Nat! bio photo

Nat!

Senior Mull

Twitter Github Twitch

Mulle kybernetiK

mulle-objc

Mulle kybernetiK TV

Tracer seems to be working. Bugs in Carbon ?

It looks like the tracer is working. I ran a dummy Cocoa application and that worked out OK! I then tried TextEdit.app. It works alright so far, except that the background of the window is brown... Check it out: I don't know, why that artefact happens. Obviously the different malloc library scheme is tripping something up... What I did was, I nm'ed all the (Text) symbols in malloc.So in /usr/lib/System.dylib and created a .c file that defines them. I then record anything worthy with my tracer and do the memory management with the brand spankin' new Mullocator (my own mallocer). I couldn't figure out how to use the original code in libSystem.dylib. I tried to create function pointers to the "original" routines, but that didn't work out. It looks like I would have needed to parse the original macho file. That's for another project though... I then tried to launch Safari and Preview with the tracer lib wedged in. Both failed and crashed. Looking at the crash dumps and at the allocation history though it appears, IF i intercept everything, that there are bugs in those applications, that try to access non allocated memory. But any judgement on this is way premature.F.e. check out this dump: (gdb) where Reading in symbols for main.m...done. Reading in symbols for /SourceCache/Csu/Csu-45/crt.c...done. Reading in symbols for start.s...done. #0 mulle_malloc_length_of_small_block (block=0x144fddc) at MulleMalloc.subproj/mulle_malloc.c:938 #1 0x21003b00 in _mulle_msize (block=0x144fddc, self=0x210080d8) at MulleMalloc.subproj/mulle_malloc.c:1550 #2 0x21003ca4 in _mulle_safe_msize (block=0x144fddc, self=0x210080d8) at MulleMalloc.subproj/mulle_malloc.c:1587 #3 0x21001808 in mulle_msize (block=0x144fddc) at MulleMalloc.subproj/mulle_malloc.h:149 #4 0x21000a8c in malloc_size (ptr=0x144fddc) at malloc.c:198 #5 0x90223df8 in HGetState () #6 0x9023a700 in SetPL () #7 0x9022e008 in vCheckLoad () #8 0x90233d6c in CheckLoad () #9 0x9023c9f8 in PreLoad () #10 0x90241e18 in RMInsertMappedResourceFileInChain () #11 0x9024d54c in FSOpenResourceFileMapped () #12 0x9014a938 in __CF_FSOpenResourceFileMapped_internal () #13 0x9014a6d8 in _CFBundleOpenResourceFile () #14 0x9014a9c8 in _CFBundleOpenBundleGlobalResourceFile () #15 0x901502b0 in CFBundleOpenBundleResourceFiles () #16 0x90267c70 in openFrameworkResourceFiles () #17 0x901447b4 in CFDictionaryApplyFunction () #18 0x90271694 in insertFrameworkResources () #19 0x9022509c in StandardEntry () #20 0x9022c414 in GetResourceCommon () #21 0x96a83ef4 in Localize(AppearanceGlobals*) () #22 0x96a00d6c in GetAppearanceGlobals() () #23 0x969c0250 in SetupMDEFGlobals(short, OpaqueMenuRef*, Rect*, Point, short*, StandardMenuDefGlobals*, OpaqueGrafPtr**, bool*) () #24 0x969d5508 in StandardMDEF(short, OpaqueMenuRef*, Rect*, Point, short*) () #25 0x969d0884 in _CallMenuDef(MenuData*, short, Rect*, Point, short*) () #26 0x96a024c4 in SendMenuInit(MenuData*) () #27 0x969e1b90 in MenuData::Initialize(OpaqueEventRef*) () #28 0x969d18a8 in HIObject::HandleClassHIObjectEvent(OpaqueEventHandlerCallRef*, OpaqueEventRef*, void*) () #29 0x969d180c in HIObject::EventHook(OpaqueEventHandlerCallRef*, OpaqueEventRef*, void*) () #30 0x969a2c54 in DispatchEventToHandlers () #31 0x969a2fbc in SendEventToEventTargetInternal () #32 0x969a63d0 in SendEventToEventTargetWithOptions () #33 0x969cb8f0 in HIObject::Create(__CFString const*, OpaqueEventRef*, HIObject**) () #34 0x969cea24 in HIObjectCreate () #35 0x969f2138 in CreateMenuData(MenuDefSpec const*, short, unsigned char const*, unsigned long, MenuData**) () #36 0x969b5b54 in InternalGetRootMenu() () #37 0x969c82c4 in _GetMenuHandle(short) () #38 0x96a00ea8 in GetMenuHandle () #39 0x9315f874 in GetUniqueCarbonMenuID () #40 0x9310a728 in CreateCarbonMenu () #41 0x93160edc in _NSAddMenuBarItems () #42 0x93160434 in -[NSApplication finishLaunching] () #43 0x930b1be0 in -[NSApplication run] () #44 0x9315fc58 in NSApplicationMain () #45 0x00003da8 in main (argc=1, argv=0xbffffd30) at main.m:13 #46 0x00003b2c in _start (argc=1, argv=0xbffffd30, envp=0xbffffd38) at /SourceCache/Csu/Csu-45/crt.c:267 #47 0x000039ac in start () Current language: auto; currently c What's the problem here ? As you can see I am asked for the size of a memory block 0x144fddc, the last bits of the address are 11011100. The allocation routine always leaves the last 4 bits clear, so this memory area can not be a valid memory block. And it's always either in HModifyState or HGetState where this problem occurs, it does look like these two routines are buggy. Finally both Safari and Preview also crash in HModifyState.