
0x1f80_10c0   DMA channel 4   SPU   
0x1f80_10d0   DMA channel 5   PIO   
0x1f80_10e0   DMA channel 6   GPU OTC (reverse clear the Ordering Table)   


So I'm guessing the DMA registers refer to those. Maybe it freezes the game when SPU or GPU are engaged.

nitwit

Quote from: ChotoAn Execute breakpoint will freeze the game if code execution reaches a certain command. So if I set a breakpoint on 0x18b43c, code will stop at the first command of the pre-formula routine.

http://ffhacktics.com/wiki/Pre_Formula_Setup_%28FDC%29

Doesn't this routine start at 0x0018b34c?  You said 0x0018b43c.

And by break you mean it will freeze at 0x18b34c, and then I can go through that routine step by step (or skip over instructions with Step Over) and check what values are loaded in registers at certain points?

http://www.cs.umd.edu/class/sum2003/cmsc311/Notes/Mips/stack.html
r29 is the stack pointer.

Besides that, does the syntax of those conditional breakpoints resemble any language you know of? 

http://www.zophar.net/forums/showthread.php?t=13521
QuoteI added my condition read_long(0x1C7138)==0x0


Quote
Breakpoints: ok in debugging, breakpoints are specific "rules" where when the rules are met, the CPU stops what it's doing (otherwise known as breaking, hence the term "breakpoint"). For example, I could have it to where whenever a certain value in memory is read by the code in the game (which will be explained in a bit), it'll stop it whenever it does. Also, I can add extra rules, called "conditions" to further refine the breakpoint. So lets say I want it to break when a certain place in memory is read but ONLY when another memory location equals x value, I can do that too. I can also alter the count which is how many times should the rules be "triggered" before actually breaking. Breakpoints are essential for finding algorithms in the game.


I think I'll ask at Zophar next.



Raijinili

\begin{necropost}

I just discovered how powerful the debugger's evaluator is, and added what I found to the wiki. It should help anyone looking to use the conditional breakpoint feature, as well as anyone who uses the debugger at all.
http://ffhacktics.com/wiki/Psxfin#Value_syntax
Feel free to add more examples as you build them.

I found the function names by using a hex editor and finding the section where the names are stored, using the known name `read_long`. As far as I can tell, the syntax has never been documented this thoroughly, since the full list of function names doesn't show up on Google in the context of pSX.

\end{necropost}
  • Modding version: Other/Unknown

nitwit

I think mednafen uses the unreleased 1.14 source code, you could poke through that.  It doesn't have a debugger though, so I doubt it would produce anything useful.

Angel

Where in the hell did you get that idea?
  • Modding version: PSX
* Angel should quit being a lazy bitch
<@Elric> I agree to that as well

nyanyame nyanyajuu nyanyado no nyarabide nyakunyaku inyanyaku nyanyahan nyanyadai nyannyaku nyarabete nyaganyagame
At the end of the day, are we not all trapped inside lemons?