[Qt-interest] Qt-linked plugin crashes on _unload_image()

Matthew Mott matthewm at imagineersystems.com
Thu Nov 19 14:56:14 CET 2009 

Hello,

We are writing a plugin for a 64-bit Mac host application which is loaded and 
unloaded dynamically. The plugin is written in C and C++ and statically linked 
against Qt 4.5 on 64-bit Mac OS; we do not use any Objective-C code ourselves. 
Since our code is a plugin which runs within a host application, we do not 
(and cannot) create a QApplication.

Although our plugin loads and runs without problems, at application shutdown 
the following crash is encountered in the Objective C runtime:

#0  0x00007fff846d631a in removeSubclass (supercls=0x7fff7070c200, 
subcls=0x124dfeca0) at runtime/objc-runtime-new.m:870
#1  0x00007fff846d8067 in _unload_image (hi=0x12223a710) at runtime/objc-
runtime-new.m:1722
#2  0x00007fff846cd418 in _objc_unmap_image (hi=0x12223a710) at runtime/objc-
runtime.m:962
#3  0x00007fff846cd305 in unmap_image (mh=0x12356e000, 
vmaddr_slide=4887863296) at runtime/objc-runtime.m:920
#4  0x00007fff5fc02b67 in __dyld__ZN4dyld11removeImageEP11ImageLoader ()
#5  0x00007fff5fc02d6f in __dyld__ZN4dyld20garbageCollectImagesEv ()
#6  0x00007fff5fc0ac56 in __dyld_dlclose ()
#7  0x00007fff80059755 in dlclose ()
#8  0x00007fff8413ad09 in _CFBundleDlfcnUnload ()
#9  0x00007fff8413cec9 in CFBundleUnloadExecutable ()
...

The line of code which is crashing is 870 (runtime/objc-runtime-new.m:870) in 
the following listing:

865	    OBJC_CHECK_LOCKED(&runtimeLock);
866	    assert(getSuperclass(subcls) == supercls);
867	
868	    class_t **cp;
869	    for (cp = &supercls->data->firstSubclass; 
870	         *cp  &&  *cp != subcls; 
871	         cp = &(*cp)->data->nextSiblingClass)
872	        ;
873	    assert(*cp == subcls);
874	    *cp = subcls->data->nextSiblingClass;

By tracing through execution we have identified that the problem occurs when 
the variable cp points to an invalid location, which is caused by the 
nextSiblingClass pointer in 871 being invalid. This happens when attempting to 
remove QCocoaWindowDelegate as a subclass of NSObject.

Although we are not using any Cocoa or GUI widget classes directly, presumably 
they must be initialised or registered in some way by the QtGui library, but 
this initialisation seems to either have not been completed correctly, or to 
have become corrupted at a later stage.

Any advice on what might cause this issue or how we could go about 
investigating and resolving it would be appreciated.

Regards,
Matthew

More information about the Qt-interest-old mailing list