1

I'm tracing a OS X application, I hope can find a way like this way on iOS:

lldb Xcode: error: 'printf' is not a valid command

Is there a way to do like this? I tried

expr -- (void)printf("[%s, %s]\n",(char *) object_getClassName(*(long*)($esp+4)), (char *) *(long *)($esp+8) )

I think OS X is used 64bit registers. So this command cann't work(Indeed, it doesn't work). How should I write this command? Or there is a simple way to do the same? Just tracing the class and method called

Community
  • 1
  • 1
Kevin Lee
  • 282
  • 3
  • 13

1 Answers1

9

The command you quote above is only correct for iOS Simulator apps which run as i386 processes on the Mac. $esp+4 means the first argument, $esp+8 means the second argument passed in the i386 ABI. On x86_64 and arm, the first few arguments are passed in registers with the $arg1, $arg2 convenience names. So try

p (void)printf("[%s, %s]\n", (char*)object_getClassName($arg1), $arg2)

for arm/x86_64 architectures. (of course, p is an alias for expr -- here - same thing, just less typing.)

Jason Molenda
  • 14,835
  • 1
  • 59
  • 61
  • It seems that printf doesn't print something in lldb(like (char*)object_getClassName($arg1), it works). How can I got a output print? – Kevin Lee May 03 '13 at 00:28
  • What are you debugging? An iOS project running on a device? A GUI Mac app (x86_64 presumably)? A command line mac program using the command line lldb? Attaching to a running process? You're running `printf` in your actual program when you do this so the output is going to go where ever `stdout` prints go ... – Jason Molenda May 03 '13 at 03:51
  • BTW you don't need to print via printf. You could just say `p (char*) object_getClassName($arg1)` and `p $arg2` in lldb and avoid the hassle of where the program's output is going. – Jason Molenda May 03 '13 at 04:01
  • thx, I'm debugging a GUI Mac app with Xcode attaching. Now I got how to print. Thanks a lot. – Kevin Lee May 03 '13 at 05:34
  • @JasonMolenda not sure if that still works. I get: "error: Execution was interrupted, reason: EXC_BAD_ACCESS (code=1, address=0x10004005). The process has been returned to the state before expression evaluation." – Snowcrash Mar 12 '15 at 12:29