0

There is the following piece of code

#include <iostream>
#include <type_traits>
thread_local std::aligned_storage_t<1024> data;
int main() {
    std::cout << sizeof(data) << std::endl;
    uint8_t * d = new (&data) uint8_t[1024];
    d[1025] = '6';
    std::cout << d[1025] << std::endl;
}

Sanitiser does not detect buffer overflow

Code sample https://godbolt.org/z/r34f9jexj

Improve this question
5
  • 1
    You don't need the placement-new, this reproduces on a plain array: godbolt.org/z/Y5Pc3TKvT (on both Clang and GCC). Interestingly, I can also repro on non-thread-local array (but only on GCC, Clang catches this one). I'd report this as a bug to ASAN. Commented Apr 17, 2024 at 7:08
  • ASAN needs to be instrument specifically for container types. There is, for example, a special implementation for std::vector in ASAN: std::vector will often allocate more memory than immediately needed to store the data (see .capacity()), and ASAN has code in there to still figure out that the read/write was out of bounds of the vector. My guess is that ASAN doesn't yet have special handling code for aligned_storage_t, which is why it's likely it doesn't find the error in your case. Commented Apr 17, 2024 at 7:12
  • github.com/google/sanitizers/issues/12 Commented Apr 17, 2024 at 7:16
  • @chris_se My understanding is that it should do the right thing by default. std::vector needs manual instrumentation only because you want to catch out-of-bounds accesses that are not outside the capacity (which isn't inherenrly illegal from ASAN's point of view). Commented Apr 17, 2024 at 7:19
  • undefined catches it godbolt.org/z/TTrW1oYK3 Commented Apr 17, 2024 at 7:20

1 Answer 1

Reset to default
4

It looks like sanitisation of thread_local global variables hasn't been implemented yet https://github.com/google/sanitizers/issues/12

Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.