Anyone have any idea how to glean some information from a stackshot collected in production? Specifically, whether it's possible and how to identify the main thread and figure out what code is being executed by it?
Gleaning Information from Stackshots
On what platform?
Share and Enjoy
—
Quinn “The Eskimo!”
Apple Developer Relations, Developer Technical Support, Core OS/Hardware
let myEmail = "eskimo" + "1" + "@apple.com"iOS
Anyone have any idea how to glean some information from a stackshot collected in production?
Apple does not publish any tools for this. However, the format is (relatively) plain text so if you’re feeling adventurous you should be able to make progress.
Note I didn’t use any Apple internal info to craft this response; I just opened the file and poked around.
IMPORTANT As this format is not documented, don’t hard-code knowledge about it into your product.
Here’s what I did:
Finding your process is easy: get the
dictionary and search for an entry whoseprocessByPid
matches.procnameWithin that, that’s a
dictionary that lists all of the threads.threadByIdWithin each of those, there’s a
array that lists the frame in the backtrace. Each entry looks like it contains an offset and a base address.userFramesAt the end of the stackshot you’ll find a
key that lists the UUID and load address of each image. There’s also some mysterious flags (binaryImages
,K
,C
,A
) that I don’t fully grok but I think thatP
refers to images that are unique to a process andP
stands for stuff that’s in the dyld shared segment.C
The above should be enough to allow you to do manual symbolication. You can use
binaryImagesatosShare and Enjoy
—
Quinn “The Eskimo!”
Apple Developer Relations, Developer Technical Support, Core OS/Hardware
let myEmail = "eskimo" + "1" + "@apple.com"