GitXplorerGitXplorer
t

llmdb

public
9 stars
0 forks
0 issues

Commits

List of commits on branch master.
Unverified
8d9236f9de06411076d148be3cc8528f19c1f676

start of something like mappings

ttjfontaine committed 9 years ago
Unverified
5e8d8ee51da1b7433e5287f21da071c438de680e

quick test app

ttjfontaine committed 9 years ago
Unverified
de2fcfde977fe16e15f3669d222f7d989a5fa47b

add list of TODO commands

ttjfontaine committed 9 years ago
Unverified
0559d5cdb4390a010e6247f154d6c754933f6cb4

update usage

ttjfontaine committed 9 years ago
Unverified
a8c9fc476b5ed483c7905a31f54f556ea8ac70ab

add some makefile helpers

ttjfontaine committed 9 years ago
Unverified
4402ac627f7a9a6c099da20873fefb2fbea8ae03

make the project seem more pythonic

ttjfontaine committed 9 years ago

README

The README file for this repository.

Overview

llmdb is "mdb for lldb", in other words a modular shell pipeline approach to debugging.

Example

$ make install
$ . ./venv/bin/activate
$ llmdb -c /cores/core.22702 ./test
> ::walk thread | ::stack
Thread #1
frame #0: 0x00007fff8e3310ae libsystem_kernel.dylib`__pthread_kill + 10
frame #1: 0x00007fff8cce6500 libsystem_pthread.dylib`pthread_kill + 90
frame #2: 0x00007fff96b0737b libsystem_c.dylib`abort + 129
frame #3: 0x000000010a1ccf40 test`foobar(argv=0x00007fff55a33698) + 48 at t.c:6
frame #4: 0x000000010a1ccf58 test`main(argc=1, argv=0x00007fff55a33698) + 24 at t.c:10
frame #5: 0x00007fff9ba0e5ad libdyld.dylib`start + 1
frame #6: 0x00007fff9ba0e5ad libdyld.dylib`start + 1
>

Notes

True to how mdb works, llmdb interprets numbers as hex unless otherwise given an explicit input format. The expression 1000,10 is equivalent to 0x1000,0x10

Number formatting:

  • ['0i', '0I', '0b', '0B'] are interpreted as binary
  • ['0o', '0O'] are interpreted as octal
  • ['0t', '0T'] are interpreted as decimal
  • ['0x', '0X'] are interpreted as hexidecimal

Works

  • defining commands and walkers
  • loading modules
  • paged output
  • repeat expressions
  • pipelined commands
  • bang operator (redirect output to shell pipeline)
  • ::nm ! grep foobar | less

Commands

  • ::dump -- display arbitrary regions of mapped memory
  • missing ascii representation
  • still needs to align and dedupe memory it reads
  • ::walkers -- list walkers
  • ::walk -- execute given walker
  • ::which -- describe which module a command comes from
  • ::stack -- for a given thread id (0 based index) print backtrace
  • ::nm -- list all symbols for the target
  • missing options to limit and search output
  • ::print -- print the address contents
  • this is currently just a wrapper around lldb's print so passing type information is required
  • ::lldb -- execute arbitrary lldb command
  • if you're missing functionality from llmdb but know how to do it in lldb

Walkers

  • ::walk thread

TODO

  • semi-colon parsing
  • dot expressions
  • argparse style decorator for command option parsing
  • format expressions (i.e. 0xffffff/nap)
  • as many commands as we can
  • attach
  • branches
  • cat
  • cpuregs / cpustack
  • disasm / dismode
  • dump's arguments
  • echo
  • eval
  • files
  • formats
  • fpregs
  • grep
  • list
  • log
  • map
  • mappings
  • nm's arguments, and add/del
  • objects
  • offsetof
  • print's arguments and type deduction
  • quit
  • regs
  • release
  • sizeof
  • stack's arguments
  • status
  • tls
  • unload
  • non-tty interaction
  • aliases for $ and : commands

Known Issues

  • prompt not always immediately restored on output that doesn't fill paged window