Edit

Share via

AddressSanitizer known issues

  • Article

Note

Send us feedback on what you'd like to see in future releases, and report bugs if you run into issues.

Incompatible options and functionality

These options and functionality are incompatible with /fsanitize=address and should be disabled or avoided.

Standard library support

The MSVC standard library (STL) is partially enlightened to understand the AddressSanitizer and provide other checks. For more information, see container-overflow error.

When annotations are disabled or in versions without support, AddressSanitizer exceptions raised in STL code do still identify true bugs. However, they aren't as precise as they could be.

This example demonstrates the lack of precision and the benefits of enabling annotations:

C++ 
// Compile with: cl /fsanitize=address /Zi
#include <vector>

int main() {   
    // Create a vector of size 10, but with a capacity of 20.    
    std::vector<int> v(10);
    v.reserve(20);

    // In versions prior to 17.2, MSVC ASan does NOT raise an exception here.
    // While this is an out-of-bounds write to 'v', MSVC ASan
    // ensures the write is within the heap allocation size (20).
    // With 17.2 and later, MSVC ASan will raise a 'container-overflow' exception:
    // ==18364==ERROR: AddressSanitizer: container-overflow on address 0x1263cb8a0048 at pc 0x7ff6466411ab bp 0x005cf81ef7b0 sp 0x005cf81ef7b8
    v[10] = 1;

    // Regardless of version, MSVC ASan DOES raise an exception here, as this write
    // is out of bounds from the heap allocation.
    v[20] = 1;
}

Overriding operator new and delete

AddressSanitizer (ASAN) has a custom version of operator new and operator delete that it uses to find more allocation errors like alloc_dealloc_mismatch. Running the linker with /INFERASANLIBS ensures that ASAN's new/delete override has low precedence, so that the linker chooses any operator new or operator delete overrides in other libraries over ASAN's custom versions. When this happens, ASAN may not be able to catch some errors that rely on its custom operator new and operator delete.

MFC includes custom overrides for operator new and operator delete and so might miss errors like alloc_dealloc_mismatch.

Windows versions

As there are dependencies with specific Windows versions, support is focused on Windows 10. MSVC AddressSanitizer was tested on 10.0.14393 (RS1), and 10.0.21323 (prerelease insider build). Report a bug if you run into issues.

Memory usage

The AddressSanitizer runtime doesn't release memory back to the OS during execution. From the OS's point of view, it may look like there's a memory leak. This design decision is intentional, so as not to allocate all the required memory up front.

AddressSanitizer runtime DLL locations

The clang_rt.asan*.dll runtime files are installed next to the compilers in %VSINSTALLDIR%\VC\Tools\MSVC\<version>\bin\<host-arch>\<target-arch>\. These locations are on the path in debugging sessions, and in Visual Studio developer command prompts. These files are never placed in C:\Windows\System32 or C:\Windows\SysWOW64.

Custom property sheet support

The Property Manager window in the Visual Studio IDE allows you to add custom .props files to your projects. Even though the Enable Address Sanitizer property (<EnableASAN>) is shown, the build doesn't honor it. That's because the custom .props files get included after Microsoft.cpp.props, which uses the <EnableASAN> value to set other properties.

As a workaround, you can create a Directory.Build.props file in the root of your project to define the <EnableASAN> property. For more information, see Customize C++ builds.

See also

AddressSanitizer overview
AddressSanitizer build and language reference
AddressSanitizer runtime reference
AddressSanitizer shadow bytes
AddressSanitizer cloud or distributed testing
AddressSanitizer debugger integration
AddressSanitizer error examples