Re: How to debug a corrupted stack
Re: How to debug a corrupted stack
- Subject: Re: How to debug a corrupted stack
- From: "Gerriet M. Denkmann" <email@hidden>
- Date: Thu, 7 Aug 2008 22:28:26 +0700
On 6 Aug 2008, at 21:56, Shawn Erickson wrote:
On Tue, Aug 5, 2008 at 7:51 PM, Gerriet M. Denkmann
<email@hidden> wrote:
I have a document based app which works perfectly with -O0 or -O1 but
crashes with -O2 or higher.
When the crash occurs the debugger comes up and says: "Previous frame
identical to this frame (corrupt stack?)"
When I try to step through the function (which is kind of
difficult, as the
optimization has shuffled the lines a lot) at some time the top
frame of the
stack gets duplicated.
The faulty method starts with:
NSString *path = @"/Users/gerriet/Desktop/some
alias"; // error
with -O2
If it starts with:
NSString *path = @"/Users/gerriet/Desktop/some
file"; // ok
with -O2
then everything works perfectly.
When I comment out the place where the error seems to occur, it
will just
occur at some earlier place.
You are moving things around in memory by chaning the length of your
string above and commenting out things. Additionally changing
optimizer settings shuffles things around.
I admit that the alias-thing was a red herring. Not a question of
files, aliases or strings, but of different paths through my code.
I have a feeling you are hitting an issue cause by an uninitialized
value or something similar in your code that is being hidden in some
situations by the code emitted.
Your feeling is absolutely right. No compiler bug. I have to
apologize to the compiler - I spoke rashly.
The problem is NSValue. Here is a small code sample:
unsigned int ss = sizeof(FSCatalogInfo); // 144 bytes
ss /= 4; // 36 words
FSCatalogInfo catalogInfo1;
memset( &catalogInfo1, 0xab, sizeof(FSCatalogInfo) );
FSCatalogInfo catalogInfo2;
memset( &catalogInfo2, 0xcd, sizeof(FSCatalogInfo) );
unsigned int *p = (unsigned int *)&catalogInfo1;
for(unsigned int i = 0; i < 2 * ss; i +=12)
{
for(unsigned int j = i; j < i + 12; j++) fprintf(stderr,"%#010x ", p
[j]);
fprintf(stderr,"\n");
};
fprintf(stderr,"\n");
NSValue *data = [ NSValue value: &catalogInfo1 withObjCType: @encode
(FSCatalogInfo) ]; // reads 36 + 5 words -- very naughty
const char *objCType = [ data objCType ]; // correct
fprintf(stderr,"objCType = %s\n", objCType);
memset( &catalogInfo2, 0, sizeof(FSCatalogInfo) );
[ data getValue: &catalogInfo1 ]; // writes 36 + 5 words and
destroys parts of catalogInfo2
for(unsigned int i = 0; i < 2 * ss; i +=12)
{
for(unsigned int j = i; j < i + 12; j++) fprintf(stderr,"%#010x ", p
[j]);
fprintf(stderr,"\n");
};
When I run this, I see that NSValue reads (and writes) not 36 words
(as it should, as instructed by @encode ) but 36 + 5 words.
And subsequently overwrites 5 words, which in my case were 2
unimportant words + 3 stored registers (r20.. r22) which then upon
return lead to a crash.
How can it be that such a fundamental thing like NSValue does not
work correctly? At least not on Tiger 10.4.11.
Maybe someone would want to check this on Leopard.
Also are you sure you are getting any runtime exceptions logged?
I believe that all non-caught exceptions are logged in the Xcode Run
Log. And there were none.
Kind regards,
Gerriet.
_______________________________________________
Cocoa-dev mailing list (email@hidden)
Please do not post admin requests or moderator comments to the list.
Contact the moderators at cocoa-dev-admins(at)lists.apple.com
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden