erik/acdream
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions 1
acdream/tools/cdb/a6-probe-runner.ps1
Erik d0c8c54d96 fix(cdb): A6.P1 — v1 dry-run lessons + v2 prep tooling 
Dry-run of scenario 1 (retail-v1-broken-offsets.log preserved as
audit trail) surfaced three issues with the v1 cdb script:

1. STACK-ARG OFFSETS WRONG: BP actions used arbitrary registers
   (@edx, @edi) to read function args, but __thiscall puts non-this
   args on the stack ([esp+N] after the return address). All 12 BP5
   "adjust_sphere" hits printed Nx=0.0 Ny=0.0 ... — fields not read.
   Fixed by writing a type dumper (a6-types-dump.cdb + runner) that
   uses cdb's `dt` command against the loaded PDB to get authoritative
   struct offsets. v2 probe script (to be written next) will use
   double-indirect reads (dwo(poi(@esp+N)+offset)) with correct
   offsets from the dump.

2. TEE-OBJECT UTF-16 ENCODING: PowerShell's default Tee-Object writes
   UTF-16 LE with BOM, making logs unparseable by grep without
   conversion. Runner now uses Out-File -Encoding ASCII. Sacrifices
   live console echo; use `Get-Content -Tail 50 -Wait` in a separate
   shell if live monitoring is needed.

3. BP6 SYMBOL NOT FOUND: `acclient!CTransition::validate_walkable`
   doesn't exist in the PDB. Decomp at line 272811 has
   `CTransition::check_walkable` — likely the actual name. To be
   verified + fixed in v2.

The BP hit-count distribution from v1 is still meaningful diagnostic
data (14,318 transitional_insert + 16,558 find_collisions + 40
set_contact_plane + 12 adjust_sphere + 1 step_up + 1 set_collide in
a 2-second walk through the inn doorway). Preserved as a baseline
sanity-check the v2 distribution can be diffed against.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
2026-05-21 19:38:31 +02:00

61 lines
2.3 KiB
PowerShell
Raw Blame History

# Phase A6.P1 cdb probe runner — 2026-05-21
#
# Attaches cdb to a live retail acclient.exe with the a6-probe.cdb script.
# Per-scenario usage:
# .\tools\cdb\a6-probe-runner.ps1 -ScenarioTag "scen1_inn_doorway"
#
# Prerequisites (verify before invoking):
# 1. Retail acclient.exe v11.4186 running and in-world (matches refs/acclient.pdb).
# Verify with: py tools\pdb-extract\check_exe_pdb.py "C:\Turbine\Asheron's Call\acclient.exe"
# 2. ACE running locally on 127.0.0.1:9000.
# 3. Retail character at the scenario start position.
#
# Output:
# docs\research\2026-05-21-a6-captures\<ScenarioTag>\retail.log
param(
[Parameter(Mandatory=$true)]
[string]$ScenarioTag
)
$cdbExe = "C:\Program Files (x86)\Windows Kits\10\Debuggers\x86\cdb.exe"
if (-not (Test-Path $cdbExe)) {
Write-Error "cdb.exe not found at $cdbExe. Install Microsoft Store WinDbg (~50 MB)."
exit 1
}
$scriptPath = Join-Path $PSScriptRoot "a6-probe.cdb"
if (-not (Test-Path $scriptPath)) {
Write-Error "a6-probe.cdb not found at $scriptPath."
exit 1
}
$captureDir = Join-Path $PSScriptRoot "..\..\docs\research\2026-05-21-a6-captures\$ScenarioTag"
if (-not (Test-Path $captureDir)) {
New-Item -ItemType Directory -Path $captureDir | Out-Null
}
$logPath = Join-Path $captureDir "retail.log"
# Patch the .cdb script with the scenario-tagged log path (in-place substitution).
$scriptContent = Get-Content $scriptPath -Raw
$patchedScript = $scriptContent -replace '\$\{ARG_LOG_TAG\}', $ScenarioTag
$tempScript = Join-Path $env:TEMP "a6-probe-$ScenarioTag.cdb"
Set-Content -Path $tempScript -Value $patchedScript -Encoding ASCII
Write-Host "Attaching cdb to acclient.exe with scenario tag '$ScenarioTag'..."
Write-Host "Log: $logPath"
Write-Host "(cdb auto-detaches at 50K total hits; or press Ctrl-Break to interrupt.)"
# Capture cdb output to ASCII (not Tee-Object's default UTF-16 LE).
# We sacrifice live console echo for greppable output — A6.P2 analysis
# parses these logs by line and the UTF-16 BOM/NULs make every grep
# pattern unmatch. Use `Get-Content $logPath -Tail 50 -Wait` in a
# separate shell if live monitoring is needed.
& $cdbExe -pn acclient.exe -cf $tempScript 2>&1 | Out-File -FilePath $logPath -Encoding ASCII
Remove-Item $tempScript -ErrorAction SilentlyContinue
Write-Host ""
Write-Host "Capture complete. Log saved to $logPath"
Reference in a new issue View git blame Copy permalink