Potential Bug: Use-of-Uninitialized-Value
Opened this issue · 1 comments
khagankhan commented
Describe the bug
wasmer may contain use of uninitialized value: sanitizer warns during building process.
wasmer -vV; rustc -vV
wasmer version or commit: (Trying to build last version of `wasmer`. Last commit: [5aba707])
Operating system: Linux
Kernel version: 5.15.0-56-generic
Architecture: x86_64
------------------------
rustc -vV:
rustc 1.78.0-nightly (a84bb95a1 2024-02-13)
binary: rustc
commit-hash: a84bb95a1f65bfe25038f188763a18e096a86ab2
commit-date: 2024-02-13
host: x86_64-unknown-linux-gnu
release: 1.78.0-nightly
LLVM version: 18.1.0
Steps to reproduce
Build wasmer with necessary flags:
git clone https://github.com/wasmerio/wasmer.git
cd wasmer
export CC=clang-17
export CXX=clang++-17
export CFLAGS="-fsanitize=memory"
export CXXFLAGS="-fsanitize=memory"
export RUSTFLAGS='-Zsanitizer=memory -Zsanitizer-memory-track-origins'
export RUSTDOCFLAGS='-Zsanitizer=memory -Zsanitizer-memory-track-origins'
make build-wasmer
Expected behavior
Wasmer should be built without encountering uninitialized memory use issues, ensuring all memory operations are safely handled.
For example, with the same procedure of building wasmi is successfully and run the WebAssembly modules.
Actual behavior
Sanitizer gives an error and AFL++ marks this as a crash.
error: failed to run custom build command for `serde v1.0.193`
Caused by:
process didn't exit successfully: `/users/khan22/wasmoi/differential_testing/wasmer-wasmtime-wasmi/harness/wasmer/target/release/build/serde-033bd664dadcc0e3/build-script-build` (exit status: 1)
--- stdout
cargo:rerun-if-changed=build.rs
--- stderr
==137762==WARNING: MemorySanitizer: use-of-uninitialized-value
#0 0x561234274088 in build_script_build::rustc_minor_version::h21f07d22179264bc build_script_build.c42c43d9103e7db7-cgu.0
#1 0x561234272907 in build_script_build::main::he6eef1966de056f4 build_script_build.c42c43d9103e7db7-cgu.0
#2 0x56123425aedb in core::ops::function::FnOnce::call_once::h647f1ef364f5b35c build_script_build.c42c43d9103e7db7-cgu.0
#3 0x561234257975 in std::sys_common::backtrace::__rust_begin_short_backtrace::he96532e6744860b9 build_script_build.c42c43d9103e7db7-cgu.0
#4 0x56123425a0d4 in std::rt::lang_start::_$u7b$$u7b$closure$u7d$$u7d$::h9f67b8c7123ace08 build_script_build.c42c43d9103e7db7-cgu.0
#5 0x56123428efb2 in std::rt::lang_start_internal::h8c0e5120d4bd787e (/users/khan22/wasmoi/differential_testing/wasmer-wasmtime-wasmi/harness/wasmer/target/release/build/serde-033bd664dadcc0e3/build-script-build+0xb6fb2) (BuildId: 8a5a586196379dfcf0f914a027c39e85fedc1231)
#6 0x561234259fcb in std::rt::lang_start::h7ed09d57c3ba178f (/users/khan22/wasmoi/differential_testing/wasmer-wasmtime-wasmi/harness/wasmer/target/release/build/serde-033bd664dadcc0e3/build-script-build+0x81fcb) (BuildId: 8a5a586196379dfcf0f914a027c39e85fedc1231)
#7 0x5612342756cb in main (/users/khan22/wasmoi/differential_testing/wasmer-wasmtime-wasmi/harness/wasmer/target/release/build/serde-033bd664dadcc0e3/build-script-build+0x9d6cb) (BuildId: 8a5a586196379dfcf0f914a027c39e85fedc1231)
#8 0x7fd15e256d8f in __libc_start_call_main csu/../sysdeps/nptl/libc_start_call_main.h:58:16
#9 0x7fd15e256e3f in __libc_start_main csu/../csu/libc-start.c:392:3
#10 0x5612341e8824 in _start (/users/khan22/wasmoi/differential_testing/wasmer-wasmtime-wasmi/harness/wasmer/target/release/build/serde-033bd664dadcc0e3/build-script-build+0x10824) (BuildId: 8a5a586196379dfcf0f914a027c39e85fedc1231)
Uninitialized value was created by an allocation of '_2' in the stack frame
#0 0x561234273f76 in build_script_build::rustc_minor_version::h21f07d22179264bc build_script_build.c42c43d9103e7db7-cgu.0
SUMMARY: MemorySanitizer: use-of-uninitialized-value build_script_build.c42c43d9103e7db7-cgu.0 in build_script_build::rustc_minor_version::h21f07d22179264bc
Exiting
Additional context
The issue is a byproduct of fuzzing WASM implementations with a combination of AFL++ and Wasmlike, an Xsmith-based random program generator . Xsmith Project