Qt Application Crash -- Please help

shyamc · wrote on 7 Mar 2011, 13:56

Hi All,

Our application continuously reads from a socket and updates a Qmap. When I run the code, application crashes with following error. Can someone help in getting this resolved.

0 malloc_consolidate /lib/libc.so.6 0 0x00a988d8
1 _int_malloc /lib/libc.so.6 0 0x00a9ace3
2 malloc /lib/libc.so.6 0 0x00a9cd87
3 qMalloc qmalloc.cpp 55 0x0049c65d
4 QByteArray::resize qbytearray.cpp 1370 0x004a5645
5 UDPCommunicationUtil::processPendingDatagrams udpcommunicationutil.cpp 128 0x0818fb3d
6 UDPCommunicationUtil::run udpcommunicationutil.cpp 164 0x0818fced
7 QThreadPrivate::start qthread_unix.cpp 248 0x004a23ce
8 start_thread /lib/libpthread.so.0 0 0x00bad5ab
9 clone /lib/libc.so.6 0 0x00b02cfe

Relevant code:
@
QByteArray *datagram=new QByteArray();
line 128: datagram->resize(pendingDataSize);
//qDebug()<<"PendingDataSize is 2 :: "<<datagram.size();
if(udpSocket->readDatagram(datagram->data(), datagram->size(),&PeerIp,&UdpPort) != -1)
{
//process the data gram...
}
delete datagram;
datagram = 0;
@

Regards,
Shyam

[EDIT: code formatting, please wrap in @-Tags and indent, Volker]

goetz · wrote on 7 Mar 2011, 14:02

First: Use QByteArray as a value type, it's almost never necessary to allocate it on the heap and use it via a pointer.

In your case, something must be going on between the new and the resize. Can you post the complete code on pastebin?

novaktamas · wrote on 7 Mar 2011, 14:09

I don't know why this crashes, but last line
datagram= 0;
is surely unneccessary. This is a pointer, which points to a valid QByteArray after line 1.
The occupied memory got released in line 8 (pointer still points to the same address, but no reserved memory there any more). If you set pointer to address 0 (line 9), and then you do anything with that pointer, it will crash, as there is no valid QByteArray structure at address 0.

goetz · wrote on 7 Mar 2011, 14:15

[quote author="novaktamas" date="1299506976"]I don't know why this crashes, but last line
datagram= 0;
is surely unneccessary. This is a pointer, which points to a valid QByteArray after line 1.
The occupied memory got released in line 8 (pointer still points to the same address, but no reserved memory there any more). If you set pointer to address 0 (line 9), and then you do anything with that pointer, it will crash, as there is no valid QByteArray structure at address 0.
[/quote]

It's valid (and good practice) to set a pointer to null after it was deleted (at least if you do use the pointer elswhere, what we do not know out of this code snippet). You can easily check if the pointer is still valid (= non null). The other way round makes a disaster: You cannot distinguish between a dangling and a valid pointer if it is set to non null value but you can always check safely for null pointers.

shyamc · wrote on 7 Mar 2011, 15:02

Thanks for your replies.
As such there is no code in between creation and resize. Its just crashing on the resize line.
Its appropriate to check for validity before delete, but the crash happens way before that at resize line.

goetz · wrote on 7 Mar 2011, 15:56

Can you make a small program that demonstrates only the error, please. We'll have a look at it. At the moment it's hard to tell what's going wrong without some actual running code.

Please do not post your current project, but boil it down to just a demonstration case for your problem. Feel free to post here or at pastebin.

shyamc · wrote on 7 Mar 2011, 17:10

Hi Volker,

Here is the sample code:
main.cpp

@
#include <QtGui/QApplication>
#include "mainwindow.h"

int main(int argc, char *argv[])
{
QApplication a(argc, argv);
udpComm=new UDPCommunicationUtil(plcConnectionObject,bindingPort);
udpComm->start();
return a.exec();
}
UDPCommunicationUtil.cpp

#include "udpcommunicationutil.h"
#include <QtGui>
#include <QtNetwork>
#include <sys/types.h>

#ifdef Q_OS_WIN
#include <winsock2.h>
#include <ws2tcpip.h>
#endif
#ifdef Q_OS_UNIX
#include <sys/socket.h>
#include <netinet/in.h>
#include <arpa/inet.h>
#include <netdb.h>
#endif

UDPCommunicationUtil::UDPCommunicationUtil(ConnectionObject *connectionObject,int bindingport)
{
this->connectionObject=connectionObject;
sockDataParser= new SocketDataParser();
sockDataParser->setParent(this);
this->bindingPort=bindingport;
udpSocket = new QUdpSocket;
udpSocket->bind(this->bindingPort,QUdpSocket::ShareAddress | QUdpSocket::ReuseAddressHint);
waitForTurn = false;
activeIP="";
setStackSize(100000);

}
void UDPCommunicationUtil::processPendingDatagrams()
{
if(waitForTurn == false )
{
waitForTurn = true;
QHostAddress PeerIp;
quint16 UdpPort=6000;
try{
while (udpSocket->hasPendingDatagrams())
{
quint64 pendingDataSize=udpSocket->pendingDatagramSize();
if(pendingDataSize > 0 )
{
QByteArray *datagram=new QByteArray();
datagram->resize(pendingDataSize);
if(udpSocket->readDatagram(datagram->data(), datagram->size(),&PeerIp,&UdpPort) != -1)
{
//process data
}
delete datagram;
datagram=0;
}

        }

    } catch ( ... ){
        qDebug()<<"Error occurred in UDPCommunicationUtil::processPendingDatagrams in else condition";
    }
    waitForTurn = false;
}

}

void UDPCommunicationUtil::run()
{
while(true)
{
processPendingDatagrams();
msleep(20);
}
}
@

EDIR: please look @-tags for code highlioghting... (Gerolf)

dialingo · wrote on 7 Mar 2011, 17:58

This code can not be compiled because “udpcommunicationutil.h” is missing.

goetz · wrote on 7 Mar 2011, 19:20

[quote author="Volker" date="1299513400"]Can you make a small program that demonstrates only the error, please. We'll have a look at it. At the moment it's hard to tell what's going wrong without some actual running code.

Please do not post your current project, but boil it down to just a demonstration case for your problem. Feel free to post here or at pastebin.[/quote]

Please follow the requests we've made. Boil down your problem to a program which is

small
complete
compilable
running

And demonstrates the error. Nothing more, nothing less. Leave out anything that does not add to the problem (i.e. we are not interested in your UDP communication unless it is the cause of the problem).

You should be able to put the problematic code into a single main function in your case.

We will not be able to test your program with that UDP processing, as we do not have the data that comes in.

Make the testcase yourself - if you're lucky you will find the error yourself.

shyamc · wrote on 10 Mar 2011, 12:04

Sorry for getting back bit late, actually we were trying to get to the root of the problem. While working on that we realized that the application is getting into a race condition.

We have a QList containing various values. The main application reads from this list continuously and we have forked off a thread passing pointer of this list, which would update this same list. Both work perfect till they reach a condition where in the thread class tries to write to it while the main one tries to read from it. Here the application is crashing.
We are using QList.replace function to write to the list.

Any suggestions/advice please?

goetz · wrote on 10 Mar 2011, 12:51

Use "QMutex":http://doc.qt.nokia.com/4.7/qmutex.html and friends to synchronize the access to the data. And read an "Thread Support in Qt":http://doc.qt.nokia.com/4.7/threads.html with some introdoction into the multithreading spcial problems. And of course you shouldn't miss peppe's great article on "Threads, Events and QObjects":http://developer.qt.nokia.com/wiki/Threads_Events_QObjects.