gregory38
commented
9 years ago @Kingcom I think it is for you.
Kernel space is 512KB, therefore 0xB0000 isn't in the kernel space (otherwise 0xB0000 won't be valid in the first place).
Open root670 opened 9 years ago
gregory38
commented
9 years ago @Kingcom I think it is for you.
Kernel space is 512KB, therefore 0xB0000 isn't in the kernel space (otherwise 0xB0000 won't be valid in the first place).
Kingcom
commented
9 years ago Could it be done through DMA or on the IOP? Currently breakpoints only work for instructions executed by the EE.
root670
commented
9 years ago If I set a data breakpoint in Visual Studio at 0x200b0000, it breaks in memcpy(), and DmaExec() appears to be the function that called it based on the call stack. So it sounds like it is being done through DMA. If I set a data breakpoint in Cheat Engine, this is what I see: http://i.imgur.com/4PFP4Gw.png
If I'm understanding the parameters section correctly, it's doing a write of 0x80 bytes starting at 0x200AFFF0? If breakpoints in the PCSX2 debugger don't support DMA, that would explain why it isn't breaking there.
F0bes
commented
5 months ago I don't know about this issue.
Once you start the DMA transfer, you can't guarantee that it'll write the full QWC. Let's say the guest sets a QWC of 1000 and your breakpoint is at MADR + 500QW. You might not want to immediately break on the write to CHCR, because it could always stall or outright stop the DMA. The guest could also write to QWC while the transfer is happening. But if it does write to that 500th QW, the EE Core would've executed enough instructions that stopping at the current PC wouldn't be valuable to you.
The solution I guess would be to track when CHCR.STR was set and every QW transferred check MADR? What now happens when instant DMA is toggled? It sounds like a (slow) mess.
This is an issue for normal transfers. I can't even imagine trying to make chain mode useful.
If I add a breakpoint at an address in PS2 kernel space, it will not break sometimes. I'm debugging a homebrew cheat engine that gets installed around 0x000b0000, but gets zeroed out by games at certain points. If I place a breakpoint on 0x000b0000 or 0x800b0000, it will only break when my engine is being installed by my loader (it's written to memory in kernel mode), but not when the game zeroes this area out. I verified this by inspection using the memory viewer in the debugger.