Qt中的緩衝區溢出錯誤？

Question

我一直在開發一個名爲RoboJournal的程序已經有相當長的一段時間了。最近有人向我發送了一個錯誤報告，說明在啓用拼寫檢查功能時顯示編輯器窗口窗體時整個程序是如何崩潰的。但是，在程序設置中禁用拼寫檢查時，一切正常。這個bug似乎隻影響特定版本的Qt（4.8.3），因爲我已經在4.7.4和4.8.4上測試了應用程序，並且一切正常。我之前從未注意到這個bug，因爲我沒有在4.8.3上開發應用程序。這個錯誤是我爲什麼還沒有爲Debian打包應用程序的主要原因;我計劃在下一個版本發佈時加入修復程序。

每當我遇到一個崩潰的bug時，我通常通過調試器（gdb）運行代碼，設置斷點，並逐行檢查它，直到找到問題。但是，這次我不能這樣做，因爲這個bug隻影響發佈版本;我試着構建應用程序對Qt 4.8.3調試庫，但我驚訝一切工作正常！顯然，崩潰與該特定版本的Qt上的發佈庫有關，但我不知道它是什麼。如何才能正確調試應用程序？遇到問題的唯一方法是使用發佈版本？當我通過gdb運行它時，我嘗試在發佈版本上設置斷點，但這不起作用。

幸運的是，這個bug似乎已經在Qt 4.8.4中修復了（雖然更新，但我還沒有在Qt 5上測試過），但是我仍然需要找出一個解決方法， 0.3。 （我不能指望用戶推出他們自己的Qt，我不知道Debian人何時會用新版本更新他們的回購）任何想法？

這裏是崩潰的gdb輸出。據我所知，這個bug有事情做與libc.so.6的：

buffer overflow detected ***: /usr/local/bin/robojournal terminated 
======= Backtrace: ========= 
/lib/x86_64-linux-gnu/libc.so.6(__fortify_fail+0x5c)[0x7ffff44fb82c] 
/lib/x86_64-linux-gnu/libc.so.6(+0x109700)[0x7ffff44fa700] 
/usr/local/bin/robojournal[0x49982f] 
/usr/local/bin/robojournal[0x49a374] 
/usr/local/bin/robojournal[0x49b192] 
/usr/local/bin/robojournal[0x49b6da] 
/usr/local/bin/robojournal[0x4a947d] 
/usr/local/bin/robojournal[0x432e17] 
/usr/local/bin/robojournal[0x43529f] 
/usr/local/bin/robojournal[0x421afb] 
/usr/local/bin/robojournal[0x4ace7b] 
/usr/lib/x86_64-linux-gnu/libQtCore.so.4(_ZN11QMetaObject8activateEP7QObjectPKS_iPPv+0x483)[0x7ffff5075123] 
/usr/lib/x86_64-linux-gnu/libQtGui.so.4(_ZN15QAbstractButton7clickedEb+0x32)[0x7ffff5bee422] 
/usr/lib/x86_64-linux-gnu/libQtGui.so.4(+0x589d2e)[0x7ffff5941d2e] 
/usr/lib/x86_64-linux-gnu/libQtGui.so.4(+0x58a560)[0x7ffff5942560] 
/usr/lib/x86_64-linux-gnu/libQtGui.so.4(_ZN15QAbstractButton17mouseReleaseEventEP11QMouseEvent+0x8c)[0x7ffff59427cc] 
/usr/lib/x86_64-linux-gnu/libQtGui.so.4(_ZN11QToolButton17mouseReleaseEventEP11QMouseEvent+0xa)[0x7ffff59fc99a] 
/usr/lib/x86_64-linux-gnu/libQtGui.so.4(_ZN7QWidget5eventEP6QEvent+0x7e0)[0x7ffff55d3850] 
/usr/lib/x86_64-linux-gnu/libQtGui.so.4(_ZN19QApplicationPrivate13notify_helperEP7QObjectP6QEvent+0xac)[0x7ffff5583e9c] 
/usr/lib/x86_64-linux-gnu/libQtGui.so.4(_ZN12QApplication6notifyEP7QObjectP6QEvent+0x99b)[0x7ffff5588b6b] 
/usr/lib/x86_64-linux-gnu/libQtCore.so.4(_ZN16QCoreApplication14notifyInternalEP7QObjectP6QEvent+0x8e)[0x7ffff505f56e] 
/usr/lib/x86_64-linux-gnu/libQtGui.so.4(_ZN19QApplicationPrivate14sendMouseEventEP7QWidgetP11QMouseEventS1_S1_PS1_R8QPointerIS0_Eb+0x143)[0x7ffff5584cd3] 
/usr/lib/x86_64-linux-gnu/libQtGui.so.4(+0x24a554)[0x7ffff5602554] 
/usr/lib/x86_64-linux-gnu/libQtGui.so.4(_ZN12QApplication15x11ProcessEventEP7_XEvent+0xd6f)[0x7ffff560144f] 
/usr/lib/x86_64-linux-gnu/libQtGui.so.4(+0x270fa2)[0x7ffff5628fa2] 
/lib/x86_64-linux-gnu/libglib-2.0.so.0(g_main_context_dispatch+0x135)[0x7ffff296cab5] 
/lib/x86_64-linux-gnu/libglib-2.0.so.0(+0x47de8)[0x7ffff296cde8] 
/lib/x86_64-linux-gnu/libglib-2.0.so.0(g_main_context_iteration+0x34)[0x7ffff296cea4] 
/usr/lib/x86_64-linux-gnu/libQtCore.so.4(_ZN20QEventDispatcherGlib13processEventsE6QFlagsIN10QEventLoop17ProcessEventsFlagEE+0x66)[0x7ffff508dbf6] 
/usr/lib/x86_64-linux-gnu/libQtGui.so.4(+0x270c1e)[0x7ffff5628c1e] 
/usr/lib/x86_64-linux-gnu/libQtCore.so.4(_ZN10QEventLoop13processEventsE6QFlagsINS_17ProcessEventsFlagEE+0x2f)[0x7ffff505e2bf] 
/usr/lib/x86_64-linux-gnu/libQtCore.so.4(_ZN10QEventLoop4execE6QFlagsINS_17ProcessEventsFlagEE+0x138)[0x7ffff505e548] 
/usr/lib/x86_64-linux-gnu/libQtCore.so.4(_ZN16QCoreApplication4execEv+0x88)[0x7ffff5063708] 
/usr/local/bin/robojournal[0x412f34] 
/lib/x86_64-linux-gnu/libc.so.6(__libc_start_main+0xed)[0x7ffff441276d] 
/usr/local/bin/robojournal[0x413cc1] 
======= Memory map: ======== 
00400000-005b0000 r-xp 00000000 08:01 48248        /usr/local/bin/robojournal 
007af000-007b0000 r--p 001af000 08:01 48248        /usr/local/bin/robojournal 
007b0000-007b5000 rw-p 001b0000 08:01 48248        /usr/local/bin/robojournal 
007b5000-00eb3000 rw-p 00000000 00:00 0         [heap] 
7fffdc000000-7fffdc021000 rw-p 00000000 00:00 0 
7fffdc021000-7fffe0000000 ---p 00000000 00:00 0 
7fffe16a0000-7fffe16a1000 ---p 00000000 00:00 0 
7fffe16a1000-7fffe1ea1000 rw-p 00000000 00:00 0 
7fffe1ea1000-7fffe215d000 r-xp 00000000 08:01 130      /usr/lib/x86_64-linux-gnu/libmysqlclient.so.18.0.0 
7fffe215d000-7fffe235c000 ---p 002bc000 08:01 130      /usr/lib/x86_64-linux-gnu/libmysqlclient.so.18.0.0 
7fffe235c000-7fffe2362000 r--p 002bb000 08:01 130      /usr/lib/x86_64-linux-gnu/libmysqlclient.so.18.0.0 
7fffe2362000-7fffe23e0000 rw-p 002c1000 08:01 130      /usr/lib/x86_64-linux-gnu/libmysqlclient.so.18.0.0 
7fffe23e0000-7fffe23e5000 rw-p 00000000 00:00 0 
7fffe23e5000-7fffe23f5000 r-xp 00000000 08:01 4894      /usr/lib/x86_64-linux-gnu/qt4/plugins/sqldrivers/libqsqlmysql.so 
7fffe23f5000-7fffe25f5000 ---p 00010000 08:01 4894      /usr/lib/x86_64-linux-gnu/qt4/plugins/sqldrivers/libqsqlmysql.so 
7fffe25f5000-7fffe25f6000 r--p 00010000 08:01 4894      /usr/lib/x86_64-linux-gnu/qt4/plugins/sqldrivers/libqsqlmysql.so 
7fffe25f6000-7fffe25f7000 rw-p 00011000 08:01 4894      /usr/lib/x86_64-linux-gnu/qt4/plugins/sqldrivers/libqsqlmysql.so 
7fffe2648000-7fffe264c000 r-xp 00000000 08:01 10234      /usr/lib/x86_64-linux-gnu/gdk-pixbuf-2.0/2.10.0/loaders/libpixbufloader-png.so 
7fffe264c000-7fffe284c000 ---p 00004000 08:01 10234      /usr/lib/x86_64-linux-gnu/gdk-pixbuf-2.0/2.10.0/loaders/libpixbufloader-png.so 
7fffe284c000-7fffe284d000 r--p 00004000 08:01 10234      /usr/lib/x86_64-linux-gnu/gdk-pixbuf-2.0/2.10.0/loaders/libpixbufloader-png.so 
7fffe284d000-7fffe284e000 rw-p 00005000 08:01 10234      /usr/lib/x86_64-linux-gnu/gdk-pixbuf-2.0/2.10.0/loaders/libpixbufloader-png.so 
7fffe284e000-7fffe286a000 r--s 00000000 08:01 40509      /usr/share/mime/mime.cache 
7fffe286b000-7fffe28cb000 rw-s 00000000 00:04 4620315     /SYSV00000000 (deleted) 
7fffe28cb000-7fffe2afe000 rw-s 00000000 00:04 4587546     /SYSV00000000 (deleted) 
7fffe2afe000-7fffe2ba3000 r--p 00000000 08:01 277820      /usr/share/fonts/truetype/ttf-dejavu/DejaVuSans-Bold.ttf 
7fffe2ba3000-7fffe2bae000 r-xp 00000000 08:01 9203      /usr/lib/x86_64-linux-gnu/libjbig.so.0.0.0 
7fffe2bae000-7fffe2dad000 ---p 0000b000 08:01 9203      /usr/lib/x86_64-linux-gnu/libjbig.so.0.0.0 
7fffe2dad000-7fffe2dae000 r--p 0000a000 08:01 9203      /usr/lib/x86_64-linux-gnu/libjbig.so.0.0.0 
7fffe2dae000-7fffe2db1000 rw-p 0000b000 08:01 9203      /usr/lib/x86_64-linux-gnu/libjbig.so.0.0.0 
7fffe2db1000-7fffe2e1e000 r-xp 00000000 08:01 9499      /usr/lib/x86_64-linux-gnu/libtiff.so.5.1.0 
7fffe2e1e000-7fffe301e000 ---p 0006d000 08:01 9499      /usr/lib/x86_64-linux-gnu/libtiff.so.5.1.0 
7fffe301e000-7fffe301f000 r--p 0006d000 08:01 9499      /usr/lib/x86_64-linux-gnu/libtiff.so.5.1.0 
7fffe301f000-7fffe3022000 rw-p 0006e000 08:01 9499      /usr/lib/x86_64-linux-gnu/libtiff.so.5.1.0 
7fffe3022000-7fffe3029000 r-xp 00000000 08:01 10954      /usr/lib/x86_64-linux-gnu/qt4/plugins/imageformats/libqtiff.so 
7fffe3029000-7fffe3228000 ---p 00007000 08:01 10954      /usr/lib/x86_64-linux-gnu/qt4/plugins/imageformats/libqtiff.so 
7fffe3228000-7fffe3229000 r--p 00006000 08:01 10954      /usr/lib/x86_64-linux-gnu/qt4/plugins/imageformats/libqtiff.so 
7fffe3229000-7fffe322a000 rw-p 00007000 08:01 10954      /usr/lib/x86_64-linux-gnu/qt4/plugins/imageformats/libqtiff.so 
7fffe322a000-7fffe322f000 r-xp 00000000 08:01 10953      /usr/lib/x86_64-linux-gnu/qt4/plugins/imageformats/libqtga.so 
7fffe322f000-7fffe342e000 ---p 00005000 08:01 10953      /usr/lib/x86_64-linux-gnu/qt4/plugins/imageformats/libqtga.so 
7fffe342e000-7fffe342f000 r--p 00004000 08:01 10953      /usr/lib/x86_64-linux-gnu/qt4/plugins/imageformats/libqtga.so 
7fffe342f000-7fffe3430000 rw-p 00005000 08:01 10953      /usr/lib/x86_64-linux-gnu/qt4/plugins/imageformats/libqtga.so 
7fffe3430000-7fffe3484000 r-xp 00000000 08:01 8631      /usr/lib/x86_64-linux-gnu/libQtSvg.so.4.8.3 
7fffe3484000-7fffe3683000 ---p 00054000 08:01 8631      /usr/lib/x86_64-linux-gnu/libQtSvg.so.4.8.3 
7fffe3683000-7fffe3685000 r--p 00053000 08:01 8631      /usr/lib/x86_64-linux-gnu/libQtSvg.so.4.8.3 
7fffe3685000-7fffe3686000 rw-p 00055000 08:01 8631      /usr/lib/x86_64-linux-gnu/libQtSvg.so.4.8.3 
7fffe3686000-7fffe368b000 r-xp 00000000 08:01 10952      /usr/lib/x86_64-linux-gnu/qt4/plugins/imageformats/libqsvg.so 
7fffe368b000-7fffe388a000 ---p 00005000 08:01 10952      /usr/lib/x86_64-linux-gnu/qt4/plugins/imageformats/libqsvg.so 
7fffe388a000-7fffe388b000 r--p 00004000 08:01 10952      /usr/lib/x86_64-linux-gnu/qt4/plugins/imageformats/libqsvg.so 
7fffe388b000-7fffe388c000 rw-p 00005000 08:01 10952      /usr/lib/x86_64-linux-gnu/qt4/plugins/imageformats/libqsvg.so 
7fffe388c000-7fffe38c1000 r-xp 00000000 08:01 9225      /usr/lib/x86_64-linux-gnu/liblcms.so.1.0.19 
7fffe38c1000-7fffe3ac0000 ---p 00035000 08:01 9225      /usr/lib/x86_64-linux-gnu/liblcms.so.1.0.19 
7fffe3ac0000-7fffe3ac1000 r--p 00034000 08:01 9225      /usr/lib/x86_64-linux-gnu/liblcms.so.1.0.19 
7fffe3ac1000-7fffe3ac2000 rw-p 00035000 08:01 9225      /usr/lib/x86_64-linux-gnu/liblcms.so.1.0.19 
7fffe3ac2000-7fffe3ac5000 rw-p 00000000 00:00 0 
7fffe3ac5000-7fffe3b4f000 r-xp 00000000 08:01 9259      /usr/lib/x86_64-linux-gnu/libmng.so.1.1.0.10 
7fffe3b4f000-7fffe3d4f000 ---p 0008a000 08:01 9259      /usr/lib/x86_64-linux-gnu/libmng.so.1.1.0.10 
7fffe3d4f000-7fffe3d52000 r--p 0008a000 08:01 9259      /usr/lib/x86_64-linux-gnu/libmng.so.1.1.0.10 
7fffe3d52000-7fffe3d54000 rw-p 0008d000 08:01 9259      /usr/lib/x86_64-linux-gnu/libmng.so.1.1.0.10 
7fffe3d54000-7fffe3d59000 r-xp 00000000 08:01 10951      /usr/lib/x86_64-linux-gnu/qt4/plugins/imageformats/libqmng.so 
7fffe3d59000-7fffe3f59000 ---p 00005000 08:01 10951      /usr/lib/x86_64-linux-gnu/qt4/plugins/imageformats/libqmng.so 
7fffe3f59000-7fffe3f5a000 r--p 00005000 08:01 10951      /usr/lib/x86_64-linux-gnu/qt4/plugins/imageformats/libqmng.so 
7fffe3f5a000-7fffe3f5b000 rw-p 00006000 08:01 10951      /usr/lib/x86_64-linux-gnu/qt4/plugins/imageformats/libqmng.so 
7fffe3f5b000-7fffe3f9a000 r-xp 00000000 08:01 9207      /usr/lib/x86_64-linux-gnu/libjpeg.so.8.0.2 
7fffe3f9a000-7fffe419a000 ---p 0003f000 08:01 9207      /usr/lib/x86_64-linux-gnu/libjpeg.so.8.0.2 
7fffe419a000-7fffe419b000 r--p 0003f000 08:01 9207      /usr/lib/x86_64-linux-gnu/libjpeg.so.8.0.2 
7fffe419b000-7fffe419c000 rw-p 00040000 08:01 9207      /usr/lib/x86_64-linux-gnu/libjpeg.so.8.0.2 
7fffe419c000-7fffe41ac000 rw-p 00000000 00:00 0 
7fffe41c2000-7fffe41c9000 r-xp 00000000 08:01 10950      /usr/lib/x86_64-linux-gnu/qt4/plugins/imageformats/libqjpeg.so 
7fffe41c9000-7fffe43c8000 ---p 00007000 08:01 10950      /usr/lib/x86_64-linux-gnu/qt4/plugins/imageformats/libqjpeg.so 
7fffe43c8000-7fffe43c9000 r--p 00006000 08:01 10950      /usr/lib/x86_64-linux-gnu/qt4/plugins/imageformats/libqjpeg.so 
7fffe43c9000-7fffe43ca000 rw-p 00007000 08:01 10950      /usr/lib/x86_64-linux-gnu/qt4/plugins/imageformats/libqjpeg.so 
7fffe43ca000-7fffe43d1000 r-xp 00000000 08:01 10949      /usr/lib/x86_64-linux-gnu/qt4/plugins/imageformats/libqico.so 
7fffe43d1000-7fffe45d0000 ---p 00007000 08:01 10949      /usr/lib/x86_64-linux-gnu/qt4/plugins/imageformats/libqico.so 
7fffe45d0000-7fffe45d1000 r--p 00006000 08:01 10949      /usr/lib/x86_64-linux-gnu/qt4/plugins/imageformats/libqico.so 
7fffe45d1000-7fffe45d2000 rw-p 00007000 08:01 10949      /usr/lib/x86_64-linux-gnu/qt4/plugins/imageformats/libqico.so 
7fffe45d2000-7fffe45d9000 r-xp 00000000 08:01 10948      /usr/lib/x86_64-linux-gnu/qt4/plugins/imageformats/libqgif.so 
7fffe45d9000-7fffe47d8000 ---p 00007000 08:01 10948      /usr/lib/x86_64-linux-gnu/qt4/plugins/imageformats/libqgif.so 
7fffe47d8000-7fffe47d9000 r--p 00006000 08:01 10948      /usr/lib/x86_64-linux-gnu/qt4/plugins/imageformats/libqgif.so 
7fffe47d9000-7fffe47da000 rw-p 00007000 08:01 10948      /usr/lib/x86_64-linux-gnu/qt4/plugins/imageformats/libqgif.so 
7fffe47da000-7fffe47dc000 r-xp 00000000 08:01 10901      /usr/lib/x86_64-linux-gnu/pango/1.6.0/modules/pango-basic-fc.so 
7fffe47dc000-7fffe49db000 ---p 00002000 08:01 10901      /usr/lib/x86_64-linux-gnu/pango/1.6.0/modules/pango-basic-fc.so 
7fffe49db000-7fffe49dc000 r--p 00001000 08:01 10901      /usr/lib/x86_64-linux-gnu/pango/1.6.0/modules/pango-basic-fc.so 
7fffe49dc000-7fffe49dd000 rw-p 00002000 08:01 10901      /usr/lib/x86_64-linux-gnu/pango/1.6.0/modules/pango-basic-fc.so 
7fffe49dd000-7fffe49e6000 r-xp 00000000 08:01 10648      /usr/lib/x86_64-linux-gnu/gtk-2.0/2.10.0/engines/libpixmap.so 
7fffe49e6000-7fffe4be6000 ---p 00009000 08:01 10648      /usr/lib/x86_64-linux-gnu/gtk-2.0/2.10.0/engines/libpixmap.so 
7fffe4be6000-7fffe4be7000 r--p 00009000 08:01 10648      /usr/lib/x86_64-linux-gnu/gtk-2.0/2.10.0/engines/libpixmap.so 
7fffe4be7000-7fffe4be8000 rw-p 0000a000 08:01 10648      /usr/lib/x86_64-linux-gnu/gtk-2.0/2.10.0/engines/libpixmap.so 
7fffe4be8000-7fffe4c17000 r-xp 00000000 08:01 10647      /usr/lib/x86_64-linux-gnu/gtk-2.0/2.10.0/engines/libmurrine.so 
7fffe4c17000-7fffe4e17000 ---p 0002f000 08:01 10647      /usr/lib/x86_64-linux-gnu/gtk-2.0/2.10.0/engines/libmurrine.so 
7fffe4e17000-7fffe4e18000 r--p 0002f000 08:01 10647      /usr/lib/x86_64-linux-gnu/gtk-2.0/2.10.0/engines/libmurrine.so 
7fffe4e18000-7fffe4e19000 rw-p 00030000 08:01 10647      /usr/lib/x86_64-linux-gnu/gtk-2.0/2.10.0/engines/libmurrine.so 
7fffe4e19000-7fffe4e25000 r-xp 00000000 08:01 5140      /lib/x86_64-linux-gnu/libnss_files-2.15.so 
7fffe4e25000-7fffe5024000 ---p 0000c000 08:01 5140      /lib/x86_64-linux-gnu/libnss_files-2.15.so 
7fffe5024000-7fffe5025000 r--p 0000b000 08:01 5140      /lib/x86_64-linux-gnu/libnss_files-2.15.so 
7fffe5025000-7fffe5026000 rw-p 0000c000 08:01 5140      /lib/x86_64-linux-gnu/libnss_files-2.15.so 
Program received signal SIGABRT, Aborted. 
0x00007ffff4427425 in raise() from /lib/x86_64-linux-gnu/libc.so.6 

Answer 1

對付段錯誤的最簡單方法是分析保存到由內核產生的信息轉儲堆棧跟蹤。大多數分佈都核心轉儲保存禁用，所以怎麼能啓用

ulimit -c unlimited 

proc文件系統有幾個文件來配置corudump生產。最重要的是core pattern/proc/sys/kernel/core_pattern，它指定了核心庫名稱和可選的後處理命令。

當進程收到分段故障信號，內核將其保存在一個核心轉儲文件的狀態，可與dgb在稍後檢查：

gdb -c core ./binary_which_produced_the_core 
bt 

會打印出你的什麼程序在做當一回跟蹤發生分段錯誤。

此外，爲了使回溯信息更豐富，您必須安裝帶有調試符號的包。在你的情況下，你將需要libc，Qt，glib和你自己的二進制符號。有了Qt，glib庫libc中這僅僅是那麼容易，因爲

sudo apt-get install libc6-dbg libqt4-dbg libglib2.0-0-dbg 

與Qt二進制它更復雜，如果你的構建工具是qmake的。

CONFIG += debug 

在.pro文件將使調試符號，但是，它也將使斷言和代碼等檢查，使其表現不同。 如果你生成的工具是cmake或autotools，那麼產生調試符號就變得微不足道了。