Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
Sanitizing All* The Things
Search
Sponsored
·
SiteGround - Reliable hosting with speed, security, and support you can count on.
→
Greg Heo
September 12, 2017
Technology
0
63
Sanitizing All* The Things
Address sanitizer and thread sanitizer. What, why, how?
Greg Heo
September 12, 2017
Tweet
Share
More Decks by Greg Heo
See All by Greg Heo
Concurrency From the Ground Up
gregheo
0
230
The least you need to know about hashing in Swift
gregheo
0
170
Shared Mutable State
gregheo
0
520
Promises, Futures, and the Shape of Your Code
gregheo
0
68
Shared, Exclusive, Mutable, Immutable
gregheo
0
150
Getting Under Swift’s Skin
gregheo
0
550
Sanitizing Threads for Fun & Profit
gregheo
0
160
Thirteen Ways of Looking at a View Controller
gregheo
0
130
Five Unbelievable Secrets of Reactive Programming the Experts Don't Want You to Know!
gregheo
3
410
Other Decks in Technology
See All in Technology
Embedded SREの終わりを設計する 「なんとなく」から計画的な自立支援へ
sansantech
PRO
3
2.4k
15 years with Rails and DDD (AI Edition)
andrzejkrzywda
0
190
SREが向き合う大規模リアーキテクチャ 〜信頼性とアジリティの両立〜
zepprix
0
450
Claude_CodeでSEOを最適化する_AI_Ops_Community_Vol.2__マーケティングx_AIはここまで進化した.pdf
riku_423
2
570
Cosmos World Foundation Model Platform for Physical AI
takmin
0
880
登壇駆動学習のすすめ — CfPのネタの見つけ方と書くときに意識していること
bicstone
3
100
クレジットカード決済基盤を支えるSRE - 厳格な監査とSRE運用の両立 (SRE Kaigi 2026)
capytan
6
2.7k
仕様書駆動AI開発の実践: Issue→Skill→PRテンプレで 再現性を作る
knishioka
2
650
超初心者からでも大丈夫!オープンソース半導体の楽しみ方〜今こそ!オレオレチップをつくろう〜
keropiyo
0
110
Red Hat OpenStack Services on OpenShift
tamemiya
0
110
Oracle Cloud Observability and Management Platform - OCI 運用監視サービス概要 -
oracle4engineer
PRO
2
14k
Amazon Bedrock Knowledge Basesチャンキング解説!
aoinoguchi
0
140
Featured
See All Featured
Organizational Design Perspectives: An Ontology of Organizational Design Elements
kimpetersen
PRO
1
190
The Language of Interfaces
destraynor
162
26k
Into the Great Unknown - MozCon
thekraken
40
2.3k
Design of three-dimensional binary manipulators for pick-and-place task avoiding obstacles (IECON2024)
konakalab
0
350
Code Review Best Practice
trishagee
74
20k
Java REST API Framework Comparison - PWX 2021
mraible
34
9.1k
Responsive Adventures: Dirty Tricks From The Dark Corners of Front-End
smashingmag
254
22k
Utilizing Notion as your number one productivity tool
mfonobong
3
220
Visualizing Your Data: Incorporating Mongo into Loggly Infrastructure
mongodb
49
9.9k
SERP Conf. Vienna - Web Accessibility: Optimizing for Inclusivity and SEO
sarafernandez
1
1.3k
Connecting the Dots Between Site Speed, User Experience & Your Business [WebExpo 2025]
tammyeverts
11
830
Evolution of real-time – Irina Nazarova, EuRuKo, 2024
irinanazarova
9
1.2k
Transcript
Sanitizing All* The Things tacow / September 2017 / @gregheo
❓ ✋
None
✅
None
‣ ASAN ‣ TSAN
‣ What? ‣ So what? ‣ How? ‣ Show me?
Address Sanitizer allocated buffer unallocated!
‣ Buffer overflows ‣ Subtle bugs ‣ Security vulnerabilities
None
allocated buffer padding shadow memory poisoned poisoned OK
asan_malloc malloc asan_free free Shadow memory check Pointer access
Live Coding!
Address Sanitizer Memory corruption & errors Security & crashes Custom
malloc & free
Thread Sanitizer memory buffer read write
‣ Race conditions ‣ Very subtle and difficult-to-reproduce bugs ‣
Thread mismatch errors
None
‣ Thread ID ‣ Timestamp ‣ Read or write? ‣
Bytes accessed
None
Live Coding!
Thread Sanitizer Data race detector Find race conditions & thread
issues Thread IDs & timestamps
Address Sanitizer Memory corruption & errors Security & crashes Custom
malloc & free
None
@gregheo