http://www.cocoadev.com/index.pl?DebuggingAutorelease
Taken from the article:
One of the most opaque bugs I've had to deal with in Cocoa is leaving a released object in the autorelease pool, causing an EXC_BAD_ACCESS in NSPopAutoreleasePool?(). When this happens, it's pretty much impossible to tell what the doubly-released object was and where it was instantiated.
Fear no more! Using Cocoa's NSZombie? debugging class and the command-line malloc_history tool, we can nail this bug in a pinch.
Suppose you have the following (obviously incorrect) code:
NSAutoreleasePool* pool = [[NSAutoreleasePool alloc] init];
NSData* data = [NSData dataWithBytes:"asklaskdxjgr" length:12];
[data release];
[pool release];
The dataWithBytes: method sends an autorelease message to the created object, so we don't need to release it ourselves. When the autorelease pool is tossed the freed data object gets another release message, our app crashes, and we have no idea why.
The dataWithBytes: method sends an autorelease message to the created object, so we don't need to release it ourselves. When the autorelease pool is tossed the freed data object gets another release message, our app crashes, and we have no idea why.
Here's what we do:
Click on the "Targets" tab, open "Executables" and select the app (In XCode 2.0, double-click the executable in the file tree and select the arguments tab to enter environment variables). In the executable settings, add the following environment variables and set their values to "YES" (without the quotes):
NSDebugEnabled
NSZombieEnabled
MallocStackLogging
You may also want the following environment variable set to YES:
MallocStackLoggingNoCompact
With NSZombieEnabled, Cocoa sets an object's isa pointer to the NSZombie? class when its retain count drops to zero instead of deallocating it. Then when you send a message to an NSZombie? object (i.e., you're accessing freed data), it raises an exception and tells you where the object lives:
2003-03-18 13:01:38.644 autoreleasebug[3939] *** *** Selector 'release'
sent to dealloced instance 0xa4e10 of class NSConcreteData.
Since you have MallocStackLogging turned on, you can now run "malloc_history
[dave@host193 Frameworks]$ malloc_history 3939 0xa4e10
Call [2] [arg=32]: thread_a0000dec |0x1000 | start | _start | main |
+[NSData dataWithBytes:length:] | NSAllocateObject | object_getIndexedIvars |
malloc_zone_calloc
if you run under gdb, you may enter:
(gdb) shell malloc_history 3939 0xa4e10
And there it is: the double-released object was allocated with [NSData dataWithBytes:length:] in the function main()!
I love you, Cocoa!
Thanks for the writeup.
ReplyDeleteNote that the the environment variables are set at Project / Edit Active Executable / Arguments
malloc_history will not seem to work if you have "Enable Guard Malloc" turned on.
ReplyDeleteThank you so much... this saved me a sleepless night :)
ReplyDeleteIf I was't agnostic I would ask God the almighty to stuck you up with cookies for the help!
ReplyDeleteThank you..You saved me.Thanks a jillion times..
ReplyDeleteThanks, you made my day!
ReplyDeleteGood information about i pad application and development
ReplyDeleteBefore you make any hirings, you should be well aware of all the terms and conditions laid down by the iPhone development company, along with the payment details, so that you do not have to face any problems at the later stage of development.
hire iphone developer
Excellent details. I find it informative one. o that you do not have to face any problems at the later stage of development.
ReplyDeleteiphone developer