Re: checking against uninitialized memory

Thu, 18 Sep 2025 02:40:35 -0700 

Pádraig Brady wrote:
> Oh right MSAN is required for UMR detection:
> 
>    $ ./configure CC=clang
>    $ make -j8 AM_CFLAGS='-Ulint -fsanitize=memory'
> 
>    $ src/basenc --base32 -d /dev/null  WARNING: MemorySanitizer: 
> use-of-uninitialized-value
>      #0 in decode_ctx_finalize /home/padraig/git/coreutils/src/basenc.c:358:14
>      #1 in do_decode /home/padraig/git/coreutils/src/basenc.c:1559:18
>      #2 in main /home/padraig/git/coreutils/src/basenc.c:1770:5
> 
> MSAN works in this case, but it doesn't look usable in general
> as it requires all used libs to be built with MSAN enabled
> or tracking is lost, resulting in false positives.
> I.e. any calls to gettext, regex, gmp, ... will induce false positives.

I agree:

1) In this program

==================================================
#include <stdio.h>

int main ()
{
  int a;
  double f;
  printf ("a = %d = 0x%x, f = %g\n", a, a, f);
}
==================================================
compiled with
  clang -O0 -fno-omit-frame-pointer -ggdb -fsanitize=memory 
-fno-sanitize-memory-param-retval
MSAN does not report the uninitialized values,
because they are used in libc and libc is built without MSAN.

2) Building GNU gettext with these options, I see a set of
false positives

SUMMARY: MemorySanitizer: use-of-uninitialized-value 
/GETTEXT/gettext/gettext-tools/gnulib-tests/unicase/test-u8-casefold.c:41:7 in 
check
SUMMARY: MemorySanitizer: use-of-uninitialized-value 
/GETTEXT/gettext/gettext-tools/gnulib-tests/uniconv/test-u8-conv-from-enc.c:69:11
 in main
SUMMARY: MemorySanitizer: use-of-uninitialized-value 
/GETTEXT/gettext/gettext-tools/gnulib-tests/uninorm/test-canonical-decomposition.c:38:3
 in main
SUMMARY: MemorySanitizer: use-of-uninitialized-value 
/GETTEXT/gettext/gettext-tools/gnulib-tests/uninorm/test-u8-nfc.c:44:7 in check
SUMMARY: MemorySanitizer: use-of-uninitialized-value 
/GETTEXT/gettext/gettext-tools/gnulib-tests/uninorm/test-u8-nfd.c:44:7 in check
SUMMARY: MemorySanitizer: use-of-uninitialized-value 
/GETTEXT/gettext/gettext-tools/gnulib-tests/unistr/test-chr.h:73:9 in main
SUMMARY: MemorySanitizer: use-of-uninitialized-value 
/GETTEXT/gettext/gettext-tools/gnulib-tests/unistr/test-u16-to-u8.c:38:7 in 
check
SUMMARY: MemorySanitizer: use-of-uninitialized-value 
/GETTEXT/gettext/gettext-tools/gnulib-tests/unistr/test-u32-to-u8.c:38:7 in 
check
SUMMARY: MemorySanitizer: use-of-uninitialized-value 
/GETTEXT/gettext/gettext-tools/gnulib-tests/unistr/test-u8-prev.c:48:13 in check

that go away when I rebuild with option --with-included-libunistring.
That is, they were caused by the boundary between the gettext code
(built with MSAN) and the libunistring code (built without MSAN).

> So for UMR checking with the coreutils test suite,
> coreutils/README-valgrind seems like the best solution currently.

Yes, valgrind is still the tool of choice for this purpose.

Bruno

Reply via email to