On Thu, Jul 17, 2025 at 06:09:29PM -0400, Jeff King wrote:
> Probably:
>
> diff --git a/wrapper.c b/wrapper.c
> index 2f00d2ac87..6a4c1c1c29 100644
> --- a/wrapper.c
> +++ b/wrapper.c
> @@ -482,6 +482,8 @@ int git_mkstemps_mode(char *pattern, int suffix_len, int mode)
> if (csprng_bytes(&v, sizeof(v), 0) < 0)
> return error_errno("unable to get random bytes for temporary file");
>
> + msan_unpoison(&v, sizeof(v));
> +
> /* Fill in the random bits. */
> for (i = 0; i < num_x; i++) {
> filename_template[i] = letters[v % num_letters];
>
>
> on top of that would fix the problem you guys are seeing. I don't know
> if that path leads to insanity, though. Using MSan-enabled libraries is
> probably a better direction (should increase accuracy, and we don't have
> to carry these manual annotations around).
Hmm, probably insanity. Just for fun I tried to run the whole suite, but
got this doozy:
Uninitialized bytes in fopen64 at offset 0 inside [0x7020000109c0, 25)
==2568195==WARNING: MemorySanitizer: use-of-uninitialized-value
#0 0x7f90fe14fa46 in BIO_new_file (/lib/x86_64-linux-gnu/libcrypto.so.3+0x14fa46) (BuildId: 07a8321bad67632b52b47ad026125c79b7ebaab4)
#1 0x7f90fe1a659c (/lib/x86_64-linux-gnu/libcrypto.so.3+0x1a659c) (BuildId: 07a8321bad67632b52b47ad026125c79b7ebaab4)
#2 0x7f90fe1a8453 in CONF_modules_load_file_ex (/lib/x86_64-linux-gnu/libcrypto.so.3+0x1a8453) (BuildId: 07a8321bad67632b52b47ad026125c79b7ebaab4)
#3 0x7f90fe1a8807 (/lib/x86_64-linux-gnu/libcrypto.so.3+0x1a8807) (BuildId: 07a8321bad67632b52b47ad026125c79b7ebaab4)
#4 0x7f90fe27274e (/lib/x86_64-linux-gnu/libcrypto.so.3+0x27274e) (BuildId: 07a8321bad67632b52b47ad026125c79b7ebaab4)
#5 0x7f90fea01bc6 in __pthread_once_slow nptl/pthread_once.c:116:7
#6 0x7f90fea01c38 in __pthread_once nptl/pthread_once.c:143:12
#7 0x7f90fe287f3c in CRYPTO_THREAD_run_once (/lib/x86_64-linux-gnu/libcrypto.so.3+0x287f3c) (BuildId: 07a8321bad67632b52b47ad026125c79b7ebaab4)
#8 0x7f90fe272fd9 in OPENSSL_init_crypto (/lib/x86_64-linux-gnu/libcrypto.so.3+0x272fd9) (BuildId: 07a8321bad67632b52b47ad026125c79b7ebaab4)
#9 0x7f90fe78a6d7 in OPENSSL_init_ssl (/lib/x86_64-linux-gnu/libssl.so.3+0x396d7) (BuildId: a0d77cb273378dec1d74a115ac1c9e40306e675d)
#10 0x7f90fee2a503 (/lib/x86_64-linux-gnu/libcurl.so.4+0x9e503) (BuildId: 61ee7a8d1799c0e6c38a99b4d739e0c90391a05f)
#11 0x7f90fedc2e42 (/lib/x86_64-linux-gnu/libcurl.so.4+0x36e42) (BuildId: 61ee7a8d1799c0e6c38a99b4d739e0c90391a05f)
#12 0x7f90fedc33c9 in curl_global_init (/lib/x86_64-linux-gnu/libcurl.so.4+0x373c9) (BuildId: 61ee7a8d1799c0e6c38a99b4d739e0c90391a05f)
#13 0x55fbbe211623 in http_init http.c:1347:6
#14 0x55fbbe1f5b98 in cmd_main remote-curl.c:1583:2
#15 0x55fbbe244571 in main common-main.c:9:11
#16 0x7f90fe993ca7 in __libc_start_call_main csu/../sysdeps/nptl/libc_start_call_main.h:58:16
#17 0x7f90fe993d64 in __libc_start_main csu/../csu/libc-start.c:360:3
#18 0x55fbbe15bb60 in _start (git-remote-http+0x43b60) (BuildId: dfc63b9261f6d575776d30b4e048b235389a7b20)
SUMMARY: MemorySanitizer: use-of-uninitialized-value (/lib/x86_64-linux-gnu/libcrypto.so.3+0x14fa46) (BuildId: 07a8321bad67632b52b47ad026125c79b7ebaab4) in BIO_new_file
So MSan complaining about stuff deep within curl/openssl, and AFAICT not
something we could influence or annotate as OK.
-Peff
