CODEBROWSER

KDAB|Training

Expertise

Trusted Software Excellence across Desktop and Embedded

Take a glance at the areas of expertise where KDAB excels ranging from swift troubleshooting, ongoing consulting and training to multi-year, large-scale software development projects.

Find out why customers from innovative industries rely on our extensive expertise, including Medical, Biotech, Science, Renewable Energy, Transportation, Mobility, Aviation, Automation, Electronics, Agriculture and Defense.

Embedded DevicesEmbedded Devices

High-quality Embedded Engineering across the Stack

To successfully develop an embedded device that meets your expectations regarding quality, budget and time to market, all parts of the project need to fit perfectly together.

Learn more about KDAB's expertise in embedded software development.

Read More

Cross-Platform Desktop ApplicationsCross-Platform Desktop Applications

Create complex Applications for the Desktop

Where the capabilities of modern mobile devices or web browsers fall short, KDAB engineers help you expertly architect and build high-functioning desktop and workstation applications.

Read More

Medical DevicesMedical Devices

Extensible, Safety-compliant Software for the Medical Sector

Create intelligent, patient-focused medical software and devices and stay ahead with technology that adapts to your needs.

KDAB offers you expertise in developing a broad spectrum of clinical and home-healthcare devices, including but not limited to, internal imaging systems, robotic surgery devices, ventilators and non-invasive monitoring systems.

Read More

Vehicle DashboardsVehicle Dashboards

Fluid animations and gesture-controlled UIs

Building digital dashboards and cockpits with fluid animations and gesture-controlled touchscreens is a big challenge.

In over two decades of developing intricate UI solutions for cars, trucks, tractors, scooters, ships, airplanes and more, the KDAB team has gained market leading expertise in this realm.

Read More

Custom Industrial HMICustom Industrial HMI

Build on Advanced Expertise when creating Modern UIs

KDAB assists you in the creation of user-friendly interfaces designed specifically for industrial process control, manufacturing, and fabrication.

Our specialties encompass the custom design and development of HMIs, enabling product accessibility from embedded systems, remote desktops, and mobile devices on the move.

Read More

Modernizing Legacy SoftwareModernizing Legacy Software

Reduce Technical Debt

Legacy software is a growing but often ignored problem across all industries. KDAB helps you elevate your aging code base to meet the dynamic needs of the future.

Whether you want to migrate from an old to a modern GUI toolkit, update to a more recent version, or modernize your code base, you can rely on over 25 years of modernization experience.

Read More

Services

Software Consulting, Development and Training

KDAB offers a wide range of services to address your software needs including consulting, development, workshops and training tailored to your requirements.

Our expertise spans cross-platform desktop, embedded and 3D application development, using the proven technologies for the job.

Software ConsultingSoftware Consulting

Guidance for your Software Project across the Stack

Get expert advice on any phase of your project's journey, from inception to execution, across multiple platforms and hardware.

KDAB provides guidance on architectural approach, UI strategy, development tooling, test infrastructure, deployment model, runtime execution and more.

Read More

Code Modernization

UI Modernization

Development processes and tooling

Performance optimization

Software Architecture

Migration from legacy frameworks

Qt ServicesQt Services

Expert Qt Solutions for Your Needs

When working with KDAB, the first-ever Qt consultancy, you benefit from a deep understanding of Qt internals, that allows us to provide effective solutions, irrespective of the depth or scale of your Qt project.

Qt Services include developing applications, building runtimes, mixing native and web technologies, solving performance issues, and porting problems.

Read More

Embedded DevelopmentEmbedded Development

Build rich embedded applications for your embedded UI

Turn your vision into reality and unleash the potential of your embedded development projects.

KDAB helps you navigate the complex landscape of embedded development, ensuring your software performs optimally on your chosen hardware.

Read More

Cross-Platform Desktop DevelopmentCross-Platform Desktop Development

Get help with all Aspects of Desktop Applications

KDAB helps create commercial, scientific or industrial desktop applications from scratch, or update its code or framework to benefit from modern features.

Discover clean, efficient solutions that precisely meet your requirements.

Read More

3D Software Development3D Software Development

Simplify the complexity of 3D

Creating 3D applications can be overwhelming due to terminology, visual concepts, and advanced math.

KDAB simplifies this task, providing you with the best solution for your 3D project, easing complexities and maximizing efficiency.

Read More

OpenGL Expert Services

Vulkan Integration

Developer TrainingDeveloper Training

Professional Developer Training Courses

Boost your team's programming skills with in-depth, constantly updated, hands-on training courses delivered by active software engineers who love to teach and share their knowledge.

Our courses cover Modern C++, Qt/QML, Rust, 3D programming, Debugging, Profiling and more.

Read More

Technologies

Make the right Technology Choices

The collective expertise of KDAB's engineering team is at your disposal to help you choose the software stack for your project or master domain-specific challenges.

Our particular focus is on software technologies you use for cross-platform applications or for embedded devices.

Qt / QMLQt / QML

Leading Qt Expertise

Since 1999, KDAB has been the largest independent Qt consultancy worldwide and today is a Qt Platinum partner. Our experts can help you with any aspect of software development with Qt and QML.

Read More

Modern C++Modern C++

Deep understanding of Modern C++

KDAB specializes in Modern C++ development, with a focus on desktop applications, GUI, embedded software, and operating systems.

Our experts are industry-recognized contributors and trainers, leveraging C++'s power and relevance across these domains to deliver high-quality software solutions.

Read More

RustRust

Integrate Rust into your application

KDAB can guide you incorporating Rust into your project, from as overlapping element to your existing C++ codebase to a complete replacement of your legacy code.

Read More

How to build Hybrid Rust and C++ Applications

Enhance Software Safety and Performance with Rust Integration

Platforms for Applications and DevicesPlatforms for Applications and Devices

Unique Expertise for Desktop and Embedded Platforms

Whether you are using Linux, Windows, MacOS, Android, iOS or real-time OS, KDAB helps you create performance optimized applications on your preferred platform.

Read More

Windows

macOS / iOS

QNX

Unix / X11 (Motif)

Android

Web Engines

Linux Desktop

Embedded Linux

SlintSlint

A lightweight GUI toolkit

If you are planning to create projects with Slint, a lightweight alternative to standard GUI frameworks especially on low-end hardware, you can rely on the expertise of KDAB being one of the earliest adopters and official service partner of Slint.

Read More

FlutterFlutter

Flutter for Embedded and Desktop

KDAB has deep expertise in embedded systems, which coupled with Flutter proficiency, allows us to provide comprehensive support throughout the software development lifecycle.

Our engineers are constantly contributing to the Flutter ecosystem, for example by developing flutter-pi, one of the most used embedders.

Read More

3D Technologies3D Technologies

Cutting-edge 3D / XR

Incorporating 3D into 2D UIs or creating compelling XR experiences can be challenging.

Create visually stunning, ultra-realistic 3D graphics, dynamic 2D user interfaces, or leveraging the power of hardware-accelerated computation.

The 3D experts at KDAB bring incisive know-how for your project.

Read More

Qt 3D

Vulkan – next generation graphics & compute

OpenGL expert services

KDAB ToolsKDAB Tools

Developer Tools from KDAB

The right tools and libraries can skyrocket developers' productivity.

Take advantage of KDAB's popular open source tools for tasks including profiling, debugging and continuous integration (CI).

Read More

GammaRay

KD Reports

KD Chart

Hotspot

KD SOAP

KDDockWidgets

KDAB LabsKDAB Labs

Research & Development at KDAB

KDAB invests significant time in exploring new software technologies to maintain its position as software authority. Benefit from this research and incorporate it eventually into your own project.

Read More

KDGpu

Resources

Start here to browse infos on the KDAB website(s) and take advantage of useful developer resources like blogs, publications and videos about Qt, C++, Rust, 3D technologies like OpenGL and Vulkan, the KDAB developer tools and more.

BlogsBlogs

KDAB engineers and designers constantly share cutting-edge technology insights with regard to Qt, QML, C++, Rust, Linux, Vulkan, OpenGL, Qt 3D, scalable UIs and more topics.

Stay up-to-date and be inspired with their blogs.

Read More

EventsEvents

Get a quick overview of events relevant to the software industry and with involvment of KDAB, be it as speakers, sponsors, exhibitors or organizer.

Take the opportunity to reach out to our experts directly. See you there!

Read More

PublicationsPublications

KDAB regularly publishes in-depth papers, brochures and other material on topics relevant to software developers and desicion makers.

Have a look at the list of KDAB publictions.

Read More

VideosVideos

The KDAB Youtube channel has become a go-to source for developers looking for high-quality tutorial and information material around software development with Qt/QML, C++, Rust and other technologies.

Click to navigate the all KDAB videos directly on this website.

Read More

Why KDAB

A software supplier you can rely on

In over 25 years KDAB has served hundreds of customers from various industries, many of them having become long-term customers who value our unique expertise and dedication.

Learn more about KDAB as a company, understand why we are considered a trusted partner by many and explore project examples in which we have proven to be the right supplier.

About KDABAbout KDAB

Committed, compassionate, trustworthy

The KDAB Group is a globally recognized provider for software consulting, development and training, specializing in embedded devices and complex cross-platform desktop applications.

Read more about the history, the values, the team and the founder of the company.

Read More

Proven ExcellenceProven Excellence

Customer Success Stories

When working with KDAB you can expect quality software and the desired business outcomes thanks to decades of experience gathered in hundreds of projects of different sizes in various industries.

Have a look at selected examples where KDAB has helped customers to succeed with their projects.

Read More

Trusted PartnerTrusted Partner

Benefit from a strong partner network

Lasting relationships reduce frictions in software development projects and help to guarantee success.

Benefit from the established relationships KDAB has with well-selected hardware suppliers and specialized domain experts.

Read More

Software Excellence for Texas Instruments

Better SoftwareBetter Software

Constantly improving Software Quality

KDAB is committed to developing high-quality and high-performance software, and helping other developers deliver to the same high standards.

We create software with pride to improve your engineering and your business, making your products more resilient and maintainable with better performance.

Read More

ISO 9001ISO 9001

ISO 9001 certified software services

KDAB has been the first certified Qt consulting and software development company in the world, and continues to deliver quality processes that meet or exceed the highest expectations.

Read More

Working at KDABWorking at KDAB

Looking for a new challenge?

In KDAB we value practical software development experience and skills higher than academic degrees. We strive to ensure equal treatment of all our employees regardless of age, ethnicity, gender, sexual orientation, nationality.

Interested? Read more about working at KDAB and how to apply for a job in software engineering or business administration.

Read More

Contact

Search

Better_Software_Header_MobileBetter_Software_Header_Web

Find what you need - explore our website and developer resources

How to build Qt with the Address Sanitizer on Windows

1 comment

Alessandro Ambrosano

10 December 2020

Advanced Search

Tags

blogc++kdab on qt

Some time ago, I wrote about how to build C++ projects with ASAN on Windows. Now, if you happen to deal with Qt projects you may want to take this one step further and sanitize Qt itself.

Why bother with a sanitized Qt build?

Let's have a closer look on why having a sanitized Qt build around is a good idea.

If you're already patching Qt for your own needs, sanitizing Qt is the only way to check for bugs on your code. This is the reason why we use sanitizers in the first place.

Otherwise, you may argue that Qt is "good" or "safe" or "bug free" enough. This, in principle, is not a safe assumption. Choosing to take your chances may still leave some of your bugs on the table. Let's see an example:

#include <QApplication>
#include <QByteArray>
#include <QDebug>
#include <QTimer>

int main(int argc, char* argv[])
{
    QApplication app(argc, argv);

    QTimer t;
    t.setInterval(0);
    t.setSingleShot(true);
    {
        QByteArray ba = QByteArrayLiteral("Test byte array literal");
        t.connect(&t, &QTimer::timeout, &t, [d=ba.data()](){
            qDebug() << d;
        });
    }
    t.start();

    return app.exec();
}

When we build this code with the address sanitizer and run it, we get this output:

Test byte array literal

Great, all good! Or is it? Let's try to run the same code with a sanitized Qt. This is the output:

=================================================================
==15844==ERROR: AddressSanitizer: heap-use-after-free on address 0x12643130a628 at pc 0x7ff81ca3e54a bp 0x00b1e08f86e0 sp 0x00b1e08f8728
READ of size 24 at 0x12643130a628 thread T0
    #0 0x7ff81ca3e572 in _asan_wrap_strlen+0x1b2 (C:\Program Files (x86)\Microsoft Visual Studio\2019\Professional\VC\Tools\Llvm\x64\lib\clang\10.0.0\lib\windows\clang_rt.asan_dynamic-x86_64.dll+0x18002e572)
    #1 0x7ff813417f6e in QString::fromUtf8 C:\qt5\qtbase\src\corelib\tools\qstring.h:572
    #2 0x7ff7780318aa in QtPrivate::QFunctorSlotObject<`lambda at C:\test-build-with-sanitized-qt\main.cpp:15:45',0,QtPrivate::List<>,void>::impl C:\qt-build-sanitized\include\QtCore\qobjectdefs_impl.h:439
    #3 0x7ff813cd4fc3 in QMetaObject::activate C:\qt5\qtbase\src\corelib\kernel\qobject.cpp:3781
    #4 0x7ff813cf1671 in QTimer::timerEvent C:\qt5\qtbase\src\corelib\kernel\qtimer.cpp:255
    #5 0x7ff813cbfcf5 in QObject::event C:\qt5\qtbase\src\corelib\kernel\qobject.cpp:1247
    #6 0x7ff8158ac7a7 in QApplicationPrivate::notify_helper C:\qt5\qtbase\src\widgets\kernel\qapplication.cpp:3737
    #7 0x7ff8158b2470 in QApplication::notify C:\qt5\qtbase\src\widgets\kernel\qapplication.cpp:3598
    #8 0x7ff813c19f8d in QCoreApplication::notifyInternal2 C:\qt5\qtbase\src\corelib\kernel\qcoreapplication.cpp:1084
    #9 0x7ff813d7ef0d in QEventDispatcherWin32::event C:\qt5\qtbase\src\corelib\kernel\qeventdispatcher_win.cpp:1064
    #10 0x7ff8158ac7a7 in QApplicationPrivate::notify_helper C:\qt5\qtbase\src\widgets\kernel\qapplication.cpp:3737
    #11 0x7ff8158b2470 in QApplication::notify C:\qt5\qtbase\src\widgets\kernel\qapplication.cpp:3598
    #12 0x7ff813c19f8d in QCoreApplication::notifyInternal2 C:\qt5\qtbase\src\corelib\kernel\qcoreapplication.cpp:1084
    #13 0x7ff813c1f045 in QCoreApplicationPrivate::sendPostedEvents C:\qt5\qtbase\src\corelib\kernel\qcoreapplication.cpp:1821
    #14 0x7ff84512b0b5 in QWindowsGuiEventDispatcher::sendPostedEvents C:\qt5\qtbase\src\platformsupport\eventdispatchers\qwindowsguieventdispatcher.cpp:81
    #15 0x7ff813d6fdee in qt_internal_proc C:\qt5\qtbase\src\corelib\kernel\qeventdispatcher_win.cpp:245
    #16 0x7ff88793e857 in CallWindowProcW+0x3f7 (C:\WINDOWS\System32\USER32.dll+0x18000e857)
    #17 0x7ff88793e298 in DispatchMessageW+0x258 (C:\WINDOWS\System32\USER32.dll+0x18000e298)
    #18 0x7ff813d757d5 in QEventDispatcherWin32::processEvents C:\qt5\qtbase\src\corelib\kernel\qeventdispatcher_win.cpp:639
    #19 0x7ff84512b046 in QWindowsGuiEventDispatcher::processEvents C:\qt5\qtbase\src\platformsupport\eventdispatchers\qwindowsguieventdispatcher.cpp:74
    #20 0x7ff813c0aaaf in QEventLoop::exec C:\qt5\qtbase\src\corelib\kernel\qeventloop.cpp:225
    #21 0x7ff813c1bf60 in QCoreApplication::exec C:\qt5\qtbase\src\corelib\kernel\qcoreapplication.cpp:1385
    #22 0x7ff778031443 in main C:\test-build-with-sanitized-qt\main.cpp:21
    #23 0x7ff7780326b3 in __scrt_common_main_seh D:\agent\_work\9\s\src\vctools\crt\vcstartup\src\startup\exe_common.inl:288
    #24 0x7ff888866fd3 in BaseThreadInitThunk+0x13 (C:\WINDOWS\System32\KERNEL32.DLL+0x180016fd3)
    #25 0x7ff8890fcec0 in RtlUserThreadStart+0x20 (C:\WINDOWS\SYSTEM32\ntdll.dll+0x18004cec0)
0x12643130a628 is located 24 bytes inside of 48-byte region [0x12643130a610,0x12643130a640)
freed by thread T0 here:
    #0 0x7ff81ca45094 in _asan_memmove+0x344 (C:\Program Files (x86)\Microsoft Visual Studio\2019\Professional\VC\Tools\Llvm\x64\lib\clang\10.0.0\lib\windows\clang_rt.asan_dynamic-x86_64.dll+0x180035094)
    #1 0x7ff77803141f in main C:\test-build-with-sanitized-qt\main.cpp:18
    #2 0x7ff7780326b3 in __scrt_common_main_seh D:\agent\_work\9\s\src\vctools\crt\vcstartup\src\startup\exe_common.inl:288
    #3 0x7ff888866fd3 in BaseThreadInitThunk+0x13 (C:\WINDOWS\System32\KERNEL32.DLL+0x180016fd3)
    #4 0x7ff8890fcec0 in RtlUserThreadStart+0x20 (C:\WINDOWS\SYSTEM32\ntdll.dll+0x18004cec0)
previously allocated by thread T0 here:
    #0 0x7ff81ca451a4 in _asan_memmove+0x454 (C:\Program Files (x86)\Microsoft Visual Studio\2019\Professional\VC\Tools\Llvm\x64\lib\clang\10.0.0\lib\windows\clang_rt.asan_dynamic-x86_64.dll+0x1800351a4)
    #1 0x7ff813503701 in QArrayData::allocate C:\qt5\qtbase\src\corelib\tools\qarraydata.cpp:118
    #2 0x7ff81350bcaf in QByteArray::reallocData C:\qt5\qtbase\src\corelib\tools\qbytearray.cpp:1905
    #3 0x7ff81341493b in QByteArray::data C:\qt5\qtbase\src\corelib\tools\qbytearray.h:569
    #4 0x7ff778031313 in main C:\test-build-with-sanitized-qt\main.cpp:15
    #5 0x7ff7780326b3 in __scrt_common_main_seh D:\agent\_work\9\s\src\vctools\crt\vcstartup\src\startup\exe_common.inl:288
    #6 0x7ff888866fd3 in BaseThreadInitThunk+0x13 (C:\WINDOWS\System32\KERNEL32.DLL+0x180016fd3)
    #7 0x7ff8890fcec0 in RtlUserThreadStart+0x20 (C:\WINDOWS\SYSTEM32\ntdll.dll+0x18004cec0)
SUMMARY: AddressSanitizer: heap-use-after-free (C:\Program Files (x86)\Microsoft Visual Studio\2019\Professional\VC\Tools\Llvm\x64\lib\clang\10.0.0\lib\windows\clang_rt.asan_dynamic-x86_64.dll+0x18002e572) in _asan_wrap_strlen+0x1b2
Shadow bytes around the buggy address:
  0x04a8b7561470: fa fa fd fd fd fd fd fa fa fa fd fd fd fd fd fa
  0x04a8b7561480: fa fa fd fd fd fd fd fa fa fa fd fd fd fd fd fa
  0x04a8b7561490: fa fa 00 00 00 00 00 00 fa fa 00 00 00 00 00 00
  0x04a8b75614a0: fa fa 00 00 00 00 00 fa fa fa 00 00 00 00 01 fa
  0x04a8b75614b0: fa fa 00 00 00 00 00 fa fa fa 00 00 00 00 00 00
=>0x04a8b75614c0: fa fa fd fd fd[fd]fd fd fa fa 00 00 00 00 00 00
  0x04a8b75614d0: fa fa 00 00 00 00 00 00 fa fa 00 00 00 00 00 00
  0x04a8b75614e0: fa fa fd fd fd fd fd fa fa fa fd fd fd fd fd fa
  0x04a8b75614f0: fa fa fd fd fd fd fd fa fa fa fd fd fd fd fd fa
  0x04a8b7561500: fa fa 00 00 00 00 00 fa fa fa 00 00 00 00 00 fa
  0x04a8b7561510: fa fa 00 00 00 00 00 04 fa fa 00 00 00 00 00 04
Shadow byte legend (one shadow byte represents 8 application bytes):
  Addressable: 00
  Partially addressable: 01 02 03 04 05 06 07
  Heap left redzone: fa
  Freed heap region: fd
  Stack left redzone: f1
  Stack mid redzone: f2
  Stack right redzone: f3
  Stack after return: f5
  Stack use after scope: f8
  Global redzone: f9
  Global init order: f6
  Poisoned by user: f7
  Container overflow: fc
  Array cookie: ac
  Intra object redzone: bb
  ASan internal: fe
  Left alloca redzone: ca
  Right alloca redzone: cb
  Shadow gap: cc
==15844==ABORTING

This is because, in the call to connect on line 15, we are copying a pointer to the internal buffer of a QByteArray, which will be already gone when the timer is started. Note that this is not inherently a Qt bug. Additionally, the documentation warns us that the lifetime of that pointer is bound to the one of the byte array. Since all of the allocations are happening inside Qt without sanitizing Qt itself, this bug will go undetected.

Building Qt with the Address Sanitizer

To generate a sanitized Qt build, we are going to use clang. Clang has been providing the Address Sanitizer on Windows for a while. This means we will only be able to create a release build for Qt, as clang on windows doesn't support debug builds with the Address Sanitizer. If you have a recent version of Visual Studio, you can choose to do the same with the cl compiler in a similar way.

Qt comes with bundled mkspecs, to build with either clang or clang-cl. We will be creating our own sanitized clang-cl mkspec based on the original clang-cl one. To do so, duplicate the folder qt5/qtbase/mkspecs/win32-clang-msvc to qt5/qtbase/mkspecs/win32-clang-msvc-with-address-sanitizer. Next, replace the content of qmake.conf with the following:

include(../win32-clang-msvc/qmake.conf)
# Generate debug information
CONFIG += force_debug_info
# Force release build as debug builds are not supported
CONFIG += release
QMAKE_CFLAGS_RELEASE_WITH_DEBUGINFO += -fsanitize=address
QMAKE_CXXFLAGS_RELEASE_WITH_DEBUGINFO += -fsanitize=address
# # Add the path to the clang ASAN runtime and link against
QMAKE_LFLAGS_RELEASE_WITH_DEBUGINFO += /LIBPATH:\"C:/Program Files (x86)/Microsoft Visual Studio/2019/Professional/VC/Tools/Llvm/x64/lib/clang/10.0.0/lib/windows\"
QMAKE_LFLAGS_RELEASE_WITH_DEBUGINFO += clang_rt.asan_dynamic-x86_64.lib /wholearchive:clang_rt.asan_dynamic_runtime_thunk-x86_64.lib

Now you can start building by specifying the mkspec with -platform win32-clang-msvc-with-address-sanitizer. Also, make sure you pass -no-pch to the configure script. Otherwise, the build will fail.

Note that, since rcc and moc are built with ASAN as well. They may (and will) generate some ASAN warnings at build time. So make sure you have ASAN_OPTIONS=halt_on_error=0 in your build environment. Do the same for building all your projects using this sanitized Qt version.

Some final touches

If you try launching an application built against this sanitized Qt build, it will raise an exception at startup. The error will look like this:

Unhandled exception at 0x00007FFA44FF2807 (Qt5Core.dll) in qtplain.exe: 0xC0000005: Access violation writing location 0x00000000756E6587.

What is this about? Let's have a look at the disassembled code around the affected area:

0x00007FFA2DD827F4 xor eax,eax
0x00007FFA2DD827F6 xor ecx,ecx
0x00007FFA2DD827F8 cpuid
0x00007FFA2DD827FA mov esi,eax
0x00007FFA2DD827FC mov rdi,qword ptr [__asan_shadow_memory_dynamic_address (07FFA2EDC6E60h)]
0x00007FFA2DD82803 lea r12,[rbx+60h]
0x00007FFA2DD82807 mov qword ptr [rbx+40h],41B58AB3h  <-- EIP

What's going on is that the cpuid instruction, when invoked with eax=0 (see xor eax, eax on address 00007FFA2DD827F4), will write a 12 bytes string spread on the three registries ebx, edx, ecx - in that order - identifying the manufacturer of the CPU.

In my case, for instance, cpuid returns 'GenuineIntel', which translates, adjusting for endianness, to the following values for rbx, rdx, rdx:

rbx: 0x00000000756E6547 . . . . u n e G
rdx: 0x0000000049656E69 . . . . I e n i
rcx: 0x000000006C64746E . . . . l e t n

A few instructions later, where the application breaks, the instruction on 0x00007FFA2DD82807 is trying to write on ebx + 0x40, whose value is exactly 0x00000000756E6587 (the address mentioned in the error message).

This means the registry wasn't backed up and restored by the compiler around the cpuid instruction. This is a known clang bug that happens when a heap allocation occurs right after a cpuid instruction with ASAN enabled. Or, more in general, it is a rare bug that results in ebx being mismanaged by the compiler (see this and this).

So what can we do about it?

For lack of better options, a quick workaround for this is to replace all the calls to cpuid (see below) with their return values. To do so, just run all the calls to __cpuid on a small program. Then, copy the values on the Qt source code. The following is a list of all the occurrences:

Conclusion

The Address Sanitizer is a helpful tool for tracking and solving memory bugs. However, limiting ourselves to sanitize only our own code is not enough. Libraries can prevent bad API usage only up to a certain point. There are still cases where damage can be done undetected. Sanitizing consumed libraries will greatly increase the surface for automatic bug detection. Qt's open source nature allows us to leverage this opportunity.

If you'd like to learn more about the tooling available for C++ developers working with Windows, you might be interested in our Debugging and Profiling C++ Applications on Windows training.

About KDAB

Trusted software excellence across embedded and desktop platforms

The KDAB Group is a globally recognized provider for software consulting, development and training, specializing in embedded devices and complex cross-platform desktop applications. In addition to being leading experts in Qt, C++ and 3D technologies for over two decades, KDAB provides deep expertise across the stack, including Linux, Rust and modern UI frameworks. With 100+ employees from 20 countries and offices in Sweden, Germany, USA, France and UK, we serve clients around the world.

Tags

blogc++kdab on qtperformanceqmlqttechnicaltoolswindows

1 Comment

28 - Jan - 2021

Leo Schubert

Great post Allessandro ! Any hint where to look at if the clang issue with the CPUID is fixed ? Also I wonder why the precompiled headers are not working under Windows, is this a windows thingy ? Normally clang is very good at precompiled headers. Regards, Leo

I have read and agree to the privacy policy.

KDAB is committed to ensuring that your privacy is protected.

  • Only the above data is collected about you when you fill out this form.
  • The data will be stored securely.
  • If you wish for us to erase it, email us at info@kdab.com.

For more information about our Privacy Policy, please read our privacy policy.

AlessandorAmbrosano

Alessandro Ambrosano

Senior Software Engineer

Alessandro Ambrosano is a Senior Software Engineer at KDAB

Related Content

How to Build C++ Projects with the Address Sanitizer on Windows

memory bug detection via compiler extension

Learn Modern C++

Our hands-on Modern C++ training courses are designed to quickly familiarize newcomers with the language. They also update professional C++ developers on the latest changes in the language and standard library introduced in recent C++ editions.

Learn more