Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
Sanitizing All* The Things
Search
Greg Heo
September 12, 2017
Technology
0
60
Sanitizing All* The Things
Address sanitizer and thread sanitizer. What, why, how?
Greg Heo
September 12, 2017
Tweet
Share
More Decks by Greg Heo
See All by Greg Heo
Concurrency From the Ground Up
gregheo
0
220
The least you need to know about hashing in Swift
gregheo
0
150
Shared Mutable State
gregheo
0
490
Promises, Futures, and the Shape of Your Code
gregheo
0
64
Shared, Exclusive, Mutable, Immutable
gregheo
0
140
Getting Under Swift’s Skin
gregheo
0
530
Sanitizing Threads for Fun & Profit
gregheo
0
130
Thirteen Ways of Looking at a View Controller
gregheo
0
130
Five Unbelievable Secrets of Reactive Programming the Experts Don't Want You to Know!
gregheo
3
400
Other Decks in Technology
See All in Technology
プロダクトの成長に合わせたアーキテクチャの段階的進化と成長痛、そして、ユニットエコノミクスの最適化
kakehashi
PRO
1
110
オブザーバビリティが広げる AIOps の世界 / The World of AIOps Expanded by Observability
aoto
PRO
0
230
なぜSaaSがMCPサーバーをサービス提供するのか?
sansantech
PRO
3
740
Vault meets Kubernetes
mochizuki875
0
150
PRDの正しい使い方 ~AI時代にも効く思考・対話・成長ツールとして~
techtekt
PRO
0
280
ヘブンバーンズレッドにおける、世界観を活かしたミニゲーム企画の作り方
gree_tech
PRO
0
420
ZOZOマッチのアーキテクチャと技術構成
zozotech
PRO
2
980
異業種出身エンジニアが気づいた、転向して十数年経っても変わらない自分の武器とは
macnekoayu
0
250
AIとTDDによるNext.js「隙間ツール」開発の実践
makotot
6
800
「魔法少女まどか☆マギカ Magia Exedra」の必殺技演出を徹底解剖! -キャラクターの魅力を最大限にファンに届けるためのこだわり-
gree_tech
PRO
0
420
【5分でわかる】セーフィー エンジニア向け会社紹介
safie_recruit
0
30k
Bye-Bye Query Spaghetti: Write Queries You'll Actually Understand Using Pipelined SQL Syntax
tobiaslampertlotum
0
120
Featured
See All Featured
Put a Button on it: Removing Barriers to Going Fast.
kastner
60
4k
The Language of Interfaces
destraynor
160
25k
Site-Speed That Sticks
csswizardry
10
800
How to Think Like a Performance Engineer
csswizardry
26
1.9k
The MySQL Ecosystem @ GitHub 2015
samlambert
251
13k
The Web Performance Landscape in 2024 [PerfNow 2024]
tammyeverts
9
790
The World Runs on Bad Software
bkeepers
PRO
70
11k
Large-scale JavaScript Application Architecture
addyosmani
512
110k
BBQ
matthewcrist
89
9.8k
Bootstrapping a Software Product
garrettdimon
PRO
307
110k
Designing Dashboards & Data Visualisations in Web Apps
destraynor
231
53k
Balancing Empowerment & Direction
lara
3
600
Transcript
Sanitizing All* The Things tacow / September 2017 / @gregheo
❓ ✋
None
✅
None
‣ ASAN ‣ TSAN
‣ What? ‣ So what? ‣ How? ‣ Show me?
Address Sanitizer allocated buffer unallocated!
‣ Buffer overflows ‣ Subtle bugs ‣ Security vulnerabilities
None
allocated buffer padding shadow memory poisoned poisoned OK
asan_malloc malloc asan_free free Shadow memory check Pointer access
Live Coding!
Address Sanitizer Memory corruption & errors Security & crashes Custom
malloc & free
Thread Sanitizer memory buffer read write
‣ Race conditions ‣ Very subtle and difficult-to-reproduce bugs ‣
Thread mismatch errors
None
‣ Thread ID ‣ Timestamp ‣ Read or write? ‣
Bytes accessed
None
Live Coding!
Thread Sanitizer Data race detector Find race conditions & thread
issues Thread IDs & timestamps
Address Sanitizer Memory corruption & errors Security & crashes Custom
malloc & free
None
@gregheo