Strategies for debugging Objective-C Garbage Collection Crash

Question

I have a pretty frustrating crasher that is impacting a small subset of my users. From my analysis it seems to be isolated to PowerPC users running 10.5. When the garbage collector runs in the background, it will silently kill my application. Here's the relevant snippet from the crashlog.

Exception Type:  EXC_BREAKPOINT (SIGTRAP)
Exception Codes: 0x0000000000000001, 0x0000000093db26f8
Crashed Thread:  1

Application Specific Information:
objc[8361]: garbage collection is ON
test_node_integrity:  FreeListNode 0x1184000 { _prev = 0x0, _next = 0xffffffff, _size = 0 } failed integrity check.
    Thread 0:
0   libSystem.B.dylib               0x95a4c1f8 mach_msg_trap + 8
1   libSystem.B.dylib               0x95a5311c mach_msg + 56
2   com.apple.CoreFoundation        0x96a04394 CFRunLoopRunSpecific + 1812
3   com.apple.HIToolbox             0x9003fb14 RunCurrentEventLoopInMode + 264
4   com.apple.HIToolbox             0x9003f938 ReceiveNextEventCommon + 412
5   com.apple.HIToolbox             0x9003f778 BlockUntilNextEventMatchingListInMode + 84
6   com.apple.AppKit                0x94d18244 _DPSNextEvent + 596
7   com.apple.AppKit                0x94d17bfc -[NSApplication nextEventMatchingMask:untilDate:inMode:dequeue:] + 112
8   com.apple.AppKit                0x94d1189c -[NSApplication run] + 744
9   com.apple.AppKit                0x94ce2298 NSApplicationMain + 440
10  com.secondgear.checkoff         0x00002e48 start + 64

Thread 1 Crashed:
0   libauto.dylib                   0x93db26f8 Auto::Admin::test_node_integrity(Auto::FreeListNode*) + 392
1   libauto.dylib                   0x93db8dec Auto::Zone::block_deallocate_internal(void*) + 168
2   libauto.dylib                   0x93da80d4 auto_collection_thread(void*) + 148

I've been unable to reproduce the crash on my old PPC Mac, and the vague nature of the error makes it somewhat difficult to isolate where the crash is occurring on my Mac.

Are there any debugging strategies or tools I could use to help isolate this? Perhaps something I can pass on to a user to help figure out where/what is causing the crash?

Answer 1

That would typically be caused by one of three things;

• memory corruption

• bundle unloading

• running out of memory (exhausting address space)

Odd that it is PPC specific, though. Make sure the users are all running the latest version of the OS and not accidentally running your application under Rosetta (which does not support GC).

You might also ask the users for their Console logs. There may be more evidence within.

Beyond that, I don't have much to offer. Debugging this kind of problem really requires a reproducible case on your local machine as there isn't much in the way of evidence otherwise.