如何在模拟器上获取 ios 应用 运行 的加载地址
How to get the load address of an ios app running on simulator
没有加载地址就不可能 运行 atos 在二进制文件上正确。我正在 (lldb) 中调试一个 iOS 应用程序,该应用程序报告了一条诊断消息(线程清理程序报告),其中包含如下地址列表:
1 ==================
2 ^[[1m^[[31mWARNING: ThreadSanitizer: data race (pid=90559)
3 ^[[1m^[[0m^[[1m^[[34m Write of size 4 at 0x000113050868 by thread T35:
4 ^[[1m^[[0m #0 <null> <null>:2 (MyApp):x86_64+0x100d5963b)
5 #1 <null> <null>:2 (MyApp):x86_64+0x100d5b09b)
6 #2 <null> <null>:2 (MyApp):x86_64+0x100d59c3b)
7 #3 <null> <null>:2 (MyApp):x86_64+0x100d59f1b)
8 #4 <null> <null>:2 (MyApp):x86_64+0x10806a8b3)
9 #5 <null> <null>:2 (MyApp):x86_64+0x10725557f)
10 #6 <null> <null>:2 (MyApp):x86_64+0x106c406e3)
11 #7 <null> <null>:2 (MyApp):x86_64+0x1081cfe78)
12 #8 <null> <null>:2 (MyApp):x86_64+0x107d076b1)
13 #9 <null> <null>:2 (MyApp):x86_64+0x1081d1f1d)
14 #10 <null> <null>:2 (MyApp):x86_64+0x1081d2206)
15 #11 <null> <null>:2 (MyApp):x86_64+0x107d0735b)
16 #12 <null> <null>:2 (MyApp):x86_64+0x107d05dc9)
17 #13 <null> <null>:2 (MyApp):x86_64+0x108375009)
18 #14 __tsan::invoke_and_release_block(void*) <null>:2 (libclang_rt.tsan_iossim_dynamic.dylib:x86_64+0x7428b)
19 #15 _dispatch_client_callout <null>:2 (libdispatch.dylib:x86_64+0x4c0b)
20
21 ^[[1m^[[34m Previous write of size 4 at 0x000113050868 by thread T6:
22 ^[[1m^[[0m #0 <null> <null>:2 (MyApp):x86_64+0x100d5963b)
23 #1 <null> <null>:2 (MyApp):x86_64+0x100d5b09b)
24 #2 <null> <null>:2 (MyApp):x86_64+0x100d59c3b)
25 #3 <null> <null>:2 (MyApp):x86_64+0x100d59f1b)
26 #4 <null> <null>:2 (MyApp):x86_64+0x10806a8b3)
27 #5 <null> <null>:2 (MyApp):x86_64+0x10725557f)
28 #6 <null> <null>:2 (MyApp):x86_64+0x107255c6f)
29 #7 <null> <null>:2 (MyApp):x86_64+0x1072520ca)
30 #8 <null> <null>:2 (MyApp):x86_64+0x10727f576)
31 #9 <null> <null>:2 (MyApp):x86_64+0x1072c8ded)
32 #10 <null> <null>:2 (MyApp):x86_64+0x1072c70e3)
33 #11 <null> <null>:2 (MyApp):x86_64+0x1072c90b7)
34 #12 <null> <null>:2 (MyApp):x86_64+0x1072b8b4f)
35 #13 <null> <null>:2 (MyApp):x86_64+0x1072b907a)
36 #14 <null> <null>:2 (MyApp):x86_64+0x108375009)
37 #15 __tsan::invoke_and_release_block(void*) <null>:2 (libclang_rt.tsan_iossim_dynamic.dylib:x86_64+0x7428b)
38 #16 _dispatch_client_callout <null>:2 (libdispatch.dylib:x86_64+0x4c0b)
39
40 ^[[1m^[[32m Location is global '<null>' at 0x000000000000 (MyApp)+0x00010c9d2868)
41
42 ^[[1m^[[0m^[[1m^[[36m Thread T35 (tid=65692125, running) is a GCD worker thread
43
44 ^[[1m^[[0m^[[1m^[[36m Thread T6 (tid=65688838, running) is a GCD worker thread
45
46 ^[[1m^[[0mSUMMARY: ThreadSanitizer: data race (MyApp):x86_64+0x100d5963b)
例如,我可以在 lldb 会话中执行 image lookup -va 0x100d5963b。我认为那太乏味了。有没有办法通过将此报告放入文件中来获取加载地址,以便我可以 运行 atos 在所有地址上?
lldb 有
target module lookup -a 显示模块名称及其加载地址的标志。
例如,
Address: MyApp[0x0000000109b99868] (MyApp.__TEXT.__cstring + 75576)
Summary: "foo"
还有一个flag用来列出所有模块及其加载地址:
target module list
请注意它会打印 所有 模块及其加载地址,您可能需要 grep 查找您要查找的模块。
没有加载地址就不可能 运行 atos 在二进制文件上正确。我正在 (lldb) 中调试一个 iOS 应用程序,该应用程序报告了一条诊断消息(线程清理程序报告),其中包含如下地址列表:
1 ==================
2 ^[[1m^[[31mWARNING: ThreadSanitizer: data race (pid=90559)
3 ^[[1m^[[0m^[[1m^[[34m Write of size 4 at 0x000113050868 by thread T35:
4 ^[[1m^[[0m #0 <null> <null>:2 (MyApp):x86_64+0x100d5963b)
5 #1 <null> <null>:2 (MyApp):x86_64+0x100d5b09b)
6 #2 <null> <null>:2 (MyApp):x86_64+0x100d59c3b)
7 #3 <null> <null>:2 (MyApp):x86_64+0x100d59f1b)
8 #4 <null> <null>:2 (MyApp):x86_64+0x10806a8b3)
9 #5 <null> <null>:2 (MyApp):x86_64+0x10725557f)
10 #6 <null> <null>:2 (MyApp):x86_64+0x106c406e3)
11 #7 <null> <null>:2 (MyApp):x86_64+0x1081cfe78)
12 #8 <null> <null>:2 (MyApp):x86_64+0x107d076b1)
13 #9 <null> <null>:2 (MyApp):x86_64+0x1081d1f1d)
14 #10 <null> <null>:2 (MyApp):x86_64+0x1081d2206)
15 #11 <null> <null>:2 (MyApp):x86_64+0x107d0735b)
16 #12 <null> <null>:2 (MyApp):x86_64+0x107d05dc9)
17 #13 <null> <null>:2 (MyApp):x86_64+0x108375009)
18 #14 __tsan::invoke_and_release_block(void*) <null>:2 (libclang_rt.tsan_iossim_dynamic.dylib:x86_64+0x7428b)
19 #15 _dispatch_client_callout <null>:2 (libdispatch.dylib:x86_64+0x4c0b)
20
21 ^[[1m^[[34m Previous write of size 4 at 0x000113050868 by thread T6:
22 ^[[1m^[[0m #0 <null> <null>:2 (MyApp):x86_64+0x100d5963b)
23 #1 <null> <null>:2 (MyApp):x86_64+0x100d5b09b)
24 #2 <null> <null>:2 (MyApp):x86_64+0x100d59c3b)
25 #3 <null> <null>:2 (MyApp):x86_64+0x100d59f1b)
26 #4 <null> <null>:2 (MyApp):x86_64+0x10806a8b3)
27 #5 <null> <null>:2 (MyApp):x86_64+0x10725557f)
28 #6 <null> <null>:2 (MyApp):x86_64+0x107255c6f)
29 #7 <null> <null>:2 (MyApp):x86_64+0x1072520ca)
30 #8 <null> <null>:2 (MyApp):x86_64+0x10727f576)
31 #9 <null> <null>:2 (MyApp):x86_64+0x1072c8ded)
32 #10 <null> <null>:2 (MyApp):x86_64+0x1072c70e3)
33 #11 <null> <null>:2 (MyApp):x86_64+0x1072c90b7)
34 #12 <null> <null>:2 (MyApp):x86_64+0x1072b8b4f)
35 #13 <null> <null>:2 (MyApp):x86_64+0x1072b907a)
36 #14 <null> <null>:2 (MyApp):x86_64+0x108375009)
37 #15 __tsan::invoke_and_release_block(void*) <null>:2 (libclang_rt.tsan_iossim_dynamic.dylib:x86_64+0x7428b)
38 #16 _dispatch_client_callout <null>:2 (libdispatch.dylib:x86_64+0x4c0b)
39
40 ^[[1m^[[32m Location is global '<null>' at 0x000000000000 (MyApp)+0x00010c9d2868)
41
42 ^[[1m^[[0m^[[1m^[[36m Thread T35 (tid=65692125, running) is a GCD worker thread
43
44 ^[[1m^[[0m^[[1m^[[36m Thread T6 (tid=65688838, running) is a GCD worker thread
45
46 ^[[1m^[[0mSUMMARY: ThreadSanitizer: data race (MyApp):x86_64+0x100d5963b)
例如,我可以在 lldb 会话中执行 image lookup -va 0x100d5963b。我认为那太乏味了。有没有办法通过将此报告放入文件中来获取加载地址,以便我可以 运行 atos 在所有地址上?
lldb 有
target module lookup -a 显示模块名称及其加载地址的标志。
例如,
Address: MyApp[0x0000000109b99868] (MyApp.__TEXT.__cstring + 75576)
Summary: "foo"
还有一个flag用来列出所有模块及其加载地址:
target module list
请注意它会打印 所有 模块及其加载地址,您可能需要 grep 查找您要查找的模块。