MemorySanitizer: use-of-uninitialized-value in _ssl.txt2obj via OpenSSL's OBJ_txt2obj #140332
Description
Bug report
Bug Description
When CPython is built with MemorySanitizer (MSAN), the build fails during module initialization with a use-of-uninitialized-value error in memcmp during the call to OpenSSL's OBJ_txt2obj() function.
How to Reproduce
Build CPython with MSAN:
CC=clang CXX=clang++ ./configure --disable-optimizations --with-pydebug --with-memory-sanitizer --enable-experimental-jit=yes && make -j$(nproc)The error occurs automatically during the build process when importing modules.
Expected Behavior
The build should complete successfully without memory sanitizer warnings.
Actual Behavior
MemorySanitizer reports:
Uninitialized bytes in MemcmpInterceptorCommon at offset 0 inside [0x701000000032, 8)
==808699==WARNING: MemorySanitizer: use-of-uninitialized-value
#0 memcmp
#1 libcrypto.so.3 (OBJ_bsearch_ex_)
#2 libcrypto.so.3 (OBJ_obj2nid)
#3 libcrypto.so.3 (d2i_ASN1_OBJECT)
#4 libcrypto.so.3 (OBJ_txt2obj)
#5 _ssl_txt2obj_impl /root/cpython/main/./Modules/_ssl.c:6396:11
Build fails with:
make: *** [Makefile:1767: checksharedmods] Error 1
Full stack trace attached in comments.
Environment
- OpenSSL: 3.5.1 (system installation)
Additional Context
- Related to issue ./Programs/_freeze_module fails with MSAN: Uninitialized value was created by an allocation of 'stat.i' #91043 which remains open since 2022
- OpenSSL issue msan: OBJ_txt2obj() fails with: MemorySanitizer: use-of-uninitialized-value openssl/openssl#17784 was closed as fixed
- The issue persists with OpenSSL 3.5.1, suggesting either:
- The OpenSSL fix is incomplete, OR
- System OpenSSL needs to be built with
-fsanitize=memoryfor proper MSAN compatibility
This blocks building CPython with MemorySanitizer enabled.
CPython versions tested on:
CPython main branch
Operating systems tested on:
Linux