So I am working on a debugger for linux s390x system and have the whole disassembler etc set up for reading the ELF file. For debugger I just run it on the process with base address from the process maps.
Now when running for debugger, the process map doesn't have a read only map which would only have ELF headers and this map also does not have the ELF magic bytes in the starting unlike other systems like linux x86_64 and linux arm64. Now this affects my debugger as the addresses are set according to this.
Also to set up the breakpoint ptrace provides the
#define S390_BREAKPOINT_U16 ((__u16)0x0001)
Now when set the this at the opcode, it hits the breakpoint correctly, but when I replace the original opcode, the opcode 4 bytes ahead gets placed at this position for some reason.
I think most probably the ELF header magic bytes missing messes up stuff, even if i set the breakpoint to start of a function like main SIGILL is hit some
Asked by well-mannered-goat
(31 rep)
Jul 31, 2025, 03:35 PM