Software Archive
Read-only legacy content
17061 Diskussionen

where to warn about uninitialized data

kcc
Einsteiger
‎10-06-2009 02:36 AM
1.502Aufrufe
Hello,
I just tried the memory error detector on the following test:
int main() {
char *foo = (char*)malloc(100);
char *bar = (char*)malloc(100);
memcpy(bar, foo, 100);
free(bar);
free(foo);
return 0;
}

The tool complains about uninitialized use inside memcpy().
So, this tool issues a warning when there is any read of uninitialized data.
Valgrind/Memcheck behaves differently: it only warns if the uninitialized data was used to generate a side effect (e.g. a branch depends on the uninitialized data).

Is there a way to make the intel memory checker behave like valgrind/memcheck?
The current behavior makes the tool useless due to a large number of false positives.

Thanks!
--kcc


0 Kudos

Link kopiert

12 Antworten
Vladimir_T_Intel
Moderator
‎10-06-2009 03:01 AM
1.502Aufrufe
Quoting - kcc
Hello,
I just tried the memory error detector on the following test:
int main() {
char *foo = (char*)malloc(100);
char *bar = (char*)malloc(100);
memcpy(bar, foo, 100);
free(bar);
free(foo);
return 0;
}

The tool complains about uninitialized use inside memcpy().
So, this tool issues a warning when there is any read of uninitialized data.
Valgrind/Memcheck behaves differently: it only warns if the uninitialized data was used to generate a side effect (e.g. a branch depends on the uninitialized data).

Is there a way to make the intel memory checker behave like valgrind/memcheck?
The current behavior makes the tool useless due to a large number of false positives.

Thanks!
--kcc



Hi,

Thanks for your test case.

Inspector does not generate the error until the highest mi4 level is used for analysis. We believe we should report such cases right away at least on the highest level. On the intermediate levels the problem is reported if the uninitialized data affect correctness.

If you do not want to see such error reports on the mi4 level, use suppressions. In the Details view of the results, select 'Read' observation for this problem, mouse right-click, and choose 'Supress...' in the context menu. In the private suppression dialog create a filter with 'Uninitialized memory access' problem and 'Read' and/or 'Allocation site' description. For all other columns (module, function, etc.) set * (all).

Next time before launching analysis in the analysis type selection dialog choose 'Private Suppressions: Delete problems' in the drop-down menu. The error will not appear after analysis is completed.

0 Kudos
Link kopieren
kcc
Einsteiger
‎10-06-2009 03:09 AM
1.502Aufrufe
But on mi3 I don't see a report where I would expect to have it:
int main() {
char *foo = (char*)malloc(100);
char *bar = (char*)malloc(100);
memcpy(bar, foo, 100);
printf("%cn", bar[100]); // <<< added this line
free(bar);
free(foo);
return 0;
}


0 Kudos
Link kopieren
Vladimir_T_Intel
Moderator
‎10-06-2009 03:24 AM
1.502Aufrufe
Quoting - kcc
But on mi3 I don't see a report where I would expect to have it:
int main() {
char *foo = (char*)malloc(100);
char *bar = (char*)malloc(100);
memcpy(bar, foo, 100);
printf("%cn", bar[100]); // <<< added this line
free(bar);
free(foo);
return 0;
}


Kostya,

I'm using Intel Parallel Inspector v.1.0 Update1 and I see the error report ;)
Which version you were using?
0 Kudos
Link kopieren
kcc
Einsteiger
‎10-06-2009 03:39 AM
1.502Aufrufe
We use "Product version: 9.0.0.55494", downloaded few weeks ago.

0 Kudos
Link kopieren
Vladimir_T_Intel
Moderator
‎10-06-2009 05:47 AM
1.502Aufrufe
Quoting - kcc
We use "Product version: 9.0.0.55494", downloaded few weeks ago.

This is not the Update1 build. Inspector 1.0 Update1 starts from 63628. Please, try the latest version form IRC.

0 Kudos
Link kopieren
kcc
Einsteiger
‎10-07-2009 03:45 AM
1.502Aufrufe

This is not the Update1 build. Inspector 1.0 Update1 starts from 63628. Please, try the latest version form IRC.


The code should be this:

#include
#include
#include

int main() {
char *foo = (char*)malloc(100);
//printf("%cn", foo[10]);
char *bar = (char*)malloc(100);
memcpy(bar, foo, 100);
printf("zzz%cn", bar[10]);
free(bar);
free(foo);
return 0;
}

mi3 is silent, mi4 reports a warning inside memcpy(). Bad.


0 Kudos
Link kopieren
Vladimir_T_Intel
Moderator
‎10-07-2009 03:51 AM
1.502Aufrufe
Yes,
printf("%cn", bar[100]); // <<< added this line

is a separate bug - Invalid memory access. And it will be reported on each level mi2-mi4

Quoting - kcc
mi3 is silent, mi4 reports a warning inside memcpy(). Bad.

This is the intention to report error (not warning) on the level mi4. You can suppress them easily. What exactly is bad?

0 Kudos
Link kopieren
kcc
Einsteiger
‎10-07-2009 04:02 AM
1.502Aufrufe
This is the intention to report error (not warning) on the level mi4. You can suppress them easily. What exactly is bad?


Valgrind/memcheck reports UMR errors only on real use, no when the memory is copied around.
I believe this is the only right way.
A program may have structures with uninted parts due to alignment or bitfields.
For all such cases the inspector will issue false reports which will need to be suppressed.
Suppressing false reports is time consuming (even if partially automated) and easily leads to missing real bugs.

So, the question remains: is it possible to implement a switch such that the inspector will behave like memcheck?

0 Kudos
Link kopieren
Vladimir_T_Intel
Moderator
‎10-07-2009 05:20 AM
1.502Aufrufe
Quoting - kcc

Valgrind/memcheck reports UMR errors only on real use, no when the memory is copied around.
I believe this is the only right way.
A program may have structures with uninted parts due to alignment or bitfields.
For all such cases the inspector will issue false reports which will need to be suppressed.
Suppressing false reports is time consuming (even if partially automated) and easily leads to missing real bugs.

So, the question remains: is it possible to implement a switch such that the inspector will behave like memcheck?


Let's summarize:

1. Suppression approach is time consuming - as I explained earlier it can be configured in a minute and reused in any further analysis.

2. Suppression easily leads to missing real bugs -we need a real example to prove that. If this is the case, we might change the approach.

3. Implementing a switch such that the inspector will behave like Valgrind/memcheck - at the moment Inspector behaves the same way on mi2-mi3 levels. For mi4 you need to switch 'Private Suppressions: Delete problems' on.

If there are more concerns, please share them.

0 Kudos
Link kopieren
kcc
Einsteiger
‎10-07-2009 06:46 AM
1.502Aufrufe
Here is a completely valid C++ program on which mi4 complains.


-----------------------------
#include

struct Foo {
double a;
char b;
double c;
};

int main() {
Foo f1;
f1.a = 0.0;
f1.b = 'b';
f1.c = 9.0;
Foo f2 = f1; // <<<<<<<<<<< mi4 reports error here
printf ("%f %c %fn", f2.a, f2.b, f2.c);
return 0;
}
0 Kudos
Link kopieren
Vladimir_T_Intel
Moderator
‎10-07-2009 07:24 AM
1.502Aufrufe
Quoting - kcc
Here is a completely valid C++ program on which mi4 complains.


-----------------------------
#include

struct Foo {
double a;
char b;
double c;
};

int main() {
Foo f1;
f1.a = 0.0;
f1.b = 'b';
f1.c = 9.0;
Foo f2 = f1; // <<<<<<<<<<< mi4 reports error here
printf ("%f %c %fn", f2.a, f2.b, f2.c);
return 0;
}

No errors reported. I needthe binaryand pdb to reproduce it.
0 Kudos
Link kopieren
Vladimir_T_Intel
Moderator
‎10-07-2009 08:11 AM
1.502Aufrufe

No errors reported. I needthe binaryand pdb to reproduce it.

Ok.received the project by e-mail. Looks like the different default compiler settings.

I see the problem now and I can't guarantee that we fix it soon as the approach in Inspector MCdiffers from the other tools. Will let you know the results of further invesigation.

Thanks a lot for raisng the problem.
0 Kudos
Link kopieren
Antworten

Community-Support wird von Montag bis Freitag angeboten. Andere Kontaktmethoden finden Sie hier.

Intel überprüft nicht alle Lösungen, darunter auch nicht alle Dateiübertragungen, die ggf. in der Community stattfinden. Dementsprechend lehnt Intel alle ausdrücklichen und stillschweigenden Garantien ab, einschließlich und ohne Einschränkung stillschweigender Garantien der Marktgängigkeit, der Eignung für einen bestimmten Zweck und der Nichtverletzung von Rechten sowie jeglicher Garantien, die sich aus der Ausführung, Bearbeitung oder handelsmäßigen Verwendung ergeben.

Vollständige Angaben zu Compiler-Optimierungen finden Sie in unseren Optimierungshinweis.