SANRAZOR - Reducing Redundant Sanitizer Checks in C-C++ Programs

Explore a 14-minute conference talk from USENIX OSDI '21 that introduces SANRAZOR, an innovative tool designed to reduce redundant sanitizer checks in C/C++ programs. Learn about the challenges of high runtime costs associated with sanitizers and how SANRAZOR's hybrid approach, combining dynamic code coverage and static data dependencies, effectively detects and removes unnecessary checks. Discover the significant performance improvements achieved by SANRAZOR, reducing AddressSanitizer overhead from 73.8% to 28.0–62.0% and UndefinedBehaviorSanitizer overhead from 160.1% to 36.6–124.4%. Gain insights into the tool's effectiveness in detecting vulnerabilities and its potential for synergistic integration with existing sanitizer reduction tools, ultimately enhancing the efficiency of software debugging and vulnerability discovery processes.

Intro
C/C++ programs are unsafe
Sanitizers are designed to detect software bugs/vulnerabilities
However, sanitizers have high runtime overhead
Prior approaches
Our novel design
Design: overall workflow
Design: check identification
Design: dynamic pattern capturing
Design: static pattern capturing
Design: sanitizer check reduction
Design and implementation
Evaluation cost study
Evaluation: vulnerability detectability study
Application scenario
Summary