18

I apologize for the likely trivial question but I am running into a wall as Google gives me the same non-applicable answers over and over.

I am trying to set a breakpoint in LLDB. After reading the documentation, the options available to me are to either stop on a certain line in the source or on a certain symbol.

What I want to do is set a breakpoint on a certain memory location.

Not read-or-write to that memory location either but simply breaking when the instruction at that location is about to be executed.

In Pseudocode:

break 0x00010000

breaks when EIP points to 0x00010000.

How can I do this?

0x90
  • 6,079
  • 2
  • 36
  • 55

2 Answers2

30

breakpoint set has an address option; you would type help breakpoint set to see all of them. For your specific example,

(lldb) br s -a 0x10000

(You can always use shorter versions of command names in lldb that are unambiguous so typing out breakpoint set isn't necessary)

Jason Molenda
  • 14,835
  • 1
  • 59
  • 61
  • 1
    When I try to add the address breakpoint , it successfully adds it but never stop anywhere before crash (I am trying to see if someone else is trying to access that memory before crash happens) . Any idea? – Shikha Shah Mar 08 '18 at 16:19
  • I also have this issue. To reproduce, compile a hello world executable with debugging info. Run `sudo lldb ./a.out` and then `b main` followed by `run`. As expected, the program stops before any of the code in `main` executes. Now try restarting lldb and entering `b 0x100000f6f` (or whatever address is reported for `main` by the preceding command). Following `run`, the program now completes its execution without breaking. – foldl May 26 '18 at 11:29
  • ^ This is on OS X 10.13.4, clang-902.0.39.1, lldb-902.0.79.2. – foldl May 26 '18 at 11:37
  • I found that the following sequence of actions works, for whatever reason. Set breakpoint. Run code. Set breakpoint again at same location. Run again. On the second `run`, execution breaks as expected. – foldl May 26 '18 at 12:07
  • 3
    For others like me: If you want to break on a read/write to memory, see https://stackoverflow.com/questions/21063995/watch-points-on-memory-address. – Sebastian Ärleryd Jul 24 '18 at 22:46
1

The alternative is to use "process launch --stop-at-entry ...". This will allow you to set breakpoints after the program is launched and then "continue" will let you stop on your first breakpoint. Interestingly (testing in Ubuntu) using --stop-at-entry takes a lot longer to start (~3 seconds). I need to use this on OS X and maybe it will be quicker there.

Ray Seyfarth
  • 11
  • 2