This is an archive of the discontinued LLVM Phabricator instance.

[X86] Fix emitEpilogue() to make less assumptions about pops
ClosedPublic

Authored by aaboud on Sep 8 2015, 2:16 AM.

Download Raw Diff

Details

Reviewers

mkuper
rnk

Commits

rG098cd9fba73c: [X86] Fix emitEpilogue() to make less assumptions about pops
rL247784: [X86] Fix emitEpilogue() to make less assumptions about pops

Summary

When X86FrameLowering::emitEpilogue() looks for where to insert the %esp restore to deallocate stack space for local allocations, it assumes that any sequence of pop instructions that starts from function exit consists purely of restoring callee-save registers.
This may be false, since from some point backward, the pops may be popping arguments, recently pushed to a preceded function call.

This caused a miscompile that was exposed by D12609, and is not easily testable since D12609 was not committed yet.. A test will be committed as part of D12609.

The solution is to introduce "FrameUnsetup" flag (similar to "FrameSetup"), which will be attached to all instructions in the epilogue code. This solution is inspired from r242395.

Diff Detail

Repository: rL LLVM

Event Timeline

aaboud updated this revision to Diff 34200.Sep 8 2015, 2:16 AM

aaboud retitled this revision from to [X86] Fix emitEpilogue() to make less assumptions about pops.

aaboud updated this object.

aaboud added reviewers: mkuper, rnk.

aaboud set the repository for this revision to rL LLVM.

aaboud added a child revision: D12609: Fixed "use POP for small post-call stack clean-up" code size optimization.

I think FrameDestroy would be a better name for the flag. It's consistent with our existing functions getCallFrameSetupOpcode() / getCallFrameDestroyOpcode().

At a high level, it seems like it would be better for us to insert some kind of marker for the beginning of the CSR restoration, but all the targets currently follow this exact pattern. This seems acceptable for now.

I guess the change is also untestable for now, but this is clearly an improvement. Looks good to me with the name change.

This revision is now accepted and ready to land.Sep 8 2015, 1:36 PM

Closed by commit rL247784: [X86] Fix emitEpilogue() to make less assumptions about pops (authored by mkuper). · Explain WhySep 16 2015, 4:19 AM

This revision was automatically updated to reflect the committed changes.

Revision Contents

Path

Size

llvm/

trunk/

include/

llvm/

CodeGen/

MachineInstr.h

6 lines

lib/

CodeGen/

MachineInstr.cpp

5 lines

Target/

X86/

X86FrameLowering.cpp

17 lines

Diff 34879

llvm/trunk/include/llvm/CodeGen/MachineInstr.h

Show First 20 Lines • Show All 58 Lines • ▼ Show 20 Lines	public:
enum CommentFlag {		enum CommentFlag {
ReloadReuse = 0x1		ReloadReuse = 0x1
};		};

enum MIFlag {		enum MIFlag {
NoFlags = 0,		NoFlags = 0,
FrameSetup = 1 << 0, // Instruction is used as a part of		FrameSetup = 1 << 0, // Instruction is used as a part of
// function frame setup code.		// function frame setup code.
BundledPred = 1 << 1, // Instruction has bundled predecessors.		FrameDestroy = 1 << 1, // Instruction is used as a part of
BundledSucc = 1 << 2 // Instruction has bundled successors.		// function frame destruction code.
		BundledPred = 1 << 2, // Instruction has bundled predecessors.
		BundledSucc = 1 << 3 // Instruction has bundled successors.
};		};
private:		private:
const MCInstrDesc *MCID; // Instruction descriptor.		const MCInstrDesc *MCID; // Instruction descriptor.
MachineBasicBlock *Parent; // Pointer to the owning basic block.		MachineBasicBlock *Parent; // Pointer to the owning basic block.

// Operands are allocated by an ArrayRecycler.		// Operands are allocated by an ArrayRecycler.
MachineOperand *Operands; // Pointer to the first operand.		MachineOperand *Operands; // Pointer to the first operand.
unsigned NumOperands; // Number of operands on instruction.		unsigned NumOperands; // Number of operands on instruction.
▲ Show 20 Lines • Show All 1,181 Lines • Show Last 20 Lines

llvm/trunk/lib/CodeGen/MachineInstr.cpp

Show First 20 Lines • Show All 1,729 Lines • ▼ Show 20 Lines	void MachineInstr::print(raw_ostream &OS, ModuleSlotTracker &MST,

// Briefly indicate whether any call clobbers were omitted.		// Briefly indicate whether any call clobbers were omitted.
if (OmittedAnyCallClobbers) {		if (OmittedAnyCallClobbers) {
if (!FirstOp) OS << ",";		if (!FirstOp) OS << ",";
OS << " ...";		OS << " ...";
}		}

bool HaveSemi = false;		bool HaveSemi = false;
const unsigned PrintableFlags = FrameSetup;		const unsigned PrintableFlags = FrameSetup \| FrameDestroy;
if (Flags & PrintableFlags) {		if (Flags & PrintableFlags) {
if (!HaveSemi) OS << ";"; HaveSemi = true;		if (!HaveSemi) OS << ";"; HaveSemi = true;
OS << " flags: ";		OS << " flags: ";

if (Flags & FrameSetup)		if (Flags & FrameSetup)
OS << "FrameSetup";		OS << "FrameSetup";

		if (Flags & FrameDestroy)
		OS << "FrameDestroy";
}		}

if (!memoperands_empty()) {		if (!memoperands_empty()) {
if (!HaveSemi) OS << ";"; HaveSemi = true;		if (!HaveSemi) OS << ";"; HaveSemi = true;

OS << " mem:";		OS << " mem:";
for (mmo_iterator i = memoperands_begin(), e = memoperands_end();		for (mmo_iterator i = memoperands_begin(), e = memoperands_end();
i != e; ++i) {		i != e; ++i) {
▲ Show 20 Lines • Show All 269 Lines • Show Last 20 Lines

llvm/trunk/lib/Target/X86/X86FrameLowering.cpp

Show First 20 Lines • Show All 280 Lines • ▼ Show 20 Lines	if (ThisVal == (Is64Bit ? 8 : 4)) {
if (Reg) {		if (Reg) {
unsigned Opc = isSub		unsigned Opc = isSub
? (Is64Bit ? X86::PUSH64r : X86::PUSH32r)		? (Is64Bit ? X86::PUSH64r : X86::PUSH32r)
: (Is64Bit ? X86::POP64r : X86::POP32r);		: (Is64Bit ? X86::POP64r : X86::POP32r);
MachineInstr *MI = BuildMI(MBB, MBBI, DL, TII.get(Opc))		MachineInstr *MI = BuildMI(MBB, MBBI, DL, TII.get(Opc))
.addReg(Reg, getDefRegState(!isSub) \| getUndefRegState(isSub));		.addReg(Reg, getDefRegState(!isSub) \| getUndefRegState(isSub));
if (isSub)		if (isSub)
MI->setFlag(MachineInstr::FrameSetup);		MI->setFlag(MachineInstr::FrameSetup);
		else
		MI->setFlag(MachineInstr::FrameDestroy);
Offset -= ThisVal;		Offset -= ThisVal;
continue;		continue;
}		}
}		}

MachineInstrBuilder MI = BuildStackAdjustment(		MachineInstrBuilder MI = BuildStackAdjustment(
MBB, MBBI, DL, isSub ? -ThisVal : ThisVal, InEpilogue);		MBB, MBBI, DL, isSub ? -ThisVal : ThisVal, InEpilogue);
if (isSub)		if (isSub)
MI.setMIFlag(MachineInstr::FrameSetup);		MI.setMIFlag(MachineInstr::FrameSetup);
		else
		MI.setMIFlag(MachineInstr::FrameDestroy);

Offset -= ThisVal;		Offset -= ThisVal;
}		}
}		}

MachineInstrBuilder X86FrameLowering::BuildStackAdjustment(		MachineInstrBuilder X86FrameLowering::BuildStackAdjustment(
MachineBasicBlock &MBB, MachineBasicBlock::iterator MBBI, DebugLoc DL,		MachineBasicBlock &MBB, MachineBasicBlock::iterator MBBI, DebugLoc DL,
int64_t Offset, bool InEpilogue) const {		int64_t Offset, bool InEpilogue) const {
▲ Show 20 Lines • Show All 764 Lines • ▼ Show 20 Lines	void X86FrameLowering::emitEpilogue(MachineFunction &MF,
uint64_t NumBytes = 0;		uint64_t NumBytes = 0;

if (isFuncletReturnInstr(MBBI)) {		if (isFuncletReturnInstr(MBBI)) {
NumBytes = MFI->getMaxCallFrameSize();		NumBytes = MFI->getMaxCallFrameSize();
assert(hasFP(MF) && "win64 EH funclets without FP not yet implemented");		assert(hasFP(MF) && "win64 EH funclets without FP not yet implemented");

// Pop EBP.		// Pop EBP.
BuildMI(MBB, MBBI, DL, TII.get(Is64Bit ? X86::POP64r : X86::POP32r),		BuildMI(MBB, MBBI, DL, TII.get(Is64Bit ? X86::POP64r : X86::POP32r),
MachineFramePtr);		MachineFramePtr).setMIFlag(MachineInstr::FrameDestroy);
} else if (hasFP(MF)) {		} else if (hasFP(MF)) {
// Calculate required stack adjustment.		// Calculate required stack adjustment.
uint64_t FrameSize = StackSize - SlotSize;		uint64_t FrameSize = StackSize - SlotSize;
NumBytes = FrameSize - CSSize;		NumBytes = FrameSize - CSSize;

// Callee-saved registers were pushed on stack before the stack was		// Callee-saved registers were pushed on stack before the stack was
// realigned.		// realigned.
if (TRI->needsStackRealignment(MF) && !IsWin64Prologue)		if (TRI->needsStackRealignment(MF) && !IsWin64Prologue)
NumBytes = RoundUpToAlignment(FrameSize, MaxAlign);		NumBytes = RoundUpToAlignment(FrameSize, MaxAlign);

// Pop EBP.		// Pop EBP.
BuildMI(MBB, MBBI, DL,		BuildMI(MBB, MBBI, DL,
TII.get(Is64Bit ? X86::POP64r : X86::POP32r), MachineFramePtr);		TII.get(Is64Bit ? X86::POP64r : X86::POP32r), MachineFramePtr)
		.setMIFlag(MachineInstr::FrameDestroy);
} else {		} else {
NumBytes = StackSize - CSSize;		NumBytes = StackSize - CSSize;
}		}
uint64_t SEHStackAllocAmt = NumBytes;		uint64_t SEHStackAllocAmt = NumBytes;

// Skip the callee-saved pop instructions.		// Skip the callee-saved pop instructions.
while (MBBI != MBB.begin()) {		while (MBBI != MBB.begin()) {
MachineBasicBlock::iterator PI = std::prev(MBBI);		MachineBasicBlock::iterator PI = std::prev(MBBI);
unsigned Opc = PI->getOpcode();		unsigned Opc = PI->getOpcode();

if (Opc != X86::POP32r && Opc != X86::POP64r && Opc != X86::DBG_VALUE &&		if ((Opc != X86::POP32r \|\| !PI->getFlag(MachineInstr::FrameDestroy)) &&
!PI->isTerminator())		(Opc != X86::POP64r \|\| !PI->getFlag(MachineInstr::FrameDestroy)) &&
		Opc != X86::DBG_VALUE && !PI->isTerminator())
break;		break;

--MBBI;		--MBBI;
}		}
MachineBasicBlock::iterator FirstCSPop = MBBI;		MachineBasicBlock::iterator FirstCSPop = MBBI;

if (MBBI != MBB.end())		if (MBBI != MBB.end())
DL = MBBI->getDebugLoc();		DL = MBBI->getDebugLoc();
▲ Show 20 Lines • Show All 346 Lines • ▼ Show 20 Lines	bool X86FrameLowering::restoreCalleeSavedRegisters(MachineBasicBlock &MBB,
// POP GPRs.		// POP GPRs.
unsigned Opc = STI.is64Bit() ? X86::POP64r : X86::POP32r;		unsigned Opc = STI.is64Bit() ? X86::POP64r : X86::POP32r;
for (unsigned i = 0, e = CSI.size(); i != e; ++i) {		for (unsigned i = 0, e = CSI.size(); i != e; ++i) {
unsigned Reg = CSI[i].getReg();		unsigned Reg = CSI[i].getReg();
if (!X86::GR64RegClass.contains(Reg) &&		if (!X86::GR64RegClass.contains(Reg) &&
!X86::GR32RegClass.contains(Reg))		!X86::GR32RegClass.contains(Reg))
continue;		continue;

BuildMI(MBB, MI, DL, TII.get(Opc), Reg);		BuildMI(MBB, MI, DL, TII.get(Opc), Reg)
		.setMIFlag(MachineInstr::FrameDestroy);
}		}
return true;		return true;
}		}

void X86FrameLowering::determineCalleeSaves(MachineFunction &MF,		void X86FrameLowering::determineCalleeSaves(MachineFunction &MF,
BitVector &SavedRegs,		BitVector &SavedRegs,
RegScavenger *RS) const {		RegScavenger *RS) const {
TargetFrameLowering::determineCalleeSaves(MF, SavedRegs, RS);		TargetFrameLowering::determineCalleeSaves(MF, SavedRegs, RS);
▲ Show 20 Lines • Show All 637 Lines • Show Last 20 Lines