bug-gnustep
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Segmentation fault while loading Cocoa NIB

From: Fred Kiefer
Subject: Re: Segmentation fault while loading Cocoa NIB
Date: Mon, 22 Jun 2009 00:32:38 +0200
User-agent: Thunderbird 2.0.0.19 (X11/20081227) 
After some initial bug fixes I am now getting closer to the problem you
are seeing. There was a bug in the way the map tables for the key value
binding where set up, this only showed after Richards rework of
NSTableMap and should be corrected now.

I am now getting a segmentation fault when opening the company window
the second time. The back trace still looks a bit different from yours:

Program received signal SIGSEGV, Segmentation fault.
0xb77cd704 in objc_msg_lookup () from /usr/lib/libobjc.so.2
(gdb) bt
#0  0xb77cd704 in objc_msg_lookup () from /usr/lib/libobjc.so.2
#1  0xb78904d3 in -[GSArray dealloc] (self=0x84bff10, _cmd=0xb7baede8)
at GSArray.m:129
#2  0xb799b77b in -[NSObject release] (self=0x84bff10, _cmd=0xb7b832b0)
at NSObject.m:1872
#3  0xb78ebab2 in -[NSAutoreleasePool emptyPool] (self=0x80e7768,
_cmd=0xb7b83318)
    at NSAutoreleasePool.m:441
#4  0xb78eb8a9 in -[NSAutoreleasePool dealloc] (self=0x80e7768,
_cmd=0xb7b83310)
    at NSAutoreleasePool.m:343
#5  0xb78eb85e in -[NSAutoreleasePool release] (self=0x80e7768,
_cmd=0xb7f09a18)
    at NSAutoreleasePool.m:336
#6  0xb7cb9ed6 in -[NSApplication run] (self=0x81ccb90, _cmd=0xb7eff020)
at NSApplication.m:1481
#7  0xb7c99dcd in NSApplicationMain (argc=1, argv=0xbfffe044) at
Functions.m:74
#8  0x0804ac12 in main (argc=Cannot access memory at address 0x170001
) at main.m:13


Fred Kiefer wrote:
> On my system the segmenation fault happens a bit earlier. I get it when
> closing the company window.
> 
> Program received signal SIGSEGV, Segmentation fault.
> 0xb76a52d7 in malloc_usable_size () from /lib/libc.so.6
> (gdb) bt
> #0  0xb76a52d7 in malloc_usable_size () from /lib/libc.so.6
> #1  0xb6e9b94e in ?? () from /usr/X11R6/lib/libGL.so.1
> #2  0xb78fae33 in _NS_owned_void_p_release (table=0x8213e80,
> p=0x8470958) at NSCallBacks.m:99
> #3  0xb7908bf6 in GSIMapFreeNode (map=0x8213e80, node=0x8214378)
>     at ../Headers/Additions/GNUstepBase/GSIMap.h:425
> #4  0xb7908b4d in GSIMapRemoveKey (map=0x8213e80, key=
>       {addr = 138029104, obj = 0x83a2830, nso = 0x83a2830, cls =
> 0x83a2830, sel = 0x83a2830, schr = 48 '0', uchr = 48 '0', ssht = 10288,
> usht = 10288, sint = 138029104, uint = 138029104, slng = 138029104, ulng
> = 138029104, ptr = 0x83a2830, cptr = 0x83a2830, str = 0x83a2830 " #��",
> cstr = 0x83a2830 " #��", s8 = 48 '0', u8 = 48 '0', s16 = 10288, u16 =
> 10288, s32 = 138029104, u32 = 138029104, s64 = 138029104, u64 = 138029104})
>     at ../Headers/Additions/GNUstepBase/GSIMap.h:1041
> #5  0xb7908a95 in NSMapRemove (table=0x8213e80, key=0x83a2830) at
> NSConcreteMapTable.m:809
> #6  0xb7d68d91 in +[GSKeyValueBinding unbindAllForObject:]
> (self=0xb7f4c080, _cmd=0xb7f9eb30,
>     anObject=0x83a2830) at NSKeyValueBinding.m:257
> #7  0xb7e34187 in -[NSView dealloc] (self=0x83a2830, _cmd=0xb7f2b5d8) at
> NSView.m:570
> #8  0xb7d1d796 in -[NSControl dealloc] (self=0x83a2830, _cmd=0xb7f923c8)
> at NSControl.m:117
> #9  0xb7e1e7bd in -[NSTextField dealloc] (self=0x83a2830,
> _cmd=0xb7baede8) at NSTextField.m:113
> #10 0xb799b777 in -[NSObject release] (self=0x83a2830, _cmd=0xb7f9ea18)
> at NSObject.m:1872
> #11 0xb7e356a1 in -[NSView removeSubview:] (self=0x83f48b8,
> _cmd=0xb7f9ec00, aView=0x83a2830)
>     at NSView.m:893
> ---Type <return> to continue, or q <return> to quit---
> #12 0xb7e35356 in -[NSView removeFromSuperviewWithoutNeedingDisplay]
> (self=0x83a2830, _cmd=0xb7f9eb40)
>     at NSView.m:835
> #13 0xb7e341d9 in -[NSView dealloc] (self=0x83f48b8, _cmd=0xb7baede8) at
> NSView.m:574
> #14 0xb799b777 in -[NSObject release] (self=0x83f48b8, _cmd=0xb7f9ea18)
> at NSObject.m:1872
> #15 0xb7e356a1 in -[NSView removeSubview:] (self=0x8369148,
> _cmd=0xb7f9ec00, aView=0x83f48b8)
>     at NSView.m:893
> #16 0xb7e35356 in -[NSView removeFromSuperviewWithoutNeedingDisplay]
> (self=0x83f48b8, _cmd=0xb7f9eb40)
>     at NSView.m:835
> #17 0xb7e341d9 in -[NSView dealloc] (self=0x8369148, _cmd=0xb7baede8) at
> NSView.m:574
> #18 0xb799b777 in -[NSObject release] (self=0x8369148, _cmd=0xb7fa5010)
> at NSObject.m:1872
> #19 0xb7e47a54 in -[NSWindow dealloc] (self=0x8369048, _cmd=0xb7baede8)
> at NSWindow.m:767
> #20 0xb799b777 in -[NSObject release] (self=0x8369048, _cmd=0xb7b71318)
> at NSObject.m:1872
> #21 0xb78904e4 in -[GSArray dealloc] (self=0x81f6238, _cmd=0xb7baede8)
> at GSArray.m:129
> #22 0xb799b777 in -[NSObject release] (self=0x81f6238, _cmd=0xb7b832b0)
> at NSObject.m:1872
> #23 0xb78ebab2 in -[NSAutoreleasePool emptyPool] (self=0x80e7758,
> _cmd=0xb7b83318)
>     at NSAutoreleasePool.m:441
> #24 0xb78eb8a9 in -[NSAutoreleasePool dealloc] (self=0x80e7758,
> _cmd=0xb7b83310)
>     at NSAutoreleasePool.m:343
> #25 0xb78eb85e in -[NSAutoreleasePool release] (self=0x80e7758,
> _cmd=0xb7f09a18)
>     at NSAutoreleasePool.m:336
> ---Type <return> to continue, or q <return> to quit---
> #26 0xb7cb9ed6 in -[NSApplication run] (self=0x8181938, _cmd=0xb7eff020)
> at NSApplication.m:1481
> #27 0xb7c99dcd in NSApplicationMain (argc=1, argv=0xbfffe044) at
> Functions.m:74
> #28 0x0804ac12 in main (argc=1407551829, argv=0xe804ec83) at main.m:13
> 
> 
> Looks like it it the key value binding, so clearly my fault. I will
> investigate this later.
> 
> Cheers
> Fred
> 
> 
> Andy Balholm wrote:
>> Thank you for looking into this bug. Here is the source for the project
>> as it was just before I removed the user defaults controller from
>> CompanyInfo.nib.
>>
>>
>>
>> To show the Company Info window, select Edit Company Info... from the
>> file menu (with a document open). To get the crash, close that window
>> and then open it again.
>>
>> As far as I know, no other objects in the NIB reference the user
>> defaults controller.
>>
>> I have also discovered another bug relating to this NIB. The bindings
>> that it contains seem to be read-only; if there is data in the model
>> objects, it is displayed, but any changes I make in the text fields are
>> not reflected in the model.
>>
>> Here's a sample data file too:
>>
>>
>>
>> Andy Balholm
>> (509) 276-9718
>> andy@balholm.com
>>
>>
>>
>> On Jun 18, 2009, at 12:37 PM, Fred Kiefer wrote:
>>
>>> Hi Andy,
>>>
>>> thank you for the bug report and the analysis you did yourself. In
>>> general it really helps to have the source code and of course the NIB
>>> files to dig into such a problem.
>>>
>>> The decoding code for NSUserDefaultsController is rather simple:
>>>
>>> - (id) initWithCoder: (NSCoder *)aDecoder
>>> {
>>>  if ([aDecoder allowsKeyedCoding])
>>>    if ([aDecoder decodeBoolForKey: @"NSSharedInstance"])
>>>      {
>>>        RELEASE(self);
>>>        return [NSUserDefaultsController sharedUserDefaultsController];
>>>      }
>>>
>>>  return [super initWithCoder: aDecoder];
>>> }
>>>
>>> I don't expect that this itself is causing the problem. Maybe another
>>> object is having a reference to this object and the code there doesn't
>>> properly handle the case the the decoded object gets replaced by another
>>> one. I would need to look at the NIB file (best in XML format) to
>>> further analyse this.
>>>
>>> Fred
>>>
>>>
>>>
>>> Andy Balholm wrote:
>>>> I sent this message a while ago. Since then I investigated further with
>>>> GDB and discovered that the segmentation fault happens while the shared
>>>> user defaults controller is being unarchived from the NIB. For this
>>>> particular program, the NIB didn't need to have a user defaults
>>>> controller in it. (IB put it in without asking.) But someone may want to
>>>> look into the problem in general.
>>>>
>>>> There is also another crash that occurs only under FreeBSD, but not
>>>> under Windows, in the same circumstances. It says that virtual memory is
>>>> exhausted.
>>>>
>>>> Andy Balholm
>>>> (509) 276-9718
>>>> andy@balholm.com
>>>>
>>>>
>>>>
>>>> Begin forwarded message:
>>>>
>>>>> From: Andy Balholm <andy@balholm.com>
>>>>> Date: June 16, 2009 4:29:48 PM PDT
>>>>> To: bug-gnustep@gnu.org
>>>>> Subject: Segmentation fault while loading Cocoa NIB
>>>>>
>>>>> I am developing an application to run under MacOS and GNUstep. The
>>>>> windows are stored as Cocoa NIBs. One of the windows causes a crash
>>>>> the second or third time it loads when I'm running the program under
>>>>> GNUstep for either Windows or FreeBSD. (The main document window is
>>>>> fine, though.) It does not crash under MacOS, so I suppose it would be
>>>>> considered a bug in GNUstep rather than in my program.
>>>>>
>>>>> It doesn't seem to matter whether I save the NIB as format version 2
>>>>> or format version 3 in Interface Builder. The crash still happens.
>>>>>
>>>>> Under Windows, I'm using gnustep-core version 0.23.0. Under FreeBSD,
>>>>> I'm using sources from Subversion downloaded on Saturday (Jun 13).
>>>>>
>>>>> Here is the stack trace I got with gdb under FreeBSD:
>>>>>
>>>>> #0  0x28865a64 in objc_msg_lookup () from /usr/lib/libobjc.so.3
>>>>> #1  0x285c919d in GSIArraySetItemAtIndex (array=0x2933a900, item={addr
>>>>> = 692693272, obj = 0x2949a918, nso = 0x2949a918}, index=115) at
>>>>> GSIArray.h:502
>>>>> #2  0x285c8d0e in -[NSKeyedUnarchiver(Private) _decodeObject:]
>>>>> (self=0x28ece248, _cmd=0x28801ac8, index=115) at
>>>>> NSKeyedUnarchiver.m:226
>>>>> #3  0x285c86c5 in -[NSKeyedUnarchiver(Internal)
>>>>> _decodeArrayOfObjectsForKey:] (self=0x28ece248, _cmd=0x287ce5f8,
>>>>> aKey=0x287cdad8) at NSKeyedUnarchiver.m:114
>>>>> #4  0x284e5d4e in -[GSPlaceholderArray initWithCoder:]
>>>>> (self=0x28d3b8d8, _cmd=0x28801b08, aCoder=0x28ece248) at GSArray.m:1133
>>>>> #5  0x285c8ca1 in -[NSKeyedUnarchiver(Private) _decodeObject:]
>>>>> (self=0x28ece248, _cmd=0x28801ac8, index=121) at
>>>>> NSKeyedUnarchiver.m:219
>>>>> #6  0x285cb8db in -[NSKeyedUnarchiver decodeObjectForKey:]
>>>>> (self=0x28ece248, _cmd=0x2845e0b8, aKey=0x2845c450) at
>>>>> NSKeyedUnarchiver.m:600
>>>>> #7  0x283575ff in -[NSIBObjectData initWithCoder:] (self=0x28ecf928,
>>>>> _cmd=0x28801b08, coder=0x28ece248) at GSNibLoading.m:1680
>>>>> #8  0x285c8ca1 in -[NSKeyedUnarchiver(Private) _decodeObject:]
>>>>> (self=0x28ece248, _cmd=0x28801ac8, index=1) at NSKeyedUnarchiver.m:219
>>>>> #9  0x285cb8db in -[NSKeyedUnarchiver decodeObjectForKey:]
>>>>> (self=0x28ece248, _cmd=0x28469988, aKey=0x28469484) at
>>>>> NSKeyedUnarchiver.m:600
>>>>> #10 0x2836bbd4 in -[GSNibLoader
>>>>> loadModelData:externalNameTable:withZone:] (self=0x28d75f28,
>>>>> _cmd=0x284699d8, data=0x28eba668, context=0x28ecab88, zone=0x2883a320)
>>>>> at GSNibLoader.m:73
>>>>> #11 0x2836bf43 in -[GSNibLoader
>>>>> loadModelFile:externalNameTable:withZone:] (self=0x28d75f28,
>>>>> _cmd=0x283a49a0, fileName=0x28e1c828, context=0x28ecab88,
>>>>> zone=0x2883a320) at GSNibLoader.m:133
>>>>> #12 0x2816dd6f in +[NSBundle(NSBundleAdditions)
>>>>> loadNibFile:externalNameTable:withZone:] (self=0x287e1da0,
>>>>> _cmd=0x28434570, fileName=0x28e1c828, context=0x28ecab88,
>>>>> zone=0x2883a320) at NSBundleAdditions.m:205
>>>>> #13 0x282e8049 in -[NSWindowController loadWindow] (self=0x28e3b6a8,
>>>>> _cmd=0x28434490) at NSWindowController.m:467
>>>>> #14 0x282e75ea in -[NSWindowController window] (self=0x28e3b6a8,
>>>>> _cmd=0x28434408) at NSWindowController.m:301
>>>>> #15 0x282e70af in -[NSWindowController setDocumentEdited:]
>>>>> (self=0x28e3b6a8, _cmd=0x283c02b0, flag=0 '\000') at
>>>>> NSWindowController.m:210
>>>>> #16 0x281aee29 in -[NSDocument addWindowController:] (self=0x28e1c588,
>>>>> _cmd=0x804be00, windowController=0x28e3b6a8) at NSDocument.m:319
>>>>> #17 0x08048e15 in -[MyDocument showCompanyInfoWindow:]
>>>>> (self=0x28e1c588, _cmd=0x28d1ac08, sender=0x2939a1f8) at
>>>>> MyDocument.m:43
>>>>> #18 0x286efa8f in L10 () from
>>>>> /usr/GNUstep/System/Library/Libraries/libgnustep-base.so.1.19
>>>>> #19 0x28e1c588 in ?? ()
>>>>> #20 0x28d1ac08 in ?? ()
>>>>> #21 0x2939a1f8 in ?? ()
>>>>> #22 0x288710f0 in ?? () from /usr/lib/libobjc.so.3
>>>>> #23 0x28e00000 in ?? ()
>>>>> #24 0x0804f438 in ?? ()
>>>>> #25 0x0804f540 in ?? ()
>>>>> #26 0x2886aea0 in objc_free () from /usr/lib/libobjc.so.3
>>>>> #27 0x286ae70d in GSFFCallInvokeWithTargetAndImp (_inv=0x28e48fd8,
>>>>> anObject=0x28e1c588, imp=0x8048c60 <-[MyDocument
>>>>> showCompanyInfoWindow:]>) at GSFFCallInvocation.m:709
>>>>> #28 0x286aeaec in -[GSFFCallInvocation invokeWithTarget:]
>>>>> (self=0x28e48fd8, _cmd=0x283977e8, anObject=0x28e1c588) at
>>>>> GSFFCallInvocation.m:779
>>>>> #29 0x2813dc3f in -[NSApplication sendAction:to:from:]
>>>>> (self=0x28e1c4c8, _cmd=0x283e2dd0, aSelector=0x28d1ac08, aTarget=0x0,
>>>>> sender=0x2939a1f8) at NSApplication.m:2087
>>>>> #30 0x2820d871 in -[NSMenu performActionForItemAtIndex:]
>>>>> (self=0x293d39c8, _cmd=0x283e5798, index=9) at NSMenu.m:1242
>>>>> #31 0x282171d5 in -[NSMenuView trackWithEvent:] (self=0x293af6c8,
>>>>> _cmd=0x283e5818, event=0x28e3b3d8) at NSMenuView.m:1633
>>>>> #32 0x28217354 in -[NSMenuView mouseDown:] (self=0x293af6c8,
>>>>> _cmd=0x28433190, theEvent=0x28e3b568) at NSMenuView.m:1678
>>>>> #33 0x282df26e in -[NSWindow sendEvent:] (self=0x28d03a08,
>>>>> _cmd=0x283977a0, theEvent=0x28e3b568) at NSWindow.m:3588
>>>>> #34 0x2813d5dd in -[NSApplication sendEvent:] (self=0x28e1c4c8,
>>>>> _cmd=0x283976e0, theEvent=0x28e3b568) at NSApplication.m:1963
>>>>> #35 0x2813c019 in -[NSApplication run] (self=0x28e1c4c8,
>>>>> _cmd=0x2838cc60) at NSApplication.m:1465
>>>>> #36 0x2811b4c1 in NSApplicationMain (argc=1, argv=0xbfbfe824) at
>>>>> Functions.m:74
>>>>> #37 0x0804ac9e in main (argc=Error accessing memory address 0x160001:
>>>>> Bad address.
>>>>>
>>>>> I would be glad to send you the application source if it would help
>>>>> you find the problem.
reply via email to
[Prev in Thread] Current Thread [Next in Thread]