Software Archive
Read-only legacy content
17061 Discussions

where to warn about uninitialized data

kcc
Beginner
‎10-06-2009 02:36 AM
1,231 Views
Hello,
I just tried the memory error detector on the following test:
int main() {
char *foo = (char*)malloc(100);
char *bar = (char*)malloc(100);
memcpy(bar, foo, 100);
free(bar);
free(foo);
return 0;
}

The tool complains about uninitialized use inside memcpy().
So, this tool issues a warning when there is any read of uninitialized data.
Valgrind/Memcheck behaves differently: it only warns if the uninitialized data was used to generate a side effect (e.g. a branch depends on the uninitialized data).

Is there a way to make the intel memory checker behave like valgrind/memcheck?
The current behavior makes the tool useless due to a large number of false positives.

Thanks!
--kcc


0 Kudos

Link Copied

12 Replies
Vladimir_T_Intel
Moderator
‎10-06-2009 03:01 AM
1,231 Views
Quoting - kcc
Hello,
I just tried the memory error detector on the following test:
int main() {
char *foo = (char*)malloc(100);
char *bar = (char*)malloc(100);
memcpy(bar, foo, 100);
free(bar);
free(foo);
return 0;
}

The tool complains about uninitialized use inside memcpy().
So, this tool issues a warning when there is any read of uninitialized data.
Valgrind/Memcheck behaves differently: it only warns if the uninitialized data was used to generate a side effect (e.g. a branch depends on the uninitialized data).

Is there a way to make the intel memory checker behave like valgrind/memcheck?
The current behavior makes the tool useless due to a large number of false positives.

Thanks!
--kcc



Hi,

Thanks for your test case.

Inspector does not generate the error until the highest mi4 level is used for analysis. We believe we should report such cases right away at least on the highest level. On the intermediate levels the problem is reported if the uninitialized data affect correctness.

If you do not want to see such error reports on the mi4 level, use suppressions. In the Details view of the results, select 'Read' observation for this problem, mouse right-click, and choose 'Supress...' in the context menu. In the private suppression dialog create a filter with 'Uninitialized memory access' problem and 'Read' and/or 'Allocation site' description. For all other columns (module, function, etc.) set * (all).

Next time before launching analysis in the analysis type selection dialog choose 'Private Suppressions: Delete problems' in the drop-down menu. The error will not appear after analysis is completed.

0 Kudos
Copy link
kcc
Beginner
‎10-06-2009 03:09 AM
1,231 Views
But on mi3 I don't see a report where I would expect to have it:
int main() {
char *foo = (char*)malloc(100);
char *bar = (char*)malloc(100);
memcpy(bar, foo, 100);
printf("%cn", bar[100]); // <<< added this line
free(bar);
free(foo);
return 0;
}


0 Kudos
Copy link
Vladimir_T_Intel
Moderator
‎10-06-2009 03:24 AM
1,231 Views
Quoting - kcc
But on mi3 I don't see a report where I would expect to have it:
int main() {
char *foo = (char*)malloc(100);
char *bar = (char*)malloc(100);
memcpy(bar, foo, 100);
printf("%cn", bar[100]); // <<< added this line
free(bar);
free(foo);
return 0;
}


Kostya,

I'm using Intel Parallel Inspector v.1.0 Update1 and I see the error report ;)
Which version you were using?
0 Kudos
Copy link
kcc
Beginner
‎10-06-2009 03:39 AM
1,231 Views
We use "Product version: 9.0.0.55494", downloaded few weeks ago.

0 Kudos
Copy link
Vladimir_T_Intel
Moderator
‎10-06-2009 05:47 AM
1,231 Views
Quoting - kcc
We use "Product version: 9.0.0.55494", downloaded few weeks ago.

This is not the Update1 build. Inspector 1.0 Update1 starts from 63628. Please, try the latest version form IRC.

0 Kudos
Copy link
kcc
Beginner
‎10-07-2009 03:45 AM
1,231 Views

This is not the Update1 build. Inspector 1.0 Update1 starts from 63628. Please, try the latest version form IRC.


The code should be this:

#include
#include
#include

int main() {
char *foo = (char*)malloc(100);
//printf("%cn", foo[10]);
char *bar = (char*)malloc(100);
memcpy(bar, foo, 100);
printf("zzz%cn", bar[10]);
free(bar);
free(foo);
return 0;
}

mi3 is silent, mi4 reports a warning inside memcpy(). Bad.


0 Kudos
Copy link
Vladimir_T_Intel
Moderator
‎10-07-2009 03:51 AM
1,231 Views
Yes,
printf("%cn", bar[100]); // <<< added this line

is a separate bug - Invalid memory access. And it will be reported on each level mi2-mi4

Quoting - kcc
mi3 is silent, mi4 reports a warning inside memcpy(). Bad.

This is the intention to report error (not warning) on the level mi4. You can suppress them easily. What exactly is bad?

0 Kudos
Copy link
kcc
Beginner
‎10-07-2009 04:02 AM
1,231 Views
This is the intention to report error (not warning) on the level mi4. You can suppress them easily. What exactly is bad?


Valgrind/memcheck reports UMR errors only on real use, no when the memory is copied around.
I believe this is the only right way.
A program may have structures with uninted parts due to alignment or bitfields.
For all such cases the inspector will issue false reports which will need to be suppressed.
Suppressing false reports is time consuming (even if partially automated) and easily leads to missing real bugs.

So, the question remains: is it possible to implement a switch such that the inspector will behave like memcheck?

0 Kudos
Copy link
Vladimir_T_Intel
Moderator
‎10-07-2009 05:20 AM
1,231 Views
Quoting - kcc

Valgrind/memcheck reports UMR errors only on real use, no when the memory is copied around.
I believe this is the only right way.
A program may have structures with uninted parts due to alignment or bitfields.
For all such cases the inspector will issue false reports which will need to be suppressed.
Suppressing false reports is time consuming (even if partially automated) and easily leads to missing real bugs.

So, the question remains: is it possible to implement a switch such that the inspector will behave like memcheck?


Let's summarize:

1. Suppression approach is time consuming - as I explained earlier it can be configured in a minute and reused in any further analysis.

2. Suppression easily leads to missing real bugs -we need a real example to prove that. If this is the case, we might change the approach.

3. Implementing a switch such that the inspector will behave like Valgrind/memcheck - at the moment Inspector behaves the same way on mi2-mi3 levels. For mi4 you need to switch 'Private Suppressions: Delete problems' on.

If there are more concerns, please share them.

0 Kudos
Copy link
kcc
Beginner
‎10-07-2009 06:46 AM
1,231 Views
Here is a completely valid C++ program on which mi4 complains.


-----------------------------
#include

struct Foo {
double a;
char b;
double c;
};

int main() {
Foo f1;
f1.a = 0.0;
f1.b = 'b';
f1.c = 9.0;
Foo f2 = f1; // <<<<<<<<<<< mi4 reports error here
printf ("%f %c %fn", f2.a, f2.b, f2.c);
return 0;
}
0 Kudos
Copy link
Vladimir_T_Intel
Moderator
‎10-07-2009 07:24 AM
1,231 Views
Quoting - kcc
Here is a completely valid C++ program on which mi4 complains.


-----------------------------
#include

struct Foo {
double a;
char b;
double c;
};

int main() {
Foo f1;
f1.a = 0.0;
f1.b = 'b';
f1.c = 9.0;
Foo f2 = f1; // <<<<<<<<<<< mi4 reports error here
printf ("%f %c %fn", f2.a, f2.b, f2.c);
return 0;
}

No errors reported. I needthe binaryand pdb to reproduce it.
0 Kudos
Copy link
Vladimir_T_Intel
Moderator
‎10-07-2009 08:11 AM
1,231 Views

No errors reported. I needthe binaryand pdb to reproduce it.

Ok.received the project by e-mail. Looks like the different default compiler settings.

I see the problem now and I can't guarantee that we fix it soon as the approach in Inspector MCdiffers from the other tools. Will let you know the results of further invesigation.

Thanks a lot for raisng the problem.
0 Kudos
Copy link
Reply

Community support is provided Monday to Friday. Other contact methods are available here.

Intel does not verify all solutions, including but not limited to any file transfers that may appear in this community. Accordingly, Intel disclaims all express and implied warranties, including without limitation, the implied warranties of merchantability, fitness for a particular purpose, and non-infringement, as well as any warranty arising from course of performance, course of dealing, or usage in trade.

For more complete information about compiler optimizations, see our Optimization Notice.