RE: [Wengophone-devel] Closing of bug Ticket #1416

Lukas Oberhuber Sat, 17 Mar 2007 04:18:06 -0800

> Here's a crash trace, with Aurelien's fix (fewer redraws) and Pirmin's
> catch try. Seems the bug happens anyway:
> 
>       msvcp80.dll!std::basic_string<char,std::char_traits<char>,std::alloc
> ator<char> >::size()  Line 1642       C++
> >     QtCore4.dll!QString::fromStdString(const
> std::basic_string<char,std::char_traits<char>,std::allocator<char> > &
> s={...})  Line 806 + 0x11 bytes       C++
>       qtwengophone.exe!QtContact::getId()  Line 99 + 0x17 bytes       C++
>       qtwengophone.exe!QtContactManager::moveContact(const
> std::basic_string<char,std::char_traits<char>,std::allocator<char> > &
> dstGroupId=<Bad Ptr>, const
> std::basic_string<char,std::char_traits<char>,std::allocator<char> > &
> srcGroupId=<Bad Ptr>, const
> std::basic_string<char,std::char_traits<char>,std::allocator<char> > &
> contactId=<Bad Ptr>)  Line 654 + 0x28 bytes   C++
>       qtwengophone.exe!QtContactList::contactMovedEvent(const
> std::basic_string<char,std::char_traits<char>,std::allocator<char> > &
> dstGroupId=<Bad Ptr>, const
> std::basic_string<char,std::char_traits<char>,std::allocator<char> > &
> srcGroupId=<Bad Ptr>, const
> std::basic_string<char,std::char_traits<char>,std::allocator<char> > &
> contactId=<Bad Ptr>)  Line 213        C++
> 
>       qtwengophone.exe!CContactList::contactMovedEventHandlerThreadSafe(st
> d::basic_string<char,std::char_traits<char>,std::allocator<char> >
> dstGroupId=<Bad Ptr>,
> std::basic_string<char,std::char_traits<char>,std::allocator<char> >
> srcGroupId=<Bad Ptr>,
> std::basic_string<char,std::char_traits<char>,std::allocator<char> >
> contactId=<Bad Ptr>)  Line 105        C++
> 
>       qtwengophone.exe!boost::_mfi::mf3<void,CContactList,std::basic_strin
> g<char,std::char_traits<char>,std::allocator<char>
> >,std::basic_string<char,std::char_traits<char>,std::allocator<char>
> >,std::basic_string<char,std::char_traits<char>,std::allocator<char> >
> >::operator()(CContactList * p=0x0ab1fe5c,
> std::basic_string<char,std::char_traits<char>,std::allocator<char> >
> a1=<Bad Ptr>,
> std::basic_string<char,std::char_traits<char>,std::allocator<char> >
> a2=<Bad Ptr>,
> std::basic_string<char,std::char_traits<char>,std::allocator<char> >
> a3=<Bad Ptr>)  Line 353 + 0x65 bytes  C++
>       qtwengophone.exe!boost::_bi::list4<boost::_bi::value<CContactList
> *>,boost::arg<1>,boost::arg<2>,boost::arg<3>
> >::operator()<boost::_mfi::mf3<void,CContactList,std::basic_string<char,st
> d::char_traits<char>,std::allocator<char>
> >,std::basic_string<char,std::char_traits<char>,std::allocator<char>
> >,std::basic_string<char,std::char_traits<char>,std::allocator<char> >
> >,boost::_bi::list3<std::basic_string<char,std::char_traits<char>,std::all
> ocator<char> >
> &,std::basic_string<char,std::char_traits<char>,std::allocator<char> >
> &,std::basic_string<char,std::char_traits<char>,std::allocator<char> > &>
> >(boost::_bi::type<void> __formal={...},
> boost::_mfi::mf3<void,CContactList,std::basic_string<char,std::char_traits
> <char>,std::allocator<char>
> >,std::basic_string<char,std::char_traits<char>,std::allocator<char>
> >,std::basic_string<char,std::char_traits<char>,std::allocator<char> > > &
> f={...},
> boost::_bi::list3<std::basic_string<char,std::char_traits<char>,std::alloc
> ator<char> >
> &,std::basic_string<char,std::char_traits<char>,std::allocator<char> >
> &,std::basic_string<char,std::char_traits<char>,std::allocator<char> > &>
> & a={...}, boost::_bi::type<void> __formal={...})  Line 413   C++
> 
>       qtwengophone.exe!boost::detail::function::void_function_obj_invoker3
> <boost::_bi::bind_t<void,boost::_mfi::mf3<void,CContactList,std::basic_str
> ing<char,std::char_traits<char>,std::allocator<char>
> >,std::basic_string<char,std::char_traits<char>,std::allocator<char>
> >,std::basic_string<char,std::char_traits<char>,std::allocator<char> >
> >,boost::_bi::list4<boost::_bi::value<CContactList
> *>,boost::arg<1>,boost::arg<2>,boost::arg<3> >
> >,void,std::basic_string<char,std::char_traits<char>,std::allocator<char>
> >,std::basic_string<char,std::char_traits<char>,std::allocator<char>
> >,std::basic_string<char,std::char_traits<char>,std::allocator<char> >
> >::invoke(boost::detail::function::any_pointer function_obj_ptr={...},
> std::basic_string<char,std::char_traits<char>,std::allocator<char> >
> a0=<Bad Ptr>,
> std::basic_string<char,std::char_traits<char>,std::allocator<char> >
> a1=<Bad Ptr>,
> std::basic_string<char,std::char_traits<char>,std::allocator<char> >
> a2=<Bad Ptr>)  Line 137       C++
> 
>       qtwengophone.exe!boost::function3<void,std::basic_string<char,std::c
> har_traits<char>,std::allocator<char>
> >,std::basic_string<char,std::char_traits<char>,std::allocator<char>
> >,std::basic_string<char,std::char_traits<char>,std::allocator<char>
> >,std::allocator<void>
> >::operator()(std::basic_string<char,std::char_traits<char>,std::allocator
> <char> > a0=<Bad Ptr>,
> std::basic_string<char,std::char_traits<char>,std::allocator<char> >
> a1=<Bad Ptr>,
> std::basic_string<char,std::char_traits<char>,std::allocator<char> >
> a2=<Bad Ptr>)  Line 576 + 0x66 bytes  C++
>       qtwengophone.exe!ThreadEvent3<void
> __cdecl(std::basic_string<char,std::char_traits<char>,std::allocator<char>
> >,std::basic_string<char,std::char_traits<char>,std::allocator<char>
> >,std::basic_string<char,std::char_traits<char>,std::allocator<char>
> >),std::basic_string<char,std::char_traits<char>,std::allocator<char>
> >,std::basic_string<char,std::char_traits<char>,std::allocator<char>
> >,std::basic_string<char,std::char_traits<char>,std::allocator<char> >
> >::callback()  Line 161       C++
>       qtwengophone.exe!ThreadEventFilter::eventFilter(QObject *
> watched=0x039c1628, QEvent * event=0x105c5740)  Line 34       C++
>       QtGui4.dll!QApplicationPrivate::notify_helper(QObject *
> receiver=0x039c1628, QEvent * e=0x105c5740)  Line 3111 + 0xd bytes
>       C++
>       QtGui4.dll!QApplication::notify(QObject * receiver=0x039c1628,
> QEvent * e=0x005c5740)  Line 2776 + 0x10 bytes        C++
>       QtCore4.dll!QCoreApplication::sendEvent(QObject *
> receiver=0x039c1628, QEvent * event=0x105c5740)  Line 171 + 0x22 bytes
>       C++
>       QtCore4.dll!QCoreApplication::sendPostedEvents(QObject *
> receiver=0x00000000, int event_type=0x00000000)  Line 975     C++
>       QtCore4.dll!QEventDispatcherWin32::processEvents(QFlags<enum
> QEventLoop::ProcessEventsFlag> flags={...})  Line 386 + 0x16 bytes
>       C++
>       QtGui4.dll!QGuiEventDispatcherWin32::processEvents(QFlags<enum
> QEventLoop::ProcessEventsFlag> flags={...})  Line 958 + 0xf bytes     C++
>       QtCore4.dll!QEventLoop::processEvents(QFlags<enum
> QEventLoop::ProcessEventsFlag> flags={...})  Line 125 C++
>       QtCore4.dll!QEventLoop::exec(QFlags<enum
> QEventLoop::ProcessEventsFlag> flags={...})  Line 164 + 0xc bytes     C++
>       QtCore4.dll!QCoreApplication::exec()  Line 662 + 0x17 bytes     C++
>       qtwengophone.exe!main(int argc=0x00000001, char * * argv=0x023155d0)
> Line 191      C++
>       qtwengophone.exe!__tmainCRTStartup()  Line 597 + 0x17 bytes     C
>       kernel32.dll!7c816fd7()
>       [Frames below may be incorrect and/or missing, no symbols loaded for
> kernel32.dll]


I did a little research and something strange is happening here in the stack
trace.

The call to eventFilter 
ThreadEventFilter::eventFilter(QObject * watched=0x039c1628, QEvent *
event=0x105c5740)  Line 34      C++

is not doing what I would expect. Below the code of the method (it crashes
on the call to threadEvent->callback()):

--code--
bool ThreadEventFilter::eventFilter(QObject * watched, QEvent * event) {
        if (event->type() == QtThreadEvent::EventValue) {
                QtThreadEvent * threadEvent = (QtThreadEvent *) event;
                threadEvent->callback();
                return true;
        }
        return QObject::eventFilter(watched, event);
}
--code--

The code for QtThreadEvent::callback() is the following (line 56) which is
what we would expect to be called based on the cast:

--code--
        void callback() {
                _threadEventPrivate->callback();
        }
--code--

but this method is not called. Instead, this other method is called. 

>       qtwengophone.exe!ThreadEvent3<void
> __cdecl(std::basic_string<char,std::char_traits<char>,std::allocator<char>
> >,std::basic_string<char,std::char_traits<char>,std::allocator<char>
> >,std::basic_string<char,std::char_traits<char>,std::allocator<char>
> >),std::basic_string<char,std::char_traits<char>,std::allocator<char>
> >,std::basic_string<char,std::char_traits<char>,std::allocator<char>
> >,std::basic_string<char,std::char_traits<char>,std::allocator<char> >
> >::callback()  Line 161       C++

Once this method is called, if you look above it in the stack trace, all the
pointers that are passed are garbage.

Hope this helps,

-Lukas

_______________________________________________
Wengophone-devel mailing list
[email protected]
http://dev.openwengo.com/mailman/listinfo/wengophone-devel

RE: [Wengophone-devel] Closing of bug Ticket #1416

Reply via email to