Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
Sanitizing All* The Things
Search
Greg Heo
September 12, 2017
Technology
68
0
Share
Embed
Copy iframe code
Copy JS code
Copy link
Start on current slide
Sanitizing All* The Things
Address sanitizer and thread sanitizer. What, why, how?
Greg Heo
September 12, 2017
More Decks by Greg Heo
See All by Greg Heo
Concurrency From the Ground Up
gregheo
0
250
The least you need to know about hashing in Swift
gregheo
0
200
Shared Mutable State
gregheo
0
540
Promises, Futures, and the Shape of Your Code
gregheo
0
72
Shared, Exclusive, Mutable, Immutable
gregheo
0
160
Getting Under Swift’s Skin
gregheo
0
560
Sanitizing Threads for Fun & Profit
gregheo
0
160
Thirteen Ways of Looking at a View Controller
gregheo
0
140
Five Unbelievable Secrets of Reactive Programming the Experts Don't Want You to Know!
gregheo
3
430
Other Decks in Technology
See All in Technology
AI Agentをシステムに組み込む前にゆるく向き合ってみる
hayama17
0
170
アラート調査向けAIエージェントの本番導入とその後/AI Agents for Alert Investigation: Production Deployment and After
taddy_919
1
240
秘密度ラベル初心者が第1歩でつまづかないための「設計・運用」ポイント
seafay
PRO
1
500
IaC コードを資産へ:AWS CDK 社内ライブラリと横断展開 / aws-summit-japan-2026
gotok365
10
1.6k
「軸足」は 固定しなくていい - 熱量と強みで描く、しなやかなキャリアの形
kakehashi
PRO
1
280
テスト設計の本質を改めて考えてみる~生成AIを活用する時代だからこそ、作ったテストの説明性を高めよう~
yamasaki696
1
110
螺旋型キャリアの生存戦略 / kinoko-conf2026
rakus_dev
1
1.2k
Multi-Agent並列開発を 安全に回すための技術 / Technology for Safely Multi-Agent Parallel Development
tooppoo
0
210
製造現場での生成AIの活用、およびエージェントAIの実装のあり方、AVEVAの取り組み
iotcomjpadmin
0
180
AWS Security Hub CSPMの成功・失敗体験
cmusudakeisuke
0
580
【FinOps】データドリブンな意思決定を目指して
z63d
2
470
脱SaaS!FDEを支えるプロビジョニングと分離設計
knih
0
300
Featured
See All Featured
Put a Button on it: Removing Barriers to Going Fast.
kastner
60
4.3k
Speed Design
sergeychernyshev
33
1.9k
Design of three-dimensional binary manipulators for pick-and-place task avoiding obstacles (IECON2024)
konakalab
0
470
Become a Pro
speakerdeck
PRO
31
6k
The Mindset for Success: Future Career Progression
greggifford
PRO
0
370
The agentic SEO stack - context over prompts
schlessera
0
830
Jess Joyce - The Pitfalls of Following Frameworks
techseoconnect
PRO
1
170
Let's Do A Bunch of Simple Stuff to Make Websites Faster
chriscoyier
508
140k
Why Our Code Smells
bkeepers
PRO
340
58k
The browser strikes back
jonoalderson
0
1.3k
Responsive Adventures: Dirty Tricks From The Dark Corners of Front-End
smashingmag
254
22k
Conquering PDFs: document understanding beyond plain text
inesmontani
PRO
4
2.8k
Transcript
Sanitizing All* The Things tacow / September 2017 / @gregheo
❓ ✋
None
✅
None
‣ ASAN ‣ TSAN
‣ What? ‣ So what? ‣ How? ‣ Show me?
Address Sanitizer allocated buffer unallocated!
‣ Buffer overflows ‣ Subtle bugs ‣ Security vulnerabilities
None
allocated buffer padding shadow memory poisoned poisoned OK
asan_malloc malloc asan_free free Shadow memory check Pointer access
Live Coding!
Address Sanitizer Memory corruption & errors Security & crashes Custom
malloc & free
Thread Sanitizer memory buffer read write
‣ Race conditions ‣ Very subtle and difficult-to-reproduce bugs ‣
Thread mismatch errors
None
‣ Thread ID ‣ Timestamp ‣ Read or write? ‣
Bytes accessed
None
Live Coding!
Thread Sanitizer Data race detector Find race conditions & thread
issues Thread IDs & timestamps
Address Sanitizer Memory corruption & errors Security & crashes Custom
malloc & free
None
@gregheo