最新项目有一些BUG。莫名奇怪。
网上给出的都是要DSYM文件的。我之前项目没有生成DSYM文件。
用之前的办法找了一些。对于一些古怪的BUG不清楚不好用。
我写一个崩溃的例子:
[self doesNotRecognizeSelector:@selector(xxx)];
很明显。这里会崩溃:
_CFRunLoopError_RunCalledWithInvalidMode to debug. This message will only appear once per execution.
2017-05-23 13:16:14.564712+0800 ShangXin[236:5197] UMLOG: error: session_id=2EDD98E50F32B02D719C97C632C05FD8, context=-[SXHomeViewController xxx]: unrecognized selector sent to instance 0x101528c40
(null)
((
0 CoreFoundation 0x0000000186026ff0 + 148
1 libobjc.A.dylib 0x0000000184a88538 objc_exception_throw + 56
2 CoreFoundation 0x000000018602def4 + 0
3 ShangXin 0x0000000100402198 -[SXHomeViewController viewDidLoad] + 84
4 ShangXin 0x00000001006017b8 __vcViewDidLoad + 480
5 UIKit 0x000000018c155f9c + 1036
6 UIKit 0x000000018c20e0c4 + 72
7 UIKit 0x000000018c20df9c + 416
8 UIKit 0x000000018c20d2cc + 144
9 UIKit 0x000000018c20cd00 + 856
10 UIKit 0x000000018c20c8b4 + 64
11 UIKit 0x000000018c20c818 + 188
12 UIKit 0x000000018c153158 + 1200
13 QuartzCore 0x0000000189343274 + 148
14 QuartzCore 0x0000000189337de8 + 292
15 QuartzCore 0x0000000189337ca8 + 32
16 QuartzCore 0x00000001892b3360 + 252
17 QuartzCore 0x00000001892da3c0 + 504
18 QuartzCore 0x00000001892dae8c + 120
19 CoreFoundation 0x0000000185fd49a0 + 32
20 CoreFoundation 0x0000000185fd2628 + 372
21 CoreFoundation 0x0000000185f02db4 CFRunLoopRunSpecific + 456
22 UIKit 0x000000018c1c045c + 652
23 UIKit 0x000000018c1bb130 UIApplicationMain + 208
24 ShangXin 0x00000001004af6b8 main + 124
25 libdyld.dylib 0x0000000184f1159c + 4
)
dSYM UUID: A558F24E-26FD-31B3-B23D-241289FF6D44
CPU Type: arm64
Slide Address: 0x0000000100000000
Binary Image: ShangXin
Base Address: 0x00000001000a0000
2017-05-23 13:16:14.591106+0800 ShangXin[236:5197] UMLOG: session: session_id=2EDD98E50F32B02D719C97C632C05FD8, duration=10.790535
上图Xcode 已经帮我定位到是-[SXHomeViewController viewDidLoad] + 84的位置。
(lldb) image list -o -f
[ 0] 0x00000000000a0000 /Users/zhangxiaoliang/Library/Developer/Xcode/DerivedData/ShangXin-fqfhhkkpshfleqeggllubtmnpskg/Build/Products/Debug-iphoneos/ShangXin.app/ShangXin
[ 1] 0x0000000101298000 /Users/zhangxiaoliang/Library/Developer/Xcode/iOS DeviceSupport/10.3 (14E277)/Symbols/usr/lib/dyld
[ 2] 0x00000000049e0000 /Users/zhangxiaoliang/Library/Developer/Xcode/iOS DeviceSupport/10.3 (14E277)/Symbols/usr/lib/libc++.1.dylib
[ 3] 0x0000000101320000 /Users/zhangxiaoliang/Library/Developer/Xcode/DerivedData/ShangXin-fqfhhkkpshfleqeggllubtmnpskg/Build/Products/Debug-iphoneos/ShangXin.app/Frameworks/RevealServer.framework/RevealServer
[ 4] 0x00000000049e0000 /Users/zhangxiaoliang/Library/Developer/Xcode/iOS DeviceSupport/10.3 (14E277)/Symbols/usr/lib/libz.1.dylib
[ 5] 0x00000000049e0000 /Users/zhangxiaoliang/Library/Developer/Xcode/iOS DeviceSupport/10.3 (14E277)/Symbols/System/Library/Frameworks/MobileCoreServices.framework/MobileCoreServices
[ 6] 0x00000000049e0000 /Users/zhangxiaoliang/Library/Developer/Xcode/iOS DeviceSupport/10.3 (14E277)/Symbols/System/Library/Frameworks/AudioToolbox.framework/AudioToolbox
[ 7] 0x00000000049e0000 /Users/zhangxiaoliang/Library/Developer/Xcode/iOS DeviceSupport/10.3 (14E277)/Symbols/System/Library/Frameworks/AssetsLibrary.framework/AssetsLibrary
[ 8] 0x00000000049e0000 /Users/zhangxiaoliang/Library/Developer/Xcode/iOS DeviceSupport/10.3 (14E277)/Symbols/System/Library/Frameworks/AVFoundation.framework/AVFoundation
[ 9] 0x00000000049e0000 /Users/zhangxiaoliang/Library/Developer/Xcode/iOS DeviceSupport/10.3 (14E277)/Symbols/System/Library/Frameworks/ImageIO.framework/ImageIO
[ 10] 0x00000000049e0000 /Users/zhangxiaoliang/Library/Developer/Xcode/iOS DeviceSupport/10.3
此处省略N个动静态库的偏移信息
镜像地址如上:不知道为什么xcode 没给出 偏移后的地址。
其实上面的有个这样的信息:
Slide Address: 0x0000000100000000
Binary Image: ShangXin
Base Address: 0x00000001000a0000
Base Address: 0x00000001000a0000 = Slide Address: 0x0000000100000000 + 0x00000000000a0000 ;
0x00000000000a0000是随机值,每次都不一样。Slide Address 在ios 貌似永远是0x0000000100000000。和hoper 里面里面 从0x0000000100000000开始 是一样的。
上面:
3 ShangXin 0x0000000100402198 -[SXHomeViewController viewDidLoad] + 84
就是崩溃点,崩溃信息 永远都是最后的APPName 地址处导致崩溃。其他都是都是苹果的动静态库,是没有错的。
上面的stack 地址 : 0x0000000100402198 = -[SXHomeViewController viewDidLoad] +84;
0x0000000100402198 - randomization地址(0x00000000000a000) = -[SXHomeViewController viewDidLoad] (hopper 里面的地址,内存中的地址是要 减去 0x00000000000a000) + 86(此处要换算为16进制);
有图有证据:
0000000100362144 + 0x54(86) = 0x0000000100402198 - randomization地址(0x00000000000a000);
定位到汇编的 0000000100362198 ldur x1, [x29, #0xffffffe8]
所以我们可以这样找崩溃信息,虽有一点偏差,差一行代码。
手机上的显示崩溃日志跟这个稍微不一样:
Last Exception Backtrace:
0 CoreFoundation 0x186026fd8 __exceptionPreprocess + 124
1 libobjc.A.dylib 0x184a88538 objc_exception_throw + 56
2 CoreFoundation 0x18602def4 -[NSObject(NSObject) doesNotRecognizeSelector:] + 140
3 ShangXin 0x100406198 0x1000a4000 + 3547544
4 ShangXin 0x1006057b8 0x1000a4000 + 5642168
发现此处 :
3 ShangXin 0x100406198 0x1000a4000 + 3547544
4 ShangXin 0x1006057b8 0x1000a4000 + 5642168
0x100406198 = 0x1000a4000 + 0x362198 (3547544)
苹果给出 镜像 地址列表和xcode 里面不一样:
Binary Images:
0x1000a4000 - 0x100923fff ShangXin arm64 /var/containers/Bundle/Application/D1A648DA-6D9F-490D-913A-ABE73433F222/ShangXin.app/ShangXin
直接给出了偏移后的地址。
xocde 里面只会给出偏移随机值;
所以要从手机上看出的日志在hopper里面找 是这样的: 0x1000a4000 - 0xa4000 + 0x362198(3547544) ;
0x1000a4000 - 0xa4000(randomization地址)+ 0x362198(3547544) = -[SXHomeViewController viewDidLoad](hopper 里面的地址0x100362144) +0x54 (86(此处要换算为16进制))
。我们来看看友盟怎么给我们传回数据呢
可能是我打开了生成DYSM文件吧。这个直接在hopper 搜 0x100362198 即可找到崩溃位置。但是大多时候给我的是内存地址。
最后总结下:
Base Address = Slide Address + 偏移;
stack address = 函数地址+ 代码偏移(函数内部偏移) ;
stack address = Base Address + 函数偏移(hopper中位置 - 0x100000000 (Slide Address)) +代码偏移(函数内部偏移);
xcode:
直接在xocde里面根据崩溃函数名找,或者用 stack address - app可执行文件(偏移),在hopper里面看。
手机崩溃日志:
stack address - 偏移在hopper 找,偏移 = Base Address - Slide Address, Slide Address貌似永远是0x100000000;
友盟:
直接根据 崩溃的地址找