Skip to content

Conversation

uilianries
Copy link
Member

@uilianries uilianries commented Aug 20, 2025

Signed-off-by: Uilian Ries <[email protected]>
Signed-off-by: Uilian Ries <[email protected]>
Signed-off-by: Uilian Ries <[email protected]>
@uilianries uilianries marked this pull request as ready for review August 22, 2025 13:03
Signed-off-by: Uilian Ries <[email protected]>
Co-authored-by: Carlos Zoido <[email protected]>
Comment on lines 20 to 21
Modeling and applying sanitizers using settings
-----------------------------------------------
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think it would be good, before this section, to add a bit of explanation about how sanitizers influence binary compatibility and then, as a result, explain how you can model it for these cases.

Also, it would be great to do some research about if all the sanitizers will make binaries to break compatibility or there are cases were you can apply the sanitizers just as flags without the risk of producing incompatible binaries.

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I've added an explanation about what each sanitizers does in the library/application and their abi compatibility as well. Please, review it again.

Comment on lines 33 to 37
.. code-block:: bash
git clone https://github.com/conan-io/examples2.git
cd examples2/examples/dev_flow/sanitizers/compiler_sanitizers
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I’d suggest restructuring the page so readers get the why/what before the how. Right now the doc asks to clone the repo in the middle of conceptual explanations, which interrupts the flow. It would be clearer to start with the important concepts and only then move to the hands-on example.

Depending on how extensive we want the theoretical part to be, we might even split it out into a separate page (so this page stays more tutorial-oriented, and the other more reference-style).

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I moved to the end of the document:

Present everything about Sanitizers -> How to configure Sanitizer with Conan -> Example -> Final considerations.


Sanitizers are powerful tools for detecting runtime bugs like buffer overflows, data races, memory leaks,
dangling pointers, use-of-uninitialized memory, and various types of undefined behavior. Compilers such as
GCC, Clang, and MSVC support these tools through specific compiler and linker flags.
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think it would be good to talk about the difference in sanitizer support for each compiler, maybe do a comparative table or something like that?

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This would be huge, considering the number of sanitizers supported by llvm. I pointed the sanitizers pages as a link in the documentation.

Let me add a table, in case it gets too big, we can still summarize to most important sanitizers.

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It's just for consideration, if you think that it would add value...

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Just added some tables, indeed it is much clearer and visible now. Thank you for that suggestion! Please, take a look.

@uilianries uilianries changed the base branch from release/2.19 to release/2.21 October 2, 2025 06:35
uilianries and others added 8 commits October 2, 2025 08:51
uilianries and others added 6 commits October 2, 2025 08:51
Co-authored-by: Carlos Zoido <[email protected]>
Signed-off-by: Uilian Ries <[email protected]>
Signed-off-by: Uilian Ries <[email protected]>
Signed-off-by: Uilian Ries <[email protected]>
Signed-off-by: Uilian Ries <[email protected]>
Comment on lines 27 to 28
This approach is preferred because enabling a sanitizer alters the package ID, allowing you to build and use
the same binary package with or without sanitizers. This is ideal for development and debugging workflows.
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I like this, once it has been defined above the importance of using sanitizers only in dev-environments, I fully agree that a different package_id is quite good default approach, even if binary compatibility isn't fully necessary

compiler:
clang:
sanitizer: [null, Address, Leak, Thread, Memory, UndefinedBehavior, HardwareAssistanceAddress, KernelAddress, AddressUndefinedBehavior, ThreadUndefinedBehavior]
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Is it possible to enable more than 1 sanitizer simultaneously? How would that be represented?

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Oh, I see, some of them are actually combinations of Address+Undefined, for example. I think this deserves a line of explanation

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Added an explanation on the commit 4311346

Comment on lines 236 to 237
conan export signed_integer_overflow/
conan install --requires=signed_integer_overflow/0.1.0 -pr profiles/asan_ubsan -of signed_integer_overflow/install --build=missing
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Why not simplify to a conan build command?

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Conan export + conan install is olde school. Let me update to conan build then :)

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Done, updated in the commit 81e012b


dev_flow/debug/step_into_dependencies
dev_flow/debug/debugging_visual
dev_flow/sanitizers/compiler_sanitizers
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Sure this is the best section? I'd say sanitizing is not necessarily a "developer flow", but instead something that likely runs on CI. Maybe it could be part of "Security"?

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Initially, I did have a clear idea where to put it, as Conan 1.x documentation does not follow the same structure. I just moved to the security section on the commit a1095e2.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

3 participants