• Open Menu Close Menu
  • Apple
  • Shopping Bag
  • Apple
  • Mac
  • iPad
  • iPhone
  • Watch
  • TV
  • Music
  • Support
  • Search apple.com
  • Shopping Bag

Lists

Open Menu Close Menu
  • Terms and Conditions
  • Lists hosted on this site
  • Email the Postmaster
  • Tips for posting to public mailing lists
Re: [SOLVED BUT UNEXPLAINED] Framework load address from an exception log
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [SOLVED BUT UNEXPLAINED] Framework load address from an exception log

  • Subject: Re: [SOLVED BUT UNEXPLAINED] Framework load address from an exception log
  • From: Wim Lewis <email@hidden>
  • Date: Wed, 13 Mar 2013 14:17:25 -0700
On 13 Mar 2013, at 1:37 PM, Jerry Krinock wrote:
> Thanks to Nick Blievers who replied, off-list accidentally, I have an answer for this.  We don't understand it, but it works, at least in this case.
>
> The part of the call stack that I needed to symbolize is this:
>
> 2   CoreFoundation   0x00007fff907c234a -[NSArray arrayByAddingObject:] + 138
> 3   MyFramework      0x0000000100152704 MyFramework + 614850
> 4   MyFramework      0x0000000100152cd5 MyFramework + 616339
> 5   MyFramework      0x00000001000395db MyFramework + 202203
> 6   Foundation       0x00007fff92f34677 __NSThreadPerformPerform + 225
>
> Find at the *lowest* call in MyFramework, line 5 in this case.  As Nick pointed out to me,
>
> 0x00000001000395db - 202203 = 0x100008000
>
> Voila!  0x100008000 is the actual load address of the framework.  Simply use this when calculating the address for each line, including line 5, ask gdb for its info, and you get answers that call one another as expected.  And at the top lies bug I was looking for.
>
> Can anyone explain why this works, and generalize its applicability?


Hmm, I thought I knew, but on further examination, I don't.

My guess is that if the symbolizer doesn't find any function names, it uses the first address in the text segment and pretends there's a function named "MyFramework" (or whatever) that starts there. So, line 5 says: the program counter was at 0x00000001000395db, which is 202203 bytes into the "function" named MyFramework.

Equivalently, line 1 says, "I was at address 0x00007fff907c234a, which was 138 bytes into the -arrayByAddingObject: function", so you could compute the slide for CoreFoundation by finding its address for -[NSArray arrayByAddingObject:], adding 138, and subtracting from 0x00007fff907c234a.

However, my theory doesn't explain why lines 3 and 4 don't give the same answer as line 5: they give a slide of 0x1000bc542, which isn't even an integral number of pages. Maybe the fake "MyFramework" symbol is sometimes placed at some internal boundary instead? Is there anything interesting at offset 0xb4542 in MyFramework?



 _______________________________________________
Do not post admin requests to the list. They will be ignored.
Xcode-users mailing list      (email@hidden)
Help/Unsubscribe/Update your Subscription:

This email sent to email@hidden
  • Follow-Ups:
    • Re: [SOLVED BUT UNEXPLAINED] Framework load address from an exception log
      • From: Jerry Krinock <email@hidden>
    • Re: [SOLVED BUT UNEXPLAINED] Framework load address from an exception log
      • From: Nick Blievers <email@hidden>
References: 
 >Framework load address from an exception log? (From: Jerry Krinock <email@hidden>)
 >[SOLVED BUT UNEXPLAINED] Framework load address from an exception log (From: Jerry Krinock <email@hidden>)

  • Prev by Date: [SOLVED BUT UNEXPLAINED] Framework load address from an exception log
  • Next by Date: Re: [SOLVED BUT UNEXPLAINED] Framework load address from an exception log
  • Previous by thread: [SOLVED BUT UNEXPLAINED] Framework load address from an exception log
  • Next by thread: Re: [SOLVED BUT UNEXPLAINED] Framework load address from an exception log
  • Index(es):
    • Date
    • Thread