I'm in Xcode using the gdb debugger, I just don't understand the error messages I am getting, they seem to change after every run too.
Here is a snippet of the code that is being shown:
0x001e8975 <+0006> sub $0xc,%esp
0x001e8978 <+0009> call 0x1e897d <prepareForMethodLookup+14>
0x001e897d <+0014> pop %edi
0x001e897e <+0015> mov 0x8(%ebp),%esi
0x001e8981 <+0018> mov 0x10(%esi),%eax
0x001e8984 <+0021> and $0xfffffffc,%eax
0x001e8987 <+0024> cmpl $0x0,(%eax)
0x001e898a <+0027> js 0x1e89d2 <prepareForMethodLookup+99>
0x001e898c <+0029> mov 0xfe697(%edi),%ebx
0x001e8992 <+0035> cmpl $0x0,(%ebx)
0x001e8995 <+0038> je 0x1e89aa <prepareForMethodLookup+59>
0x001e8997 <+0040> cmpl $0x2,0x103df7(%edi)
The line in the middle there is where the green arrow seems to be pointing. I just don't fully understand what it means. I'd paste some of the code, but I'm not entairly sure where the actual problem is, and theres a lot of code. It's probably a noob question, or I may not have explained it very well, but I'd appreciate the help.
Do you have exception breakpoints enabled?
Press CMD-6 while in XCode
This should change you from project explorer to breakpoints on your left hand tab
Click the little + at the bottom left of the page and "Add Exception Breakpoint", this adds a breakpoint for all exceptions that happen in the app.
I'm not sure why they're not on by default, it's a little annoying!
This may help you track down the problem you're facing.
Related
I studied the game code and came across the PurchaseDocument class and method, they send requests to the server, I tried to mark the request using Charles, it didn’t work, but disassembling the game code, the requests go to the server.
Here is the request sent to the server:
I'm interested in the part with Expression Attrinute Value "N"
Here is a part of the disassembled code that is responsible for the part highlighted in the request:
The address of the line in memory is written to the "x1" register, but the debugger does not work for me to find out immediately what the address is.
I will be happy if they help me with the problem, my experience with arm is very small
Let's focus on the "but the debugger does not work for me to find out immediately what the address is."
I assume you do have access to a jailbroken device and can install lldb on it.
In this code (adjusting for executable load address changing under ASLR):
0x013e0c80 adrp x8, 0x2d71000
0x013e0c84 nop //set breakpoint here
0x013e0c88 ldr x1, [x8, #0x250] //or here
You can inspect the memory like this:
x $x8+0x250
In iOS, I copy memory use the code below:
memcpy(code, oriAddress , 100);
where oriAddress point to text segment(a funtion's address). My problem is ,the memory in oriAddress is not the same with in code. How this happen?
Before the arm instruction ldrh execute, the value pointed by 0x2a305ad4 is 0xb5f0. But after ldrh execute,the value of r0 is not 0xb5f0.
It’s my fault. I set a BreakPoint to the address,And lldb change the value pointed by the address. So the value is the BreakPoint code.
I've been working on a small app, actually in final staging of polish and debug.
I made few small changes to NSUserDefaults storage, which were very minor changes.
However, every time I try to run the app on iPod I get a weird LLDB error, without any further info, like which file, library etc... I set up breakpoints in application:didFinishLoadingWithOptions, but the error is before that?? The app is stuck on splashscreen.
Dump if it is on any help...
Thread 1: EXC_BAD_ACCESS (code=2, address=0x2fd77d4c)
0x2fd77d4c: svchs #14122336
0x2fd77d50: svchs #14122908
0x2fd77d54: svchs #14122923
0x2fd77d58: svchs #14122954
0x2fd77d5c: andeq r0, r0, r0
0x2fd77d60: rsbvc r7, r1, #49283072
0x2fd77d64: rsbvs r6, pc, #3008
0x2fd77d68: svchs #6646889
Does an empty project works with your iPOD? If the answer is yes, comment out all codes you wrote then uncomment it part by part to find which part caused this issue, vise versa.
It's always effective to slice suspect codes to pieces when you can't locate the issue.
I have spent quite some time trying to trace this problem and read multiple suggestion from others with the same problem. I deal with a large code base so finding the problem without some hints is like looking for a needle in a hay stack.
On of the suggestion I read is to add a break point on *malloc_error_break* - but how do I do that. I understand that I have to add a symbolic break point but I'm not sure what exactly to enter in the two text fields, Symbol and Module?
I tried to enable Malloc Scribble and Malloc Guard Edges - but none of it results in any break point or crashes.
If I enable Zombie Objects the programs stops crashing but there is nothing in the output log showing any problems.
Finally I tried to enable Guard Malloc. I understand that it only works with the simulator so I tries that - but the problem is that the programs crashes in the start up phase before any line in my program is executed:
0x958e0cd4 <+0000> mov 0x4(%esp),%eax
0x958e0cd8 <+0004> mov %gs:0x0(,%eax,4),%eax < Crash
0x958e0ce0 <+0012> ret
and the call stack looks like this:
pthread_getspecific
__dyld__dyld_start
I'm not sure what I'm doing wrong here?
To add a breakpoint on malloc_error_break, simply stop in the debugger and type b malloc_error_break at the "gdb" or "lldb" prompt.
I'm getting the following error while trying to run an iOS app I'm developing:
appname(6097,0x3e835d98) malloc: *** error for object 0x20104600: pointer being freed was not allocated
*** set a breakpoint in malloc_error_break to debug
How can I find out which call to free() generated this error? If I add a breakpoint for malloc_error_break, the whole stack trace I get is a call to "malloc_error_break" which looks like this:
libsystem_c.dylib`malloc_error_break:
0x32f20fa8: push {r7, lr} < Thread 1: breakpoint 1.1
0x32f20faa: mov r7, sp
0x32f20fac: nop
0x32f20fae: nop
0x32f20fb0: pop {r7, pc}
0x32f20fb2: nop
If I don't add a breakpoint for malloc_error_break, I get a similarly useless stack trace, but this time with just a __pthread_kill and an assembler instruction.
Is there anything else I can do to get a better idea about the code that generated this error?
I have just created a new project called "Test" with the following main method:
void* data = malloc(100);
free(data);
free(data);
Then I open "Product->Edit Scheme", click on the "Test.app" tab and click on "Diagnostics". Then I select "Enable Guard Malloc".
Now, if I run the application, I get a break on the second free.