$30 off During Our Annual Pro Sale. View Details »
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
Sanitizing All* The Things
Search
Greg Heo
September 12, 2017
Technology
0
63
Sanitizing All* The Things
Address sanitizer and thread sanitizer. What, why, how?
Greg Heo
September 12, 2017
Tweet
Share
More Decks by Greg Heo
See All by Greg Heo
Concurrency From the Ground Up
gregheo
0
230
The least you need to know about hashing in Swift
gregheo
0
160
Shared Mutable State
gregheo
0
510
Promises, Futures, and the Shape of Your Code
gregheo
0
67
Shared, Exclusive, Mutable, Immutable
gregheo
0
150
Getting Under Swift’s Skin
gregheo
0
540
Sanitizing Threads for Fun & Profit
gregheo
0
140
Thirteen Ways of Looking at a View Controller
gregheo
0
130
Five Unbelievable Secrets of Reactive Programming the Experts Don't Want You to Know!
gregheo
3
410
Other Decks in Technology
See All in Technology
通勤手当申請チェックエージェント開発のリアル
whisaiyo
3
450
【開発を止めるな】機能追加と並行して進めるアーキテクチャ改善/Keep Shipping: Architecture Improvements Without Pausing Dev
bitkey
PRO
1
130
Connection-based OAuthから学ぶOAuth for AI Agents
flatt_security
0
360
Amazon Quick Suite で始める手軽な AI エージェント
shimy
1
1.8k
フルカイテン株式会社 エンジニア向け採用資料
fullkaiten
0
9.9k
SREが取り組むデプロイ高速化 ─ Docker Buildを最適化した話
capytan
0
140
New Relic 1 年生の振り返りと Cloud Cost Intelligence について #NRUG
play_inc
0
230
AWSインフルエンサーへの道 / load of AWS Influencer
whisaiyo
0
220
モダンデータスタックの理想と現実の間で~1.3億人Vポイントデータ基盤の現在地とこれから~
taromatsui_cccmkhd
2
260
AgentCore BrowserとClaude Codeスキルを活用した 『初手AI』を実現する業務自動化AIエージェント基盤
ruzia
7
1.4k
アプリにAIを正しく組み込むための アーキテクチャ── 国産LLMの現実と実践
kohju
0
220
AI with TiDD
shiraji
1
270
Featured
See All Featured
Marketing Yourself as an Engineer | Alaka | Gurzu
gurzu
0
90
SEO in 2025: How to Prepare for the Future of Search
ipullrank
3
3.3k
Pawsitive SEO: Lessons from My Dog (and Many Mistakes) on Thriving as a Consultant in the Age of AI
davidcarrasco
0
37
Building Experiences: Design Systems, User Experience, and Full Site Editing
marktimemedia
0
330
Building an army of robots
kneath
306
46k
My Coaching Mixtape
mlcsv
0
13
Fantastic passwords and where to find them - at NoRuKo
philnash
52
3.5k
The agentic SEO stack - context over prompts
schlessera
0
560
Redefining SEO in the New Era of Traffic Generation
szymonslowik
1
170
What’s in a name? Adding method to the madness
productmarketing
PRO
24
3.8k
Evolution of real-time – Irina Nazarova, EuRuKo, 2024
irinanazarova
9
1.1k
Reflections from 52 weeks, 52 projects
jeffersonlam
355
21k
Transcript
Sanitizing All* The Things tacow / September 2017 / @gregheo
❓ ✋
None
✅
None
‣ ASAN ‣ TSAN
‣ What? ‣ So what? ‣ How? ‣ Show me?
Address Sanitizer allocated buffer unallocated!
‣ Buffer overflows ‣ Subtle bugs ‣ Security vulnerabilities
None
allocated buffer padding shadow memory poisoned poisoned OK
asan_malloc malloc asan_free free Shadow memory check Pointer access
Live Coding!
Address Sanitizer Memory corruption & errors Security & crashes Custom
malloc & free
Thread Sanitizer memory buffer read write
‣ Race conditions ‣ Very subtle and difficult-to-reproduce bugs ‣
Thread mismatch errors
None
‣ Thread ID ‣ Timestamp ‣ Read or write? ‣
Bytes accessed
None
Live Coding!
Thread Sanitizer Data race detector Find race conditions & thread
issues Thread IDs & timestamps
Address Sanitizer Memory corruption & errors Security & crashes Custom
malloc & free
None
@gregheo
gregheo
whisaiyo
bitkey
flatt_security
shimy
fullkaiten
capytan
play_inc
taromatsui_cccmkhd
ruzia
kohju
shiraji
gurzu
ipullrank
davidcarrasco
marktimemedia
kneath
mlcsv
philnash
schlessera
szymonslowik
productmarketing
irinanazarova
jeffersonlam
