Debugging is a methodical process of finding and reducing the number of bugs, or defects, in a computer program, thus making it behave as expected. Debugging ranges in complexity from fixing simple errors to performing lengthy and tiresome tasks of data collection, analysis, and scheduling updates. The debugging skill of the programmer can be a major factor in the ability to debug a problem, but the difficulty of software debugging varies greatly with the complexity of the system, and also depends, to some extent, on the programming language(s) used and the available tools, such as debuggers. Debuggers are software tools which enable the programmer to monitor the execution of a program, stop it, restart it, set breakpoints, and change values in memory. More specifically, the debugger is a computer program that is used to test and debug other programs, sometimes called target programs. The term debugger can also refer to the person who is doing the debugging.
Conventional debuggers interact with the kernel in order to stop the application, restart the application, set breakpoints, and to access application memory. Some kernels include a kernel debugger, which resides in the kernel and operates in kernel-space, like a stub implementing low-level operations that interacts with a debugger, such as GNU Debugger (GDB) or DBX. The debugger may run on a separate machine than the kernel debugger, sending commands to the stub over a serial line or a network connection. For example, conventional debuggers, such as GDB and DBX, use kernel ptrace support to interact with the kernel to debug an application. Ptrace, which is short for process trace, is a system call found in various operating systems. By using ptrace, one process can control another, enabling the controller (i.e., the debugger) to inspect and manipulate the internal state of its target. Debuggers, such as GDB and DBX, use ptrace to obtain extensive control over the operation of its target, including manipulating its file descriptors, memory, and registers. Kernels include a ptrace kernel application programming interface (API) to allow the debugger to interact with the kernel.
Since conventional debuggers need to interact with the kernel to debug an application, these kernel-based debuggers have some limitations. For example, some embedded systems have the ptrace kernel API disabled due to very tight constraints imposed on the kernel, thus disallowing a debugger to interact with the kernel to debug an application in this environment. Also, since the ptrace kernel API has been around a long time, in some cases it is not well suited for the needs of modern debugging technologies.