Board view
Mix viewdebugxv - how to use I/O watchpoint? (Users)
posted by tom 
, Germany (West), 10.04.2025, 18:27
(edited by tom on 10.04.2025, 19:29)
> > While true for the debug registers, the CPU also supports the I/O map
> where
> > for
> > every I/O address you can define allowed or disallowed.
>
> Well, since we're now at the state of "claiming the obvious": the IO
> permission bitmap won't work in real-mode or PL0 protected-mode. In
> protected-mode PL3 it requires IOPL < 3.
True. It would require some sort of cooperation from JEMM386.
> > Debuggers like SoftICE have supported this for ages...
>
> Thanks for the promotion... I once tried it and was disappointed ( can't
> remember why, but most likely because it didn't support protected-mode ).
True. SoftICE was one of the first protected mode programs x386 *at all* (and I was one of the first few customers of it for amazing €386).
It only learned to debug protected mode programs as SoftICE/W for Windows, many years later.
In it's form for real mode/VM it was an extremely powerfull debugger; parts of it still not seen anywhere else. Like
BPX 60:123 "break if 60:123 is executed" (the first 4 using debug registers,
more using INT3)
BPX 4321:1234 5000:0 TW
"trace execution in a certain address range if instruction executes a write operation" (implemented by setting no-execute
for some pages, filtering actual interrupts by CS:IP)
BPDW 123:4320 "breakpoint if DW 123:4320 is Written" (or read or accessed)
BPIO 3F8 RW
"trace I/O address 3F8 access (read, write, or read/write)
BPINT 3F AH=17
"break on interrupt 31 if AH==17"
where "trace" meant "keep the last few thousand instructions and register content in store for the moment execution breaks"
that's how I found bugs in foreign programs, corrupting MCB structures
and many more ...
It was even available for WinNT, used to debug the Windows kernel and drivers.
Quite pricy at almost 2K$, but worth every cent if you value your time != zero.
Edited to add All the tracing was done in "close to normal speed", i.e. it wasn't single stepping in software, but used 386 features to run even "trace everything inside the kernel (and only the kernel) until you hit INT13/write sector or access some I/O address" in close to normal speed.
Complete thread:
- debugxv - how to use I/O watchpoint? - RayeR, 08.04.2025, 10:44 (Users)
![[Board]](img/board_d.gif "Open in board view")
![[Mix]](img/mix_d.gif "Open in mix view")
- debugxv - how to use I/O watchpoint? - Japheth, 08.04.2025, 12:30
- debugxv - how to use I/O watchpoint? - RayeR, 08.04.2025, 14:11
- debugxv - how to use I/O watchpoint? - Japheth, 09.04.2025, 05:53
- debugxv - how to use I/O watchpoint? - RayeR, 09.04.2025, 11:19
- debugxv - how to use I/O watchpoint? - Japheth, 09.04.2025, 16:33
- debugxv - how to use I/O watchpoint? - RayeR, 09.04.2025, 20:08
- debugxv - how to use I/O watchpoint? - RayeR, 11.04.2025, 06:14
- debugxv - how to use I/O watchpoint? - Japheth, 11.04.2025, 09:10
- debugxv - how to use I/O watchpoint? - RayeR, 12.04.2025, 05:59
- debugxv - how to use I/O watchpoint? - Japheth, 12.04.2025, 09:16
- debugxv - how to use I/O watchpoint? - RayeR, 12.04.2025, 15:02
- debugxv - how to use I/O watchpoint? - Japheth, 12.04.2025, 16:58
- debugxv - how to use I/O watchpoint? - rr, 12.04.2025, 18:10
- debugxv - how to use I/O watchpoint? - rr, 12.04.2025, 19:05
- debugxv - how to use I/O watchpoint? - rr, 12.04.2025, 20:11
- debugxv - how to use I/O watchpoint? - RayeR, 13.04.2025, 07:12
- debugxv - how to use I/O watchpoint? - ecm, 13.04.2025, 14:13
- speedsys.exe packed - ecm, 13.04.2025, 14:25
- speedsys.exe packed - ecm, 13.04.2025, 14:32
- speedsys.exe packed - RayeR, 15.04.2025, 06:43
- speedsys.exe packed - ecm, 13.04.2025, 14:32
- speedsys.exe packed - ecm, 13.04.2025, 14:25
- debugxv - how to use I/O watchpoint? - ecm, 13.04.2025, 14:13
- debugxv - how to use I/O watchpoint? - rr, 12.04.2025, 19:05
- debugxv - how to use I/O watchpoint? - Japheth, 12.04.2025, 09:16
- debugxv - how to use I/O watchpoint? - RayeR, 12.04.2025, 05:59
- debugxv - how to use I/O watchpoint? - Japheth, 11.04.2025, 09:10
- debugxv - how to use I/O watchpoint? - Japheth, 09.04.2025, 16:33
- debugxv - how to use I/O watchpoint? - tom, 09.04.2025, 21:06
- debugxv - how to use I/O watchpoint? - Japheth, 10.04.2025, 13:14
- debugxv - how to use I/O watchpoint? - tom, 10.04.2025, 18:27
- debugxv - how to use I/O watchpoint? - Japheth, 10.04.2025, 13:14
- debugxv - how to use I/O watchpoint? - RayeR, 09.04.2025, 11:19
- debugxv - how to use I/O watchpoint? - Japheth, 09.04.2025, 05:53
- debugxv - how to use I/O watchpoint? - RayeR, 09.04.2025, 02:58
- debugxv - how to use I/O watchpoint? - Japheth, 09.04.2025, 05:50
- debugxv - how to use I/O watchpoint? - RayeR, 08.04.2025, 14:11
- debugxv - how to use I/O watchpoint? - Japheth, 08.04.2025, 12:30
