Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
Sanitizing All* The Things
Search
Greg Heo
September 12, 2017
Technology
0
58
Sanitizing All* The Things
Address sanitizer and thread sanitizer. What, why, how?
Greg Heo
September 12, 2017
Tweet
Share
More Decks by Greg Heo
See All by Greg Heo
Concurrency From the Ground Up
gregheo
0
170
The least you need to know about hashing in Swift
gregheo
0
110
Shared Mutable State
gregheo
0
390
Promises, Futures, and the Shape of Your Code
gregheo
0
59
Shared, Exclusive, Mutable, Immutable
gregheo
0
140
Getting Under Swift’s Skin
gregheo
0
520
Sanitizing Threads for Fun & Profit
gregheo
0
120
Thirteen Ways of Looking at a View Controller
gregheo
0
120
Five Unbelievable Secrets of Reactive Programming the Experts Don't Want You to Know!
gregheo
3
360
Other Decks in Technology
See All in Technology
小学3年生夏休みの自由研究「夏休みに Copilot で遊んでみた」
taichinakamura
0
180
DevFest 2024 Incheon / Songdo - Compose UI 조합 심화
wisemuji
0
140
LINEヤフーのフロントエンド組織・体制の紹介【24年12月】
lycorp_recruit_jp
0
540
【re:Invent 2024 アプデ】 Prompt Routing の紹介
champ
0
160
プロダクト開発を加速させるためのQA文化の築き方 / How to build QA culture to accelerate product development
mii3king
1
280
Amazon Kendra GenAI Index 登場でどう変わる? 評価から学ぶ最適なRAG構成
naoki_0531
0
130
AWS re:Invent 2024で発表された コードを書く開発者向け機能について
maruto
0
210
バクラクのドキュメント解析技術と実データにおける課題 / layerx-ccc-winter-2024
shimacos
2
1.1k
PHP ユーザのための OpenTelemetry 入門 / phpcon2024-opentelemetry
shin1x1
3
1.4k
pg_bigmをRustで実装する(第50回PostgreSQLアンカンファレンス@オンライン 発表資料)
shinyakato_
0
110
APIとはなにか
mikanichinose
0
110
Yahoo! ズバトクにおけるフロントエンド開発
lycorptech_jp
PRO
0
100
Featured
See All Featured
Writing Fast Ruby
sferik
628
61k
It's Worth the Effort
3n
183
28k
Understanding Cognitive Biases in Performance Measurement
bluesmoon
26
1.5k
The Success of Rails: Ensuring Growth for the Next 100 Years
eileencodes
44
6.9k
Building a Modern Day E-commerce SEO Strategy
aleyda
38
7k
How GitHub (no longer) Works
holman
311
140k
Large-scale JavaScript Application Architecture
addyosmani
510
110k
JavaScript: Past, Present, and Future - NDC Porto 2020
reverentgeek
47
5.1k
Easily Structure & Communicate Ideas using Wireframe
afnizarnur
191
16k
How to Create Impact in a Changing Tech Landscape [PerfNow 2023]
tammyeverts
48
2.2k
KATA
mclloyd
29
14k
Sharpening the Axe: The Primacy of Toolmaking
bcantrill
38
1.9k
Transcript
Sanitizing All* The Things tacow / September 2017 / @gregheo
❓ ✋
None
✅
None
‣ ASAN ‣ TSAN
‣ What? ‣ So what? ‣ How? ‣ Show me?
Address Sanitizer allocated buffer unallocated!
‣ Buffer overflows ‣ Subtle bugs ‣ Security vulnerabilities
None
allocated buffer padding shadow memory poisoned poisoned OK
asan_malloc malloc asan_free free Shadow memory check Pointer access
Live Coding!
Address Sanitizer Memory corruption & errors Security & crashes Custom
malloc & free
Thread Sanitizer memory buffer read write
‣ Race conditions ‣ Very subtle and difficult-to-reproduce bugs ‣
Thread mismatch errors
None
‣ Thread ID ‣ Timestamp ‣ Read or write? ‣
Bytes accessed
None
Live Coding!
Thread Sanitizer Data race detector Find race conditions & thread
issues Thread IDs & timestamps
Address Sanitizer Memory corruption & errors Security & crashes Custom
malloc & free
None
@gregheo