The VICE monitor – Pro level breaking

VICE emulator is the leading tool for emulating the c64 on modern hardware. It works really fine, with the option of providing a near perfect emulation. For reversers like myself, the opportunity to be able to intercept the program with breakpoints that the program cannot detect no matter what, is ace. Also being able to set breakpoints in the disk drive can only be done in emulated mode. On the native system, once you have fired custom software into the drive, that is out of reach. It will likely only respond to communication as per the custom software.

So the monitor can do break and watch.

Both “break” and “watch” supports load, store and exec as arguments, so they are in fact the vary same thing. The only difference is that if you skip setting the triggering conditions, then break will trigger on exec and watch will trigger on load and store.

In addition you can add a “condition” (super flexible and granular criteria for triggering) and “command” (trigger a command to be executed at every break.

1) The Command command

“Command” is really handy for watching a particular memory region. Set your breakpoint to where you want it to be and then add a “command” so that it triggers a command after each break. You define the command with which breakpoint it’s supposed to be associated, and then you provide the command you want to execute as a string. Then, when the break executes, your command is executed. A common use case is you want to follow how a value in memory is changing, then you don’t have to type the same command over and over again after the break. Do see the command stacking below as a bonus to the command.

2) Creating scripts

You can record a script file, containing a number of monitor commands after each other (and we are talking about actual commands, and not the command “command” as per the topic above. Use

record “filename”

And then issue the commands one by one.

Issue “stop“, to close the file and stor the recording.

To playback the commands, issue

pb “filename”

The script files don’t have any particular extension and the “stop” command is also included, but in the context of the playback, it doesn’t do anything. You can easily both create and also edit a script file using a normal text editor (and start by removing the stop 😉

3) Combining Command and scripts

It’s also possible to combine the command command with the pb, but this is tricky.

Both pb and command takes a string as an argument, so in case you want to use pb as an argument to command, then you need to put a string inside a string. Use \” to enter the quotation mark of the string inside the string, as per this example:

There is one issue; the command doesn’t provide any output. It seems the output is generated, but never sent to the console. However, when you issue one other command (say “m 1000 1001“) then you first get the result of that command, and then you get the result of the pb command. I’d say this is a bug …

(The above was fixed in bugreport #1150)

4) Strange load/store

This issue was fixed in VICE. You can now select if the dummy read should trigger the break or not. Default is that it doesn’t. The command “dummy” allows you to select the mode you want to work in, and the default is that breaks aren’t triggered on the dummy read. The below is retained for historical purposes only.

The exec command is very straight forward, but there is an issue worth mentioning and that is the triggering of load. That might work in a way you do not expect.

I elaborated over the topic in this thread on the VICE bugtracker thinking it was an error, but in fact this is correct emulation and correct triggering (even if the actual triggering in this case it totally and utterly useless unless you look at scenarios that clear data on read). If you add an index to an absolute instruction (for example “LDA $1000,X”), there is a bogus read on cycle four, and this is triggering the watch command break.

5) Breakpoints and snapshot bug

The combination snapshot and breakpoint was flawed, as per this bug report. It’s now fixed and work properly, but the below is retained for historical purposes.

Create a snapshot (Alt + S in the main window) – now you have a snapshot

Now type in this small piece of code, set a break to 1000 and start it (“g1000”):

So now pressing a key will change the border colour.

Now reset and load the snapshot (ALT+L).

The break point is still listed (type “break”), but it will not trigger.

Edit: When testing this, I get a total error reading back a snapshot and the above behaviour is no longer there. The breakpoint is no longer listed. This might ba a function fixed but that snapshots are broken in the process.

Bonus:
6) Stacking command

Talking with Markus64, he showed that you can stack commands by mearly adding a semicolon between them.

So “m 1000 1010 ; m 1020 1030” works just fine.

Bonus 2:

7) Fixed

VICE traditionally increased the breakpoint counter indefinitely, so when you added and deleted them, they would still increase. Recording a script that sets a break and the associate it with a command, would only work if the current breakpoint counter was the same when the script was launched.

Since a very recent build of VICE, the counter is reset to 1 when there are no remaining breakpoints. Please mind that you can then record a new script that starts with “delete”, removing all breakpoints. Then you are sure that the first one you set is indexed as 1.