LLDB動態(tài)調試

進入斷點模式

常用指令

  • 查看當前斷點
breakpoint list / break l
當前斷點
  • 通過方法名加斷點
breakpoint set --name getNum
  • 通過sel加斷點
breakpoint set --selector touchesBegan:withEvent:
  • 通過不完整的sel加斷點
breakpoint set --func-regex getNu
  • 刪除斷點
breakpoint delete 8
  • 斷點下一步執(zhí)行
    • continue(c) - 過掉這個斷點
    • step(s) - 往下執(zhí)行一步,遇到嵌套函數(shù)會進入
    • next(n) - 往下執(zhí)行一步,遇到嵌套函數(shù)直接執(zhí)行掉這個函數(shù)
  • 禁用斷點 & 啟動斷點
breakpoint disable 2  /  breakpoint dis 2
breakpoint enable 2
  • 執(zhí)行代碼expression / p
(lldb) p num
(NSInteger) $0 = 3
  • po 是 expression -O ( --object-description NSObject 的 description 方法 ) 的簡寫
(lldb) po num
3
  • 查看函數(shù)調用棧
(lldb) bt
* thread #1, queue = 'com.apple.main-thread', stop reason = breakpoint 2.1
  * frame #0: 0x000000010f426710 LLDB調試`-[ViewController getNum](self=0x00007fd805d107d0, _cmd="getNum") at ViewController.m:29:13
    frame #1: 0x000000010f4266bb LLDB調試`-[ViewController touchesBegan:withEvent:](self=0x00007fd805d107d0, _cmd="touchesBegan:withEvent:", touches=1 element, event=0x0000600000d85320) at ViewController.m:24:21
  • 跳轉前一個/后一個方法,up/down
(lldb) up
frame #1: 0x000000010f4266bb LLDB調試`-[ViewController touchesBegan:withEvent:](self=0x00007fd805d107d0, _cmd="touchesBegan:withEvent:", touches=1 element, event=0x0000600000d85320) at ViewController.m:24:21
   21   
   22   - (void)touchesBegan:(NSSet<UITouch *> *)touches withEvent:(UIEvent *)event {
   23       NSLog(@"我來了");
-> 24       NSInteger num = [self getNum];
                            ^
   25       NSLog(@"%ld", num);
   26   }
   27   
(lldb) down
frame #0: 0x000000010f426710 LLDB調試`-[ViewController getNum](self=0x00007fd805d107d0, _cmd="getNum") at ViewController.m:29:13
   26   }
   27   
   28   - (NSInteger)getNum {
-> 29       return  arc4random()%10+1;
                    ^
   30   }
   31   
   32   @end
  • 通過編號跳轉對應方法
frame select 5
  • 查看方法參數(shù)
frame variable
  • 查看當前加載的庫 image list
(lldb) image list
[  0] B9970493-7622-3728-A35A-BADBEAA5978D 0x0000000106935000 /Users/liumingfei/Library/Developer/Xcode/DerivedData/LLDB調試-dtexkkvfffircsgsiivncltrmcgy/Build/Products/Debug-iphonesimulator/LLDB調試.app/LLDB調試 
[  1] CE635DB2-D47E-3C05-A0A3-6BD982E7E750 0x0000000110338000 /usr/lib/dyld 
[  2] 528E1F55-F655-3533-99B9-7EAE1DAE5D07 0x000000010693f000 /Applications/Xcode.app/Contents/Developer/Platforms/iPhoneOS.platform/Developer/Library/CoreSimulator/Profiles/Runtimes/iOS.simruntime/Contents/Resources/RuntimeRoot/usr/lib/dyld_sim 
[  3] 30153EA5-45E2-334A-99DF-6E79D88AB4D0 0x0000000106c2b000 /Applications/Xcode.app/Contents/Developer/Platforms/iPhoneOS.platform/Developer/Library/CoreSimulator/Profiles/Runtimes/iOS.simruntime/Contents/Resources/RuntimeRoot/System/Library/Frameworks/Foundation.framework/Foundation 
[  4] 83003EB9-EC0F-3743-871E-ED786CDAAFC7 0x0000000107207000 /Applications/Xcode.app/Contents/Developer/Platforms/iPhoneOS.platform/Developer/Library/CoreSimulator/Profiles/Runtimes/iOS.simruntime/Contents/Resources/RuntimeRoot/usr/lib/libobjc.A.dylib 
[  5] 5D4D8F98-6E5B-31E1-94EA-3839C26E223F 0x0000000107b3d000 /Applications/Xcode.app/Contents/Developer/Platforms/iPhoneOS.platform/Developer/Library/CoreSimulator/Profiles/Runtimes/iOS.simruntime/Contents/Resources/RuntimeRoot/usr/lib/libSystem.B.dylib
  • 查看類的信息 image lookup -t 類名
(lldb) image lookup -t LObject
1 match found in /Users/liumingfei/Library/Developer/Xcode/DerivedData/LLDB調試-dtexkkvfffircsgsiivncltrmcgy/Build/Products/Debug-iphonesimulator/LLDB調試.app/LLDB調試:
id = {0x40000002b}, name = "LObject", byte-size = 24, decl = LObject.h:13, compiler_type = "@interface LObject : NSObject{
    NSString * _flag;
    NSInteger _tag;
}
@property ( getter = flag,setter = setFlag:,readwrite,copy,nonatomic ) NSString * flag;
@property ( getter = tag,setter = setTag:,assign,readwrite,nonatomic ) NSInteger tag;
@end"
  • 逆向常用指令
@interface LObject : NSObject

@property (nonatomic, copy) NSString *flag;
@property (nonatomic, assign) NSInteger tag;
- (void)lDescribtion;

@end

@interface ViewController ()
@property (nonatomic, retain) LObject *to;
@end

@implementation ViewController

- (void)viewDidLoad {
    [super viewDidLoad];
    // Do any additional setup after loading the view.
    self.to = [[LObject alloc] init];
    self.to.tag = 22;
    self.to.flag = @"normal";
    NSLog(@"我來了");
}

- (void)touchesBegan:(NSSet<UITouch *> *)touches withEvent:(UIEvent *)event {
    self.to.flag = @"special";
}

@end

1.添加內存斷點
在NSLog處加斷點,然后控制臺執(zhí)行指令watchpoint set variable self->_to->_flag

(lldb) watchpoint set variable self->_to->_flag
Watchpoint created: Watchpoint 1: addr = 0x6000018e7448 size = 8 state = enabled type = w
    watchpoint spec = 'self->_to->_flag'
    new value: 0x00000001016cc078
2020-03-26 10:17:21.657879+0800 LLDB調試[80028:2548356] 我來了

Watchpoint 1 hit:
old value: 0x00000001016cc078
new value: 0x00000001016cc0b8
(lldb) po 0x00000001016cc078
normal

(lldb) po 0x00000001016cc0b8
special
  1. 通過內存地址添加斷點
    還是在NSLog處添加斷點,然后獲取flag的內存地址,在通過watchpoint set expression下斷點
(lldb) p &self->_to->_flag
(NSString **) $0 = 0x0000600003da8328
(lldb) watchpoint set expression 0x0000600003da8328
Watchpoint created: Watchpoint 1: addr = 0x600003da8328 size = 8 state = enabled type = w
    new value: 4495532152
2020-03-26 10:31:12.151198+0800 LLDB調試[80318:2565697] 我來了

Watchpoint 1 hit:
old value: 4495532152
new value: 4495532216
(lldb) po 4495532152
normal

(lldb) po 4495532216
special

生活如此美好,今天就點到為止。。。

?著作權歸作者所有,轉載或內容合作請聯(lián)系作者
【社區(qū)內容提示】社區(qū)部分內容疑似由AI輔助生成,瀏覽時請結合常識與多方信息審慎甄別。
平臺聲明:文章內容(如有圖片或視頻亦包括在內)由作者上傳并發(fā)布,文章內容僅代表作者本人觀點,簡書系信息發(fā)布平臺,僅提供信息存儲服務。

相關閱讀更多精彩內容

友情鏈接更多精彩內容