Здравствуйте.
Имеется приложение, которое после вызова new падает с segfault. Проблема в том, что падает не в одном и том же месте, а в разных местах, но всегда при аллокации памяти.
Как я понимаю, проблема в том, что где-то бьётся куча, и при очередном выделнии памяти становится всё плохо.
Пробовал гонять valgrind - результаты нулевые: всего лишь показывает stacktrace.
Как узнать, в чём причина падений?
Выдача valgrind:
valgrind --tool=memcheck --leak-check=full ./yagf
==3388== Memcheck, a memory error detector
==3388== Copyright (C) 2002-2015, and GNU GPL'd, by Julian Seward et al.
==3388== Using Valgrind-3.12.0.SVN and LibVEX; rerun with -h for copyright info
==3388== Command: ./yagf
==3388==
QMetaObject::connectSlotsByName: No matching signal for on_actionSelect_HTML_format_activated()
QMetaObject::connectSlotsByName: No matching signal for on_actionCheck_spelling_activated()
QMetaObject::connectSlotsByName: No matching signal for on_actionSave_block_activated()
QMetaObject::connectSlotsByName: No matching signal for on_actionSave_current_image_activated()
QMetaObject::connectSlotsByName: No matching signal for on_actionRecognize_block_activated()
QMetaObject::connectSlotsByName: No matching signal for on_ActionDeleteBlock_activated()
QMetaObject::connectSlotsByName: No matching signal for on_ActionClearAllBlocks_activated()
We got some errors while running testparm "Load smb config files from /etc/samba/smb.conf\nLoaded services file OK.\nWARNING: The 'netbios name' is too long (max. 15 chars).\n\n"
==3388== Syscall param writev(vector[...]) points to uninitialised byte(s)
==3388== at 0x6D9296D: ??? (syscall-template.S:84)
==3388== by 0x9557F28: write_vec (xcb_conn.c:257)
==3388== by 0x9557F28: _xcb_conn_wait (xcb_conn.c:502)
==3388== by 0x955831C: _xcb_out_send (xcb_out.c:399)
==3388== by 0x9558A76: _xcb_out_flush_to (xcb_out.c:423)
==3388== by 0x9558C43: xcb_flush (xcb_out.c:358)
==3388== by 0x412AB92: QXcbWindow::setCursor(unsigned int) (in /usr/lib/x86_64-linux-gnu/libQt5XcbQpa.so.5.6.1)
==3388== by 0x4135EE1: ??? (in /usr/lib/x86_64-linux-gnu/libQt5XcbQpa.so.5.6.1)
==3388== by 0x55CCDC9: QWindowPrivate::setCursor(QCursor const*) (in /usr/lib/x86_64-linux-gnu/libQt5Gui.so.5.6.1)
==3388== by 0x4FC6AEE: ??? (in /usr/lib/x86_64-linux-gnu/libQt5Widgets.so.5.6.1)
==3388== by 0x4FD0F78: QWidget::setCursor(QCursor const&) (in /usr/lib/x86_64-linux-gnu/libQt5Widgets.so.5.6.1)
==3388== by 0x1416BC05: ??? (in /usr/lib/x86_64-linux-gnu/libKF5WidgetsAddons.so.5.28.0)
==3388== by 0x5CFFBEB: QMetaObject::activate(QObject*, int, int, void**) (in /usr/lib/x86_64-linux-gnu/libQt5Core.so.5.6.1)
==3388== Address 0xd7ea1c6 is 4,582 bytes inside a block of size 21,152 alloc'd
==3388== at 0x4C2EB55: calloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==3388== by 0x95578DB: xcb_connect_to_fd (xcb_conn.c:325)
==3388== by 0x955B610: xcb_connect_to_display_with_auth_info (xcb_util.c:523)
==3388== by 0x75FF7E9: _XConnectXCB (in /usr/lib/x86_64-linux-gnu/libX11.so.6.3.0)
==3388== by 0x75F0361: XOpenDisplay (in /usr/lib/x86_64-linux-gnu/libX11.so.6.3.0)
==3388== by 0x41172F3: QXcbConnection::QXcbConnection(QXcbNativeInterface*, bool, unsigned int, char const*) (in /usr/lib/x86_64-linux-gnu/libQt5XcbQpa.so.5.6.1)
==3388== by 0x411A9BD: QXcbIntegration::QXcbIntegration(QStringList const&, int&, char**) (in /usr/lib/x86_64-linux-gnu/libQt5XcbQpa.so.5.6.1)
==3388== by 0x40294AC: ??? (in /usr/lib/x86_64-linux-gnu/qt5/plugins/platforms/libqxcb.so)
==3388== by 0x55ABC3C: QPlatformIntegrationFactory::create(QString const&, QStringList const&, int&, char**, QString const&) (in /usr/lib/x86_64-linux-gnu/libQt5Gui.so.5.6.1)
==3388== by 0x55BA2E4: QGuiApplicationPrivate::createPlatformIntegration() (in /usr/lib/x86_64-linux-gnu/libQt5Gui.so.5.6.1)
==3388== by 0x55BB0FC: QGuiApplicationPrivate::createEventDispatcher() (in /usr/lib/x86_64-linux-gnu/libQt5Gui.so.5.6.1)
==3388== by 0x5CD86FE: QCoreApplicationPrivate::init() (in /usr/lib/x86_64-linux-gnu/libQt5Core.so.5.6.1)
==3388==
("/media/zamazan4ik/For_Linux/Photo/6.png")
QImage(QSize(580, 330),format=5,depth=32,devicePixelRatio=1,bytesPerLine=2320,byteCount=765600)
191400
==3388== Invalid write of size 1
==3388== at 0x1E7EBA: QIPGrayscaleImage::toGrayscaleMinOrMaxInternal(QImage const&, IntRect const&, bool) (qipgrayscaleimage.cpp:1587)
==3388== by 0x1E7D90: QIPGrayscaleImage::toGrayscaleMinOrMax(QImage const&, bool) (qipgrayscaleimage.cpp:1564)
==3388== by 0x1E1743: QIPGrayscaleImage::QIPGrayscaleImage(QImage const&, QIPGrayscaleImage::GrayscaleConversion) (qipgrayscaleimage.cpp:66)
==3388== by 0x1D2221: ImageProcessor::loadImage(QImage const&) (imageprocessor.cpp:68)
==3388== by 0x1C677E: Page::loadFile(QString, int, bool) (page.cpp:105)
==3388== by 0x1CDA66: PageCollection::appendPage(QString const&) (tpagecollection.cpp:57)
==3388== by 0x17583D: MainForm::loadFile(QString const&, bool) (mainform.cpp:720)
==3388== by 0x172A3B: MainForm::loadFiles(QStringList const&) (mainform.cpp:294)
==3388== by 0x17456C: MainForm::loadImage() (mainform.cpp:547)
==3388== by 0x1FAC8B: MainForm::qt_static_metacall(QObject*, QMetaObject::Call, int, void**) (moc_mainform.cpp:357)
==3388== by 0x5CFFB48: QMetaObject::activate(QObject*, int, int, void**) (in /usr/lib/x86_64-linux-gnu/libQt5Core.so.5.6.1)
==3388== by 0x4F8C301: QAction::triggered(bool) (in /usr/lib/x86_64-linux-gnu/libQt5Widgets.so.5.6.1)
==3388== Address 0x1f43a868 is 0 bytes after a block of size 24 alloc'd
==3388== at 0x4C2D1AF: operator new(unsigned long) (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==3388== by 0x1E11DA: __gnu_cxx::new_allocator<std::_Sp_counted_ptr_inplace<unsigned char, std::allocator<unsigned char>, (__gnu_cxx::_Lock_policy)2> >::allocate(unsigned long, void const*) (new_allocator.h:104)
==3388== by 0x1E1002: std::allocator_traits<std::allocator<std::_Sp_counted_ptr_inplace<unsigned char, std::allocator<unsigned char>, (__gnu_cxx::_Lock_policy)2> > >::allocate(std::allocator<std::_Sp_counted_ptr_inplace<unsigned char, std::allocator<unsigned char>, (__gnu_cxx::_Lock_policy)2> >&, unsigned long) (alloc_traits.h:416)
==3388== by 0x1E0DD9: std::__allocated_ptr<std::allocator<std::_Sp_counted_ptr_inplace<unsigned char, std::allocator<unsigned char>, (__gnu_cxx::_Lock_policy)2> > > std::__allocate_guarded<std::allocator<std::_Sp_counted_ptr_inplace<unsigned char, std::allocator<unsigned char>, (__gnu_cxx::_Lock_policy)2> > >(std::allocator<std::_Sp_counted_ptr_inplace<unsigned char, std::allocator<unsigned char>, (__gnu_cxx::_Lock_policy)2> >&) (allocated_ptr.h:103)
==3388== by 0x1E9DC6: std::__shared_count<(__gnu_cxx::_Lock_policy)2>::__shared_count<unsigned char, std::allocator<unsigned char>, int>(std::_Sp_make_shared_tag, unsigned char*, std::allocator<unsigned char> const&, int&&) (shared_ptr_base.h:613)
==3388== by 0x1E9D0D: std::__shared_ptr<unsigned char, (__gnu_cxx::_Lock_policy)2>::__shared_ptr<std::allocator<unsigned char>, int>(std::_Sp_make_shared_tag, std::allocator<unsigned char> const&, int&&) (shared_ptr_base.h:1100)
==3388== by 0x1E9BED: std::shared_ptr<unsigned char>::shared_ptr<std::allocator<unsigned char>, int>(std::_Sp_make_shared_tag, std::allocator<unsigned char> const&, int&&) (shared_ptr.h:319)
==3388== by 0x1E9439: std::shared_ptr<unsigned char> std::allocate_shared<unsigned char, std::allocator<unsigned char>, int>(std::allocator<unsigned char> const&, int&&) (shared_ptr.h:620)
==3388== by 0x1E8E44: std::shared_ptr<unsigned char> std::make_shared<unsigned char, int>(int&&) (shared_ptr.h:636)
==3388== by 0x1E1680: QIPGrayscaleImage::QIPGrayscaleImage(QImage const&, QIPGrayscaleImage::GrayscaleConversion) (qipgrayscaleimage.cpp:53)
==3388== by 0x1D2221: ImageProcessor::loadImage(QImage const&) (imageprocessor.cpp:68)
==3388== by 0x1C677E: Page::loadFile(QString, int, bool) (page.cpp:105)
==3388==
--3388-- VALGRIND INTERNAL ERROR: Valgrind received a signal 11 (SIGSEGV) - exiting
--3388-- si_code=1; Faulting address: 0xFFFFFFFFFFFFFFFF; sp: 0x802daddf0
valgrind: the 'impossible' happened:
Killed by fatal signal
host stacktrace:
==3388== at 0x38095231: ??? (in /usr/lib/valgrind/memcheck-amd64-linux)
==3388== by 0x3809724A: ??? (in /usr/lib/valgrind/memcheck-amd64-linux)
==3388== by 0x38051EF4: ??? (in /usr/lib/valgrind/memcheck-amd64-linux)
==3388== by 0x3805214D: ??? (in /usr/lib/valgrind/memcheck-amd64-linux)
==3388== by 0x380E05A3: ??? (in /usr/lib/valgrind/memcheck-amd64-linux)
==3388== by 0x380EF820: ??? (in /usr/lib/valgrind/memcheck-amd64-linux)
sched status:
running_tid=1
Thread 1: status = VgTs_Runnable (lwpid 3388)
==3388== at 0x4C2D1AF: operator new(unsigned long) (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==3388== by 0x1E11DA: __gnu_cxx::new_allocator<std::_Sp_counted_ptr_inplace<unsigned char, std::allocator<unsigned char>, (__gnu_cxx::_Lock_policy)2> >::allocate(unsigned long, void const*) (new_allocator.h:104)
==3388== by 0x1E1002: std::allocator_traits<std::allocator<std::_Sp_counted_ptr_inplace<unsigned char, std::allocator<unsigned char>, (__gnu_cxx::_Lock_policy)2> > >::allocate(std::allocator<std::_Sp_counted_ptr_inplace<unsigned char, std::allocator<unsigned char>, (__gnu_cxx::_Lock_policy)2> >&, unsigned long) (alloc_traits.h:416)
==3388== by 0x1E0DD9: std::__allocated_ptr<std::allocator<std::_Sp_counted_ptr_inplace<unsigned char, std::allocator<unsigned char>, (__gnu_cxx::_Lock_policy)2> > > std::__allocate_guarded<std::allocator<std::_Sp_counted_ptr_inplace<unsigned char, std::allocator<unsigned char>, (__gnu_cxx::_Lock_policy)2> > >(std::allocator<std::_Sp_counted_ptr_inplace<unsigned char, std::allocator<unsigned char>, (__gnu_cxx::_Lock_policy)2> >&) (allocated_ptr.h:103)
==3388== by 0x1E0BC4: std::__shared_count<(__gnu_cxx::_Lock_policy)2>::__shared_count<unsigned char, std::allocator<unsigned char>, unsigned int>(std::_Sp_make_shared_tag, unsigned char*, std::allocator<unsigned char> const&, unsigned int&&) (shared_ptr_base.h:613)
==3388== by 0x1E0A47: std::__shared_ptr<unsigned char, (__gnu_cxx::_Lock_policy)2>::__shared_ptr<std::allocator<unsigned char>, unsigned int>(std::_Sp_make_shared_tag, std::allocator<unsigned char> const&, unsigned int&&) (shared_ptr_base.h:1100)
==3388== by 0x1E0907: std::shared_ptr<unsigned char>::shared_ptr<std::allocator<unsigned char>, unsigned int>(std::_Sp_make_shared_tag, std::allocator<unsigned char> const&, unsigned int&&) (shared_ptr.h:319)
==3388== by 0x1E07BB: std::shared_ptr<unsigned char> std::allocate_shared<unsigned char, std::allocator<unsigned char>, unsigned int>(std::allocator<unsigned char> const&, unsigned int&&) (shared_ptr.h:620)
==3388== by 0x1E05BA: std::shared_ptr<unsigned char> std::make_shared<unsigned char, unsigned int>(unsigned int&&) (shared_ptr.h:636)
==3388== by 0x1DEDBC: QIPBlackAndWhiteImage::QIPBlackAndWhiteImage(unsigned int, unsigned int) (qipblackandwhiteimage.cpp:37)
==3388== by 0x1E67AA: QIPGrayscaleImage::otsuBinarizeMA() const (qipgrayscaleimage.cpp:1219)
==3388== by 0x1E3115: QIPGrayscaleImage::binarize(QIPGrayscaleImage::BinarizationMethod) const (qipgrayscaleimage.cpp:455)
==3388== by 0x1D203D: ImageProcessor::crop() (imageprocessor.cpp:50)
==3388== by 0x1C67CC: Page::loadFile(QString, int, bool) (page.cpp:111)
==3388== by 0x1CDA66: PageCollection::appendPage(QString const&) (tpagecollection.cpp:57)
==3388== by 0x17583D: MainForm::loadFile(QString const&, bool) (mainform.cpp:720)
==3388== by 0x172A3B: MainForm::loadFiles(QStringList const&) (mainform.cpp:294)
==3388== by 0x17456C: MainForm::loadImage() (mainform.cpp:547)
==3388== by 0x1FAC8B: MainForm::qt_static_metacall(QObject*, QMetaObject::Call, int, void**) (moc_mainform.cpp:357)
==3388== by 0x5CFFB48: QMetaObject::activate(QObject*, int, int, void**) (in /usr/lib/x86_64-linux-gnu/libQt5Core.so.5.6.1)
==3388== by 0x4F8C301: QAction::triggered(bool) (in /usr/lib/x86_64-linux-gnu/libQt5Widgets.so.5.6.1)
==3388== by 0x4F8EEFF: QAction::activate(QAction::ActionEvent) (in /usr/lib/x86_64-linux-gnu/libQt5Widgets.so.5.6.1)
==3388== by 0x5095BBC: ??? (in /usr/lib/x86_64-linux-gnu/libQt5Widgets.so.5.6.1)
==3388== by 0x5095DF3: QAbstractButton::mouseReleaseEvent(QMouseEvent*) (in /usr/lib/x86_64-linux-gnu/libQt5Widgets.so.5.6.1)
==3388== by 0x5163709: QToolButton::mouseReleaseEvent(QMouseEvent*) (in /usr/lib/x86_64-linux-gnu/libQt5Widgets.so.5.6.1)
==3388== by 0x4FDB497: QWidget::event(QEvent*) (in /usr/lib/x86_64-linux-gnu/libQt5Widgets.so.5.6.1)
==3388== by 0x51637E8: QToolButton::event(QEvent*) (in /usr/lib/x86_64-linux-gnu/libQt5Widgets.so.5.6.1)
==3388== by 0x4F958AB: QApplicationPrivate::notify_helper(QObject*, QEvent*) (in /usr/lib/x86_64-linux-gnu/libQt5Widgets.so.5.6.1)
==3388== by 0x4F9BC06: QApplication::notify(QObject*, QEvent*) (in /usr/lib/x86_64-linux-gnu/libQt5Widgets.so.5.6.1)
==3388== by 0x5CD23AF: QCoreApplication::notifyInternal2(QObject*, QEvent*) (in /usr/lib/x86_64-linux-gnu/libQt5Core.so.5.6.1)
==3388== by 0x4F9A2D4: QApplicationPrivate::sendMouseEvent(QWidget*, QMouseEvent*, QWidget*, QWidget*, QWidget**, QPointer<QWidget>&, bool) (in /usr/lib/x86_64-linux-gnu/libQt5Widgets.so.5.6.1)
==3388== by 0x4FF5AD5: ??? (in /usr/lib/x86_64-linux-gnu/libQt5Widgets.so.5.6.1)
==3388== by 0x4FF86D2: ??? (in /usr/lib/x86_64-linux-gnu/libQt5Widgets.so.5.6.1)
==3388== by 0x4F958AB: QApplicationPrivate::notify_helper(QObject*, QEvent*) (in /usr/lib/x86_64-linux-gnu/libQt5Widgets.so.5.6.1)
==3388== by 0x4F9AD4E: QApplication::notify(QObject*, QEvent*) (in /usr/lib/x86_64-linux-gnu/libQt5Widgets.so.5.6.1)
==3388== by 0x5CD23AF: QCoreApplication::notifyInternal2(QObject*, QEvent*) (in /usr/lib/x86_64-linux-gnu/libQt5Core.so.5.6.1)
==3388== by 0x55C15F2: QGuiApplicationPrivate::processMouseEvent(QWindowSystemInterfacePrivate::MouseEvent*) (in /usr/lib/x86_64-linux-gnu/libQt5Gui.so.5.6.1)
==3388== by 0x55C2E04: QGuiApplicationPrivate::processWindowSystemEvent(QWindowSystemInterfacePrivate::WindowSystemEvent*) (in /usr/lib/x86_64-linux-gnu/libQt5Gui.so.5.6.1)
==3388== by 0x55A0B2A: QWindowSystemInterface::sendWindowSystemEvents(QFlags<QEventLoop::ProcessEventsFlag>) (in /usr/lib/x86_64-linux-gnu/libQt5Gui.so.5.6.1)
==3388== by 0x414965F: ??? (in /usr/lib/x86_64-linux-gnu/libQt5XcbQpa.so.5.6.1)
==3388== by 0x72F97D6: g_main_context_dispatch (in /lib/x86_64-linux-gnu/libglib-2.0.so.0.5000.2)
==3388== by 0x72F9A3F: ??? (in /lib/x86_64-linux-gnu/libglib-2.0.so.0.5000.2)
==3388== by 0x72F9AEB: g_main_context_iteration (in /lib/x86_64-linux-gnu/libglib-2.0.so.0.5000.2)
==3388== by 0x5D2848E: QEventDispatcherGlib::processEvents(QFlags<QEventLoop::ProcessEventsFlag>) (in /usr/lib/x86_64-linux-gnu/libQt5Core.so.5.6.1)
==3388== by 0x5CD00F9: QEventLoop::exec(QFlags<QEventLoop::ProcessEventsFlag>) (in /usr/lib/x86_64-linux-gnu/libQt5Core.so.5.6.1)
==3388== by 0x5CD890B: QCoreApplication::exec() (in /usr/lib/x86_64-linux-gnu/libQt5Core.so.5.6.1)
==3388== by 0x16F9E2: main (main.cpp:88)
Thread 2: status = VgTs_WaitSys (lwpid 3392)
==3388== at 0x6D910BD: ??? (syscall-template.S:84)
==3388== by 0x9557C61: poll (poll2.h:46)
==3388== by 0x9557C61: _xcb_conn_wait (xcb_conn.c:459)
==3388== by 0x95598D6: xcb_wait_for_event (xcb_in.c:693)
==3388== by 0x4113298: ??? (in /usr/lib/x86_64-linux-gnu/libQt5XcbQpa.so.5.6.1)
==3388== by 0x5AFAC67: ??? (in /usr/lib/x86_64-linux-gnu/libQt5Core.so.5.6.1)
==3388== by 0x61D66C9: start_thread (pthread_create.c:333)
==3388== by 0x6D9D0AE: clone (clone.S:105)
Thread 3: status = VgTs_WaitSys (lwpid 3397)
==3388== at 0x6D910BD: ??? (syscall-template.S:84)
==3388== by 0x72F99D5: ??? (in /lib/x86_64-linux-gnu/libglib-2.0.so.0.5000.2)
==3388== by 0x72F9AEB: g_main_context_iteration (in /lib/x86_64-linux-gnu/libglib-2.0.so.0.5000.2)
==3388== by 0x5D2848E: QEventDispatcherGlib::processEvents(QFlags<QEventLoop::ProcessEventsFlag>) (in /usr/lib/x86_64-linux-gnu/libQt5Core.so.5.6.1)
==3388== by 0x5CD00F9: QEventLoop::exec(QFlags<QEventLoop::ProcessEventsFlag>) (in /usr/lib/x86_64-linux-gnu/libQt5Core.so.5.6.1)
==3388== by 0x5AF5D42: QThread::exec() (in /usr/lib/x86_64-linux-gnu/libQt5Core.so.5.6.1)
==3388== by 0x102B4574: ??? (in /usr/lib/x86_64-linux-gnu/libQt5DBus.so.5.6.1)
==3388== by 0x5AFAC67: ??? (in /usr/lib/x86_64-linux-gnu/libQt5Core.so.5.6.1)
==3388== by 0x61D66C9: start_thread (pthread_create.c:333)
==3388== by 0x6D9D0AE: clone (clone.S:105)
Note: see also the FAQ in the source distribution.
It contains workarounds to several common problems.
In particular, if Valgrind aborted or crashed after
identifying problems in your program, there's a good chance
that fixing those problems will prevent Valgrind aborting or
crashing, especially if it happened in m_mallocfree.c.
If that doesn't help, please report this bug to: www.valgrind.org
In the bug report, send all the above text, the valgrind
version, and what OS and version you are using. Thanks.
Исходный код: https://github.com/ZaMaZaN4iK/ufocr
Если кому захочется поковыряться, то засылайте пулл-реквест.
UPD: теперь падает и на gcc и на clang