On Thu, Jun 10, 2021 at 04:48:29PM +0000, Andrzej Hunt via GitGitGadget wrote: > As to the tricky part: MSAN tries to detect reads from uninitialised memory > at runtime. However you need to ensure that all code performing > initialisation is built with the right instrumentation (i.e. > -fsanitize=memory). So you'll immediately run into issues if you link > against libraries provided by your system (with the exception of libc, as > MSAN provides some default interceptors for most of libc). In theory you > should rebuild all dependencies with -fsanitize=memory, although I > discovered that it's sufficient to recompile only zlib + link git against > that copy of zlib (which not a very tricky thing to do). Doing this will > uncover one intentional read from uninitialised memory inside zlib itself. > This can be worked around with an annotation in zlib (which I'm trying to > submit upstream at [1]) - but it's also possible to define an override list > at compile time - I've detailed this in my recipe below). I played with MSAN a while ago, and yeah, the trickiest part is dealing with libraries. I came up with this patch for handling zlib from within Git itself: https://lore.kernel.org/git/20171004101932.pai6wzcv2eohsicr@xxxxxxxxxxxxxxxxxxxxx/ It's entirely possible that it papers over actual bugs (perhaps even the one your first patch is addressing). But I wonder if it's easier to convince people to try the tool if there's an easy way to do it without recompiling dependencies (I also hit issues with pcre and the libc regex; that was a few years ago, though, so I would not be at all surprised if they know intercept the system regex routines, at least). -Peff
