[X86] Fix a shrink-wrapping miscompile around __chkstk

__chkstk clobbers EAX. If EAX is live across the prologue, then we have to take extra steps to save it. We already had code to do this if EAX was a register parameter. This change adapts it to work when shrink wrapping is used. git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@261039 91177308-0d34-0410-b5e6-96231b3b80d8
2025-02-11 23:38:05 +00:00 · 2016-02-17 00:17:33 +00:00 · 2016-02-17 00:17:33 +00:00 · f8cab7eaae
commit f8cab7eaae
parent 20fb2a1a13
2 changed files with 41 additions and 7 deletions
--- a/lib/Target/X86/X86FrameLowering.cpp
+++ b/lib/Target/X86/X86FrameLowering.cpp
@ -192,10 +192,9 @@ static unsigned findDeadCallerSavedReg(MachineBasicBlock &MBB,
  return 0;
 }

-static bool isEAXLiveIn(MachineFunction &MF) {
-  for (MachineRegisterInfo::livein_iterator II = MF.getRegInfo().livein_begin(),
-       EE = MF.getRegInfo().livein_end(); II != EE; ++II) {
-    unsigned Reg = II->first;
+static bool isEAXLiveIn(MachineBasicBlock &MBB) {
+  for (MachineBasicBlock::RegisterMaskPair RegMask : MBB.liveins()) {
+    unsigned Reg = RegMask.PhysReg;

    if (Reg == X86::RAX || Reg == X86::EAX || Reg == X86::AX ||
        Reg == X86::AH || Reg == X86::AL)
@ -261,7 +260,7 @@ void X86FrameLowering::emitSPUpdate(MachineBasicBlock &MBB,
      // load the offset into a register and do one sub/add
      unsigned Reg = 0;

-      if (isSub && !isEAXLiveIn(*MBB.getParent()))
+      if (isSub && !isEAXLiveIn(MBB))
        Reg = (unsigned)(Is64Bit ? X86::RAX : X86::EAX);
      else
        Reg = findDeadCallerSavedReg(MBB, MBBI, TRI, Is64Bit);
@ -1138,8 +1137,8 @@ void X86FrameLowering::emitPrologue(MachineFunction &MF,
  if (IsWin64Prologue && !IsFunclet && TRI->needsStackRealignment(MF))
    AlignedNumBytes = alignTo(AlignedNumBytes, MaxAlign);
  if (AlignedNumBytes >= StackProbeSize && UseStackProbe) {
-    // Check whether EAX is livein for this function.
-    bool isEAXAlive = isEAXLiveIn(MF);
+    // Check whether EAX is livein for this block.
+    bool isEAXAlive = isEAXLiveIn(MBB);

    if (isEAXAlive) {
      // Sanity check that EAX is not livein for this function.
--- a/test/CodeGen/X86/shrink-wrap-chkstk.ll
+++ b/test/CodeGen/X86/shrink-wrap-chkstk.ll
@ -1,6 +1,8 @@
 ; RUN: llc < %s -enable-shrink-wrap=true | FileCheck %s

 ; chkstk cannot come before the usual prologue, since it adjusts ESP.
+; If chkstk is used in the prologue, we also have to be careful about preserving
+; EAX if it is used.

 target datalayout = "e-m:x-p:32:32-i64:64-f80:32-n8:16:32-a:0:32-S32"
 target triple = "i686-pc-windows-msvc18.0.0"
@ -35,3 +37,36 @@ bb2:
 ; CHECK: retl

 declare void @inalloca_params(<{ %struct.S }>* inalloca)
+
+declare i32 @doSomething(i32, i32*)
+
+; In this test case, we force usage of EAX before the prologue, and have to
+; compensate before calling __chkstk. It would also be valid for us to avoid
+; shrink wrapping in this case.
+
+define x86_fastcallcc i32 @use_eax_before_prologue(i32 inreg %a, i32 inreg %b) {
+  %tmp = alloca i32, i32 1024, align 4
+  %tmp2 = icmp slt i32 %a, %b
+  br i1 %tmp2, label %true, label %false
+
+true:
+  store i32 %a, i32* %tmp, align 4
+  %tmp4 = call i32 @doSomething(i32 0, i32* %tmp)
+  br label %false
+
+false:
+  %tmp.0 = phi i32 [ %tmp4, %true ], [ %a, %0 ]
+  ret i32 %tmp.0
+}
+
+; CHECK-LABEL: @use_eax_before_prologue@8: # @use_eax_before_prologue
+; CHECK: movl %ecx, %eax
+; CHECK: cmpl %edx, %eax
+; CHECK: jge LBB1_2
+; CHECK: pushl %eax
+; CHECK: movl $4100, %eax
+; CHECK: calll __chkstk
+; CHECK: movl 4100(%esp), %eax
+; CHECK: calll _doSomething
+; CHECK: LBB1_2:
+; CHECK: retl