[ncl-talk] Infinite loop in ContourPlotInitialize

Matthew Scutter yellowplantain at gmail.com
Wed May 30 10:19:26 MDT 2018 

Hi ncl-talk,
I think I have found an interesting bug in ContourPlotInitialize.
It presents as an infinite loop in _NhlCmpFAny2 because anorm from
ni/src/lib/nio/cmpf.c:508
is infinity, which the function doesn't seem to have any handling for. This
happens if the data you are trying to plot has values of -infinity
(probably +infinity too), even if you have specified a sensible scale.
I realise this data might not be considered valid, but I don't think an
infinite loop is the correct handling of that. This took considerable time
to debug and track down.

I suggest special casing infinity in _NhlCmpFAny2.

Disassembly notes attached:

0x0000000000b06a73 in _NhlCmpFAny2 ()

(gdb) bt

#0  0x0000000000b06a73 in _NhlCmpFAny2 ()

#1  0x0000000000a4c6ef in SetupLevelsAutomatic ()

#2  0x0000000000a4aaa8 in SetupLevels ()

#3  0x0000000000a468a2 in ManageDynamicArrays ()

#4  0x0000000000a6066e in ContourPlotInitialize ()

#5  0x00000000009c451f in NhlCreate ()

#6  0x00000000005fbfa2 in _NclCreateHLUObjOp ()

#7  0x00000000005ee830 in CallCREATE_OBJ_OP ()

#8  0x00000000005e4f3a in _NclExecute ()

#9  0x00000000005fbb62 in _NclFuncCallOp ()

#10 0x00000000005e5403 in _NclExecute ()

#11 0x00000000005fbb62 in _NclFuncCallOp ()

#12 0x00000000005e5403 in _NclExecute ()

#13 0x00000000005fbb62 in _NclFuncCallOp ()

#14 0x00000000005e5403 in _NclExecute ()

#15 0x00000000005fbb62 in _NclFuncCallOp ()

#16 0x00000000005e5403 in _NclExecute ()

#17 0x00000000005fbaa2 in _NclProcCallOp ()

#18 0x00000000005e530e in _NclExecute ()

#19 0x000000000046d259 in yyparse ()

#20 0x0000000000462dcf in NclDriver ()

#21 0x000014e1ec9aa1c1 in __libc_start_main (main=0x45d3d0 <main>, argc=2,
argv=0x7ffcae928808, init=<optimized out>, fini=<optimized out>,
rtld_fini=<optimized out>, stack_end=0x7ffcae9287f8)

    at ../csu/libc-start.c:308

#22 0x000000000045d2f9 in _start ()


(gdb) disassemble

<snip>

   0x0000000000b06a61 <+709>: mulsd  %xmm2,%xmm6

   0x0000000000b06a65 <+713>: movaps %xmm5,%xmm1

   0x0000000000b06a68 <+716>: mulsd  %xmm6,%xmm1

   0x0000000000b06a6c <+720>: inc    %r14d

   0x0000000000b06a6f <+723>: comisd %xmm7,%xmm1

=> 0x0000000000b06a73 <+727>: jae    0xb06a61 <_NhlCmpFAny2+709>

</snip>


register status:

(gdb) print $xmm2

$3 = {v4_float = {-1.58818684e-23, 1.44999993, 0, 0}, v2_double =
{0.10000000000000001, 0}, v16_int8 = {-102, -103, -103, -103, -103, -103,
-71, 63, 0, 0, 0, 0, 0, 0, 0, 0}, v8_int16 = {-26214,

    -26215, -26215, 16313, 0, 0, 0, 0}, v4_int32 = {-1717986918,
1069128089, 0, 0}, v2_int64 = {4591870180066957722, 0}, uint128 =
4591870180066957722}

(gdb) print $xmm6

$4 = {v4_float = {0, -nan(0x700000), 0, 0}, v2_double = {-inf, 0}, v16_int8
= {0, 0, 0, 0, 0, 0, -16, -1, 0, 0, 0, 0, 0, 0, 0, 0}, v8_int16 = {0, 0, 0,
-16, 0, 0, 0, 0}, v4_int32 = {0, -1048576, 0,

    0}, v2_int64 = {-4503599627370496, 0}, uint128 = 18442240474082181120}

(gdb) print $xmm5

$5 = {v4_float = {0, -1.875, 0, 0}, v2_double = {-1, 0}, v16_int8 = {0, 0,
0, 0, 0, 0, -16, -65, 0, 0, 0, 0, 0, 0, 0, 0}, v8_int16 = {0, 0, 0, -16400,
0, 0, 0, 0}, v4_int32 = {0, -1074790400, 0, 0},

  v2_int64 = {-4616189618054758400, 0}, uint128 = 13830554455654793216}

(gdb) print $xmm1

$6 = {v4_float = {0, nan(0x700000), 0, 0}, v2_double = {inf, 0}, v16_int8 =
{0, 0, 0, 0, 0, 0, -16, 127, 0, 0, 0, 0, 0, 0, 0, 0}, v8_int16 = {0, 0, 0,
32752, 0, 0, 0, 0}, v4_int32 = {0, 2146435072,

    0, 0}, v2_int64 = {9218868437227405312, 0}, uint128 =
9218868437227405312}

(gdb) print $r14d

$7 = -2142237121

(gdb) print $xmm7

$8 = {v4_float = {0, 1.875, 0, 0}, v2_double = {1, 0}, v16_int8 = {0, 0, 0,
0, 0, 0, -16, 63, 0, 0, 0, 0, 0, 0, 0, 0}, v8_int16 = {0, 0, 0, 16368, 0,
0, 0, 0}, v4_int32 = {0, 1072693248, 0, 0},

  v2_int64 = {4607182418800017408, 0}, uint128 = 4607182418800017408}

(gdb)



ni/src/lib/nio/cmpf.c:508:


    while (anorm * asign >= 1.0) {

    icount++;

    aexp10++;

    anorm *= .1;

    }


dubiously annotated disassembly:


   0x0000000000b06a61 <+709>: mulsd  %xmm2,%xmm6 ; anorm *= 0.1

   0x0000000000b06a65 <+713>: movaps %xmm5,%xmm1 ; asign = -1

   0x0000000000b06a68 <+716>: mulsd  %xmm6,%xmm1 ; x = anorm * asign

   0x0000000000b06a6c <+720>: inc    %r14d   ; icount++


   0x0000000000b06a6f <+723>: comisd %xmm7,%xmm1 ; if (x >= 1.0) {goto
0xb06a61;}

=> 0x0000000000b06a73 <+727>: jae    0xb06a61 <_NhlCmpFAny2+709>


If anorm/xmm2 is -infinity, the loop never exits.

Best Regards,
Matthew
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.ucar.edu/pipermail/ncl-talk/attachments/20180530/1ed93eac/attachment.html>

More information about the ncl-talk mailing list