How do I set a software breakpoint on an ARM processor?

Question

How do I do the equivalent of an x86 software interrupt:

asm( "int $3" )

on an ARM processor (specifically a Cortex A8) to generate an event that will break execution under gdb?

Answer 1

We can use breakpoint inst:

• For A32: use BRK #imm instruction

• For Arm and Thumb: use BKPT #imme instruction.

Or we can use UND pseudo-instruction to generate undefined instruction which will cause exception if processor attempt to execute it.

Answer 2

Although the original question asked about Cortex-A7 which is ARMv7-A, on ARMv8 GDB uses

brk #0

Answer 3

On my armv7hl (i.MX6q with linux 4.1.15) system, to set a breakpoint in another process, I use :

ptrace(PTRACE_POKETEXT, pid, address, 0xe7f001f0)

I choose that value after strace'ing gdb :)

This works perfectly : I can examine the traced process, restore the original instruction, and restart the process with PTRACE_CONT.

Answer 4

__asm__ __volatile__ ("bkpt #0");

See BKPT man entry.

Answer 5

I have a simple library (scottt/debugbreak) just for this:

#include <debugbreak.h>
...
debug_break();

Just copy the single debugbreak.h header into your code and it'll correctly handle ARM, AArch64, i386, x86-64 and even MSVC.

Answer 6

For Windows on ARM, the instrinsic __debugbreak() still works which utilizes undefined opcode.

nt!DbgBreakPointWithStatus:
defe     __debugbreak

Answer 7

Using arm-none-eabi-gdb.exe cross compiler, this works great for me (thanks to Igor's answer):

__asm__("BKPT");

Answer 8

ARM does not define a specific breakpoint instruction. It can be different in different OSes. On ARM Linux it's usually an UND opcode (e.g. FE DE FF E7) in ARM mode and BKPT (BE BE) in Thumb.

With GCC compilers, you can usually use __builtin_trap() intrinsic to generate a platform-specific breakpoint. Another option is raise(SIGTRAP).