The debugger supports breakpoints and watchpoints, but I had the following issues while using it:
Breakpoints only support exact address matches. Putting a breakpoint on a physical address won't trigger the debugger when that address is executed from a virtual address (most noticeable in the case of a TLB lookup).
Watchpoints only support exact address matches. This is the same issue as described above for breakpoints.
Watchpoints do not support memory accesses via DMA. There are a few DMA controllers in RCP and support is needed for all of them.
Watchpoints only support read/write accesses in 64-bit blocks. It would be nice to allow users to specify an address range that potentially spans multiple blocks. This is essential for DMA support, which has variable length.
Plugins do not notify the emulator of any DMA or direct RDRAM access, which means the RDRAM access from them will ignore the active watchpoints.
IIRC, some components like RDP have direct access to RDRAM without a DMA. But this also includes the hidden bit for the Z-Buffer, which we can probably ignore.
The first two points are the hardest to deal with. A watchpoint on address 0x8000_1000 will not be triggered by accesses to 0xa000_1000. The only difference between these is that the instruction cache is only enabled on the first. They are otherwise backed by the same memory. Another example of where this is a problem is when you only know the physical address for something (e.g. found with the cheat search or from a GameShark code), the watchpoints will not detect a hit when accessed through the TLB (virtual memory).
Address range mirroring has the same problem; accessing memory through a mirror will not be detected by breakpoints/watchpoints.
I had to make local patches to the source code to work around these problems.
The debugger supports breakpoints and watchpoints, but I had the following issues while using it:
The first two points are the hardest to deal with. A watchpoint on address
0x8000_1000will not be triggered by accesses to0xa000_1000. The only difference between these is that the instruction cache is only enabled on the first. They are otherwise backed by the same memory. Another example of where this is a problem is when you only know the physical address for something (e.g. found with the cheat search or from a GameShark code), the watchpoints will not detect a hit when accessed through the TLB (virtual memory).Address range mirroring has the same problem; accessing memory through a mirror will not be detected by breakpoints/watchpoints.
I had to make local patches to the source code to work around these problems.