[Qt-interest] SegFaults I cannot interpret

Thiago Macieira thiago.macieira at trolltech.com
Wed Feb 25 15:26:26 CET 2009 

Em Quarta-feira 25 Fevereiro 2009, às 11:06:51, Andrea Franceschini escreveu:
> 2009/2/24 Thiago Macieira <thiago.macieira at trolltech.com>:
> > When you're out of other options, you can always resort to reducing your
> > code until you can no longer reproduce the problem.
>
> Actually I did that and both cases happened:
> 1. I got apparently rid of the problem without reducing that much the code
> 2. I still got the problem after a heavy strip down.
>
> Let me point out that the simple non-existence of this problem is
> quite hard to track because if it does exist, it may not show up at a
> given time and if it doesn't exist, you'll never be sure.

That means you've found yourself a Heisenbug: "A heisenbug (named after the 
Heisenberg Uncertainty Principle) is a computer bug that disappears or alters 
its characteristics when an attempt is made to study it."
[ http://en.wikipedia.org/wiki/Heisenbug#Heisenbug ]

Those come at an unsurprisingly high rate when threads are involved.

> > So, my guesses are:
> > 1) Doodle::Painter::paint is accessing a QList object before it is
> > initialised or after it was deleted
>
> This is the reason for which I put mutexes around the regions that
> accessed those objects, and it didn't change anything.
> Is there any chance I can detect such a case from the code and behave
> accordingly?
>
> > 2) you've got a memory overrun somewhere and you're writing garbage to
> > QList::d
>
> Isn't this a thing that valgrind is supposed to tell me?

Not really. Valgrind's memcheck is capable of many things, but others are 
beyond its ability. Take the two examples below, for instance:

	struct One {
		int data[10];
	};

	struct Two {
		int data[10];
		int moreData;
	};

	One *one = new One;
	Two *two = new Two;
	one->data[10] = 0;
	two->data[10] = 0;

Valgrind will tell you you have an invalid write of 4 bytes, 0 bytes past a 
block of 40 in the "one" case, but it won't tell you anything about the second 
case. The reason for that is that valgrind can't differentiate an access to 
two->data[10] and two->moreData.

Usually, you don't keep QList pointers. So, the majority of the cases have 
QList members. It's quite possible that the previous or next item in the 
structure is doing something wrong.

In any case, you may try Valgrind's helgrind tool.

-- 
Thiago Macieira - thiago.macieira (AT) nokia.com
  Senior Product Manager - Nokia, Qt Software
     Sandakerveien 116, NO-0402 Oslo, Norway
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part.
Url : http://lists.qt-project.org/pipermail/qt-interest-old/attachments/20090225/6906360a/attachment.bin

More information about the Qt-interest-old mailing list