diff options
| author | Caolán McNamara <caolan.mcnamara@collabora.com> | 2024-01-21 17:28:17 +0000 |
|---|---|---|
| committer | Caolán McNamara <caolan.mcnamara@collabora.com> | 2024-01-21 21:27:11 +0100 |
| commit | 96bf7a9ace990a03b8b87a7a9d7b2882210ded0c (patch) | |
| tree | 3ac95c8c9b3dbc70fe3b16bbfb22bfea66c8c4ba /bridges | |
| parent | 0e7fb08f1d2fcc820725b1a73c01dedb69918afd (diff) | |
ofz: MemorySanitizer: use-of-uninitialized-value
WARNING: MemorySanitizer: use-of-uninitialized-value
#0 0x2e4597d in TreatDoubleError /src/libreoffice/sc/source/core/inc/interpre.hxx:1146:10
#1 0x2e4597d in ScInterpreter::PushDouble(double) /src/libreoffice/sc/source/core/tool/interpr4.cxx:1806:5
#2 0x2e83755 in ScInterpreter::ScExternal() /src/libreoffice/sc/source/core/tool/interpr4.cxx:3126:17
#3 0x2e94a38 in ScInterpreter::Interpret() /src/libreoffice/sc/source/core/tool/interpr4.cxx:4487:43
#4 0x27296ad in ScFormulaCell::InterpretTail(ScInterpreterContext&, ScFormulaCell::ScInterpretTailParameter) /src/libreoffice/sc/source/core/data/formulacell.cxx:1946:23
#5 0x2722f87 in ScFormulaCell::Interpret(int, int) /src/libreoffice/sc/source/core/data/formulacell.cxx:1619:13
#6 0x1e1c80f in operator() /src/libreoffice/sc/source/core/data/column.cxx:2808:16
#7 0x1e1c80f in EachElem<mdds::mtv::noncopyable_managed_element_block<54, ScFormulaCell, mdds::mtv::delayed_delete_vector>, std::__1::__wrap_iter<ScFormulaCell **>, mdds::detail::mtv::iterator_value_node<mdds::mtv::soa::multi_type_vector<sc::CellStoreTraits>, unsigned long>, (anonymous namespace)::CalcAllHandler> /src/libreoffice/sc/inc/mtvfunctions.hxx:130:9
#8 0x1e1c80f in ProcessElements1<mdds::mtv::soa::multi_type_vector<sc::CellStoreTraits>, mdds::mtv::noncopyable_managed_element_block<54, ScFormulaCell, mdds::mtv::delayed_delete_vector>, (anonymous namespace)::CalcAllHandler, sc::FuncElseNoOp<unsigned long, bool> > /src/libreoffice/sc/inc/mtvfunctions.hxx:330:9
Uninitialized value was stored to memory at
#0 0x2fdee53 in operator>>=<double> /src/libreoffice/sc/source/core/tool/rangeseq.cxx:0:14
#1 0x2fdee53 in ScApiTypeConversion::ConvertAnyToDouble(double&, com::sun::star::uno::TypeClass&, com::sun::star::uno::Any const&) /src/libreoffice/sc/source/core/tool/rangeseq.cxx:347:18
#2 0x2b1e9d4 in ScUnoAddInCall::SetResult(com::sun::star::uno::Any const&) /src/libreoffice/sc/source/core/tool/addincol.cxx:1583:17
#3 0x2b1d84f in ScUnoAddInCall::ExecuteCallWithArgs(com::sun::star::uno::Sequence<com::sun::star::uno::Any>&) /src/libreoffice/sc/source/core/tool/addincol.cxx:1541:9
#4 0x2b1c2ee in ScUnoAddInCall::ExecuteCall() /src/libreoffice/sc/source/core/tool/addincol.cxx:1495:9
#5 0x2e81a4b in ScInterpreter::ScExternal() /src/libreoffice/sc/source/core/tool/interpr4.cxx:3065:19
#6 0x2e94a38 in ScInterpreter::Interpret() /src/libreoffice/sc/source/core/tool/interpr4.cxx:4487:43
Uninitialized value was stored to memory at
#0 0x2b1daec in swap<void *> /usr/local/include/c++/v1/__utility/swap.h:37:7
#1 0x2b1daec in operator= /src/libreoffice/include/com/sun/star/uno/Any.hxx:153:5
#2 0x2b1daec in ScUnoAddInCall::ExecuteCallWithArgs(com::sun::star::uno::Sequence<com::sun::star::uno::Any>&) /src/libreoffice/sc/source/core/tool/addincol.cxx:1518:14
#3 0x2b1c2ee in ScUnoAddInCall::ExecuteCall() /src/libreoffice/sc/source/core/tool/addincol.cxx:1495:9
#4 0x2e81a4b in ScInterpreter::ScExternal() /src/libreoffice/sc/source/core/tool/interpr4.cxx:3065:19
#5 0x2e94a38 in ScInterpreter::Interpret() /src/libreoffice/sc/source/core/tool/interpr4.cxx:4487:43
Uninitialized value was stored to memory at
#0 0xc49bb64 in cppu::_copyConstructAnyFromData(_uno_Any*, void*, _typelib_TypeDescriptionReference*, _typelib_TypeDescription*, void (*)(void*), _uno_Mapping*) /src/libreoffice/cppu/source/uno/copy.hxx:178:49
#1 0xc497abd in cppu::_copyConstructAny(_uno_Any*, void*, _typelib_TypeDescriptionReference*, _typelib_TypeDescription*, void (*)(void*), _uno_Mapping*) /src/libreoffice/cppu/source/uno/copy.hxx:288:13
#2 0xc499443 in uno_any_constructAndConvert /src/libreoffice/cppu/source/uno/any.cxx:120:9
#3 0x174d263f in stoc_corefl::(anonymous namespace)::IdlInterfaceMethodImpl::invoke(com::sun::star::uno::Any const&, com::sun::star::uno::Sequence<com::sun::star::uno::Any>&) /src/libreoffice/stoc/source/corereflection/criface.cxx:633:13
#4 0x174d5935 in non-virtual thunk to stoc_corefl::(anonymous namespace)::IdlInterfaceMethodImpl::invoke(com::sun::star::uno::Any const&, com::sun::star::uno::Sequence<com::sun::star::uno::Any>&) /src/libreoffice/stoc/source/corereflection/criface.cxx:0
#5 0x2b1d5ce in ScUnoAddInCall::ExecuteCallWithArgs(com::sun::star::uno::Sequence<com::sun::star::uno::Any>&) /src/libreoffice/sc/source/core/tool/addincol.cxx:1518:27
#6 0x2b1c2ee in ScUnoAddInCall::ExecuteCall() /src/libreoffice/sc/source/core/tool/addincol.cxx:1495:9
#7 0x2e81a4b in ScInterpreter::ScExternal() /src/libreoffice/sc/source/core/tool/interpr4.cxx:3065:19
#8 0x2e94a38 in ScInterpreter::Interpret() /src/libreoffice/sc/source/core/tool/interpr4.cxx:4487:43
Uninitialized value was stored to memory at
#0 0xcd10714 in gcc3::callVirtualMethod(void*, unsigned int, void*, _typelib_TypeDescriptionReference*, bool, unsigned long*, unsigned int, unsigned long*, double*) /src/libreoffice/bridges/source/cpp_uno/gcc3_linux_x86-64/callvirtualmethod.cxx:157:51
#1 0xcd0cd78 in cpp_call(bridges::cpp_uno::shared::UnoInterfaceProxy*, bridges::cpp_uno::shared::VtableSlot, _typelib_TypeDescriptionReference*, int, _typelib_MethodParameter*, void*, void**, _uno_Any**) /src/libreoffice/bridges/source/cpp_uno/gcc3_linux_x86-64/uno2cpp.cxx:233:13
#2 0xcd0a9fa in unoInterfaceProxyDispatch /src/libreoffice/bridges/source/cpp_uno/gcc3_linux_x86-64/uno2cpp.cxx:0
#3 0x174d1f01 in stoc_corefl::(anonymous namespace)::IdlInterfaceMethodImpl::invoke(com::sun::star::uno::Any const&, com::sun::star::uno::Sequence<com::sun::star::uno::Any>&) /src/libreoffice/stoc/source/corereflection/criface.cxx:590:9
#4 0x174d5935 in non-virtual thunk to stoc_corefl::(anonymous namespace)::IdlInterfaceMethodImpl::invoke(com::sun::star::uno::Any const&, com::sun::star::uno::Sequence<com::sun::star::uno::Any>&) /src/libreoffice/stoc/source/corereflection/criface.cxx:0
#5 0x2b1d5ce in ScUnoAddInCall::ExecuteCallWithArgs(com::sun::star::uno::Sequence<com::sun::star::uno::Any>&) /src/libreoffice/sc/source/core/tool/addincol.cxx:1518:27
#6 0x2b1c2ee in ScUnoAddInCall::ExecuteCall() /src/libreoffice/sc/source/core/tool/addincol.cxx:1495:9
#7 0x2e81a4b in ScInterpreter::ScExternal() /src/libreoffice/sc/source/core/tool/interpr4.cxx:3065:19
#8 0x2e94a38 in ScInterpreter::Interpret() /src/libreoffice/sc/source/core/tool/interpr4.cxx:4487:43
Uninitialized value was created by an allocation of 'data' in the stack frame of function '_ZN4gcc317callVirtualMethodEPvjS0_P33_typelib_TypeDescriptionReferencebPmjS3_Pd'
#0 0xcd0f1d0 in gcc3::callVirtualMethod(void*, unsigned int, void*, _typelib_TypeDescriptionReference*, bool, unsigned long*, unsigned int, unsigned long*, double*) /src/libreoffice/bridges/source/cpp_uno/gcc3_linux_x86-64/callvirtualmethod.cxx:50
The double really comes from AnalysisAddIn::getConvert and when adding
code to switch off it there and msan is happy before it returns that it
is initialized, the problem arises when extracting that return value in
the bridge code. Its curious that this only appears now when we've been
running msan for years and only for double (so far) and not the other
types.
Change-Id: I8f381a9faf4fe9d4a02b77b241ab33de8eb3bce2
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/162348
Tested-by: Jenkins
Reviewed-by: Caolán McNamara <caolan.mcnamara@collabora.com>
Diffstat (limited to 'bridges')
| -rw-r--r-- | bridges/source/cpp_uno/gcc3_linux_x86-64/callvirtualmethod.cxx | 11 |
1 files changed, 11 insertions, 0 deletions
diff --git a/bridges/source/cpp_uno/gcc3_linux_x86-64/callvirtualmethod.cxx b/bridges/source/cpp_uno/gcc3_linux_x86-64/callvirtualmethod.cxx index 04dd2dc6a5f6..bf3e7f388108 100644 --- a/bridges/source/cpp_uno/gcc3_linux_x86-64/callvirtualmethod.cxx +++ b/bridges/source/cpp_uno/gcc3_linux_x86-64/callvirtualmethod.cxx @@ -27,6 +27,13 @@ #include "abi.hxx" #include "callvirtualmethod.hxx" +#if defined(__has_feature) +# if __has_feature(memory_sanitizer) +# include <sanitizer/msan_interface.h> +# define MEMORY_SANITIZER +# endif +#endif + // The call instruction within the asm block of callVirtualMethod may throw // exceptions. At least GCC 4.7.0 with -O0 would create (unnecessary) // .gcc_exception_table call-site table entries around all other calls in this @@ -154,6 +161,10 @@ void CPPU_CURRENT_NAMESPACE::callVirtualMethod( *static_cast<float *>(pRegisterReturn) = *reinterpret_cast<float *>(&data.xmm0); break; case typelib_TypeClass_DOUBLE: +#if defined(MEMORY_SANITIZER) + // In the absence of a better idea just unpoison this + __msan_unpoison(&data.xmm0, sizeof(data.xmm0)); +#endif *static_cast<double *>( pRegisterReturn ) = data.xmm0; break; default: |