Anonymous user
Breakpoint: Difference between revisions
m
Text replacement - "~" to "–"
>Bbbbbbbbba (Added a sprinkle of Wiki Magic powder. More is needed.) |
m (Text replacement - "~" to "–") |
||
Line 3:
Since instruction breakpoints are the most common kind of breakpoints, the word "breakpoint" may mean "instruction breakpoint" by default. For example, "a breakpoint at $0040" is understood as a breakpoint that triggers when $0040 is ''executed''. Breakpoints are often set at the entry points of subroutines, in order to analyze their inner workings.
For a Game Boy system, there are two ways to specify the location of a breakpoint. One way is to simply use the [http://gameboy.mongenel.com/dmg/asmmemmap.html Game Boy memory space] of $
When the execution is paused by the debugger, the user is free to use available features of the debugger to inspect the program state at that point, such as the hardware registers, the assembly code around the program counter, and the contents of the [[RAM]].
Line 18:
==Special applications in glitching==
An easy trick to find potential [[arbitrary code execution]] (ACE) exploits is to set a breakpoint on execution of ''any'' address in the range of $
In the below image, the debugger has automatically paused execution and highlighted WRA1:D163 following the use of the [[glitch item]] [[ItemDex/RB:093|8F (0x5D)]]. This means that the game is executing code from $D163, which is a RAM address. By looking in a RAM map, one can see that [https://datacrystal.romhacking.net/wiki/Pok%C3%A9mon_Red/Blue:RAM_map#Player the values here] are the party Pokémon data. Since party Pokémon data are highly controllable by the player, this is indeed an ACE exploit.
|