This is an archive of the discontinued LLVM Phabricator instance.

Differential D109203

[X86] Don't clobber EBX in stackprobes
ClosedPublic

Authored by staticfloat on Sep 2 2021, 3:58 PM.

Details

Reviewers
craig.topper
vtjnash
pengfei
Commits
rGae8507b0df73: [X86] Don't clobber EBX in stackprobes
Summary

On X86, the stackprobe emission code chooses the R11D register, which
is illegal on i686. This ends up wrapping around to EBX, which does
not get properly callee-saved within the stack probing prologue,
clobbering the register for the callers.

We fix this by explicitly using EAX as the stack probe register.

Diff Detail

Event Timeline

staticfloat created this revision.Sep 2 2021, 3:58 PM
Herald added subscribers: pengfei, hiraditya. · View Herald TranscriptSep 2 2021, 3:58 PM
staticfloat requested review of this revision.Sep 2 2021, 3:58 PM
Herald added a project: Restricted Project. · View Herald TranscriptSep 2 2021, 3:58 PM
Herald added a subscriber: llvm-commits. · View Herald Transcript
staticfloat added reviewers: craig.topper, vtjnash.Sep 2 2021, 3:59 PM
Harbormaster completed remote builds in B122419: Diff 370438.Sep 2 2021, 5:18 PM
vtjnash added a comment.Sep 2 2021, 7:58 PM

Need a test fix, but lgtm

pengfei added inline comments.Sep 2 2021, 8:45 PM
llvm/lib/Target/X86/X86FrameLowering.cpp
674–676

How about x32, a model that using 32 bit pointer on 64bit target? Can we use

Register FinalStackProbed = Uses64BitFramePtr ? X86::R11 : Is64Bit ? X86::R11D : X86::EAX;
1097–1099

ditto.

vchuravy added a subscriber: Restricted Project.Sep 2 2021, 10:52 PM
staticfloat updated this revision to Diff 370622.Sep 3 2021, 10:26 AM

Fix test, address review comments

staticfloat marked 2 inline comments as done.Sep 3 2021, 10:27 AM
staticfloat added inline comments.
llvm/lib/Target/X86/X86FrameLowering.cpp
674–676

Ah, good thinking. Better to use these registers when we can. Updated.

staticfloat marked an inline comment as done.Sep 3 2021, 10:27 AM
Harbormaster completed remote builds in B122550: Diff 370622.Sep 3 2021, 11:28 AM
pengfei added inline comments.Sep 3 2021, 7:01 PM
llvm/test/CodeGen/X86/stack-clash-large.ll
1–3

We'd better add a RUN for the X64-32 case. How about

; RUN: llc -mtriple=x86_64-linux-android < %s | FileCheck -check-prefix=CHECK-X64 %s 
; RUN: llc -mtriple=i686-linux-android < %s | FileCheck -check-prefix=CHECK-X86 %s 
; RUN: llc -mtriple=x86_64-linux-gnux32 < %s | FileCheck -check-prefix=CHECK-X32 %s

We prefer to use prefix "X32" for the X64-32 case only and use X86 for the common 32 bit case.

pengfei added inline comments.Sep 3 2021, 7:02 PM
llvm/lib/Target/X86/X86FrameLowering.cpp
675

Change to the format Lint suggested?

hafixo added a commit: rCRT373035: hwasan: Compatibility fixes for short granules..Sep 6 2021, 12:44 AM
hafixo added a commit: rGc336557f0238: hwasan: Compatibility fixes for short granules..Sep 6 2021, 12:47 AM
staticfloat updated this revision to Diff 370973.Sep 6 2021, 5:03 PM
staticfloat marked an inline comment as done.

Add new testing configuration for x32 hardware, apply lint format.

staticfloat marked an inline comment as done.Sep 6 2021, 5:06 PM

Tests expanded, and lint output applied.

llvm/lib/Target/X86/X86FrameLowering.cpp
675

Funnily enough, the arc diff HEAD~ command told me to lint it the old way. Manually re-formatting (as I just did in my latest change) causes the local arc lint step to complain, but I overrode it.

Harbormaster completed remote builds in B122809: Diff 370973.Sep 6 2021, 5:54 PM
pengfei accepted this revision.Sep 6 2021, 6:28 PM

LGTM. Thanks!

This revision is now accepted and ready to land.Sep 6 2021, 6:28 PM
thopre removed a commit: rGc336557f0238: hwasan: Compatibility fixes for short granules..Sep 7 2021, 2:47 AM
thopre removed a commit: rCRT373035: hwasan: Compatibility fixes for short granules..Sep 7 2021, 2:51 AM
vtjnash updated this revision to Diff 371071.Sep 7 2021, 7:41 AM

rebase on main

Harbormaster completed remote builds in B122870: Diff 371071.Sep 7 2021, 8:10 AM
Closed by commit rGae8507b0df73: [X86] Don't clobber EBX in stackprobes (authored by staticfloat, committed by vtjnash). · Explain WhySep 7 2021, 12:01 PM
This revision was automatically updated to reflect the committed changes.
vtjnash added a commit: rGae8507b0df73: [X86] Don't clobber EBX in stackprobes.

Revision Contents

PathSize
llvm/
lib/
Target/
X86/
8 lines
test/
CodeGen/
X86/
97 lines

Diff 371143

llvm/lib/Target/X86/X86FrameLowering.cpp

Show First 20 LinesShow All 665 Lines▼ Show 20 Linesvoid X86FrameLowering::emitStackProbeInlineGenericLoop(
MachineBasicBlock *testMBB = MF.CreateMachineBasicBlock(LLVM_BB); MachineBasicBlock *testMBB = MF.CreateMachineBasicBlock(LLVM_BB);
MachineBasicBlock *tailMBB = MF.CreateMachineBasicBlock(LLVM_BB); MachineBasicBlock *tailMBB = MF.CreateMachineBasicBlock(LLVM_BB);
MachineFunction::iterator MBBIter = ++MBB.getIterator(); MachineFunction::iterator MBBIter = ++MBB.getIterator();
MF.insert(MBBIter, testMBB); MF.insert(MBBIter, testMBB);
MF.insert(MBBIter, tailMBB); MF.insert(MBBIter, tailMBB);
Register FinalStackProbed = Uses64BitFramePtr ? X86::R11 : X86::R11D; Register FinalStackProbed = Uses64BitFramePtr ? X86::R11
: Is64Bit ? X86::R11D
pengfeiUnsubmitted
Done
ReplyInline Actions

Change to the format Lint suggested?

pengfei: Change to the format Lint suggested?
staticfloatAuthorUnsubmitted
Done
ReplyInline Actions

Funnily enough, the arc diff HEAD~ command told me to lint it the old way. Manually re-formatting (as I just did in my latest change) causes the local arc lint step to complain, but I overrode it.

staticfloat: Funnily enough, the `arc diff HEAD~` command told me to lint it the old way. Manually re…
: X86::EAX;
pengfeiUnsubmitted
Done
ReplyInline Actions

How about x32, a model that using 32 bit pointer on 64bit target? Can we use

Register FinalStackProbed = Uses64BitFramePtr ? X86::R11 : Is64Bit ? X86::R11D : X86::EAX;
pengfei: How about x32, a model that using 32 bit pointer on 64bit target? Can we use ``` Register…
staticfloatAuthorUnsubmitted
Done
ReplyInline Actions

Ah, good thinking. Better to use these registers when we can. Updated.

staticfloat: Ah, good thinking. Better to use these registers when we can. Updated.
BuildMI(MBB, MBBI, DL, TII.get(TargetOpcode::COPY), FinalStackProbed) BuildMI(MBB, MBBI, DL, TII.get(TargetOpcode::COPY), FinalStackProbed)
.addReg(StackPtr) .addReg(StackPtr)
.setMIFlag(MachineInstr::FrameSetup); .setMIFlag(MachineInstr::FrameSetup);
// save loop bound // save loop bound
{ {
const unsigned SUBOpc = getSUBriOpcode(Uses64BitFramePtr, Offset); const unsigned SUBOpc = getSUBriOpcode(Uses64BitFramePtr, Offset);
BuildMI(MBB, MBBI, DL, TII.get(SUBOpc), FinalStackProbed) BuildMI(MBB, MBBI, DL, TII.get(SUBOpc), FinalStackProbed)
▲ Show 20 LinesShow All 404 Lines▼ Show 20 Lines if (Reg == StackPtr && EmitInlineStackProbe && MaxAlign >= StackProbeSize) {
MF.CreateMachineBasicBlock(MBB.getBasicBlock()); MF.CreateMachineBasicBlock(MBB.getBasicBlock());
MachineFunction::iterator MBBIter = MBB.getIterator(); MachineFunction::iterator MBBIter = MBB.getIterator();
MF.insert(MBBIter, entryMBB); MF.insert(MBBIter, entryMBB);
MF.insert(MBBIter, headMBB); MF.insert(MBBIter, headMBB);
MF.insert(MBBIter, bodyMBB); MF.insert(MBBIter, bodyMBB);
MF.insert(MBBIter, footMBB); MF.insert(MBBIter, footMBB);
const unsigned MovMIOpc = Is64Bit ? X86::MOV64mi32 : X86::MOV32mi; const unsigned MovMIOpc = Is64Bit ? X86::MOV64mi32 : X86::MOV32mi;
Register FinalStackProbed = Uses64BitFramePtr ? X86::R11 : X86::R11D; Register FinalStackProbed = Uses64BitFramePtr ? X86::R11
: Is64Bit ? X86::R11D
: X86::EAX;
pengfeiUnsubmitted
Done
ReplyInline Actions

ditto.

pengfei: ditto.
// Setup entry block // Setup entry block
{ {
entryMBB->splice(entryMBB->end(), &MBB, MBB.begin(), MBBI); entryMBB->splice(entryMBB->end(), &MBB, MBB.begin(), MBBI);
BuildMI(entryMBB, DL, TII.get(TargetOpcode::COPY), FinalStackProbed) BuildMI(entryMBB, DL, TII.get(TargetOpcode::COPY), FinalStackProbed)
.addReg(StackPtr) .addReg(StackPtr)
.setMIFlag(MachineInstr::FrameSetup); .setMIFlag(MachineInstr::FrameSetup);
▲ Show 20 LinesShow All 2,603 LinesShow Last 20 Lines

llvm/test/CodeGen/X86/stack-clash-large.ll

; NOTE: Assertions have been autogenerated by utils/update_llc_test_checks.py UTC_ARGS: --no_x86_scrub_sp ; RUN: llc -mtriple=x86_64-linux-android < %s | FileCheck -check-prefix=CHECK-X64 %s
; RUN: llc -mtriple=x86_64-linux-android < %s | FileCheck -check-prefix=CHECK-X86-64 %s ; RUN: llc -mtriple=i686-linux-android < %s | FileCheck -check-prefix=CHECK-X86 %s
; RUN: llc -mtriple=i686-linux-android < %s | FileCheck -check-prefix=CHECK-X86-32 %s ; RUN: llc -mtriple=x86_64-linux-gnux32 < %s | FileCheck -check-prefix=CHECK-X32 %s
pengfeiUnsubmitted
Done
ReplyInline Actions

We'd better add a RUN for the X64-32 case. How about

; RUN: llc -mtriple=x86_64-linux-android < %s | FileCheck -check-prefix=CHECK-X64 %s 
; RUN: llc -mtriple=i686-linux-android < %s | FileCheck -check-prefix=CHECK-X86 %s 
; RUN: llc -mtriple=x86_64-linux-gnux32 < %s | FileCheck -check-prefix=CHECK-X32 %s

We prefer to use prefix "X32" for the X64-32 case only and use X86 for the common 32 bit case.

pengfei: We'd better add a RUN for the X64-32 case. How about ``` ; RUN: llc -mtriple=x86_64-linux…
define i32 @foo() local_unnamed_addr #0 { define i32 @foo() local_unnamed_addr #0 {
; CHECK-X86-64-LABEL: foo: ; CHECK-X64-LABEL: foo:
; CHECK-X86-64: # %bb.0: ; CHECK-X64: # %bb.0:
; CHECK-X86-64-NEXT: movq %rsp, %r11 ; CHECK-X64-NEXT: movq %rsp, %r11
; CHECK-X86-64-NEXT: subq $69632, %r11 # imm = 0x11000 ; CHECK-X64-NEXT: subq $69632, %r11 # imm = 0x11000
; CHECK-X86-64-NEXT: .LBB0_1: # =>This Inner Loop Header: Depth=1 ; CHECK-X64-NEXT: .LBB0_1: # =>This Inner Loop Header: Depth=1
; CHECK-X86-64-NEXT: subq $4096, %rsp # imm = 0x1000 ; CHECK-X64-NEXT: subq $4096, %rsp # imm = 0x1000
; CHECK-X86-64-NEXT: movq $0, (%rsp) ; CHECK-X64-NEXT: movq $0, (%rsp)
; CHECK-X86-64-NEXT: cmpq %r11, %rsp ; CHECK-X64-NEXT: cmpq %r11, %rsp
; CHECK-X86-64-NEXT: jne .LBB0_1 ; CHECK-X64-NEXT: jne .LBB0_1
; CHECK-X86-64-NEXT: # %bb.2: ; CHECK-X64-NEXT: # %bb.2:
; CHECK-X86-64-NEXT: subq $2248, %rsp # imm = 0x8C8 ; CHECK-X64-NEXT: subq $2248, %rsp # imm = 0x8C8
; CHECK-X86-64-NEXT: .cfi_def_cfa_offset 71888 ; CHECK-X64-NEXT: .cfi_def_cfa_offset 71888
; CHECK-X86-64-NEXT: movl $1, 264(%rsp) ; CHECK-X64-NEXT: movl $1, 264(%rsp)
; CHECK-X86-64-NEXT: movl $1, 28664(%rsp) ; CHECK-X64-NEXT: movl $1, 28664(%rsp)
; CHECK-X86-64-NEXT: movl -128(%rsp), %eax ; CHECK-X64-NEXT: movl -128(%rsp), %eax
; CHECK-X86-64-NEXT: addq $71880, %rsp # imm = 0x118C8 ; CHECK-X64-NEXT: addq $71880, %rsp # imm = 0x118C8
; CHECK-X86-64-NEXT: .cfi_def_cfa_offset 8 ; CHECK-X64-NEXT: .cfi_def_cfa_offset 8
; CHECK-X86-64-NEXT: retq ; CHECK-X64-NEXT: retq
; ;
; CHECK-X86-32-LABEL: foo: ; CHECK-X86-LABEL: foo:
; CHECK-X86-32: # %bb.0: ; CHECK-X86: # %bb.0:
; CHECK-X86-32-NEXT: movl %esp, %r11d ; CHECK-X86-NEXT: movl %esp, %eax
; CHECK-X86-32-NEXT: subl $69632, %r11d # imm = 0x11000 ; CHECK-X86-NEXT: subl $69632, %eax # imm = 0x11000
; CHECK-X86-32-NEXT: .LBB0_1: # =>This Inner Loop Header: Depth=1 ; CHECK-X86-NEXT: .LBB0_1: # =>This Inner Loop Header: Depth=1
; CHECK-X86-32-NEXT: subl $4096, %esp # imm = 0x1000 ; CHECK-X86-NEXT: subl $4096, %esp # imm = 0x1000
; CHECK-X86-32-NEXT: movl $0, (%esp) ; CHECK-X86-NEXT: movl $0, (%esp)
; CHECK-X86-32-NEXT: cmpl %r11d, %esp ; CHECK-X86-NEXT: cmpl %eax, %esp
; CHECK-X86-32-NEXT: jne .LBB0_1 ; CHECK-X86-NEXT: jne .LBB0_1
; CHECK-X86-32-NEXT: # %bb.2: ; CHECK-X86-NEXT: # %bb.2:
; CHECK-X86-32-NEXT: subl $2380, %esp # imm = 0x94C ; CHECK-X86-NEXT: subl $2380, %esp # imm = 0x94C
; CHECK-X86-32-NEXT: .cfi_def_cfa_offset 72016 ; CHECK-X86-NEXT: .cfi_def_cfa_offset 72016
; CHECK-X86-32-NEXT: movl $1, 392(%esp) ; CHECK-X86-NEXT: movl $1, 392(%esp)
; CHECK-X86-32-NEXT: movl $1, 28792(%esp) ; CHECK-X86-NEXT: movl $1, 28792(%esp)
; CHECK-X86-32-NEXT: movl (%esp), %eax ; CHECK-X86-NEXT: movl (%esp), %eax
; CHECK-X86-32-NEXT: addl $72012, %esp # imm = 0x1194C ; CHECK-X86-NEXT: addl $72012, %esp # imm = 0x1194C
; CHECK-X86-32-NEXT: .cfi_def_cfa_offset 4 ; CHECK-X86-NEXT: .cfi_def_cfa_offset 4
; CHECK-X86-32-NEXT: retl ; CHECK-X86-NEXT: retl
;
; CHECK-X32-LABEL: foo:
; CHECK-X32: # %bb.0:
; CHECK-X32-NEXT: movl %esp, %r11d
; CHECK-X32-NEXT: subl $69632, %r11d # imm = 0x11000
; CHECK-X32-NEXT: .LBB0_1: # =>This Inner Loop Header: Depth=1
; CHECK-X32-NEXT: subl $4096, %esp # imm = 0x1000
; CHECK-X32-NEXT: movq $0, (%esp)
; CHECK-X32-NEXT: cmpl %r11d, %esp
; CHECK-X32-NEXT: jne .LBB0_1
; CHECK-X32-NEXT: # %bb.2:
; CHECK-X32-NEXT: subl $2248, %esp # imm = 0x8C8
; CHECK-X32-NEXT: .cfi_def_cfa_offset 71888
; CHECK-X32-NEXT: movl $1, 264(%esp)
; CHECK-X32-NEXT: movl $1, 28664(%esp)
; CHECK-X32-NEXT: movl -128(%esp), %eax
; CHECK-X32-NEXT: addl $71880, %esp # imm = 0x118C8
; CHECK-X32-NEXT: .cfi_def_cfa_offset 8
; CHECK-X32-NEXT: retq
%a = alloca i32, i64 18000, align 16 %a = alloca i32, i64 18000, align 16
%b0 = getelementptr inbounds i32, i32* %a, i64 98 %b0 = getelementptr inbounds i32, i32* %a, i64 98
%b1 = getelementptr inbounds i32, i32* %a, i64 7198 %b1 = getelementptr inbounds i32, i32* %a, i64 7198
store volatile i32 1, i32* %b0 store volatile i32 1, i32* %b0
store volatile i32 1, i32* %b1 store volatile i32 1, i32* %b1
%c = load volatile i32, i32* %a %c = load volatile i32, i32* %a
ret i32 %c ret i32 %c
} }
attributes #0 = {"probe-stack"="inline-asm"} attributes #0 = {"probe-stack"="inline-asm"}