bridges/source/cpp_uno/gcc3_linux_x86-64/callvirtualmethod.cxx | 11
++++++++++
1 file changed, 11 insertions(+)
New commits:
commit 96bf7a9ace990a03b8b87a7a9d7b2882210ded0c
Author: Caolán McNamara <caolan.mcnam...@collabora.com>
AuthorDate: Sun Jan 21 17:28:17 2024 +0000
Commit: Caolán McNamara <caolan.mcnam...@collabora.com>
CommitDate: Sun Jan 21 21:27:11 2024 +0100
ofz: MemorySanitizer: use-of-uninitialized-value
WARNING: MemorySanitizer: use-of-uninitialized-value
#0 0x2e4597d in TreatDoubleError
/src/libreoffice/sc/source/core/inc/interpre.hxx:1146:10
#1 0x2e4597d in ScInterpreter::PushDouble(double)
/src/libreoffice/sc/source/core/tool/interpr4.cxx:1806:5
#2 0x2e83755 in ScInterpreter::ScExternal()
/src/libreoffice/sc/source/core/tool/interpr4.cxx:3126:17
#3 0x2e94a38 in ScInterpreter::Interpret()
/src/libreoffice/sc/source/core/tool/interpr4.cxx:4487:43
#4 0x27296ad in
ScFormulaCell::InterpretTail(ScInterpreterContext&,
ScFormulaCell::ScInterpretTailParameter)
/src/libreoffice/sc/source/core/data/formulacell.cxx:1946:23
#5 0x2722f87 in ScFormulaCell::Interpret(int, int)
/src/libreoffice/sc/source/core/data/formulacell.cxx:1619:13
#6 0x1e1c80f in operator()
/src/libreoffice/sc/source/core/data/column.cxx:2808:16
#7 0x1e1c80f in
EachElem<mdds::mtv::noncopyable_managed_element_block<54, ScFormulaCell,
mdds::mtv::delayed_delete_vector>, std::__1::__wrap_iter<ScFormulaCell **>,
mdds::detail::mtv::iterator_value_node<mdds::mtv::soa::multi_type_vector<sc::CellStoreTraits>,
unsigned long>, (anonymous namespace)::CalcAllHandler>
/src/libreoffice/sc/inc/mtvfunctions.hxx:130:9
#8 0x1e1c80f in
ProcessElements1<mdds::mtv::soa::multi_type_vector<sc::CellStoreTraits>,
mdds::mtv::noncopyable_managed_element_block<54, ScFormulaCell,
mdds::mtv::delayed_delete_vector>, (anonymous namespace)::CalcAllHandler,
sc::FuncElseNoOp<unsigned long, bool> >
/src/libreoffice/sc/inc/mtvfunctions.hxx:330:9
Uninitialized value was stored to memory at
#0 0x2fdee53 in operator>>=<double>
/src/libreoffice/sc/source/core/tool/rangeseq.cxx:0:14
#1 0x2fdee53 in
ScApiTypeConversion::ConvertAnyToDouble(double&,
com::sun::star::uno::TypeClass&, com::sun::star::uno::Any const&)
/src/libreoffice/sc/source/core/tool/rangeseq.cxx:347:18
#2 0x2b1e9d4 in
ScUnoAddInCall::SetResult(com::sun::star::uno::Any const&)
/src/libreoffice/sc/source/core/tool/addincol.cxx:1583:17
#3 0x2b1d84f in
ScUnoAddInCall::ExecuteCallWithArgs(com::sun::star::uno::Sequence<com::sun::star::uno::Any>&)
/src/libreoffice/sc/source/core/tool/addincol.cxx:1541:9
#4 0x2b1c2ee in ScUnoAddInCall::ExecuteCall()
/src/libreoffice/sc/source/core/tool/addincol.cxx:1495:9
#5 0x2e81a4b in ScInterpreter::ScExternal()
/src/libreoffice/sc/source/core/tool/interpr4.cxx:3065:19
#6 0x2e94a38 in ScInterpreter::Interpret()
/src/libreoffice/sc/source/core/tool/interpr4.cxx:4487:43
Uninitialized value was stored to memory at
#0 0x2b1daec in swap<void *>
/usr/local/include/c++/v1/__utility/swap.h:37:7
#1 0x2b1daec in operator=
/src/libreoffice/include/com/sun/star/uno/Any.hxx:153:5
#2 0x2b1daec in
ScUnoAddInCall::ExecuteCallWithArgs(com::sun::star::uno::Sequence<com::sun::star::uno::Any>&)
/src/libreoffice/sc/source/core/tool/addincol.cxx:1518:14
#3 0x2b1c2ee in ScUnoAddInCall::ExecuteCall()
/src/libreoffice/sc/source/core/tool/addincol.cxx:1495:9
#4 0x2e81a4b in ScInterpreter::ScExternal()
/src/libreoffice/sc/source/core/tool/interpr4.cxx:3065:19
#5 0x2e94a38 in ScInterpreter::Interpret()
/src/libreoffice/sc/source/core/tool/interpr4.cxx:4487:43
Uninitialized value was stored to memory at
#0 0xc49bb64 in cppu::_copyConstructAnyFromData(_uno_Any*,
void*, _typelib_TypeDescriptionReference*, _typelib_TypeDescription*, void
(*)(void*), _uno_Mapping*) /src/libreoffice/cppu/source/uno/copy.hxx:178:49
#1 0xc497abd in cppu::_copyConstructAny(_uno_Any*, void*,
_typelib_TypeDescriptionReference*, _typelib_TypeDescription*, void (*)(void*),
_uno_Mapping*) /src/libreoffice/cppu/source/uno/copy.hxx:288:13
#2 0xc499443 in uno_any_constructAndConvert
/src/libreoffice/cppu/source/uno/any.cxx:120:9
#3 0x174d263f in stoc_corefl::(anonymous
namespace)::IdlInterfaceMethodImpl::invoke(com::sun::star::uno::Any const&,
com::sun::star::uno::Sequence<com::sun::star::uno::Any>&)
/src/libreoffice/stoc/source/corereflection/criface.cxx:633:13
#4 0x174d5935 in non-virtual thunk to stoc_corefl::(anonymous
namespace)::IdlInterfaceMethodImpl::invoke(com::sun::star::uno::Any const&,
com::sun::star::uno::Sequence<com::sun::star::uno::Any>&)
/src/libreoffice/stoc/source/corereflection/criface.cxx:0
#5 0x2b1d5ce in
ScUnoAddInCall::ExecuteCallWithArgs(com::sun::star::uno::Sequence<com::sun::star::uno::Any>&)
/src/libreoffice/sc/source/core/tool/addincol.cxx:1518:27
#6 0x2b1c2ee in ScUnoAddInCall::ExecuteCall()
/src/libreoffice/sc/source/core/tool/addincol.cxx:1495:9
#7 0x2e81a4b in ScInterpreter::ScExternal()
/src/libreoffice/sc/source/core/tool/interpr4.cxx:3065:19
#8 0x2e94a38 in ScInterpreter::Interpret()
/src/libreoffice/sc/source/core/tool/interpr4.cxx:4487:43
Uninitialized value was stored to memory at
#0 0xcd10714 in gcc3::callVirtualMethod(void*, unsigned int,
void*, _typelib_TypeDescriptionReference*, bool, unsigned long*, unsigned int,
unsigned long*, double*)
/src/libreoffice/bridges/source/cpp_uno/gcc3_linux_x86-64/callvirtualmethod.cxx:157:51
#1 0xcd0cd78 in
cpp_call(bridges::cpp_uno::shared::UnoInterfaceProxy*,
bridges::cpp_uno::shared::VtableSlot, _typelib_TypeDescriptionReference*, int,
_typelib_MethodParameter*, void*, void**, _uno_Any**)
/src/libreoffice/bridges/source/cpp_uno/gcc3_linux_x86-64/uno2cpp.cxx:233:13
#2 0xcd0a9fa in unoInterfaceProxyDispatch
/src/libreoffice/bridges/source/cpp_uno/gcc3_linux_x86-64/uno2cpp.cxx:0
#3 0x174d1f01 in stoc_corefl::(anonymous
namespace)::IdlInterfaceMethodImpl::invoke(com::sun::star::uno::Any const&,
com::sun::star::uno::Sequence<com::sun::star::uno::Any>&)
/src/libreoffice/stoc/source/corereflection/criface.cxx:590:9
#4 0x174d5935 in non-virtual thunk to stoc_corefl::(anonymous
namespace)::IdlInterfaceMethodImpl::invoke(com::sun::star::uno::Any const&,
com::sun::star::uno::Sequence<com::sun::star::uno::Any>&)
/src/libreoffice/stoc/source/corereflection/criface.cxx:0
#5 0x2b1d5ce in
ScUnoAddInCall::ExecuteCallWithArgs(com::sun::star::uno::Sequence<com::sun::star::uno::Any>&)
/src/libreoffice/sc/source/core/tool/addincol.cxx:1518:27
#6 0x2b1c2ee in ScUnoAddInCall::ExecuteCall()
/src/libreoffice/sc/source/core/tool/addincol.cxx:1495:9
#7 0x2e81a4b in ScInterpreter::ScExternal()
/src/libreoffice/sc/source/core/tool/interpr4.cxx:3065:19
#8 0x2e94a38 in ScInterpreter::Interpret()
/src/libreoffice/sc/source/core/tool/interpr4.cxx:4487:43
Uninitialized value was created by an allocation of 'data' in the stack
frame of function
'_ZN4gcc317callVirtualMethodEPvjS0_P33_typelib_TypeDescriptionReferencebPmjS3_Pd'
#0 0xcd0f1d0 in gcc3::callVirtualMethod(void*, unsigned int,
void*, _typelib_TypeDescriptionReference*, bool, unsigned long*, unsigned int,
unsigned long*, double*)
/src/libreoffice/bridges/source/cpp_uno/gcc3_linux_x86-64/callvirtualmethod.cxx:50
The double really comes from AnalysisAddIn::getConvert and when adding
code to switch off it there and msan is happy before it returns that it
is initialized, the problem arises when extracting that return value in
the bridge code. Its curious that this only appears now when we've been
running msan for years and only for double (so far) and not the other
types.
Change-Id: I8f381a9faf4fe9d4a02b77b241ab33de8eb3bce2
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/162348
Tested-by: Jenkins
Reviewed-by: Caolán McNamara <caolan.mcnam...@collabora.com>
diff --git a/bridges/source/cpp_uno/gcc3_linux_x86-64/callvirtualmethod.cxx
b/bridges/source/cpp_uno/gcc3_linux_x86-64/callvirtualmethod.cxx
index 04dd2dc6a5f6..bf3e7f388108 100644
--- a/bridges/source/cpp_uno/gcc3_linux_x86-64/callvirtualmethod.cxx
+++ b/bridges/source/cpp_uno/gcc3_linux_x86-64/callvirtualmethod.cxx
@@ -27,6 +27,13 @@
#include "abi.hxx"
#include "callvirtualmethod.hxx"
+#if defined(__has_feature)
+# if __has_feature(memory_sanitizer)
+# include <sanitizer/msan_interface.h>
+# define MEMORY_SANITIZER
+# endif
+#endif
+
// The call instruction within the asm block of callVirtualMethod may throw
// exceptions. At least GCC 4.7.0 with -O0 would create (unnecessary)
// .gcc_exception_table call-site table entries around all other calls in this
@@ -154,6 +161,10 @@ void CPPU_CURRENT_NAMESPACE::callVirtualMethod(
*static_cast<float *>(pRegisterReturn) = *reinterpret_cast<float
*>(&data.xmm0);
break;
case typelib_TypeClass_DOUBLE:
+#if defined(MEMORY_SANITIZER)
+ // In the absence of a better idea just unpoison this
+ __msan_unpoison(&data.xmm0, sizeof(data.xmm0));
+#endif
*static_cast<double *>( pRegisterReturn ) = data.xmm0;
break;
default:
