reverse-engineering breakpoints trace disassembly

Tracing with IDA: how to get around the 4 hardware breakpoints limitation?

basically, the code I'm trying to disassemble has some function works like this:

counter=0;
do
{
    counter++;
    *dword*(2A2A2A+counter*64) = v;
}
while (counter<4096)

which created a good number of dups of v.

One or some of them is then accessed later in some fiddling way that I can't work out by reading the assembly, thus I came to the idea of tracing read on those points. However since read points are hardware breakpoints, I can't really set more than 4 of them active at one time - so how do i trace down which routine accessed those "v"s?

any suggestion is deeply appreciated.

Solution

IDA 6.3 adds page-level breakpoints which allow you to monitor any memory range for access.

Why does dup2(2) function has no effect here?
How can an Android app receive UI updates without HTTP requests?
What does "0010 ^0.16 ___u8_ iv;" in Hex-Rays IDA Pro mean?
What Does the "Arguments" Field in the Functions Tab of IDA Represent?
whatsapp sniffing ssl traffic with wireshark
Reverse engineer LCD Protocol used in MPC2000XL
Hibernate Duplicate class name exception
How to analyze binary file?
Get a look at the temporary files a process creates
How to put password on apk?
Unable to Intercept Requests with Mitmproxy: Getting "502 Bad Gateway" Error
Modded APK displaying errors with minimal edits
How to debug a windows driver with IDA and use its corresponding IDB?
How to avoid reverse engineering of an APK file
Getting the exact timestamp of a Stack Exchange chat message
Is it possible to define a C++ function where one parameter is passed via the EAX register?
How to create a Datasheet for Elden Ring Save-Files
Which is the path of the libapp.so in flutter apps?
How do I detect if there is a CRC in a sequence of bytes?
How do I organize my binary parser's code?
Get timestamp from old data file
Is it possible to binary patch an uncritical compare instruction of /boot/vmlinuz and make it run as normal？
How does the following code detect hooking in iOS?
Shellcode stub got exited right after executed in Buffer Overflow Exploitation
How to Read Arguments in a Function Call with Frida
How to decompile DEX into Java source code?
What's the purpose of this [1] at the end of struct declaration?
How I can find all unused import programmatically?
How to rename dynamic symbols in arm elf .so file?
how do i convert Smali files to readable classes