Skip to content

Revert "[msan] Detect dereferencing zero-alloc as use-of-uninitialized-value" #156148

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

Revert "[msan] Detect dereferencing zero-alloc as use-of-uninitialized-value" #156148

wants to merge 1 commit into from
+4 −6

Conversation

thurstond
Copy link
Contributor

Reverts #155944

Per post-commit discussion in #155944 (comment), this is detecting OOB access, which is not in scope for MSan. To be logically consistent with how MSan does not try to handle OOB in other cases, this patch reverts the MSan change. Dereferencing zero-alloc can be detected with ASan instead (as of #155943).

@thurstond thurstond requested review from fmayer and vitalybuka August 30, 2025 07:06
@llvmbot
Copy link
Member

llvmbot commented Aug 30, 2025

@llvm/pr-subscribers-compiler-rt-sanitizer

Author: Thurston Dang (thurstond)

Changes

Reverts llvm/llvm-project#155944

Per post-commit discussion in #155944 (comment), this is detecting OOB access, which is not in scope for MSan. To be logically consistent with how MSan does not try to handle OOB in other cases, this patch reverts the MSan change. Dereferencing zero-alloc can be detected with ASan instead (as of #155943).

Full diff: https://github.com/llvm/llvm-project/pull/156148.diff

2 Files Affected:

  • (modified) compiler-rt/lib/msan/msan_allocator.cpp (-6)
  • (modified) compiler-rt/test/msan/zero_alloc.cpp (+4)
diff --git a/compiler-rt/lib/msan/msan_allocator.cpp b/compiler-rt/lib/msan/msan_allocator.cpp
index 64df863839c06..2b543db49d36e 100644
--- a/compiler-rt/lib/msan/msan_allocator.cpp
+++ b/compiler-rt/lib/msan/msan_allocator.cpp
@@ -230,12 +230,6 @@ static void *MsanAllocate(BufferedStackTrace *stack, uptr size, uptr alignment,
       __msan_set_origin(allocated, size, o.raw_id());
     }
   }
-
-  uptr actually_allocated_size = allocator.GetActuallyAllocatedSize(allocated);
-  // For compatibility, the allocator converted 0-sized allocations into 1 byte
-  if (size == 0 && actually_allocated_size > 0 && flags()->poison_in_malloc)
-    __msan_poison(allocated, 1);
-
   UnpoisonParam(2);
   RunMallocHooks(allocated, size);
   return allocated;
diff --git a/compiler-rt/test/msan/zero_alloc.cpp b/compiler-rt/test/msan/zero_alloc.cpp
index 6e38ce4c0a8f8..e60051872eba2 100644
--- a/compiler-rt/test/msan/zero_alloc.cpp
+++ b/compiler-rt/test/msan/zero_alloc.cpp
@@ -1,5 +1,9 @@
 // RUN: %clang_msan -Wno-alloc-size -fsanitize-recover=memory %s -o %t && not %run %t 2>&1 | FileCheck %s
 
+// MSan doesn't catch this because internally it translates 0-byte allocations
+// into 1-byte
+// XFAIL: *
+
 #include <malloc.h>
 #include <stdio.h>

@thurstond thurstond mentioned this pull request Aug 30, 2025
Merged
@vitalybuka
Copy link
Collaborator

Reverts #155944

Per post-commit discussion in #155944 (comment), this is detecting OOB access, which is not in scope for MSan. To be logically consistent with how MSan does not try to handle OOB in other cases, this patch reverts the MSan change. Dereferencing zero-alloc can be detected with ASan instead (as of #155943).

I am asking to make more general.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@fmayer fmayer Awaiting requested review from fmayer

@vitalybuka vitalybuka Awaiting requested review from vitalybuka

Assignees
No one assigned
Labels
compiler-rt:msan Memory sanitizer compiler-rt:sanitizer compiler-rt
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@thurstond @llvmbot @vitalybuka