lldb memory read error on Mac

Question

I'm experimenting with lldb and I wrote a simple C application. I want to debug it in terminal using lldb. When I want to see the stack frame, i get a memory read error:

(lldb) target create "./auth_overflow"
Current executable set to './auth_overflow' (x86_64).
(lldb) br s -l 25
Breakpoint 1: where = auth_overflow`main + 69 at auth_overflow.c:25, address = 0x0000000100000e25
(lldb) br s -l 9
Breakpoint 2: where = auth_overflow`check_authentication + 47 at auth_overflow.c:9, address = 0x0000000100000d5f
(lldb) br s -l 16
Breakpoint 3: where = auth_overflow`check_authentication + 138 at auth_overflow.c:16, address = 0x0000000100000dba
(lldb) run AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
Process 413 launched: './auth_overflow' (x86_64)
Process 413 stopped
* thread #1: tid = 0x33d2, 0x0000000100000e25 auth_overflow`main(argc=2, argv=0x00007fff5fbffcc0) + 69 at auth_overflow.c:25, queue = 'com.apple.main-thread', stop reason = breakpoint 1.1
    frame #0: 0x0000000100000e25 auth_overflow`main(argc=2, argv=0x00007fff5fbffcc0) + 69 at auth_overflow.c:25
   22               exit(0);
   23           }
   24       
-> 25       if(check_authentication(argv[1])) {
   26               printf("\n-=-=-=-=-=-=-=-=-=-=-=-=-=-\n");
   27               printf(" Access Granted.\n");
   28               printf("-=-=-=-=-=-=-=-=-=-=-=-=-=-\n");
(lldb) re r esp
     esp = 0x5fbffc70
(lldb) x/16xw $esp
error: memory read failed for 0x5fbffc00
(lldb) 

What do you suggest , I should do?

EDIT : Actually I don't want to debug the application, just to see how it works on lower level. Because of this I'd like to see the content of the current stack frame, something like this:

(lldb) x/16xw $esp
0xbffff7e0: 0xb8000ce0 0x00000002 0x00000000 0xb7fd6ff4
0xbffff7f0: 0x40f5f7f0 0x00000000 0x00000002 0x08048474
0xbffff800: 0x08048510 0xbffff874 0x00000001 0x00000001
0xbffff810: 0xbffff848 0x00000000 0xb8000ff4 0x08048371
(lldb)

Answer 1

This:

Current executable set to './auth_overflow' (x86_64).

shows you're on a 64 bit machine. That being the case, you want the 64 bit rsp register, not the 32 bit esp register. esp will give you the least significant 32 bits of the contents of rsp , which in this case is obviously not yielding a valid address for you.

x/16xw $rsp

is what you're looking for.

Sample LLDB session:

paul@horus:~/Documents/src/sandbox$ lldb ./testldb
(lldb) target create "./testldb"
Current executable set to './testldb' (x86_64).
(lldb) list testldb.c
   1    #include <stdio.h>
   2    
   3    void func(int i) {
   4        printf("In func() with value %d\n", i);
   5    }
   6    
   7    int main(void) {
   8        func(3);
   9        return 0;
   10   }
   11   
(lldb) b testldb.c:4
Breakpoint 1: where = testldb`func + 18 at testldb.c:4, address = 0x0000000100000f22
(lldb) run
Process 48270 launched: './testldb' (x86_64)
Process 48270 stopped
* thread #1: tid = 0xb8dbca, 0x0000000100000f22 testldb`func(i=3) + 18 at testldb.c:4, queue = 'com.apple.main-thread', stop reason = breakpoint 1.1
    frame #0: 0x0000000100000f22 testldb`func(i=3) + 18 at testldb.c:4
   1    #include <stdio.h>
   2    
   3    void func(int i) {
-> 4        printf("In func() with value %d\n", i);
   5    }
   6    
   7    int main(void) {
(lldb) frame variable
(int) i = 3
(lldb) print &i
(int *) $0 = 0x00007fff5fbff9dc
(lldb) register read $rsp
     rsp = 0x00007fff5fbff9d0
(lldb) x/16xw $rsp
0x7fff5fbff9d0: 0x00000000 0x00000000 0x00000000 0x00000003
0x7fff5fbff9e0: 0x5fbffa00 0x00007fff 0x00000f59 0x00000001
0x7fff5fbff9f0: 0x5fbffa18 0x00007fff 0x5fc0105e 0x00000000
0x7fff5fbffa00: 0x5fbffa18 0x00007fff 0x8fdc25fd 0x00007fff
(lldb)