Sanitizing 
All* The Things

06609d73ad2165c4aafcf65a1ddb9563?s=47 Greg Heo
September 12, 2017

Sanitizing 
All* The Things

Address sanitizer and thread sanitizer. What, why, how?

06609d73ad2165c4aafcf65a1ddb9563?s=128

Greg Heo

September 12, 2017
Tweet

Transcript

  1. Sanitizing
 All* The Things tacow / September 2017 / @gregheo

  2. ❓ ✋

  3. None
  4. None
  5. ‣ ASAN ‣ TSAN

  6. ‣ What? ‣ So what? ‣ How? ‣ Show me?

  7. Address Sanitizer allocated buffer unallocated!

  8. ‣ Buffer overflows ‣ Subtle bugs ‣ Security vulnerabilities

  9. None
  10. allocated buffer padding shadow memory poisoned poisoned OK

  11. asan_malloc malloc asan_free free Shadow memory check Pointer access

  12. Live Coding!

  13. Address Sanitizer Memory corruption & errors Security & crashes Custom

    malloc & free
  14. Thread Sanitizer memory buffer read write

  15. ‣ Race conditions ‣ Very subtle and
 difficult-to-reproduce bugs ‣

    Thread mismatch errors
  16. None
  17. ‣ Thread ID ‣ Timestamp ‣ Read or write? ‣

    Bytes accessed
  18. None
  19. Live Coding!

  20. Thread Sanitizer Data race detector Find race conditions & thread

    issues Thread IDs & timestamps
  21. Address Sanitizer Memory corruption & errors Security & crashes Custom

    malloc & free
  22. None
  23. @gregheo