Debugging dyld under OS X

Question

I've got some obscure errors in an OS X program concerning the loading and unloading and symbol bindings of dynamically loaded libraries. First attempts to analyse the problem by using the DYLD_PRINT_* environment variables failed.

I solved similar problems under GNU/Linux by installing the glibc with debug symbols and the corresponding sources. Since the sources for dyld are also available, something similar must be possible under OS X.

How do I have to proceed in order to set up a debugging session and step through the sources of dyld in order to understand what went wrong with the program? Is it possible to start an application using a different hand-crafted dyld?

Answer 1

You can set a symbolic breakpoint of dyld`dyldbootstrap::start.

So, Symbol is "dyldbootstrap::start", and Module is "dyld".

Actually, we can set a symbolic breakpoint of dyld`_dyld_start, and we can see it enabled after the process launched, but it won't be hit.

Answer 2

Yes, and it's actually designed to be this way. You can drop your custom dyld in the file system, making sure its LC_ID_DYLINKER command is set properly. Then, to use it, edit the Mach-O you are loading so that its LC_LOAD_DYLINKER points to it.

Mind you, it's possible to just step through dyld anyway without all this - use lldb and do process launch -s , then you can single step right through dyld as well, albeit in assembly.

Caveat: Don't touch or move the /usr/lib/dyld in the process - but rather drop the custom dyld side by side to it. Since virtually everything requires dyld, moving it can be a pain to undo (and requires booting with a ramdisk and mounting the root file system as a secondary just so as to issue the correcting mv..)