How do I set a software breakpoint on an ARM processor?

Question

How do I do the equivalent of an x86 software interrupt:

asm( "int $3" )

on an ARM processor (specifically a Cortex A8) to generate an event that will break execution under gdb?

Answer 1

ARM does not define a specific breakpoint instruction. It can be different in different OSes. On ARM Linux it's usually an UND opcode (eg FE DE FF E7 ) in ARM mode and BKPT ( BE BE ) in Thumb.

With GCC compilers, you can usually use __builtin_trap() intrinsic to generate a platform-specific breakpoint. Another option is raise(SIGTRAP) .

Answer 2

使用arm-none-eabi-gdb.exe交叉编译器，这对我很有用（感谢Igor的回答）：

__asm__("BKPT");

Answer 3

__asm__ __volatile__ ("bkpt #0");

见BKPT man entry。

Answer 4

I have a simple library ( scottt/debugbreak ) just for this:

#include <debugbreak.h>
...
debug_break();

Just copy the single debugbreak.h header into your code and it'll correctly handle ARM, AArch64, i386, x86-64 and even MSVC.

Answer 5

For Windows on ARM, the instrinsic __debugbreak() still works which utilizes undefined opcode.

nt!DbgBreakPointWithStatus:
defe     __debugbreak

Answer 6

We can use breakpoint inst:

• For A32: use BRK #imm instruction

• For Arm and Thumb: use BKPT #imme instruction.

Or we can use UND pseudo-instruction to generate undefined instruction which will cause exception if processor attempt to execute it.

Answer 7

On my armv7hl (i.MX6q with linux 4.1.15) system, to set a breakpoint in another process, I use :

ptrace(PTRACE_POKETEXT, pid, address, 0xe7f001f0)

I choose that value after strace'ing gdb :)

This works perfectly : I can examine the traced process, restore the original instruction, and restart the process with PTRACE_CONT.

Answer 8

Although the original question asked about Cortex-A7 which is ARMv7-A, on ARMv8 GDB uses

brk #0