How do I set a software breakpoint on an ARM processor?

Question

How do I do the equivalent of an x86 software interrupt:

asm( \"int $3\" )

on an ARM processor (specifically a Cortex A8) to generate an event

Answer 1

Although the original question asked about Cortex-A7 which is ARMv7-A, on ARMv8 GDB uses

brk #0

Answer 2

We can use breakpoint inst:

• For A32: use BRK #imm instruction

• For Arm and Thumb: use BKPT #imme instruction.

Or we can use UND pseudo-instruction to generate undefined instruction which will cause exception if processor attempt to execute it.

Answer 3

__asm__ __volatile__ ("bkpt #0");

See BKPT man entry.

Answer 4

On my armv7hl (i.MX6q with linux 4.1.15) system, to set a breakpoint in another process, I use :

ptrace(PTRACE_POKETEXT, pid, address, 0xe7f001f0)

I choose that value after strace'ing gdb :)

This works perfectly : I can examine the traced process, restore the original instruction, and restart the process with PTRACE_CONT.

Answer 5

For Windows on ARM, the instrinsic __debugbreak() still works which utilizes undefined opcode.

nt!DbgBreakPointWithStatus:
defe     __debugbreak

Answer 6

ARM does not define a specific breakpoint instruction. It can be different in different OSes. On ARM Linux it's usually an UND opcode (e.g. FE DE FF E7) in ARM mode and BKPT (BE BE) in Thumb.

With GCC compilers, you can usually use __builtin_trap() intrinsic to generate a platform-specific breakpoint. Another option is raise(SIGTRAP).