Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
Sanitizing All* The Things
Search
Greg Heo
September 12, 2017
Technology
0
60
Sanitizing All* The Things
Address sanitizer and thread sanitizer. What, why, how?
Greg Heo
September 12, 2017
Tweet
Share
More Decks by Greg Heo
See All by Greg Heo
Concurrency From the Ground Up
gregheo
0
210
The least you need to know about hashing in Swift
gregheo
0
140
Shared Mutable State
gregheo
0
470
Promises, Futures, and the Shape of Your Code
gregheo
0
63
Shared, Exclusive, Mutable, Immutable
gregheo
0
140
Getting Under Swift’s Skin
gregheo
0
530
Sanitizing Threads for Fun & Profit
gregheo
0
130
Thirteen Ways of Looking at a View Controller
gregheo
0
130
Five Unbelievable Secrets of Reactive Programming the Experts Don't Want You to Know!
gregheo
3
400
Other Decks in Technology
See All in Technology
ひとり情シスなCTOがLLMと始めるオペレーション最適化 / CTO's LLM-Powered Ops
yamitzky
0
440
Javaで作る RAGを活用した Q&Aアプリケーション
recruitengineers
PRO
1
110
フィンテック養成勉強会#54
finengine
0
180
AIのAIによるAIのための出力評価と改善
chocoyama
2
550
“社内”だけで完結していた私が、AWS Community Builder になるまで
nagisa53
1
390
Абьюзим random_bytes(). Фёдор Кулаков, разработчик Lamoda Tech
lamodatech
0
340
セキュリティの民主化は何故必要なのか_AWS WAF 運用の 10 の苦悩から学ぶ
yoh
1
150
「Chatwork」の認証基盤の移行とログ活用によるプロダクト改善
kubell_hr
1
160
解析の定理証明実践@Lean 4
dec9ue
0
180
AIの最新技術&テーマをつまんで紹介&フリートークするシリーズ #1 量子機械学習の入門
tkhresk
0
140
Amazon S3標準/ S3 Tables/S3 Express One Zoneを使ったログ分析
shigeruoda
4
520
地図も、未来も、オープンに。 〜OSGeo.JPとFOSS4Gのご紹介〜
wata909
0
110
Featured
See All Featured
Intergalactic Javascript Robots from Outer Space
tanoku
271
27k
JavaScript: Past, Present, and Future - NDC Porto 2020
reverentgeek
48
5.4k
"I'm Feeling Lucky" - Building Great Search Experiences for Today's Users (#IAC19)
danielanewman
229
22k
Faster Mobile Websites
deanohume
307
31k
Build your cross-platform service in a week with App Engine
jlugia
231
18k
Producing Creativity
orderedlist
PRO
346
40k
What's in a price? How to price your products and services
michaelherold
246
12k
StorybookのUI Testing Handbookを読んだ
zakiyama
30
5.8k
Statistics for Hackers
jakevdp
799
220k
Making the Leap to Tech Lead
cromwellryan
134
9.3k
Learning to Love Humans: Emotional Interface Design
aarron
273
40k
Become a Pro
speakerdeck
PRO
28
5.4k
Transcript
Sanitizing All* The Things tacow / September 2017 / @gregheo
❓ ✋
None
✅
None
‣ ASAN ‣ TSAN
‣ What? ‣ So what? ‣ How? ‣ Show me?
Address Sanitizer allocated buffer unallocated!
‣ Buffer overflows ‣ Subtle bugs ‣ Security vulnerabilities
None
allocated buffer padding shadow memory poisoned poisoned OK
asan_malloc malloc asan_free free Shadow memory check Pointer access
Live Coding!
Address Sanitizer Memory corruption & errors Security & crashes Custom
malloc & free
Thread Sanitizer memory buffer read write
‣ Race conditions ‣ Very subtle and difficult-to-reproduce bugs ‣
Thread mismatch errors
None
‣ Thread ID ‣ Timestamp ‣ Read or write? ‣
Bytes accessed
None
Live Coding!
Thread Sanitizer Data race detector Find race conditions & thread
issues Thread IDs & timestamps
Address Sanitizer Memory corruption & errors Security & crashes Custom
malloc & free
None
@gregheo