<div dir="ltr"><br><div class="gmail_extra"><br><div class="gmail_quote">On Thu, May 14, 2015 at 9:29 PM, Justin Bogner <span dir="ltr"><<a href="mailto:mail@justinbogner.com" target="_blank">mail@justinbogner.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left-width:1px;border-left-color:rgb(204,204,204);border-left-style:solid;padding-left:1ex"><span class="">David Majnemer <<a href="mailto:david.majnemer@gmail.com">david.majnemer@gmail.com</a>> writes:<br>
> On Tue, Apr 28, 2015 at 7:56 PM, Justin Bogner <<a href="mailto:mail@justinbogner.com">mail@justinbogner.com</a>> wrote:<br>
</span><span class="">>>>> Sorry to dig up an old thread, but I was playing around with ubsan and<br>
>>>> it looks like this causes some undefined behaviour. I guess we set the<br>
>>>> Offset to INT64_MIN here as a dummy value, and it isn't intended to be<br>
>>>> used, but later, in PrologEpilogInserter.cpp, we hit this logic in<br>
>>>> PEI::calculateFrameObjectOffsets:<br>
>>>><br>
>>>> if (StackGrowsDown) {<br>
>>>> // The maximum distance from the stack pointer is at lower address of<br>
>>>> // the object -- which is given by offset. For down growing stack<br>
>>>> // the offset is negative, so we negate the offset to get the distance.<br>
>>>> FixedOff = -MFI->getObjectOffset(i);<br>
>>>><br>
>>>> Here, when MFI->getObjectOffset returns INT64_MIN and we negate it, we<br>
>>>> can't represent the result and thus hit undefined behaviour. It looks<br>
>>>> like the effect is mostly harmless in practice, but...<br>
>>>><br>
>>>> I guess that 0 is a better dummy value here - all tests continue to pass<br>
>>>> if I change INT64_MIN to 0, anyway.<br>
>>>><br>
>>>> WDYT?<br>
>>><br>
>>> Could we do INT64_MIN+1?<br>
>><br>
>> I don't see why not. Is there any particular reason that's better than<br>
>> 0? I guess just to make it obvious that it's special?<br>
><br>
> Yep, pretty much.<br>
<br>
</span>Interestingly, setting this to 0 passes all of the tests, but setting it<br>
to INT64_MIN+1 does not. That's pretty scary - I guess we're using this<br>
value somewhere, somehow...<br>
</blockquote></div><br></div><div class="gmail_extra">I'm pretty sure that's because INT64_MIN+1 isn't a multiple of SlotSize. I ended up committing r237474 which just uses 0 for the offset.</div></div>