Qt中的缓冲区溢出错误?

问题描述:

我一直在开发一个名为RoboJournal的程序已经有相当长的一段时间了。最近有人向我发送了一个错误报告,说明在启用拼写检查功能时显示编辑器窗口窗体时整个程序是如何崩溃的。但是,在程序设置中禁用拼写检查时,一切正常。这个bug似乎只影响特定版本的Qt(4.8.3),因为我已经在4.7.4和4.8.4上测试了应用程序,并且一切正常。我之前从未注意到这个bug,因为我没有在4.8.3上开发应用程序。这个错误是我为什么还没有为Debian打包应用程序的主要原因;我计划在下一个版本发布时加入修复程序。Qt中的缓冲区溢出错误?

每当我遇到一个崩溃的bug时,我通常通过调试器(gdb)运行代码,设置断点,并逐行检查它,直到找到问题。但是,这次我不能这样做,因为这个bug只影响发布版本;我试着构建应用程序对Qt 4.8.3调试库,但我惊讶一切工作正常!显然,崩溃与该特定版本的Qt上的发布库有关,但我不知道它是什么。如何才能正确调试应用程序?遇到问题的唯一方法是使用发布版本?当我通过gdb运行它时,我尝试在发布版本上设置断点,但这不起作用。

幸运的是,这个bug似乎已经在Qt 4.8.4中修复了(虽然更新,但我还没有在Qt 5上测试过),但是我仍然需要找出一个解决方法, 0.3。 (我不能指望用户推出他们自己的Qt,我不知道Debian人何时会用新版本更新他们的回购)任何想法?

这里是崩溃的gdb输出。据我所知,这个bug有事情做与libc.so.6的:

buffer overflow detected ***: /usr/local/bin/robojournal terminated 
======= Backtrace: ========= 
/lib/x86_64-linux-gnu/libc.so.6(__fortify_fail+0x5c)[0x7ffff44fb82c] 
/lib/x86_64-linux-gnu/libc.so.6(+0x109700)[0x7ffff44fa700] 
/usr/local/bin/robojournal[0x49982f] 
/usr/local/bin/robojournal[0x49a374] 
/usr/local/bin/robojournal[0x49b192] 
/usr/local/bin/robojournal[0x49b6da] 
/usr/local/bin/robojournal[0x4a947d] 
/usr/local/bin/robojournal[0x432e17] 
/usr/local/bin/robojournal[0x43529f] 
/usr/local/bin/robojournal[0x421afb] 
/usr/local/bin/robojournal[0x4ace7b] 
/usr/lib/x86_64-linux-gnu/libQtCore.so.4(_ZN11QMetaObject8activateEP7QObjectPKS_iPPv+0x483)[0x7ffff5075123] 
/usr/lib/x86_64-linux-gnu/libQtGui.so.4(_ZN15QAbstractButton7clickedEb+0x32)[0x7ffff5bee422] 
/usr/lib/x86_64-linux-gnu/libQtGui.so.4(+0x589d2e)[0x7ffff5941d2e] 
/usr/lib/x86_64-linux-gnu/libQtGui.so.4(+0x58a560)[0x7ffff5942560] 
/usr/lib/x86_64-linux-gnu/libQtGui.so.4(_ZN15QAbstractButton17mouseReleaseEventEP11QMouseEvent+0x8c)[0x7ffff59427cc] 
/usr/lib/x86_64-linux-gnu/libQtGui.so.4(_ZN11QToolButton17mouseReleaseEventEP11QMouseEvent+0xa)[0x7ffff59fc99a] 
/usr/lib/x86_64-linux-gnu/libQtGui.so.4(_ZN7QWidget5eventEP6QEvent+0x7e0)[0x7ffff55d3850] 
/usr/lib/x86_64-linux-gnu/libQtGui.so.4(_ZN19QApplicationPrivate13notify_helperEP7QObjectP6QEvent+0xac)[0x7ffff5583e9c] 
/usr/lib/x86_64-linux-gnu/libQtGui.so.4(_ZN12QApplication6notifyEP7QObjectP6QEvent+0x99b)[0x7ffff5588b6b] 
/usr/lib/x86_64-linux-gnu/libQtCore.so.4(_ZN16QCoreApplication14notifyInternalEP7QObjectP6QEvent+0x8e)[0x7ffff505f56e] 
/usr/lib/x86_64-linux-gnu/libQtGui.so.4(_ZN19QApplicationPrivate14sendMouseEventEP7QWidgetP11QMouseEventS1_S1_PS1_R8QPointerIS0_Eb+0x143)[0x7ffff5584cd3] 
/usr/lib/x86_64-linux-gnu/libQtGui.so.4(+0x24a554)[0x7ffff5602554] 
/usr/lib/x86_64-linux-gnu/libQtGui.so.4(_ZN12QApplication15x11ProcessEventEP7_XEvent+0xd6f)[0x7ffff560144f] 
/usr/lib/x86_64-linux-gnu/libQtGui.so.4(+0x270fa2)[0x7ffff5628fa2] 
/lib/x86_64-linux-gnu/libglib-2.0.so.0(g_main_context_dispatch+0x135)[0x7ffff296cab5] 
/lib/x86_64-linux-gnu/libglib-2.0.so.0(+0x47de8)[0x7ffff296cde8] 
/lib/x86_64-linux-gnu/libglib-2.0.so.0(g_main_context_iteration+0x34)[0x7ffff296cea4] 
/usr/lib/x86_64-linux-gnu/libQtCore.so.4(_ZN20QEventDispatcherGlib13processEventsE6QFlagsIN10QEventLoop17ProcessEventsFlagEE+0x66)[0x7ffff508dbf6] 
/usr/lib/x86_64-linux-gnu/libQtGui.so.4(+0x270c1e)[0x7ffff5628c1e] 
/usr/lib/x86_64-linux-gnu/libQtCore.so.4(_ZN10QEventLoop13processEventsE6QFlagsINS_17ProcessEventsFlagEE+0x2f)[0x7ffff505e2bf] 
/usr/lib/x86_64-linux-gnu/libQtCore.so.4(_ZN10QEventLoop4execE6QFlagsINS_17ProcessEventsFlagEE+0x138)[0x7ffff505e548] 
/usr/lib/x86_64-linux-gnu/libQtCore.so.4(_ZN16QCoreApplication4execEv+0x88)[0x7ffff5063708] 
/usr/local/bin/robojournal[0x412f34] 
/lib/x86_64-linux-gnu/libc.so.6(__libc_start_main+0xed)[0x7ffff441276d] 
/usr/local/bin/robojournal[0x413cc1] 
======= Memory map: ======== 
00400000-005b0000 r-xp 00000000 08:01 48248        /usr/local/bin/robojournal 
007af000-007b0000 r--p 001af000 08:01 48248        /usr/local/bin/robojournal 
007b0000-007b5000 rw-p 001b0000 08:01 48248        /usr/local/bin/robojournal 
007b5000-00eb3000 rw-p 00000000 00:00 0         [heap] 
7fffdc000000-7fffdc021000 rw-p 00000000 00:00 0 
7fffdc021000-7fffe0000000 ---p 00000000 00:00 0 
7fffe16a0000-7fffe16a1000 ---p 00000000 00:00 0 
7fffe16a1000-7fffe1ea1000 rw-p 00000000 00:00 0 
7fffe1ea1000-7fffe215d000 r-xp 00000000 08:01 130      /usr/lib/x86_64-linux-gnu/libmysqlclient.so.18.0.0 
7fffe215d000-7fffe235c000 ---p 002bc000 08:01 130      /usr/lib/x86_64-linux-gnu/libmysqlclient.so.18.0.0 
7fffe235c000-7fffe2362000 r--p 002bb000 08:01 130      /usr/lib/x86_64-linux-gnu/libmysqlclient.so.18.0.0 
7fffe2362000-7fffe23e0000 rw-p 002c1000 08:01 130      /usr/lib/x86_64-linux-gnu/libmysqlclient.so.18.0.0 
7fffe23e0000-7fffe23e5000 rw-p 00000000 00:00 0 
7fffe23e5000-7fffe23f5000 r-xp 00000000 08:01 4894      /usr/lib/x86_64-linux-gnu/qt4/plugins/sqldrivers/libqsqlmysql.so 
7fffe23f5000-7fffe25f5000 ---p 00010000 08:01 4894      /usr/lib/x86_64-linux-gnu/qt4/plugins/sqldrivers/libqsqlmysql.so 
7fffe25f5000-7fffe25f6000 r--p 00010000 08:01 4894      /usr/lib/x86_64-linux-gnu/qt4/plugins/sqldrivers/libqsqlmysql.so 
7fffe25f6000-7fffe25f7000 rw-p 00011000 08:01 4894      /usr/lib/x86_64-linux-gnu/qt4/plugins/sqldrivers/libqsqlmysql.so 
7fffe2648000-7fffe264c000 r-xp 00000000 08:01 10234      /usr/lib/x86_64-linux-gnu/gdk-pixbuf-2.0/2.10.0/loaders/libpixbufloader-png.so 
7fffe264c000-7fffe284c000 ---p 00004000 08:01 10234      /usr/lib/x86_64-linux-gnu/gdk-pixbuf-2.0/2.10.0/loaders/libpixbufloader-png.so 
7fffe284c000-7fffe284d000 r--p 00004000 08:01 10234      /usr/lib/x86_64-linux-gnu/gdk-pixbuf-2.0/2.10.0/loaders/libpixbufloader-png.so 
7fffe284d000-7fffe284e000 rw-p 00005000 08:01 10234      /usr/lib/x86_64-linux-gnu/gdk-pixbuf-2.0/2.10.0/loaders/libpixbufloader-png.so 
7fffe284e000-7fffe286a000 r--s 00000000 08:01 40509      /usr/share/mime/mime.cache 
7fffe286b000-7fffe28cb000 rw-s 00000000 00:04 4620315     /SYSV00000000 (deleted) 
7fffe28cb000-7fffe2afe000 rw-s 00000000 00:04 4587546     /SYSV00000000 (deleted) 
7fffe2afe000-7fffe2ba3000 r--p 00000000 08:01 277820      /usr/share/fonts/truetype/ttf-dejavu/DejaVuSans-Bold.ttf 
7fffe2ba3000-7fffe2bae000 r-xp 00000000 08:01 9203      /usr/lib/x86_64-linux-gnu/libjbig.so.0.0.0 
7fffe2bae000-7fffe2dad000 ---p 0000b000 08:01 9203      /usr/lib/x86_64-linux-gnu/libjbig.so.0.0.0 
7fffe2dad000-7fffe2dae000 r--p 0000a000 08:01 9203      /usr/lib/x86_64-linux-gnu/libjbig.so.0.0.0 
7fffe2dae000-7fffe2db1000 rw-p 0000b000 08:01 9203      /usr/lib/x86_64-linux-gnu/libjbig.so.0.0.0 
7fffe2db1000-7fffe2e1e000 r-xp 00000000 08:01 9499      /usr/lib/x86_64-linux-gnu/libtiff.so.5.1.0 
7fffe2e1e000-7fffe301e000 ---p 0006d000 08:01 9499      /usr/lib/x86_64-linux-gnu/libtiff.so.5.1.0 
7fffe301e000-7fffe301f000 r--p 0006d000 08:01 9499      /usr/lib/x86_64-linux-gnu/libtiff.so.5.1.0 
7fffe301f000-7fffe3022000 rw-p 0006e000 08:01 9499      /usr/lib/x86_64-linux-gnu/libtiff.so.5.1.0 
7fffe3022000-7fffe3029000 r-xp 00000000 08:01 10954      /usr/lib/x86_64-linux-gnu/qt4/plugins/imageformats/libqtiff.so 
7fffe3029000-7fffe3228000 ---p 00007000 08:01 10954      /usr/lib/x86_64-linux-gnu/qt4/plugins/imageformats/libqtiff.so 
7fffe3228000-7fffe3229000 r--p 00006000 08:01 10954      /usr/lib/x86_64-linux-gnu/qt4/plugins/imageformats/libqtiff.so 
7fffe3229000-7fffe322a000 rw-p 00007000 08:01 10954      /usr/lib/x86_64-linux-gnu/qt4/plugins/imageformats/libqtiff.so 
7fffe322a000-7fffe322f000 r-xp 00000000 08:01 10953      /usr/lib/x86_64-linux-gnu/qt4/plugins/imageformats/libqtga.so 
7fffe322f000-7fffe342e000 ---p 00005000 08:01 10953      /usr/lib/x86_64-linux-gnu/qt4/plugins/imageformats/libqtga.so 
7fffe342e000-7fffe342f000 r--p 00004000 08:01 10953      /usr/lib/x86_64-linux-gnu/qt4/plugins/imageformats/libqtga.so 
7fffe342f000-7fffe3430000 rw-p 00005000 08:01 10953      /usr/lib/x86_64-linux-gnu/qt4/plugins/imageformats/libqtga.so 
7fffe3430000-7fffe3484000 r-xp 00000000 08:01 8631      /usr/lib/x86_64-linux-gnu/libQtSvg.so.4.8.3 
7fffe3484000-7fffe3683000 ---p 00054000 08:01 8631      /usr/lib/x86_64-linux-gnu/libQtSvg.so.4.8.3 
7fffe3683000-7fffe3685000 r--p 00053000 08:01 8631      /usr/lib/x86_64-linux-gnu/libQtSvg.so.4.8.3 
7fffe3685000-7fffe3686000 rw-p 00055000 08:01 8631      /usr/lib/x86_64-linux-gnu/libQtSvg.so.4.8.3 
7fffe3686000-7fffe368b000 r-xp 00000000 08:01 10952      /usr/lib/x86_64-linux-gnu/qt4/plugins/imageformats/libqsvg.so 
7fffe368b000-7fffe388a000 ---p 00005000 08:01 10952      /usr/lib/x86_64-linux-gnu/qt4/plugins/imageformats/libqsvg.so 
7fffe388a000-7fffe388b000 r--p 00004000 08:01 10952      /usr/lib/x86_64-linux-gnu/qt4/plugins/imageformats/libqsvg.so 
7fffe388b000-7fffe388c000 rw-p 00005000 08:01 10952      /usr/lib/x86_64-linux-gnu/qt4/plugins/imageformats/libqsvg.so 
7fffe388c000-7fffe38c1000 r-xp 00000000 08:01 9225      /usr/lib/x86_64-linux-gnu/liblcms.so.1.0.19 
7fffe38c1000-7fffe3ac0000 ---p 00035000 08:01 9225      /usr/lib/x86_64-linux-gnu/liblcms.so.1.0.19 
7fffe3ac0000-7fffe3ac1000 r--p 00034000 08:01 9225      /usr/lib/x86_64-linux-gnu/liblcms.so.1.0.19 
7fffe3ac1000-7fffe3ac2000 rw-p 00035000 08:01 9225      /usr/lib/x86_64-linux-gnu/liblcms.so.1.0.19 
7fffe3ac2000-7fffe3ac5000 rw-p 00000000 00:00 0 
7fffe3ac5000-7fffe3b4f000 r-xp 00000000 08:01 9259      /usr/lib/x86_64-linux-gnu/libmng.so.1.1.0.10 
7fffe3b4f000-7fffe3d4f000 ---p 0008a000 08:01 9259      /usr/lib/x86_64-linux-gnu/libmng.so.1.1.0.10 
7fffe3d4f000-7fffe3d52000 r--p 0008a000 08:01 9259      /usr/lib/x86_64-linux-gnu/libmng.so.1.1.0.10 
7fffe3d52000-7fffe3d54000 rw-p 0008d000 08:01 9259      /usr/lib/x86_64-linux-gnu/libmng.so.1.1.0.10 
7fffe3d54000-7fffe3d59000 r-xp 00000000 08:01 10951      /usr/lib/x86_64-linux-gnu/qt4/plugins/imageformats/libqmng.so 
7fffe3d59000-7fffe3f59000 ---p 00005000 08:01 10951      /usr/lib/x86_64-linux-gnu/qt4/plugins/imageformats/libqmng.so 
7fffe3f59000-7fffe3f5a000 r--p 00005000 08:01 10951      /usr/lib/x86_64-linux-gnu/qt4/plugins/imageformats/libqmng.so 
7fffe3f5a000-7fffe3f5b000 rw-p 00006000 08:01 10951      /usr/lib/x86_64-linux-gnu/qt4/plugins/imageformats/libqmng.so 
7fffe3f5b000-7fffe3f9a000 r-xp 00000000 08:01 9207      /usr/lib/x86_64-linux-gnu/libjpeg.so.8.0.2 
7fffe3f9a000-7fffe419a000 ---p 0003f000 08:01 9207      /usr/lib/x86_64-linux-gnu/libjpeg.so.8.0.2 
7fffe419a000-7fffe419b000 r--p 0003f000 08:01 9207      /usr/lib/x86_64-linux-gnu/libjpeg.so.8.0.2 
7fffe419b000-7fffe419c000 rw-p 00040000 08:01 9207      /usr/lib/x86_64-linux-gnu/libjpeg.so.8.0.2 
7fffe419c000-7fffe41ac000 rw-p 00000000 00:00 0 
7fffe41c2000-7fffe41c9000 r-xp 00000000 08:01 10950      /usr/lib/x86_64-linux-gnu/qt4/plugins/imageformats/libqjpeg.so 
7fffe41c9000-7fffe43c8000 ---p 00007000 08:01 10950      /usr/lib/x86_64-linux-gnu/qt4/plugins/imageformats/libqjpeg.so 
7fffe43c8000-7fffe43c9000 r--p 00006000 08:01 10950      /usr/lib/x86_64-linux-gnu/qt4/plugins/imageformats/libqjpeg.so 
7fffe43c9000-7fffe43ca000 rw-p 00007000 08:01 10950      /usr/lib/x86_64-linux-gnu/qt4/plugins/imageformats/libqjpeg.so 
7fffe43ca000-7fffe43d1000 r-xp 00000000 08:01 10949      /usr/lib/x86_64-linux-gnu/qt4/plugins/imageformats/libqico.so 
7fffe43d1000-7fffe45d0000 ---p 00007000 08:01 10949      /usr/lib/x86_64-linux-gnu/qt4/plugins/imageformats/libqico.so 
7fffe45d0000-7fffe45d1000 r--p 00006000 08:01 10949      /usr/lib/x86_64-linux-gnu/qt4/plugins/imageformats/libqico.so 
7fffe45d1000-7fffe45d2000 rw-p 00007000 08:01 10949      /usr/lib/x86_64-linux-gnu/qt4/plugins/imageformats/libqico.so 
7fffe45d2000-7fffe45d9000 r-xp 00000000 08:01 10948      /usr/lib/x86_64-linux-gnu/qt4/plugins/imageformats/libqgif.so 
7fffe45d9000-7fffe47d8000 ---p 00007000 08:01 10948      /usr/lib/x86_64-linux-gnu/qt4/plugins/imageformats/libqgif.so 
7fffe47d8000-7fffe47d9000 r--p 00006000 08:01 10948      /usr/lib/x86_64-linux-gnu/qt4/plugins/imageformats/libqgif.so 
7fffe47d9000-7fffe47da000 rw-p 00007000 08:01 10948      /usr/lib/x86_64-linux-gnu/qt4/plugins/imageformats/libqgif.so 
7fffe47da000-7fffe47dc000 r-xp 00000000 08:01 10901      /usr/lib/x86_64-linux-gnu/pango/1.6.0/modules/pango-basic-fc.so 
7fffe47dc000-7fffe49db000 ---p 00002000 08:01 10901      /usr/lib/x86_64-linux-gnu/pango/1.6.0/modules/pango-basic-fc.so 
7fffe49db000-7fffe49dc000 r--p 00001000 08:01 10901      /usr/lib/x86_64-linux-gnu/pango/1.6.0/modules/pango-basic-fc.so 
7fffe49dc000-7fffe49dd000 rw-p 00002000 08:01 10901      /usr/lib/x86_64-linux-gnu/pango/1.6.0/modules/pango-basic-fc.so 
7fffe49dd000-7fffe49e6000 r-xp 00000000 08:01 10648      /usr/lib/x86_64-linux-gnu/gtk-2.0/2.10.0/engines/libpixmap.so 
7fffe49e6000-7fffe4be6000 ---p 00009000 08:01 10648      /usr/lib/x86_64-linux-gnu/gtk-2.0/2.10.0/engines/libpixmap.so 
7fffe4be6000-7fffe4be7000 r--p 00009000 08:01 10648      /usr/lib/x86_64-linux-gnu/gtk-2.0/2.10.0/engines/libpixmap.so 
7fffe4be7000-7fffe4be8000 rw-p 0000a000 08:01 10648      /usr/lib/x86_64-linux-gnu/gtk-2.0/2.10.0/engines/libpixmap.so 
7fffe4be8000-7fffe4c17000 r-xp 00000000 08:01 10647      /usr/lib/x86_64-linux-gnu/gtk-2.0/2.10.0/engines/libmurrine.so 
7fffe4c17000-7fffe4e17000 ---p 0002f000 08:01 10647      /usr/lib/x86_64-linux-gnu/gtk-2.0/2.10.0/engines/libmurrine.so 
7fffe4e17000-7fffe4e18000 r--p 0002f000 08:01 10647      /usr/lib/x86_64-linux-gnu/gtk-2.0/2.10.0/engines/libmurrine.so 
7fffe4e18000-7fffe4e19000 rw-p 00030000 08:01 10647      /usr/lib/x86_64-linux-gnu/gtk-2.0/2.10.0/engines/libmurrine.so 
7fffe4e19000-7fffe4e25000 r-xp 00000000 08:01 5140      /lib/x86_64-linux-gnu/libnss_files-2.15.so 
7fffe4e25000-7fffe5024000 ---p 0000c000 08:01 5140      /lib/x86_64-linux-gnu/libnss_files-2.15.so 
7fffe5024000-7fffe5025000 r--p 0000b000 08:01 5140      /lib/x86_64-linux-gnu/libnss_files-2.15.so 
7fffe5025000-7fffe5026000 rw-p 0000c000 08:01 5140      /lib/x86_64-linux-gnu/libnss_files-2.15.so 
Program received signal SIGABRT, Aborted. 
0x00007ffff4427425 in raise() from /lib/x86_64-linux-gnu/libc.so.6 

对付段错误的最简单方法是分析保存到由内核产生的信息转储堆栈跟踪。大多数分布都核心转储保存禁用,所以怎么能启用

ulimit -c unlimited 

proc文件系统有几个文件来配置corudump生产。最重要的是core pattern/proc/sys/kernel/core_pattern,它指定了核心库名称和可选的后处理命令。

当进程收到分段故障信号,内核将其保存在一个核心转储文件的状态,可与dgb在稍后检查:

gdb -c core ./binary_which_produced_the_core 
bt 

会打印出你的什么程序在做当一回跟踪发生分段错误。

此外,为了使回溯信息更丰富,您必须安装带有调试符号的包。在你的情况下,你将需要libc,Qt,glib和你自己的二进制符号。有了Qt,glib库libc中这仅仅是那么容易,因为

sudo apt-get install libc6-dbg libqt4-dbg libglib2.0-0-dbg 

与Qt二进制它更复杂,如果你的构建工具是qmake的。

CONFIG += debug 

在.pro文件将使调试符号,但是,它也将使断言和代码等检查,使其表现不同。 如果你生成的工具是cmake或autotools,那么产生调试符号就变得微不足道了。