Presentation is loading. Please wait.

Presentation is loading. Please wait.

Microprocessor system architectures– IA32 debugging and performance monitoring Jakub Yaghob.

Similar presentations

Presentation on theme: "Microprocessor system architectures– IA32 debugging and performance monitoring Jakub Yaghob."— Presentation transcript:

1 Microprocessor system architectures– IA32 debugging and performance monitoring Jakub Yaghob

2 Overview of debugging support Debug exception #DB Nearly all debug events Breakpoint exception #BP Exception invoked by INT3 Debug registers DR0 - DR3, DR6, DR7 T flag in TSS During attempt to switch task EFLAGS [ RF ] Resume Flag – disables multiple exceptions to the instruction EFLAGS [ TF ] Trap Flag – generates #DB after every execution of an instruction Breakpoint instruction INT3 Last branch recording Only P6+

3 Conditions for invoking the debugger Task switch Execution of breakpoint instruction Execution of any instruction Execution of an instruction at a specified address Read or write of B, W, D at a specified memory address Write to B, W, D at a specified memory address Input of B, W, D at a specified I/O address (Pentium+) Output to B, W, D at a specified I/O address (Pentium+) Attempt to change the contents of a debug register

4 Program tracing Tracing enabled by EFLAGS [ TF ]=1 Exception #DB invoked after every instruction execution with TF set before the instruction execution It is a TRAP An instruction, which sets TF, does not invoke the exception An instruction, which clears TF, invokes the exception TF cleared before calling the exception/interrupt handler TF does not change its state during CPL changes Concurrent occurrence of single-step and an external interrupt #DB invoked TF cleared The external interrupt handler invoked before the first instruction of #DB handler

5 Task switching TSS [ T ] set for a target task Invoked after the task is switched before the first instruction of the target task is executed #DB should not be handled by a task with T flag set CPU in loop

6 Breakpoint instruction Instruction INT3 Encoded as 1B instruction Suitable for inserting into the code to any address Using Write the INT3 instruction to the breakpoint and remember previous contents #BP invokes debugger Before returning from #BP the EFLAGS [ TF ] is set on the stack and original contents is written back to the breakpoint Return from the exception #DB for single-step invoked after the instruction on the breakpoint is executed Clear the TF and write back INT3 to the breakpoint

7 Debug registers – I

8 Debug registers – II Status register DR6 Bn – condition n detected BD – debug registers access detected with DR7 [ GD ] BS – single step BT – task switch Control register DR7 Ln – local breakpoint enabled Gn – global breakpoint enabled GD – general detect enable R/Wn – breakpoint condition LENn – size of memory location 00Instruction execution 01Write 10 I/O ( CR4 [ DE ]=1), undefined ( CR4 [ DE ]=0) 11Read and write 001B 012B 10Undefined (8B for newer CPUs) 114B

9 Breakpoint recognition Address The address must be aligned to the size Data and I/O breakpoint Any accessed byte inside the range Instruction breakpoint Must have size 1B Only the first byte of an instruction

10 Breakpoint conditions

11 Instruction breakpoint It is FAULT We need to avoid endless loop on the breakpoint High priority Invoked before other exceptions Not invoked on an instruction after the POP SS/MOV SS instruction How to avoid the endless loop The flag EFLAGS [ RF ] Automatically set before any FAULT exception is invoked, except of instruction breakpoint Cleared after successful execution of an instruction, except of task switch ( JMP, CALL, INT, IRET ) It can be explicitly set only by reading EFLAGS from the stack/TSS returning from interrupt handler Using as a breakpoint Set the RF in the EFLAGS image on the stack/v TSS

12 Last branch recording Introduced in the Pentium Pro Depends tightly on model and MSRs Branches, interrupts, exceptions Branches: JMP, Jcc, LOOP, CALL / RET

13 Performance monitoring Introduced in the Pentium Time-stamp counter Architectural performance monitoring Behaves consistently across microarchitectures Performance monitoring depending on a microarchitecture MSRs

14 Time-stamp counter Support TSC flag Availability check in CPUID.1:EDX.TSC IA32_TIME_STAMP_COUNTER MSR MSR used as a counter 64-bit RDTSC instruction TSD flag Enable/disable TSC (CR4[TSD]) Behavior Older CPUs Increments with every internal clock cycle Newer CPUs Increments at a constant rate

Download ppt "Microprocessor system architectures– IA32 debugging and performance monitoring Jakub Yaghob."

Similar presentations

Ads by Google