Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Sanitizing 
All* The Things

Greg Heo
September 12, 2017
Technology
0
37

Sanitizing 
All* The Things

Address sanitizer and thread sanitizer. What, why, how?

Greg Heo

September 12, 2017
Tweet

More Decks by Greg Heo

See All by Greg Heo
Concurrency From the Ground Up
gregheo
0
90
The least you need to know about hashing in Swift
gregheo
0
62
Shared Mutable State
gregheo
0
190
Promises, Futures, and the Shape of Your Code
gregheo
0
21
Shared, Exclusive, Mutable, Immutable
gregheo
0
46
Getting Under Swift’s Skin
gregheo
0
500
Sanitizing Threads for Fun & Profit
gregheo
0
68
Thirteen Ways of Looking at a View Controller
gregheo
0
110
Five Unbelievable Secrets of Reactive Programming the Experts Don't Want You to Know!
gregheo
3
230

Other Decks in Technology

See All in Technology
The state of Swift for WebAssembly in 2022
kateinoigakukun
5
2.3k
C向けサービスで 使われている認証方式と安全な使い方
ritou
5
300
20分でわかる!速習resultBuilder(iOSDC 2022)
chocoyama
2
270
PHPバージョンアップのための依存ライブラリとの付き合い方 / phpcon2022
blue_goheimochi
1
420
n8nでワークフローを自動化した話 / 20220914_n8n
yug1224
1
770
フレームワークのソースコードから知識を深める
weistom
0
300
React NativeからNativeアプリへ ~スタートアップ企業における 「機能開発と保守性担保」の両立への挑戦~
bitkey
PRO
0
110
20220915modelingLT
levii
4
410
現場の泥臭い話を「QAマネジメント」という言葉で定義してみかわ
sadonosake
0
360
失われたグラフを求めて
bob3bob3
1
370
Spring Bootcamp(新卒研修) 2022 QA研修 座学
honamin09
2
520
UIFlowのtoio用ブロックを使ってみた / ビジュアルプログラミングIoTLT vol.12
you
0
110

Featured

See All Featured
StorybookのUI Testing Handbookを読んだ
zakiyama
6
2.7k
The Power of CSS Pseudo Elements
geoffreycrofte
48
4k
Clear Off the Table
cherdarchuk
79
290k
Build your cross-platform service in a week with App Engine
jlugia
220
17k
How New CSS Is Changing Everything About Graphic Design on the Web
jensimmons
213
11k
JavaScript: Past, Present, and Future - NDC Porto 2020
reverentgeek
37
3.4k
Code Review Best Practice
trishagee
45
10k
Learning to Love Humans: Emotional Interface Design
aarron
261
37k
Git: the NoSQL Database
bkeepers
PRO
416
59k
GraphQLの誤解/rethinking-graphql
sonatard
32
7.1k
How GitHub Uses GitHub to Build GitHub
holman
465
280k
Embracing the Ebb and Flow
colly
73
3.4k

Transcript

  1. Sanitizing
 All* The Things tacow / September 2017 / @gregheo

  2. ❓ ✋

  3. None

  5. None

  6. ‣ ASAN ‣ TSAN

  7. ‣ What? ‣ So what? ‣ How? ‣ Show me?

  8. Address Sanitizer allocated buffer unallocated!

  9. ‣ Buffer overflows ‣ Subtle bugs ‣ Security vulnerabilities

  10. None

  11. allocated buffer padding shadow memory poisoned poisoned OK

  12. asan_malloc malloc asan_free free Shadow memory check Pointer access

  13. Live Coding!

  14. Address Sanitizer Memory corruption & errors Security & crashes Custom

    malloc & free

  15. Thread Sanitizer memory buffer read write

  16. ‣ Race conditions ‣ Very subtle and
 difficult-to-reproduce bugs ‣

    Thread mismatch errors
  17. None

  18. ‣ Thread ID ‣ Timestamp ‣ Read or write? ‣

    Bytes accessed
  19. None

  20. Live Coding!

  21. Thread Sanitizer Data race detector Find race conditions & thread

    issues Thread IDs & timestamps

  22. Address Sanitizer Memory corruption & errors Security & crashes Custom

    malloc & free
  23. None

  24. @gregheo