GitXplorerGitXplorer
t

llmdb

public
9 stars
0 forks
0 issues

Commits

List of commits on branch master.
Unverified
d04a1aebb8dce73043dee16528726faf7d0ff39f

add bang operator

ttjfontaine committed 9 years ago
Unverified
7c88ba1c8b076cbeee2f93bc7b9769c1dafc7ced

page output

ttjfontaine committed 9 years ago
Unverified
8c0b56c07e696a3c8857d7425b56d4b118ab2049

actually test which command

ttjfontaine committed 9 years ago
Unverified
a9d8e80e22dea80da6d91bd06aa37675d13c1f99

add which command

ttjfontaine committed 9 years ago
Unverified
8ceeed94de361ca044acb03c5a834dea258e63c9

add nm command

ttjfontaine committed 9 years ago
Unverified
cc736c63c2d8ea87e2293c7edd6829ddf1f1699c

start supporting expressions

ttjfontaine committed 9 years ago

README

The README file for this repository.

Overview

llmdb is "mdb for lldb", in other words a modular shell pipeline approach to debugging.

Example

$ make install
$ . ./venv/bin/activate
$ llmdb -c /cores/core.22702 ./test
> ::walk thread | ::stack
Thread #1
frame #0: 0x00007fff8e3310ae libsystem_kernel.dylib`__pthread_kill + 10
frame #1: 0x00007fff8cce6500 libsystem_pthread.dylib`pthread_kill + 90
frame #2: 0x00007fff96b0737b libsystem_c.dylib`abort + 129
frame #3: 0x000000010a1ccf40 test`foobar(argv=0x00007fff55a33698) + 48 at t.c:6
frame #4: 0x000000010a1ccf58 test`main(argc=1, argv=0x00007fff55a33698) + 24 at t.c:10
frame #5: 0x00007fff9ba0e5ad libdyld.dylib`start + 1
frame #6: 0x00007fff9ba0e5ad libdyld.dylib`start + 1
> 

Notes

True to how mdb works, llmdb interprets numbers as hex unless otherwise given an explicit input format. The expression 1000,10 is equivalent to 0x1000,0x10

Number formatting:

  • ['0i', '0I', '0b', '0B'] are interpreted as binary
  • ['0o', '0O'] are interpreted as octal
  • ['0t', '0T'] are interpreted as decimal
  • ['0x', '0X'] are interpreted as hexidecimal

Works

  • defining commands and walkers
  • loading modules
  • paged output
  • repeat expressions
  • pipelined commands
  • bang operator (redirect output to shell pipeline)
  • ::nm ! grep foobar | less

Commands

  • ::dump -- display arbitrary regions of mapped memory
  • missing ascii representation
  • still needs to align and dedupe memory it reads
  • ::walkers -- list walkers
  • ::walk -- execute given walker
  • ::which -- describe which module a command comes from
  • ::stack -- for a given thread id (0 based index) print backtrace
  • ::nm -- list all symbols for the target
  • missing options to limit and search output
  • ::print -- print the address contents
  • this is currently just a wrapper around lldb's print so passing type information is required
  • ::lldb -- execute arbitrary lldb command
  • if you're missing functionality from llmdb but know how to do it in lldb

Walkers

  • ::walk thread

TODO

  • semi-colon parsing
  • dot expressions
  • argparse style decorator for command option parsing
  • format expressions (i.e. 0xffffff/nap)
  • as many commands as we can
  • attach
  • branches
  • cat
  • cpuregs / cpustack
  • disasm / dismode
  • dump's arguments
  • echo
  • eval
  • files
  • formats
  • fpregs
  • grep
  • list
  • log
  • map
  • mappings
  • nm's arguments, and add/del
  • objects
  • offsetof
  • print's arguments and type deduction
  • quit
  • regs
  • release
  • sizeof
  • stack's arguments
  • status
  • tls
  • unload
  • non-tty interaction
  • aliases for $ and : commands

Known Issues

  • prompt not always immediately restored on output that doesn't fill paged window