Important: Please read the Qt Code of Conduct - https://forum.qt.io/topic/113070/qt-code-of-conduct

[SOLVED] QList's append and prepend SEGFAULTs



  • Hello guys, I've encountered a weird bug within QList's append/prepend method. The segfault rises on one specific line:

     qlist.h@584 and qlist.h@550
     if (d->ref.isShared())  // causes SEGFAULT
    

    and thus I'm really convinced that there's something fishy and not easily reproducible (maybe bug in clang and generated assembly code - this file gets really big - 60k of lines - mainly STL and Qt code). The QList is empty and this error occurs on the very first append/prepend. The structure is as follows (very simplified):

    struct SslErrorPolicy 
    {
        QList<QSslError> m_errors;
        QList<QSslCertificate> m_certs;
        bool proceed;
        // default ctor, dtor, copy ctor, assignment operator
    };
    class Model : public QAbstractItemModel
    {
        Q_OBJECT
        // other properties...
        QList<SslErrorPolicy> m_policies; // the problematic object
    public:
        // tons of stuff ...
    }; 
    

    This crashes at mentioned line (disassembly):

    0x100063f80                    pushq %rbp
    0x100063f81  <+0x0001>         movq %rsp, %rbp
    0x100063f84  <+0x0004>         subq $0x50, %rsp
    0x100063f88  <+0x0008>         movq %rdi, -0x8(%rbp)    
    0x100063f8c  <+0x000c>         movq %rsi, -0x10(%rbp)
    0x100063f90  <+0x0010>         movq -0x8(%rbp), %rsi
    0x100063f94  <+0x0014>         movq (%rsi), %rdi # << HERE >>
    0x100063f97  <+0x0017>         movq %rsi, -0x38(%rbp)
    0x100063f9b  <+0x001b>         callq 0x10016ceca # symbol stub for: QtPrivate::RefCount::isShared() const
    0x100063fa0  <+0x0020>         testb $0x1, %al
    0x100063fa2  <+0x0022>         jne 0x100063fad # <+45> at qlist.h:584
    0x100063fa8  <+0x0028>         jmp 0x100064027 # <+167> at qlist.h:594
    0x100063fad  <+0x002d>         xorl %esi, %esi
    0x100063faf  <+0x002f>         movl $0x1, %edx
    

    This code crashes every time, therefore I can call it a bug, but before I'll commit a new bug, I'd like to have your opinions. This code was generated by clang shipped with Qt 5.5 on OS X 10.10.5 and debugged with lldb.


  • Qt Champions 2019

    You should post your code: complete SslErrorPolicy and how you add elements to m_policies.
    You sad you have a copy constructor in SslErrorPolicy, how is it implemented?



  • It's been solved. "this" pointer was null, thus it was crazy debugging.


Log in to reply