hello,
we received a zombie crash which confused us long time, seems like double free, can you give us some advices about this crash? very confused , this crash can not be caught in xcode (instruments -> Zombie). this is full log, thx !
zombie crash (double) which can not be caught
Exception Type: EXC_BAD_ACCESS (SIGSEGV)
Exception Subtype: KERN_INVALID_ADDRESS at 0x0000000441746590
VM Region Info: 0x441746590 is not in any region. Bytes after previous region: 7003727249 Bytes before following region: 49367718512
REGION TYPE START - END [ VSIZE] PRT/MAX SHRMOD REGION DETAIL
MALLOC_NANO 280000000-2a0000000 [512.0M] rw-/rwx SM=COW
---> GAP OF 0xd20000000 BYTES
commpage (reserved) fc0000000-1000000000 [ 1.0G] ---/--- SM=NUL ...(unallocated)
This isn't a zombie, because the memory address in question (0x0000000441746590) is not in a VM region that is utilized. Notice the GAP with the arrow, compared to information about the surrounding VM regions. A potential zombie has a memory address at a location where a valid object once resided.
Thread 0 name:
Thread 0 Crashed:
0 libobjc.A.dylib 0x00000001a22f7c10 objc_release + 16 (objc-object.h:756)
1 CoreFoundation 0x000000018e5****8 cow_cleanup + 168 (NSCollectionAux.h:48)
2 CoreFoundation 0x000000018e445274 -[__NSDictionaryM dealloc] + 144 (NSDictionaryM.m:439)
3 AFNetworking 0x0000000105fc2cc8 0x105fbc000 + 27848
4 libsystem_blocks.dylib 0x00000001d6990784 _Block_release + 188 (runtime.cpp:176)
While objc_release at the stop of the crashed thread is an indicator of a zombie, the other detail about the memory address rules this out. What you're looking at here is a crash because the runtime was asked to release an object at a memory address that is not, and never was, an Objective-C object. The next debugging technique I'd apply are detailed in the documentation, namely working through the different sanitizers to figure out if something corrupted a memory address.