The document discusses three sanitizers - AddressSanitizer, ThreadSanitizer, and MemorySanitizer - that detect bugs in C/C++ programs. AddressSanitizer detects memory errors like buffer overflows and use-after-frees. ThreadSanitizer finds data races between threads. MemorySanitizer identifies uses of uninitialized memory. The sanitizers work by instrumenting code at compile-time and providing a run-time library for error detection and reporting. They have found thousands of bugs in major software projects with reasonable overhead. Future work includes supporting more platforms and detecting additional classes of bugs.
The promise of the IoT won’t be fulfilled until integrated
software platforms are available that allow software
developers to develop these devices efficiently and in
the most cost-effective manner possible.
This presentation introduces F9 microkernel, new open source
implementation built from scratch, which deploys
modern kernel techniques dedicated to deeply
embedded devices.
The promise of the IoT won’t be fulfilled until integrated
software platforms are available that allow software
developers to develop these devices efficiently and in
the most cost-effective manner possible.
This presentation introduces F9 microkernel, new open source
implementation built from scratch, which deploys
modern kernel techniques dedicated to deeply
embedded devices.
Introduce Brainf*ck, another Turing complete programming language. Then, try to implement the following from scratch: Interpreter, Compiler [x86_64 and ARM], and JIT Compiler.
Linux Kernel Booting Process (2) - For NLKBshimosawa
Describes the bootstrapping part in Linux, and related architectural mechanisms and technologies.
This is the part two of the slides, and the succeeding slides may contain the errata for this slide.
Jserv gave a talk about the conceptual introduction to LLVM. The session mentioned the evolution of compiler technologies, paradigm shift, LLVM as a promising open source project, and how LLVM changes the IT world.
LCU14 302- How to port OP-TEE to another platformLinaro
LCU14 302- How to port OP-TEE to another platform
---------------------------------------------------
Speaker: Joakim Bech, Jens Wiklander and Pascal Brand
Date: September 17, 2014
---------------------------------------------------
★ Session Summary ★
OP-TEE (Open Portable Trusted Execution Environment) is the source code for the TEE in Linux using the ARM Trustzone technology. This component meets the Global Platform TEE System Architecture specification. Most of the code is generic. However, a number of platform specific characteristics are addressed, such as memory layout or board specific hardware IP. In this session, you can learn the steps to follow to port OP-TEE for your armv7 platform, as the ones that have been defined when porting OP-TEE to A80 (SWG-77). OP-TEE to the Allwinner A80 platform
---------------------------------------------------
★ Resources ★
Zerista: http://lcu14.zerista.com/event/member/137748
Google Event: https://plus.google.com/u/0/events/cnd044lmnid6jcoj1a9svlhmkj0
Video: https://www.youtube.com/watch?v=QgaGJow7hws&list=UUIVqQKxCyQLJS6xvSmfndLA
Etherpad: http://pad.linaro.org/p/lcu14-302
---------------------------------------------------
★ Event Details ★
Linaro Connect USA - #LCU14
September 15-19th, 2014
Hyatt Regency San Francisco Airport
---------------------------------------------------
http://www.linaro.org
http://connect.linaro.org
Note: When you view the the slide deck via web browser, the screenshots may be blurred. You can download and view them offline (Screenshots are clear).
Windows Kernel Exploitation : This Time Font hunt you down in 4 bytesPeter Hlavaty
In our recent work we targeted also win32k, what seems to be fruit giving target. @promised_lu made our own TTF-fuzzer which comes with bunch of results in form of gigabytes of crashes and various bugs. Fortunately windows make great work and in February most of our bugs was dead - patched, but not all of them…
Whats left were looking as seemingly unexploitable kernel bugs with ridiculous conditions. We decided to check it out, and finally combine it with our user mode bug & emet bypass. Through IE & flash we break down system and pointed out at weak points in defensive mechanism.
In this talk we will present our research dedicated for pwn2own event this year. We will describe kernel part of exploit in detail*, including bug description, resulting memory corruption conditions & caveats up to final pwn via one of our TTF bugs.
Throughout the talk we will describe how to break various exploit mitigations in windows kernel and why it is possible. We will introduce novel kernel exploitation techniques breaking all what stands { KASLR, SMEP, even imaginary SMAP or CFG } and bring you SYSTEM exec (from kernel driver to system calc).
* unfortunately bug was not fixed at the time of talk, so we do not exposed details about TTF vulnerability, and we skipped directly to some challenges during exploitation, and demonstrate how OS design can overpower introduced exploit mitigations.
It is the presentation file used by Jim Huang (jserv) at OSDC.tw 2009. New compiler technologies are invisible but highly integrated around our world, and we can enrich the experience via facilitating LLVM.
SFO15-503: Secure storage in OP-TEE
Speaker: James Kung, Sheng-Yu Chiu
Date: September 25, 2015
★ Session Description ★
Linaro has been refining the secure storage solution in OP-TEE and in this session the audience will get an update about the current status and also will get to know about the implementation details, design decisions and what algorithms that has been used.
★ Resources ★
Video: https://www.youtube.com/watch?v=pChEdObYLRM
Presentation: http://www.slideshare.net/linaroorg/sfo15503-secure-storage-in-optee
Etherpad: pad.linaro.org/p/sfo15-503
Pathable: https://sfo15.pathable.com/meetings/303094
★ Event Details ★
Linaro Connect San Francisco 2015 - #SFO15
September 21-25, 2015
Hyatt Regency Hotel
http://www.linaro.org
http://connect.linaro.org
GNU Toolchain is the de facto standard of IT industrial and has been improved by comprehensive open source contributions. In this session, it is expected to cover the mechanism of compiler driver, system interaction (take GNU/Linux for example), linker, C runtime library, and the related dynamic linker. Instead of analyzing the system design, the session is use case driven and illustrated progressively.
ATF(ARM Trusted Firmware)は、ARMv8では重要なソフトウェア。
全体を利用するのではなく、その一部を利用可能。
この資料では、BL31(EL3 Runtime Firmware)を単体で使う場合、どうすればいいのかを、Xilinx社のZynq UltraScale+ MPSoCを例に説明しています。
ATF (ARM Trusted Firmware) is an important software in ARMv8.
Instead of using the whole, part of it is available.
This document explains how to do when using BL31 (EL3 Runtime Firmware) alone, for example, with Xilinx's Zynq UltraScale + MPSoC.
Linux Performance Analysis: New Tools and Old SecretsBrendan Gregg
Talk for USENIX/LISA2014 by Brendan Gregg, Netflix. At Netflix performance is crucial, and we use many high to low level tools to analyze our stack in different ways. In this talk, I will introduce new system observability tools we are using at Netflix, which I've ported from my DTraceToolkit, and are intended for our Linux 3.2 cloud instances. These show that Linux can do more than you may think, by using creative hacks and workarounds with existing kernel features (ftrace, perf_events). While these are solving issues on current versions of Linux, I'll also briefly summarize the future in this space: eBPF, ktap, SystemTap, sysdig, etc.
HKG15-207: Advanced Toolchain Usage Part 3
---------------------------------------------------
Speaker: Ryan Arnold, Maxim Kuvyrkov, Will Newton, Yvan Roux
Date: February 10, 2015
---------------------------------------------------
★ Session Summary ★
This session is a continuation of the Advanced Toolchain Usage Part 1 & 2 presentations given at LCU14. Parts 3 and 4 will cover a variety of topics, such as: Linker tips and tricks, adding symbol versioning interfaces to a system library, debugging the dynamic linker, debugging applications that use malloc, gcc attributes, manually constructing a backtrace on arm & Aarch64, how to add lightweight debugging to your program, how to use a signal handler appropriately, and TLS Models on Aarch64 and when to use them.
--------------------------------------------------
★ Resources ★
Pathable: https://hkg15.pathable.com/meetings/250788
Video: https://www.youtube.com/watch?v=EhNqFCN0YJ0
Etherpad: http://pad.linaro.org/p/hkg15-207
---------------------------------------------------
★ Event Details ★
Linaro Connect Hong Kong 2015 - #HKG15
February 9-13th, 2015
Regal Airport Hotel Hong Kong Airport
---------------------------------------------------
http://www.linaro.org
http://connect.linaro.org
Today we'll start from the very beginning of library creation, we'll take a look into Boost recommendations for library authors, useful tools and Boost review process.
So you're a developer and your goal is to write a new useful high quality library. Where should you start?
First of all, you need to find a problem to be solved by your library. Then a good way for solving the problem must be found. And then goes the implementation:
* Do we care about mobile devices and MacOS/Linux/Windows?
* Do we need C++11 or C++98?
* How to organize testing?
* What tools to use?
* What else must be in your library?
* How to make the library popular and really useful?
* What steps must be done to submit library into Boost?
* How does the library review looks like?
* What goes after the acceptance?
Introduce Brainf*ck, another Turing complete programming language. Then, try to implement the following from scratch: Interpreter, Compiler [x86_64 and ARM], and JIT Compiler.
Linux Kernel Booting Process (2) - For NLKBshimosawa
Describes the bootstrapping part in Linux, and related architectural mechanisms and technologies.
This is the part two of the slides, and the succeeding slides may contain the errata for this slide.
Jserv gave a talk about the conceptual introduction to LLVM. The session mentioned the evolution of compiler technologies, paradigm shift, LLVM as a promising open source project, and how LLVM changes the IT world.
LCU14 302- How to port OP-TEE to another platformLinaro
LCU14 302- How to port OP-TEE to another platform
---------------------------------------------------
Speaker: Joakim Bech, Jens Wiklander and Pascal Brand
Date: September 17, 2014
---------------------------------------------------
★ Session Summary ★
OP-TEE (Open Portable Trusted Execution Environment) is the source code for the TEE in Linux using the ARM Trustzone technology. This component meets the Global Platform TEE System Architecture specification. Most of the code is generic. However, a number of platform specific characteristics are addressed, such as memory layout or board specific hardware IP. In this session, you can learn the steps to follow to port OP-TEE for your armv7 platform, as the ones that have been defined when porting OP-TEE to A80 (SWG-77). OP-TEE to the Allwinner A80 platform
---------------------------------------------------
★ Resources ★
Zerista: http://lcu14.zerista.com/event/member/137748
Google Event: https://plus.google.com/u/0/events/cnd044lmnid6jcoj1a9svlhmkj0
Video: https://www.youtube.com/watch?v=QgaGJow7hws&list=UUIVqQKxCyQLJS6xvSmfndLA
Etherpad: http://pad.linaro.org/p/lcu14-302
---------------------------------------------------
★ Event Details ★
Linaro Connect USA - #LCU14
September 15-19th, 2014
Hyatt Regency San Francisco Airport
---------------------------------------------------
http://www.linaro.org
http://connect.linaro.org
Note: When you view the the slide deck via web browser, the screenshots may be blurred. You can download and view them offline (Screenshots are clear).
Windows Kernel Exploitation : This Time Font hunt you down in 4 bytesPeter Hlavaty
In our recent work we targeted also win32k, what seems to be fruit giving target. @promised_lu made our own TTF-fuzzer which comes with bunch of results in form of gigabytes of crashes and various bugs. Fortunately windows make great work and in February most of our bugs was dead - patched, but not all of them…
Whats left were looking as seemingly unexploitable kernel bugs with ridiculous conditions. We decided to check it out, and finally combine it with our user mode bug & emet bypass. Through IE & flash we break down system and pointed out at weak points in defensive mechanism.
In this talk we will present our research dedicated for pwn2own event this year. We will describe kernel part of exploit in detail*, including bug description, resulting memory corruption conditions & caveats up to final pwn via one of our TTF bugs.
Throughout the talk we will describe how to break various exploit mitigations in windows kernel and why it is possible. We will introduce novel kernel exploitation techniques breaking all what stands { KASLR, SMEP, even imaginary SMAP or CFG } and bring you SYSTEM exec (from kernel driver to system calc).
* unfortunately bug was not fixed at the time of talk, so we do not exposed details about TTF vulnerability, and we skipped directly to some challenges during exploitation, and demonstrate how OS design can overpower introduced exploit mitigations.
It is the presentation file used by Jim Huang (jserv) at OSDC.tw 2009. New compiler technologies are invisible but highly integrated around our world, and we can enrich the experience via facilitating LLVM.
SFO15-503: Secure storage in OP-TEE
Speaker: James Kung, Sheng-Yu Chiu
Date: September 25, 2015
★ Session Description ★
Linaro has been refining the secure storage solution in OP-TEE and in this session the audience will get an update about the current status and also will get to know about the implementation details, design decisions and what algorithms that has been used.
★ Resources ★
Video: https://www.youtube.com/watch?v=pChEdObYLRM
Presentation: http://www.slideshare.net/linaroorg/sfo15503-secure-storage-in-optee
Etherpad: pad.linaro.org/p/sfo15-503
Pathable: https://sfo15.pathable.com/meetings/303094
★ Event Details ★
Linaro Connect San Francisco 2015 - #SFO15
September 21-25, 2015
Hyatt Regency Hotel
http://www.linaro.org
http://connect.linaro.org
GNU Toolchain is the de facto standard of IT industrial and has been improved by comprehensive open source contributions. In this session, it is expected to cover the mechanism of compiler driver, system interaction (take GNU/Linux for example), linker, C runtime library, and the related dynamic linker. Instead of analyzing the system design, the session is use case driven and illustrated progressively.
ATF(ARM Trusted Firmware)は、ARMv8では重要なソフトウェア。
全体を利用するのではなく、その一部を利用可能。
この資料では、BL31(EL3 Runtime Firmware)を単体で使う場合、どうすればいいのかを、Xilinx社のZynq UltraScale+ MPSoCを例に説明しています。
ATF (ARM Trusted Firmware) is an important software in ARMv8.
Instead of using the whole, part of it is available.
This document explains how to do when using BL31 (EL3 Runtime Firmware) alone, for example, with Xilinx's Zynq UltraScale + MPSoC.
Linux Performance Analysis: New Tools and Old SecretsBrendan Gregg
Talk for USENIX/LISA2014 by Brendan Gregg, Netflix. At Netflix performance is crucial, and we use many high to low level tools to analyze our stack in different ways. In this talk, I will introduce new system observability tools we are using at Netflix, which I've ported from my DTraceToolkit, and are intended for our Linux 3.2 cloud instances. These show that Linux can do more than you may think, by using creative hacks and workarounds with existing kernel features (ftrace, perf_events). While these are solving issues on current versions of Linux, I'll also briefly summarize the future in this space: eBPF, ktap, SystemTap, sysdig, etc.
HKG15-207: Advanced Toolchain Usage Part 3
---------------------------------------------------
Speaker: Ryan Arnold, Maxim Kuvyrkov, Will Newton, Yvan Roux
Date: February 10, 2015
---------------------------------------------------
★ Session Summary ★
This session is a continuation of the Advanced Toolchain Usage Part 1 & 2 presentations given at LCU14. Parts 3 and 4 will cover a variety of topics, such as: Linker tips and tricks, adding symbol versioning interfaces to a system library, debugging the dynamic linker, debugging applications that use malloc, gcc attributes, manually constructing a backtrace on arm & Aarch64, how to add lightweight debugging to your program, how to use a signal handler appropriately, and TLS Models on Aarch64 and when to use them.
--------------------------------------------------
★ Resources ★
Pathable: https://hkg15.pathable.com/meetings/250788
Video: https://www.youtube.com/watch?v=EhNqFCN0YJ0
Etherpad: http://pad.linaro.org/p/hkg15-207
---------------------------------------------------
★ Event Details ★
Linaro Connect Hong Kong 2015 - #HKG15
February 9-13th, 2015
Regal Airport Hotel Hong Kong Airport
---------------------------------------------------
http://www.linaro.org
http://connect.linaro.org
Today we'll start from the very beginning of library creation, we'll take a look into Boost recommendations for library authors, useful tools and Boost review process.
So you're a developer and your goal is to write a new useful high quality library. Where should you start?
First of all, you need to find a problem to be solved by your library. Then a good way for solving the problem must be found. And then goes the implementation:
* Do we care about mobile devices and MacOS/Linux/Windows?
* Do we need C++11 or C++98?
* How to organize testing?
* What tools to use?
* What else must be in your library?
* How to make the library popular and really useful?
* What steps must be done to submit library into Boost?
* How does the library review looks like?
* What goes after the acceptance?
Debugging and Profiling C++ Template MetaprogramsPlatonov Sergey
Template metaprogramming is an emerging new direction in C++ programming for executing algorithms in compilation time. Despite all of its already proven benefits and numerous successful applications, it is yet to be accepted in industrial projects. One reason is the lack of professional software tools supporting the development of template metaprograms. A strong analogue exists between traditional runtime programs and compile-time metaprograms. This connection presents the possibility for creating development tools similar to those already used when writing runtime programs. This paper introduces Templight, a debugging framework that reveals the steps executed by the compiler during the compilation of C++ programs with templates. Templight’s features include following the instantiation chain, setting breakpoints, and inspecting metaprogram information. This framework aims to take a step forward to help template metaprogramming become more accepted in the software industry.
Есть много причин заниматься конверсией управляемых языков в нативные: это прежде всего производительность, но также защита от реверс-инжиниринга, поддержка аппаратных технологий или каких-то специфичных платформ. В этом докладе мы посмотрим на пример построения конвертера из C# в C++ и те нюансы, которые встречаются при решении этой задачи
В докладе пойдёт речь о практическом применении lock-free структур и алгоритмов, которые используются в RealTime-Поиске в Яндексе. Из-за сложности теоретических исследований по lock-free и оторванности от практики часто создаётся впечатление, что это просто развлечение для знатоков computer science и не может быть использовано в реальном проекте. Будут рассмотрены проблемы традиционного подхода к lock-free и показано, как взглянув по новому на всю идею lock-free, добиться максимальной производительности, невозможной при использовании блокировок.
Как показывает практика, повсеместное применение классического, основанного на callback’ах подхода к асинхронному программированию обычно оказывается неудобным. Для упрощения написания и поддержки сложного асинхронного кода можно использовать иной подход — с использованием сопрограмм. Он значительно сокращает объём и сложность кода, превращая код из асинхронного в синхронный.
Со времён С++98 стандартные контейнеры и идиома RAII позволяли избегать использования оператора delete,
что делало код более безопасным. С приходом С++11 и умных указателей отпала необходимость использовать оператор new, что позволило практически полностью переложить управление памятью на плечи компилятора. В
докладе объясняется идеология управления памятью и ресурсами в современном С++.
Рассмотрены известные автору подходы к реализации как lock-free, так и fine-grained lock-based set/map: хеш-таблицы, деревья. Что из подходов STL может быть реализовано в lock-free манере, а что принципиально нет. Подводные камни lock-free и их нейтрализация.
Multithreading with modern C++ is hard. Undefined variables, Deadlocks, Livelocks, Race Conditions, Spurious Wakeups, the Double Checked Locking Pattern, etc. And at the base is the new Memory-Modell which make the life not easier. The story of things which can go wrong is very long. In this talk I give you a tour through the things which can go wrong and show how you can avoid them.
Architecting for the Cloud: demo and best practices, by Simone Brunozzi (2011...Amazon Web Services
Architecting for the Cloud: Demo and best practices.
Follow Simone Brunozzi on Twitter: @simon
Presentation recorded on July 14th, 2011, in Sydney during the 2011 AWS Tour Australia.
For the video (including audio), go here: http://www.slideshare.net/AmazonWebServices/video-architecting-for-the-cloud-demo-and-best-practices
Exploring Compiler Optimization Opportunities for the OpenMP 4.x Accelerator...Akihiro Hayashi
Third Workshop on Accelerator Programming Using Directives (WACCPD2016, co-located with SC16)
While GPUs are increasingly popular for high-performance
computing, optimizing the performance of GPU programs is a time-consuming and non-trivial process in general. This complexity stems from the low abstraction level of standard
GPU programming models such as CUDA and OpenCL:
programmers are required to orchestrate low-level operations
in order to exploit the full capability of GPUs. In terms of
software productivity and portability, a more attractive approach
would be to facilitate GPU programming by providing high-level
abstractions for expressing parallel algorithms.
OpenMP is a directive-based shared memory parallel programming model and has been widely used for many years.
From OpenMP 4.0 onwards, GPU platforms are supported
by extending OpenMP’s high-level parallel abstractions with
accelerator programming. This extension allows programmers to
write GPU programs in standard C/C++ or Fortran languages,
without exposing too many details of GPU architectures.
However, such high-level parallel programming strategies generally impose additional program optimizations on compilers,
which could result in lower performance than fully hand-tuned
code with low-level programming models.To study potential
performance improvements by compiling and optimizing high-level GPU programs, in this paper, we 1) evaluate a set of
OpenMP 4.x benchmarks on an IBM POWER8 and NVIDIA
Tesla GPU platform and 2) conduct a comparable performance
analysis among hand-written CUDA and automatically-generated
GPU programs by the IBM XL and clang/LLVM compilers.
A Speculative Technique for Auto-Memoization Processor with MultithreadingMatsuo and Tsumura lab.
Yushi KAMIYA, Tomoaki TSUMURA, Hiroshi MATSUO, Yasuhiko NAKASHIMA:
"A Speculative Technique for Auto-Memoization Processor with Multithreading"(発表資料)
Proc. 10th Intl. Conf. on Parallel and Distributed Computing, Applications and Technologies (PDCAT'09), Higashi-Hiroshima, Japan, pp.160-166 (Dec. 2009)
Profilers find performance bottlenecks in your app but provide confusing information. Let's give you insights into how your profiler and your app are really interacting. What profiling APIs are available, how they work, and what their implementation on the JVM (OpenJDK) side looks like:
Stack sampling profilers: stop motion view of your app
GetCallTrace(JVisualVM case study): The official stack sampling API
Safepoints and safepoint sampling bias
AsyncGetCallTrace(Honest Profiler Case Study): The unofficial API
JVM Profilers vs System Profilers: No API needed?
Productive OpenCL Programming An Introduction to OpenCL Libraries with Array...AMD Developer Central
In this webinar presentation, ArrayFire COO Oded Green demonstrates best practices to help you quickly get started with OpenCL™ programming. Learn how to get the best performance from AMD hardware in various programming languages using ArrayFire. Oded discusses the latest advancements in the OpenCL™ ecosystem, including cutting edge OpenCL™ libraries such as clBLAS, clFFT, clMAGMA and ArrayFire. Examples are shown in real code for common application domains.
Watch the webinar here: http://bit.ly/1obT0M2
For more developer resources, visit:
http://arrayfire.com/
http://developer.amd.com/
Follow us on Twitter: https://twitter.com/AMDDevCentral
See info in the slides for more contact information and resource links!
C Programming Training in Ambala ! Batra Computer Centrejatin batra
Batra Computer Centre is An ISO certified 9001:2008 training Centre in Ambala.
We Provide C Programming Training in Ambala. BATRA COMPUTER CENTRE provides best training in C, C++, S.E.O, Web Designing, Web Development and So many other courses are available.
Presentation on Auto Tuning delivered as part of our "Software for Multicore Processors" course at UT Austin. It covers the basics of AutoTuning and details of two library generators called PhiPAC and ATLAS.
Евгений Зуев, С++ в России: Стандарт языка и его реализацияPlatonov Sergey
Доклад посвящён различным аспектам компилятора С++, созданного с участием автора. В выступлении рассказывается о продвинутой архитектуре компилятора, основных проектных решениях, а также обсуждаются особенности входного языка, повлиявшие на реализацию компилятора.
В своих прошлых докладах (http://cpp-russia.ru/?p=198, и http://cpp-russia.ru/?page_id=1239) я рассказывал о C++ без исключений, как с эти жить, как работать. Этот доклад является продолжением этой серии. Я рекомендую освежить в памяти предыдущие доклады, чтобы наша работа была более продуктивной. Мы обсудим механизмы создания, копирования и перемещения объектов, механизмы аллокации и деаллокации памяти, а также обработку ошибок и исключений. Также мы обсудим проблемы и неудобства, которые испытывает программист, когда пишет код без исключений. В конце, я попытаюсь показать, как можно проектировать структуры данных, контейнеры для удобной работы в средах с исключениями и без исключений.
Евгений Рыжков, Андрей Карпов Как потратить 10 лет на разработку анализатора ...Platonov Sergey
Кто-то верно подметил, что разработчики статических анализатора часто сталкиваются с "проблемой айсберга". Им сложно объяснить разработчикам, почему сложно написать и развивать статические анализаторы кода. Дело в том, что сторонние наблюдатели видят только вершину всего процесса, так как им доступен для изучения только простой интерфейс, который предоставляют анализаторы для взаимодействия с миром. Это ведь не графический редактор с сотнями кнопок и рычажков. В результате и возникает ощущение, что раз прост интерфейс взаимодействия, то и прост продукт. На самом деле статические анализаторы кода — это сложные программы, в которых живут и взаимодействуют разнообразнейшие методы поиска дефектов. В них реализуется множество экспертные системы, выдающие заключения о коде на основе как точных, так и эмпирических алгоритмах. В парном докладе, основатели анализатора PVS-Studio расскажут о том, как незаметно потратить 10 лет, чтобы написать хороший анализатор. Дьявол кроется в деталях!
QML\Qt Quick это превосходный декларативный язык программирования, призванный сильно упростить создание и дальнейшую поддержку пользовательских интерфейсов.В докладе я расскажу что из себя представляет QML, попробуем разобраться в вопросе “Где и как уместно использовать QML\Qt Quick” и приведу краткий обзор полезных инструментов для разработки QML\Qt Quick приложений.
Доклад посвящён алгоритмам и структурам данных рендеринга автомобильных маршрутов в ГИС приложениях. Так же будут затронуты особенности и проблемы, возникающие при написании единого кода визуализации для нескольких программно-аппаратных платформ (Android, Windows Phone, iOS, Windows Desktop, Linux Desktop).
Мало кто отчетливо представляет, как работают исключения в С++.
Автор пытается восполнить этот пробел, заодно пытаясь выяснить, почему всё устроено так как оно устроено и нельзя ли там чего-нибудь улучшить.
1) Две основные проблемы - как обустроить раскрутку стека
и как осуществить передачу управления при возникновении исключения
2) Раскрутка стека - GCC LDSA, MSVC32, MSVC64
3) Передача управления - SJLJ, DW2, MSVC
4) Раскручиваем стек своими руками
Как мы уменьшили количество ошибок в Unreal Engine с помощью статического ана...Platonov Sergey
Размер и сложность проектов растёт. С кодом всё сложнее совладать, поэтому статический анализ всё больше набирает популярность. А лидеры отрасли все чаще внедряют такие инструменты у себя. Мы расскажем об использования статического анализатора кода в игровой индустрии на примере работы с проектом Unreal Engine 4. Про это на сайте компании Epic Games можно найти статью. Но одно дела статья, а другое дело живой рассказ. Вы услышите интересные истории, увидите примеры ошибок в коде Epic Games, да и просто пообщаетесь с участниками внедрения анализатора. Если вы ещё не решили, нужен ли статический анализатор вашему проекту, обязательно приходите послушать наш доклад.
Дракон в мешке: от LLVM к C++ и проблемам неопределенного поведенияPlatonov Sergey
В этом докладе Дмитрий кратко рассказывает о таком звере, как LLVM, о котором много кто слышал, но немногие щупали.
Что такое компилятор на самом деле? Как происходит компиляция программы, как работают оптимизации и, наконец, откуда берется неопределенное поведение в детерменированных программах на C++?
One definition rule - что это такое, и как с этим житьPlatonov Sergey
В докладе будет разобрано, что-же такое ODR, какие ошибки могут быть из-за нарушения этого правила. Также будет представлен Proof-of-concept утилиты на базе clang tooling по автоматическому поиску таких ошибок.
В докладе рассказывается об особенностях подхода к dependence injections в C++. Посмотрим какие подходы, в чем их плюсы и минусы. Также затрагивается тема Inversion of Control контейнеров.
C++ богат различными инструментами, при разработке на C++ используется множество различных подходов. Но можно ли пользоваться ими во всех случаях или бывают ситуации, когда стоит воздержаться или ограничить их использование?
В докладе пойдет речь о том, какие существуют ограничения при разработке браузера и откуда они взялись. Почему мы живем без исключений или RTTI, к чему это ведет. Как мы используем стандартную библиотеку и сторонние модули.
How Does XfilesPro Ensure Security While Sharing Documents in Salesforce?XfilesPro
Worried about document security while sharing them in Salesforce? Fret no more! Here are the top-notch security standards XfilesPro upholds to ensure strong security for your Salesforce documents while sharing with internal or external people.
To learn more, read the blog: https://www.xfilespro.com/how-does-xfilespro-make-document-sharing-secure-and-seamless-in-salesforce/
Providing Globus Services to Users of JASMIN for Environmental Data AnalysisGlobus
JASMIN is the UK’s high-performance data analysis platform for environmental science, operated by STFC on behalf of the UK Natural Environment Research Council (NERC). In addition to its role in hosting the CEDA Archive (NERC’s long-term repository for climate, atmospheric science & Earth observation data in the UK), JASMIN provides a collaborative platform to a community of around 2,000 scientists in the UK and beyond, providing nearly 400 environmental science projects with working space, compute resources and tools to facilitate their work. High-performance data transfer into and out of JASMIN has always been a key feature, with many scientists bringing model outputs from supercomputers elsewhere in the UK, to analyse against observational or other model data in the CEDA Archive. A growing number of JASMIN users are now realising the benefits of using the Globus service to provide reliable and efficient data movement and other tasks in this and other contexts. Further use cases involve long-distance (intercontinental) transfers to and from JASMIN, and collecting results from a mobile atmospheric radar system, pushing data to JASMIN via a lightweight Globus deployment. We provide details of how Globus fits into our current infrastructure, our experience of the recent migration to GCSv5.4, and of our interest in developing use of the wider ecosystem of Globus services for the benefit of our user community.
Your Digital Assistant.
Making complex approach simple. Straightforward process saves time. No more waiting to connect with people that matter to you. Safety first is not a cliché - Securely protect information in cloud storage to prevent any third party from accessing data.
Would you rather make your visitors feel burdened by making them wait? Or choose VizMan for a stress-free experience? VizMan is an automated visitor management system that works for any industries not limited to factories, societies, government institutes, and warehouses. A new age contactless way of logging information of visitors, employees, packages, and vehicles. VizMan is a digital logbook so it deters unnecessary use of paper or space since there is no requirement of bundles of registers that is left to collect dust in a corner of a room. Visitor’s essential details, helps in scheduling meetings for visitors and employees, and assists in supervising the attendance of the employees. With VizMan, visitors don’t need to wait for hours in long queues. VizMan handles visitors with the value they deserve because we know time is important to you.
Feasible Features
One Subscription, Four Modules – Admin, Employee, Receptionist, and Gatekeeper ensures confidentiality and prevents data from being manipulated
User Friendly – can be easily used on Android, iOS, and Web Interface
Multiple Accessibility – Log in through any device from any place at any time
One app for all industries – a Visitor Management System that works for any organisation.
Stress-free Sign-up
Visitor is registered and checked-in by the Receptionist
Host gets a notification, where they opt to Approve the meeting
Host notifies the Receptionist of the end of the meeting
Visitor is checked-out by the Receptionist
Host enters notes and remarks of the meeting
Customizable Components
Scheduling Meetings – Host can invite visitors for meetings and also approve, reject and reschedule meetings
Single/Bulk invites – Invitations can be sent individually to a visitor or collectively to many visitors
VIP Visitors – Additional security of data for VIP visitors to avoid misuse of information
Courier Management – Keeps a check on deliveries like commodities being delivered in and out of establishments
Alerts & Notifications – Get notified on SMS, email, and application
Parking Management – Manage availability of parking space
Individual log-in – Every user has their own log-in id
Visitor/Meeting Analytics – Evaluate notes and remarks of the meeting stored in the system
Visitor Management System is a secure and user friendly database manager that records, filters, tracks the visitors to your organization.
"Secure Your Premises with VizMan (VMS) – Get It Now"
Software Engineering, Software Consulting, Tech Lead.
Spring Boot, Spring Cloud, Spring Core, Spring JDBC, Spring Security,
Spring Transaction, Spring MVC,
Log4j, REST/SOAP WEB-SERVICES.
Code reviews are vital for ensuring good code quality. They serve as one of our last lines of defense against bugs and subpar code reaching production.
Yet, they often turn into annoying tasks riddled with frustration, hostility, unclear feedback and lack of standards. How can we improve this crucial process?
In this session we will cover:
- The Art of Effective Code Reviews
- Streamlining the Review Process
- Elevating Reviews with Automated Tools
By the end of this presentation, you'll have the knowledge on how to organize and improve your code review proces
Advanced Flow Concepts Every Developer Should KnowPeter Caitens
Tim Combridge from Sensible Giraffe and Salesforce Ben presents some important tips that all developers should know when dealing with Flows in Salesforce.
Developing Distributed High-performance Computing Capabilities of an Open Sci...Globus
COVID-19 had an unprecedented impact on scientific collaboration. The pandemic and its broad response from the scientific community has forged new relationships among public health practitioners, mathematical modelers, and scientific computing specialists, while revealing critical gaps in exploiting advanced computing systems to support urgent decision making. Informed by our team’s work in applying high-performance computing in support of public health decision makers during the COVID-19 pandemic, we present how Globus technologies are enabling the development of an open science platform for robust epidemic analysis, with the goal of collaborative, secure, distributed, on-demand, and fast time-to-solution analyses to support public health.
Listen to the keynote address and hear about the latest developments from Rachana Ananthakrishnan and Ian Foster who review the updates to the Globus Platform and Service, and the relevance of Globus to the scientific community as an automation platform to accelerate scientific discovery.
Why React Native as a Strategic Advantage for Startup Innovation.pdfayushiqss
Do you know that React Native is being increasingly adopted by startups as well as big companies in the mobile app development industry? Big names like Facebook, Instagram, and Pinterest have already integrated this robust open-source framework.
In fact, according to a report by Statista, the number of React Native developers has been steadily increasing over the years, reaching an estimated 1.9 million by the end of 2024. This means that the demand for this framework in the job market has been growing making it a valuable skill.
But what makes React Native so popular for mobile application development? It offers excellent cross-platform capabilities among other benefits. This way, with React Native, developers can write code once and run it on both iOS and Android devices thus saving time and resources leading to shorter development cycles hence faster time-to-market for your app.
Let’s take the example of a startup, which wanted to release their app on both iOS and Android at once. Through the use of React Native they managed to create an app and bring it into the market within a very short period. This helped them gain an advantage over their competitors because they had access to a large user base who were able to generate revenue quickly for them.
Exploring Innovations in Data Repository Solutions - Insights from the U.S. G...Globus
The U.S. Geological Survey (USGS) has made substantial investments in meeting evolving scientific, technical, and policy driven demands on storing, managing, and delivering data. As these demands continue to grow in complexity and scale, the USGS must continue to explore innovative solutions to improve its management, curation, sharing, delivering, and preservation approaches for large-scale research data. Supporting these needs, the USGS has partnered with the University of Chicago-Globus to research and develop advanced repository components and workflows leveraging its current investment in Globus. The primary outcome of this partnership includes the development of a prototype enterprise repository, driven by USGS Data Release requirements, through exploration and implementation of the entire suite of the Globus platform offerings, including Globus Flow, Globus Auth, Globus Transfer, and Globus Search. This presentation will provide insights into this research partnership, introduce the unique requirements and challenges being addressed and provide relevant project progress.
Accelerate Enterprise Software Engineering with PlatformlessWSO2
Key takeaways:
Challenges of building platforms and the benefits of platformless.
Key principles of platformless, including API-first, cloud-native middleware, platform engineering, and developer experience.
How Choreo enables the platformless experience.
How key concepts like application architecture, domain-driven design, zero trust, and cell-based architecture are inherently a part of Choreo.
Demo of an end-to-end app built and deployed on Choreo.
First Steps with Globus Compute Multi-User EndpointsGlobus
In this presentation we will share our experiences around getting started with the Globus Compute multi-user endpoint. Working with the Pharmacology group at the University of Auckland, we have previously written an application using Globus Compute that can offload computationally expensive steps in the researcher's workflows, which they wish to manage from their familiar Windows environments, onto the NeSI (New Zealand eScience Infrastructure) cluster. Some of the challenges we have encountered were that each researcher had to set up and manage their own single-user globus compute endpoint and that the workloads had varying resource requirements (CPUs, memory and wall time) between different runs. We hope that the multi-user endpoint will help to address these challenges and share an update on our progress here.
Designing for Privacy in Amazon Web ServicesKrzysztofKkol1
Data privacy is one of the most critical issues that businesses face. This presentation shares insights on the principles and best practices for ensuring the resilience and security of your workload.
Drawing on a real-life project from the HR industry, the various challenges will be demonstrated: data protection, self-healing, business continuity, security, and transparency of data processing. This systematized approach allowed to create a secure AWS cloud infrastructure that not only met strict compliance rules but also exceeded the client's expectations.
Cyaniclab : Software Development Agency Portfolio.pdfCyanic lab
CyanicLab, an offshore custom software development company based in Sweden,India, Finland, is your go-to partner for startup development and innovative web design solutions. Our expert team specializes in crafting cutting-edge software tailored to meet the unique needs of startups and established enterprises alike. From conceptualization to execution, we offer comprehensive services including web and mobile app development, UI/UX design, and ongoing software maintenance. Ready to elevate your business? Contact CyanicLab today and let us propel your vision to success with our top-notch IT solutions.
SOCRadar Research Team: Latest Activities of IntelBrokerSOCRadar
The European Union Agency for Law Enforcement Cooperation (Europol) has suffered an alleged data breach after a notorious threat actor claimed to have exfiltrated data from its systems. Infamous data leaker IntelBroker posted on the even more infamous BreachForums hacking forum, saying that Europol suffered a data breach this month.
The alleged breach affected Europol agencies CCSE, EC3, Europol Platform for Experts, Law Enforcement Forum, and SIRIUS. Infiltration of these entities can disrupt ongoing investigations and compromise sensitive intelligence shared among international law enforcement agencies.
However, this is neither the first nor the last activity of IntekBroker. We have compiled for you what happened in the last few days. To track such hacker activities on dark web sources like hacker forums, private Telegram channels, and other hidden platforms where cyber threats often originate, you can check SOCRadar’s Dark Web News.
Stay Informed on Threat Actors’ Activity on the Dark Web with SOCRadar!
We describe the deployment and use of Globus Compute for remote computation. This content is aimed at researchers who wish to compute on remote resources using a unified programming interface, as well as system administrators who will deploy and operate Globus Compute services on their research computing infrastructure.
Understanding Globus Data Transfers with NetSageGlobus
NetSage is an open privacy-aware network measurement, analysis, and visualization service designed to help end-users visualize and reason about large data transfers. NetSage traditionally has used a combination of passive measurements, including SNMP and flow data, as well as active measurements, mainly perfSONAR, to provide longitudinal network performance data visualization. It has been deployed by dozens of networks world wide, and is supported domestically by the Engagement and Performance Operations Center (EPOC), NSF #2328479. We have recently expanded the NetSage data sources to include logs for Globus data transfers, following the same privacy-preserving approach as for Flow data. Using the logs for the Texas Advanced Computing Center (TACC) as an example, this talk will walk through several different example use cases that NetSage can answer, including: Who is using Globus to share data with my institution, and what kind of performance are they able to achieve? How many transfers has Globus supported for us? Which sites are we sharing the most data with, and how is that changing over time? How is my site using Globus to move data internally, and what kind of performance do we see for those transfers? What percentage of data transfers at my institution used Globus, and how did the overall data transfer performance compare to the Globus users?
Climate Science Flows: Enabling Petabyte-Scale Climate Analysis with the Eart...Globus
The Earth System Grid Federation (ESGF) is a global network of data servers that archives and distributes the planet’s largest collection of Earth system model output for thousands of climate and environmental scientists worldwide. Many of these petabyte-scale data archives are located in proximity to large high-performance computing (HPC) or cloud computing resources, but the primary workflow for data users consists of transferring data, and applying computations on a different system. As a part of the ESGF 2.0 US project (funded by the United States Department of Energy Office of Science), we developed pre-defined data workflows, which can be run on-demand, capable of applying many data reduction and data analysis to the large ESGF data archives, transferring only the resultant analysis (ex. visualizations, smaller data files). In this talk, we will showcase a few of these workflows, highlighting how Globus Flows can be used for petabyte-scale climate analysis.
Globus Compute wth IRI Workflows - GlobusWorld 2024Globus
As part of the DOE Integrated Research Infrastructure (IRI) program, NERSC at Lawrence Berkeley National Lab and ALCF at Argonne National Lab are working closely with General Atomics on accelerating the computing requirements of the DIII-D experiment. As part of the work the team is investigating ways to speedup the time to solution for many different parts of the DIII-D workflow including how they run jobs on HPC systems. One of these routes is looking at Globus Compute as a way to replace the current method for managing tasks and we describe a brief proof of concept showing how Globus Compute could help to schedule jobs and be a tool to connect compute at different facilities.
4. AddressSanitizer overview
● Finds
○ buffer overflows (stack, heap, globals)
○ heap-use-after-free, stack-use-after-return
○ some more
● Compiler module (clang, gcc)
○ instruments all loads/stores
○ inserts redzones around stack and global variables
● Run-time library
○ malloc replacement (redzones, quarantine)
○ Bookkeeping for error messages
5. int main(int argc, char **argv) {
int stack_array[100];
stack_array[1] = 0;
return stack_array[argc + 100]; // BOOM
}
% clang++ -O1 -fsanitize=address a.cc; ./a.out
ERROR: AddressSanitizer stack-buffer-overflow
READ of size 4 at 0x7f5620d981b4 thread T0
#0 0x4024e8 in main a.cc:4
Address 0x7f5620d981b4 is located at offset 436 in frame
<main> of T0's stack:
This frame has 1 object(s):
[32, 432) 'stack_array'
ASan report example: stack-buffer-overflow
6. int main(int argc, char **argv) {
int *array = new int[100];
int res = array[argc + 100]; // BOOM
delete [] array;
return res;
}
% clang++ -O1 -fsanitize=address a.cc; ./a.out
ERROR: AddressSanitizer heap-buffer-overflow
READ of size 4 at 0x7fe4b0c76214 thread T0
#0 0x40246f in main a.cc:3
0x7fe4b0c76214 is located 4 bytes to the right of 400-
byte region [0x7fe..., 0x7fe...)
allocated by thread T0 here:
#0 0x402c36 in operator new[](unsigned long)
#1 0x402422 in main a.cc:2
ASan report example: heap-buffer-overflow
7. ASan report example: use-after-free
int main(int argc, char **argv) {
int *array = new int[100];
delete [] array;
return array[argc]; // BOOM
}
% clang++ -O1 -fsanitize=address a.cc && ./a.out
ERROR: AddressSanitizer heap-use-after-free
READ of size 4 at 0x7faa07fce084 thread T0
#0 0x40433c in main a.cc:4
0x7faa07fce084 is located 4 bytes inside of 400-byte region
freed by thread T0 here:
#0 0x4058fd in operator delete[](void*) _asan_rtl_
#1 0x404303 in main a.cc:3
previously allocated by thread T0 here:
#0 0x405579 in operator new[](unsigned long) _asan_rtl_
#1 0x4042f3 in main a.cc:2
8. Any aligned 8 bytes may have 9 states:
N good bytes and 8 - N bad (0<=N<=8)
0
7
6
5
4
3
2
1
-1
Good byte
Bad byte
Shadow value
ASan shadow byte
9. ASan virtual address space
0xffffffff
0x20000000
0x1fffffff
0x04000000
0x03ffffff
0x00000000
Application
Shadow
mprotect-ed
Shadow = Addr >> 3
11. ASan instrumentation: N-byte access (1, 2, 4)
char *shadow = a >> 3;
if (*shadow &&
*shadow <= ((a&7)+N-1))
ReportError(a);
*a = ...
*a = ...
12. Instrumentation example (x86_64)
mov %rdi,%rax
shr $0x3,%rax # shift by 3
cmpb $0x0,(%rax) # load shadow
je 1f <foo+0x1f>
ud2a # generate SIGILL*
movq $0x1234,(%rdi) # original store
* May use call instead of UD2
16. Malloc replacement
● Insert redzones around every allocation
○ poison redzones on malloc
● Delay the reuse of freed memory
○ poison entire memory region on free
● Collect stack traces for every malloc/free
17. ● 2x slowdown (Valgrind: 20x and more)
● 1.5x-3x memory overhead
● 3000+ bugs found in Chrome in 3 years
● 3000+ bugs found in Google server software
● 1000+ bugs everywhere else
○ Firefox, FreeType, FFmpeg, WebRTC, libjpeg-turbo,
Perl, Vim, LLVM, GCC, MySQL
ASan marketing slide
19. What is a data race?
A data race happens when two threads access
the same variable concurrently, and at least
one of the accesses is a write.
This is undefined behavior in C and C++.
20. ThreadSanitizer
● Compile-time instrumentation (clang, gcc)
○ Intercepts all reads/writes
○ Function entry/exit
○ Atomic operations
● Run-time library
○ Malloc replacement
○ Intercepts all synchronization and thread mgmt
○ Handles reads/writes
21. TSan report example: data race
void Thread1() { Global = 42; }
int main() {
pthread_create(&t, 0, Thread1, 0);
Global = 43;
...
% clang -fsanitize=thread -g a.c && ./a.out
WARNING: ThreadSanitizer: data race (pid=20373)
Write of size 4 at 0x7f... by thread 1:
#0 Thread1 a.c:1
Previous write of size 4 at 0x7f... by main thread:
#0 main a.c:4
Thread 1 (tid=20374, running) created at:
#0 pthread_create ??:0
#1 main a.c:3
25. Shadow cell
An 8-byte shadow cell represents one memory
access:
○ ~16 bits: TID (thread ID)
○ ~42 bits: Epoch (scalar clock)
○ 5 bits: position/size in 8-byte word
○ 1 bit: IsWrite
Full information (no more dereferences)
TID
Epo
Pos
IsW
26. 4 shadow cells per 8 app. bytes
TID
Epo
Pos
IsW
TID
Epo
Pos
IsW
TID
Epo
Pos
IsW
TID
Epo
Pos
IsW
31. Fast happens-before
Previous access by T1 at TS1 (from shadow).
Current access by T3.
T3->vclock[T1] > TS1 -> no race
T3->vclock[T1] < TS1 -> RACE
Constant-time operation: 1 local load + 1
comparison.
32. Stack trace for previous access
● Important to understand the report
● Per-thread cyclic buffer of events
○ 64 bits per event (type + PC)
○ Events: memory access, function entry/exit
○ Information will be lost after some time
○ Buffer size is configurable
● Replay the event buffer on report
○ Unlimited number of frames
34. Trophies
● 3000+ races in Google server-side C++ code
○ Scales to huge apps
● 500+ races in Go code
○ 60+ bugs in Go stdlib
● 200+ races in Chromium
1000+ races everywhere: Firefox, WebRTC,
OpenSSL, libgomp, llvm, gcc,
35. Key advantages
● Speed
○ > 10+x faster than other tools
● Native support for atomics
○ Hard or impossible to implement with binary
translation (Helgrind, Intel Inspector)
37. MSan report example: UMR
int main(int argc, char **argv) {
int x[10];
x[0] = 1;
if (x[argc]) return 1;
...
% clang -fsanitize=memory -fPIE -pie a.c -g; ./a.out
WARNING: MemorySanitizer: UMR (uninitialized-memory-read)
#0 0x7ff6b05d9ca7 in main stack_umr.c:4
ORIGIN: stack allocation: x@main
38. Shadow memory
● Bit to bit shadow mapping
○ 1 means 'poisoned' (uninitialized)
● Uninitialized memory:
○ Returned by malloc
○ Local stack objects
● Initialized memory:
○ Constants
○ Executable and modules (.text, .data, .bss)
○ IO/Syscalls (read)
39. Shadow propagation
Reporting every load of uninitialized data is too noisy.
struct {
char x;
// 3-byte padding
int y;
}
It's OK to copy uninitialized data around.
Uninit calculations are OK, too, as long as the result is not
used. Programs do it. A lot!
40. Shadow propagation
A = B << C: A' = B' << C
A = B & C: A' = (B' & C') | (B & C') | (B' & C)
A = B + C: A' = B' | C' (approx.)
Report errors only on some uses: conditional
branch, dereference, syscall argument (visible
side-effect).
41. Tracking origins
Secondary shadow
○ Origin-ID is 4 bytes, 1:1 mapping
○ 1.5x additional slowdown
Remember origin on malloc/local allocation.
Propagate origin along with uninit value.
42. Tracking origins
WARNING: MemorySanitizer: use-of-uninitialized-value
#0 0x7fa14df37e1d in main test.c:19:10
Uninitialized value was stored to memory at
#0 0x7fa14df37a57 in pop() test.c:8:3
#1 0x7fa14df37dd5 in main test.c:19:10
Uninitialized value was stored to memory at
#0 0x7fa14df37733 in shift() test.c:2:16
#1 0x7fa14df37dbb in main test.c:18:3
Uninitialized value was stored to memory at
#0 0x7fa14df3793f in push(int*) test.c:5:3
#1 0x7fa14df37b2f in func1() test.c:14:3
#2 0x7fa14df37db6 in main test.c:17:3
Uninitialized value was created by an allocation of
’local_var’ in the stack frame of function ’func1’
#0 0x7fa14df37ad0 in func1() test.c:12
48. Faster
● Use hardware features
○ Or even create them (!)
● Static analysis: eliminate redundant checks
○ Many attempts were made; not trivial!
○ How to test it??
49. More bugs
● Instrument assembler & binaries
○ SyzyASAN: instruments binaries statically, Win32
● Instrument JIT-ed code & JIT’s heap
● More types of bugs
○ Intra-object overflows
○ Annotations in STL, e.g. std::vector<>
● Other languages (e.g. races in Java)
52. ● AddressSanitizer (memory corruption)
○ Linux, FreeBSD, OSX, CrOS, Android, iOS
○ i386, x86_64, ARM, PowerPC
○ WIP: Windows, *BSD (?)
○ Clang 3.1+ and GCC 4.8+
● ThreadSanitizer (data races)
○ A "must use" if you have threads (C++, Go)
○ Only x86_64 Linux/FreeBSD; Clang 3.2+ and GCC
4.8+
● MemorySanitizer (uses of uninitialized data)
○ Only x86_64 Linux; Clang 3.3
○ WIP: MIPS64, FreeBSD
Supported platforms
53. ASan/MSan vs Valgrind (Memcheck)
Valgrind ASan MSan
Heap out-of-bounds YES YES NO
Stack out-of-bounds NO YES NO
Global out-of-bounds NO YES NO
Use-after-free YES YES NO
Use-after-return NO Sometimes NO
Uninitialized reads YES NO YES
CPU Overhead 10x-300x 1.5x-3x 3x
54. ● Slowdowns will add up
○ Bad for interactive or network apps
● Memory overheads will multiply
○ ASan redzone vs TSan/MSan large shadow
● Not trivial to implement
Why not a single tool?