How would a debugger running in Linux/Windows read the PC register on ARM32 & Aarch64? How to access Instruction Register Value?

How to use ptrace to retrieve the PC register of child process on Linux? How to use GetThreadContext to retrieve the PC register from context structure of a child process on Windows?

Thanks.

CodePudding user response：

ptrace(2) has a PTRACE_GETREGS option that reads all the general-purpose registers of the tracee, into a struct user_regs_struct as defined in <sys/user.h>. For AArch64, this struct has an array of size 31 for registers x0 through x30, as well as separate fields for sp, pc and pstate. So you could do (untested):

#include <sys/ptrace.h>
#include <sys/user.h>

struct user_regs_struct regs;
if (ptrace(PTRACE_GETREGS, pid, NULL, &regs) < 0)
    die();
printf("pc is %#llx\n", regs.pc);

For ARM32 it looks like the struct is called struct user_regs instead, which is just an array of size 18. I would guess that it is r0 through r15 (where r15 is pc), then maybe pstate and something else? You'd have to check kernel or GDB sources to confirm. So you can probably do (very untested):

#include <sys/ptrace.h>
#include <sys/user.h>

struct user_regs regs;
if (ptrace(PTRACE_GETREGS, pid, NULL, &regs) < 0)
    die();
printf("pc is %#lx\n", regs.uregs[15]);