0

I was just running my own debugger on a ARM 32 Bit Rasperry Pi System. Here, i tried to singlestep through a simple test programm, but for some reason, this doesn't work. I'm using the ptrace syscall with the PTRACE_SINGLESTEP but it always returns (-1). Checking the errno code revealed a 4 (EIO), what means an I/O error.

I'm coming from x86 world, so I'm not into details of ARM internals, but getting familiar with the register sets, showed that there isn't something like a EFLAGS reg with a trap flag like on x86. The most similar on ARM seems to be the CPSR reg, but it doesnt't offer a singlestep flag.

So I'm wondering if it's possible to singlestep by ptrace at all on this machine, and what the I/O error means. Any ideas?

@wallyk: This is the code:

def singlestepThread(self, thread_id, signal = 0):
    
    if libc.ptrace( PTRACE_SINGLESTEP,
                    thread_id,
                    0,
                    signal) == -1:
        
        print("[!]: failed to singlestep thread (TID: %i)" % thread_id)
        errno = get_errno()
        print("[!]: errno: %i: %s" % (errno, self.errnos[errno]) )
        return False
        
    return True
guest
  • 51
  • 4
  • How does your *own debugger* implement a single step operation? Is there any reason you can't use `gdb`? – wallyk Dec 24 '20 at 05:14
  • ARM Linux *used* to support PTRACE_SINGLESTEP by replacing the next instruction with a software breakpoint (like x86's `0xcc int3`), but that support has been removed from the kernel; the debugger has to do it "manually". [Does android support the PTRACE\_SINGLESTEP?](https://stackoverflow.com/q/23058003) – Peter Cordes Dec 24 '20 at 05:14
  • http://lists.infradead.org/pipermail/linux-arm-kernel/2011-February/041324.html is the relevant patch: to figure out where to put the breakpoint, it had to decode the current instruction to find out where the *next* instruction would be. (For length in thumb mode, and possible branches.) This was a lot of complexity. – Peter Cordes Dec 24 '20 at 05:22
  • ok thx, this solution sounds pretty nasty :P – guest Dec 24 '20 at 05:31

0 Answers0