Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Suppress MSAN false positives from uninstrumented 3rd-party libraries? #1817

Open
carlosgalvezp opened this issue Nov 15, 2024 · 1 comment

Comments

@carlosgalvezp
Copy link

I understand that in order to use MSAN, the entire application (including dependencies) must be compiled with instrumentation, otherwise we get false positives.

Often times, this is not possible, and as such it creates a really high bar to be able to use MSAN in a real-world project. For example, the only reason we can't dump Valgrind just yet is we can't use MSAN.

Would it be possible instead to just be able to suppress those warnings in external libraries? I tried playing a bit with the -fsanitize-ignorelist option but I still got warnings even if I suppressed everything (maybe I used that incorrectly).

Thanks!

@carlosgalvezp carlosgalvezp changed the title Suppress false positives from uninstrumented 3rd-party libraries? Suppress MSAN false positives from uninstrumented 3rd-party libraries? Nov 15, 2024
@vitalybuka
Copy link
Contributor

You can suppress this way only issues in instrumented code.
It does not help with prebuild libs.

you can try to unpoison all data you get from the 3rd party lib with https://github.com/google/sanitizers/wiki/memorysanitizer#interface

But it still may fail if the lib calls into some LIBC functions.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

2 participants