-
Notifications
You must be signed in to change notification settings - Fork 10
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Make Memory Sanitizer actually usable #21
Comments
Even in C using msan is very difficult, since it requires you to have every single library compiled using it, this would include both libstd and libc, as well as any C libraries a project uses. It's not like ASAN/UBSAN where it's possible to have only some of a project compiled with it. So while I agree we should make it as easy as possible, it'll probably never be as easy as ASAN. |
The hub for work on LLVM sanitizers in Rust is https://github.com/japaric/rust-san |
If someone can concoct an alternative to Memory Sanitizer that does not require all of the code to be instrumented and merely requires Rust code to be, that would be great too. Perhaps Rust's custom allocator API can enable such use cases. |
MSAN is now usable on Nightly with If C code is being linked into the binary, you will also need to pass some C compiler flags: rust-lang/rust#39610 (comment) MSAN in Rust could really use a tutorial and I fear rust-lang/rust#53945 still requires workarounds, but other than that we should be good to go. |
I've opened rust-fuzz/cargo-fuzz#233 to make |
Idea that I don't know why it just occurred to me: Make it a build time error to link a vanilla libstd with an MSAN project. This should dramatically reduce the volume of false positives people hit (and then file bugs with, to the frustration and confusion of maintainers). I cannot imagine any circumstance where vanilla libstd linked to an MSAN project would be desirable or useful. |
Memory Sanitizer, the tool to detect use of uninitialized memory, is ostensibly supported but has no documentation on actually using it. Simply trying to use it like any other sanitizer produces a false positive on startup.
There is currently no reliable alternative, which led people to build fragile custom tooling. Use of uninitialized memory can pose a security vulnerability, so it is important to have a tool that can detect it.
There have been rumors along the lines of "rebuild libstd with memory sanitizer using
xargo
and then you can use it on your binaries", but the exact process is not documented anywhere, andxargo
is not really maintained but has a number of forks.We need to figure out and document the exact process for using Memory Sanitizer, and build the missing tooling for doing so along the way.
The text was updated successfully, but these errors were encountered: