0

This is a follow up to my previous question about creating a debugger for C source files in Python. The current issue I am facing is monitoring changes to variables. I want to monitor 8 variables say B, B0...B7. My approach is polling every second where ReadProcessMemory is called. This feels inefficient but it works for programs with longer execution times. I want it to work on source code like:

for (int i = 0; i < 10; i++) {
   B = i;
   printf("B = %d\n", B);
}

I have done research and I found:

  1. Hardware breakpoints. These are not very easy to implement and so far I found they do not work on variable addresses but "line" addresses. Additionally, they can only be used for a maximum of 4 debug registers.
  2. Software breakpoints. This also works on "line" addresses not really for variable addresses and monitoring.
  3. Page guards. Using VirtualProtectEx does not help in my case because this monitors an entire page not just select addresses. So this fires on addresses I am not interested in. Filtering them by matching their addresses to the ones in a list does not work. This is also slow and inefficient.
  4. I would need assstance in understanding whether this answer involving WaitOnAddress or WaitForSingleObject is appropriate to my use case.

FYI this debugger will be for 32 bit programs.

Improve this question
2
  • Configure the x86 debug registers DR0-DR7 as a hardware data breakpoint. Start with querying "how to set an x86 data breakpoint with the win32 api". Once you have some code, post a specific problem. Commented 3 hours ago
  • I recommend writing a minimal reproducible example in C, then port it via ctypes to Python. This isn't simple and we're not doing the work for you, but can help fix problems if you get stuck. Commented 2 hours ago

1 Answer 1

Reset to default
-1

If you want debugger behavior:

Attach as a debugger
Use hardware data breakpoints to monitor the 8 variables
If 4 registers are not enough - dynamically swap/watch only the ones currently in scope or important

For 32-bit processes this approach works well and is widely used.

Improve this answer
Sign up to request clarification or add additional context in comments.

2 Comments

As it’s currently written, your answer is unclear. Please edit to add additional details that will help others understand how this addresses the question asked. You can find more information on how to write good answers in the help center.
This is not as simple as you make it sound. For instance, what criteria/intervals will you use to swap variables, especially for programs with short execution times? Is there a code example you can provide that can provide more clarity?

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.