Uninitialized memory access caused by IPP routines

Uninitialized memory access caused by IPP routines

Hello,

I'm using Intel Inspector to check my C++ code which is using Intel IPP. Please, check my question on Insepctor forum: http://software.intel.com/en-us/forums/topic/343032

21 posts / novo 0
Último post
Para obter mais informações sobre otimizações de compiladores, consulte Aviso sobre otimizações.

Hi Mikhail,

>>...
>>P26 - Unuinitialized memory access - imageutils.cpp

Could you provide more technical details? Did your application crash / failed?

Best regards,
Sergey

Yes. Please provide a test case if you can.

Thank you for your reply. No, my application don't crash/fail. It works normally and does what it is meant to do. That's why these errors might be false/positives. I'll try to prepare a separate project, which reproduces the error.

I prepared a clean solution, which reproduces one of the errors. Namely, Uninitialized memory access in ippiMorphologyInit_8u_C1R. The solution is compiled against IPP v 7.0.205 using Visual Studio 2010 SP1. I also included a report generated by Intel Inspector XE 2013 (Update 3).

Anexos: 

AnexoTamanho
Download ipp-memory-error.zip363.55 KB

I don't know what exactly happens inside of ippiMorphologyInit_8u_C1R function and I simply would like to provide two examples that demonstrate why Inspector XE could show some error(s):

[ Example 1 ]

include *stdio.h*

class CTest
{
public:
Test(){};
~Test(){};

int m_iValue; // There is No initialization of the member and Inspector XE could show an error / Will an application crash? In that case No
};

void main( void )
{
CTest objTest;
objTest.m_iValue = 0;
printf( "CTest::m_iValue value: %ld\n", objTest.m_iValue );
}

[ Example 2 ]

include *stdio.h*

class CTest
{
public:
Test()
{
m_iValue = 0;
};
~Test(){};

int m_iValue; // There is initialization of the member and Inspector XE shouln't show an error
};

void main( void )
{
CTest objTest;
printf( "CTest::m_iValue value: %ld\n", objTest.m_iValue );
}

Uninitialized variables or members of a structure or a class don't cause any craches unless they are used in some loops ( 'for', 'while', etc ) or simply used in calculations. It is a matter of overall quality of source codes and a software product. It is not clear for me why it wasn't detected and fixed by IPP software developers.

Could you at least point IPP team on this issue?

>>...Could you at least point IPP team on this issue?

Please believe me that guys from IPP team are reading all our posts. I hope to see a feedback from Intel software engineers of IPP team as well.

Citação:

Mikhail Matrosov escreveu:

Could you at least point IPP team on this issue?


Hi, Mikhail,

Yes. it looks that there is a problem in ippiMorphologyInit_8u_C1R function. Thank you for notifying this. Though it doesn't affect the functionality (looks like there are unnecessary fields in internal structure which are not initialized and not used), this issue will be fixed.
Thank you again!

Regards,
Sergey

Regards,
Sergey

Please note, I have the same errors for the following functions in my original project (I didn't add them to repro-case):

ippiFilterGauss_8u_C1R, ippiFilter_32f_C1R, ippiFilterMin_8u_C1R

We'll check them too.

Regards,
Sergey

Regards,
Sergey

>>...I have the same errors for the following functions in my original project (I didn't add them to repro-case)...

Hi Mikhail,

I think you need to report on Inspector XE forum that when a variable ( global or in a function ) or a member of some struct / class is Not initialized and Not used the Inspector XE should report it as a Warning instead of as an Error.

Best regards,
Sergey

Citação:

Sergey Khlystov (Intel) escreveu:

We'll check them too.

Hi Mikhail,

We have checked FilterMin, FilterGauss and Filter functions and haven't seen problems there. Please, make sure you allocate correct images, set correct masks and anchors. Or, you can provide us with sample project where problems are seen.

Regards,
Sergey

Regards,
Sergey

Citação:

Sergey Khlystov (Intel) escreveu:

Quote:

Sergey Khlystov (Intel) wrote:

We'll check them too.

Hi Mikhail,

We have checked FilterMin, FilterGauss and Filter functions and haven't seen problems there. Please, make sure you allocate correct images, set correct masks and anchors. Or, you can provide us with sample project where problems are seen.

Regards,
Sergey

Here is updated solution and Inspector report reproducing errors in FilterMin and FilterGauss.

Anexos: 

AnexoTamanho
Download ipp-memory-error.zip675.41 KB

Mikhail,
You were reight about Gauss/Min functions in IPP 7.x. Somehow, I don't see inspector issues in current library (under development), may be it's because compiler has been changed.
Anyway, there must be no issue, because sometimes for performance purposes it's more efficient to read/write bytes using bigger chunks. Say, 32/64/128-bit words. If you, for example, initialize buf[1] and buf[3] bytes of array, it can be faster to read buf[0-3] bytes into 32-bit register, set bytes 1 and 3 in that register and write the register back, then read byte 1/write byte 1/read byte 3/write byte 3. Of course, the address to read/write must be properly aligned. Technically, we read uninitialized data, but logically we do nothing with it. Inspector can generate false alarm here.
IPP functions are thouroughly tested for correctness and side effects absence.

Regards,
Sergey

Regards,
Sergey

Ok, thank your for explanation and feedback.

>>...Inspector can generate false alarm...

I saw this many times already. Unfortunately, some users of Inspector XE are very "scared" when they see these "errors". Instead, they should be reported by Inspector as warnings.

Hi Mikhail,

In your test-case there are two cases when uninitialized variables are passed to IPP functions:

...
int _tmain( int argc, _TCHAR *argv[] )
{
// Initialize data
...
int image_step;

Ipp8u *src = ippiMalloc_8u_C1( image_size.width, image_size.height, &image_step );
...
// Check MorphologyInit
int state_size;
CALL_IPP_CHECKED( ippiMorphologyGetSize_8u_C1R( image_size.width, strel, strel_size, &state_size ) );
...
}

and it could be a possible reason of error messages from Inspector XE.

Citação:

Sergey Kostrov escreveu:

...
int _tmain( int argc, _TCHAR *argv[] )
{
// Initialize data
...
int image_step;

Ipp8u *src = ippiMalloc_8u_C1( image_size.width, image_size.height, &image_step );

That's ok. The functions use those variables as write-only data (don't read, only write). So, caling these functions is, in fact, initialization of variables.

Regards,
Sergey

Regards,
Sergey

>>...The functions use those variables as write-only data (don't read, only write). So, caling these functions is, in fact,
>>initialization of variables...

I understand this and my note was regarding Inspector XE only. It looks like it detects that a variable is not initialized, reports an error and actual initialization of the variable is somewhere at the end of the function ( before a return is called ).

I don't know Inspector, it must be not static but HW-level detector. Otherwise, it could not be able to detect uninitialized memory reads in binary code like it happened in Mikhail's example, where Inspector pointed to IPP function.

Regards,
Sergey

Regards,
Sergey

Deixar um comentário

Faça login para adicionar um comentário. Não é membro? Inscreva-se hoje mesmo!