The following content is half finished hence needs further polish.
Sometimes when our Apps crash, we fail to symbolicate the crash log, which will be looking like this:
Aug 12 15:18:53 FunMaker-SE ReportCrash[5115] <Error>: Process: QQ [5113]
Path: /private/var/containers/Bundle/Application/0B8733CF-9B1B-40C0-B8DF-AF91C874932B/QQ.app/QQ
OS Version: iOS 9.3.3 (13G34)
Aug 12 15:18:53 FunMaker-SE ReportCrash[5115] <Error>: Exception Type: EXC_CRASH (SIGSEGV)
Exception Codes: 0x0000000000000000, 0x0000000000000000
Exception Note: EXC_CORPSE_NOTIFY
Triggered by Thread: 1
Aug 12 15:18:53 FunMaker-SE ReportCrash[5115] <Error>: Global Trace Buffer (reverse chronological seconds):
0.325175 AppleJPEG 0x00000001828a226c [0x12f36cc00] Created session
1.878891 AppleJPEG 0x00000001828a2a88 [0x12f31a600] Releasing session
1.886274 AppleJPEG 0x00000001828a226c [0x12f31a600] Created session
2.465820 AppleJPEG 0x00000001828a2a88 [0x12f315400] Releasing session
2.471069 AppleJPEG 0x00000001828a4f28 [0x12f315400] Decoding completed without errors
2.471069 AppleJPEG 0x00000001828a30c0 [0x12f315400] Options: 140x140 [FFFFFFFF,FFFFFFFF] 0001D060
Aug 12 15:18:53 FunMaker-SE ReportCrash[5115] <Error>: Thread 0 name: Dispatch queue: com.apple.main-thread
Thread 0:
0 QQ 0x00000001001a2a50 0x100074000 + 1239632
1 QQ 0x00000001005c6aac 0x100074000 + 5581484
2 QQ 0x00000001005c6664 0x100074000 + 5580388
3 QQ 0x00000001004c2284 0x100074000 + 4514436
4 UIKit 0x00000001862f7030 0x185f8c000 + 3584048
5 UIKit 0x00000001862f7198 0x185f8c000 + 3584408
6 UIKit 0x00000001862e6298 0x185f8c000 + 3515032
7 UIKit 0x00000001862fbc64 0x185f8c000 + 3603556
8 UIKit 0x000000018608c8c4 0x185f8c000 + 1050820
9 QQ 0x00000001004b6f68 0x100074000 + 4468584
10 UIKit 0x0000000185f9c1e4 0x185f8c000 + 66020
11 QuartzCore 0x000000018392e98c 0x183920000 + 59788
12 QuartzCore 0x00000001839295c8 0x183920000 + 38344
13 QuartzCore 0x0000000183929488 0x183920000 + 38024
14 QuartzCore 0x0000000183928ab8 0x183920000 + 35512
15 QuartzCore 0x0000000183928818 0x183920000 + 34840
16 UIKit 0x0000000185f925f8 0x185f8c000 + 26104
17 CoreFoundation 0x0000000180df8728 0x180d18000 + 919336
18 CoreFoundation 0x0000000180df64cc 0x180d18000 + 910540
19 CoreFoundation 0x0000000180df68fc 0x180d18000 + 911612
20 CoreFoundation 0x0000000180d20c50 0x180d18000 + 35920
21 GraphicsServices 0x0000000182608088 0x1825fc000 + 49288
22 UIKit 0x000000018600a088 0x185f8c000 + 516232
23 QQ 0x000000010010694c 0x100074000 + 600396
24 libdyld.dylib 0x00000001808be8b8 0x1808bc000 + 10424
Aug 12 15:18:53 FunMaker-SE ReportCrash[5115] <Error>: Thread 1 Crashed:
0 libsystem_kernel.dylib 0x00000001809dcb48 0x1809c0000 + 117576
1 libsystem_pthread.dylib 0x0000000180aa5530 0x180aa4000 + 5424
2 libsystem_pthread.dylib 0x0000000180aa5020 0x180aa4000 + 4128
Aug 12 15:18:53 FunMaker-SE ReportCrash[5115] <Error>: Thread 2 name: Dispatch queue: com.apple.libdispatch-manager
Thread 2:
0 libsystem_kernel.dylib 0x00000001809dd4d8 0x1809c0000 + 120024
1 libdispatch.dylib 0x00000001808a07d8 0x18088c000 + 83928
2 libdispatch.dylib 0x000000018088f648 0x18088c000 + 13896
Aug 12 15:18:53 FunMaker-SE ReportCrash[5115] <Error>: Thread 3:
0 libsystem_kernel.dylib 0x00000001809dcb48 0x1809c0000 + 117576
1 libsystem_pthread.dylib 0x0000000180aa5530 0x180aa4000 + 5424
2 libsystem_pthread.dylib 0x0000000180aa5020 0x180aa4000 + 4128
Aug 12 15:18:53 FunMaker-SE ReportCrash[5115] <Error>: Thread 4 name: Blue frame monitor thread
Thread 4:
0 libsystem_kernel.dylib 0x00000001809c0fd8 0x1809c0000 + 4056
1 libsystem_kernel.dylib 0x00000001809c0e54 0x1809c0000 + 3668
2 CoreFoundation 0x0000000180df8c60 0x180d18000 + 920672
3 CoreFoundation 0x0000000180df6964 0x180d18000 + 911716
4 CoreFoundation 0x0000000180d20c50 0x180d18000 + 35920
5 CoreFoundation 0x0000000180d6e3a4 0x180d18000 + 353188
6 Foundation 0x0000000181817e4c 0x181724000 + 998988
7 libsystem_pthread.dylib 0x0000000180aa7b28 0x180aa4000 + 15144
8 libsystem_pthread.dylib 0x0000000180aa7a8c 0x180aa4000 + 14988
9 libsystem_pthread.dylib 0x0000000180aa5028 0x180aa4000 + 4136
Aug 12 15:18:53 FunMaker-SE ReportCrash[5115] <Error>: Thread 5 name: Blue stack monitor
Thread 5:
0 libsystem_kernel.dylib 0x00000001809c0fd8 0x1809c0000 + 4056
1 libsystem_kernel.dylib 0x00000001809c0e54 0x1809c0000 + 3668
2 CoreFoundation 0x0000000180df8c60 0x180d18000 + 920672
3 CoreFoundation 0x0000000180df6964 0x180d18000 + 911716
4 CoreFoundation 0x0000000180d20c50 0x180d18000 + 35920
5 CoreFoundation 0x0000000180d6e3a4 0x180d18000 + 353188
6 Foundation 0x0000000181817e4c 0x181724000 + 998988
7 libsystem_pthread.dylib 0x0000000180aa7b28 0x180aa4000 + 15144
8 libsystem_pthread.dylib 0x0000000180aa7a8c 0x180aa4000 + 14988
9 libsystem_pthread.dylib 0x0000000180aa5028 0x180aa4000 + 4136
Aug 12 15:18:53 FunMaker-SE ReportCrash[5115] <Error>: Thread 6 name: Dispatch queue: NSOperationQueue 0x12fdbdf60 :: NSOperation 0x12ff0d5b0 (QOS: USER_INTERACTIVE)
Thread 6:
0 libsystem_kernel.dylib 0x00000001809dbf24 0x1809c0000 + 114468
1 libsystem_pthread.dylib 0x0000000180aa6ce8 0x180aa4000 + 11496
2 Foundation 0x000000018178235c 0x181724000 + 385884
3 QQ 0x00000001008050ac 0x100074000 + 7934124
4 CoreFoundation 0x0000000180e48a60 0x180d18000 + 1247840
5 CoreFoundation 0x0000000180d40488 0x180d18000 + 165000
6 Foundation 0x00000001817fc9f4 0x181724000 + 887284
7 Foundation 0x000000018173ee48 0x181724000 + 110152
8 Foundation 0x00000001817fe934 0x181724000 + 895284
9 libdispatch.dylib 0x000000018088d47c 0x18088c000 + 5244
10 libdispatch.dylib 0x00000001808994c0 0x18088c000 + 54464
11 libdispatch.dylib 0x0000000180890f80 0x18088c000 + 20352
12 libdispatch.dylib 0x000000018089b390 0x18088c000 + 62352
13 libdispatch.dylib 0x000000018089b0b0 0x18088c000 + 61616
14 libsystem_pthread.dylib 0x0000000180aa5470 0x180aa4000 + 5232
15 libsystem_pthread.dylib 0x0000000180aa5020 0x180aa4000 + 4128
Aug 12 15:18:53 FunMaker-SE ReportCrash[5115] <Error>: Thread 7:
0 libsystem_kernel.dylib 0x00000001809c0fd8 0x1809c0000 + 4056
1 libsystem_kernel.dylib 0x00000001809c0e54 0x1809c0000 + 3668
2 CoreFoundation 0x0000000180df8c60 0x180d18000 + 920672
3 CoreFoundation 0x0000000180df6964 0x180d18000 + 911716
4 CoreFoundation 0x0000000180d20c50 0x180d18000 + 35920
5 CoreFoundation 0x0000000180d6e3a4 0x180d18000 + 353188
6 Foundation 0x0000000181817e4c 0x181724000 + 998988
7 libsystem_pthread.dylib 0x0000000180aa7b28 0x180aa4000 + 15144
8 libsystem_pthread.dylib 0x0000000180aa7a8c 0x180aa4000 + 14988
9 libsystem_pthread.dylib 0x0000000180aa5028 0x180aa4000 + 4136
Aug 12 15:18:53 FunMaker-SE ReportCrash[5115] <Error>: Thread 8 name: msfthread
Thread 8:
0 libsystem_kernel.dylib 0x00000001809c0fd8 0x1809c0000 + 4056
1 libsystem_kernel.dylib 0x00000001809c0e54 0x1809c0000 + 3668
2 CoreFoundation 0x0000000180df8c60 0x180d18000 + 920672
3 CoreFoundation 0x0000000180df6964 0x180d18000 + 911716
4 CoreFoundation 0x0000000180d20c50 0x180d18000 + 35920
5 Foundation 0x0000000181730cfc 0x181724000 + 52476
6 Foundation 0x0000000181786030 0x181724000 + 401456
7 QQ 0x00000001019bc358 0x100074000 + 26510168
8 Foundation 0x0000000181817e4c 0x181724000 + 998988
9 libsystem_pthread.dylib 0x0000000180aa7b28 0x180aa4000 + 15144
10 libsystem_pthread.dylib 0x0000000180aa7a8c 0x180aa4000 + 14988
11 libsystem_pthread.dylib 0x0000000180aa5028 0x180aa4000 + 4136
Aug 12 15:18:53 FunMaker-SE ReportCrash[5115] <Error>: Thread 9 name: msfsafethread
Thread 9:
0 libsystem_kernel.dylib 0x00000001809c0fd8 0x1809c0000 + 4056
1 libsystem_kernel.dylib 0x00000001809c0e54 0x1809c0000 + 3668
2 CoreFoundation 0x0000000180df8c60 0x180d18000 + 920672
3 CoreFoundation 0x0000000180df6964 0x180d18000 + 911716
4 CoreFoundation 0x0000000180d20c50 0x180d18000 + 35920
5 Foundation 0x0000000181730cfc 0x181724000 + 52476
6 Foundation 0x0000000181786030 0x181724000 + 401456
7 QQ 0x00000001019bbcf4 0x100074000 + 26508532
8 Foundation 0x0000000181817e4c 0x181724000 + 998988
9 libsystem_pthread.dylib 0x0000000180aa7b28 0x180aa4000 + 15144
10 libsystem_pthread.dylib 0x0000000180aa7a8c 0x180aa4000 + 14988
11 libsystem_pthread.dylib 0x0000000180aa5028 0x180aa4000 + 4136
Aug 12 15:18:53 FunMaker-SE ReportCrash[5115] <Error>: Thread 10:
0 libsystem_kernel.dylib 0x00000001809c0fd8 0x1809c0000 + 4056
1 libsystem_kernel.dylib 0x00000001809c0e54 0x1809c0000 + 3668
2 CoreFoundation 0x0000000180df8c60 0x180d18000 + 920672
3 CoreFoundation 0x0000000180df6964 0x180d18000 + 911716
4 CoreFoundation 0x0000000180d20c50 0x180d18000 + 35920
5 CoreFoundation 0x0000000180d6e3a4 0x180d18000 + 353188
6 QQ 0x000000010074ef10 0x100074000 + 7188240
7 Foundation 0x0000000181817e4c 0x181724000 + 998988
8 libsystem_pthread.dylib 0x0000000180aa7b28 0x180aa4000 + 15144
9 libsystem_pthread.dylib 0x0000000180aa7a8c 0x180aa4000 + 14988
10 libsystem_pthread.dylib 0x0000000180aa5028 0x180aa4000 + 4136
Aug 12 15:18:53 FunMaker-SE ReportCrash[5115] <Error>: Thread 11:
0 libsystem_kernel.dylib 0x00000001809c0fd8 0x1809c0000 + 4056
1 libsystem_kernel.dylib 0x00000001809c0e54 0x1809c0000 + 3668
2 CoreFoundation 0x0000000180df8c60 0x180d18000 + 920672
3 CoreFoundation 0x0000000180df6964 0x180d18000 + 911716
4 CoreFoundation 0x0000000180d20c50 0x180d18000 + 35920
5 CoreFoundation 0x0000000180d6e3a4 0x180d18000 + 353188
6 QQ 0x000000010074ef10 0x100074000 + 7188240
7 Foundation 0x0000000181817e4c 0x181724000 + 998988
8 libsystem_pthread.dylib 0x0000000180aa7b28 0x180aa4000 + 15144
9 libsystem_pthread.dylib 0x0000000180aa7a8c 0x180aa4000 + 14988
10 libsystem_pthread.dylib 0x0000000180aa5028 0x180aa4000 + 4136
Aug 12 15:18:53 FunMaker-SE ReportCrash[5115] <Error>: Thread 12:
0 libsystem_kernel.dylib 0x00000001809dc41c 0x1809c0000 + 115740
1 libsystem_c.dylib 0x00000001808f922c 0x1808ec000 + 53804
2 libsystem_c.dylib 0x00000001809620b8 0x1808ec000 + 483512
3 QQ 0x0000000100131e80 0x100074000 + 777856
4 Foundation 0x0000000181817e4c 0x181724000 + 998988
5 libsystem_pthread.dylib 0x0000000180aa7b28 0x180aa4000 + 15144
6 libsystem_pthread.dylib 0x0000000180aa7a8c 0x180aa4000 + 14988
7 libsystem_pthread.dylib 0x0000000180aa5028 0x180aa4000 + 4136
Aug 12 15:18:53 FunMaker-SE ReportCrash[5115] <Error>: Thread 13:
0 libsystem_kernel.dylib 0x00000001809dcb48 0x1809c0000 + 117576
1 libsystem_pthread.dylib 0x0000000180aa5530 0x180aa4000 + 5424
2 libsystem_pthread.dylib 0x0000000180aa5020 0x180aa4000 + 4128
Aug 12 15:18:53 FunMaker-SE ReportCrash[5115] <Error>: Thread 14:
0 libsystem_kernel.dylib 0x00000001809dcb48 0x1809c0000 + 117576
1 libsystem_pthread.dylib 0x0000000180aa5530 0x180aa4000 + 5424
2 libsystem_pthread.dylib 0x0000000180aa5020 0x180aa4000 + 4128
Aug 12 15:18:53 FunMaker-SE ReportCrash[5115] <Error>: Thread 15:
0 libsystem_kernel.dylib 0x00000001809c0fd8 0x1809c0000 + 4056
1 libsystem_kernel.dylib 0x00000001809c0e54 0x1809c0000 + 3668
2 CoreFoundation 0x0000000180df8c60 0x180d18000 + 920672
3 CoreFoundation 0x0000000180df6964 0x180d18000 + 911716
4 CoreFoundation 0x0000000180d20c50 0x180d18000 + 35920
5 CoreFoundation 0x0000000180d6e3a4 0x180d18000 + 353188
6 QQ 0x000000010074ef10 0x100074000 + 7188240
7 Foundation 0x0000000181817e4c 0x181724000 + 998988
8 libsystem_pthread.dylib 0x0000000180aa7b28 0x180aa4000 + 15144
9 libsystem_pthread.dylib 0x0000000180aa7a8c 0x180aa4000 + 14988
10 libsystem_pthread.dylib 0x0000000180aa5028 0x180aa4000 + 4136
Aug 12 15:18:53 FunMaker-SE ReportCrash[5115] <Error>: Thread 16 name: com.apple.NSURLConnectionLoader
Thread 16:
0 libsystem_kernel.dylib 0x00000001809c0fd8 0x1809c0000 + 4056
1 libsystem_kernel.dylib 0x00000001809c0e54 0x1809c0000 + 3668
2 CoreFoundation 0x0000000180df8c60 0x180d18000 + 920672
3 CoreFoundation 0x0000000180df6964 0x180d18000 + 911716
4 CoreFoundation 0x0000000180d20c50 0x180d18000 + 35920
5 CFNetwork 0x00000001814a1bcc 0x1813f4000 + 711628
6 Foundation 0x0000000181817e4c 0x181724000 + 998988
7 libsystem_pthread.dylib 0x0000000180aa7b28 0x180aa4000 + 15144
8 libsystem_pthread.dylib 0x0000000180aa7a8c 0x180aa4000 + 14988
9 libsystem_pthread.dylib 0x0000000180aa5028 0x180aa4000 + 4136
Aug 12 15:18:53 FunMaker-SE ReportCrash[5115] <Error>: Thread 17:
0 libsystem_kernel.dylib 0x00000001809dc344 0x1809c0000 + 115524
1 QQ 0x0000000100f089f4 0x100074000 + 15288820
2 QQ 0x0000000100f05468 0x100074000 + 15275112
3 QQ 0x0000000100f0c4dc 0x100074000 + 15303900
4 QQ 0x0000000100f0c3e0 0x100074000 + 15303648
5 libsystem_pthread.dylib 0x0000000180aa7b28 0x180aa4000 + 15144
6 libsystem_pthread.dylib 0x0000000180aa7a8c 0x180aa4000 + 14988
7 libsystem_pthread.dylib 0x0000000180aa5028 0x180aa4000 + 4136
Aug 12 15:18:53 FunMaker-SE ReportCrash[5115] <Error>: Thread 18:
0 libsystem_kernel.dylib 0x00000001809dbf24 0x1809c0000 + 114468
1 libsystem_pthread.dylib 0x0000000180aa6ce8 0x180aa4000 + 11496
2 QQ 0x0000000100eed0e4 0x100074000 + 15175908
3 QQ 0x0000000100ed8134 0x100074000 + 15089972
4 QQ 0x0000000100ee4478 0x100074000 + 15139960
5 libsystem_pthread.dylib 0x0000000180aa7b28 0x180aa4000 + 15144
6 libsystem_pthread.dylib 0x0000000180aa7a8c 0x180aa4000 + 14988
7 libsystem_pthread.dylib 0x0000000180aa5028 0x180aa4000 + 4136
Aug 12 15:18:53 FunMaker-SE ReportCrash[5115] <Error>: Thread 19:
0 libsystem_kernel.dylib 0x00000001809dc344 0x1809c0000 + 115524
1 QQ 0x0000000100ef4df8 0x100074000 + 15207928
2 QQ 0x0000000100ef6e20 0x100074000 + 15216160
3 QQ 0x0000000100ef6bec 0x100074000 + 15215596
4 QQ 0x0000000100ef0108 0x100074000 + 15188232
5 libsystem_pthread.dylib 0x0000000180aa7b28 0x180aa4000 + 15144
6 libsystem_pthread.dylib 0x0000000180aa7a8c 0x180aa4000 + 14988
7 libsystem_pthread.dylib 0x0000000180aa5028 0x180aa4000 + 4136
Aug 12 15:18:53 FunMaker-SE ReportCrash[5115] <Error>: Thread 20:
0 libsystem_kernel.dylib 0x00000001809dbf24 0x1809c0000 + 114468
1 libsystem_pthread.dylib 0x0000000180aa6ce8 0x180aa4000 + 11496
2 QQ 0x0000000100eed0e4 0x100074000 + 15175908
3 QQ 0x0000000100ed8f88 0x100074000 + 15093640
4 QQ 0x0000000100ee4478 0x100074000 + 15139960
5 libsystem_pthread.dylib 0x0000000180aa7b28 0x180aa4000 + 15144
6 libsystem_pthread.dylib 0x0000000180aa7a8c 0x180aa4000 + 14988
7 libsystem_pthread.dylib 0x0000000180aa5028 0x180aa4000 + 4136
Aug 12 15:18:53 FunMaker-SE ReportCrash[5115] <Error>: Thread 21:
0 libsystem_kernel.dylib 0x00000001809dcb48 0x1809c0000 + 117576
1 libsystem_pthread.dylib 0x0000000180aa5530 0x180aa4000 + 5424
2 libsystem_pthread.dylib 0x0000000180aa5020 0x180aa4000 + 4128
Aug 12 15:18:53 FunMaker-SE ReportCrash[5115] <Error>: Thread 22 name: com.apple.CFSocket.private
Thread 22:
0 libsystem_kernel.dylib 0x00000001809dc344 0x1809c0000 + 115524
1 CoreFoundation 0x0000000180dff1c8 0x180d18000 + 946632
2 libsystem_pthread.dylib 0x0000000180aa7b28 0x180aa4000 + 15144
3 libsystem_pthread.dylib 0x0000000180aa7a8c 0x180aa4000 + 14988
4 libsystem_pthread.dylib 0x0000000180aa5028 0x180aa4000 + 4136
Aug 12 15:18:53 FunMaker-SE ReportCrash[5115] <Error>: Thread 23 name: NetworkFlowStatThread
Thread 23:
0 libsystem_kernel.dylib 0x00000001809c0fd8 0x1809c0000 + 4056
1 libsystem_kernel.dylib 0x00000001809c0e54 0x1809c0000 + 3668
2 CoreFoundation 0x0000000180df8c60 0x180d18000 + 920672
3 CoreFoundation 0x0000000180df6964 0x180d18000 + 911716
4 CoreFoundation 0x0000000180d20c50 0x180d18000 + 35920
5 QQ 0x00000001007b52cc 0x100074000 + 7606988
6 Foundation 0x0000000181817e4c 0x181724000 + 998988
7 libsystem_pthread.dylib 0x0000000180aa7b28 0x180aa4000 + 15144
8 libsystem_pthread.dylib 0x0000000180aa7a8c 0x180aa4000 + 14988
9 libsystem_pthread.dylib 0x0000000180aa5028 0x180aa4000 + 4136
Aug 12 15:18:53 FunMaker-SE ReportCrash[5115] <Error>: Thread 24:
0 libsystem_kernel.dylib 0x00000001809dcb48 0x1809c0000 + 117576
1 libsystem_pthread.dylib 0x0000000180aa5530 0x180aa4000 + 5424
2 libsystem_pthread.dylib 0x0000000180aa5020 0x180aa4000 + 4128
Aug 12 15:18:53 FunMaker-SE ReportCrash[5115] <Error>: Thread 25:
0 libsystem_kernel.dylib 0x00000001809dc344 0x1809c0000 + 115524
1 QQ 0x0000000100f089f4 0x100074000 + 15288820
2 QQ 0x0000000100f05468 0x100074000 + 15275112
3 QQ 0x0000000100f0c4dc 0x100074000 + 15303900
4 QQ 0x0000000100f0c3e0 0x100074000 + 15303648
5 libsystem_pthread.dylib 0x0000000180aa7b28 0x180aa4000 + 15144
6 libsystem_pthread.dylib 0x0000000180aa7a8c 0x180aa4000 + 14988
It’s only a 3-step process to locate the crash point.
Get the RVA of crash point
We search for our custom binaries or libraries from top to bottom. The first we see is:
0 QQ 0x00000001001a2a50 0x100074000 + 1239632
The key here is the decimal number 1239632, which is the relative virtual address of the crash point inside QQ. It equals to 0x12EA50 in hexadecimal.
Get the base address of binary/library
Drag QQ into hopper and slide to the top until we see:
The hexadecimal number 0x0000000100000000 is the key.
Calculate the crash point’s address
Add 0x12EA50 and 0x0000000100000000, we get 0x10012EA50, and this is where the crash happens.
Check nearby and you’ll see what has happened.
