Re: How to debug this Tiger release error?
Re: How to debug this Tiger release error?
- Subject: Re: How to debug this Tiger release error?
- From: Ken Thomases <email@hidden>
- Date: Wed, 19 Mar 2008 04:08:41 -0500
On Mar 19, 2008, at 2:13 AM, Steve Cronin wrote:
Folks;
On Tiger, I have an app that has a popup button which allows a user
to make a selection from a supporting array.
Once a new selection is made a collection of images are redraw in a
view.
Has been working reasonably well...
Now sometimes, not consistently, when the selection is made the app
will crash.
Sometimes I see the following in the console log:
2008-03-19 01:36:20.231 XYZ[3035] *[XYZMainWindowController
setUserSelectedData]
XYZ(3035,0xa000d000) malloc: *** error for object 0x315730: double
free
XYZ(3035,0xa000d000) malloc: *** set a breakpoint in szone_error to
debug
I have the following environment variables set:
NSZombieEnabled(YES)
MallocStackLogging(1)
and these Global Breakpoints set:
[NSException raise]
szone_error
[NSObject setNilValueForKey]
-[_NSZombie release]
malloc_printf
The crash doesn't appear to fire any of these breakpoints and leaves
only this meager trace in the stack:
#0 0x90a594c7 in objc_msgSend
#1 0x00315730 in ??
#2 0x90824f84 in __CFDictionaryDeallocate
#3 0x9080e0c6 in _CFRelease
#4 0x927dc96f in NSPopAutoreleasePool
#5 0x9328fab1 in -[NSApplication run]
#6 0x932839c0 in NSApplicationMain#7 0x00405ffc in main at main.m:18
If I step thru the code it eventually starts off into the assembly
code for handling the interface and bindings and as you all are well
aware there is an astonishing amount of such code underlying the Mac
OS interface....
If I pause the app and enable a breakpoint on [NSObject release] I
get so many breaks that I just can't make any headway.
How DO I -- most efficiently -- figure out what dictionary is the
culprit in frame 2 above?
You can set MallocStackLoggingNoCompact=1 and use the malloc_history
command on the address being printed in the malloc error output.
It couldn't hurt to set MallocScribble=1, which tends to move problems
such as this closer to their origin point. Also, since the problem is
in a Core Foundation object, you might try CFZombieLevel. See <http://developer.apple.com/technotes/tn2004/tn2124.html
>.
You can examine the stack frame for the arguments to the call.
_CFDictionaryDeallocate is obviously private, so interpreting its
arguments is not an exact science, but CFRelease is easier. If you're
on an Intel Mac, you could issue these gdb commands:
frame 3
x/a $ebp+8
I'm not familiar enough with the PPC ABI to advise there.
You can also try using the ObjectAlloc instrument of Instruments
(Leopard) or the ObjectAlloc application (Tiger) to track the same
sorts of information.
Best of luck,
Ken
_______________________________________________
Cocoa-dev mailing list (email@hidden)
Please do not post admin requests or moderator comments to the list.
Contact the moderators at cocoa-dev-admins(at)lists.apple.com
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden