Search code examples
iossymbolicatecrash

atos gives ___lldb_unnamed_function


I have a crash dump which will not symbolicate normally - when I drag it into the Xcode organizer or manually run symbolicatecrash the system symbols show up, but the application instruction addresses are all untouched.

I tried using atos to work around this problem, but the result I got was:

got symbolicator for myarchive.xcarchive/Products/Applications/MyApp.app/MyApp, base address 4000
___lldb_unnamed_function2115$$MyApp (in MyApp) + 992
___lldb_unnamed_function2096$$MyApp (in MyApp) + 66
___lldb_unnamed_function6053$$MyApp (in MyApp) + 348
___lldb_unnamed_function6064$$MyApp (in MyApp) + 162
___lldb_unnamed_function6002$$MyApp (in MyApp) + 18
___lldb_unnamed_function1029$$MyApp (in MyApp) + 416
___lldb_unnamed_function2280$$MyApp (in MyApp) + 106
___lldb_unnamed_function2272$$MyApp (in MyApp) + 198
___lldb_unnamed_function400$$MyApp (in MyApp) + 96
___lldb_unnamed_function1$$MyApp (in MyApp) + 36

The address currently getting mapped to ___lldb_unnamed_function1$$MyApp (in MyApp) + 36 should correspond to my root invocation in main.m. Obviously, I don't know what the others should be, but I'm guessing that if one is wrong they're all wrong. What could cause this? Does ___lldb_unnamed_function normally appear anywhere other than functions embedded in blocks?

Unfortunately, this will make for a long question, but since it could be an error in calculating the load offset of the app binary I'll list the steps that I followed to yield the above output.

I used dwarfdump -u myarchive.xcarchive/Products/Applications/MyApp.app/MyApp to verify that I am using the correct binary:

UUID: BA41E9A3-4BB5-3F8A-8D57-0D16447FFEC6 (armv7) myarchive.xcarchive/Products/Applications/MyApp.app/MyApp

UUID: A6E0970C-05FE-3A79-887D-84F3892637FD (armv7s) myarchive.xcarchive/Products/Applications/MyApp.app/MyApp

The UUID in the crash dump matches the first one:

Binary Images:
   0x97000 -   0x3cefff +MyApp armv7  <ba41e9a34bb53f8a8d570d16447ffec6> /var/mobile/Applications/AF97EC52-7A2F-4772-AA05-74E739BA6882/MyApp.app/MyApp

This line also lists the load offset as 0x97000 and the architecture as armv7. The addresses I'm interested in are:

1   MyApp                               0x001357dc 0x97000 + 649180
2   MyApp                               0x00134446 0x97000 + 644166
3   MyApp                               0x00240cec 0x97000 + 1744108
4   MyApp                               0x002416ea 0x97000 + 1746666
5   MyApp                               0x0023e2de 0x97000 + 1733342
6   MyApp                               0x000de724 0x97000 + 292644
7   MyApp                               0x00144f1a 0x97000 + 712474
8   MyApp                               0x00144336 0x97000 + 709430
27  MyApp                               0x000b1024 0x97000 + 106532
28  MyApp                               0x0009d464 0x97000 + 25700

So I ran xcrun atos -l 0x97000 -arch armv7 -o myarchive.xcarchive/Products/Applications/MyApp.app/MyApp 0x001357dc 0x00134446 0x00240cec 0x002416ea 0x0023e2de 0x000de724 0x00144f1a 0x00144336 0x000b1024 0x0009d464, which gave me the output above.

Note: since this didn't look correct, I thought perhaps I needed to manually subtract the slide value. I obtained it from the app bundle with xcrun otool -arch armv7 -l myarchive.xcarchive/Products/Applications/MyApp.app/MyApp:

Load command 0
      cmd LC_SEGMENT
  cmdsize 56
  segname __PAGEZERO
   vmaddr 0x00000000
   vmsize 0x00004000
  fileoff 0
 filesize 0
  maxprot 0x00000000
 initprot 0x00000000
   nsects 0
    flags 0x0
Load command 1
      cmd LC_SEGMENT
  cmdsize 736
  segname __TEXT
   vmaddr 0x00004000
   vmsize 0x00338000
  fileoff 0
 filesize 3375104
  maxprot 0x00000005
 initprot 0x00000005
   nsects 10
<snip>

However, rerunning the command with -l 0x93000 gave me a very similar result:

got symbolicator for /Users/arkaaito/Library/Developer/Xcode/Archives/2013-11-07/Zoomingo 11-7-13, 2.14 PM.xcarchive/Products/Applications/Zoomingo.app/Zoomingo, base address 4000
___lldb_unnamed_function2166$$Zoomingo (in Zoomingo) + 684
___lldb_unnamed_function2160$$Zoomingo (in Zoomingo) + 182
___lldb_unnamed_function6165$$Zoomingo (in Zoomingo) + 164
___lldb_unnamed_function6176$$Zoomingo (in Zoomingo) + 46
___lldb_unnamed_function6114$$Zoomingo (in Zoomingo) + 70
___lldb_unnamed_function1129$$Zoomingo (in Zoomingo) + 28
___lldb_unnamed_function2305$$Zoomingo (in Zoomingo) + 2446
___lldb_unnamed_function2302$$Zoomingo (in Zoomingo) + 3714
___lldb_unnamed_function476$$Zoomingo (in Zoomingo) + 512
___lldb_unnamed_function85$$Zoomingo (in Zoomingo) + 532

Solution

  • You have to call atos with the dSYM package, not the app bundle since that normally has the symbols stripped!

    So the call is:

    xcrun atos -l 0x97000 -arch armv7 -o myarchive.xcarchive/dSYMs/MyApp.app.dSYM 0x001357dc 0x00134446 0x00240cec 0x002416ea 0x0023e2de 0x000de724 0x00144f1a 0x00144336 0x000b1024 0x0009d464