Another OS X crash, possibly libpng related

I know it seems like I’m either being malicious or I can’t
write code to save my life but I seem to have struck the
same bug that the new frameworks apparently fixed the
first time around. The crash has the same symptoms
as previous (the parameters to the function are
overwritten) and happens inside the same function
saveFP()).

Backtrace:

Hardware watchpoint 3: tex
Old value = (struct txm_texture ) 0x10578
New value = (struct txm_texture ) 0x0
0x3100b640 in saveFP ()
(gdb) bt
#0 0x3100b640 in saveFP ()
#1 0x31003abc in IMG_LoadPNG_RW ()
#2 0x00006040 in load_single_texture (tex=0x0, p_ind=0x0) at txm.c:407
#3 0x00006ac4 in load_textures () at txm.c:590
#4 0x00006ccc in txm_load () at txm.c:621
#5 0x000030f0 in init_gl () at test_txm01.c:44
#6 0x00007264 in SDL_main (argc=1, argv=0xbffffca4) at entry.c:98
#7 0x000040cc in -[SDLMain applicationDidFinishLaunching:]
(self=0x378590, _cmd=0x0, note=0x3e8) at macosx/SDLMain.m:243
#8 0x90a27aec in _nsnote_callback ()
#9 0x901da4a8 in __CFXNotificationPost ()
#10 0x901deeb8 in _CFXNotificationPostNotification ()
#11 0x90a25938 in -[NSNotificationCenter
postNotificationName:object:userInfo:] ()
#12 0x92f93380 in -[NSApplication _postDidFinishNotification] ()
#13 0x92f9326c in -[NSApplication _sendFinishLaunchingNotification] ()
#14 0x92f9349c in -[NSApplication(NSAppleEventHandling)
_handleCoreEvent:withReplyEvent:] ()
#15 0x90a7af70 in -[NSAppleEventManager
dispatchRawAppleEvent:withRawReply:handlerRefCon:] ()
#16 0x90a81808 in _NSAppleEventManagerGenericHandler ()
#17 0x9272ba10 in aeDispatchAppleEvent(AEDesc const
, AEDesc
,
unsigned long, unsigned char*) ()
#18 0x9272e858 in dispatchEventAndSendReply(AEDesc const*, AEDesc*) ()
#19 0x9272bc50 in aeProcessAppleEvent ()
#20 0x92975224 in AEProcessAppleEvent ()
#21 0x92e82484 in _DPSNextEvent ()
#22 0x92e98d2c in -[NSApplication
nextEventMatchingMask:untilDate:inMode:dequeue:] ()
#23 0x92ead0ac in -[NSApplication run] ()
#24 0x0000405c in CustomApplicationMain (argc=3638672, argv=0) at
macosx/SDLMain.m:221
#25 0x00004290 in main (argc=1, argv=0xbffffca4) at macosx/SDLMain.m:315

I am linking against the latest (testing) frameworks.

I know it seems like I’m either being malicious or I can’t
write code to save my life but I seem to have struck the
same bug that the new frameworks apparently fixed the
first time around. The crash has the same symptoms
as previous (the parameters to the function are
overwritten) and happens inside the same function
saveFP()).

Please send me the png in question (and if possible, the source code
that is crashing) off list and I’ll take a look.

–ryan.

I changed a few things around and the crash has mysteriously
stopped. I’ve been sitting here for half an hour trying to reproduce
it but no luck so far. It seemed to happen when there were a lot of
local variables, say 100 bytes or so of stack space. I’ll let you
know if I manage to crash it again.

a1On 2/7/06, Ryan C. Gordon wrote:

I know it seems like I’m either being malicious or I can’t
write code to save my life but I seem to have struck the
same bug that the new frameworks apparently fixed the
first time around. The crash has the same symptoms
as previous (the parameters to the function are
overwritten) and happens inside the same function
saveFP()).

Please send me the png in question (and if possible, the source code
that is crashing) off list and I’ll take a look.

–ryan.