One thing this explains is why ASan has false negatives. It's a great tool, but the typical comment that it fully mitigates memory safety issues is just not true (even assuming your tests actually trigger the memory safety bugs, which unlike eg code coverage there's no knowing if you achieved or not)

This is great! I found these videos helpful, too: https://youtu.be/Tl1uZ7FBwFQ

Does anyone know of a good explanation of HWAddress Sanitizer internals?

Who sanitizes the sanitizer? One of the most hilarious bugs I've previously seen is when someone found a memory out-of-bound access inside the run time support library of Asan.

"For this article, you’ll need the following knowledge:

Basic C understanding (Memory, Stack, Heap, Syscall)."

Obviously, since C doesn't prescribe any kind of heap, stack or syscall behavior (or if they even exist), I assume the author meant something like "Basic understanding of how C is often implemented on certain operating systems and hardware".

sanitizers are a constant source of pain