Examining arguments to system calls on the frame stack in lldb - objective-c

I'm working with a X86_64 program in Xcode 4.5. I'm getting warnings to break on _NSWarnForDrawingImageWithNoCurrentContext and stop making a drawing call with no context. The call is happening in a deep set of CALayer/NSView calls. I want to find out what view this relates to.
#0 0x00007fff9033f823 in _NSWarnForDrawingImageWithNoCurrentContext ()
#1 0x00007fff8ffd2cf3 in -[NSImageRep drawInRect:fromRect:operation:fraction:respectFlipped:hints:] ()
#2 0x00007fff901444ea in -[NSImageRep _newCGImageForProposedRect:context:hints:flipped:] ()
#3 0x00007fff8ffd3acb in -[NSImageRep CGImageForProposedRect:context:hints:] ()
#4 0x00007fff9006be1d in -[NSImageRep CGImageForProposedRect:context:hints:flipped:] ()
#5 0x00007fff900f0346 in -[NSImage _newSnapshotRepForRep:rect:context:processedHints:] ()
#6 0x00007fff900923c8 in -[NSImage _snapshotRepForRep:rect:context:processedHints:] ()
#7 0x00007fff9006bd77 in __48-[NSImage CGImageForProposedRect:context:hints:]_block_invoke_0 ()
#8 0x00007fff8ffd14d6 in -[NSImage _usingBestRepresentationForRect:context:hints:body:] ()
#9 0x00007fff9006b9e5 in -[NSImage CGImageForProposedRect:context:hints:] ()
#10 0x00007fff8ff14754 in -[_NSImageLayerContents CA_copyRenderValue] ()
#11 0x00007fff890350c3 in -[CALayer(CALayerPrivate) _copyRenderLayer:layerFlags:commitFlags:] ()
#12 0x00007fff89034a7c in CA::Context::commit_layer(CA::Layer*, unsigned int, unsigned int, void*) ()
#13 0x00007fff890349a4 in CA::Layer::commit_if_needed(CA::Transaction*, void (*)(CA::Layer*, unsigned int, unsigned int, void*), void*) ()
#14 0x00007fff8903492f in CA::Layer::commit_if_needed(CA::Transaction*, void (*)(CA::Layer*, unsigned int, unsigned int, void*), void*) ()
#15 0x00007fff8903492f in CA::Layer::commit_if_needed(CA::Transaction*, void (*)(CA::Layer*, unsigned int, unsigned int, void*), void*) ()
#16 0x00007fff8903492f in CA::Layer::commit_if_needed(CA::Transaction*, void (*)(CA::Layer*, unsigned int, unsigned int, void*), void*) ()
#17 0x00007fff8903492f in CA::Layer::commit_if_needed(CA::Transaction*, void (*)(CA::Layer*, unsigned int, unsigned int, void*), void*) ()
#18 0x00007fff8903492f in CA::Layer::commit_if_needed(CA::Transaction*, void (*)(CA::Layer*, unsigned int, unsigned int, void*), void*) ()
#19 0x00007fff8903492f in CA::Layer::commit_if_needed(CA::Transaction*, void (*)(CA::Layer*, unsigned int, unsigned int, void*), void*) ()
#20 0x00007fff8903492f in CA::Layer::commit_if_needed(CA::Transaction*, void (*)(CA::Layer*, unsigned int, unsigned int, void*), void*) ()
#21 0x00007fff8903492f in CA::Layer::commit_if_needed(CA::Transaction*, void (*)(CA::Layer*, unsigned int, unsigned int, void*), void*) ()
#22 0x00007fff8903492f in CA::Layer::commit_if_needed(CA::Transaction*, void (*)(CA::Layer*, unsigned int, unsigned int, void*), void*) ()
#23 0x00007fff8903492f in CA::Layer::commit_if_needed(CA::Transaction*, void (*)(CA::Layer*, unsigned int, unsigned int, void*), void*) ()
#24 0x00007fff8903492f in CA::Layer::commit_if_needed(CA::Transaction*, void (*)(CA::Layer*, unsigned int, unsigned int, void*), void*) ()
#25 0x00007fff8903492f in CA::Layer::commit_if_needed(CA::Transaction*, void (*)(CA::Layer*, unsigned int, unsigned int, void*), void*) ()
#26 0x00007fff890258d6 in CA::Context::commit_transaction(CA::Transaction*) ()
#27 0x00007fff89025423 in CA::Transaction::commit() ()
#28 0x00007fff9010f032 in -[NSView(NSLayerKitGlue) _drawRectAsLayerTree:] ()
#29 0x00007fff8ffbe35a in -[NSView _drawRect:clip:] ()
#30 0x00007fff8ffbb093 in -[NSView _recursiveDisplayRectIfNeededIgnoringOpacity:isVisibleRect:rectIsVisibleRectForView:topView:] ()
#31 0x00007fff8ffbbb24 in -[NSView _recursiveDisplayRectIfNeededIgnoringOpacity:isVisibleRect:rectIsVisibleRectForView:topView:] ()
#32 0x00007fff8ffba223 in -[NSThemeFrame _recursiveDisplayRectIfNeededIgnoringOpacity:isVisibleRect:rectIsVisibleRectForView:topView:] ()
#33 0x00007fff8ffb5e4d in -[NSView _displayRectIgnoringOpacity:isVisibleRect:rectIsVisibleRectForView:] ()
#34 0x00007fff8ff7fd73 in -[NSView displayIfNeeded] ()
#35 0x00007fff8ff7f2ac in _handleWindowNeedsDisplayOrLayoutOrUpdateConstraints ()
#36 0x00007fff9054a971 in __83-[NSWindow _postWindowNeedsDisplayOrLayoutOrUpdateConstraintsUnlessPostingDisabled]_block_invoke_01208 ()
How do I find out what view _drawRect:clip: is being called on?
I've tried switching to frame 29 and then doing a p/x $arg1 but that gives the error
error: Couldn't materialize struct: Couldn't read rdi (materialize)
I'm only finding source code and commit logs related to this error and can't figure out what it means. Any help would be greatly appreciated, since this would also help try to avoid messages about Apple code that is using deprecated calls that give me warnings.

You could try using the "register read" command, like "reg read arg1", but the real problem here is that rdi is a volatile register with the SysV x86_64 ABI. This means that whenever you make a function call, the contents of rdi may have been overwritten without being saved anywhere. As soon as frame 29 called frame 28, the debugger will assume that rdi has been overwritten (frame 29 probably stored something there itself as an arg to frame 28) and will not be able to retrieve the previous contents of rdi that frame 29 had on entry.
The registers called "non-volatile" or "callee preserved" are guaranteed to be retrievable even in the middle of the stack. On x86_64 these include rbx and r12-r15. If frame 29 is using r12 to hold a variable, calls frame 28 and frame 28 wants to use r12, it has to save the old value on to the stack and then restore that value before it returns to frame 29. The debugger knows how to find this save location and can show you the contents of r12 in frame 29--by looking at where frame 28 saved it and retrieving the value.
Your only hope here is to either (1) put a breakpoint on frame 29 and print the value of arg1 at that point, or (2) look at the assembly instructions for frame 29 and see if the function saved its first argument somewhere (on the stack, in a non-volatile register) that you can still examine. Otherwise, by the time you're 28 stack frames deeper, the contents of the argument register are long gone.

Related

Realm crash on Results.first.getter

Realm 5.0.2
I'm trying to understand how this crash is possible. It is crashing when calling first on a Realm Results object. I'm guessing this is a concurrency issue, but Realm is instantiated on same thread as query, and the Realm objects are immediately converted to app objects. But if it's not a concurrency issue, then ... what?!
0
Thread 1 Queue : com.apple.main-thread (serial)
#0 0x00000001037d8f7c in realm::IndexArray::index_string_all(realm::StringData, std::__1::vector<realm::ObjKey, std::__1::allocator<realm::ObjKey> >&, realm::ClusterColumn const&) const ()
#1 0x00000001036c8fdc in realm::IntegerNode<realm::ArrayIntNull, realm::Equal>::init() ()
#2 0x00000001036a740c in realm::Query::init() const ()
#3 0x00000001036a74dc in realm::Query::find_all(realm::ConstTableView&, unsigned long, unsigned long, unsigned long) const ()
#4 0x0000000103866e7c in realm::ConstTableView::do_sync() ()
#5 0x00000001036a78d0 in realm::Query::find_all(unsigned long, unsigned long, unsigned long) ()
#6 0x00000001036a7d50 in realm::Query::find_all(realm::DescriptorOrdering const&) ()
#7 0x00000001033af2c4 in realm::Results::do_evaluate_query_if_needed(bool)
#8 0x00000001033aeca8 in realm::util::Optional<realm::Obj> realm::Results::try_get<realm::Obj>(unsigned long)
#9 0x00000001033af01c in realm::util::Optional<realm::Obj> realm::Results::first<realm::Obj>()
#10 0x0000000103542b9c in _ZZN5realm7Results5firstI18RLMAccessorContextEEDaRT_ENKUlTyS4_E_clIPNS_3ObjEEES3_S4_
#11 0x0000000103541d38 in _ZN5realmL14switch_on_typeINS_3ObjEZNS_7Results5firstI18RLMAccessorContextEEDaRT_EUlTyS6_E_EES5_NS_12PropertyTypeEOT0_
#12 0x00000001035418c0 in _ZNK5realm7Results8dispatchIZNS0_5firstI18RLMAccessorContextEEDaRT_EUlTyS5_E_EES4_OS5_
#13 0x0000000103541870 in auto realm::Results::first<RLMAccessorContext>(RLMAccessorContext&)
#14 0x0000000103541834 in -[RLMResults firstObject]::$_8::operator()() const
#15 0x000000010353d5c4 in auto translateRLMResultsErrors<-[RLMResults firstObject]::$_8>(-[RLMResults firstObject]::$_8&&, NSString*)
#16 0x000000010353d544 in -[RLMResults firstObject]
#17 0x0000000104968cf4 in Results.first.getter
#18 0x000000010228e97c in static LibraryManager.LibraryPersistence.findPersistentTag(permanentId:temporaryId:)
#19 0x000000010228e500 in LibraryManager.getTag(forAssignment:)
#20 0x000000010220c284 in closure #1 in AudiobookUserSettings.tags.getter
#21 0x000000019eb5e038 in Sequence.compactMap<A>(_:) ()
#22 0x000000010220c1d0 in AudiobookUserSettings.tags.getter
#23 0x0000000102195e70 in Audiobook.tags.getter
#24 0x000000010226407c in FolderManager.updateFromLibrary()
#25 0x00000001022ca78c in LibraryTableViewController.refreshFolders()
#26 0x00000001022c6930 in closure #1 in LibraryTableViewController.refreshView()
#27 0x0000000102150700 in thunk for #escaping #callee_guaranteed () -> () ()
#28 0x0000000104b7605c in _dispatch_call_block_and_release ()
#29 0x0000000104b774d8 in _dispatch_client_callout ()
#30 0x0000000104b85f64 in _dispatch_main_queue_callback_4CF ()
#31 0x00000001911cc8d4 in __CFRUNLOOP_IS_SERVICING_THE_MAIN_DISPATCH_QUEUE__ ()
#32 0x00000001911c758c in __CFRunLoopRun ()
#33 0x00000001911c6bc8 in CFRunLoopRunSpecific ()
#34 0x000000019b5a85cc in GSEventRunModal ()
#35 0x0000000195379744 in UIApplicationMain ()
#36 0x00000001023d838c in main
#37 0x0000000191043384 in start ()
Enqueued from audiobookSettings-persistence (Thread 33) Queue
#0 0x0000000104b7bdd0 in dispatch_async ()
#1 0x00000001c807004c in OS_dispatch_queue.async(group:qos:flags:execute:) ()
#2 0x00000001022c6808 in LibraryTableViewController.refreshView()
#3 0x00000001022c6288 in closure #1 in LibraryTableViewController.viewWillAppear(_:)
The relevant code from the app:
func getTag(forAssignment assignment: TagAssignment) -> Tag? {
let tag = LibraryPersistence.findPersistentTag(permanentId: assignment.permanentTagId,
temporaryId: assignment.temporaryTagId)
return tag?.toTag()
}
static func findPersistentTag(permanentId: Int? = nil, temporaryId: String? = nil) -> PersistentTag? {
guard let userId = getIdForCurrentUser() else {
return nil
}
let realm = try! Realm()
// First try lookup by permanent tag id
if let permanentId = permanentId {
let permanentIdNumber = NSNumber(value: permanentId)
if let stored = realm.objects(PersistentTag.self).filter("permanentId == %# AND userId == %#", permanentIdNumber, userId).first {
return stored
}
}
// Then try temporary tag id
if let temporaryId = temporaryId {
return realm.objects(PersistentTag.self).filter("temporaryId == %# AND userId == %#", temporaryId, userId).first
}
return nil
}
UPDATE: More crash details:
* thread #1, queue = 'com.apple.main-thread', stop reason = EXC_BAD_ACCESS (code=EXC_I386_GPFLT)
#0: 0x0000000103bfc2fd Realm`realm::util::EncryptedFileMapping::read_barrier(void const*, unsigned long, unsigned long (*)(char const*)) + 29
* frame #1: 0x00000001035ce000 Realm`realm::util::do_encryption_read_barrier(addr=0x00007fff87a95540, size=8, header_to_size=(Realm`realm::NodeHeader::get_byte_size_from_header(char const*) at node_header.hpp:201), mapping=0xca4c51df08c18be5)(char const*), realm::util::EncryptedFileMapping*) at file_mapper.hpp:133:14
#2: 0x0000000103b496ee Realm`realm::IndexArray::index_string_all(realm::StringData, std::__1::vector<realm::ObjKey, std::__1::allocator<realm::ObjKey> >&, realm::ClusterColumn const&) const + 398
...
It looks like you're not the only one with this problem.
https://github.com/realm/realm-cocoa/issues/6556
This looks like a problem with 5.0.x, some have downgraded to 4.x to remove the problem. It references another issue (bottom of the report) which has been fixed and merged, but not yet released.
I'd read the bug report and see if this follows your experience, then either (a) follow the workaround, or (b) downgrade to 4.4.x. Watch the fix issue (https://github.com/realm/realm-core/pull/3828) for being included in a new release.

Getting Seg Fault when I try to dynamically load a custom library (.so) which is compiled with webkit2gtk library

I have created a shared library which has a function displaywebview that launches a GTK window and loads the URL into it using webkit2gtk.
Now I am writing a caller program which loads this library using dlopen, gets the method displaywebview using dlsym and calls this function.
I get a seg fault inside displaywebview at the point where I call webkit_web_view_new(). Could someone help me out on why this is happening?
webkit_main.so
#include <gtk/gtk.h>
#include <webkit2/webkit2.h>
extern "C"
{
int displayWebView();
}
int displayWebView()
{
printf("Entered in displayWebView\n");
// Initialize GTK+
gtk_init(NULL, NULL);
// Create an 800x600 window that will contain the browser instance
GtkWidget *main_window = gtk_window_new(GTK_WINDOW_TOPLEVEL);
gtk_window_set_default_size(GTK_WINDOW(main_window), 800, 600);
WebKitWebView *webView = (WebKitWebView*)webkit_web_view_new();
// webkit_web_view_new();
// // Put the browser area into the main window
gtk_container_add(GTK_CONTAINER(main_window), GTK_WIDGET(webView));
// Set up callbacks so that if either the main window or the browser instance is
// closed, the program will exit
g_signal_connect(main_window, "destroy", G_CALLBACK(destroyWindowCb), NULL);
g_signal_connect(webView, "close", G_CALLBACK(closeWebViewCb), main_window);
// // Load a web page into the browser instance
webkit_web_view_load_uri(webView, "http://www.gmail.com");
// // Make sure that when the browser area becomes visible, it will get mouse
// // and keyboard events
gtk_widget_grab_focus(GTK_WIDGET(webView));
// // Make sure the main window and all its contents are visible
gtk_widget_show_all(main_window);
// // Run the main GTK+ event loop
gtk_main();
return 0;
}
caller.cpp
#include <unistd.h>
#include <stdlib.h>
#include <dlfcn.h>
#include <stdio.h>
typedef int (*PDISPLAYWEBVIEW)();
int main(){
void* hnd = dlopen("/home/radix/Desktop/webkit_socket/webkit_main.so", RTLD_LAZY);
// sleep(10);
if(hnd!=NULL){
PDISPLAYWEBVIEW pdisplayWebView = (PDISPLAYWEBVIEW)dlsym(hnd,"displayWebView");
if(pdisplayWebView == NULL){
printf("dlsym error %s", dlerror());
}
else{
printf("Everything okay, launch the function\n");
(*pdisplayWebView)();
}
dlclose(hnd);
}
else{
printf("The error is %s", dlerror());
}
}
BACKTRACE details:
Thread 1 "caller" received signal SIGSEGV, Segmentation fault.
0x0000000000000000 in ?? ()
(gdb) bt
#0 0x0000000000000000 in ?? ()
#1 0x00007ffff790d165 in std::thread::_M_start_thread(std::unique_ptr<std::thread::_State, std::default_delete<std::thread::_State> >, void (*)()) () from /usr/lib/x86_64-linux-gnu/libstdc++.so.6
#2 0x00007ffff2009168 in bmalloc::Scavenger::Scavenger(std::lock_guard<bmalloc::Mutex>&) () from /usr/lib/x86_64-linux-gnu/libjavascriptcoregtk-4.0.so.18
#3 0x00007ffff1d12f61 in bmalloc::PerProcess<bmalloc::Scavenger>::getSlowCase() () from /usr/lib/x86_64-linux-gnu/libjavascriptcoregtk-4.0.so.18
#4 0x00007ffff2001fcc in bmalloc::Heap::Heap(bmalloc::HeapKind, std::lock_guard<bmalloc::Mutex>&) () from /usr/lib/x86_64-linux-gnu/libjavascriptcoregtk-4.0.so.18
#5 0x00007ffff1fff1ff in bmalloc::PerProcess<bmalloc::PerHeapKind<bmalloc::Heap> >::getSlowCase() () from /usr/lib/x86_64-linux-gnu/libjavascriptcoregtk-4.0.so.18
#6 0x00007ffff1ffee99 in bmalloc::Cache::Cache(bmalloc::HeapKind) () from /usr/lib/x86_64-linux-gnu/libjavascriptcoregtk-4.0.so.18
#7 0x00007ffff1fff311 in bmalloc::PerThread<bmalloc::PerHeapKind<bmalloc::Cache> >::getSlowCase() () from /usr/lib/x86_64-linux-gnu/libjavascriptcoregtk-4.0.so.18
#8 0x00007ffff1ffef0d in bmalloc::Cache::allocateSlowCaseNullCache(bmalloc::HeapKind, unsigned long) () from /usr/lib/x86_64-linux-gnu/libjavascriptcoregtk-4.0.so.18
#9 0x00007ffff1af22a2 in JSC::ExecutableAllocator::initializeAllocator() () from /usr/lib/x86_64-linux-gnu/libjavascriptcoregtk-4.0.so.18
#10 0x00007ffff1d0bf25 in ?? () from /usr/lib/x86_64-linux-gnu/libjavascriptcoregtk-4.0.so.18
#11 0x00007ffff0926739 in __pthread_once_slow (once_control=0x7ffff22a6ff0, init_routine=0x7ffff790c120 <__once_proxy>) at pthread_once.c:116
#12 0x00007ffff1d0d90d in JSC::initializeThreading() () from /usr/lib/x86_64-linux-gnu/libjavascriptcoregtk-4.0.so.18
#13 0x00007ffff49beb29 in ?? () from /usr/lib/x86_64-linux-gnu/libwebkit2gtk-4.0.so.37
#14 0x00007ffff4aa4add in ?? () from /usr/lib/x86_64-linux-gnu/libwebkit2gtk-4.0.so.37
#15 0x00007ffff4b0eb00 in ?? () from /usr/lib/x86_64-linux-gnu/libwebkit2gtk-4.0.so.37
#16 0x00007ffff0e5e777 in ?? () from /usr/lib/x86_64-linux-gnu/libgobject-2.0.so.0
#17 0x00007ffff0e5fc0d in g_object_newv () from /usr/lib/x86_64-linux-gnu/libgobject-2.0.so.0
#18 0x00007ffff0e603c4 in g_object_new () from /usr/lib/x86_64-linux-gnu/libgobject-2.0.so.0
#19 0x00007ffff4b0ab7d in ?? () from /usr/lib/x86_64-linux-gnu/libwebkit2gtk-4.0.so.37
#20 0x00007ffff0ba74a5 in g_once_impl () from /lib/x86_64-linux-gnu/libglib-2.0.so.0
#21 0x00007ffff4b31cc9 in webkit_web_view_new () from /usr/lib/x86_64-linux-gnu/libwebkit2gtk-4.0.so.37
#22 0x00007ffff6d96f0f in displayWebView () at webkit_main.cpp:81
#23 0x00005555555548df in main () at caller.cpp:20
Note:
When I use the same program with webkitgtk-1.0 it runs absolutely fine. With webkit2gtk-4.0 it gives this issue.
When I compile caller.cpp with libwebkit2gtk-4.0 it strangely doesn't give seg fault anymore.
Could someone help me out why this is happening?
I am using debian 9 with webkit2gtk-4.0-37 of version: 2.22.2-1~bpo9+1
There are some compiler options that have to be the same within every components (object modules, libraries, shared objects) so that they could work together.
Other than -pthread, large-file-support (in 32-bit) comes to my mind.
Another possible source of problems if different versions of a component are linked together.

Crash when creating object in Typhoon

I'm experiencing a crash in TyphoonComponentFactory.m when trying to instantiate an object - this line crashes with EXC_BAD_ACCESS:
279:[pool setObject:instance forKey:definition.key];
Or sometimes this one:
276:id instance = [pool objectForKey:definition.key];
All the variables - pool, instance, definition, look right at the time it crashes, in the debugger. Earlier in the program's execution (but not much earlier, i.e. the same runloop) I've set up my TyphoonComponentFactory and made it the default factory. Is there anything that could be causing this? I had a vague theory that the factory is created too late for the callers but... pretty weak.
Typhoon version 1.8.2. Here's the assembly:
#import "EndpointQueueAssembly.h"
#import "EndpointQueue.h"
#import "URLStorage.h"
#import "EndpointHTTPMethods.h"
#import "EndpointURLStrings.h"
#import "HTTPRequestOperationFactory.h"
#import "Services.h"
#import "ChatImageCheck.h"
#implementation EndpointQueueAssembly
-(id)endpointQueue
{
return [TyphoonDefinition withClass: [EndpointQueue class] properties:^(TyphoonDefinition *definition) {
[definition setScope:TyphoonScopeSingleton];
}];
}
-(id)urlStorage
{
return [TyphoonDefinition withClass: [URLStorage class]];
}
-(id)endpointHTTPMethods
{
return [TyphoonDefinition withClass: [EndpointHTTPMethods class]];
}
-(id)chatImageCheck
{
return [TyphoonDefinition withClass: [ChatImageCheck class]];
}
-(id)endpointURLStrings
{
return [TyphoonDefinition withClass: [EndpointURLStrings class] properties:^(TyphoonDefinition *definition) {
[definition injectProperty:#selector(urlStorage)];
}];
}
-(id)httpRequestOperationFactory
{
return [TyphoonDefinition withClass: [HTTPRequestOperationFactory class] properties:^(TyphoonDefinition* definition) {
[definition injectProperty:#selector(endpointHTTPMethods)];
[definition injectProperty:#selector(endpointURLStrings)];
}];
}
-(id)services
{
return [TyphoonDefinition withClass:[Services class] properties:^(TyphoonDefinition *definition) {
[definition setScope:TyphoonScopeSingleton];
}];
}
#end
Stack trace, for a crash on line 276:
Thread 65, Queue : NSOperationQueue 0x12434e90
#0 0x0473756b in -[__NSDictionaryM objectForKey:] ()
#1 0x0033c2dd in -[TyphoonComponentFactory sharedInstanceForDefinition:fromPool:] at /Users/nicklocking/Documents/primus-ios/NBFIOSCore/Pods/Typhoon/Source/Factory/TyphoonComponentFactory.m:276
#2 0x0033cb34 in -[TyphoonComponentFactory(TyphoonDefinitionRegisterer) objectForDefinition:] at /Users/nicklocking/Documents/primus-ios/NBFIOSCore/Pods/Typhoon/Source/Factory/TyphoonComponentFactory.m:315
#3 0x0033b01d in -[TyphoonComponentFactory componentForKey:] at /Users/nicklocking/Documents/primus-ios/NBFIOSCore/Pods/Typhoon/Source/Factory/TyphoonComponentFactory.m:151
#4 0x046a291d in __invoking___ ()
#5 0x046a282a in -[NSInvocation invoke] ()
#6 0x00335f69 in -[TyphoonBlockComponentFactory forwardInvocation:] at /Users/nicklocking/Documents/primus-ios/NBFIOSCore/Pods/Typhoon/Source/Factory/Block/TyphoonBlockComponentFactory.m:97
#7 0x0469e2da in ___forwarding___ ()
#8 0x0469e0ee in __forwarding_prep_0___ ()
#9 0x00022647 in +[CascadeItemRenderOperation isCurrentProfileWithDictionary:] at /Users/nicklocking/Documents/primus-ios/NBFIOSCore/Shared/CascadeItemRenderOperation.m:166
#10 0x00022d3b in +[CascadeItemRenderOperation countOfUnreadChatsWithDictionary:] at /Users/nicklocking/Documents/primus-ios/NBFIOSCore/Shared/CascadeItemRenderOperation.m:205
#11 0x00021c7c in +[CascadeItemRenderOperation renderWithDictionary:] at /Users/nicklocking/Documents/primus-ios/NBFIOSCore/Shared/CascadeItemRenderOperation.m:79
#12 0x001002b2 in -[GrindrGridViewPreRenderOperation main] at /Users/nicklocking/Documents/primus-ios/NBFIOSCore/Grindr/GrindrGridViewPreRenderOperation.m:38
#13 0x02d0dc79 in -[__NSOperationInternal _start:] ()
#14 0x02c8a9c8 in -[NSOperation start] ()
#15 0x02d0ff44 in __NSOQSchedule_f ()
#16 0x04d164d0 in _dispatch_client_callout ()
#17 0x04d02fe0 in _dispatch_async_redirect_invoke ()
#18 0x04d164d0 in _dispatch_client_callout ()
#19 0x04d04eb7 in _dispatch_root_queue_drain ()
#20 0x04d05127 in _dispatch_worker_thread2 ()
#21 0x05045dab in _pthread_wqthread ()
Values of relevant objects:
self: TyphoonBlockComponentFactory with all relevant objects available in the registry.
definition: "Definition: class='AuthenticationDetails', key='authenticationDetails'"
pool: NSDictionary, 0 key/value pairs
instance: id, uninitialised pointer.
Here's the stack for the main thread at the time - also contains Typhoon references:
Thread 1, Queue : com.apple.main-thread
#0 0x05081802 in __psynch_mutexwait ()
#1 0x05047945 in _pthread_mutex_lock ()
#2 0x050477ac in pthread_mutex_lock ()
#3 0x0443a498 in objc_sync_enter ()
#4 0x0033c288 in -[TyphoonComponentFactory sharedInstanceForDefinition:fromPool:] at /Users/nicklocking/Documents/primus-ios/NBFIOSCore/Pods/Typhoon/Source/Factory/TyphoonComponentFactory.m:275
#5 0x0033cb34 in -[TyphoonComponentFactory(TyphoonDefinitionRegisterer) objectForDefinition:] at /Users/nicklocking/Documents/primus-ios/NBFIOSCore/Pods/Typhoon/Source/Factory/TyphoonComponentFactory.m:315
#6 0x0033b01d in -[TyphoonComponentFactory componentForKey:] at /Users/nicklocking/Documents/primus-ios/NBFIOSCore/Pods/Typhoon/Source/Factory/TyphoonComponentFactory.m:151
#7 0x046a291d in __invoking___ ()
#8 0x046a282a in -[NSInvocation invoke] ()
#9 0x00335f69 in -[TyphoonBlockComponentFactory forwardInvocation:] at /Users/nicklocking/Documents/primus-ios/NBFIOSCore/Pods/Typhoon/Source/Factory/Block/TyphoonBlockComponentFactory.m:97
#10 0x0469e2da in ___forwarding___ ()
#11 0x0469e0ee in __forwarding_prep_0___ ()
#12 0x000735e7 in -[Profile(Custom) isMe] at /Users/nicklocking/Documents/primus-ios/NBFIOSCore/Utils/Profile+Custom.m:74
#13 0x0022a0eb in -[Profile(GrindrGridViewHash) grindrGridViewHash] at /Users/nicklocking/Documents/primus-ios/NBFIOSCore/Shared/Profile+GrindrGridViewHash.m:84
#14 0x000ff3ed in -[GrindrGridViewPreRenderCache preRenderManagedObjectsForBackgroundExecution:] at /Users/nicklocking/Documents/primus-ios/NBFIOSCore/Grindr/GrindrGridViewPreRenderCache.m:105
#15 0x000ff174 in -[GrindrGridViewPreRenderCache preRenderManagedObjects:] at /Users/nicklocking/Documents/primus-ios/NBFIOSCore/Grindr/GrindrGridViewPreRenderCache.m:87
#16 0x00041c8f in -[GrindrGridView endUpdates] at /Users/nicklocking/Documents/primus-ios/NBFIOSCore/Shared/GrindrGridView.m:825
#17 0x002343d2 in -[CascadeDataSource controllerDidChangeContent:] at /Users/nicklocking/Documents/primus-ios/NBFIOSCore/Grindr/CascadeDataSource.m:137
#18 0x0276e347 in -[NSFetchedResultsController(PrivateMethods) _managedObjectContextDidChange:] ()
#19 0x02d0c049 in __57-[NSNotificationCenter addObserver:selector:name:object:]_block_invoke ()
#20 0x04709f04 in __CFNOTIFICATIONCENTER_IS_CALLING_OUT_TO_AN_OBSERVER__ ()
#21 0x04661efb in _CFXNotificationPost ()
#22 0x02c45e41 in -[NSNotificationCenter postNotificationName:object:userInfo:] ()
#23 0x02670a13 in -[NSManagedObjectContext(_NSInternalNotificationHandling) _postObjectsDidChangeNotificationWithUserInfo:] ()
#24 0x0270ffaf in -[NSManagedObjectContext(_NSInternalChangeProcessing) _createAndPostChangeNotification:withDeletions:withUpdates:withRefreshes:] ()
#25 0x0266beb8 in -[NSManagedObjectContext(_NSInternalChangeProcessing) _processRecentChanges:] ()
#26 0x0266b649 in -[NSManagedObjectContext processPendingChanges] ()
#27 0x0269a4cc in -[NSManagedObjectContext(_NestedContextSupport) _parentProcessSaveRequest:inContext:error:] ()
#28 0x02712a14 in __82-[NSManagedObjectContext(_NestedContextSupport) executeRequest:withContext:error:]_block_invoke ()
#29 0x02694b81 in internalBlockToNSManagedObjectContextPerform ()
#30 0x04d164d0 in _dispatch_client_callout ()
#31 0x04d05439 in _dispatch_barrier_sync_f_slow_invoke ()
#32 0x04d164d0 in _dispatch_client_callout ()
#33 0x04d04726 in _dispatch_main_queue_callback_4CF ()
#34 0x0471343e in __CFRUNLOOP_IS_SERVICING_THE_MAIN_DISPATCH_QUEUE__ ()
#35 0x046545cb in __CFRunLoopRun ()
#36 0x046539d3 in CFRunLoopRunSpecific ()
#37 0x046537eb in CFRunLoopRunInMode ()
#38 0x053ee5ee in GSEventRunModal ()
#39 0x053ee42b in GSEventRun ()
#40 0x03513f9b in UIApplicationMain ()
#41 0x0000e704 in main at /Users/nicklocking/Documents/primus-ios/NBFIOSCore/Shared/main.m:18
Further update:
It seems like Typhoon is defaulting to TyphoonScopeObjectGraph, which is apparently not thread-safe. We switched all non-singletons to TyphoonScopePrototype, and we now experience crashes in TyphoonCallStack -pop, in line 59, [_storage removeLastObject]. Seems to be an exception of some sort but the debugger doesn't spit anything useful out.
Cannot comment on your post (haven't enough reputation):
Yes, if you create components from different threads - it can be reason of crashes. Typhoon is not threaded-safe now(we are using NSMutableArray, NSMutableDictionary which are not threaded-safe, during object creation).
You can fix it by wrapping Typhoon call into serial queue or synchronized statement.. Or we can do it inside Typhoon (but it will be Typhoon 2.0 feature - hard to maintain two versions at same time)
Update:
Typhoon 2.0 is now thread-safe.
Here's our solution, which seems to work pretty well:
#import "TyphoonComponentFactory+SwizzledObjectForDefinition.h"
#import "JRSwizzle.h"
#implementation TyphoonComponentFactory (SwizzledObjectForDefinition)
+ (void)swizzleMethods
{
SEL objectForDefinitionSelector = sel_registerName("objectForDefinition:");
[TyphoonComponentFactory jr_swizzleMethod: objectForDefinitionSelector
withMethod: #selector(swizzledObjectForDefinition:)
error: nil];
}
// Synchronize objectForDefinition
- (id)swizzledObjectForDefinition:(TyphoonDefinition *)definition
{
#synchronized(self) {
return [self swizzledObjectForDefinition:definition];
}
}
#end
We also declare all scopes as either Singleton or Prototype.

EXC_BAD_ACCESS on presentRenderbuffer

When I call presentRenderBuffer in some situations my app crash with EXC_BAD_ACCESS. But usually all is ok.
Call stack is here:
#0 0x2f53f02e in glrGetPrivateInteger ()
#1 0x329a192e in gliGetInteger ()
#2 0x002eec04 in __collect_all_context_profiling_data_block_invoke ()
#3 0x0015ea7c in iter_contexts ()
#4 0x002ee7f2 in collect_all_context_profiling_data ()
#5 0x00163fbc in copy_profiling_data_dictionary(ContextInfo*, unsigned int, unsigned long long) ()
#6 0x00160566 in handle_frame_boundary ()
#7 0x002f194c in EAGLContext_presentRenderbuffer(EAGLContext*, objc_selector*, unsigned int) ()
#8 0x00044a68 in __36-[CanvasView initializeWithContext:]_block_invoke56
Do you have any ideas about this?
SOLVE:
Texture is created and deleted in different contexts. This has caused problems.
Now texture is created and deleted in one context. It has solved the problem.

App crashes on tab clicks message is like Collection <CALayerArray: > was mutated while being enumerated

Can you please find out why my app crashes? When I tap on any of my tab in my tabbars app crashes. It's a rendom issue but generates very frequently. The error message is as follows:
2012-01-18 14:48:50.029 MyApp[2823:f803] *** Terminating app due to uncaught exception 'NSGenericException', reason: '*** Collection <CALayerArray: 0x6b46bd0> was mutated while being enumerated.'
*** First throw call stack:
(0x17a8052 0x1d5cd0a 0x17a7c21 0x66b65f 0x66b80d 0x66b80d 0x66b80d 0x66b80d 0x66bb90 0x66bcb6 0x670a4f 0x66a72b 0x6d8116 0x6d7b0e 0x714dc6 0x7149bd 0x712f8a 0x712e2f 0x7148f4 0x17a9ec9 0x6365c2 0x63655a 0x85b569 0x17a9ec9 0x6365c2 0x63655a 0x6dbb76 0x6dc03f 0x6dbbab 0x85dd1f 0x17a9ec9 0x6365c2 0x63655a 0x6dbb76 0x6dc03f 0x6db2fe 0x65ba30 0x65bc56 0x642384 0x635aa9 0x226afa9 0x177c1c5 0x16e1022 0x16df90a 0x16dedb4 0x16deccb 0x2269879 0x226993e 0x633a9b 0x2a7d 0x29f5)
terminate called throwing an exception(gdb) bt
#0 0x9a09e9c6 in __pthread_kill ()
#1 0x90b50f78 in pthread_kill ()
#2 0x90b41bdd in abort ()
#3 0x01f00e78 in abort_message ()
#4 0x01efe89e in default_terminate ()
#5 0x01d5cf4b in _objc_terminate ()
#6 0x01efe8de in safe_handler_caller ()
#7 0x01efe946 in std::terminate ()
#8 0x01effb3e in __cxa_rethrow ()
#9 0x01d5ce49 in objc_exception_rethrow ()
#10 0x016dee10 in CFRunLoopRunSpecific ()
#11 0x016deccb in CFRunLoopRunInMode ()
#12 0x02269879 in GSEventRunModal ()
#13 0x0226993e in GSEventRun ()
#14 0x00633a9b in UIApplicationMain ()
#15 0x00002a7d in main (argc=1, argv=0xbffff5d4) at /Users/Bob/Desktop/MyApp/MyApp/main.m:14
Current language: auto; currently objective-c
(gdb)
Usually this is caused by adding / removing objects from a NSMutableArray while it's enumerated. For example:
[array enumerateObjectsUsingBlock:^(id obj, NSUInteger idx, BOOL *stop) {
[array removeObject:obj];
}];
Check your code whether you are doing something like this.