mirror of
https://github.com/alfishe/amiga-bootcamp.git
synced 2026-06-13 00:26:28 +00:00
21751c0025
Comprehensive technical documentation covering: - Hardware: OCS/ECS/AGA custom chip registers, Copper & Blitter deep dives - Boot sequence: cold boot through startup-sequence - Binary format: HUNK executable spec, relocation, debug info - Linking & ABI: .fd files, LVO tables, register calling conventions - Exec kernel: tasks, interrupts, memory, signals, semaphores - AmigaDOS: file I/O, FFS/OFS layout, CLI/Shell scripting - Graphics: planar bitmaps, Copper programming, HAM/EHB modes - Intuition: screens, windows, IDCMP, BOOPSI - Devices: trackdisk, SCSI, serial, timer, audio, keyboard - Libraries: utility, expansion, IFFParse, locale, ARexx - Networking: bsdsocket API, SANA-II, TCP/IP stack comparison - Toolchain: GCC, vasm/vlink, SAS/C, NDK, debugging - Reverse engineering: IDA/Ghidra setup, compiler fingerprints, case studies - CPU & MMU: 68040/060 emulation libs, PMMU, cache management - Driver development: SANA-II, Picasso96/RTG, AHI audio All files include breadcrumb navigation. No local paths or proprietary content.
3.1 KiB
3.1 KiB
Enforcer and MungWall — Memory Violation Tracing
Overview
Enforcer (by Michael Sinz) and MungWall are the two canonical Amiga memory debugging tools. They catch illegal memory accesses and heap corruption at runtime, providing the equivalent of AddressSanitizer for AmigaOS.
Enforcer
Enforcer uses the 68020+ MMU (or software patching on 68000) to trap accesses to:
- Address
$0000–$07FF(lower 2 KB — reserved vectors and exec structures) - Odd-addressed word/longword reads
- Accesses above the installed RAM
- Writes to ROM addresses
Installation
; AmigaOS Shell:
run enforcer
; or for logging:
run enforcer QUIET LOG enforcer.log
Enforcer patches the BusError exception vector ($8). Any illegal access causes a bus error, which Enforcer catches, logs, and (usually) continues.
Output Format
ENFORCER HIT: by Unknown (Task: "DPaint" at $001234AB)
Program Counter: $0023AB12
Address Accessed: $0000012C (read longword)
Stack Dump: $001234C0 $0001A2B4 ...
- Program Counter — instruction that caused the hit
- Address Accessed — illegal address
- Cross-reference PC against
HUNK_SYMBOLnames or IDA disassembly
Common Causes
| Hit Pattern | Likely Cause |
|---|---|
Access to $0–$3FF |
NULL pointer dereference |
Access to $4 (SysBase) without read |
Null exec base |
| Odd address read (word/long) | Misaligned pointer |
Access to $B80000–$BFFFFF |
CIA access without correct alignment |
Write to ROM $F80000+ |
Write to Kickstart ROM |
MungWall
MungWall fills AllocMem() allocations with a known pattern ($ABADCAFE) and adds guard longwords before and after each block ($DEADBEEF). On FreeMem(), it verifies the guards.
What It Catches
- Heap underrun — write before the allocated block (guard before = corrupted)
- Heap overrun — write past the end of block (guard after = corrupted)
- Use after free — block is filled with
$DEADBEEFon free; reads from it will fail if Enforcer is also running
Installation
run mungwall
Output on Corruption
MUNGWALL: Block $001A2000 (size 128) has been overwritten!
Header guard: OK
Trailer guard: CORRUPTED at +132
Caller: $0023BC44 (FreeMem called from here)
Combined Workflow
run mungwallfirst — patches AllocMem/FreeMemrun enforcer— adds MMU-level illegal access detection- Launch the suspect program
- Any crash produces Enforcer + MungWall output on the serial port /
enforcer.log - Cross-reference the PC value with
HUNK_SYMBOLor IDA to find the exact line
Serial Port Logging
Both tools output via kprintf to serial port (115200 8N1). Capture on host:
# macOS / Linux:
screen /dev/cu.usbserial-XXXX 115200
# or
minicom -D /dev/cu.usbserial-XXXX -b 115200
References
- Enforcer: Michael Sinz — available on Aminet (
util/misc/Enforcer.lha) - MungWall: original CBM debug tool, available on Aminet
dynamic/serial_debug.md— serial output setup- Amiga ROM Kernel Reference Manual: Libraries — exec memory management