bearerer
diff --git a/‎docs/sanitizers/asan.md
Lines changed: 74 additions & 20 deletions b/‎docs/sanitizers/asan.md
Lines changed: 74 additions & 20 deletions
diff --git a/‎docs/sanitizers/media/asan-basic-global-overflow.png
70.1 KB b/‎docs/sanitizers/media/asan-basic-global-overflow.png
70.1 KB
diff --git a/‎docs/sanitizers/media/asan-cmake-configuration-dropdown.png
-224 KB b/‎docs/sanitizers/media/asan-cmake-configuration-dropdown.png
-224 KB
diff --git a/‎docs/sanitizers/media/asan-cmake-json.png
-96.9 KB b/‎docs/sanitizers/media/asan-cmake-json.png
-96.9 KB
diff --git a/‎docs/sanitizers/media/asan-global-buffer-overflow-f5.png
-308 KB b/‎docs/sanitizers/media/asan-global-buffer-overflow-f5.png
-308 KB
diff --git a/‎docs/sanitizers/media/asan-project-system-dialog.png
-121 KB b/‎docs/sanitizers/media/asan-project-system-dialog.png
-121 KB
@@ -1,7 +1,7 @@
 ---
 title: "AddressSanitizer"
 description: "Top-level description of the AddressSanitizer feature for Microsoft C/C++."
-ms.date: 03/05/2021
+ms.date: 06/13/2023
 f1_keywords: ["AddressSanitizer"]
 helpviewer_keywords: ["ASan", "AddressSanitizer", "Address Sanitizer", "compiling for AddressSanitizer"]
 ---
@@ -32,23 +32,21 @@ Use AddressSanitizer to reduce your time spent on:
 - Stress testing
 - Integrating new code
 
-AddressSanitizer, originally [introduced by Google](https://www.usenix.org/conference/atc12/technical-sessions/presentation/serebryany), provides run-time bug-finding technologies that use your existing build systems and existing test assets directly.
+AddressSanitizer, originally [introduced by Google](https://www.usenix.org/conference/atc12/technical-sessions/presentation/serebryany), provides runtime bug-finding technologies that use your existing build systems and existing test assets directly.
 
 AddressSanitizer is integrated with the Visual Studio project system, the CMake build system, and the IDE. Projects can enable AddressSanitizer by setting a project property, or by using one extra compiler option: **`/fsanitize=address`**. The new option is compatible with all levels of optimization and configurations of x86 and x64. However, it isn't compatible with [edit-and-continue](/visualstudio/debugger/edit-and-continue-visual-cpp), [incremental linking](../build/reference/incremental-link-incrementally.md), and [`/RTC`](../build/reference/rtc-run-time-error-checks.md).
 
-Starting in Visual Studio 2019 version 16.9, Microsoft's AddressSanitizer technology enables integration with the Visual Studio IDE. The functionality can optionally create a crash dump file when the sanitizer finds a bug at runtime. If you set the `ASAN_SAVE_DUMPS=MyFileName.dmp` environment variable before you run your program, a crash dump file gets created with extra metadata for efficient [post-mortem debugging](#crash-dumps) of precisely diagnosed bugs. These dump files make extended use of AddressSanitizer easier for:
+Starting in Visual Studio 2019 version 16.9, Microsoft's AddressSanitizer technology enables integration with the Visual Studio IDE. The functionality can optionally create a crash dump file when the sanitizer finds a bug at runtime. If you set the `ASAN_SAVE_DUMPS=MyFileName.dmp` environment variable before you run your program, a crash dump file is created with extra metadata for efficient [post-mortem debugging](#crash-dumps) of precisely diagnosed bugs. These dump files make extended use of AddressSanitizer easier for:
 
-- Local machine testing,
-- On-premise distributed testing, and
-- Cloud-based workflows for testing.
+- Local machine testing
+- On-premise distributed testing
+- Cloud-based workflows for testing
 
 ### Install AddressSanitizer
 
-C++ workloads in the Visual Studio Installer install the AddressSanitizer libraries and IDE integration by default. However, if you're upgrading from an older version of Visual Studio 2019, use the Installer to enable ASan support after the upgrade:
+C++ workloads in the Visual Studio Installer install the AddressSanitizer libraries and IDE integration by default. However, if you're upgrading from an older version of Visual Studio 2019, use the Installer to enable ASan support after the upgrade. You can open the installer from the Visual Studio main menu via **Tools** > **Get Tools and Features...** Choose **Modify** on your existing Visual Studio installation from the Visual Studio Installer to get to the following screen.
 
-:::image type="content" source="media/asan-installer-option.png" alt-text="Visual Studio Installer screenshot highlighting the C++ AddressSanitizer component":::
-
-You can choose **Modify** on your existing Visual Studio installation from the Visual Studio Installer to get to the screen above.
+:::image type="content" source="media/asan-installer-option.png" alt-text="Screenshot of the Visual Studio Installer. The C++ AddressSanitizer component, under the Optional section, is highlighted":::
 
 > [!NOTE]
 > If you run Visual Studio on the new update but haven't installed ASan, you'll get an error when you run your code:
@@ -105,13 +103,15 @@ int main() {
 
 Using a developer command prompt for Visual Studio 2019, compile *`main.cpp`* using `/fsanitize=address /Zi`
 
-:::image type="content" source="media/asan-command-basic-global-overflow.png" alt-text="Screenshot of a command prompt showing the command to compile with AddressSanitizer options.":::
+:::image type="content" source="media/asan-command-basic-global-overflow.png" alt-text="Screenshot of a command prompt showing the command to compile with AddressSanitizer options. The command is: cl main.cpp -faanitize-address /Zi.":::
 
 When you run the resulting *`main.exe`* at the command line, it creates the formatted error report seen below.
 
 Consider the overlaid, red boxes that highlight seven key pieces of information:
 
-:::image type="content" source="media/asan-basic-global-overflow.png" alt-text="Screenshot of the debugger showing a basic global overflow error.":::
+:::image type="complex" source="media/asan-basic-global-overflow.png" alt-text="Screenshot of the debugger showing a basic global overflow error.":::
+There are seven red highlights identifying key pieces of information in the error report. They map to the numbered list that follows this screenshot. The numbered boxes highlight the following text: 1) global-buffer-overflow 2) WRITE of size 4 3) basic-global-overflow.cpp 7 4) to the right of global variable 'x' defined in 'basic-global-overflow.cpp:3:8' 5) of size 400 6) 00 00[f9]f9 f9 7) Box is in the shadow byte legend area and contains Global redzone: f9
+:::image-end:::
 
 ### Red highlights, from top to bottom
 
@@ -138,33 +138,87 @@ To build from the IDE, opt out of any [incompatible options](./asan-known-issues
 - Turn off [`/RTC1` (runtime checks)](../build/reference/rtc-run-time-error-checks.md)
 - Turn off [`/INCREMENTAL` (incremental linking)](../build/reference/incremental-link-incrementally.md)
 
-To build and run the debugger, enter **F5**. You'll see this window in Visual Studio:
+To build and run the debugger, press **F5**. You'll see an **Exception Thrown** window in Visual Studio:
 
 :::image type="content" source="media/asan-global-buffer-overflow-F5.png" alt-text="Screenshot of the debugger showing a global buffer overflow error.":::
 
 ## <a name="ide-cmake"></a> Use AddressSanitizer from Visual Studio: CMake
 
-To enable AddressSanitizer for [a CMake project created to target Windows](../build/cmake-projects-in-visual-studio.md), take these steps:
+To enable AddressSanitizer for a [CMake project created to target Windows](../build/cmake-projects-in-visual-studio.md), take these steps:
 
 1. Open the **Configurations** dropdown in the toolbar at the top of the IDE and select **Manage Configurations**.
 
    :::image type="content" source="media/asan-cmake-configuration-dropdown.png" alt-text="Screenshot of the CMake configuration dropdown.":::
 
-   That selection opens the CMake Project Settings editor, which is saved in a CMakeSettings.json file.
+   That selection opens the CMake Project Settings editor, which reflects the contents of the `CMakeSettings.json` file in your project.
 
 1. Choose the **Edit JSON** link in the editor. This selection switches the view to raw JSON.
 
-1. Add the property: **"addressSanitizerEnabled": true**
+1. Add the following snippet to the `"windows-base"` preset, inside `"configurePresets":` to turn on Address Sanitizer:
+
+```json
+"environment": {
+  "CFLAGS": "/fsanitize=address",
+  "CXXFLAGS": "/fsanitize=address"
+}
+```
+
+It will look something like this, afterwards:
+
+```json
+    "configurePresets": [
+      {
+        "name": "windows-base",
+        "hidden": true,
+        "generator": "Ninja",
+        "binaryDir": "${sourceDir}/out/build/${presetName}",
+        "installDir": "${sourceDir}/out/install/${presetName}",
+        "cacheVariables": {
+          "CMAKE_C_COMPILER": "cl.exe",
+          "CMAKE_CXX_COMPILER": "cl.exe"
+        },
+        "condition": {
+          "type": "equals",
+          "lhs": "${hostSystemName}",
+          "rhs": "Windows"
+        },
+        "environment": {
+          "CFLAGS": "/fsanitize=address",
+          "CXXFLAGS": "/fsanitize=address"
+        }
+      },
+```
+
+1. Address sanitizer doesn't work if edit-and-continue is specified (`/ZI`), which is enabled by default for new CMake projects. In `CMakeLists.txt`, comment out (prefix with `#`) the line that starts with `set(CMAKE_MSVC_DEBUG_INFORMATION_FORMAT"`. That line will look something like this, afterwards:
+
+```json
+# set(CMAKE_MSVC_DEBUG_INFORMATION_FORMAT "$<IF:$<AND:$<C_COMPILER_ID:MSVC>,$<CXX_COMPILER_ID:MSVC>>,$<$<CONFIG:Debug,RelWithDebInfo>:EditAndContinue>,$<$<CONFIG:Debug,RelWithDebInfo>:ProgramDatabase>>")
+```
+
+1. Enter **Ctrl+S** to save this JSON file
+1. Clear your CMake cache directory and reconfigure: choose **Project** > **Delete cache and Reconfigure**. Choose **Yes** when the prompt appears to clear your cache directory and reconfigure.
+1. Replace the contents of the cpp file (for example, `CMakeProject1.cpp`) with the following:
 
-   This image is of CMakeSettings.json after that change:
+```cpp
+// CMakeProject1.cpp : Defines the entry point for the application
+
+#include <stdio.h>
+
+int x[100];
 
-   :::image type="content" source="media/asan-cmake-json.png" alt-text="Screenshot of the text editor view of CMakeSettings.json.":::
+int main()
+{
+    printf("Hello!\n");
+    x[100] = 5; // Boom!
+    return 0;
+}
+```
 
-1. Enter **Ctrl+S** to save this JSON file, then enter **F5** to recompile and run under the debugger.
+1. Choose **F5** to recompile and run under the debugger.
 
 This screenshot captures the error from the CMake build.
 
-:::image type="content" source="media/asan-cmake-error-f5.png" alt-text="Screenshot of the CMake build error message.":::
+:::image type="content" source="media/asan-cmake-error-f5.png" alt-text="Screenshot of an exception that says: Address Sanitizer Error: Global buffer overflow". In the background, address sanitizer output is visible in command window:::
 
 ## <a name="crash-dumps"></a> AddressSanitizer crash dumps