dan/Cosmos
1
0
Fork 0
mirror of https://github.com/danbulant/Cosmos synced 2026-05-19 20:39:01 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions
Cosmos/Docs/Debugger/Int1Notes.html
kudzu_cp 3f816a7507
2012-01-22 17:52:03 +00:00

210 lines
14 KiB
HTML
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title></title>
</head>
<body>
<div class="post-header"
style="color: rgb(0, 0, 0); font-family: 'Times New Roman'; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; line-height: normal; orphans: 2; text-align: -webkit-auto; text-indent: 0px; text-transform: none; white-space: normal; widows: 2; word-spacing: 0px; -webkit-text-size-adjust: auto; -webkit-text-stroke-width: 0px; font-size: medium; ">
<p>
<em>This website was offline so the content is cached here</em></p>
<h1>
Debugger and Breakpoints</h1>
<div id="single-date" class="date">
<span>2011</span><span class="Apple-converted-space">&nbsp;</span>January 12</div>
</div>
<div class="meta clear"
style="color: rgb(0, 0, 0); font-family: 'Times New Roman'; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; line-height: normal; orphans: 2; text-align: -webkit-auto; text-indent: 0px; text-transform: none; white-space: normal; widows: 2; word-spacing: 0px; -webkit-text-size-adjust: auto; -webkit-text-stroke-width: 0px; font-size: medium; ">
<div class="tags">
</div>
<div class="author">
by Yash</div>
</div>
<div class="entry clear"
style="color: rgb(0, 0, 0); font-family: 'Times New Roman'; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; line-height: normal; orphans: 2; text-align: -webkit-auto; text-indent: 0px; text-transform: none; white-space: normal; widows: 2; word-spacing: 0px; -webkit-text-size-adjust: auto; -webkit-text-stroke-width: 0px; font-size: medium; ">
<p>
A breakpoint is a mechanism to pause a program execution for further analysis
during runtime to identify run-time errors. Pausing is required to examine the
run-time values of variables. Examining these variables is possible only if they
are valid in the current context. Various options will be provided for developer
by debugger to examine the details of running program to identify run-time
errors including CPU registers, call stack, memory dump and other debugger
supported features.</p>
<p style="text-align: center; ">
<strong>x86 Hardware provided</strong></p>
<p>
x86 architecture provides interrupt INT 1, INT 3 and Debug registers which helps
debuggers to implement breakpoints.</p>
<p style="padding-left: 30px; ">
<strong>INT 1 0xCD01 :</strong><span class="Apple-converted-space">&nbsp;</span>Single
step interrupt provided by x86, where program can be debugged single instruction
at a time. This handler is implemented by operating system and provides high
level API for debugger development.</p>
<p style="padding-left: 30px; ">
To perform single step on process, debugger need to attach with admin privilege.
Debugger need to set Trap Flag (TF) in EFLAGS register. By enabling this flag,
debugger gets control from the CPU before executing each instruction. Debugger
will give control to developer either in assembly instructions or source code
level if it has debugging information. Debugger will give various options for
developer for continuing the execution of code after examining the variable
values.</p>
<p style="padding-left: 30px; ">
Trap Flag(TF) is fully under control of Debugger, it can enable or disable this
flag based on various options provided by debugger including software and
conditional breakpoints.</p>
<p style="padding-left: 30px; ">
<strong>INT 3 0xCC :</strong><span class="Apple-converted-space">&nbsp;</span>Break
point interrupt is provided by x86, where debugger can place this anywhere
inside the program execution. This opcode 0xCC can be placed by developer
directly inside a program ( ex: __asm int 3 in a C/C++ code ), this instruction
will be identified by CPU during execution of a program and transfers control to
a debugger if its running. If the program is not running inside a program,
operating system will execute default handler i.e to terminate the program.</p>
<p style="padding-left: 30px; ">
Opcode 0xCC can be used by IDE debugger to implement software based breakpoints.
If a developer inserts IDE based breakpoint, internally IDE can this one byte
instruction in the code, once IDE gets control from CPU, it will remove this one
byte instruction and replace with original instruction and allow developer to
examine the program variables. One byte opcode will make easy to insert
instruction anywhere in program without much difficulty.</p>
<p style="padding-left: 30px; ">
<strong>Debugger Registers:<span class="Apple-converted-space">&nbsp;</span></strong>x86
provides 8 debug registers DB0 to DB7 and 2 model specific registers (MSR).
These registers can store either memory address or I/O locations to break the
execution for analysis of a program in a debugger. To perform action on these
registers modifier code must be running kernel mode.</p>
<p style="padding-left: 30px; ">
Only 4 registers can be used to store the memory location address to pause the
execution i.e DRO to DR3, Each of these registers stores the memory address.&nbsp;
After the debugger assigns the memory address, based on the address CPU will
automatically pause the execution and provide the control to the debugger to
help developer to examine the state of the program.&nbsp; These 4 registers
functions based on flags set at DR6 and DR7 registers. DR6 is used as status
register and DR7 is used as control register. DR6 flags will not be cleared by
CPU, callback program need to clear the stack and this will happen only after
exception handler gets the control.</p>
<p>
DR6 has following flags:</p>
<ol>
<li>Bit 0 to 3 (Breakpoint condition detected): Each of this bit indicated which DR
register has triggered breakpoint. If bit 0 is set, it means breakpoint is set
using DR0 register.</li>
<li>Bit 13 (Debug register detected): This bit indicates next instruction in the
execution flow is going to access the debug registers from DR0 to DR7.</li>
<li>Bit 14 (Single Step): This bit indicates that debug exception has generated
since Trap Flag (TF) is set in EFLAGS register.</li>
<li>Bit 15 (Task Switch): This bit indicates debug exception if triggered from a
task switch where Trap Flag (TF) is set.</li>
</ol>
<p>
DR7 register is used as control register. This register will enable or disable
breakpoints with breakpoint conditions. This register has following flags:</p>
<ol>
<li>Bit 0, 2, 4 and 6 (Local Breakpoint): These bits enable the breakpoint for
current task. After breakpoint exception, CPU will clear this flag to prevent
breakpoint in other task.</li>
<li>Bit 1, 3, 5 and 7 (Global breakpoint): These bits enable the breakpoint in all
tasks in the system, after breakpoint exception CPU will not clear this flag to
break in any task globally.</li>
<li>Bit 13 (General detect enable): This bit enables debug register protection which
causes a debug exception before executing MOV instruction to move data to debug
registers.</li>
<li>Bit 16, 17, 20, 21, 24, 25, 28 and 29 (Read/Write): This flag specifies a
condition for each breakpoint. Debug Extension (DE) flag in control register CR4
determines how to interpret these flags. DE flag has following types:<ol>
<li>00 Break on instruction execution only</li>
<li>01 Break on data writes only</li>
<li>10 Break on I/O reads or writes</li>
<li>11 Break on data reads or writes but not instruction fetches</li>
</ol>
</li>
<li>Bit 18, 19, 22, 23, 26, 27, 30 and 31 : These bits helps in identifying the size
of memory location specified in debug registers with following options:<ol>
<li>00 1 byte</li>
<li>01 2 byte</li>
<li>10 undefined</li>
<li>11 4 byte</li>
</ol>
</li>
</ol>
<p style="text-align: center; ">
<strong>Visual Studio C/C++ Breakpoint conditions</strong></p>
<p>
Debuggers have a choice to its own software breakpoints with the help of INT 1
handler and other operating system supported debugging features. VC++ implements
following conditional breakpoints to help</p>
<p>
1. Breaking when it reaches a function: Set a breakpoint for a specific function
by providing a full function name. If its C++ code, then provide along with
class name.</p>
<p>
<img alt="" class="aligncenter size-full wp-image-70" height="225"
src="http://www.yashks.com/wp-content/uploads/2011/01/breakpoint_img_11.png"
title="breakpoint_img_1" width="502" /></p>
<p>
Line number should be relative to Function. Line number which you provide here
should have valid code and you cannot mention to any blank line. You need to
select programming language if you are debugging program for more than one
language.</p>
<p>
2. Breaking in a specific Location in a file: You can set a breakpoint to
specific line within source file by inserting breakpoint.</p>
<p>
<img alt="" class="aligncenter size-full wp-image-71" height="193"
src="http://www.yashks.com/wp-content/uploads/2011/01/breakpoint_img_21.png"
title="breakpoint_img_2" width="502" /></p>
<p>
Specify source filename along with line number. This line number is relative to
source file. You can also specify different version of source file for this
breakpoint.</p>
<p>
3. Breaking when it reaches specified Address: You need to mention runtime
address of a function. To use this type of breakpoint, you start a debugging
with some breakpoint, then go to Dissembler window, look for address and insert
breakpoint.</p>
<p>
4. Breaking when specified variables changes: You can specify to break at a
specific location based on two conditions “Is TRUE” and “Has Changed”.</p>
<p>
<img alt="" class="aligncenter size-full wp-image-72" height="203"
src="http://www.yashks.com/wp-content/uploads/2011/01/breakpoint_img_31.png"
title="breakpoint_img_3" width="424" /></p>
<p>
If you want to check the condition if some pointer variable is NULL, then enter
expression as “ptrBuff == 0″ and check “Is True” option, it breaks it when
variable is 0. Enter expression in “Condition” field and check “Has changed”
option for breaking into code when expression changes.</p>
<p>
5. If you have loop and if you want to break inside loop based on pre-conditions
you can use this conditional breakpoint. It provides four options:</p>
<ul>
<li>Break always</li>
<li>Break when hit count is equal to “Some number”</li>
<li>Break when hit count is multiple of “Some number”</li>
<li>Break when hit count is greater or equal to “Some number”</li>
</ul>
<p>
<img alt="" class="aligncenter size-full wp-image-73" height="180"
src="http://www.yashks.com/wp-content/uploads/2011/01/breakpoint_img_41.png"
title="breakpoint_img_4" width="408" /></p>
<p>
6. Breakpoint filter based on Machine name, ProcessID, ProcessName, ThreadId,
ThreadName with combination of one or more conditions using ||, &amp; and !</p>
<p>
<img alt="" class="aligncenter size-full wp-image-74" height="335"
src="http://www.yashks.com/wp-content/uploads/2011/01/breakpoint_img_51.png"
title="breakpoint_img_5" width="412" /></p>
<p>
7. You can print TRACE info in debug window along with built-in macro condition.
You have option to continue execution automatically or you can execute the macro
and break into code.</p>
<p>
<img alt="" class="aligncenter size-full wp-image-75" height="360"
src="http://www.yashks.com/wp-content/uploads/2011/01/breakpoint_img_61.png"
title="breakpoint_img_6" width="425" /></p>
</div>
</body>
</html>
Reference in a new issue View git blame Copy permalink