iOS

Debugging PART I
Finding and elimina:ng bugs in the code is a cri:cal phase of the development process.

Dawid Planeta Technology Development Thomson Reuters

London, August 2013

Ques:on
What type is clicked object? Imagine that you are new to the project and you want to quickly know the name of a selected class. How to do this using debugger?

"Everybody knows that something can't be done and then somebody turns up and he doesn't know it can't be done and he does it."
iOS Debugging | Part I Dawid Planeta | Technology Development 2

Ques:on
1.) What type is clicked object? How to nd the answer? Where and what kind breakpoint to create?

(lldb) breakpoint set --name "-[UIResponder touchesEnded:withEvent:]" (lldb) breakpoint set --name "-[UIWindow sendEvent:] (lldb) breakpoint set --selector touchesEnded:withEvent: Check breakpoint list. (lldb) breakpoint list

name vs selector dierents? Lets check what is going on in the code. Look at (opcode) assembly instrucGons.
Assembly language, or just assembly, is a low-level programming language, which uses mnemonics, instruc:ons and operands to represent machine code.

iOS Debugging | Part I

Dawid Planeta | Technology Development

Ques:on
(lldb) breakpoint set --name "-[UIResponder touchesEnded:withEvent:]" Breakpoint 2: where = UIKit`-[UIResponder touchesEnded:withEvent:], address = 0x02cc898e (lldb) disassemble --frame UIKit`-[UIResponder touchesEnded:withEvent:]: Example: -> 0x2cc898e: pushl %ebp push ebp 0x2cc898f: movl %esp, %ebp copy stack pointer to ebp 0x2cc8991: subl $8, %esp make space on stack for local data 0x2cc8994: movl 20(%ebp), %eax 0x2cc8997: movl %eax, 4(%esp) ebp -- used to access data on stack 0x2cc899b: movl 16(%ebp), %eax opcode source, dest 0x2cc899e: movl %eax, (%esp) 0x2cc89a1: movl 8(%ebp), %ecx 0x2cc89a4: movl 12(%ebp), %edx 0x2cc89a7: calll 0x2cc882d ; forwardTouchMethod 0x2cc89ac: addl $8, %esp 0x2cc89af: popl %ebp 0x2cc89b0: ret (lldb)
iOS Debugging | Part I Dawid Planeta | Technology Development 4

Ques:on
What should we check next?
EAX - Accumulator Register EBX - Base Register (for use with arrays) ECX - Counter Register EDX - Data Register ESI - Source Index EDI - DesGnaGon Index EBP - Base Pointer ESP - Stack Pointer

Thread backtrace? Nothing? Lets read the registers!

(lldb) register read General Purpose Registers: eax = 0x0012098e UIKit`-[UIResponder touchesEnded:withEvent:] ebx = 0x0f4133f0 ecx = 0x005b20f9 "touchesEnded:withEvent:" edx = 0x00000000 edi = 0x08a143c0 esi = 0x07645d00 ebp = 0xbfffe038 esp = 0xbfffdefc
iOS Debugging | Part I Dawid Planeta | Technology Development 5

Ques:on
What is in the base register (ebx)? (lldb) memory read --format x 0x0f4133f0 0x01db7050 0x00000001 0x00000003 0x00000002 0x0f41cd40 0x00000000 0x00000000 0x00000000 (lldb) image lookup --address 0x01db7050 Address: CoreFoundation[0x001b2050] (CoreFoundation.__DATA.__objc_data + 2300) Summary: (void *)0x01db70f0: __NSSetM (lldb) po 0x01db7050 $10 = 31158352 __NSSetM struct objc_class { Class isa; #if !__OBJC2__ Class super_class const char *name long version long info; long instance_size struct objc_ivar_list *ivars struct objc_method_list **methodLists struct objc_cache *cache struct objc_protocol_list *protocols #endif }
6

Is $ebx like the Objective-C runtime Class structure (NSMutableSet) with name first?

iOS Debugging | Part I

Dawid Planeta | Technology Development

Ques:on
What type is the selected object?

(lldb) breakpoint set --name "-[UIResponder touchesEnded:withEvent:]" Breakpoint 1: where = UIKit`-[UIResponder touchesEnded:withEvent:], address = 0x0012098e (lldb) breakpoint command add 1 Enter your debugger command(s). Type 'DONE' to end. > script print "\n========= > po $ebx > continue > DONE (lldb) breakpoint modify --condition '$ecx != $edi' 1
Do we need a condiGon? How to display view hierarchy? Expressions?

iOS Debugging | Part I

Dawid Planeta | Technology Development

Ques:on
1.) What type is the selected object? How to display view hierarchy?

(lldb) breakpoint set --name "-[UIResponder touchesEnded:withEvent:]" Breakpoint 1: where = UIKit`-[UIResponder touchesEnded:withEvent:], address = 0x0012098e (lldb) breakpoint command add 1 Enter your debugger command(s). Type 'DONE' to end. > script print "\n=========" > po $ebx > expr for(id idv=(id)[[$ebx anyObject] view]; idv; idv=(id)[idv superview])(void)printf("%s\n", (const char*)class_getName((id)[idv class])) > continue > DONE (lldb) breakpoint modify --condition '$ecx != $edi' 1
What about with a UIBu`on? Doesnt work? How to x this? Any Ideas? Regular expressions?
iOS Debugging | Part I Dawid Planeta | Technology Development 8

Ques:on
1.) What type is the selected object? The second approach regular expressions. Why not selector?

(lldb) breakpoint set --func-regex "touchesEnded:withEvent:\]" Breakpoint 2: 52 locations. (lldb) breakpoint command add 2 Enter your debugger command(s). Type 'DONE' to end. > script print "\n=========" > po $ebx > continue > DONE (lldb) breakpoint modify -c '$ecx != $edi' 2

iOS Debugging | Part I

Dawid Planeta | Technology Development

Introduc:on to iOS Debugging

PART I

- The xCode debugging environments - Excep:on and Symbolic Breakpoints - Edi:ng and Managing Breakpoints - Breakpoint Ac:ons - Breakpoint commands

PART II
- - - - - - Python Scrip:ng Custom LLDB Command XPC debugging OpenGL ES Debugging UIWebViews Debugging Core Data Debugging

PART III

- Targe:ng debugging - Con:nuous Integra:on Debugging - Hacking and Securing iOS Applica:ons

iOS Debugging | Part I

Dawid Planeta | Technology Development

10

Introduc:on to iOS Debugging PART I

Debugging is a methodical process of nding and reducing the number of bugs, or defects.
An expert is a man who has made all the mistakes which can be made, in a narrow eld. -- Niels Bohr

iOS Debugging | Part I

Dawid Planeta | Technology Development

11

xCode 5.0 and GDB

Product -> Scheme -> Edit Scheme -> Run example.app (Xcode 4.6) Xcode 5 does not support use of the LLVM-GCC compiler and the GDB debugger. Exis:ng projects congured to use LLVM-GCC and GDB will be recongured to use the LLVM compiler and LLD

iOS Debugging | Part I

Dawid Planeta | Technology Development

12

Why create LLDB?

Wanted beWer debugger What was wrong with GDB? Architecture Parses informa:on in large chunks GDB was not designed to vend an API Global variables contain program state Dierent GDB binaries for each architecture Pervasive preprocessor macros Issues with expression parser Objec:ve-C proper:es

iOS Debugging | Part I

Dawid Planeta | Technology Development

13

LLDB Improvements

Improved ObjecGve-C debugging support Objec:ve-C property syntax Full Objec:ve-C class deni:ons Data formaWers now in LLDB Objec:ve-C and C++ STL types and collec:ons Watchpoints for desktop and iOS Improved Python scripGng

iOS Debugging | Part I

Dawid Planeta | Technology Development

14

xCode 4 Debugging Environments

Discoverable form Abbreviated form Alias

iOS Debugging | Part I

expression --object-descrip:on -- foo e -0 -- foo po foo

Dawid Planeta | Technology Development

15

xCode 4 Debugging Environments

iOS Debugging | Part I

Dawid Planeta | Technology Development

16

Excep:on and Symbolic Breakpoints

iOS Debugging | Part I

Dawid Planeta | Technology Development

17

Crea:ng Breakpoints Ques:on

How to track all low-level ObjecGve-C funcGons?
(lldb) breakpoint set --name objc_msgSend Breakpoint 1: where = libobjc.A.dylib`objc_msgSend, address = 0x010e008c (lldb) thread backtrace * thread #1: tid = 0x1c03, 0x010e008c libobjc.A.dylib`objc_msgSend, stop reason = breakpoint 1.1 frame #0: 0x010e008c libobjc.A.dylib`objc_msgSend frame #1: 0x01c8ace1 CoreFoundation`__NSArrayEnumerate + 161 frame #16: 0x01beb668 GraphicsServices`GSEventRun + 104 frame #17: 0x00012ffc UIKit`UIApplicationMain + 1211 frame #18: 0x0000251d example`main(argc=1, argv=0xbffff36c) + 141 at main.m:16 frame #19: 0x00002445 example`start + 53 (lldb)
iOS Debugging | Part I Dawid Planeta | Technology Development 18

Crea:ng Breakpoints Ques:on

How to track all low-level ObjecGve-C funcGons?
(lldb) breakpoint set --name objc_msgSend Breakpoint 1: where = libobjc.A.dylib`objc_msgSend, address = 0x010e008c (lldb) breakpoint command add --script-type python 1 Enter your Python command(s). Type 'DONE' to end.
> > > > > > > > frame1 = lldb.thread.GetFrameAtIndex(1) global str tmp = '%s : %s, frames: %i' % (frame1.module.file.basename, frame1.name, lldb.thread.num_frames) if str != tmp: &str = tmp &print tmp lldb.process.Continue() DONE

iOS Debugging | Part I

Dawid Planeta | Technology Development

19

Crea:ng Breakpoints Command Line

Stop at a source line breakpoint set --le le.m --line 4 b le.m:4 Stop whenever any object breakpoint set --selector drawRect: receives a selector b drawRect: Stop at a method breakpoint set --name "-[MyViewA drawRect:]" b "-[MyViewA drawRect:]" Stop whenever any Objec:ve- breakpoint set --name objc_msgSend C object call any selector b obj_msgSend Objec:ve-C [obj selector:param] is C func:on in Objec:ve-C run:me library objc_msgSend(obj, selector, parameters)

iOS Debugging | Part I

Dawid Planeta | Technology Development

20

Dele:ng Breakpoints
Lis:ng breakpoint breakpoint list br l Dele:ng breakpoint breakpoint delete 4 5 br del 4 5 (lldb) breakpoint list Current breakpoints: 2: file ='ViewController.m', line = 31, locations = 1, resolved = 1 2.1: where = example`-[ViewController viewDidLoad] + 78 at ViewController.m:31, address = 0x00002b6e, resolved, hit count = 0 (lldb) breakpoint delete 2 1 breakpoints deleted; 0 breakpoint locations disabled.

iOS Debugging | Part I

Dawid Planeta | Technology Development

21

Edi:ng Breakpoints and Variables

(lldb) frame variable (ViewController *const) self = 0x0753be60 (SEL) _cmd = "viewDidLoad" (BOOL) loop = YES (lldb) expr loop=NO (BOOL) $0 = NO
iOS Debugging | Part I Dawid Planeta | Technology Development 22

Expressions
- The expression parser uses a full instance of the Clang compiler (front end compiler uses LLVM as its back end) in order to accurately evaluate expressions. - Expressions is compiled into an AST (Abstract Syntax Tree), then is genera:ng a DWARF (standardized debugging data format) expression that contains simple opcodes that can be quickly re-evaluated each :me an expression needs to be evaluated, or JIT'ed (machine code in a just-in-:me compiler) up into code that can be run on the process being debugged.

iOS Debugging | Part I

Dawid Planeta | Technology Development

23

Expressions
Syntax: expression <cmd-options> -- <expr> Command Options Usage: expression [-f <format>] [-G <gdb-format>] [-a <boolean>] [-d <boolean>] [-t <unsigned-integer>] [u <boolean>] -- <expr> expression [-o] [-a <boolean>] [-d <boolean>] [-t <unsigned-integer>] [-u <boolean>] -- <expr> expression <expr> User defined variables: You can define your own variables for convenience or to be used in subsequent expressions. You define them the same way you would define variables in C. If the first character of your user defined variable is a $, then the variable's value will be available in future expressions, otherwise it will just be available in the current expression. Examples: expr my_struct->a = my_array[3] expr -f bin -- (index * 8) + 5 expr unsigned int $foo = 5 expr char c[] = "foo"; c[0]
iOS Debugging | Part I Dawid Planeta | Technology Development

IMPORTANT NOTE: Because this command takes 'raw' input, if you use any command options you must use ' -- ' between the end of the command options and the beginning of the raw input.
24

Breakpoint Ac:ons

iOS Debugging | Part I

Dawid Planeta | Technology Development

25

AppleScript
AppleScript is primarily a scrip:ng language developed by Apple to do Inter- Applica:on Communica:on (IAC) using AppleEvents. The Open ScripGng Architecture (OSA) provides a standard and extensible mechanism for interapplica:on communica:on in OS X. Communica:on takes place through the exchange of Apple events, a type of message designed to encapsulate commands and data of any complexity. Apple events provide an event dispatching and data transport mechanism that can be used within a single applica:on, between applica:ons on the same computer, and between applica:ons on dierent computers. The OSA denes data structures, a set of common terms, and a library of func:ons, so that applica:ons can more easily create and send Apple events, as well as receive them and extract data from them.

iOS Debugging | Part I

Dawid Planeta | Technology Development

26

AppleScript

iOS Debugging | Part I

Dawid Planeta | Technology Development

27

AppleScript Breakpoint Ac:on

display dialog "Hello, world!" display alert "Hello, world! do shell script "date >> $HOME/Desktop/breakUpdate.txt" say "Hello, world!"

iOS Debugging | Part I

Dawid Planeta | Technology Development

28

AppleScript Breakpoint Ac:on

Call an other applica:on.

tell application "Safari" to open location "http://www.google.com" tell application "Safari" &activate &do JavaScript "window.open('http://www.google.com')" in document 1 end tell
Check internal and external IP

set internalIP to IPv4 address of (get system info) set externalIP to word 25 of (do shell script "curl checkip.dyndns.org") display alert "internal IP: " & internalIP & \nexternal IP: " & externalIP

iOS Debugging | Part I

Dawid Planeta | Technology Development

29

AppleScript Breakpoint Ac:on

set recipientName to "Dawid Planeta" set recipientAddress to [email protected]" set theSubject to "AppleScript Automated Email" set theContent to "This email was created by Xcode breakpoint!" --Mail Tell Block tell applica&on "Mail" --Create the message set theMessage to make new outgoing message with proper:es {subject:theSubject, content:theContent, visible:true} --Set a recipient tell theMessage make new to recipient with proper:es {name:recipientName, address:recipientAddress} --Send the Message send end tell end tell

iOS Debugging | Part I

Dawid Planeta | Technology Development

30

AppleScript Breakpoint Ac:on

OpportuniGes?

Benets?

iOS Debugging | Part I

Dawid Planeta | Technology Development

31

Capture OpenGL ES Frame

OpenGL ES Debugging is presented comprehensively in the second part of the presenta:on.

iOS Debugging | Part I

Dawid Planeta | Technology Development

32

Debugger Command

iOS Debugging | Part I

Dawid Planeta | Technology Development

33

Log Message

iOS Debugging | Part I

Dawid Planeta | Technology Development

34

Shell Command Breakpoint Ac:on

Run command-line programs using shell commands. For example you can take screenshot and check memory leaks using external tools.

Command: screencapture /Users/dawidplaneta/Desktop/screenshot.png

Or call our script

Command: sh /Users/dawidplaneta/Desktop/leakScript.sh #!/bin/bash leaks -nocontext -nostacks iPhone\ Simulator > $HOME/Desktop/simLeaks.txt exit

iOS Debugging | Part I

Dawid Planeta | Technology Development

35

Sharing Breakpoints

iOS Debugging | Part I

Dawid Planeta | Technology Development

36

Breakpoint commands
Set a breakpoint at all func:ons named main.
(gdb) break main (lldb) breakpoint set --name main (lldb) br s -n main (lldb) b main

Set a breakpoint in le test.c at line 12.

(gdb) break test.c:12 (lldb) breakpoint set --le test.c --line 12 (lldb) br s -f test.c -l 12 (lldb) b test.c:12

Set a breakpoint at all C++ methods whose basename is main.

(gdb) break main (lldb) breakpoint set --method main (lldb) br s -M main

Set a breakpoint at and object C func:on: -[NSString stringWithFormat:].

(gdb) break -[NSString stringWithFormat:] (lldb) breakpoint set --name "-[NSString stringWithFormat:]" (lldb) b -[NSString stringWithFormat:]

Set a breakpoint at all Objec:ve C methods whose selector is count.

(gdb) break count (lldb) breakpoint set --selector count (lldb) br s -S count

iOS Debugging | Part I

Dawid Planeta | Technology Development

37

Breakpoint commands
Set a condi:onal breakpoint
(lldb) breakpoint set --selector example2: -c 'i==2 (lldb) breakpoint set -S example3: -c '(BOOL)[$eax isEqualToString:@"Password2"]' Breakpoint 3: where = example`-[ViewController example3:] + 32 at ViewController.m:60, address = 0x00002e10 (lldb) breakpoint command add Enter your debugger command(s). Type 'DONE' to end. > expr str=@"newPassword" >c > DONE - (void)example2:(NSInteger)i{ NSLog(@"example2: %i", i); }
- (NSString*)example3:(NSString*)str{ return str; } NSLog(@"password: %@",[self example3:@"Password1"]); NSLog(@"password: %@",[self example3:@"Password2"]);
Dawid Planeta | Technology Development

iOS Debugging | Part I

38

Breakpoint commands
Se|ng a regular expression breakpoint
Set a breakpoint by regular expression on source le contents.
(gdb) rbreak regular-expression (lldb) breakpoint set --func-regex regular-expression (lldb) br s -r regular-expression

Match every method from class

(lldb) breakpoint set --func-regex CLASS_NAME (lldb) breakpoint set --func-regex "\[CLASS_NAME" (lldb) breakpoint set --func-regex "\[CLASS_NAME METHOD_NAME:\]"
Match every func:on in the shared library. The regular expression '.' will match any string that has at least one character in it, so we will use that.

(lldb) breakpoint set --func-regex=. --shlib=libsqlite3.dylib

iOS Debugging | Part I Dawid Planeta | Technology Development 39

Breakpoint commands examples

Se|ng a regular expression breakpoint

Example

(lldb) breakpoint set --func-regex "\[DaPSPortfolioListDetailViewController" (lldb) breakpoint command add 13 Enter your debugger command(s). Type 'DONE' to end. > script print "=========" > thread backtrace > continue > DONE

iOS Debugging | Part I

Dawid Planeta | Technology Development

40

Breakpoint commands examples

Se|ng a regular expression breakpoint
Example

(lldb) script global counter (lldb) script counter = 0 (lldb) breakpoint set --func-regex "\[DaPSPortfolioListDetailViewController" Breakpoint 22: 5 locations. (lldb) breakpoint command add --script-type python 22 Enter your Python command(s). Type 'DONE' to end. > global counter > counter += 1 > print '[%i] %s' % (counter, frame.GetFunctionName()) > return TRUE > DONE

iOS Debugging | Part I

Dawid Planeta | Technology Development

41

Breakpoint commands
Set a breakpoint by regular expression on source le contents.
(gdb) shell grep -e -n pa`ern source-le (lldb) breakpoint set --source-pa`ern regular-expression --le (gdb) break source-le:CopyLineNumbers SourceFile (lldb) br s -p regular-expression -f le

List some or all breakpoints at congurable levels of detail.

(gdb) info break (lldb) breakpoint list (lldb) br l

Delete a breakpoint.
(gdb) delete 1 (lldb) breakpoint delete 1 (lldb) br del 1

Clears a breakpoint or set of breakpoints in the executable.

(lldb) breakpoint clear

A set of commands for adding, removing and examining bits of code to be executed when the breakpoint is hit (breakpoint 'commmands').
(lldb) breakpoint command

iOS Debugging | Part I

Dawid Planeta | Technology Development

42

Breakpoint commands
Do a source level single step in the currently selected thread.
(gdb) step (gdb) s (lldb) thread step-in (lldb) step (lldb) s

Do a source level single step over in the currently selected thread.

(gdb) next (gdb) n (lldb) thread step-over (lldb) next (lldb) n

Do an instrucGon level single step in the currently selected thread.

(gdb) stepi (gdb) si (lldb) thread step-inst (lldb) si

Do an instrucGon level single step over in the currently selected thread.

(gdb) nex: (gdb) ni (lldb) thread step-inst-over (lldb) ni

Return immediately from the currently selected frame, with an op:onal return value.
(gdb) return <RETURN EXPRESSION> (lldb) thread return <RETURN EXPRESSION>

iOS Debugging | Part I

Dawid Planeta | Technology Development

43

Examining Variables
Show the arguments and local variables for the current frame.
(gdb) info args (gdb) info locals (lldb) frame variable (lldb) fr v

Show the local variables for the current frame.

(gdb) info locals (lldb) frame variable --no-args (lldb) fr v -a

Show the contents of local variable "bar".

(gdb) p bar (lldb) frame variable bar (lldb) fr v bar (lldb) p bar

Show the contents of local variable "bar" forma`ed as hex.

(gdb) p/x bar (lldb) frame variable --format x bar (lldb) fr v -f x bar

Show the global/sta:c variables dened in the current source le.

(lldb) target variable (lldb) ta v

iOS Debugging | Part I

Dawid Planeta | Technology Development

44

Examining Variables
Example Display the arguments and local variables only when you stop in an object of the class named ViewController.

(lldb) target stop-hook add --classname ViewController --one-liner "frame variable" Stop hook #1 added. (ViewController *const) self = 0x07566a60 (SEL) _cmd = "viewDidLoad" (int) x = 0

iOS Debugging | Part I

Dawid Planeta | Technology Development

45

Watchpoint commands
Set a watchpoint on a variable when it is wri`en to.
(gdb) watch global_var (lldb) watchpoint set variable global_var (lldb) wa s v global_var

Set a watchpoint on a memory loca:on when it is wri`en into. The size of the region to watch for defaults to the pointer size if no '-x byte_size' is specied. This command takes raw input, evaluated as an expression returning an unsigned integer poin:ng to the start of the region, aer the '--' op:on terminator.
(gdb) watch -loca:on g_char_ptr (lldb) watchpoint set expression -- my_ptr (lldb) wa s e -- my_ptr

Set a condi:on on a watchpoint.

(lldb) watch set var global (lldb) watchpoint modify -c '(global==5)' (lldb) c

List all watchpoints.

(gdb) info break (lldb) watchpoint list (lldb) watch l

Delete a watchpoint.
(gdb) delete 1
iOS Debugging | Part I

(lldb) watchpoint delete 1 (lldb) watch del 1

Dawid Planeta | Technology Development 46

Watchpoint commands
A set of commands for adding, removing and examining bits of code to be executed when the watchpoint is hit (watchpoint 'commmands').
(lldb) watchpoint command

Disable/Enable the specied watchpoint(s) without removing it/them. If no watchpoints are specied, disable/enable them all.
(lldb) watchpoint disable/enable

Set ignore count on the specied watchpoint(s). If no watchpoints are specied, set them all.
(lldb) watchpoint ignore

Modify the op:ons on a watchpoint or set of watchpoints in the executable. If no watchpoint is specied, act on the last created watchpoint. Passing an empty argument clears the modica:on.
(lldb) watchpoint modify

iOS Debugging | Part I

Dawid Planeta | Technology Development

47

Watchpoint commands example

(lldb) watchpoint set variable counter Watchpoint created: Watchpoint 1: addr = 0xbfffdb4c size = 4 state = enabled type = w declare @ '/Users/dawidplaneta/Documents/Objective-C kruczki/example/example/ ViewController.m:74' watchpoint spec = 'counter' new value: 0 (lldb) watchpoint modify --condition 'counter==5 (lldb) watchpoint command add 1 -o bt
* thread #1: :d = 0x1c03, 0x00002f45 example`-[ViewController viewDidLoad] (self=0x0717b400, _cmd=0x005c5a77) + 101 at ViewController.m:78, stop reason = watchpoint 1 frame #0: 0x00002f45 example`-[ViewController viewDidLoad](self=0x0717b400, _cmd=0x005c5a77) + 101 at ViewController.m:78 ... Watchpoint 1 hit: old value: 0 new value: 5

int counter=2; ++counter; ++counter; ++counter; ++counter; ++counter;

48

iOS Debugging | Part I

Dawid Planeta | Technology Development

Examining Thread State

Show the stack backtrace for the current thread.
(gdb) bt (lldb) thread backtrace (lldb) bt

Show the stack backtraces for all threads.

(gdb) thread apply all bt (lldb) thread backtrace all (lldb) bt all

Select a dierent stack frame by index for the current thread.

(gdb) frame 12 (lldb) frame select 12 (lldb) fr s 12 (lldb) f 12

List informa:on about the currently selected frame in the current thread.
(lldb) frame info

Select a dierent stack frame using a rela:ve oset.

(gdb) up 2 (gdb) down 3 (lldb) frame select --rela:ve 2 (lldb) fr s -r2 (lldb) frame select --rela:ve -3 (lldb) fr s -r-3
Dawid Planeta | Technology Development 49

iOS Debugging | Part I

Examining Thread State

Show the general purpose registers for the current thread.
(gdb) info registers (lldb) register read

Write a new decimal value '123' to the current thread register 'rax'.
(gdb) p $rax = 123 (lldb) register write rax 123

Skip 8 bytes ahead of the current program counter (instruc:on pointer). Note that we use back:cks to evaluate an expression and insert the scalar result in LLDB.
(gdb) jump *$pc+8 (lldb) register write pc `$pc+8`

Read memory from address 0xb3c0 and show 4 hex uint32_t values.
(gdb) x/4xw 0xb3c0 (lldb) memory read --size 4 --format x --count 4 0xb3c0 (lldb) me r -s4 -fx -c4 0xb3c0 (lldb) x -s4 -fx -c4 0xb3c0

Disassemble the current func:on for the current frame.

(gdb) disassemble (lldb) disassemble --frame (lldb) di f // Show mixed source and disassembly (lldb) disassemble --frame --mixed (lldb) di -f -m
Dawid Planeta | Technology Development 50

iOS Debugging | Part I

More LLDB commands

h`p://lldb.llvm.org/

iOS Debugging | Part I

Dawid Planeta | Technology Development

51

iOS Debugging Part II

PART I

- The xCode debugging environments - Excep:on and Symbolic Breakpoints - Edi:ng and Managing Breakpoints - Breakpoint Ac:ons - Breakpoint commands

PART II
- - - - - - Python Scrip:ng Custom LLDB Command XPC debugging OpenGL ES Debugging UIWebViews Debugging Core Data Debugging

PART III

- Targe:ng debugging - Con:nuous Integra:on Debugging - Hacking and Securing iOS Applica:ons

Thank you and welcome to the second part

iOS Debugging | Part I

Dawid Planeta | Technology Development

52