[mythtv-commits] Ticket #11795: Random crash in MythSystemLegacy

MythTV noreply at mythtv.org
Thu Aug 29 05:43:46 UTC 2013 

#11795: Random crash in MythSystemLegacy
------------------------------------+-------------------------
     Reporter:  kevin@…             |      Owner:
         Type:  Bug Report - Crash  |     Status:  new
     Priority:  minor               |  Milestone:  unknown
    Component:  MythTV - General    |    Version:  Master Head
     Severity:  medium              |   Keywords:
Ticket locked:  0                   |
------------------------------------+-------------------------
 I'm getting a crash in mythbackend about once or twice a day, usually
 after the backend runs my external channel change script.  The backtrace
 is:

 {{{
 #0  0xb39a0ede in QSemaphore::release(int) ()
    from /usr/lib/i386-linux-gnu/libQtCore.so.4
 #1  0xb5d78534 in MythSystemLegacy::Unlock (this=0x0) at
 mythsystemlegacy.h:160
 #2  0xb5d786aa in MythSystemLegacyPrivate::Unlock (this=0x9cdd17b8)
     at mythsystemprivate.h:72
 #3  0xb5d74e5a in MythSystemLegacySignalManager::run (this=0xac122930)
     at mythsystemunix.cpp:559
 #4  0xb5c784fc in MThreadInternal::run (this=0xac13bd30) at mthread.cpp:79
 #5  0xb39a4f00 in ?? () from /usr/lib/i386-linux-gnu/libQtCore.so.4
 #6  0xb4bb3c39 in start_thread ()
    from /lib/i386-linux-gnu/i686/cmov/libpthread.so.0
 #7  0xb377a78e in clone () from /lib/i386-linux-gnu/i686/cmov/libc.so.6
 }}}

 As you can see on line !#1, "this" is null.  Here's the section of code in
 question (actually it's from line !#2 above):

 {{{
     void Unlock(void)                { m_parent->Unlock(); }
 }}}

 Here "m_parent" is null.  If we go up one call frame, we have:

 {{{
             if (ms->m_parent)
             {
                 if (ms->GetStatus() == GENERIC_EXIT_OK)
                     emit ms->finished();
                 else
                     emit ms->error(ms->GetStatus());

                 ms->disconnect();
                 ms->Unlock();
             }
 }}}

 So sometime between the check for m_parent being null, and calling
 "ms->Unlock", m_parent does become null.  Since m_parent is a QPointer, if
 code on another thread somewhere deletes what m_parent is pointing to,
 then m_parent will become a null pointer, rather than pointing into
 deleted memory.

 Since this is running in a separate thread, I'm thinking another thread is
 deleting the parent !MythSystemLegacy object before the signal manager
 thread is done with it.

 I haven't had time to further track this down, but I wanted to file this
 in case the resident expert (whoever that may be) of !MythSystem might
 know exactly where the problem is.

 Thanks!
 -- Kevin

--
Ticket URL: <http://code.mythtv.org/trac/ticket/11795>
MythTV <http://www.mythtv.org>
MythTV Media Center

More information about the mythtv-commits mailing list