From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (qmail 67891 invoked by alias); 12 Nov 2015 16:14:42 -0000 Mailing-List: contact gdb-help@sourceware.org; run by ezmlm Precedence: bulk List-Id: List-Subscribe: List-Archive: List-Post: List-Help: , Sender: gdb-owner@sourceware.org Received: (qmail 67845 invoked by uid 89); 12 Nov 2015 16:14:37 -0000 Authentication-Results: sourceware.org; auth=none X-Virus-Found: No X-Spam-SWARE-Status: No, score=1.4 required=5.0 tests=AWL,BAYES_40,KAM_LAZY_DOMAIN_SECURITY,RCVD_IN_DNSWL_NONE autolearn=no version=3.3.2 X-HELO: p3plwbeout03-04.prod.phx3.secureserver.net Received: from p3plsmtp03-04-2.prod.phx3.secureserver.net (HELO p3plwbeout03-04.prod.phx3.secureserver.net) (72.167.218.216) by sourceware.org (qpsmtpd/0.93/v0.84-503-g423c35a) with (AES128-SHA encrypted) ESMTPS; Thu, 12 Nov 2015 16:14:36 +0000 Received: from localhost ([72.167.218.133]) by p3plwbeout03-04.prod.phx3.secureserver.net with bizsmtp id ggEa1r0022tGlPL01gEapb; Thu, 12 Nov 2015 09:14:34 -0700 X-SID: ggEa1r0022tGlPL01 Received: (qmail 28993 invoked by uid 99); 12 Nov 2015 16:14:34 -0000 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" User-Agent: Workspace Webmail 5.15.9 Message-Id: <20151112091432.5c1bb9f86d671edec44bb378f25c04cc.fb8bf6e151.wbe@email03.secureserver.net> From: To: "taylor, david" , "gdb@sourceware.org" Subject: RE: (hardware) watchpoints and actions Date: Thu, 12 Nov 2015 16:14:00 -0000 Mime-Version: 1.0 X-IsSubscribed: yes X-SW-Source: 2015-11/txt/msg00020.txt.bz2 david> Consider a remote target that you are communicating with via the remote protocol. david> If the target's GDB stub does not support breakpoint commands or you wish to run david> a command that is not convertible to a string of agent expression opcodes, then to david> run the command there is a lot of back and forth between GDB and the target. david> Further, GDB must remain connected to the target. david> By contrast, when a tracepoint is hit, there is NO back and forth with GDB. david> GDB might not even be connected to the target. The target executes a series of david> commands that were expressed as strings of agent expression opcodes and arguments. david> A command might be to collect registers, or collect a particular variable or collect david> some stack. After the commands execute the program continues -- there is no david> explicit 'continue' command. Two problems you need to address: a) Most "gdb-server" type things are rather "dumb" they do not know what symbols are. GDB's protocol speaks "address" as an integer like value, not symbolic. GDB's protocol has no idea what base+offset might be. GDB's protocol has no concept of "stack" or "register" based variables. The STUB or GDB-SERVER has no access to the dwarf (or whatever) debug information Example: A linked list, you want to trace some data element, i.e.:=20 trace( listPtr->Data ) At the breakpoint: The variable: "listPtr" might be on the stack or a register The Element "DATA" is at some base + offset Thus you can only trace global variables Secondary problem: Has the compiler optimization updated the global? Or is it still in the register? How do you plan to solve this? I am also ignoring ENDIAN issues here. b) Something in the target must 'interpret' the series of commands to execute when the watch point hits. Your options are: Install a small script interpreter into he gdb-stub/gdb-server=20 This might work for a GDB-SERVER on linux... you have a rich environment. Again - same problems as above (access to debug information) It does not work well for JTAG type GDB-Servers. The other option something like GDB-STUBS (rom-monitor based) solution, when the breakpoint/watchpoint exception occurs For example - you could do sometime of JIT compilation, and download code to the target that executes when the exception occurs. A simple example might be you insert a "JSR my_bp_handler" at the breakpoint location.=20 That JSR/CALL does something special. Questions (only a few) Where do you locate the code it jumps to? Can you modify the code? (is it in FLASH memory, or ReadOnly memory?) Can you modify the memory region attributes (i.e.: MMU bits) that allow execution in that area? ------ Don't get me wrong, I am very aware of the problem you want to solve, and the challenges A good example might be a PID loop motor control, 100 times a second the CPU calculates=20 new motor control variables and must re-write hardware registers otherwise the motor suddenly stops. Other examples might be a network protocol with data flowing... you have overrun and lost packets if you do not respond in time What actually works better is a hardware based trace scheme, and that is *VERY* chip/silicon/vendor specific. One example is the ARM STM (system trace macrocell) But the code that supports this type of stuff often works better if it is compiled into the actual application, which to some degree violates the "do not ship debug code in production code" rule. -Duane.