Debugging with ejtagproxy and GDB

Debugging without MPLAB is possible through ejtagproxy. You need a compatible ICSP adapter, like PICkit2 or PICkit3 (full list of compatible adapters is available on project homepage). Note that you can't use PICkit2 with MPLAB, but it works with ejtagproxy. Obtain source, build. Obtain stock GDB source. Configure with --target=mipsel-elf32 . Build. Start ejtagproxy:

$ ejtagproxy
GDB proxy for Microchip PIC32 processors, Version 1.0.25
Copyright (C) 2012 Serge Vakulenko

EJTAGproxy comes with ABSOLUTELY NO WARRANTY; for details
use `--warranty' option. This is Open Source software. You are
welcome to redistribute it under certain conditions. Use the
'--copying' option for details.
ejtagproxy: waiting on TCP port 2000

Start GDB and point it to ELF file of your application:

$ pic32-gdb ~/repos/chipKIT-minimal-application/src/main.elf
(gdb)

Set the target to ejtagproxy:

(gdb) target remote localhost:2000

You should notice that ICSP adapter is now connected to target board. On my chipKIT Max32 this also results in board reset. The ejtagproxy willl print something like:

adapter: PICkit2 Version 2.32.0
processor: Microchip PIC32MX795F512L
processor: reset occured
hardware: 6 breakpoints, 2 watchpoints
oscillator: internal Fast RC

And GDB will connect to target:

Remote debugging using localhost:2000
0xbfc00000 in ?? ()
(gdb)

Now you can set breakpoints, watchpoints, etc. and run the application.

(gdb) break main
Breakpoint 1 at 0x9d00136c: file main.c, line 12.
(gdb) c
Continuing.

Unfortunately, when ejtagproxy is connected to target board everything is much slower than normally, so you have to wait a moment...

Breakpoint 1, main () at main.c:12

12          loop();

As you can see breakpoint was successfully activated in main() function. Now it's possible to do further analysis:

(gdb) i reg
         zero       at       v0       v1       a0       a1       a2       a3
R0   00000000 ffbfffff ffffffff ffffffff 00000000 00000000 a000001c bf800000 
           t0       t1       t2       t3       t4       t5       t6       t7
R8   9d0011f0 00000000 00000020 04000000 00000000 00000000 00000000 00000000 
           s0       s1       s2       s3       s4       s5       s6       s7
R16  00000000 00100000 00000000 00000000 00000000 00000002 00000000 00000000 
           t8       t9       k0       k1       gp       sp       s8       ra
R24  00000000 00000000 00000000 00000000 a00081f0 a001ffe8 a001ffe8 9d001208 
           sr       lo       hi      bad    cause       pc
     00100000 00000019 00000001 cc37facd a0800034 9d00136c 
          fsr      fir
     can't read register 160 (fsr)
(gdb) disassemble 
Dump of assembler code for function main:
  0x9d00135c <+0>:    addiu   sp,sp,-24
  0x9d001360 <+4>:    sw  ra,20(sp)
  0x9d001364 <+8>:    sw  s8,16(sp)
  0x9d001368 <+12>:   move    s8,sp
=> 0x9d00136c <+16>:   jal 0x9d001328 <loop>
  0x9d001370 <+20>:   nop
  0x9d001374 <+24>:   j   0x9d00136c <main+16>
  0x9d001378 <+28>:   nop
End of assembler dump.
(gdb) stepi
loop () at main.c:1
1   void loop(void) {
(gdb) disassemble 
Dump of assembler code for function loop:
=> 0x9d001328 <+0>:    addiu   sp,sp,-16
  0x9d00132c <+4>:    sw  s8,12(sp)
  0x9d001330 <+8>:    move    s8,sp
  0x9d001334 <+12>:   li  v0,1
  0x9d001338 <+16>:   sw  v0,0(s8)
  0x9d00133c <+20>:   lw  v0,4(s8)
  0x9d001340 <+24>:   addiu   v0,v0,2
  0x9d001344 <+28>:   sw  v0,4(s8)
  0x9d001348 <+32>:   move    sp,s8
  0x9d00134c <+36>:   lw  s8,12(sp)
  0x9d001350 <+40>:   addiu   sp,sp,16
  0x9d001354 <+44>:   jr  ra
  0x9d001358 <+48>:   nop
End of assembler dump.
(gdb)