[Interest] Internal Qt bug or incorrect user API call?

T Stutts taycode at gmail.com
Sat Aug 9 01:46:14 CEST 2014 

Hi,
This is a copy of my post at http://qt-project.org/forums/viewthread/46102/
and I am taking the replied suggestion of asking the mailing list. I hope
the copy/pasted markup is okay.

What does this line
<https://qt.gitorious.org/qt/digia-qt/source/705b0f958a6071341b10cbd51917e1378356491b:src/corelib/tools/qvarlengtharray.h#L194this>
 *[qt.gitorious.org <http://qt.gitorious.org>]* line do?
I am referring to the line


   1. new (ptr+(s++)) T(*abuf++);

in this function:


   1. template <class T, int Prealloc>
   2. Q_OUTOFLINE_TEMPLATE void QVarLengthArray
   <http://qt-project.org/doc/QVarLengthArray.html><T,Prealloc>::append(
   const T *abuf, int increment)
   3. {
   4.     Q_ASSERT(abuf);
   5.     if (increment <= 0)
   6.         return;
   7.
   8.     const int asize = s + increment;
   9.
   10.     if (asize >= a)
   11.         realloc(s, qMax(s*2, asize));
   12.
   13.     if (QTypeInfo <http://qt-project.org/doc/QTypeInfo.html><T>::
   isComplex) {
   14.         // call constructor for new objects (which can throw)
   15.         while (s < asize)
   16.             new (ptr+(s++)) T(*abuf++);
   17.     } else {
   18.         qMemCopy(&ptr[s], abuf, increment * sizeof(T));
   19.         s = asize;
   20.     }
   21. }

It looks to me like an explicit memory leak (see new()
<http://en.cppreference.com/w/cpp/language/new> *[en.cppreference.com
<http://en.cppreference.com>]*).
It expressly allocates dynamic memory and does not store the pointer
anywhere, unless Qt has its own allocation implementation (ie
set_new_handler()
<http://en.cppreference.com/w/cpp/memory/new/set_new_handler>*[en.cppreference.com
<http://en.cppreference.com>]*).

I am asking because I am seeing random crashes in my ODBC application when
retrieving an output parameter.
Tracing the call, it's coming from an access violation attempting to read
the location of*abuf* in the above *append()* function called from this
line in QODBCResult::exec()
<https://qt.gitorious.org/qt/digia-qt/source/705b0f958a6071341b10cbd51917e1378356491b:src/sql/drivers/odbc/qsql_odbc.cpp#L1655>*[qt.gitorious.org
<http://qt.gitorious.org>]*.

   1. array.append((SQLTCHAR *)first.constData(), first.size());

Normally this pointer seems correct, except when it crashes (debugging in
Visual Studio 2012) with a read access violation because this pointer is
apparently unreadable. Stepping back to *QODBCResult::exec()*, the
variables seem normal and the output parameter seems to have been retrieved
properly.

What is causing this? How can I fix it?
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.qt-project.org/pipermail/interest/attachments/20140808/1417f6cc/attachment.html>

More information about the Interest mailing list