[Qt-interest] Crash in ~QByteArray

Josiah Bryan jbryan at productiveconcepts.com
Tue Feb 9 14:35:52 CET 2010 

Hey all -

I've got a puzzling problem. I've written a multipart/x-mixed-replace 
client to handle MJPEG video from IP cameras - very very simple class, 
based on QTcpSocket. Anyway, dataReady() slot (connected to the socket's 
readyRead() signal). It simply looks like this:

void MjpegClient::dataReady() {
QByteArray bytes = m_socket->readAll();
if(bytes.size() > 0) {
	m_dataBlock.append(bytes);
	processBlock();
}
if(m_socket->bytesAvailable())
	QTimer::singleShot(0, this, SLOT(dataReady()));
}

m_dataBlock is a QByteArray which gets chopped up in the processBlock() 
method. (The processBlock() takes the images from the start of 
m_dataBlock, leaving any incomplete images in m_dataBlock till the rest 
of the bytes are received.)

Anyway, after letting it run for an indeterminate amount of time, it 
consistently crashes at the end of dataReady() in a QByteArray 
destructor. The gdb stack trace looks like this (Qt 4.6.1):

#0  0x00110402 in __kernel_vsyscall ()
#1  0x00b7e690 in raise () from /lib/libc.so.6
#2  0x00b7ff91 in abort () from /lib/libc.so.6
#3  0x00bb69eb in __libc_message () from /lib/libc.so.6
#4  0x00bbcd5d in malloc_consolidate () from /lib/libc.so.6
#5  0x00bbe7fb in _int_free () from /lib/libc.so.6
#6  0x00bc20f0 in free () from /lib/libc.so.6
#7  0x002a6b2d in qFree (ptr=0x9405330) at 
/var/tmp/qt-x11-src-4.6.1/src/corelib/global/qmalloc.cpp:60
#8  0x0804d445 in ~QByteArray (this=0xbf889680) at 
/opt/qtsdk-2010.01/qt/include/QtCore/qbytearray.h:382
#9  0x0804c20d in MjpegClient::dataReady (this=0x93d7718) at 
../common/MjpegClient.cpp:97
#10 0x080593cb in MjpegClient::qt_metacall (this=0x93d7718, 
_c=QMetaObject::InvokeMetaMethod, _id=4, _a=0xbf889740) at 
.build/moc_MjpegClient.cpp:90
[snipped]

MjpegClient.cpp:97 is the closing bracket of dataReady().

Now, I've tried running valgrind's memcheck on the resulting executable 
- it doesn't find one bloody leek or problem that I can see.

I've also tried using a malloc'd buffer to dump the socket data into 
instead of using readAll(), but it still crashed. The code was something 
like:

int bytes = m_socket->bytesAvailable();
char * buffer = malloc(sizeof(char) * bytes);
assert(buffer != NULL);
int bytesRead = m_socket->read(buffer, bytes);
m_dataBlock.append(buffer);
free(buffer);

That's from memory - but the code worked as desired - but it still 
crashed - though at a different point - I think it was deep inside 
readAll() for that crash.

Anyone have any ideas on how to troubleshoot this?

Thanks.
-josiah

-- 

-=-=-=-=-=-=-=-=-=-=-=-=-
Josiah Bryan
Productive Concepts, Inc.
jbryan at pciint.com
(765) 964-6009, ext. 224

More information about the Qt-interest-old mailing list