EDIT: I have found the cause of this crash! bbum pointed out that buffer overflows are a very common cause for this, so I looked at the only buffer type malloc I had:
closedList = (AINavigationCell **)malloc(baseCells.count * sizeof(AINavigationCell *));
I was later overwriting data past the array's bounds, which should have been much larger than baseCells.count
. Thank you bbum!
Question:
I have a reproduceable EXC_BAD_ACCESS
during NSAutoreleasePool
-drain, which seems to indicate that I am over-releasing an object. So I enable NSZombie
, but then the program does not crash any more. Nor do I get any info logged to the console. If I turn NSZombie off, the crash comes back. What is the meaning of this? I thought NSZombies were used to tackle exactly this kind of problem. If NSZombie won't help, is there another way to interrogate this over-released object?
Also the crash is not reproduceable on Simulator, which is why I can't use Instruments with NSZombie.
Folowing is the backtrace at point of crash.
#0 0x31ac8bc8 in _cache_fill ()
#1 0x31acaf8e in lookUpMethod ()
#2 0x31ac8780 in _class_lookupMethodAndLoadCache ()
#3 0x31ac859a in objc_msgSendSuper_uncached ()
#4 0x328014f0 in -[__NSArrayReverseEnumerator dealloc] ()
#5 0x327b1f7a in -[NSObject(NSObject) release] ()
#6 0x327b63c8 in CFRelease ()
#7 0x327b58de in _CFAutoreleasePoolPop ()
#8 0x320e132c in NSPopAutoreleasePool ()
#9 0x30899048 in CAPopAutoreleasePool ()
#10 0x30902784 in CA::Display::DisplayLink::dispatch ()
#11 0x309027ea in CA::Display::IOMFBDisplayLink::callback ()
#12 0x30076bfa in IOMobileFramebufferVsyncNotifyFunc ()
#13 0x333dee6a in IODispatchCalloutFromCFMessage ()
#14 0x327e8be6 in __CFMachPortPerform ()
#15 0x327e06fe in __CFRUNLOOP_IS_CALLING_OUT_TO_A_SOURCE1_PERFORM_FUNCTION__ ()
#16 0x327e06c2 in __CFRunLoopDoSource1 ()
#17 0x327d2f7c in __CFRunLoopRun ()
#18 0x327d2c86 in CFRunLoopRunSpecific ()
#19 0x327d2b8e in CFRunLoopRunInMode ()
#20 0x3094a4aa in GSEventRunModal ()
#21 0x3094a556 in GSEventRun ()
#22 0x32c14328 in -[UIApplication _run] ()
#23 0x32c11e92 in UIApplicationMain ()
#24 0x00002556 in main (argc=1, argv=0x2fdff660) at /Users/hyn/Desktop/MyProject-trunk/main.m:14