id	summary	reporter	owner	description	type	status	milestone	component	version	severity	resolution	keywords	cc
9985	boost::atomic<double> causing program crash	Daniel Vernon <daniel.vernon@…>	timblechmann	"Using Visual Studio 2012 to compile the following C++ code:-


{{{
double desiredPresentationSpeed = 1.0f;

boost::atomic<double> m_configuredPresentationRate;

m_configuredPresentationRate = desiredPresentationSpeed;

return S_OK;
}}}

The compiler outputs the following warning for a Release build:-

'''	76>c:\sdks\boost_1_55_0\boost\atomic\detail\windows.hpp(1598): warning C4731: 'AVDecoders::CVideoDecoderHandler::ConfigurePresentationSpeed' : frame pointer register 'ebx' modified by inline assembly code
'''

And the program subsequently crashes on the third line above.  This is because the ebx register is modified by the boost::atomic code (in this case at 010DE08E in the asm code below) and the program then
crashes further down when the 'pop ebx' is executed (at 010DE0AE), because the esp register has been set incorrectly (on the previous line) using the value now in ebx.



{{{
	m_configuredPresentationRate = desiredPresentationSpeed;
010DE064  mov         eax,dword ptr [desiredPresentationSpeed]
010DE067  mov         dword ptr [ebp-10h],eax
010DE06A  mov         eax,dword ptr [ebp-4]
010DE06D  mov         dword ptr [ebp-0Ch],eax
010DE070  lea         eax,[ecx+1B7Ch]
010DE076  mov         dword ptr [ebp-4],eax
010DE079  test        al,7
010DE07B  jne         AVDecoders::CVideoDecoderHandler::ConfigurePresentationSpeed+8Bh (010DE08Bh)
010DE07D  mov         edx,dword ptr [ebp-4]
010DE080  movq        xmm4,mmword ptr [ebp-10h]
010DE085  movq        mmword ptr [edx],xmm4
010DE089  jmp         AVDecoders::CVideoDecoderHandler::ConfigurePresentationSpeed+0A6h (010DE0A6h)
010DE08B  mov         edi,dword ptr [ebp-4]
010DE08E  mov         ebx,dword ptr [ebp-10h]
010DE091  mov         ecx,dword ptr [ebp-0Ch]
010DE094  mov         eax,dword ptr [edi]
010DE096  mov         edx,dword ptr [edi+4]
010DE099  lea         esp,[esp]
010DE0A0  lock cmpxchg8b qword ptr [edi]
010DE0A4  jne         AVDecoders::CVideoDecoderHandler::ConfigurePresentationSpeed+0A0h (010DE0A0h)

	return S_OK;
010DE0A6  xor         eax,eax
}
010DE0A8  pop         edi
010DE0A9  mov         esp,ebp
010DE0AB  pop         ebp
010DE0AC  mov         esp,ebx
010DE0AE  pop         ebx
010DE0AF  ret         4
}}}

The boost code in question can be found here, under template ""platform_store64"" :- [http://www.boost.org/doc/libs/1_55_0/boost/atomic/detail/windows.hpp]

This Microsoft page [http://msdn.microsoft.com/en-us/library/k1a8ss06(v=vs.110).aspx] states ""To ensure code runs correctly, do not modify EBX in asm code if the function requires dynamic stack alignment as it could modify the frame pointer. Either move the eight-byte aligned types out of the function, or avoid using EBX.""

So it looks as though a simple fix would be to add a 'push ebx' and 'pop ebx' in the final _asm code block, to preserve the value of ebx.

"	Bugs	closed	To Be Determined	atomic	Boost 1.55.0	Problem	fixed	boost atomic double crash	Andrey.Semashev@…