http://llvm.org/devmtg/2019-10/
—
GWP-ASan: Zero-Cost Detection of MEmory Safety Bugs in Production - Matt Morehouse
Slides:
—
GWP-ASan is a negligible-overhead sampling-based utility for finding heap-use-after-frees and heap-buffer-overflows in production. It combines the capabilities of the Electric Fence Malloc Debugger with the power of sampling to provide probabilistic bug detection with arbitrarily low CPU and RAM overhead. This low overhead allows GWP-ASan to be widely deployed in production, where it finds bugs that have evaded all other forms of testing, including fuzz testing with sanitizers.
—
Videos Filmed & Edited by Bash Films: http://www.BashFilms.com