MallocCheckHeap is stack address or symbol address ?

Developer Tools & Services Xcode
ZoGo996 OP
Created Nov ’21
Replies 2
Boosts 0
Views 1.2k
Participants 1

Target Platform: iphone xr

XCode: 12.4

After setting

"Enable Malloc Scribble" "Malloc Guard Edges" "Goard Malloc"

in Diagnostics and

"MallocCheckHeapEach=1" "MallocCheckHeapSleep=100" "MallocCheckHeapStart=100000"

in Environment Variables

Start up the app on iphone and I get the following information:

xxxx(1394,0x16f933000) malloc: *** MallocCheckHeap: FAILED check at operation #7444968

Stack for last operation where the malloc check succeeded: 0x1aefaed70 0x1aefa2f94 0x112f20540 0x1e904e76c 0x1e905a5e8 0x1e9054bf4 0x1e9035fc0 0x1b5ec57c4 0x112f216c0 0x112f25000 0x112f24e7c 0x1b5ec5268 0x1b5ed1348 0x1b5ed0e40 0x1a0b103f8 0x1a0b0e9a4 0x1a07a751c 0x1a0aef310 0x1a07afb74 0x1a07b6d38 0x1a0b1511c 0x1a0b12b28 0x1a02c2cc8 0x1a02bbac4 0x1a02bc7b0 0x1a0336028 0x1a02bb3c0 0x1a0336b60 0x1a0335344 0x1a03354c0 0x112f1fbcc 0x112f216c0 0x112f29354 0x112f2a0f4 0x112f2b5e4 0x112f36644 0x1e901c804 0x1e902375c  (Use 'atos' for a symbolic stack)

xxxx(1394,0x16f933000) malloc: *** Will sleep for 100 seconds to leave time to attach

xxxx(1394,0x16f933000) malloc: *** check: incorrect tiny region 44, counter=28255155

*** invariant broken for tiny block 0x13628fea0 this msize=0 - size is too small

xxxx(1394,0x16f933000) malloc: *** set a breakpoint in malloc_error_break to debug

xxxx(1394,0x16f933000) malloc: *** sleeping to help debug

Q.1 "Stack for last operation where the malloc check succeeded" means what ?

Q.2 the address is 'stack address' ? e.g 0x1aefaed70. Following the hints "(Use 'atos' for a symbolic stack) ", I get nothing for 0x1aefaed70

$atos -o ./DerivedData/Build/Products/Debug-iphoneos/xxxx.app.dSYM/Contents/Resources/DWARF/xxxx -arch arm64 -l 0x10225c000 0x10225c000 0x0000000100000000 (in xxxx)

$atos -o ./DerivedData/Build/Products/Debug-iphoneos/xxxx.app.dSYM/Contents/Resources/DWARF/xxxx -arch arm64 -l 0x10225c000 0x1aefaed70 0x1aefaed70 (nothing)

0x10225c000 is load adress getting from AppDelegate after app start up.

  uint32_t numImages = _dyld_image_count();
  for (uint32_t i = 0; i < numImages; i++) {
    const struct mach_header *header = _dyld_get_image_header(i);
    const char *name = _dyld_get_image_name(i);
    const char *p = strrchr(name, '/');
    if (p && (strcmp(p + 1, "xxxx") == 0 || strcmp(p + 1, "libXxx.dylib") == 0)) {
      NSLog(@"module=%s, address=%p", p + 1, header);
    }
  }
   ```
Replies  2
Boosts  0
Views  1.2k
Participants  1
ZoGo996 OP
Nov ’21

sry, the format above has some mistakes~

0
ZoGo996 OP
Dec ’21

the formated information is as followed: (underline is command result , $ is begining of command)

---------

$atos -o ./DerivedData/Build/Products/Debug-iphoneos/xxxx.app.dSYM/Contents/Resources/DWARF/xxxx -arch arm64 -l 0x10225c000 0x10225c000

0x0000000100000000 (in xxxx)

---------

$atos -o ./DerivedData/Build/Products/Debug-iphoneos/xxxx.app.dSYM/Contents/Resources/DWARF/xxxx -arch arm64 -l 0x10225c000 0x1aefaed70

__0x1aefaed70__

(nothing shown)

0
MallocCheckHeap is stack address or symbol address ?
First post date Last post date
 
 
Q