Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

False pos uninit on std::swap<float> in VS 2010 hash_map implementation #931

Closed
derekbruening opened this issue Nov 28, 2014 · 3 comments
Closed

False pos uninit on std::swap<float> in VS 2010 hash_map implementation #931

derekbruening opened this issue Nov 28, 2014 · 3 comments
Labels
Bug-FalsePositive Migrated Priority-Medium Status-Fixed

Comments

@derekbruening
Copy link
Contributor

From [email protected] on June 29, 2012 12:45:40

This is a special case of issue #471 that seems to pop up with normal usage of stdext::hash_map<> in VS 2010.

This is on Chrome's buildbots since this build: http://build.chromium.org/p/chromium.fyi/builders/Windows&#37;20Tests&#37;20&#37;28DrMemory&#37;20full&#37;29/builds/1696 Here's a cut down report:

Error #2: UNINITIALIZED READ: reading 0x0f686e50-0x0f686e54 4 byte(s)
#0 std::swap [c:\program files (x86)\microsoft visual studio 10.0\vc\include\utility:102]
#1 std::_Hash [c:\program files (x86)\microsoft visual studio 10.0\vc\include\xhash:273]
#2 std::_Hash [c:\program files (x86)\microsoft visual studio 10.0\vc\include\xhash:250]
#3 stdext::hash_set [c:\program files (x86)\microsoft visual studio 10.0\vc\include\hash_set:144]
#4 std::_Pair_base [c:\program files (x86)\microsoft visual studio 10.0\vc\include\utility:145]
#5 std::pair [c:\program files (x86)\microsoft visual studio 10.0\vc\include\utility:255]
#6 std::allocator [c:\program files (x86)\microsoft visual studio 10.0\vc\include\xmemory:202]
#7 std::_Cons_val [c:\program files (x86)\microsoft visual studio 10.0\vc\include\xmemory:280]
#8 std::_Tree_val [c:\program files (x86)\microsoft visual studio 10.0\vc\include\xtree:592]
#9 std::_Tree [c:\program files (x86)\microsoft visual studio 10.0\vc\include\xtree:767]
#10 std::map [c:\program files (x86)\microsoft visual studio 10.0\vc\include\map:215]
#11 net::MimeUtil::InitializeMimeTypeMaps [net\base\mime_util.cc:424]
#12 net::MimeUtil::MimeUtil [net\base\mime_util.cc:364]
...
Note: @0:02:07.097 in thread 1552
Note: instruction: fld (%eax) -> %st0

I cut out all the template parameters because they are completely unhelpful. The important part is the method at the end of the template args, and it was cut off. We might consider increasing the truncation limit or implementing the short name demangling flag in drsyms (dropping template args).

I tried to figure this out from the line numbers, but I don't have VS 2010 and I can't find a copy of the VS 2010 headers. The line numbers have changed from 2008.

Original issue: http://code.google.com/p/drmemory/issues/detail?id=931
@derekbruening
Copy link
Contributor Author

From [email protected] on May 20, 2013 13:17:40

VS2010 utility:102 shows it's a simple copy:

    // TEMPLATE FUNCTION swap (from \<algorithm>)

template inline
void swap(_Ty& _Left, _Ty& _Right)
{ // exchange values stored at _Left and _Right
==> _Ty _Tmp = _Move(_Left);
_Left = _Move(_Right);
_Right = _Move(_Tmp);
}

Owner: ---

@derekbruening
Copy link
Contributor Author

From [email protected] on December 19, 2013 09:33:45

I can reproduce this in a small test and it has the same pattern I'm proposing doing a slowpath propagation on as an initial stopgap in issue #471 :

TAG 0x00be8d8d
+0 L3 83 c4 04 add $0x00000004 %esp -> %esp
+3 L3 d9 00 fld (%eax) -> %st0
+5 L3 d9 5d fc fstp %st0 -> 0xfffffffc(%ebp)
+8 L3 8b 4d 0c mov 0x0c(%ebp) -> %ecx
+11 L3 51 push %ecx %esp -> %esp 0xfffffffc(%esp)
+12 L3 e8 c1 d2 fe ff call $0x00bd605f %esp -> %esp 0xfffffffc(%esp)
END 0x00be8d8d

Error #2: UNINITIALIZED READ: reading 0x016df5ac-0x016df5b0 4 byte(s)

0 std::swap [c:\program files (x86)\microsoft visual studio 10.0\vc\include\utility:102](0x00be8d90 <app_suite_tests.exe+0x18d90) modid:1

1 std::_Hashstd::_Hset_traits<std::basic_string<char,std::char_traits<char,std::allocator >,stdext::hash_comparestd::basic_string<char,std::char_traits<char,std::allocator >,std::lessstd::basic_string<char,std::char_traits<char,std::alloca [c:\program files (x86)\microsoft visual studio 10.0\vc\include\xhash:273](0x00bfb5f6 <app_suite_tests.exe+0x2b5f6) modid:1

2 std::_Hashstd::_Hset_traits<float,stdext::hash_compare<float,std::less,std::allocator,0> >::_End [c:\program files (x86)\microsoft visual studio 10.0\vc\include\xhash:250](0x00be3d60 <app_suite_tests.exe+0x13d60) modid:1

3 stdext::hash_setstd::basic_string<char,std::char_traits<char,std::allocator >,stdext::hash_comparestd::basic_string<char,std::char_traits<char,std::allocator >,std::lessstd::basic_string<char,std::char_traits<char,std::allocator > [c:\program files (x86)\microsoft visual studio 10.0\vc\include\hash_set:144](0x00bdf0bc <app_suite_tests.exe+0xf0bc) modid:1

4 std::_Pair_basestd::basic_string<char,std::char_traits<char,std::allocator > const ,stdext::hash_setstd::basic_string<char,std::char_traits<char,std::allocator >,stdext::hash_comparestd::basic_string<char,std::char_traits<char,std::alloc [c:\program files (x86)\microsoft visual studio 10.0\vc\include\utility:150](0x00befc51 <app_suite_tests.exe+0x1fc51) modid:1

5 std::pairstd::basic_string<char,std::char_traits<char,std::allocator > const ,stdext::hash_setstd::basic_string<char,std::char_traits<char,std::allocator >,stdext::hash_comparestd::basic_string<char,std::char_traits<char,std::allocator<c [c:\program files (x86)\microsoft visual studio 10.0\vc\include\utility:233] (0x00bdc040 <app_suite_tests.exe+0xc040>) modid:1

6 std::mapstd::basic_string<char,std::char_traits<char,std::allocator >,stdext::hash_setstd::basic_string<char,std::char_traits<char,std::allocator >,stdext::hash_comparestd::basic_string<char,std::char_traits<char,std::allocator >,s [c:\program files (x86)\microsoft visual studio 10.0\vc\include\map:215](0x00c04cdf <app_suite_tests.exe+0x34cdf) modid:1

7 FloatTests_StdSwap_Test::TestBody [c:\src\drmemory\git\src\tests\app_suite\float_tests.cpp:54](0x00c04bc8 <app_suite_tests.exe+0x34bc8) modid:1

8 testing::internal::HandleSehExceptionsInMethodIfSupportedtesting::Test,void [c:\src\drmemory\git\src\third_party\googletest\src\gtest.cc:2075](0x00c43670 <app_suite_tests.exe+0x73670) modid:1

9 testing::internal::HandleExceptionsInMethodIfSupportedtesting::Test,void [c:\src\drmemory\git\src\third_party\googletest\src\gtest.cc:2126](0x00c3d55b <app_suite_tests.exe+0x6d55b) modid:1

#10 testing::Test::Run [c:\src\drmemory\git\src\third_party\googletest\src\gtest.cc:2162](0x00c1e1c7 <app_suite_tests.exe+0x4e1c7) modid:1
#11 testing::TestInfo::Run [c:\src\drmemory\git\src\third_party\googletest\src\gtest.cc:2338](0x00c1e75d <app_suite_tests.exe+0x4e75d) modid:1
Note: @0:00:21.605 in thread 25164
Note: instruction: fld (%eax) -> %st0

Owner: [email protected]

@derekbruening
Copy link
Contributor Author

From [email protected] on January 15, 2014 13:18:24

This issue was closed by revision r1679 .

Status: Fixed

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
Bug-FalsePositive Migrated Priority-Medium Status-Fixed
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@derekbruening