|
|
Tested version : 0.140u1
1) can't print global symbols when input this command without any parameter.
debughlp says "symlist : Displays the global symbol table." But printed data is always CPU's symbols even without parameter.
See debugcmd.c:execute_symlist()
Code:
/* validate parameters */
if (!debug_command_parameter_cpu(machine, param[0], &cpu))
return;
if (cpu != NULL)
{
symtable = &cpu->debug()->symtable();
debug_console_printf(machine, "CPU '%s' symbols:\n", cpu->tag());
}
else
{
symtable = debug_cpu_get_global_symtable(machine);
debug_console_printf(machine, "Global symbols:\n");
}
debug_command_parameter_cpu() attempts to return "visible CPU" in case that parameter strings is NULL so that "cpu != NULL" is always TRUE.
Simple solution is that change "cpu != NULL" to "params != 0" (or "params != 0 || cpu != NULL") though.
2) MAME crashes when try to get symbols for Z80 CPU.
I find this problem in bygone. Inputting "symlist maincpu" (or "symlist audiocpu") causes the crash.
This problem happens in the following sequence in execute_symlist()
Code:
/* iterate over symbols and print out relevant ones */
for (symnum = 0; symnum < count; symnum++)
{
const symbol_entry *entry = symtable->find(namelist[symnum]);
assert(entry != NULL);
UINT64 value = entry->value();
/* only display "register" type symbols */
debug_console_printf(machine, "%s = %s", namelist[symnum], core_i64_hex_format(value, 0));
if (!entry->is_lval())
debug_console_printf(machine, " (read-only)");
debug_console_printf(machine, "\n");
}
"value = entry->value()" causes NULL (entry) access after 8-bit register entry ("A", "B", "C", "D", "E", "H", "L", "I", "R").
I guess this is very similar to the problem for Testers Bug ID:4121 - Debugger cannot set 8bit registers with 'do' command.
find() returns NULL when matched hash is not found though. So I doubt the reliability of tagmap in case that a tag is a single character.
See tagmap.h
Code:
INLINE UINT32 tagmap_hash(const char *string)
{
UINT32 hash = (string[0] << 5) + string[1];
char c;
string += 2;
while ((c = *string++) != 0)
hash = ((hash << 5) | (hash >> 27)) + c;
return hash;
}
For example : "a" register, string[0] = 'a', string[1] = '\0' (stopper) but it attemps to calculate a character at "string +=2" (= string[2]) or later.
I don't know C/C++ guarantees a content after stopper character (I think it is "unknown"). But I guess this will be the reason of wrong hash calculation.
[ATTACHED IMAGE]
|
"Any company has no power to stop people emulating"
MAME is the emulator of no giving in the pressure from any company even if they don't allow
|
|
|
|
Simple solution is that add "if (strlen(string) > 1)" to tagmap_hash().
Code:
INLINE UINT32 tagmap_hash(const char *string)
{
UINT32 hash = (string[0] << 5) + string[1];
char c;
if (strlen(string) > 1)
string += 2;
while ((c = *string++) != 0)
hash = ((hash << 5) | (hash >> 27)) + c;
return hash;
}
OK, symlist command doesn't cause the crash and do command recognizes 8-bit registers.
But I think it's better to add "length" variable into tagmap_entry then read it directly instead of using strlen() in tagmap_hash(). (It's complete my error!)
BTW, GFX viewer crashes when you select "TMAP" section in bygone with multithreading = 1. Someone confirmed?
This option is demon's gate for me because internal debugger freezes and ktiger/twincobr crashes at boot though...
[ATTACHED IMAGE - CLICK FOR FULL SIZE]
Edited by ShimaPong (11/28/10 04:21 PM)
|
"Any company has no power to stop people emulating"
MAME is the emulator of no giving in the pressure from any company even if they don't allow
|
|
|
Re: Debugger command 'symlist' bugs
[Re: ShimaPong]
#239797 - 11/26/10 05:07 PM
|
|
|
ShimaPong
why don't you make your own cheat.dat publicly , in order to help all the members of the community here?
|
|
|
|
Re: Debugger command 'symlist' bugs
[Re: pepinos]
#239804 - 11/26/10 07:50 PM
|
|
|
Maybe the teasing is his own personal retaliation because the Japs lost the war. Who knows... 
|
|
|
|
|
bygone freezes in the following screen.
1) Game over
2) Finished name entry
3) Selected continue or not
4) "Player X Start" screen in re-starting after the softreset
The trigger of freeze for case 4 is "softreset" which original doesn't have so that it is special case though.
But from the view of one of cheat searcher, softreset is often used so that it is very serious problem.
Infinite loop happens in the following routine.
Code:
860D: C9 ret
860E: 4F ld c,a
860F: 3A 82 F0 ld a,($F082)
8612: CB 5F bit 3,a
8614: C0 ret nz
8615: 21 FF E7 ld hl,$E7FF
8618: 7E ld a,(hl)
8619: 71 ld (hl),c
861A: BE cp (hl)
861B: 32 A3 F0 ld ($F0A3),a
861E: 28 FA jr z,$861A
8620: C9 ret
It's mysterious routine. $F082 is DIP 3 and $F0A3 is "unknown" RAM and $E7FF is last address of work RAM and ONLY read/write this routine.
1) Check DIP 3-4. Nothing if it's OFF.
2) Load old value from $E7FF then store new value.
3) Check old vs new values.
4) Store old value into $F0A3.
5) If old != new, return. Otherwise, loop to check new vs new (!) until new != new is TRUE forever....
Old value == new value is trigger for the infinite loop. And no way to restore from infinite loop right now.
DIP 3-4 is 6th unknown item and default is ON. Perhaps it will be "Dont Turn ON/Always Fixed OFF". We know this type DIP in some games.
So default state should be OFF to prevent from freezing.
NOTE : 5th unknown DIP is "Allow Continue".
[ATTACHED IMAGE]
|
"Any company has no power to stop people emulating"
MAME is the emulator of no giving in the pressure from any company even if they don't allow
|
|
|
|
Bygone doesn't use standard character code for ascii so that it is hard to find strings.
So I add new debugger command "edump" (Extended DUMP).
- Added "code" option to adjust a character for ascii.
- Added default output filename with ".dump"
- Added new class "edump_manager" and it keeps some data (filename, width, ascii and code)
- Auto calculated length via address_map_entry.
This command can omit filename and length. Filename is auto created based on the gamename. In case of bygone, it is "bygone.dump".
Also length. It is automatically calculated offset you input. For example, if you input "edump 0" (0 is "offset"), edump calculates the length as 0xE000 ($0000 -$DFFF is entried as ROM region).
The writing style is 3 patterns
- edump + offset ("edump 1000")
- edump + offset + length ("edump 2000,1000")
- edump + filename + offset + length ("edump test.dump,3000,8000")
"edump info" prints internal data to console view. If you want to change internal data, input "edump ,new_value".
- "edump file,xxxx" = set base filename to output as xxxx (default = .dump)
- "edump width,x" = set width as x (default = 0)
- "edump ascii,0/1" = set print ascii flag as 0 (not printed) or 1 (printed : default)
- "edump code,xx" = set base character code of 'A' (default = 0x41)
As a result of adjusting character code, I find several "readable" strings in bygone.
[ATTACHED IMAGE - CLICK FOR FULL SIZE]
|
"Any company has no power to stop people emulating"
MAME is the emulator of no giving in the pressure from any company even if they don't allow
|
|
|
Re: Debugger command 'symlist' bugs
[Re: ShimaPong]
#239912 - 11/28/10 09:16 PM
|
|
|
|
|
Previous 
Index 
Next 
Threaded 
Debugger command 'symlist' bugs
Reply
[Re: 
