RPCS3/llvm-mirror
1
0
Fork 0
mirror of https://github.com/RPCS3/llvm-mirror.git synced 2025-01-27 15:02:16 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Fix a serious X86 instruction selection bug. In

Browse Source 
X86DAGToDAGISel::PreprocessISelDAG(), isel is moving load inside
callseq_start / callseq_end so it can be folded into a call. This can
create a cycle in the DAG when the call is glued to a copytoreg. We
have been lucky this hasn't caused too many issues because the pre-ra
scheduler has special handling of call sequences. However, it has
caused a crash in a specific tailcall case.

rdar://12393897

llvm-svn: 165072
This commit is contained in:
Evan Cheng 2012-10-02 23:49:13 +00:00
parent 84a8807daa
commit 19255e0c70
2 changed files with 30 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

15
lib/Target/X86/X86ISelDAGToDAG.cpp
View File

@ -386,11 +386,22 @@ static void MoveBelowOrigChain(SelectionDAG *CurDAG, SDValue Load,
CurDAG->UpdateNodeOperands(OrigChain.getNode(), &Ops[0], Ops.size());
CurDAG->UpdateNodeOperands(Load.getNode(), Call.getOperand(0),
Load.getOperand(1), Load.getOperand(2));
bool IsGlued = Call.getOperand(0).getNode()->getGluedUser() == Call.getNode();
unsigned NumOps = Call.getNode()->getNumOperands();
Ops.clear();
Ops.push_back(SDValue(Load.getNode(), 1));
for (unsigned i = 1, e = Call.getNode()->getNumOperands(); i != e; ++i)
for (unsigned i = 1, e = NumOps; i != e; ++i)
Ops.push_back(Call.getOperand(i));
CurDAG->UpdateNodeOperands(Call.getNode(), &Ops[0], Ops.size());
if (!IsGlued)
CurDAG->UpdateNodeOperands(Call.getNode(), &Ops[0], NumOps);
else
// If call's chain was glued to the call (tailcall), and now the load
// is moved between them. Remove the glue to avoid a cycle (where the
// call is glued to its old chain and the load is using the old chain
// as its new chain).
CurDAG->MorphNodeTo(Call.getNode(), Call.getOpcode(),
Call.getNode()->getVTList(), &Ops[0], NumOps-1);
}
/// isCalleeLoad - Return true if call address is a load and it can be

16
test/CodeGen/X86/2012-10-02-DAGCycle.ll Normal file
View File

@ -0,0 +1,16 @@
; RUN: llc -mtriple=i386-apple-macosx -relocation-model=pic < %s
; rdar://12393897
%TRp = type { i32, %TRH*, i32, i32 }
%TRH = type { i8*, i8*, i8*, i8*, {}* }
define i32 @t(%TRp* inreg %rp) nounwind optsize ssp {
entry:
%handler = getelementptr inbounds %TRp* %rp, i32 0, i32 1
%0 = load %TRH** %handler, align 4
%sync = getelementptr inbounds %TRH* %0, i32 0, i32 4
%sync12 = load {}** %sync, align 4
%1 = bitcast {}* %sync12 to i32 (%TRp*)*
%call = tail call i32 %1(%TRp* inreg %rp) nounwind optsize
ret i32 %call
}