How do breakpoints work in C++ code?

Question

How do breakpoints work in C++ code? Are they special instructions inserted in between some assembler instructions when the code is compiled? Or is there something else in place? Also, how are stepping-through-the-code implemented? The same way as breakpoints...?

Answer 1

This is heavly depend on the CPU and debugger.

For example, one of the possible solution on x86 CPU:

• Insert one-byte INT3 instruction on the required place
• Wait until breakpoint exception hits
• Compare exception address to the list of breakpoint to determine which one
• Do breakpoint actions
• Replace INT3 with original byte and switch the debugged process into trace mode (step-by-step execution of CPU instructions)
• Continue debugged process
• Immediately you catch trace exception - the instruction was executed
• Put INT3 back

Watchpoints can be implemented in the similar way, but instead of INT3 you put the memory page where watched variable is into read only, or into no access mode, and wait for segmentation exception.

Stepping through assembly can also be done by using trace mode. Stepping through source lines can also be done by placing breakpoints onto next instructions, based on debug data.

Also some CPU has hardware breakpoint support, when you just load address into some register.

Answer 2

According to this blog entry on technochakra.com you are correct:

Software breakpoints work by inserting a special instruction in the program being debugged. This special instruction on the Intel platform is “int 3″. When executed it calls the debugger’s exception handler.

I'm not sure how stepping into or over the next instruction is implemented though. However, the article goes on to add:

For practical reasons, it is unwise to ask for a recompilation whenever a breakpoint is added or deleted. Debuggers change the loaded image of the executable in memory and insert the “int 3″ instruction at runtime.

However, this would only be used for the "run to current line option".