News: 11 March 2016 - Forum Rules
Current Moderators - DarkSol, KingMike, MathOnNapkins, Azkadellia, Danke

Author Topic: GBA Emulators lacking or am I missing something?  (Read 2159 times)

Bongo`

  • Sr. Member
  • ****
  • Posts: 342
  • Hatred is an illness...I feel your pain.
    • View Profile
    • Dynamic Designs
GBA Emulators lacking or am I missing something?
« on: June 04, 2020, 09:48:24 pm »
I have spent a whole week just about trying to find a decent GBA emulator that debugs AND dumps a trace log to a file similar to Snes9x Debug version. Question to all GBA coders, how do you trace GBA your game's code?
R.I.P Rose Mary C. 11/20/1937 - 2/11/2007
Dynamic-Designs Over 30 years of video game experience!
Completed: Doraemon RPG, Fuzzical Fighter, Gulliver Boy, Just Breed, FEDA, Mystic Ark, Slayers ( Co-op ), Lennus-II
Current: Aretha-2 and many more...

Isao Kronos

  • Hero Member
  • *****
  • Posts: 1291
    • View Profile
Re: GBA Emulators lacking or am I missing something?
« Reply #1 on: June 04, 2020, 11:35:44 pm »
I'm not a GBA coder but you might want to contact the mGBA people about what you need on their discord/github, they might have some insight or know where what you need is.

I say this because the only real GBA emus in town that I know of are mGBA, VBA-M, higan, and no$gba and I really don't know who to contact about the last 3.

FAST6191

  • Hero Member
  • *****
  • Posts: 2810
    • View Profile
Re: GBA Emulators lacking or am I missing something?
« Reply #2 on: June 05, 2020, 09:23:27 am »
For the most part I would have put the GBA (and DS because it fed from it) debug efforts/options at just behind FCEUX (them lacking some of the fun stuff like new executed routine elimination/noting, though you could usually do it manually) and considerably ahead of just about everything else. I will give though that I have not played with the debug SNES emu you mentioned enough to be comfortable with it and not read menus all the time. To that end I don't know if it is a lack of functionality, missed the function on the menu or a difference in workflow. I will say though it is quite doable to start by looking at something in the VRAM, reverting to an earlier state and even if it is one of those weird games that does not DMA, BIOS call (more on that later) or CPU copy data straight from the ROM (all of which is directly mapped in memory for all commercial games anybody cares about) into VRAM and instead will send it to WRAM, do some operations on it and then kick it to VRAM still find yourself looking at a memory grab from the ROM a few minutes later to in turn point your hex editor/tile viewer/whatever at it, or watch functions to determine how they work to in turn write the equivalent of https://www.dragonflycave.com/mechanics/gen-i-capturing .

But yeah the two main debug emulators for most are whatever version of VBA works for them (I have not properly done much with VBA-M of late and its inclusion of debug tools was somewhat lacking* back when, or maybe just being kicked to GDB) and no$gba debug, which on the other hand is great. Some might combo up emulators to gain info to feed to others.

*in case you were unfamiliar then VBA was the major emulator during the GBA lifetime, the GBA being emulated pretty well from day -1 really (its SDK leaked ahead of launch) and pretty good indeed by the point of the NA release. Some years later its author quit and his successors did not do all that much, and by that point there were also a hundred different active forks (linking support which vanilla VBA stated they would not do, link with real GBA, enhanced cheats, couple of debug ones, "smooth", accurate/superior audio, the TAS world had a couple, some for fast computers as this was still the point where you might expect some not to have SSE/SSE2 in their CPU, some bug fix ones, one for more accuracy, one for homebrew debugging, some for better recording options and it goes on for a while). VBA-m then being the project that attempted to merge, or at least take the best bits of, the lot which stuck (there were a few others attempting to merge a few).

https://vba-m.com/ and I quite often link https://www.romhacking.net/documents/361/ as an example in general for tracing for all systems even if it for an older command line based VBA fork (vba-sdl-h manual http://web.archive.org/web/20130215155212/http://labmaster.bios.net.nz/vba-sdl-h/ ).
http://problemkaputt.de/gba.htm#debug is good stuff and its hardware documentation** is some of the best on the GBA http://problemkaputt.de/gbatek.htm
https://mgba.io/tag/debugging/ is more about quirks and oddities in emulation but good reading. The Shrek videos thing is also the only exception to the everything is 32 megs or less, homebrew can vary a bit here (flashcarts, the PCE-CD emulation and pogoshell) but also mostly sticks or can be made to stick to the 32 meg limit.

Not sure what Higan has nowadays for hardcore debugging options but I generally got annoyed at Higan's use and debugging elsewhere did for me.


**the main list
http://problemkaputt.de/gbatek.htm
https://www.cs.rit.edu/~tjh8300/CowBite/CowBiteSpec.htm
http://www.coranac.com/tonc/text/asm.htm
https://blog.quirk.es/2008/12/things-you-never-wanted-to-know-about.html
https://patater.com/gbaguy/gbaasm.htm is very outdated but might as well have something.
http://belogic.com/gba/ is for the audio but there are none better, navigation at the top of the page. If you are interested in audio the vast majority of GBA games (though not as great a majority as the SDAT format on the DS) will use the "sappy" sound format for which you can find many tools and documents on this very site.

Back on topic

Watchpoints are a thing for most of the emulators. Breakpoints too, all the usual suspects save maybe run to line (though you could probably just do a break on execute)
When you say debug logs though most will think you want the BIOS SWI compression call logs as that is what most do. There are even compression tools that will read VBA's output here.
I don't know offhand if the SNES stuff does some kind of self documenting/pipe all output and entered commands to a text file that you pore over after the fact and that is what you are missing but some logs should still be a thing, and for the most part I just note things separately anyway.

Bongo`

  • Sr. Member
  • ****
  • Posts: 342
  • Hatred is an illness...I feel your pain.
    • View Profile
    • Dynamic Designs
Re: GBA Emulators lacking or am I missing something?
« Reply #3 on: June 05, 2020, 11:11:28 am »
Thanks Isao, FAST6191. That is is some really helpful info provided. Some I have run across, others I have not.

Anyway...Yes, FAST, what I seek is a feature the dumps all currently executed instructions, data to a text file for post-execute viewing. So much easier to find what I am looking for this way. Such an underrated feature. I am using No$gba and VBA-m currently. The latter being the closest I have to what I need. I can't seem to set breakpoints. ( Either  I'm too old or too rusty ). I am simply trying to assist an associate as I don't even romhack anymore. Well, I thank you for your input, it was very helpful. Thank you both.
« Last Edit: June 05, 2020, 04:34:00 pm by Bongo` »
R.I.P Rose Mary C. 11/20/1937 - 2/11/2007
Dynamic-Designs Over 30 years of video game experience!
Completed: Doraemon RPG, Fuzzical Fighter, Gulliver Boy, Just Breed, FEDA, Mystic Ark, Slayers ( Co-op ), Lennus-II
Current: Aretha-2 and many more...

FAST6191

  • Hero Member
  • *****
  • Posts: 2810
    • View Profile
Re: GBA Emulators lacking or am I missing something?
« Reply #4 on: June 05, 2020, 07:37:37 pm »
Yeah if you were looking for the equivalent of http://www.fceux.com/web/help/fceux.html?TraceLogger.html I am not sure what we have really on the GBA. You could possibly recreate something of it with watchpoints.

When I started on ROM hacking proper (I am not counting messing around with files on PC games, finding cheat codes on N64 and PC, or poke codes on the C64) I learned on the GBA so its absence never really got felt until I started looking at other systems.

To that end I would always look for, or to make, a result of the action or a precursor to it as a default thing (especially a button press, though do note some devs will debounce controller states every vblank or so) and work backwards from there. Sometimes it might result in a few more steps but usually still well within reasonable hacking session/effort.

I'll not argue that it is not a limitation though if indeed it is one and I am not missing it somewhere in a menu/option. Watching some of the NES people get say the jump routine in a platformer in fairly short order just by doing everything but jump, saying "watch me now" and then jumping is pretty nice. At the same time it is either triggered off a button or* is going to change the contents of the OAM for the sprite in question (which I can view change in real time to tell me what to point at next jump) and thus still falls in short order.

*give or take the "move the world instead" or weird aspects of https://docs.google.com/document/d/1iNSQIyNpVGHeak6isbP6AHdHD50gs8MNXF1GCf08efg/pub?embedded=true anyway but messing with BGs is still something I can observe happen a few times and point my viewer at. No doubt we could cook up some scenario where that does not happen or would be useful (hidden flags maybe for an action/payoff hours later) but given ROM hacking abuses probability and is all about the practical then eh.

Oh and I forgot to mention last time that finding the binary is easy enough despite it being an all packed in/incbin style of system for the commercial games. First bytes in the ROM are instructions, these are usually just a jump to the end of the header. You then get some basic IO and usually about 10 instructions into that will be a reference to a location in the 08000000 to 09FFFFFF range and therein lies the binary. Technically you can have game stuff some instructions in either the WRAM or super fast CPU RAM and go from that as well but you will soon learn if it is doing that (or you can set a watchpoint and make sure you grab a RAM snapshot to feed to a disassembler).

Bongo`

  • Sr. Member
  • ****
  • Posts: 342
  • Hatred is an illness...I feel your pain.
    • View Profile
    • Dynamic Designs
Re: GBA Emulators lacking or am I missing something?
« Reply #5 on: June 06, 2020, 10:52:24 am »
 :banghead: <- me after a few hours dealing with GBA debuggers. I suppose if VGA-m is open source, someone could add such a feature to the emulator. It still blows my mind that so many GBA emus exist, yet none saw it important enough to add a trace logger.  :huh: I can't get upset because Im sure I couldn't even write an emulator. I suppose maybe I could stop by it's github and get a copy to see what's happening.
R.I.P Rose Mary C. 11/20/1937 - 2/11/2007
Dynamic-Designs Over 30 years of video game experience!
Completed: Doraemon RPG, Fuzzical Fighter, Gulliver Boy, Just Breed, FEDA, Mystic Ark, Slayers ( Co-op ), Lennus-II
Current: Aretha-2 and many more...

[Unknown]

  • Jr. Member
  • **
  • Posts: 9
    • View Profile
    • PPSSPP
Re: GBA Emulators lacking or am I missing something?
« Reply #6 on: June 06, 2020, 05:21:54 pm »
I've never been that into trace logging myself.  Though, logging on breakpoints is very useful.

What I really want is conditional breakpoints, a stack unwinder, and breakpoints that can log (all features of PPSSPP's debugger.)  The VBA-SDL-H debugger has "swhere" but it never seems to do anything useful.  Sigh.

That said, I did notice it has a "trace" command.  Just to explain it:

Step 1:
VisualBoyAdvance-SDL-H -d mygame.gba

Step 2:
trace file mytrace.log
trace start

Step 3:
bt 0x08?????? # somewhere you want to get to
c

Step 4:
# Once it breaks.
trace stop
q

For me, this produced a file like this:

Code: [Select]
08000000 ea00002e b $080000c0                     R00=00000000 R01=00000000 R02=00000000 R03=00000000 R04=00000000 R05=00000000 R06=00000000 R07=00000000 R08=00000000 R09=00000000 R10=00000000 R11=00000000 R12=00000000 R13=03007f00 R14=00000000 R15=08000004
080000C0 e3a00012 mov r0, #0x12                   R00=00000000 R01=00000000 R02=00000000 R03=00000000 R04=00000000 R05=00000000 R06=00000000 R07=00000000 R08=00000000 R09=00000000 R10=00000000 R11=00000000 R12=00000000 R13=03007f00 R14=00000000 R15=080000c4
080000C4 e129f000 msr cpsr_fc, r0                 R00=00000012 R01=00000000 R02=00000000 R03=00000000 R04=00000000 R05=00000000 R06=00000000 R07=00000000 R08=00000000 R09=00000000 R10=00000000 R11=00000000 R12=00000000 R13=03007f00 R14=00000000 R15=080000c8
...

And that seems like what you're after?

Not sure how to load symbols into this thing.  I wrote a little static analyzer to figure out where functions are, nocash can read it but there are definitely pros and cons between the debuggers.

-[Unknown]

Pennywise

  • Hero Member
  • *****
  • Posts: 2311
  • I'm curious
    • View Profile
    • Yojimbo's Translations
Re: GBA Emulators lacking or am I missing something?
« Reply #7 on: June 06, 2020, 06:05:48 pm »
So, I don't have any experience with GBA emulators, but I've had to switch between emulators for debugging and tracing for the GB. I use the multi-system emulator Bizhawk for my GB tracing and I'm pretty sure trace logging is a standard feature for all its emulation cores.

Bongo`

  • Sr. Member
  • ****
  • Posts: 342
  • Hatred is an illness...I feel your pain.
    • View Profile
    • Dynamic Designs
Re: GBA Emulators lacking or am I missing something?
« Reply #8 on: June 07, 2020, 01:25:00 pm »
I've never been that into trace logging myself.  Though, logging on breakpoints is very useful.

What I really want is conditional breakpoints, a stack unwinder, and breakpoints that can log (all features of PPSSPP's debugger.)  The VBA-SDL-H debugger has "swhere" but it never seems to do anything useful.  Sigh.

That said, I did notice it has a "trace" command.  Just to explain it:

Step 1:
VisualBoyAdvance-SDL-H -d mygame.gba

Step 2:
trace file mytrace.log
trace start

Step 3:
bt 0x08?????? # somewhere you want to get to
c

Step 4:
# Once it breaks.
trace stop
q

For me, this produced a file like this:

Code: [Select]
08000000 ea00002e b $080000c0                     R00=00000000 R01=00000000 R02=00000000 R03=00000000 R04=00000000 R05=00000000 R06=00000000 R07=00000000 R08=00000000 R09=00000000 R10=00000000 R11=00000000 R12=00000000 R13=03007f00 R14=00000000 R15=08000004
080000C0 e3a00012 mov r0, #0x12                   R00=00000000 R01=00000000 R02=00000000 R03=00000000 R04=00000000 R05=00000000 R06=00000000 R07=00000000 R08=00000000 R09=00000000 R10=00000000 R11=00000000 R12=00000000 R13=03007f00 R14=00000000 R15=080000c4
080000C4 e129f000 msr cpsr_fc, r0                 R00=00000012 R01=00000000 R02=00000000 R03=00000000 R04=00000000 R05=00000000 R06=00000000 R07=00000000 R08=00000000 R09=00000000 R10=00000000 R11=00000000 R12=00000000 R13=03007f00 R14=00000000 R15=080000c8
...

And that seems like what you're after?

Not sure how to load symbols into this thing.  I wrote a little static analyzer to figure out where functions are, nocash can read it but there are definitely pros and cons between the debuggers.

-[Unknown]

Ahhh, this looks promising. Many darn versions of this emulator indeed. I am using VBA-m and that does not support what this posted version supports. Excellent! Thanks for pointing this out. I will definitely give it a try.

June 07, 2020, 01:25:52 pm - (Auto Merged - Double Posts are not allowed before 7 days.)
So, I don't have any experience with GBA emulators, but I've had to switch between emulators for debugging and tracing for the GB. I use the multi-system emulator Bizhawk for my GB tracing and I'm pretty sure trace logging is a standard feature for all its emulation cores.

How's it going, Pennywise. Thanks for the suggestion. i just D/L'd the emu and will have a look at it to see what it can do. Thank you very much!

UPDATE:
I tried both utils but neither function the way I would like. Funny thing thiugh. I actually found exactly what I was looking for on this site. A util by "g8z et al"

http://www.romhacking.net/utilities/340/
« Last Edit: June 08, 2020, 07:34:16 am by Bongo` »
R.I.P Rose Mary C. 11/20/1937 - 2/11/2007
Dynamic-Designs Over 30 years of video game experience!
Completed: Doraemon RPG, Fuzzical Fighter, Gulliver Boy, Just Breed, FEDA, Mystic Ark, Slayers ( Co-op ), Lennus-II
Current: Aretha-2 and many more...