1 Ostatnio edytowany przez pajero (2011-09-08 21:30:13)

Debugger'a używamy dla pisanego softu.
Jeśli w katalogu z wczytaną binarką (COM/EXE) znajduje się plik ASM debuger wyciąga nazwy etykiet. To szalenie ułatwia proces od-bugowania.

F8 - stopujemy/wznawiamy program
F9 - w oknie Disassembly za/odznaczamy breakpointy
F11 - wykonaj jeden rozkaz

To co oferuje wersja 1.9

?    Evaluate expression
a    Assemble
ba   Break on memory access
bc   Clear breakpoint(s)
bl   List breakpoints
bp   Set breakpoint
bx   Break on expression (conditional breakpoint)
bs   Break on disk sector
da   Display ATASCII string
db   Display bytes
df   Display decimal float
di   Display INTERNAL string
dw   Display words
e    Enter (alter) data in memory
g    Go
gf   Go until frame end
gr   Go until return (step out)
gs   Go until scanline
gt   Go with tracing enabled
h    Show CPU history
k    Show call stack
lm   List modules
ln   List nearest symbol
r    Registers
s    Step over
t    Trace (step one instruction) (F11)
u    Unassemble
vta  Verifier target add
vtc  Verifier target clear
vtl  Verifier target list
vtr  Verifier target reset
wb   Watch byte
wc   Watch clear
wl   Watch list
ww   Watch word
ya   Add manual symbol
yc   Clear manual symbols
yd   Delete manual symbol
yr   Read manual symbol table
yw   Write manual symbol table
.antic       Display ANTIC status
.bank        Show memory bank state
.basic       Dump BASIC table pointers
.basic_vars  Dump BASIC variables
.beam        Show ANTIC scan position
.caslogdata  Toggle verbose cassette data read logging
.diskorder   Set forced phantom sector ordering
.dlhistory   Show ANTIC display list execution history
.dma         Show current ANTIC DMA pattern
.dumpdlist   Dump ANTIC display list
.dumpdsm     Dump disassembly to file
.dumpsnap    Create bootable snapshot image
.gtia        Display GTIA status
.iocb        Display CIO I/O control blocks
.loadksym    Load kernel symbols
.loadsym     Load module symbols
.map         Show memory map layers
.pathdump    Dump disassembly of recorded paths to a file
.pathrecord  Show or change path recording setting
.pathreset   Clear recorded paths
.pathbreak   Toggle break on new path
.pclink      Display PCLink status
.pokey       Display POKEY status
.restart     Restart emulated system
.sdx_loadsyms  Load SpartaDOS X symbols
.sio         Dump SIO parameter block
.tracecio    Toggle CIO call tracing
.traceser    Toggle serial I/O port tracing
.unloadsym   Unload module symbols
.vbxe        Display VBXE status
.vbxe_bl     Display VBXE blit list (BL)
.vbxe_xdl    Display VBXE extended display list (XDL)
.vbxe_traceblits    Toggle VBXE blit tracing
.vectors     Display kernel vectors
.writemem    Write memory to disk

Some commands support extended memory syntax:
  $0000      CPU view of primary memory
  $01:0000   CPU view, 65C816 high memory
  n:$0000    ANTIC view of primary memory
  v:$00000   VBXE memory
  x:$00000   Extended memory

Szczegóły:

+ ?    Evaluate expression

    Prints the value of an expression.
    
      ? <expression>
      
    The expression may contain the following elements:
    
      iii      Integer
      $hhh     Hex integer
      pc       PC register
      x        X register
      y        Y register
      s        S register
      p        P register
      hpos     ANTIC horizontal position counter
      vpos     ANTIC vertical position counter
      db addr  Read memory byte
      dw addr  Read memory word
      +        Add / unary plus
      -        Subtract / unary minus
      *        Multiply
      /        Divide
      <        Less-than
      <=       Less-equal
      >        Greater-than
      >=       Greater-equal
      =        Equal
      !=       Not equal
      
    Symbol names may also be used in expressions, but care should be taken
    to distinguish between "symbol", which evaluates to the symbol's address,
    and "db symbol" or "dw symbol", which reads a byte or word at the address.

+ a    Assemble

    Invoke 6502 miniassembler.
  
      a <address>
    
    Allows entry of 6502 assembly language code starting at a particular
    address. Enter one line at a time, and enter a blank line to end.
    
    Labels may be entered and referenced; created labels are entered into
    the custom symbol table. Labels must be defined before use and forward
    references are not allowed.
    
    Auto-increment syntax is allowed: LDA $1000,X+ -> LDA $1000,X / INX
    
    Statements may be stacked to share an operand: LDA:RNE VCOUNT
    
    Some helper macros supported:
        MVA src dst -> LDA src / STA dst
        MVX src dst -> LDX src / STX dst
        MVY src dst -> LDY src / STY dst
        Rcc -> Bcc *
        Scc:<insn> -> Bcc next / <insn> / next:
        INW/DEW -> INC/DEC / BNE / INC/DEC

+ ba   Break on memory access

    Set or clear a memory access breakpoint.
    
      ba r <address> [L<length>]  (Break on memory read)
      ba w <address> [L<length>]  (Break on memory write)
      ba r/w *         (Clear memory read/write access breakpoints)
      
    Memory access breakpoints cause the emulator to stop whenever the CPU
    core reads or writes a particular address. There can be an unlimited
    number of both read and write breakpoints. If a length greater than 1
    byte is specified, a range breakpoint is created.
    
    DMA accesses, such as by ANTIC or VBXE, do not trip access breakpoints.
    All breakpoints are by CPU address and trip regardless of any
    bankswitching or other memory overlays.
    
    Memory read breakpoints can be tripped by false reads from the CPU core.
    This happens for certain indexed operations. Although generally invisible
    to normal program operation, these false reads are real and can cause
    malfunctions with memory mapped hardware, such as cartridge banking
    registers that are sensitive to reads. False writes are rarer but can
    occur with read/modify/write instructions.
    
    Using * as the address will clear all access breakpoints of the
    indicated type.

+ bc   Clear breakpoint(s)

    Clear PC, memory, or expression breakpoints.
    
      bc <index>     (Clear a breakpoint)
      bc *           (Clear all breakpoints)
    
    Removes a breakpoint by index, or if * is specified, all breakpoints.
    This works for any breakpoint listed by the bl (breakpoint list)
    command.
    
    See also: ba, bp, bl, bx  
      
+ bl   List breakpoints

    Lists all currently set breakpoints.

      bl             (List breakpoints)
      
    Displays a list of all breakpoints. This displayed breakpoint indices
    can be used in other commands such as bc (breakpoint clear).
    
    See also: bc, bl, bp, bx

+ bp   Set breakpoint

    Set a breakpoint at a PC address.
    
      bp <address> ["command"]
      
    Sets a PC breakpoint in the CPU core, which cause the emulator to stop
    when the PC is equal to the address of a breakpoint. There are no
    limits to the number of PC breakpoints. Breakpoints do not modify
    memory and work even after the location has been modified; they also
    fire at an address regardless of any bank switching.
    
    If a command is specified, the command is executed when the breakpoint
    fires. Multiple commands may be specified using ; as a separator.
    The normal breakpoint hit message is suppressed, but execution will
    stop after the commands are executed unless a command is also issued
    to continue execution. This can be used to implement tracepoints.
    
    Example: bp pc "? db(rtclok); g"
    
    See also: ba, bs

+ bx   Break on expression (conditional breakpoint)

    Set a breakpoint conditional on an expression.
    
      bx <expression> ["command"]
      
    Creates a breakpoint that only activates when the expression is true.    
    In addition to the normal expression elements, conditional breakpoints
    may have the following additional clauses:
    
      read=<address>    Read access to address
      write=<address>   Write access to address
      
    The expression must have an identifiable PC, read access, or write
    access check, and only one read or write access may be included.
    
    If there are no other clauses other than a single PC or access check,
    the result is the same as the equivalent bp or ba command.
    
    Examples:
    
      bx "pc=$4000 and y=4"
      bx "write=rtclok+2 and db(rtclok+2)=$04"
      bx "write=rtclok+2 and pc>$c000"
      
    If a command is specified, it is executed when the breakpoint trips;
    see the bp (breakpoint) command for details.
    
    See also: ? (evaluate expression), bp (breakpoint)

+ bs   Break on disk sector

    Set a breakpoint when D1: reads a particular virtual disk sector.
    
      bs <sector>    (Set disk sector breakpoint)
      bs *           (Clear disk sector breakpoint)
      
    Stops emulation when the first disk drive (D1:) receives a request
    to read a particular virtual disk sector.

^ da, db, df, di, dw   Display memory
> da   Display ATASCII string
> db   Display bytes
> df   Display decimal float
> di   Display INTERNAL string
> dw   Display words

    Shows the contents of memory with a particular interpretation.
    
      da <xaddress> [L<length>]   (Display ATASCII string)
      db <xaddress> [L<length>]   (Display bytes)
      df <xaddress> [L<length>]   (Display decimal float)
      di <xaddress> [L<length>]   (Display INTERNAL string)
      dw <xaddress> [L<length>]   (Display words)
      
    Length specifies the number of elements to display.

+ e    Enter (alter) data in memory

    Modifies a block of memory with new data.
    
      e <xaddress> <byte> [<bytes...]

+ g    Go

    Resume execution.
    
      g

+ gf   Go until frame end

    Resume execution until the end of the current frame.
    
      gf
      
    Resumes execution until the beginning of scan line 0 of the next frame.
    If the beam position is currently at the beginning of scan line 0, an
    entire frame is executed.

+ gr   Go until return (step out)

    Resume execution until the current function is exited.
    
      gr
      
    Resumes execution until the stack pointer rises above the level of
    the current function. Any child functions executed due to a JSR
    instruction or an interrupt are run in their entirety.

+ gs   Go until scanline

    Resume execution until the beginning of a particular scanline.
    
      gs <scanline>
      
    If the current scanline is specified, an entire frame is executed.

+ gt   Go with tracing enabled

    Resume execution with per-instruction tracing enabled.
    
      gt
      
    During traced execution, the current beam location, PC, registers, and
    instruction are logged.

+ h    Show CPU history

    Display history of CPU instructions executed.

      h [-i] [-c] [-s <startidx>] [<count> [<pattern>]]
      
      -i: Show only interrupt routine execution
      -c: Compress loops
      -s: Start from position
      <count>: Number of entries to display
      <pattern>: Glob wildcard (?*) to search for
    
    The "record instruction history" setting must be enabled in CPU options
    for the history command to work.
    
    The history UI pane contains a more powerful history preprocessor that is
    also able to identify subroutines and is recommended for serious history
    review.

+ k    Show call stack

    Display a list of return addresses on the stack.
    
      k
      
    The call stack is computed by virtualized execution, so it may be
    incorrect if bankswitching or other complex techniques are involved.
    Note that because return addresses are displayed, the call stack
    will not show parent call sites to children that never return in
    normal execution.

+ lm   List modules

    Displays a list of currently known modules and any loaded symbols.
    
      lm

+ ln   List nearest symbol

    Displays the closest symbol to a given address.
    
      ln <address>
      
    The closest symbol is the one with the highest address that is equal to
    or lower than the given address.

+ r    Registers

    Display or modify register values
    
      r                (Display registers)
      r <reg> <value>  (Modify register)
      
    Registers that can be modified are: PC, A, X, Y, S, and P.

+ s    Step over

    Execute one instruction, stepping over any subroutine calls.
    
      s
      
    This is the same as (t)race, except that if a JSR or an interrupt is
    encountered, execution continues until the subroutine exits.

+ t    Trace (step one instruction) (F11)

    Execute one instruction, stepping into a subroutine or interrupt.
    
      t

+ u    Unassemble

    Disassemble CPU code at a given address.
    
      u <address> [L<length>]

^ vta, vtc, vtl, vtr    Verifier target control
> vta  Verifier target add
> vtc  Verifier target clear
> vtl  Verifier target list
> vtr  Verifier target reset

    Add, clear, or list verifier allowed OS entry targets.
    
      vta <address>    (Add allowed target)
      vtc <address>    (Clear allowed target)
      vtc *            (Clear all allowed targets)
      vtl              (List allowed targets)
      vtr              (Reset allowed targets)
      
    Manages the list of allowed kernel entry targets allowed by the verifier.
    The verifier checks for improper dependencies on internal OS routines
    by forcing a debug break if it sees a control transfer into the OS ROM
    with an entry point not on the allowed target list. This detection may
    misfire with an OS ROM that contains extra entry points or with a routine
    that self-modifies its code with a vector address. The vt* commands allow
    the target list to be modified to exclude valid targets from detection.

^ wb, wc, wl, ww   Watch data
> wb   Watch byte
> wc   Watch clear
> wl   Watch list
> ww   Watch word

    Continuously display the value of a memory location on-screen.
    
      wb <address>     (Watch byte)
      ww <address>     (Watch word)
      wl               (Watch list)
      wc               (Clear all watches)
      
    Watched values are sampled and displayed each frame. Up to eight watches
    can be active at any one time.

^ ya, yc, yd, yr, yw   Manage manual symbol table
> ya   Add manual symbol
> yc   Clear manual symbols
> yd   Delete manual symbol
> yr   Read manual symbol table
> yw   Write manual symbol table

    Add or remove symbols from the manual symbol table.
    
      ya <name> <address> [L<length>]  (Add manual symbol)
      yc                               (Clear manual symbols)
      yd <address>                     (Delete manual symbol)
      yr <filename>                    (Read manual symbol table)
      yw <filename>                    (Write manual symbol table)
      
    The manual symbol table allows on-the-fly naming of addresses in memory.
    Any symbols added to the manual symbol table can be used for address
    specification and decoding as any other symbol.

+ .antic       Display ANTIC status
+ .bank        Show memory bank state

+ .basic       Dump BASIC table pointers

    Displays the addresses and sizes of BASIC tables.
    
      .basic

+ .basic_vars  Dump BASIC variables

    Dumps the contents of the Atari BASIC variable name table (VNT).
    
      .basic_vars
      
    The token and name of each variable is displayed.

+ .beam        Show ANTIC scan position
+ .caslogdata  Toggle verbose cassette data read logging
+ .diskorder   Set forced phantom sector ordering
+ .dlhistory   Show ANTIC display list execution history

    Displays history of display list instructions executed by ANTIC.
    
      .dlhistory
      
    Unlike .dumpdlist, .dlhistory shows past display list history even if
    the display list has been modified in memory. It also shows some
    recorded information not found in the display list itself, such as the
    HSCROL, VSCROL, and DMACTL states when the display list instructions
    were executed.

+ .dma         Show current ANTIC DMA pattern
+ .dumpdlist   Dump ANTIC display list

    Disassemble an ANTIC display list stored in memory.
    
      .dumpdlist [<address>]
      
    If no address is supplied, the current ANTIC display list pointer is
    used.

+ .dumpdsm     Dump disassembly to file

+ .dumpsnap    Create bootable snapshot image

    Create a bootable snapshot image from the current simulator state.
    
      .dumpsnap <path.atr>
      
    Records hardware and memory state to a disk image with a loader that
    restores the state on boot. The snapshot image contains the base 64K
    of memory and requires a 128K system to boot (the extra memory is
    used by the loader). The loader attempts to reconfigure the hardware
    to match the snapshot state and then resume the running program.
    
    Not all state is restored precisely and load success depends on the
    exact state and program code. For best results, the same OS ROM
    should be used, no cartridge should be present, and the snapshot
    should be taken at the beginning of the NMI handler for the vertical
    blank interrupt.

+ .gtia        Display GTIA status
+ .iocb        Display CIO I/O control blocks
+ .loadksym    Load kernel symbols
+ .loadsym     Load module symbols

    Load module symbols from a symbol file.
    
      .loadsym <file>
      
    Two types of symbols are supported. A labels file allows the debugger to
    match addresses to labels, while a listing file permits source-level
    debugging. Both label and listing files can be loaded at the same time,
    and multiple sets of symbols can also be loaded.

+ .map         Show memory map layers

^ .pathdump, .pathrecord, .pathreset, .pathbreak   Manage execution path recording
> .pathdump    Dump disassembly of recorded paths to a file
> .pathrecord  Show or change path recording setting
> .pathreset   Clear recorded paths
> .pathbreak   Toggle break on new path

    Record and dump instruction paths executed by the CPU.

      .pathrecord [on|off] (Show or change path recording setting) 
      .pathreset           (Clear recorded paths)
      .pathdump <file>     (Dump path disassembly to a file)
      .pathbreak [on|off]  (Show or change new path break setting)
    
    Path recording, when enabled, marks the addresses of branch targets
    and subroutines during execution, making it easier to follow
    execution flow in a disassembly and identifying which memory areas
    are confirmed to contain code. When enabled, the diassembly will
    also show pseudo-labels for any addresses not already marked with
    a symbol.
    
    The .pathbreak command permits halting execution whenever a new
    path is encountered. This is handy for identifying the exit path
    in a large frame loop, as the body of the loop can be captured and
    then .pathbreak enabled to capture the exit path.

+ .pclink      Display PCLink status
+ .pokey       Display POKEY status
+ .restart     Restart emulated system

    Performs a cold reset.
    
      .restart

+ .sdx_loadsyms  Load SpartaDOS X symbols

    Loads symbols from the SpartaDOS X symbol table.
    
      .sdx_loadsyms [address]
      
    By default, this follows the symbol chain starting with the pointer
    at address $D4E. An alternate override address for the pointer can
    be specified. The loaded symbols are placed in a module called SDX.
    If this module exists, it is cleared before being reloaded.

+ .sio         Dump SIO parameter block
+ .tracecio    Toggle CIO call tracing
+ .traceser    Toggle serial I/O port tracing
+ .unloadsym   Unload module symbols
+ .vbxe        Display VBXE status
+ .vbxe_bl     Display VBXE blit list (BL)
+ .vbxe_xdl    Display VBXE extended display list (XDL)
+ .vbxe_traceblits    Toggle VBXE blit tracing
+ .vectors     Display kernel vectors

+ .writemem    Write memory to disk

    Write a block of memory to a file on disk.

      .writemem <path> <xaddress> <length>
      
    The address may use extended memory syntax, i.e. v:4000 for VBXE
    memory.

. 
. Some commands support extended memory syntax:
.   $0000      CPU view of primary memory
.   $01:0000   CPU view, 65C816 high memory
.   n:$0000    ANTIC view of primary memory
.   v:$00000   VBXE memory
.   x:$00000   Extended memory
. 
. Some commands support length syntax:
.   db siov L100
.
. Use .help <command> for detailed help on that command. 

Jakie macie doświadczenia?

2

.help NAZWA_KOMENDY
https://www.youtube.com/watch?v=jofNR_WkoCE

3 Ostatnio edytowany przez pajero (2011-09-08 22:00:28)

Tak, odnalazłem całość w żródłach C++ Altirry.

Tylko co dalej, jest gdzieś przykład jak to jeść?

PYTANIA:
1. Jak zmodyfikować wybrany znacznik rejestru P (w Consoli)?
Np. chcę skasować Z=0

Można tak:
r
  (10524:257, 26) PC=F98C A=80 X=7E Y=13 S=F4 P=33 (    ZC)  F98C: CD 0B D4         CMP VCOUNT  [$D40B] = $80
r p 31
r
  (10524:257, 26) PC=F98C A=80 X=7E Y=13 S=F4 P=31 (     C)  F98C: CD 0B D4         CMP VCOUNT  [$D40B] = $80

Ale to nie metoda :(

2. Jak zrobić, by debuger przeskoczył na następny rozkaz, bez sprawdzania znaczników. Czym różni się "s" od "t" ("skip" od "trace")?


3. Jak sprawić, by ustawienia np. breakpointów Altirra zapamiętywała?

4

pajero napisał/a:

Tak, odnalazłem całość w żródłach C++ Altirry.

Tylko co dalej, jest gdzieś przykład jak to jeść?

Ale o sso chodzi?

pajero napisał/a:

PYTANIA:
1. Jak zmodyfikować wybrany znacznik rejestru P (w Consoli)?
Np. chcę skasować Z=0

Można tak:
r
  (10524:257, 26) PC=F98C A=80 X=7E Y=13 S=F4 P=33 (    ZC)  F98C: CD 0B D4         CMP VCOUNT  [$D40B] = $80
r p 31
r
  (10524:257, 26) PC=F98C A=80 X=7E Y=13 S=F4 P=31 (     C)  F98C: CD 0B D4         CMP VCOUNT  [$D40B] = $80

Ale to nie metoda :(

Jak dla mnie jest dość dobra. Możesz też użyć Atari800, który ma komendy zmiany znaczników.

pajero napisał/a:

2. Jak zrobić, by debuger przeskoczył na następny rozkaz, bez sprawdzania znaczników. Czym różni się "s" od "t" ("skip" od "trace")?

r pc adres_nastepnej_instrukcji

Zgaduję, że "step over" (żaden "skip") działa tak jak w wielu innych debuggerach - dla większości instrukcji tak samo jak "trace", różnica jest w pętlach i skokach do procedur - "s" wykona od razu całą pętlę lub procedurę (zatrzyma się na następnej instrukcji).

pajero napisał/a:

3. Jak sprawić, by ustawienia np. breakpointów Altirra zapamiętywała?

Tego nie wiem, ale ostatnio JAC! chwalił się na AtariAge, że jego IDE umożliwia ustawianie breakpointów dla Altirry w edytorze.

https://www.youtube.com/watch?v=jofNR_WkoCE

5 Ostatnio edytowany przez pajero (2011-09-10 20:53:16)

Fox napisał/a:

Zgaduję, że "step over" (żaden "skip") działa tak jak w wielu innych debuggerach - dla większości instrukcji tak samo jak "trace", różnica jest w pętlach i skokach do procedur - "s" wykona od razu całą pętlę lub procedurę (zatrzyma się na następnej instrukcji).

Dzienks za wyjaśnienia....

Rozpisując ww:

Step Into- F11

Polecenie Step Into przechodzi do następnej instrukcji w programie. Jeżeli ta instrukcja wywołuje JSR, Step Into przechodzi do pierwszej instrukcji z tej procedury. Należy używać Step Into w celu znajdowania błędów programu na "mikroskopijnym" poziomie przez przechodzenie przez wszystkie jego instrukcje jedna po drugiej.

Step Over - F10

Polecenie Step Over przechodzi do następnej instrukcji w kodzie. Jeżeli ta instrukcja jest wywołaniem JSR, Step Over "wykonuje ją" i zatrzymuje się na następnej instrukcji bieżącej procedury. Można go używać do znajdowania błędów w programie na nieco wyższym poziomie niż Step Into, przez przechodzenie przez kolejne procedury jako całość.


Run/Break - F8 - stopujemy/wznawiamy program

F9 - w oknie Disassembly za/odznaczamy breakpointy,
To samo co w oknie Consoli wpiszemy "bp adres"


.

6

To mam nowe pytanie o BreakPoint'y

Wprowadzenie:         bp $ADRESS

Czy da radę uruchomić testowany program (F8) by Altirra zatrzymała się na $ADRESS  ??

Przykład:
Na atarce mam prog który wymusza od usera wpisanie linii x-znaków z klawiatury poprzez CIO.
Gdy user wprowadzi - obrabiam dane.
No właśnie, jak zatrzymać Altirrę na ww obróbce?

7

breakpoint za wywolaniem jsr CIO?
nie czaje pytania, wydaje sie za proste...
chodzi ci o wyszukanie tego jsr CIO?

The UNIX Guru`s view of Sex:
unzip; strip; touch; finger; mount; fsck; more; yes; umount; sleep

8

Otóż, breakpointy działają tylko jak emulator jest w trybie debugerra (co logiczne) a CPU ma "stopped" - po wciśnięciu F8.

Wtedy można "stepować" F10,F11. No ale to uciążliwe na dłuższy fragment kodu.
To puszczam F8 - jest "running", ale breakpointy już nie działają = dlaczego?

9

Z pamięci piszę.... może daj "gt" czyli Go with trace ??

Bla bla bla bla, bla bla bla. Bla bla bla - bla - bla. Blabla bleee.

10

Chyba korzystasz z ROMu - dobrze pamiętasz.

Ja to mam chyba pamięć Flaszka, bo często wietrzeje :)

DZIĘKI - teraz jest git :)

11

Byłoby BARDZO FAJNIE gdyby debugger Altirry potrafił pracować z binarkami relokowalnymi, aktualizując sobie listę symboli z listingu widząc odpowiednie nagłówki, bo jak na razie nie wpadł na to, że cokolwiek po nagłówku innym niż $FFFF asemblowane od $0000 jest nieco podejrzane.

.: miejsce na twoją reklamę :.