Compiler-based dynamic code analysis
Compiler-based sanitizers contain two parts: compiler instrumentation and runtime diagnostics:
- Compiler instrumentation: When you compile your C++ code with sanitizers enabled, the compiler instruments the generated binary with additional checks. These checks are strategically inserted into the code to monitor for specific types of errors. For instance, ASan adds code to track memory allocations and accesses, enabling it to detect memory misuses such as buffer overflows and memory leaks.
- Runtime diagnostics: As the instrumented program runs, these checks actively monitor the program’s behavior. When a sanitizer detects an error (such as a memory access violation or a data race), it immediately reports this, often with detailed information about the location and nature of the error. This real-time feedback is invaluable for identifying and fixing elusive bugs that might be difficult to catch through traditional testing.
