Breakpoint
u ??????
u ?????? support type
u ?????? virtual breakpoint
u ?????? Set the breakpoint action
u ?????? Condition breakpoint
u ?????? elapsed time
u ?????? breakpoint statistics table
u ?????? breakpoint expression
u ?????? operation breakpoint
u ?????? use embedded breakpoints
?
1 Introduction
Softice can set breakpoints when program running, memory read and write, interrupt, and I / O ports. Softice has assigned a range from 0 to 0 to FF to each breakpoint, you can use breakpoints to set, delete, disable, enable, and modify them.
All SoftICE breakpoints have viscous (original: sticky), that is, unless you use BC or BD command to clear or disable it, Softice will keep track and maintain this breakpoint. Clear breakpoints can be viewed with the BH command, this command displays the history of breakpoint.
Softice can establish 32 break points at the same time, but due to the limitations of the x86 processor, the total number of breakpoints in memory and I / O ports cannot exceed 4.
If there is a symbolic information, you can also use the function name to establish breakpoints. In the source code or mixed mode, you can create a point-and-shoot style breakpoint on the code line. A more useful feature is that you can build a Point-And-Shoot breakpoint before the module is loaded.
?
2. ?? Support type
SoftICE uses the X86 framework to provide a set of powerful breakpoint features:
- EXECUTION BREAKPOINTS: SoftICE replaces an existing instruction with INT3. You can build a run breakpoint with the bpx command.
- Memory Breakpoints: When some of the determined byte / word / double characters are read or run, Softice uses the X86 debug register to enter the interrupt. You can create an internal save point with the bpm command.
- Interrupt Breakpoints: Softice interrupted by modifying the IDT (Interrupt Descriptor Table). The interrupt breakpoint can be established with the bpint command.
--I / o breakpoint (I / O BREAKPOINTS): Softice uses the Pentium and Pentium-Pro CPUs to view the IN and OUT instructions entering a specific port address to achieve interrupts. You can establish an I / O breakpoint with the bpio command.
- Window Message Breakpoints: When a specific or range of messages reach the window, the Softice is interrupted. In fact it is not a basic breakpoint, but only a very convenient breakpoint type built on other breakpoints. You can create a window message breakpoint with a BMSG command.
?
2.1. Breakpoint option
For all breakpoint commands, that is, BPX, BPM, BPIO, and BPINT, Softice allows the command modifier to limit the scope of breakpoints. Allow .t and .p modifiers under Windows NT / 2000 / XP. For example, if the current process ID (PID) is 0x200, you enter bpint.p 2e in Softice, then when the PID is 0x200 encounters INT 2E breakpoint, Softice will pop up; relative, if only use only BPINT 2E, all the processes as long as Int 2e breakpoints, Softice pops up.
Command modifier Description. TH set a breakpoint for the currently active thread. P Set a breakpoint for the process ID of the current activity. A Set a breakpoint for the address context of the current activity. V Set a for the current activity VMM ID breakpoint
Table 1 Softice Command Modifier
?
You can limit the breakpoint by following two options:
- Conditional expression [if expression]: When the expression is non-zero (TRUE), the breakpoint is triggered.
- Breakpoint action [Do "Command1; Command2; ..."]: When the breakpoint is triggered, automatically run a Softice command, you can customize the macro with the user.
?
2.2. Run breakpoint
Run breakpoints in the code function call or statement declaration is interrupted, which is the highest frequency of breakpoints. SoftICE replaces an existing instruction into an int 3 instruction, when running to the INT 3 breakpoint, Softice can obtain control.
Softice provides two ways to establish a run breakpoint: use the mouse and bpx command.
2.2.1. ??? Use the mouse to establish breakpoints
If you use a Pentium processor and a mouse, you can create and clear Point-And-Shoot (Sticky) and One-Shot breakpoints with the mouse. To create a Sticky breakpoint, double-click the code line you want to create, and Softice will highlight this line, indicating that you have built a breakpoint, and double-click again to clear this breakpoint. To create a one-shot breakpoint, click on the line you want to create breakpoints, then build breakpoints with the here command (F7), Softice will run to this line.
?
2.2.2. ??? Use the bpx command to establish breakpoints
Establish a run breakpoint using the bpx command and the parameters followed:
BPX [Address] [if Expression] [Do "Command1; CommanD2; ..."]
For example, establish breakpoints for the application's function WinMain, use this command:
BPX WinMain
Use the BPX command without parameters to create a point-and-shoot run breakpoint for the source code. Press ALT-C to move the cursor to the code window, then use the arrow key to move the cursor to the code line you want to create breakpoint, and finally enter the bpx command (F9). If you want to create breakpoints with a mouse, scroll through the scrolling arrow, then double-click the code row you want to create a breakpoint.
?
2.3. Internal Architecture
The internal memory breakpoint uses the debug register that appears in 386 and the latter series to monitor access to certain memory areas. This breakpoint is very useful when you find a program variable, where you have changed and establish a breakpoint for read-only memory. Because the CPU contains only four debug registers, only four internal storage points can only be established.
Use the bpm command to establish an internal save breakpoint:
BPM [B | W | D] Address [R | W | RW | X] [Debug Register] [IF Expression] [Do "Command1; Command2; ..."]
BPM and BPMB ???? - Create a byte size breakpoint
BPMW ????????????????-create a word size breakpoint
BPMD ????????????????-established a double word size breakpoint
R, W, And rw ????? - When reading, write or read and write
X ???????????????????????? - Interrupt during runtime; because the memory does not change, it is more powerful than BPX, using this option, can be The ROM creates breakpoints on the non-current address.
Debug Register ????? - Which debug register is specified. Softice usually manages these debug registers unless you must manually specify in a special environment.
?
The following example establishes an internal save point, when a double-word variable MyGlobalVariable is set to 5, the interrupt is triggered.
BPMD MYGLOBALVARIABLE w if myglobalvariable == 5
in case
BPM
The specified memory target is often accessed, regardless of whether the expression is false
The performance performance will be reduced.
