From 03330fd9080f7f47df4a6464a9f40002b0d6bd3a Mon Sep 17 00:00:00 2001
From: "rahul.singh" <rahul.sa.singh@partner.bmwgroup.com>
Date: Tue, 3 Mar 2026 15:58:53 +0100
Subject: [PATCH 1/2] Initial sanitizer configurations

Signed-off-by: rahul.singh <rahul.sa.singh@partner.bmwgroup.com>
---
 .gitignore                  | 14 ++++++
 BUILD.bazel                 | 20 +++++++++
 CONTRIBUTION.md             | 15 +++++++
 LICENSE.md                  | 13 ++++++
 MODULE.bazel                | 19 +++++++++
 NOTICE                      | 23 ++++++++++
 README.md                   | 85 ++++++++++++++++++++++++++++++++++++-
 sanitizer/BUILD.bazel       | 17 ++++++++
 sanitizer/sanitizer.bazelrc | 46 ++++++++++++++++++++
 9 files changed, 251 insertions(+), 1 deletion(-)
 create mode 100644 .gitignore
 create mode 100644 BUILD.bazel
 create mode 100644 CONTRIBUTION.md
 create mode 100644 LICENSE.md
 create mode 100644 MODULE.bazel
 create mode 100644 NOTICE
 create mode 100644 sanitizer/BUILD.bazel
 create mode 100644 sanitizer/sanitizer.bazelrc

diff --git a/.gitignore b/.gitignore
new file mode 100644
index 0000000..b568dca
--- /dev/null
+++ b/.gitignore
@@ -0,0 +1,14 @@
+# Bazel build outputs
+bazel-*
+.bazel-*
+
+# IDE files
+.vscode/
+.idea/
+*.swp
+*.swo
+*~
+
+# OS files
+.DS_Store
+Thumbs.db
diff --git a/BUILD.bazel b/BUILD.bazel
new file mode 100644
index 0000000..27b9458
--- /dev/null
+++ b/BUILD.bazel
@@ -0,0 +1,20 @@
+# *******************************************************************************
+# Copyright (c) 2026 Contributors to the Eclipse Foundation
+#
+# See the NOTICE file(s) distributed with this work for additional
+# information regarding copyright ownership.
+#
+# This program and the accompanying materials are made available under the
+# terms of the Apache License Version 2.0 which is available at
+# https://www.apache.org/licenses/LICENSE-2.0
+#
+# SPDX-License-Identifier: Apache-2.0
+# *******************************************************************************
+
+exports_files(
+    [
+        "LICENSE.md",
+        "NOTICE",
+    ],
+    visibility = ["//visibility:public"],
+)
diff --git a/CONTRIBUTION.md b/CONTRIBUTION.md
new file mode 100644
index 0000000..f1b950d
--- /dev/null
+++ b/CONTRIBUTION.md
@@ -0,0 +1,15 @@
+# score_cpp_policies Contribution Guide
+
+The [Eclipse Safe Open Vehicle Core (S-CORE)](https://projects.eclipse.org/projects/automotive.score) project develops an open-source core stack for Software Defined Vehicles (SDVs). This repository centralizes the shared C++ quality tool policies (sanitizers, clang-tidy, clang-format) that S-CORE modules reuse to maintain consistent, safety-focused defaults.
+
+Project communication happens via the [score-dev mailing list](https://accounts.eclipse.org/mailing-list/score-dev), GitHub issues and pull requests, and the [Eclipse SCORE chatroom](https://chat.eclipse.org/#/room/#automotive.score:matrix.eclipse.org).
+
+Please note that the [Eclipse Foundation's Terms of Use](https://www.eclipse.org/legal/terms-of-use/) apply. Contributors must sign both the [ECA](https://www.eclipse.org/legal/ECA.php) and the [DCO](https://www.eclipse.org/legal/dco/).
+
+## Contributing changes
+
+1. Open an issue describing the policy change you propose (e.g., enabling/disabling a sanitizer option or clang-tidy rule) and the rationale, including links to any affected projects.
+2. Submit a PR referencing the issue. Keep changes minimal and well-documented, and include examples that justify the chosen defaults when possible.
+3. Request reviews from the S-CORE committers. Follow the commit message rules in the [Eclipse Foundation Project Handbook](https://www.eclipse.org/projects/handbook/#resources-commit).
+
+If you are new to the project, see the S-CORE process descriptions and templates at [https://eclipse-score.github.io/score/process_description/](https://eclipse-score.github.io/score/process_description/).
diff --git a/LICENSE.md b/LICENSE.md
new file mode 100644
index 0000000..7bfc7af
--- /dev/null
+++ b/LICENSE.md
@@ -0,0 +1,13 @@
+Copyright 2026 Contributors to the Eclipse Foundation
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
diff --git a/MODULE.bazel b/MODULE.bazel
new file mode 100644
index 0000000..9552454
--- /dev/null
+++ b/MODULE.bazel
@@ -0,0 +1,19 @@
+# *******************************************************************************
+# Copyright (c) 2026 Contributors to the Eclipse Foundation
+#
+# See the NOTICE file(s) distributed with this work for additional
+# information regarding copyright ownership.
+#
+# This program and the accompanying materials are made available under the
+# terms of the Apache License Version 2.0 which is available at
+# https://www.apache.org/licenses/LICENSE-2.0
+#
+# SPDX-License-Identifier: Apache-2.0
+# *******************************************************************************
+
+module(
+    name = "score_cpp_policies",
+    version = "0.0.1",
+)
+
+bazel_dep(name = "bazel_skylib", version = "1.8.2")
diff --git a/NOTICE b/NOTICE
new file mode 100644
index 0000000..e75f6ff
--- /dev/null
+++ b/NOTICE
@@ -0,0 +1,23 @@
+# Notices for Eclipse S-CORE
+
+This content is produced and maintained by the Eclipse S-CORE project.
+
+* Project home: https://projects.eclipse.org/projects/automotive.score
+
+## Trademarks
+
+Eclipse S-CORE is a trademark of the Eclipse Foundation.
+
+## Copyright
+
+All content is the property of the respective authors or their employers.
+For more information regarding authorship of content, please consult the
+listed source code repository logs.
+
+## Declared Project Licenses
+
+This program and the accompanying materials are made available under the
+terms of the Apache License Version 2.0 which is available at
+https://www.apache.org/licenses/LICENSE-2.0
+
+SPDX-License-Identifier: Apache-2.0
diff --git a/README.md b/README.md
index 65d58ab..02f3a2e 100644
--- a/README.md
+++ b/README.md
@@ -1,2 +1,85 @@
 # score_cpp_policies
-Centralized C++ quality tool policies for S-CORE, including sanitizer configurations and safety-critical guidelines.
+
+Centralized C++ quality tool policies for Eclipse S-CORE, including sanitizer configurations and safety-critical guidelines.
+
+## Overview
+
+This repository provides shared configurations for C++ quality tools used across all S-CORE modules:
+
+- **Sanitizers** (ASan, TSan, UBSan, LSan) - Memory safety and undefined behavior detection
+- **Clang-tidy** (future) - Static analysis
+- **Clang-format** (future) - Code formatting
+- **Code coverage** (future) - Test coverage measurement
+
+## Usage
+
+### Using Sanitizers in Your Module
+
+Add to your module's `MODULE.bazel`:
+
+```python
+bazel_dep(name = "score_cpp_policies", version = "0.0.1")
+```
+
+Add to your module's `.bazelrc`:
+
+```bazelrc
+# Import centralized sanitizer configurations
+try-import %workspace%/../../../external/score_cpp_policies/sanitizer/sanitizer.bazelrc
+```
+
+### Running Tests with Sanitizers
+
+```bash
+# Run all tests with ASan + UBSan + LSan (recommended)
+bazel test --config=asan_ubsan_lsan //...
+
+# Run tests with ThreadSanitizer
+bazel test --config=tsan //...
+
+# Run tests with individual sanitizers
+bazel test --config=asan //...
+bazel test --config=ubsan //...
+bazel test --config=lsan //...
+```
+
+## Available Sanitizer Configurations
+
+### Combined Configuration (Recommended)
+
+- `--config=asan_ubsan_lsan` - Combines AddressSanitizer, UndefinedBehaviorSanitizer, and LeakSanitizer
+
+### Individual Configurations
+
+- `--config=asan` - AddressSanitizer (memory errors, buffer overflows)
+- `--config=tsan` - ThreadSanitizer (data races, deadlocks)
+- `--config=ubsan` - UndefinedBehaviorSanitizer (undefined behavior)
+- `--config=lsan` - LeakSanitizer (memory leaks)
+
+## Common Runtime Options
+
+All sanitizer configurations use these common options:
+
+- `exitcode=55` - Custom exit code for CI detection
+- `allow_addr2line=1` - Enable symbolization for better stack traces
+- `verbosity=1` - Enable detailed error reporting
+- `halt_on_error=1` - Stop on first error (fail-fast)
+
+## Testing This Repository
+
+```bash
+cd tests/
+bazel test --config=asan_ubsan_lsan //...
+```
+
+## Contributing
+
+See [CONTRIBUTION.md](CONTRIBUTION.md) for contribution guidelines.
+
+## License
+
+This project is licensed under the Apache License 2.0 - see [LICENSE.md](LICENSE.md) for details.
+
+## Copyright
+
+Copyright (c) 2026 Contributors to the Eclipse Foundation. See [NOTICE](NOTICE) for details.
diff --git a/sanitizer/BUILD.bazel b/sanitizer/BUILD.bazel
new file mode 100644
index 0000000..aa3b1c2
--- /dev/null
+++ b/sanitizer/BUILD.bazel
@@ -0,0 +1,17 @@
+# *******************************************************************************
+# Copyright (c) 2026 Contributors to the Eclipse Foundation
+#
+# See the NOTICE file(s) distributed with this work for additional
+# information regarding copyright ownership.
+#
+# This program and the accompanying materials are made available under the
+# terms of the Apache License Version 2.0 which is available at
+# https://www.apache.org/licenses/LICENSE-2.0
+#
+# SPDX-License-Identifier: Apache-2.0
+# *******************************************************************************
+
+exports_files(
+    ["sanitizer.bazelrc"],
+    visibility = ["//visibility:public"],
+)
diff --git a/sanitizer/sanitizer.bazelrc b/sanitizer/sanitizer.bazelrc
new file mode 100644
index 0000000..6cb15ad
--- /dev/null
+++ b/sanitizer/sanitizer.bazelrc
@@ -0,0 +1,46 @@
+# *******************************************************************************
+# Copyright (c) 2026 Contributors to the Eclipse Foundation
+#
+# See the NOTICE file(s) distributed with this work for additional
+# information regarding copyright ownership.
+#
+# This program and the accompanying materials are made available under the
+# terms of the Apache License Version 2.0 which is available at
+# https://www.apache.org/licenses/LICENSE-2.0
+#
+# SPDX-License-Identifier: Apache-2.0
+# *******************************************************************************
+
+# ASan + UBSan + LSan (Combined - recommended for most testing)
+test:asan_ubsan_lsan --compilation_mode=dbg
+test:asan_ubsan_lsan --features=asan
+test:asan_ubsan_lsan --features=ubsan
+test:asan_ubsan_lsan --features=lsan
+test:asan_ubsan_lsan --platform_suffix=asan_ubsan_lsan
+test:asan_ubsan_lsan --test_env=ASAN_OPTIONS=exitcode=55:allow_addr2line=1:verbosity=1:detect_leaks=1:halt_on_error=1:allocator_may_return_null=1
+test:asan_ubsan_lsan --test_env=UBSAN_OPTIONS=exitcode=55:allow_addr2line=1:verbosity=1:print_stacktrace=1:halt_on_error=1
+test:asan_ubsan_lsan --test_env=LSAN_OPTIONS=exitcode=55:allow_addr2line=1:verbosity=1:halt_on_error=1
+
+# ThreadSanitizer (for concurrency issues - cannot be combined with ASan)
+test:tsan --compilation_mode=dbg
+test:tsan --features=tsan
+test:tsan --platform_suffix=tsan
+test:tsan --test_env=TSAN_OPTIONS=exitcode=55:allow_addr2line=1:verbosity=1:halt_on_error=1:detect_deadlocks=1
+
+# AddressSanitizer only (memory errors, no leak detection)
+test:asan --compilation_mode=dbg
+test:asan --features=asan
+test:asan --platform_suffix=asan
+test:asan --test_env=ASAN_OPTIONS=exitcode=55:allow_addr2line=1:verbosity=1:detect_leaks=0:halt_on_error=1
+
+# UndefinedBehaviorSanitizer only (undefined behavior detection)
+test:ubsan --compilation_mode=dbg
+test:ubsan --features=ubsan
+test:ubsan --platform_suffix=ubsan
+test:ubsan --test_env=UBSAN_OPTIONS=exitcode=55:allow_addr2line=1:verbosity=1:print_stacktrace=1:halt_on_error=1
+
+# LeakSanitizer only (memory leak detection)
+test:lsan --compilation_mode=dbg
+test:lsan --features=lsan
+test:lsan --platform_suffix=lsan
+test:lsan --test_env=LSAN_OPTIONS=exitcode=55:allow_addr2line=1:verbosity=1:halt_on_error=1

From 0074202e6db2c826e5a38224ccecf3599f546d5d Mon Sep 17 00:00:00 2001
From: "rahul.singh" <rahul.sa.singh@partner.bmwgroup.com>
Date: Wed, 4 Mar 2026 05:00:18 +0100
Subject: [PATCH 2/2] Add tests and CI workflow

Signed-off-by: rahul.singh <rahul.sa.singh@partner.bmwgroup.com>
---
 .github/workflows/tests.yml | 53 +++++++++++++++++++++++++++++++
 tests/.bazelrc              | 17 ++++++++++
 tests/BUILD.bazel           | 23 ++++++++++++++
 tests/MODULE.bazel          | 28 +++++++++++++++++
 tests/sample_test.cpp       | 62 +++++++++++++++++++++++++++++++++++++
 5 files changed, 183 insertions(+)
 create mode 100644 .github/workflows/tests.yml
 create mode 100644 tests/.bazelrc
 create mode 100644 tests/BUILD.bazel
 create mode 100644 tests/MODULE.bazel
 create mode 100644 tests/sample_test.cpp

diff --git a/.github/workflows/tests.yml b/.github/workflows/tests.yml
new file mode 100644
index 0000000..ff11f58
--- /dev/null
+++ b/.github/workflows/tests.yml
@@ -0,0 +1,53 @@
+# *******************************************************************************
+# Copyright (c) 2026 Contributors to the Eclipse Foundation
+#
+# See the NOTICE file(s) distributed with this work for additional
+# information regarding copyright ownership.
+#
+# This program and the accompanying materials are made available under the
+# terms of the Apache License Version 2.0 which is available at
+# https://www.apache.org/licenses/LICENSE-2.0
+#
+# SPDX-License-Identifier: Apache-2.0
+# *******************************************************************************
+
+name: Tests
+
+on:
+  pull_request:
+  push:
+    branches:
+      - main
+
+jobs:
+  test-sanitizers:
+    name: Validate sanitizer configs
+    runs-on: ubuntu-latest
+    
+    strategy:
+      fail-fast: false
+      matrix:
+        config: [asan_ubsan_lsan]
+    
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v4
+
+      - name: Setup Bazel
+        uses: bazel-contrib/setup-bazel@0.18.0
+        with:
+          disk-cache: ${{ github.workflow }}-${{ matrix.config }}
+          cache-save: ${{ github.event_name == 'push' }}
+
+      - name: Test with ${{ matrix.config }}
+        working-directory: tests
+        run: |
+          bazel test --config=${{ matrix.config }} //:sample_test --verbose_failures
+
+      - name: Upload test logs on failure
+        if: failure()
+        uses: actions/upload-artifact@v4
+        with:
+          name: test-logs-${{ matrix.config }}-${{ github.run_id }}
+          path: tests/bazel-testlogs/**/test.log
+          if-no-files-found: ignore
diff --git a/tests/.bazelrc b/tests/.bazelrc
new file mode 100644
index 0000000..6813081
--- /dev/null
+++ b/tests/.bazelrc
@@ -0,0 +1,17 @@
+# *******************************************************************************
+# Copyright (c) 2026 Contributors to the Eclipse Foundation
+#
+# See the NOTICE file(s) distributed with this work for additional
+# information regarding copyright ownership.
+#
+# This program and the accompanying materials are made available under the
+# terms of the Apache License Version 2.0 which is available at
+# https://www.apache.org/licenses/LICENSE-2.0
+#
+# SPDX-License-Identifier: Apache-2.0
+# *******************************************************************************
+
+try-import %workspace%/../sanitizer/sanitizer.bazelrc
+
+common --registry=https://raw.githubusercontent.com/eclipse-score/bazel_registry/main/
+common --registry=https://bcr.bazel.build
diff --git a/tests/BUILD.bazel b/tests/BUILD.bazel
new file mode 100644
index 0000000..598433a
--- /dev/null
+++ b/tests/BUILD.bazel
@@ -0,0 +1,23 @@
+# *******************************************************************************
+# Copyright (c) 2026 Contributors to the Eclipse Foundation
+#
+# See the NOTICE file(s) distributed with this work for additional
+# information regarding copyright ownership.
+#
+# This program and the accompanying materials are made available under the
+# terms of the Apache License Version 2.0 which is available at
+# https://www.apache.org/licenses/LICENSE-2.0
+#
+# SPDX-License-Identifier: Apache-2.0
+# *******************************************************************************
+
+load("@rules_cc//cc:defs.bzl", "cc_test")
+
+cc_test(
+    name = "sample_test",
+    srcs = ["sample_test.cpp"],
+    deps = [
+        "@googletest//:gtest",
+        "@googletest//:gtest_main",
+    ],
+)
diff --git a/tests/MODULE.bazel b/tests/MODULE.bazel
new file mode 100644
index 0000000..73f2d49
--- /dev/null
+++ b/tests/MODULE.bazel
@@ -0,0 +1,28 @@
+# *******************************************************************************
+# Copyright (c) 2026 Contributors to the Eclipse Foundation
+#
+# See the NOTICE file(s) distributed with this work for additional
+# information regarding copyright ownership.
+#
+# This program and the accompanying materials are made available under the
+# terms of the Apache License Version 2.0 which is available at
+# https://www.apache.org/licenses/LICENSE-2.0
+#
+# SPDX-License-Identifier: Apache-2.0
+# *******************************************************************************
+
+module(
+    name = "score_cpp_policies_tests",
+    version = "0.0.0",
+)
+
+bazel_dep(name = "googletest", version = "1.17.0.bcr.2")
+bazel_dep(name = "rules_cc", version = "0.2.16")
+bazel_dep(name = "score_bazel_cpp_toolchains", version = "0.2.2")
+bazel_dep(name = "score_bazel_platforms", version = "0.0.4")
+
+bazel_dep(name = "score_cpp_policies", version = "")
+local_path_override(
+    module_name = "score_cpp_policies",
+    path = "..",
+)
diff --git a/tests/sample_test.cpp b/tests/sample_test.cpp
new file mode 100644
index 0000000..378aed0
--- /dev/null
+++ b/tests/sample_test.cpp
@@ -0,0 +1,62 @@
+// *******************************************************************************
+// Copyright (c) 2026 Contributors to the Eclipse Foundation
+//
+// See the NOTICE file(s) distributed with this work for additional
+// information regarding copyright ownership.
+//
+// This program and the accompanying materials are made available under the
+// terms of the Apache License Version 2.0 which is available at
+// https://www.apache.org/licenses/LICENSE-2.0
+//
+// SPDX-License-Identifier: Apache-2.0
+// *******************************************************************************
+
+#include <gtest/gtest.h>
+#include <atomic>
+#include <memory>
+#include <thread>
+#include <vector>
+
+// Simple test that should pass with all sanitizers
+TEST(SampleTest, BasicFunctionality) {
+    std::vector<int> vec = {1, 2, 3, 4, 5};
+    EXPECT_EQ(vec.size(), 5);
+    EXPECT_EQ(vec[0], 1);
+    EXPECT_EQ(vec[4], 5);
+}
+
+// Test that allocates memory (for ASan/LSan validation)
+TEST(SampleTest, MemoryAllocation) {
+    auto ptr = std::make_unique<int>(42);
+    EXPECT_EQ(*ptr, 42);
+}
+
+// Test with multiple threads (for TSan validation)
+TEST(SampleTest, MultiThreaded) {
+    std::atomic<int> counter{0};
+    
+    auto increment = [&counter]() {
+        for (int i = 0; i < 1000; ++i) {
+            counter.fetch_add(1, std::memory_order_relaxed);
+        }
+    };
+    
+    std::vector<std::thread> threads;
+    for (int i = 0; i < 4; ++i) {
+        threads.emplace_back(increment);
+    }
+    
+    for (auto& t : threads) {
+        t.join();
+    }
+    
+    EXPECT_EQ(counter.load(), 4000);
+}
+
+// Test for undefined behavior detection (UBSan)
+TEST(SampleTest, NoUndefinedBehavior) {
+    int x = 5;
+    int y = 2;
+    EXPECT_EQ(x / y, 2);
+    EXPECT_EQ(x % y, 1);
+}