…might be familiar with the common debugging command, po. po is used to display information in your program or execute code. If lldb knows how to interpret the value you’ve po‘d, it will be able to interpret that value and display meaningful information to you. For example lldb…

…this chapter, you’re going to get acquainted with LLDB and investigate the process of introspecting and debugging a program. You’ll start off by introspecting a program you didn’t even write — Xcode…

…that you've learned about the two most essential commands, help and apropos, it's time to investigate all the ways LLDB can attach itself to a process…

…learned the essentials of working with LLDB’s Python module, as well as how to correct any errors using Python’s PDB debugging module. Now you’ll explore the main players within the lldb Python module for a good overview of the main parts. In this chapter…

…create breakpoints. It’s easy to click on the side panel in Xcode to create a breakpoint using the GUI, but the LLDB console can give you much more control over breakpoints…

…cheat sheet for commands and ideas on how to use LLDB. Getting Help (lldb) help List all commands and aliases. (lldb) help po Get help documentation for po (expression) command. (lldb) help break set Get help documentation for breakpoint set. (lldb) apropos step-in Search through help documentation containing step…

…script), you’ve used a small set of APIs to evaluate the code. It’s time to talk about a new class in the lldb Python module, SBValue, and how it can simplify the parsing of JIT code output…

Just like any respectable developer tool, LLDB ships with a healthy amount of documentation. Knowing how to navigate through this documentation — including some of the more obscure command flags — is essential to mastering LLDB…

Next up in the tradeoff between convenience and complexity is LLDB’s script bridging. With script bridging, you can do nearly anything you like. Script bridging is a Python interface LLDB uses to help extend the debugger to accomplish your wildest debugging dreams…

…need a methodical way to figure out what went wrong in your LLDB script so you don’t pull your hair out. In this chapter, you’ll explore how to inspect your LLDB Python scripts using the Python pdb module, which is used for debugging Python scripts…

…searches. Automating Script Creation Included in the starter directory of this project are two Python scripts that will make your life easier when creating LLDB script content. They are as follows: generate_new_script.py: This creates new skeletons script with whatever name you provide it and stick it into the same directory…

When LLDB comes up against a stripped executable (an executable devoid of DWARF debugging information), LLDB won’t have the symbol information to give you the stack trace. Instead, LLDB will generate a synthetic name for a method it recognizes as a method, but doesn’t know what to call…

MallocStackLogging environment variable is used to get the stack trace when an object is created. From there, you’ll create a custom LLDB command which gives you the stack trace of when an object was allocated or deallocated in memory — even after the stack trace is long gone from…

…your Mach-O knowledge to cheat the system and always win. Build and run. At any point, suspend the program via LLDB and run the following command. (lldb) image dump sections MachOFun As you learned in the previous chapter, this will dump all the segments and corresponding sections found…

…since you’re working on a Cocoa application. Build and rerun the application. Once the debugger has stopped, type the following into the LLDB console: (lldb) register read This will list all of the main registers at the paused state of execution. However, this is too much information. You should…

…time to explore one of the best tools for finding code of interest through the powers of lldb. In this chapter, you'll take a deep dive into the image command…

…chapter, you learned about command alias as well as how to persist commands through an lldbinit file. Unfortunately, command alias has some limitations because lldb essentially just replaces the alias with the actual command when it parses your input. In this chapter, you’ll combine the input substitution technique from…

They changed around the order of source and destination, and used different leading characters to denote registers, constants, etc. The default format for LLDB is Intel. It places the destination as the first argument after the opcode. opcode destination source If you ever encounter a disassembly where those things…

…debugger and inspect data beyond the immediate. In this chapter, you’ll learn how to move the debugger in and out of code while `lldb` has suspended a program…

…remember decades ago in Chapter 1 where I mentioned you need to disable Rootless for certain functionality to work? In addition to letting LLDB attach to any process on your macOS, DTrace will not correctly function if System Integrity Protection is enabled. If you skipped Chapter 1, go back…