Copying a FFN leads to silently corrupted memory (address sanitizer detects a heap use after free)

[janbraun]

Issue description

Unfortunately, when copying a mlpack::ann::FFN, the program seems to continue operating normally, but in a program with longer runtime and dynamic memory usage, bizarre effects can surface hinting at memory corruption.

When compiling with "-fsanitize=address", a "heap-use-after-free" is detected.

Your environment

• version of mlpack: 3.2.2 (Present since at least 3.1.x)
• operating system: Gentoo Linux, Vanilla kernel 5.5.9
• compiler: gcc 9.3.0 (also earlier 9.x tested),
• version of dependencies (Boost/Armadillo): boost 1.72, 1.71, and 1.65; armadillo 9.850 and 9.600.5; ensmallen 2.11.3, 1.15.1
• any other environment information you think is relevant:

Steps to reproduce

Based on the tutorial, it is sufficient to insert a line FFN<> model2 = model after model.Train(…).
See modified tutorial source in the attached zip file.
The output is provided in output.txt.

Expected behavior

The program should run happily ever after.

Actual behavior

In this simple example, the address sanitizer detects the source of the memory corruption.

In a larger application, signs of memory corruption occur, i.e., sporadic errors in all parts of the program. In a program with Qt user interface, errors were happening mostly in those parts which require the most dynamic memory, i.e., string handling and painting.
These problems can be mitigated by trying to not copy any FFN. Unfortunately, this beats parts of the applications purpose. And some very difficult to hit issues might still remain.

==16542==ERROR: AddressSanitizer: heap-use-after-free on address 0x61b000000e80 at pc 0x7fb2f4b19f50 bp 0x7ffc6ed262a0 sp 0x7ffc6ed25a48

output.txt
ffn_copy_bug.zip

[geekypathak21]

@rcurtin @zoq It occurs when we are trying to copy the Linear layer I am not sure why it is happening. can you give some insight on what may be the cause of this?

[pchelaa]

The gradient field of Linear causes the problem.

The optimizer creates variable gradient inside itself, after that the gradient field of network Linear layer is assigned to it in FNN::ResetGradient. That assignment is done with copy_aux_mem flag set to false which means that the two gradient variables share the same memory. After the optimizer is done the gradient is destroyed. So when copying Linear::gradient the copy constructor arma::Mat is called with a matrix that points to already freed memory.

I would like to fix it, but I am not sure about the best way to do it. Simply forcing copy probably is not the best idea.

[rcurtin]

@janbraun thanks for the clear and comprehensive error report. I really appreciate that, it makes it easy to understand what is going on. I'm assuming the issue happens specifically when an FFN is copied, and not at another time.

@Ilya-Pchelintsev nice observation! I think that you are right. If you'd like to fix it, here's some information that hopefully is helpful. There are a number of members of FFN that are used during the optimization only, in the same way gradient is used. I think that these members are predictors, responses, error, delta, inputParameter, outputParameter, and gradient. I believe that the copy constructor will need to be modified to set those elements to 0. I am not sure, it is possible that other layers will need their copy constructor modified too, or we might have to run ResetDeterministic() and other functions to do some other cleanups. Take a look at serialize()---that function does what's necessary to load an FFN from disk, so it only serializes the things that are necessary, then resets the network afterwards.

Unfortunately there are a couple of outstanding memory handling issues in the FFN and RNN classes; we're working to resolve them, but the framework is tricky. 👍

[janbraun]

Am Donnerstag, 19. März 2020, 13:08:27 CET schrieb Ryan Curtin:

@janbraun thanks for the clear and comprehensive error report. I really appreciate that, it makes it easy to understand what is going on. I'm assuming the issue happens specifically when an `FFN` is copied, and not at another time.

You are welcome and more importantly, thanks for taking this matter up immediately. You are showing an impressive pace. And yes, I observed it with copies of FFN, also the address sanitiser exits immediately during the copy.

@Ilya-Pchelintsev nice observation! I think that you are right. If you'd like to fix it, here's some information that hopefully is helpful. There are a number of members of `FFN` that are used during the optimization only, in the same way `gradient` is used. I think that these members are `predictors`, `responses`, `error`, `delta`, `inputParameter`, `outputParameter`, and `gradient`. I believe that the copy constructor will need to be modified to set those elements to 0. I am not sure, it is possible that other layers will need their copy constructor modified too, or we might have to run `ResetDeterministic()` and other functions to do some other cleanups. Take a look at `serialize()`---that function does what's necessary to load an `FFN` from disk, so it only serializes the things that are necessary, then resets the network afterwards. Unfortunately there are a couple of outstanding memory handling issues in the `FFN` and `RNN` classes; we're working to resolve them, but the framework is tricky. 👍

Thanks everyone! Jan

[janbraun]

Hi @Ilya-Pchelintsev! I wanted to check if you had any luck trying to triage this thing, or if I can help you in any way?

[mlpack-bot]

This issue has been automatically marked as stale because it has not had any recent activity. It will be closed in 7 days if no further activity occurs. Thank you for your contributions! 👍

[rcurtin]

I know there hasn't been much update on this; sorry about that. @himanshupathak21061998 opened #2324; I believe that should help fix the issue, but the PR still needs to be reviewed and double-checked. 👍

[janbraun]

Thanks @rcurtin, I can confirm that my test case runs through with the PR applied.
How could I help reviewing and double-checking?