Increasing memory crash issue

[daemonx01]

Memory is not being freed properly while reading files from iPhone. It goes up to 2gb for reading 2gb of data, means no memory is being freed at all while reading. And when memory keeps increasing, it crashes.

I'm using static library, maybe that can be the problem? Should I use framework or dylib instead? Can't really understand the problem. Kindly suggest a solution.

[samdmarshall]

Hi, thanks for opening an issue on this. To better understand the exact issue I'm going to need an the crash reports and a sample project that can reproduce the exact behavior you are seeing.

[daemonx01]

heres the sample code while reading files of 4gb size, memory goes up to 4gb and then application crashes.

https://gist.github.com/bilawal230/0f0063705bca0f849f7b

[daemonx01]

heres the memory screenshot when crashed:

[daemonx01]

kindly solve this memory issue, i'm properly releasing the memory with CFSafeRelease but its not working. Heres the crash log:

libsystem_c.dylib`__stack_chk_fail: 0x7fff9895542c: pushq %rbp 0x7fff9895542d: movq %rsp, %rbp 0x7fff98955430: pushq %rbx 0x7fff98955431: subq $0x78, %rsp 0x7fff98955435: callq 0x7fff9897b532 ; symbol stub for: getpid 0x7fff9895543a: movl %eax, %ebx 0x7fff9895543c: xorps %xmm0, %xmm0 0x7fff9895543f: movaps %xmm0, -0x40(%rbp) 0x7fff98955443: movaps %xmm0, -0x50(%rbp) 0x7fff98955447: movb $0x0, -0x30(%rbp) 0x7fff9895544b: movb $0x5b, -0x50(%rbp) 0x7fff9895544f: movaps %xmm0, -0x70(%rbp) 0x7fff98955453: movaps %xmm0, -0x80(%rbp) 0x7fff98955457: movb $0x0, -0x60(%rbp) 0x7fff9895545b: leaq -0x80(%rbp), %rsi 0x7fff9895545f: movl $0x20, %edx 0x7fff98955464: movl %ebx, %edi 0x7fff98955466: callq 0x7fff9897b60a ; symbol stub for: proc_name 0x7fff9895546b: movb $0x0, -0x60(%rbp) 0x7fff9895546f: leaq -0x11(%rbp), %rsi 0x7fff98955473: movb $0x0, -0x11(%rbp) 0x7fff98955477: testl %ebx, %ebx 0x7fff98955479: jle 0x7fff989554a8 ; stack_chk_fail + 124 0x7fff9895547b: movslq %ebx, %rax 0x7fff9895547e: imulq $0x66666667, %rax, %rcx 0x7fff98955485: movq %rcx, %rdx 0x7fff98955488: shrq $0x3f, %rdx 0x7fff9895548c: sarq $0x22, %rcx 0x7fff98955490: addl %edx, %ecx 0x7fff98955492: imull $0xa, %ecx, %edx 0x7fff98955495: negl %edx 0x7fff98955497: leal 0x30(%rbx,%rdx), %edx 0x7fff9895549b: movb %dl, -0x1(%rsi) 0x7fff9895549e: decq %rsi 0x7fff989554a1: cmpl $0x9, %eax 0x7fff989554a4: movl %ecx, %ebx 0x7fff989554a6: jg 0x7fff9895547b ; stack_chk_fail + 79 0x7fff989554a8: leaq -0x50(%rbp), %rbx 0x7fff989554ac: movl $0x21, %edx 0x7fff989554b1: movq %rbx, %rdi 0x7fff989554b4: callq 0x7fff9897bb1a ; symbol stub for: strlcat 0x7fff989554b9: leaq 0x2d11d(%rip), %rsi ; "] stack overflow" 0x7fff989554c0: movl $0x21, %edx 0x7fff989554c5: movq %rbx, %rdi 0x7fff989554c8: callq 0x7fff9897bb1a ; symbol stub for: strlcat 0x7fff989554cd: leaq 0x2b9b1(%rip), %rsi ; "user" 0x7fff989554d4: leaq -0x80(%rbp), %rcx 0x7fff989554d8: movl $0x2, %edi 0x7fff989554dd: movq %rbx, %rdx 0x7fff989554e0: callq 0x7fff9897b766 ; symbol stub for: _simple_asl_log_prog 0x7fff989554e5: movq %rbx, -0x1bcc9514(%rip) ; gCRAnnotations + 8 0x7fff989554ec: callq 0x7fff98954b82 ; __abort

[samdmarshall]

This code looks very similar to the SDMMD_AMDeviceRemoteCopyFile() and SDMMD_AMDeviceCopyFile() convenience functions I added to my implementation of AFC in this library. I assume you aren't using either of those due to it creating the data object in memory for the file size that is being transferred.

If you want to validate if the packets are being released from memory correctly then you should set a breakpoint in SDMMD_AFCOperationRefFinalize() to make sure that is being called.

Please look at the CONTIBUTING.md file for guidelines on the requested materials. what you have posted here aren't crash logs, they are the disassembly of where it stopped. You will have to run the code outside of Xcode without a debugger attached to have it generate a crash log. You can find crash logs by opening the Console.app and looking under "User Diagnostic Reports".

[daemonx01]

Yes, it is similar to the SDMMD_AMDeviceRemoteCopyFile() but that method doesn't work properly. It doesn't read the file properly while SDMMD_AMDeviceCopyFile() works fine I have tested it.

I set a breakpoint in SDMMD_AFCOperationRefFinalize() as you suggested and made sure its being called. Even called it in my code to release memory properly and apparently it works fine but doesn't release the memory. Memory keeps increasing with the size of data. I'm using Static Lib, can it be the problem?

[samdmarshall]

Do not call that method directly, it is a method that needs to be called via the CoreFoundation runtime to correctly release the object.

To investigate this any further I am going to need a complete sample project that reproduces this.

[daemonx01]

Can you test your method SDMMD_AMDeviceRemoteCopyFile() to see if its working fine? Thanks.

[daemonx01]

Okay I will give you a sample project in a few time that reproduces it so you can investigate what is going wrong. Thanks

[daemonx01]

I have inserted the function in SDMD Library's iOS Console Project in the main.c file and accessing it from main() , this is the link: https://www.dropbox.com/s/f8cpqfhf176jvgt/SDMMDSAMPLE.zip?dl=0

You can open it and run iOSConsole Project so you can see memory is leaking. I tried to upload the project here but its size is big so had to upload it on dropbox. Kindly review it and give me some solution. Thanks

[samdmarshall]

Thanks, I will try to make time this weekend to look into it, I cannot promise that it will be addressed immediately because of prior commitments but i will do my best and keep this updated as i go.

[daemonx01]

Thanks. I will be waiting

[samdmarshall]

If you could try out the latest commit, I think this should fix the problem.

[daemonx01]

Thanks a lot. It's fixed now. Can you look into the other issue as well? it crashes when device detached.

[samdmarshall]

I am going to mark this issue as closed, if you can attach a new crash log and sample to that issue i'd be happy to look into it.