gnustep-dev
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Crashes in GUI when applying a theme (Thematic)

From: Richard Frith-Macdonald
Subject: Re: Crashes in GUI when applying a theme (Thematic)
Date: Mon, 23 Nov 2020 16:50:51 +0000 

> On 22 Nov 2020, at 22:09, Riccardo Mottola <riccardo.mottola@libero.it> wrote:
> 
> Hi,
> 
> 
> Riccardo Mottola wrote:
>> #0 0x00007ffff72103ab in objc_msg_lookup () from 
>> /usr/lib/gcc/x86_64-pc-linux-gnu/9.3.0/libobjc.so.4
>> #1  0x00007ffff7bf976c in -[NSMenuView sizeToFit] (self=0x555555da3560, 
>> _cmd=<optimized out>)
>>     at /System/Library/Headers/GNUstepBase/GSIArray.h:237
>> #2  0x00007ffff7befa79 in -[NSMenu sizeToFit] (self=0x555555db63f0, 
>> _cmd=<optimized out>) at NSMenu.m:1562 
> 
> after a debugging evening with Fred, I know more, but am not much wiser.
> 
> [NSMenuView sizeToFit] calls _attachedMenu and [attachedMenu _owningPopUp] 
> and the latter must be invalid because, if checked with "po" in gdb, it will 
> crash.
> _owningPopUp just returns _popUpButtonCell which is set and trying to print 
> directly _attachedMenu->_popUpButtonCell does work, as inspecting it with p 
> *(_attachedMenu->_popUpButtonCell) but sometimes I found the isa pointer to 
> be 0x0 or in any case not accessible.
> 
> So we suppose that either somehow has already invalidated the object or there 
> is memory overwriting.
> Where in the chain Thematic - gui - base the issue is, remains open!

My investigation confirms (I used NSZombieEnabled=YES and set a breakpoint at 
the log of the priblem, and lookd at the stack) that we have a deallocated 
object.
Specifically the exception is  in [[_attachedMenu _owningPopUp] pullsDown]  
when the -pullsDown message is sent to the _owningPopUp as a result of  an 
NSMenuView receiving a GSThemeDidActivateNotification.
Presumably the reason is that the NSMenuView has been detached from somthing in 
which the NSPopUpButtonCell has been deleted/deallocated, but as the view has 
not been deallocated it still receives the notification and tried to redraw.

I think adding [_menu _setOwnedByPopUp: nil] and DESTROY(_menu) near the end of 
NSPopUpButtonCell's -dealloc may be the correct fix, since the popup 
owns/retains the menu and appears to be leaking it.
reply via email to
[Prev in Thread] Current Thread [Next in Thread]