Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
Sanitizing All* The Things
Search
Greg Heo
September 12, 2017
Technology
0
60
Sanitizing All* The Things
Address sanitizer and thread sanitizer. What, why, how?
Greg Heo
September 12, 2017
Tweet
Share
More Decks by Greg Heo
See All by Greg Heo
Concurrency From the Ground Up
gregheo
0
220
The least you need to know about hashing in Swift
gregheo
0
150
Shared Mutable State
gregheo
0
490
Promises, Futures, and the Shape of Your Code
gregheo
0
64
Shared, Exclusive, Mutable, Immutable
gregheo
0
140
Getting Under Swift’s Skin
gregheo
0
530
Sanitizing Threads for Fun & Profit
gregheo
0
130
Thirteen Ways of Looking at a View Controller
gregheo
0
130
Five Unbelievable Secrets of Reactive Programming the Experts Don't Want You to Know!
gregheo
3
400
Other Decks in Technology
See All in Technology
フルカイテン株式会社 エンジニア向け採用資料
fullkaiten
0
9k
「Verify with Wallet API」を アプリに導入するために
hinakko
1
230
Shirankedo NOCで見えてきたeduroam/OpenRoaming運用ノウハウと課題 - BAKUCHIKU BANBAN #2
marokiki
0
140
関係性が駆動するアジャイル──GPTに人格を与えたら、対話を通してふりかえりを習慣化できた話
mhlyc
0
130
Access-what? why and how, A11Y for All - Nordic.js 2025
gdomiciano
1
110
KMP の Swift export
kokihirokawa
0
330
英語は話せません!それでも海外チームと信頼関係を作るため、対話を重ねた2ヶ月間のまなび
niioka_97
0
120
バイブコーディングと継続的デプロイメント
nwiizo
2
420
ACA でMAGI システムを社内で展開しようとした話
mappie_kochi
1
260
AIが書いたコードをAIが検証する!自律的なモバイルアプリ開発の実現
henteko
1
340
「AI駆動PO」を考えてみる - 作る速さから価値のスループットへ:検査・適応で未来を開発 / AI-driven product owner. scrummat2025
yosuke_nagai
4
590
Where will it converge?
ibknadedeji
0
180
Featured
See All Featured
Helping Users Find Their Own Way: Creating Modern Search Experiences
danielanewman
30
2.9k
Faster Mobile Websites
deanohume
310
31k
The World Runs on Bad Software
bkeepers
PRO
71
11k
The Cult of Friendly URLs
andyhume
79
6.6k
Raft: Consensus for Rubyists
vanstee
139
7.1k
Java REST API Framework Comparison - PWX 2021
mraible
33
8.8k
Gamification - CAS2011
davidbonilla
81
5.5k
How to Create Impact in a Changing Tech Landscape [PerfNow 2023]
tammyeverts
54
3k
Large-scale JavaScript Application Architecture
addyosmani
514
110k
Into the Great Unknown - MozCon
thekraken
40
2.1k
Understanding Cognitive Biases in Performance Measurement
bluesmoon
29
2.6k
[RailsConf 2023] Rails as a piece of cake
palkan
57
5.9k
Transcript
Sanitizing All* The Things tacow / September 2017 / @gregheo
❓ ✋
None
✅
None
‣ ASAN ‣ TSAN
‣ What? ‣ So what? ‣ How? ‣ Show me?
Address Sanitizer allocated buffer unallocated!
‣ Buffer overflows ‣ Subtle bugs ‣ Security vulnerabilities
None
allocated buffer padding shadow memory poisoned poisoned OK
asan_malloc malloc asan_free free Shadow memory check Pointer access
Live Coding!
Address Sanitizer Memory corruption & errors Security & crashes Custom
malloc & free
Thread Sanitizer memory buffer read write
‣ Race conditions ‣ Very subtle and difficult-to-reproduce bugs ‣
Thread mismatch errors
None
‣ Thread ID ‣ Timestamp ‣ Read or write? ‣
Bytes accessed
None
Live Coding!
Thread Sanitizer Data race detector Find race conditions & thread
issues Thread IDs & timestamps
Address Sanitizer Memory corruption & errors Security & crashes Custom
malloc & free
None
@gregheo