[mythtv] EIT triggered crashes (trunk)

David david at unsolicited.net
Wed Feb 20 18:51:55 UTC 2008


Daniel Kristjansson wrote:
> On Wed, 2008-02-20 at 18:25 +0000, David wrote:
>   
>> I've always had the odd backend crash when using multiple DTV tuners, 
>> but since multirec got merged I'm seeing multiple crashes, especially 
>> just after midnight when the next batch of events are released. I 
>> noticed others are suffering so I eventually got off my backside and did 
>> some diagnostics. Eventually I got valgrind to report the following:
>>     
> <snip>
>   
>> ... interesting.. and the following code exists in programinfo.cpp, 
>> implying that there is a race condition using regular expressions.
>>
>>         QMutexLocker locker(&regExpLock);
>>         if (programid.contains(regExpSeries))
>>             return false;
>>
>> Unfortunately there is no such locking going on in the EIT fixup 
>> routines. Should all users of regexp be protected using the same mutex? 
>> I guess I could subclass QRegExp and find out, but I'd rather someone 
>> tell me I'm on the right track first.
>>     
>
> There should be one EITScanner per DVB device so that no more than
> one thread uses a particular EITScanner instance at a time. Since
> there is one EITHelper instance per EITScanner instance those regular
> expressions should be safe.
>
>   
Indeed, but the problem I see here is within QT itself. There seems to 
be some sort of caching in use... is this thread safe? .. the code in 
programinfo.cpp implies that it isn't.

The issue starts when QT is manipulating this cache..

==12438==    at 0x5CDEC07: QGDict::hashKeyString(QString const&) (in 
/usr/lib/qt3/lib/libqt-mt.so.3.3.1)
==12438==    by 0x5CDED39: QGDict::unlink_string(QString const&, void*) 
(in /usr/lib/qt3/lib/libqt-mt.so.3.3.1)
==12438==    by 0x5CDEF92: QGDict::remove_string(QString const&, void*) 
(in /usr/lib/qt3/lib/libqt-mt.so.3.3.1)
==12438==    by 0x5CDC39B: QGCache::makeRoomFor(int, int) (in 
/usr/lib/qt3/lib/libqt-mt.so.3.3.1)
==12438==    by 0x5CDCBD7: QGCache::insert_string(QString const&, void*, 
int, int) (in /usr/lib/qt3/lib/libqt-mt.so.3.3.1)

but the memory has been freed. by this...

==12438==    at 0x401C389: operator delete(void*) (vg_replace_malloc.c:342)
==12438==    by 0x5CDC3CD: QGCache::makeRoomFor(int, int) (in 
/usr/lib/qt3/lib/libqt-mt.so.3.3.1)
==12438==    by 0x5CDCBD7: QGCache::insert_string(QString const&, void*, 
int, int) (in /usr/lib/qt3/lib/libqt-mt.so.3.3.1)

???

Cheers
David


More information about the mythtv-dev mailing list