Safety

From RAD Studio
Jump to: navigation, search

Go Up to C++ Compiler


Project > Options > Building > C++ Compiler > Safety

Use this dialog box to set C++ compiler safety settings that enable and improve the safety and quality of the source code and application.

Options Description

Target, Apply, Save

See Target Options.

Common items

See Common Items on Project Options Pages.

Safety Options

Sanitizers add runtime checking to your application, which can be used to improve the code's correctness and safety.

Safety Options Description Compiler switches
bcc32 bcc32c bcc64 bcc64x

Address sanitizer

Detects various memory errors, such as use-after-free, double frees, access out of bounds, and more.
Default = False

Attention: See the Using the Address Sanitizer section below.

Platform not supported

Platform not supported

Platform not supported

Allowed.png

Undefined behavior sanitizer

Detects a variety of operations with silent failures or unexpected behavior (not defined in the C++ Standard). Examples include signed integer overflows, bitshifts too wide for the data type, dereferencing invalid pointers, and more.
Default = False

Platform not supported

Platform not supported

Platform not supported

Allowed.png
Note: All Address sanitizers should only be enabled in a debug build. While there is no technical reason not to ship sanitizer-enabled apps to an end user, and it might be useful for debugging a customer issue (ensure to include any required redistributables, especially for asan), by default, no ‘release mode’ app delivered to your users should include sanitizers. They are runtime debugging tools.

Using the Address Sanitizer

When building an application with the Address Sanitizer enabled, you must run the application outside the IDE. Running from a command prompt is strongly recommended to avoid seeing the AVs.

When running the application in IDE, the debugger captures access violations related to the work the Address Sanitizer performs. A process will run until the sanitizer finds an error, at which point it will print to the console and terminate (it is safe to continue past these, but they are misleading in that they appear to demonstrate errors). Running from a command window leaves this text onscreen.

By default, UI apps (VCL or FMX) do not have a console, specifically the standard error output. Therefore, if a user runs the app directly: 

> myapp.exe

No errors are returned, and instead, the app is terminated. To solve this, change the app to use the console subsystem or pipe the output to a log file (doing so creates stderr) as follows: 

myapp 2> asanlog.txt.

or 

myapp > asanlog.txt 2>&1

The above redirects both stderr and stdout together to the log file.

Address Sanitizer Issue on Windows 11

There is an issue when using the Address Sanitizer on Windows 11. It is not supported as of RAD Studio version 12.3 but will be included in the next release update.

RAD Studio recommends using Address Sanitizers only on Windows 10.

Note: If you need to use Address Sanitizers on Windows 11, contact Support for help.

See Also

Retrieved from "https://docwiki.embarcadero.com/RADStudio/Athens/e/index.php?title=Safety&oldid=278794"