Open llvmbot opened 11 years ago
I see that we have an interceptor in sanitizer_common_interceptors.inc, but it's enabled for *BSD only, and it's also incomplete: to work with MSan, the interceptor would need to
This should be pretty straightforward to do.
We've had to disable certain tests due this.
We see the use-of-uninitialized-value issue with fts_read.
Would it be hard to set up a build and contribute an interceptor?
Do we still want this fixed?
Only those that write memory that can be accessed by the caller. Looks like we need to intercept fts_read and fts_children, and unpoison the resulting FTSENT object (list of FTSENT-s in the second case).
do you also mean the other functions in fts.h, like:
FTSENT fts_children (FTS , int); int fts_close (FTS ); FTS fts_open (char const , int, int ()(const FTSENT , const FTSENT )); FTSENT fts_read (FTS ); int fts_set (FTS , FTSENT *, int) __THROW;
?
We miss an interceptor for fts_read.
assigned to @eugenis
I'm seeing this error on Ubuntu 23.10
clang details are
$ clang-17 -v
Ubuntu clang version 17.0.2 (1~exp1ubuntu2.1)
Target: x86_64-pc-linux-gnu
Thread model: posix
InstalledDir: /usr/bin
Found candidate GCC installation: /usr/bin/../lib/gcc/x86_64-linux-gnu/10
Found candidate GCC installation: /usr/bin/../lib/gcc/x86_64-linux-gnu/11
Found candidate GCC installation: /usr/bin/../lib/gcc/x86_64-linux-gnu/12
Found candidate GCC installation: /usr/bin/../lib/gcc/x86_64-linux-gnu/13
Found candidate GCC installation: /usr/bin/../lib/gcc/x86_64-linux-gnu/9
Selected GCC installation: /usr/bin/../lib/gcc/x86_64-linux-gnu/13
Candidate multilib: .;@m64
Selected multilib: .;@m64
Test file is /tmp/fts_read_bug.c
#include <fts.h>
#include <stdio.h>
int main()
{
char * const argv[] = {"/usr/local/include", 0};
FTS *fts;
FTSENT *ent;
fts = fts_open(argv, FTS_LOGICAL, 0);
if (fts == 0)
return -1;
ent = fts_read(fts);
printf("fts_info is %u\n", ent->fts_info);
fts_close(fts);
return 0;
}
Building & running
$ clang-17 /tmp/fts_read_bug.c -g -fsanitize=memory -fno-omit-frame-pointer -o /tmp/f && /tmp/f
==851821==WARNING: MemorySanitizer: use-of-uninitialized-value
#0 0x5592ece7ef05 in main /tmp/fts_read_bug.c:17:5
#1 0x7fc1ff2280cf in __libc_start_call_main csu/../sysdeps/nptl/libc_start_call_main.h:58:16
#2 0x7fc1ff228188 in __libc_start_main csu/../csu/libc-start.c:360:3
#3 0x5592ecdee2c4 in _start (/tmp/f+0x322c4) (BuildId: f312355cb2652b1390b3e71fe955ebbfa0545bca)
SUMMARY: MemorySanitizer: use-of-uninitialized-value /tmp/fts_read_bug.c:17:5 in main
Exiting
Issue is still present with Ubuntu 24.04 + clang 18
$ clang-18 -v
Ubuntu clang version 18.1.3 (1)
Target: x86_64-pc-linux-gnu
Thread model: posix
InstalledDir: /usr/bin
Found candidate GCC installation: /usr/bin/../lib/gcc/x86_64-linux-gnu/13
Found candidate GCC installation: /usr/bin/../lib/gcc/x86_64-linux-gnu/14
Selected GCC installation: /usr/bin/../lib/gcc/x86_64-linux-gnu/14
Candidate multilib: .;@m64
Selected multilib: .;@m64
Extended Description
Hi. I get this problem when executing this code: https://raw.github.com/rheit/zdoom/master/tools/zipdir/zipdir.c compiled with memory sanitizer:
==30138== WARNING: MemorySanitizer: use-of-uninitialized-value
0 0x7fdae305ab93 in add_dirs /home/edward-san/zdoom/trunk/tools/zipdir/zipdir.c:609
Uninitialized value was created by a heap allocation
0 0x7fdae3026a83 in __interceptor_malloc /home/edward-san/srcllvm/projects/compiler-rt/lib/msan/msan_interceptors.cc:836
SUMMARY: MemorySanitizer: use-of-uninitialized-value /home/edward-san/zdoom/trunk/tools/zipdir/zipdir.c:609 add_dirs Exiting
I reduced the code to this:
$ cat fts_read_bug.c
include
int main() { char const argv[] = {"/usr/local/include", 0}; FTS fts; FTSENT *ent;
}
In this case, the message is: ==13273== WARNING: MemorySanitizer: use-of-uninitialized-value
0 0x7f5b6f7899b5 in main /home/edward-san/llvm/fts_read_bug.c:16
Uninitialized value was created by a heap allocation
0 0x7f5b6f758103 in __interceptor_malloc /home/edward-san/srcllvm/projects/compiler-rt/lib/msan/msan_interceptors.cc:836
SUMMARY: MemorySanitizer: use-of-uninitialized-value /home/edward-san/llvm/fts_read_bug.c:16 main Exiting
I have no idea of why it happens.