MemorySanitizer: fast detector of uninitialized memory use in C++

Konstantin Serebryany
Proceedings of the 2015 IEEE/ACM International Symposium on Code Generation and Optimization (CGO), CGO 2015, San Francisco, CA, USA, pp. 46-55
Google Scholar

Abstract

This paper presents MemorySanitizer, a dynamic tool that detects uses of uninitialized memory in C and C++. The tool is based on compile time instrumentation and relies on bit-precise shadow memory at run-time. Shadow propagation technique is used to avoid false positive reports on copying of uninitialized memory.

MemorySanitizer finds bugs at a modest cost of 2.5x in
execution time and 2x in memory usage; the tool has an optional origin tracking mode that provides better reports with moderate extra overhead. The reports with origins are more detailed compared to reports from other similar tools; such reports contain names of local variables and the entire history of the uninitialized memory including intermediate stores. In this paper we share our experience in deploying the tool at a large scale and demonstrate the benefits of compile time instrumentation over dynamic binary instrumentation.

Research Areas