KVO/KVC crash on reloading previously unloaded bundles

Originator:joerick
Number:rdar://11017946 Date Originated:09-Mar-2012 09:06 AM
Status:Open Resolved:
Product: Product Version:
Classification: Reproducible:
 
09-Mar-2012 09:06 AM Joe Rickerby:
Summary:

I'm running into an issue with loadable bundles and KVO. It seems that any class that has KVO observers attached to an instance of it cannot be safely be unloaded via NSBundle's -unload method.

Steps to Reproduce:

I'm doing the following:

for (int i = 0; i < 100; i++)
{
    [bundle load];

    Class bundleClass = [bundle principalClass];

    [[[bundleClass alloc] init] release];

    [bundle unload];
}
And in the bundle's principle class -init method,

    [self addObserver: self 
           forKeyPath: @"name"
              options: 0
              context: nil];

    self.name = @"jim";
The loop gets through a number of iterations, sometimes crashing on the second time round, sometimes on the thirtieth.

Expected Results:

I'm expecting this to work successfully, and for the loop to complete.

Actual Results:

It always crashes with this backtrace, with the EXC_BAD_ACCESS signal.

#0  0x00007fff8a30deab in objc_msgSend ()
#1  0x00007fff8609d862 in NSKeyValueNotifyObserver ()
#2  0x00007fff860be99b in NSKeyValueDidChange ()
#3  0x00007fff8606b0fb in -[NSObject(NSKeyValueObserverNotification) didChangeValueForKey:] ()
#4  0x00000001007a4c2c in -[Bundle init] (self=0x101902130, _cmd=0x7fff8ea369b0) at /Users/joerick/Desktop/bundleTest/testbundle/Bundle.m:26
#5  0x0000000100001731 in -[SIAppDelegate applicationDidFinishLaunching:] (self=0x100326a90, _cmd=0x7fff876e285f, aNotification=0x100131ea0) at /Users/joerick/Desktop/bundleTest/bundleTest/SIAppDelegate.m:28
#6  0x00007fff8606ade2 in __-[NSNotificationCenter addObserver:selector:name:object:]_block_invoke_1 ()
#7  0x00007fff8b470e0a in _CFXNotificationPost ()
#8  0x00007fff86057097 in -[NSNotificationCenter postNotificationName:object:userInfo:] ()
#9  0x00007fff8e1bbaa7 in -[NSApplication _postDidFinishNotification] ()
#10 0x00007fff8e1bb80d in -[NSApplication _sendFinishLaunchingNotification] ()

Regression:

I've tested this on OS X 10.7.3

Notes:

I've posted the full source code here
https://gist.github.com/1799355

You can download a zip file of the example project
https://gist.github.com/raw/1799355/4a9be98963e022d1c927867ce76324b83e1f8efa/bundleTest.zip

Comments


Please note: Reports posted here will not necessarily be seen by Apple. All problems should be submitted at bugreport.apple.com before they are posted here. Please only post information for Radars that you have filed yourself, and please do not include Apple confidential information in your posts. Thank you!