PyTux

Trips of a curious penguin.

Hello, time traveler! You are reading an article that is almost ten years old. The world has changed, and so have I and my opinions. There is a good chance what's below is not current, correct, or secure anymore, and maybe it never was. This page is preserved because I am an archivist at heart, but you have been warned.

Dumping the iOS simulator memory

To audit memory or to debug with external tools it can be useful to get a dump of the running memory of an app.

To do so on a device you’ll need a Jailbreak, SSH access, and gdb. See this or this.

If instead you’re up to a simulated app, things are easier: apps running in the simulator are actually just native processes on your Mac OS X.

So, how to get a core dump of a Mac OS X process? Sadly gdb can’t do so. Mac OS X Internals comes to the rescue with this article.

It is actually an interesting read, but if you are in a hurry, skip to downloading the code and compile it like this (screw the Makefile, it compiles also for PowerPC)

gcc -O2 -arch i386 -Wall -o gcore gcore.c
gcc -O2 -arch x86_64 -Wall -o gcore64 gcore.c

Then simply run your app, find the process id grep-ping ps -hax and run

sudo gcore 1234

And enjoy your core dump. (Bonus: you can load it up in gdb)

If you happen to want the dump happen at a particular moment, place a regular breakpoint in XCode, then dump the memory when the process is paused.