QT （C++）定位内存越界（踩内存）问题

同事写的QT （C++）运行就崩溃，简单扫了一下代码，估计是内存越界了。但是第一眼没看出来。也懒得一行一行看，所以就借助AddressSanitizer（俗称阿三。。。。）这个软件找一下，

我们是在Ubuntu下面所以先安装2个库

apt install libasan8

apt install llvm

然后去QT的 .PRO文件加两个编译选项

QMAKE_CXXFLAGS += -fsanitize=address -fno-omit-frame-pointer -O1

QMAKE_LFLAGS += -fsanitize=address

然后编译

运行你的程序 ./Example 我的叫这个名字

=================================================================

==16320==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x7fffe4bff800 at pc 0x555555794e15 bp 0x7fffffffcbd0 sp 0x7fffffffcbc0

WRITE of size 1 at 0x7fffe4bff800 thread T0

#0 0x555555794e14 in WindowPlayBackGrayscaleImage::SetPlaybackData() ../../NewCode/Dialog/Components/windowplaybackgrayscaleimage.cpp:348

#1 0x5555557990ff in WindowPlayBackGrayscaleImage::RecieveData(int, unsigned char*, int) ../../NewCode/Dialog/Components/windowplaybackgrayscaleimage.cpp:288

#2 0x555555863bc7 in MainWindow::GetBackPlayDataAndSend(int, int) ../../NewCode/Dialog/windowmain.cpp:2079

#3 0x555555863d75 in MainWindow::BackplayRefreshDataTimeoutSlot() ../../NewCode/Dialog/windowmain.cpp:2063

#4 0x555555a0d913 in MainWindow::qt_static_metacall(QObject*, QMetaObject::Call, int, void**) /mnt/hgfs/VCode/YiTiJi/Code/integratedmachine/一体机软件/build-Example-Desktop_Qt_5_15_2_GCC_64bit-Debug/moc_windowmain.cpp:344

#5 0x7ffff32d5dde in void doActivate<false>(QObject*, int, void**) kernel/qobject.cpp:3898

#6 0x7ffff32daa56 in QTimer::timeout(QTimer::QPrivateSignal) .moc/moc_qtimer.cpp:205

#7 0x7ffff32dad27 in QTimer::timerEvent(QTimerEvent*) kernel/qtimer.cpp:257

#8 0x7ffff32ccd5a in QObject::event(QEvent*) kernel/qobject.cpp:1336

#9 0x7ffff476343b in QApplicationPrivate::notify_helper(QObject*, QEvent*) kernel/qapplication.cpp:3632

#10 0x7ffff4769f1f in QApplication::notify(QObject*, QEvent*) kernel/qapplication.cpp:3378

#11 0x7ffff329d807 in QCoreApplication::notifyInternal2(QObject*, QEvent*) kernel/qcoreapplication.cpp:1063

#12 0x7ffff32f8688 in QTimerInfoList::activateTimers() kernel/qtimerinfo_unix.cpp:643

#13 0x7ffff32f8e98 in timerSourceDispatch kernel/qeventdispatcher_glib.cpp:183

#14 0x7ffff32f8e98 in idleTimerSourceDispatch kernel/qeventdispatcher_glib.cpp:230

#15 0x7ffff4f1bd3a in g_main_context_dispatch (/lib/x86_64-linux-gnu/libglib-2.0.so.0+0x55d3a)

#16 0x7ffff4f71257 (/lib/x86_64-linux-gnu/libglib-2.0.so.0+0xab257)

#17 0x7ffff4f193e2 in g_main_context_iteration (/lib/x86_64-linux-gnu/libglib-2.0.so.0+0x533e2)

#18 0x7ffff32f91cb in QEventDispatcherGlib::processEvents(QFlags<QEventLoop::ProcessEventsFlag>) kernel/qeventdispatcher_glib.cpp:423

#19 0x7ffff329c219 in QEventLoop::exec(QFlags<QEventLoop::ProcessEventsFlag>) kernel/qeventloop.cpp:232

#20 0x7ffff32a51d2 in QCoreApplication::exec() kernel/qcoreapplication.cpp:1371

#21 0x555555904693 in main ../../NewCode/main.cpp:22

#22 0x7ffff2829d8f in __libc_start_call_main ../sysdeps/nptl/libc_start_call_main.h:58

#23 0x7ffff2829e3f in __libc_start_main_impl ../csu/libc-start.c:392

#24 0x5555555dfa34 in _start (/mnt/hgfs/VCode/YiTiJi/Code/integratedmachine/一体机软件/build-Example-Desktop_Qt_5_15_2_GCC_64bit-Debug/Example+0x8ba34)

0x7fffe4bff800 is located 0 bytes to the right of 1536000-byte region [0x7fffe4a88800,0x7fffe4bff800)

allocated by thread T0 here:

#0 0x7ffff74b6357 in operator new[](unsigned long) ../../../../src/libsanitizer/asan/asan_new_delete.cpp:102

#1 0x555555792856 in WindowPlayBackGrayscaleImage::initFile(ZoroyRadarBackplayLineInfo) ../../NewCode/Dialog/Components/windowplaybackgrayscaleimage.cpp:97

#2 0x555555876344 in MainWindow::OpenNewLineSlot(LineFileInfo) ../../NewCode/Dialog/windowmain.cpp:730

#3 0x555555a0d50d in MainWindow::qt_static_metacall(QObject*, QMetaObject::Call, int, void**) /mnt/hgfs/VCode/YiTiJi/Code/integratedmachine/一体机软件/build-Example-Desktop_Qt_5_15_2_GCC_64bit-Debug/moc_windowmain.cpp:308

#4 0x7ffff32d5dde in void doActivate<false>(QObject*, int, void**) kernel/qobject.cpp:3898

#5 0x555555a05901 in LineManager::signal_openLineConfirm(LineFileInfo) /mnt/hgfs/VCode/YiTiJi/Code/integratedmachine/一体机软件/build-Example-Desktop_Qt_5_15_2_GCC_64bit-Debug/moc_WindowLineManager.cpp:562

#6 0x555555803033 in LineManager::OpenLineProcess() ../../NewCode/Dialog/Project/WindowLineManager.cpp:863

#7 0x555555a05ee8 in LineManager::qt_static_metacall(QObject*, QMetaObject::Call, int, void**) /mnt/hgfs/VCode/YiTiJi/Code/integratedmachine/一体机软件/build-Example-Desktop_Qt_5_15_2_GCC_64bit-Debug/moc_WindowLineManager.cpp:493

#8 0x7ffff32d5dde in void doActivate<false>(QObject*, int, void**) kernel/qobject.cpp:3898

#9 0x555555a057cf in OpenAndDeleteLineWindow::signal_openLine() /mnt/hgfs/VCode/YiTiJi/Code/integratedmachine/一体机软件/build-Example-Desktop_Qt_5_15_2_GCC_64bit-Debug/moc_WindowLineManager.cpp:395

#10 0x5555557f41f9 in OpenAndDeleteLineWindow::OnBtnOpenConfirmClicked() ../../NewCode/Dialog/Project/WindowLineManager.cpp:474

#11 0x555555a05b10 in OpenAndDeleteLineWindow::qt_static_metacall(QObject*, QMetaObject::Call, int, void**) /mnt/hgfs/VCode/YiTiJi/Code/integratedmachine/一体机软件/build-Example-Desktop_Qt_5_15_2_GCC_64bit-Debug/moc_WindowLineManager.cpp:308

#12 0x7ffff32d5dde in void doActivate<false>(QObject*, int, void**) kernel/qobject.cpp:3898

#13 0x7ffff484eba1 in QAbstractButton::clicked(bool) .moc/moc_qabstractbutton.cpp:308

SUMMARY: AddressSanitizer: heap-buffer-overflow ../../NewCode/Dialog/Components/windowplaybackgrayscaleimage.cpp:348 in WindowPlayBackGrayscaleImage::SetPlaybackData()

Shadow bytes around the buggy address:

0x10007c977eb0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00

0x10007c977ec0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00

0x10007c977ed0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00

0x10007c977ee0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00

0x10007c977ef0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00

=>0x10007c977f00:[fa]fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa

0x10007c977f10: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa

0x10007c977f20: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa

0x10007c977f30: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa

0x10007c977f40: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa

0x10007c977f50: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa

Shadow byte legend (one shadow byte represents 8 application bytes):

Addressable: 00

Partially addressable: 01 02 03 04 05 06 07

Heap left redzone: fa

Freed heap region: fd

Stack left redzone: f1

Stack mid redzone: f2

Stack right redzone: f3

Stack after return: f5

Stack use after scope: f8

Global redzone: f9

Global init order: f6

Poisoned by user: f7

Container overflow: fc

Array cookie: ac

Intra object redzone: bb

ASan internal: fe

Left alloca redzone: ca

Right alloca redzone: cb

Shadow gap: cc

==16320==ABORTING

通过观察发现是 ../../NewCode/Dialog/Components/windowplaybackgrayscaleimage.cpp:348 这行有问题，然后在通过0x7fffe4bff800 is located 0 bytes to the right of 1536000-byte region [0x7fffe4a88800,0x7fffe4bff800) 这句话就彻底明白你是怎么出错的了，很明显是内存越界了。

你要英语不好，实在看不明白就把这些关键信息放文心一言里面，它能帮你翻译一下