[LLVMbugs] [Bug 15006] New: Integer truncation/extension bug in X86FrameLowering.cpp and related

bugzilla-daemon at llvm.org bugzilla-daemon at llvm.org
Sat Jan 19 22:24:48 PST 2013


             Bug #: 15006
           Summary: Integer truncation/extension bug in
                    X86FrameLowering.cpp and related
           Product: new-bugs
           Version: trunk
          Platform: All
        OS/Version: All
            Status: NEW
          Severity: enhancement
          Priority: P
         Component: new bugs
        AssignedTo: unassignedbugs at nondot.org
        ReportedBy: willdtz at gmail.com
                CC: llvmbugs at cs.uiuc.edu
    Classification: Unclassified

This one also brought to you by -fsanitize=implicit-integer-conversions.  Error

/home/wdietz2/llvm/33-src/lib/Target/X86/X86FrameLowering.cpp:1180:41: runtime
error: value 4294967296 [=0x100000000] of type 'long' is outside the range of 

And here's line 1180:

  int Offset = MFI->getObjectOffset(FI) - getOffsetOfLocalArea();

(getObjectOffset returns an int64_t, and getOffsetOfLocalArea returns an int)

The truncation can be triggered by running the
"test/CodeGen/X86/2004-02-13-FrameReturnAddress.ll" lit test.

What's concerning about this truncation are the dynamic values involved:
getObjectOffset returns 4294967288, with getOffsetOfLocalArea() returning -8. 
The alarming observation being that this suggests we're zero-extending -8 to
64bits (likely by int32_t -> uint32_t -> int64_t) which is tricky to track down
and possibly hinting towards other related issues.

Unfortunately I don't think I'm up to the task of seeing this through to a fix
myself, can someone take a look?

Configure bugmail: http://llvm.org/bugs/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.

More information about the llvm-bugs mailing list