MSAN blacklist

Hello,

I would like to blacklist some warnings, but everything I tried
so far is ignored.

# cat msan-blacklist.txt
fun:*interceptor_strlen*
fun:*foreach_dirinpath*
fun:foreach_dirinpath
fun:*interceptor_strrchr*
fun:*try_dlopen*
src:*/ltdl.c
src:ltdl.c

So I tried to blacklist all kind of combinations of the failing
functions and also of the related file - without success. It always
fails with the same issue.

Uninitialized bytes in __interceptor_strlen at offset 0 inside
[0x703000035370, 45)
==3968020==WARNING: MemorySanitizer: use-of-uninitialized-value
    #0 0x7f0f587fa099 in foreach_dirinpath
/home/bschubert/src/cci/gerrit/src/libltdl/ltdl.c:699:18
[...]

  Uninitialized value was created by a heap allocation
    #0 0x453ebd in __interceptor_malloc (/tmp/ime-server-bernd.0+0x453ebd)
    #1 0x7f0f568c0f7e in __argz_create_sep (/usr/lib64/libc.so.6+0x90f7e)
    #2 0x7f0f585f7775 in _dl_fixup (/lib64/ld-linux-x86-64.so.2+0xe775)

SUMMARY: MemorySanitizer: use-of-uninitialized-value
/home/bschubert/src/cci/gerrit/src/libltdl/ltdl.c:699:18 in
foreach_dirinpath
Exiting

libcci and the main project I'm working on is compiled liked this

libtool: compile: /opt/llvm-5.0.1/bin/clang -DHAVE_CONFIG_H -I.
-DLTDLOPEN=libltdlc "-DLT_CONFIG_H=<config.h>" -DLTDL -I. -I. -Ilibltdl
-I./libltdl -I./libltdl -ggdb3 -O2 -fsanitize=memory
-fsanitize-memory-track-origins -fsanitize-memory-use-after-dtor
-fsanitize-blacklist=msan-blacklist.txt -MT libltdlc_la-lt_dlloader.lo
-MD -MP -MF .deps/libltdlc_la-lt_dlloader.Tpo -c lt_dlloader.c -fPIC
-DPIC -o .libs/libltdlc_la-lt_dlloader.o

Any ideas?

Thanks,
Bernd

This is a report from an interceptor, it is not affected by blacklist,
unfortunately.
You could try MSAN_OPTIONS=intercept_strlen=0, but it is likely that
something else will pop up instead.
Try figuring out what is the actual reason for the report, i.e. what
code is supposed to initialize this memory. Is it some other library
that can be built with MSan?

A better place for such questions is https://github.com/google/sanitizers/issues

Thanks for your help Evgenii!

This is actually another glibc feature and so internal to glibc (in my
personal opinion, just bloat, but probably not easy to remove nowadays).

This is basically the function
https://code.woboq.org/userspace/glibc/string/argz-ctsep.c.html

So the argz feature (no idea why this has to be in main glibc)

It got a bit late (I shouldn't have tried to compile glibc with llvm), I
will try to overload/LD_PRELOAD argz_create_sep() tomorrow and memset
the allocated memory.
Unfortunately I don't have much control over the user of this function
this is gnu-libtool / libltdl, which is just copied/linked into the
project.

I will also open an issue on github, as this is glibc, so these argz
functions probably should be intersepted by llvm.
I'm not familiar with llvm code at all. Is it
llvm::inferLibFuncAttributes(), which defines intercepted functions?

Thanks,
Bernd

Interceptors are defined here:
  https://github.com/llvm-project/llvm-project-20170507/blob/master/compiler-rt/lib/sanitizer_common/sanitizer_common_interceptors.inc