Details
-
Bug
-
Resolution: Duplicate
-
P2: Important
-
5.5.1
-
OS X 10.10
-
I7b3d015b0f6021fb9ff9f83560478aa5545f41f5
Description
This is a report from our customer. Their application may hang if bytesToRead is less than zero in QAbstractSocketPrivate::readFromSocket(). They fixed it by adding:
if (bytesToRead <= 0) { return false; }
to QAbstractSocketPrivate::readFromSocket() in qt5/qtbase/src/network/socket/qabstractsocket.cpp.
-1 seems to indicate that an error has occurred. This is what the customer has identified to be the problem:
"QAbstractSocketPrivate::readFromSocket() uses a qint64 for its "byteToRead"
variable. This can be -1 under certain circumstances ( don't know why ).
bytesToRead is only checked for == 0, but not for -1.
A few lines later, char* ptr = buffer.reserve(bytesToRead) ( which is -1 ).
This is an error since ::reserve() expects a size_t ( 0->max ).
This in turn calls qiodevice_p.h::makeSpace(size_t required, FreeSpacePos
where) ( required == -1 == 0xFFFFFFFFFFFFFF == size_t::max ).
Now it goes into a while loop ( while(newCapacity < required) newCapacity *=2;
) which in my opinion is never a good idea because required == size_t::max,
the while loop increases the value of newCapacity until it wraps around to
"0". Since 0 *= 2 always == 0, the loop never breaks."
This is what was got from the socket debugging macros:
QAbstractSocketPrivate::readFromSocket() got 44 bytes, buffer size = 44 QAbstractSocket::bytesAvailable() == 44 QAbstractSocket::writeData(0x1162543f4 "\0\0\0\1", 4) == 4 QAbstractSocket::writeData(0x7ffa6501d0b8 "�!�m7�E�\37777777604�\37777777603�Nb\37777777616F", 16) == 16 QAbstractSocket::writeData(0x7ffa6501d0b8 "=���A\4Ky�C\1��p�F", 16) == 16 QAbstractSocket::writeData(0x1162543e0 "\0\0\5Y�#\30�", 8) == 8 QNativeSocketEnginePrivate::nativeWrite(0x7ffa75a7d818 "\0\0\0\1\37777777645!\37777777774m7\37777777761E\37777777640\37777777604\37777777745\37777777603\37777777701...", 44) == 44 QAbstractSocketPrivate::flush() 44 bytes written to the network QAbstractSocket::bytesAvailable() == 0 QAbstractSocketPrivate::canReadNotification() QNativeSocketEnginePrivate::nativeBytesAvailable() == 0 QAbstractSocketPrivate::readFromSocket() about to read 4096 bytes QNativeSocketEngine::read() was called not in QAbstractSocket::ConnectedState or QAbstractSocket::BoundState QAbstractSocketPrivate::readFromSocket() got -1 bytes, buffer size = 0 QNativeSocketEnginePrivate::nativeConnect() 24 QNativeSocketEnginePrivate::nativeConnect(10.13.0.154, 56731) == false (Connection refused) QAbstractSocketPrivate::connectionNotification() testing connection QAbstractSocketPrivate::_q_testConnection() connection failed, checking for alternative addresses QAbstractSocketPrivate::_q_connectToNextAddress(), all addresses failed. QTcpSocket::~QTcpSocket() QAbstractSocket::~QAbstractSocket() QNativeSocketEngine::nativeClose() QNativeSocketEnginePrivate::nativeConnect() 32 QNativeSocketEnginePrivate::nativeConnect(10.13.0.119, 56731) == false (Connection refused) QAbstractSocketPrivate::connectionNotification() testing connection QAbstractSocketPrivate::_q_testConnection() connection failed, checking for alternative addresses QAbstractSocketPrivate::_q_connectToNextAddress(), all addresses failed. QAbstractSocketPrivate::canReadNotification() QNativeSocketEngine::bytesAvailable() was called in QAbstractSocket::UnconnectedState QAbstractSocketPrivate::readFromSocket() about to read -1 bytes UUUUPS here was a qFatal Abort trap: 6
Attachments
Issue Links
- duplicates
-
-
- Closed
-