Sanitizing  All* The Things

September 12, 2017

66

Sanitizing  All* The Things

Address sanitizer and thread sanitizer. What, why, how?

Greg Heo

September 12, 2017

More Decks by Greg Heo

See All by Greg Heo

Concurrency From the Ground Up

0

240

The least you need to know about hashing in Swift

0

190

Shared Mutable State

0

530

Promises, Futures, and the Shape of Your Code

0

69

Shared, Exclusive, Mutable, Immutable

0

160

Getting Under Swift’s Skin

0

550

Sanitizing Threads for Fun & Profit

0

160

Thirteen Ways of Looking at a View Controller

0

140

Five Unbelievable Secrets of Reactive Programming the Experts Don't Want You to Know!

3

420

Other Decks in Technology

See All in Technology

そのSLO 99.9%、本当に必要ですか？〜優先度付きSLOによる責任共有の設計思想〜 / Is that 99.9% SLO really necessary? Design philosophy of shared responsibility through prioritized SLOs

0

730

AI飲み会幹事エージェントを作っただけなのに

0

210

AI-Assisted Contributions and Maintainer Load - PyCon US 2026

1

140

写真で見るAWS Summit Singapore 2026

0

110

オライリーイベント登壇資料「鉄リサイクル・産廃業界におけるAI技術実応用のカタチ」

0

400

AWS運用におけるAI Agent活用術 / JAWS-UG 神戸 #11 LT大会

1

250

How to learn AWS Well-Architected with AWS BuilderCards: Security Edition

PRO

0

140

おいらのAWSアップデートの追い方〜Slack×AgentCore〜

1

100

PdM・Eng・QAで進めるAI駆動開発の現在地/aidd-with-pdm-eng-qa

0

240

20260515 ⾃分のアカウントとプライバシーを守る認証と認可の話〜利⽤者向け〜

0

560

生成AI時代に信頼性をどう保ち続けるか - Policy as Code の実践

1

390

AIを賢くしたいなら、まずは人間の改善ループから

0

110

Featured

See All Featured

How STYLIGHT went responsive

100

6.1k

How to Create Impact in a Changing Tech Landscape [PerfNow 2023]

55

3.3k

Agile Actions for Facilitating Distributed Teams - ADO2019

0

180

YesSQL, Process and Tooling at Scale

174

15k

Design of three-dimensional binary manipulators for pick-and-place task avoiding obstacles (IECON2024)

0

420

世界の人気アプリ100個を分析して見えたペイウォール設計の心得

PRO

70

39k

Exploring anti-patterns in Rails

3

350

HTML-Aware ERB: The Path to Reactive Rendering @ RubyCon 2026, Rimini, Italy

1

49

How People are Using Generative and Agentic AI to Supercharge Their Products, Projects, Services and Value Streams Today

1

180

AI Search: Implications for SEO and How to Move Forward - #ShenzhenSEOConference

1

1.2k

Imperfection Machines: The Place of Print at Facebook

270

14k

My Coaching Mixtape

0

120

Transcript

Sanitizing  All* The Things tacow / September 2017 / @gregheo
❓ ✋
None
✅
None
‣ ASAN ‣ TSAN
‣ What? ‣ So what? ‣ How? ‣ Show me?
Address Sanitizer allocated buffer unallocated!
‣ Buffer overﬂows ‣ Subtle bugs ‣ Security vulnerabilities
None
allocated buffer padding shadow memory poisoned poisoned OK
asan_malloc malloc asan_free free Shadow memory check Pointer access
Live Coding!
Address Sanitizer Memory corruption & errors Security & crashes Custom
malloc & free
Thread Sanitizer memory buffer read write
‣ Race conditions ‣ Very subtle and  difﬁcult-to-reproduce bugs ‣
Thread mismatch errors
None
‣ Thread ID ‣ Timestamp ‣ Read or write? ‣
Bytes accessed
None
Live Coding!
Thread Sanitizer Data race detector Find race conditions & thread
issues Thread IDs & timestamps
Address Sanitizer Memory corruption & errors Security & crashes Custom
malloc & free
None
@gregheo