Go to the previous, next section.

Getting In and Out of

This chapter discusses how to start , and how to get out of it. (The essentials: type `' to start GDB, and type quit or C-d to exit.)


Invoke by running the program . Once started, reads commands from the terminal until you tell it to exit.

You can also run with a variety of arguments and options, to specify more of your debugging environment at the outset.

The most usual way to start is with one argument, specifying an executable program:


You can also start with both an executable program and a core file specified:

 program core

You can, instead, specify a process ID as a second argument, if you want to debug a running process:

 program 1234

would attach to process 1234 (unless you also have a file named `1234'; does check for a core file first).

Taking advantage of the second command-line argument requires a fairly complete operating system; when you use as a remote debugger attached to a bare board, there may not be any notion of "process", and there is often no way to get a core dump.

You can further control how starts up by using command-line options. itself can remind you of the options available.



to display all available options and briefly describe their use (` -h' is a shorter equivalent).

All options and command line arguments you give are processed in sequential order. The order makes a difference when the `-x' option is used.

The debugging stub is specific to the architecture of the remote machine; for example, use `sparc-stub.c' to debug programs on SPARC boards.

These working remote stubs are distributed with :

For SPARC architectures.

For Motorola 680x0 architectures.

For Intel 386 and compatible architectures.

The `README' file in the distribution may list other recently added stubs.

What the stub can do for you

The debugging stub for your architecture supplies these three subroutines:

This routine arranges for handle_exception to run when your program stops. You must call this subroutine explicitly near the beginning of your program.

This is the central workhorse, but your program never calls it explicitly--the setup code arranges for handle_exception to run when a trap is triggered.

handle_exception takes control when your program stops during execution (for example, on a breakpoint), and mediates communications with on the host machine. This is where the communications protocol is implemented; handle_exception acts as the representative on the target machine; it begins by sending summary information on the state of your program, then continues to execute, retrieving and transmitting any information needs, until you execute a command that makes your program resume; at that point, handle_exception returns control to your own code on the target machine.

Use this auxiliary subroutine to make your program contain a breakpoint. Depending on the particular situation, this may be the only way for to get control. For instance, if your target machine has some sort of interrupt button, you won't need to call this; pressing the interrupt button transfers control to handle_exception---in effect, to . On some machines, simply receiving characters on the serial port may also trigger a trap; again, in that situation, you don't need to call breakpoint from your own program--simply running `target remote' from the host session gets control.

Call breakpoint if none of these is true, or if you simply want to make certain your program stops at a predetermined point for the start of your debugging session.

What you must do for the stub

The debugging stubs that come with are set up for a particular chip architecture, but they have no information about the rest of your debugging target machine.

First of all you need to tell the stub how to communicate with the serial port.

int getDebugChar()
Write this subroutine to read a single character from the serial port. It may be identical to getchar for your target system; a different name is used to allow you to distinguish the two if you wish.

void putDebugChar(int)
Write this subroutine to write a single character to the serial port. It may be identical to putchar for your target system; a different name is used to allow you to distinguish the two if you wish.

If you want to be able to stop your program while it is running, you need to use an interrupt-driven serial driver, and arrange for it to stop when it receives a ^C (`\003', the control-C character). That is the character which uses to tell the remote system to stop.

Getting the debugging target to return the proper status to probably requires changes to the standard stub; one quick and dirty way is to just execute a breakpoint instruction (the "dirty" part is that reports a SIGTRAP instead of a SIGINT).

Other routines you need to supply are:

void exceptionHandler (int exception_number, void *exception_address)
Write this function to install exception_address in the exception handling tables. You need to do this because the stub does not have any way of knowing what the exception handling tables on your target system are like (for example, the processor's table might be in ROM, containing entries which point to a table in RAM). exception_number is the exception number which should be changed; its meaning is architecture-dependent (for example, different numbers might represent divide by zero, misaligned access, etc). When this exception occurs, control should be transferred directly to exception_address, and the processor state (stack, registers, and so on) should be just as it is when a processor exception occurs. So if you want to use a jump instruction to reach exception_address, it should be a simple jump, not a jump to subroutine.

For the 386, exception_address should be installed as an interrupt gate so that interrupts are masked while the handler runs. The gate should be at privilege level 0 (the most privileged level). The SPARC and 68k stubs are able to mask interrupts themself without help from exceptionHandler.

void flush_i_cache()
Write this subroutine to flush the instruction cache, if any, on your target machine. If there is no instruction cache, this subroutine may be a no-op.

On target machines that have instruction caches, requires this function to make certain that the state of your program is stable.

You must also make sure this library routine is available:

void *memset(void *, int, int)
This is the standard library function memset that sets an area of memory to a known value. If you have one of the free versions of libc.a, memset can be found there; otherwise, you must either obtain it from your hardware manufacturer, or write your own.

If you do not use the GNU C compiler, you may need other standard library subroutines as well; this varies from one stub to another, but in general the stubs are likely to use any of the common library subroutines which gcc generates as inline code.

Putting it all together

In summary, when your program is ready to debug, you must follow these steps.

  1. Make sure you have the supporting low-level routines (see section What you must do for the stub):
    getDebugChar, putDebugChar,
    flush_i_cache, memset, exceptionHandler.

  2. Insert these lines near the top of your program:


  3. For the 680x0 stub only, you need to provide a variable called exceptionHook. Normally you just use

    void (*exceptionHook)() = 0;

    but if before calling set_debug_traps, you set it to point to a function in your program, that function is called when continues after stopping on a trap (for example, bus error). The function indicated by exceptionHook is called with one parameter: an int which is the exception number.

  4. Compile and link together: your program, the debugging stub for your target architecture, and the supporting subroutines.

  5. Make sure you have a serial connection between your target machine and the host, and identify the serial port used for this on the host.

  6. Download your program to your target machine (or get it there by whatever means the manufacturer provides), and start it.

  7. To start remote debugging, run on the host machine, and specify as an executable file the program that is running in the remote machine. This tells how to find your program's symbols and the contents of its pure text.

    Then establish communication using the target remote command. Its argument specifies how to communicate with the target machine--either via a devicename attached to a direct serial line, or a TCP port (usually to a terminal server which in turn has a serial line to the target). For example, to use a serial line connected to the device named `/dev/ttyb':

    target remote /dev/ttyb

    To use a TCP connection, use an argument of the form host:port. For example, to connect to port 2828 on a terminal server named manyfarms:

    target remote manyfarms:2828

Now you can use all the usual commands to examine and change data and to step and continue the remote program.

To resume the remote program and stop debugging it, use the detach command.

Whenever is waiting for the remote program, if you type the interrupt character (often C-C), attempts to stop the program. This may or may not succeed, depending in part on the hardware and the serial drivers the remote system uses. If you type the interrupt character once again, displays this prompt:

Interrupted while waiting for the program.
Give up (and stop debugging it)?  (y or n)

If you type y, abandons the remote debugging session. (If you decide you want to try again later, you can use `target remote' again to connect once more.) If you type n, goes back to waiting.

Communication protocol

The stub files provided with implement the target side of the communication protocol, and the side is implemented in the source file `remote.c'. Normally, you can simply allow these subroutines to communicate, and ignore the details. (If you're implementing your own stub file, you can still ignore the details: start with one of the existing stub files. `sparc-stub.c' is the best organized, and therefore the easiest to read.)

However, there may be occasions when you need to know something about the protocol--for example, if there is only one serial port to your target machine, you might want your program to do something special if it recognizes a packet meant for .

All commands and responses (other than acknowledgements, which are single characters) are sent as a packet which includes a checksum. A packet is introduced with the character `$', and ends with the character `#' followed by a two-digit checksum:

$packet info#checksum

checksum is computed as the modulo 256 sum of the packet info characters.

When either the host or the target machine receives a packet, the first response expected is an acknowledgement: a single character, either `+' (to indicate the package was received correctly) or `-' (to request retransmission).

The host () sends commands, and the target (the debugging stub incorporated in your program) sends data in response. The target also sends data when your program stops.

Command packets are distinguished by their first character, which identifies the kind of command.

These are the commands currently supported:

Requests the values of CPU registers.

Sets the values of CPU registers.

Read count bytes at location addr.

Write count bytes at location addr.

Resume execution at the current address (or at addr if supplied).

Step the target program for one instruction, from either the current program counter or from addr if supplied.

Kill the target program.

Report the most recent signal. To allow you to take advantage of the signal handling commands, one of the functions of the debugging stub is to report CPU traps as the corresponding POSIX signal values.

If you have trouble with the serial connection, you can use the command set remotedebug. This makes report on all packets sent back and forth across the serial line to the remote machine. The packet-debugging information is printed on the standard output stream. set remotedebug off turns it off, and show remotedebug shows you its current state.

Using the E7000 in-circuit emulator

You can use the E7000 in-circuit emulator to develop code for either the Hitachi SH or the H8/300H. Use one of these forms of the `target e7000' command to connect to your E7000:

target e7000 port speed
Use this form if your E7000 is connected to a serial port. The port argument identifies what serial port to use (for example, `com2'). The third argument is the line speed in bits per second (for example, `9600').

target e7000 hostname
If your E7000 is installed as a host on a TCP/IP network, you can just specify its hostname; uses telnet to connect.

Special commands for Hitachi micros

Some commands are available only on the H8/300 or the H8/500 configurations:

set machine h8300
set machine h8300h
Condition for one of the two variants of the H8/300 architecture with `set machine'. You can use `show machine' to check which variant is currently in effect.

set memory mod
show memory
Specify which H8/500 memory model (mod) you are using with `set memory'; check which memory model is in effect with `show memory'. The accepted values for mod are small, big, medium, and compact.

target sim
Debug programs on a simulated CPU

After specifying this target, you can debug programs for the simulated CPU in the same style as programs for your host computer; use the file command to load a new program image, the run command to run your program, and so on.

As well as making available all the usual machine registers (see info reg), this debugging target provides three additional items of information as specially named registers:

Counts clock-ticks in the simulator.

Counts instructions run in the simulator.

Execution time in 60ths of a second.

You can refer to these values in expressions with the usual conventions; for example, `b fputc if $cycles>5000' sets a conditional breakpoint that suspends only after at least 5000 simulated clock ticks.

Choosing files

When starts, it reads any arguments other than options as specifying an executable file and core file (or process ID). This is the same as if the arguments were specified by the `-se' and `-c' options respectively. ( reads the first argument that does not have an associated option flag as equivalent to the `-se' option followed by that argument; and the second argument that does not have an associated option flag, if any, as equivalent to the `-c' option followed by that argument.)

Many options have both long and short forms; both are shown in the following list. also recognizes the long forms if you truncate them, so long as enough of the option is present to be unambiguous. (If you prefer, you can flag option arguments with `--' rather than `-', though we illustrate the more usual convention.)

-symbols file
-s file
Read symbol table from file file.

-exec file
-e file
Use file file as the executable file to execute when appropriate, and for examining pure data in conjunction with a core dump.

-se file
Read symbol table from file file and use it as the executable file.

-core file
-c file
Use file file as a core dump to examine.

-c number
Connect to process ID number, as with the attach command (unless there is a file in core-dump format named number, in which case `-c' specifies that file as a core dump to read).

-command file
-x file
Execute commands from file file. See section Command files.

-directory directory
-d directory
Add directory to the path to search for source files.

Warning: this option depends on operating system facilities that are not supported on all systems.
If memory-mapped files are available on your system through the mmap system call, you can use this option to have write the symbols from your program into a reusable file in the current directory. If the program you are debugging is called `/tmp/fred', the mapped symbol file is `./fred.syms'. Future debugging sessions notice the presence of this file, and can quickly map in symbol information from it, rather than reading the symbol table from the executable program.

The `.syms' file is specific to the host machine where is run. It holds an exact image of the internal symbol table. It cannot be shared across multiple host platforms.

Read each symbol file's entire symbol table immediately, rather than the default, which is to read it incrementally as it is needed. This makes startup slower, but makes future operations faster.

The -mapped and -readnow options are typically combined in order to build a `.syms' file that contains complete symbol information. (See section Commands to specify files, for information on `.syms' files.) A simple GDB invocation to do nothing but build a `.syms' file for future use is:

	gdb -batch -nx -mapped -readnow programname

Choosing modes

You can run in various alternative modes--for example, in batch mode or quiet mode.

Do not execute commands from any initialization files (normally called `'). Normally, the commands in these files are executed after all the command options and arguments have been processed. See section Command files.

"Quiet". Do not print the introductory and copyright messages. These messages are also suppressed in batch mode.

Run in batch mode. Exit with status 0 after processing all the command files specified with `-x' (and all commands from initialization files, if not inhibited with `-n'). Exit with nonzero status if an error occurs in executing the commands in the command files.

Batch mode may be useful for running as a filter, for example to download and run a program on another computer; in order to make this more useful, the message

Program exited normally.

(which is ordinarily issued whenever a program running under control terminates) is not issued when running in batch mode.

-cd directory
Run using directory as its working directory, instead of the current directory.

Emacs sets this option when it runs as a subprocess. It tells to output the full file name and line number in a standard, recognizable fashion each time a stack frame is displayed (which includes each time your program stops). This recognizable format looks like two `\032' characters, followed by the file name, line number and character position separated by colons, and a newline. The Emacs-to- interface program uses the two `\032' characters as a signal to display the source code for the frame.


To exit , use the quit command (abbreviated q), or type an end-of-file character (usually C-d).

An interrupt (often C-c) does not exit from , but rather terminates the action of any command that is in progress and returns to command level. It is safe to type the interrupt character at any time because does not allow it to take effect until a time when it is safe.

If you have been using to control an attached process or device, you can release it with the detach command (see section Debugging an already-running process).

Shell commands

If you need to execute occasional shell commands during your debugging session, there is no need to leave or suspend ; you can just use the shell command.

shell command string
Invoke a the standard shell to execute command string. If it exists, the environment variable SHELL determines which shell to run. Otherwise uses /bin/sh.

The utility make is often needed in development environments. You do not have to use the shell command for this purpose in :

make make-args
Execute the make program with the specified arguments. This is equivalent to `shell make make-args'.

Go to the previous, next section.