I have a crash dump which will not symbolicate normally - when I drag it into the Xcode organizer or manually run symbolicatecrash the system symbols show up, but the application instruction addresses are all untouched.
I tried using atos to work around this problem, but the result I got was:
got symbolicator for myarchive.xcarchive/Products/Applications/MyApp.app/MyApp, base address 4000
___lldb_unnamed_function2115$$MyApp (in MyApp) + 992
___lldb_unnamed_function2096$$MyApp (in MyApp) + 66
___lldb_unnamed_function6053$$MyApp (in MyApp) + 348
___lldb_unnamed_function6064$$MyApp (in MyApp) + 162
___lldb_unnamed_function6002$$MyApp (in MyApp) + 18
___lldb_unnamed_function1029$$MyApp (in MyApp) + 416
___lldb_unnamed_function2280$$MyApp (in MyApp) + 106
___lldb_unnamed_function2272$$MyApp (in MyApp) + 198
___lldb_unnamed_function400$$MyApp (in MyApp) + 96
___lldb_unnamed_function1$$MyApp (in MyApp) + 36
The address currently getting mapped to ___lldb_unnamed_function1$$MyApp (in MyApp) + 36
should correspond to my root invocation in main.m. Obviously, I don't know what the others should be, but I'm guessing that if one is wrong they're all wrong. What could cause this? Does ___lldb_unnamed_function normally appear anywhere other than functions embedded in blocks?
Unfortunately, this will make for a long question, but since it could be an error in calculating the load offset of the app binary I'll list the steps that I followed to yield the above output.
I used dwarfdump -u myarchive.xcarchive/Products/Applications/MyApp.app/MyApp
to verify that I am using the correct binary:
UUID: BA41E9A3-4BB5-3F8A-8D57-0D16447FFEC6 (armv7) myarchive.xcarchive/Products/Applications/MyApp.app/MyApp
UUID: A6E0970C-05FE-3A79-887D-84F3892637FD (armv7s) myarchive.xcarchive/Products/Applications/MyApp.app/MyApp
The UUID in the crash dump matches the first one:
Binary Images:
0x97000 - 0x3cefff +MyApp armv7 <ba41e9a34bb53f8a8d570d16447ffec6> /var/mobile/Applications/AF97EC52-7A2F-4772-AA05-74E739BA6882/MyApp.app/MyApp
This line also lists the load offset as 0x97000 and the architecture as armv7. The addresses I'm interested in are:
1 MyApp 0x001357dc 0x97000 + 649180
2 MyApp 0x00134446 0x97000 + 644166
3 MyApp 0x00240cec 0x97000 + 1744108
4 MyApp 0x002416ea 0x97000 + 1746666
5 MyApp 0x0023e2de 0x97000 + 1733342
6 MyApp 0x000de724 0x97000 + 292644
7 MyApp 0x00144f1a 0x97000 + 712474
8 MyApp 0x00144336 0x97000 + 709430
27 MyApp 0x000b1024 0x97000 + 106532
28 MyApp 0x0009d464 0x97000 + 25700
So I ran xcrun atos -l 0x97000 -arch armv7 -o myarchive.xcarchive/Products/Applications/MyApp.app/MyApp 0x001357dc 0x00134446 0x00240cec 0x002416ea 0x0023e2de 0x000de724 0x00144f1a 0x00144336 0x000b1024 0x0009d464
, which gave me the output above.
Note: since this didn't look correct, I thought perhaps I needed to manually subtract the slide value. I obtained it from the app bundle with xcrun otool -arch armv7 -l myarchive.xcarchive/Products/Applications/MyApp.app/MyApp
:
Load command 0
cmd LC_SEGMENT
cmdsize 56
segname __PAGEZERO
vmaddr 0x00000000
vmsize 0x00004000
fileoff 0
filesize 0
maxprot 0x00000000
initprot 0x00000000
nsects 0
flags 0x0
Load command 1
cmd LC_SEGMENT
cmdsize 736
segname __TEXT
vmaddr 0x00004000
vmsize 0x00338000
fileoff 0
filesize 3375104
maxprot 0x00000005
initprot 0x00000005
nsects 10
<snip>
However, rerunning the command with -l 0x93000 gave me a very similar result:
got symbolicator for /Users/arkaaito/Library/Developer/Xcode/Archives/2013-11-07/Zoomingo 11-7-13, 2.14 PM.xcarchive/Products/Applications/Zoomingo.app/Zoomingo, base address 4000
___lldb_unnamed_function2166$$Zoomingo (in Zoomingo) + 684
___lldb_unnamed_function2160$$Zoomingo (in Zoomingo) + 182
___lldb_unnamed_function6165$$Zoomingo (in Zoomingo) + 164
___lldb_unnamed_function6176$$Zoomingo (in Zoomingo) + 46
___lldb_unnamed_function6114$$Zoomingo (in Zoomingo) + 70
___lldb_unnamed_function1129$$Zoomingo (in Zoomingo) + 28
___lldb_unnamed_function2305$$Zoomingo (in Zoomingo) + 2446
___lldb_unnamed_function2302$$Zoomingo (in Zoomingo) + 3714
___lldb_unnamed_function476$$Zoomingo (in Zoomingo) + 512
___lldb_unnamed_function85$$Zoomingo (in Zoomingo) + 532
You have to call atos
with the dSYM
package, not the app bundle since that normally has the symbols stripped!
So the call is:
xcrun atos -l 0x97000 -arch armv7 -o myarchive.xcarchive/dSYMs/MyApp.app.dSYM 0x001357dc 0x00134446 0x00240cec 0x002416ea 0x0023e2de 0x000de724 0x00144f1a 0x00144336 0x000b1024 0x0009d464