Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
Sanitizing All* The Things
Search
Greg Heo
September 12, 2017
Technology
0
48
Sanitizing All* The Things
Address sanitizer and thread sanitizer. What, why, how?
Greg Heo
September 12, 2017
Tweet
Share
More Decks by Greg Heo
See All by Greg Heo
Concurrency From the Ground Up
gregheo
0
150
The least you need to know about hashing in Swift
gregheo
0
99
Shared Mutable State
gregheo
0
340
Promises, Futures, and the Shape of Your Code
gregheo
0
51
Shared, Exclusive, Mutable, Immutable
gregheo
0
120
Getting Under Swift’s Skin
gregheo
0
510
Sanitizing Threads for Fun & Profit
gregheo
0
100
Thirteen Ways of Looking at a View Controller
gregheo
0
120
Five Unbelievable Secrets of Reactive Programming the Experts Don't Want You to Know!
gregheo
3
330
Other Decks in Technology
See All in Technology
さらに高品質・高速化を目指すAI時代のテスト設計支援と、めざす先 / AI Test Lab vol.1
shift_evolve
0
190
Amazon FSx for NetApp ONTAPのパフォーマンスチューニング要素をまとめてみた #cm_odyssey #devio2024
non97
0
220
Luupの開発組織におけるインシデントマネジメントの変遷 ver.RoadtoSRENEXT2024
grimoh
1
270
[NIKKEI Tech Talk]Bias for Action!! 実践から学ぶための仕組とコミュニティ / Community for Practice and Learning
kanamasa
0
280
テスト・設計研修【MIXI 24新卒技術研修】
mixi_engineers
PRO
0
170
OSSコミットしてZennの課題を解決した話
dyoshikawa1993
0
150
簡単に始めるSnowflakeの機械学習
nayuts
1
190
楽しくGoを学び合う、LayerXの勉強会文化 / LayerX's study culture of having fun and learning Go together
ar_tama
2
350
運用改善、不都合な真実 / 20240722-ssmjp-kaizen
opelab
17
8.4k
DDDにおける認可の扱いとKotlinにおける実装パターン / authorization-for-ddd-and-kotlin-implement-pattern
urmot
4
390
コミュニティサービスに「あなたへ」フィードを リリースするまでの試行錯誤
takapy
1
150
「我々はどこに向かっているのか」を問い続けるための仕組みづくり / Establishing a System for Continuous Inquiry about where we are
daitasu
0
170
Featured
See All Featured
Let's Do A Bunch of Simple Stuff to Make Websites Faster
chriscoyier
502
140k
The Invisible Customer
myddelton
117
13k
Templates, Plugins, & Blocks: Oh My! Creating the theme that thinks of everything
marktimemedia
23
1.9k
Facilitating Awesome Meetings
lara
46
5.8k
[RailsConf 2023] Rails as a piece of cake
palkan
35
4.4k
Scaling GitHub
holman
458
140k
Done Done
chrislema
179
15k
Pencils Down: Stop Designing & Start Developing
hursman
118
11k
A Tale of Four Properties
chriscoyier
155
22k
ReactJS: Keep Simple. Everything can be a component!
pedronauck
662
120k
Web Components: a chance to create the future
zenorocha
307
41k
Become a Pro
speakerdeck
PRO
15
4.8k
Transcript
Sanitizing All* The Things tacow / September 2017 / @gregheo
❓ ✋
None
✅
None
‣ ASAN ‣ TSAN
‣ What? ‣ So what? ‣ How? ‣ Show me?
Address Sanitizer allocated buffer unallocated!
‣ Buffer overflows ‣ Subtle bugs ‣ Security vulnerabilities
None
allocated buffer padding shadow memory poisoned poisoned OK
asan_malloc malloc asan_free free Shadow memory check Pointer access
Live Coding!
Address Sanitizer Memory corruption & errors Security & crashes Custom
malloc & free
Thread Sanitizer memory buffer read write
‣ Race conditions ‣ Very subtle and difficult-to-reproduce bugs ‣
Thread mismatch errors
None
‣ Thread ID ‣ Timestamp ‣ Read or write? ‣
Bytes accessed
None
Live Coding!
Thread Sanitizer Data race detector Find race conditions & thread
issues Thread IDs & timestamps
Address Sanitizer Memory corruption & errors Security & crashes Custom
malloc & free
None
@gregheo