From 4849f968cb8a92a28dfebeaff582ea9b59fd9174 Mon Sep 17 00:00:00 2001 From: Reid Kleckner Date: Thu, 30 Jan 2020 15:15:57 -0800 Subject: [PATCH] [SEH] Remove CATCHPAD SDNode and X86::EH_RESTORE MachineInstr The CATCHPAD node mostly existed to be selected into the EH_RESTORE instruction, which sets the frame back up when 32-bit Windows exceptions return to the parent function. However, creating this MachineInstr early increases the risk that other passes will come along and insert instructions that use the stack before ESP and EBP are restored. That happened in PR44697. Instead of representing these in the instruction stream early, delay it until PEI. Mark the blocks where this needs to happen as EHPads, but not funclet entry blocks. Passes after PEI have to be careful not to hoist instructions that can use stack across frame setup instructions, so this should be relatively reliable. Fixes PR44697 Reviewed By: hans Differential Revision: https://reviews.llvm.org/D73752 --- include/llvm/CodeGen/ISDOpcodes.h | 3 - include/llvm/Target/TargetSelectionDAG.td | 2 - .../SelectionDAG/SelectionDAGBuilder.cpp | 5 -- lib/Target/AArch64/AArch64ISelLowering.cpp | 8 --- lib/Target/AArch64/AArch64ISelLowering.h | 3 - lib/Target/AArch64/AArch64InstrInfo.td | 4 -- lib/Target/X86/X86ExpandPseudo.cpp | 8 --- lib/Target/X86/X86FrameLowering.cpp | 21 ++++++ lib/Target/X86/X86FrameLowering.h | 6 ++ lib/Target/X86/X86ISelLowering.cpp | 25 ++----- lib/Target/X86/X86ISelLowering.h | 3 - lib/Target/X86/X86InstrCompiler.td | 12 ---- test/CodeGen/X86/seh-except-restore.ll | 69 +++++++++++++++++++ 13 files changed, 101 insertions(+), 68 deletions(-) create mode 100644 test/CodeGen/X86/seh-except-restore.ll diff --git a/include/llvm/CodeGen/ISDOpcodes.h b/include/llvm/CodeGen/ISDOpcodes.h index 2e447cf9615..b5a434bc381 100644 --- a/include/llvm/CodeGen/ISDOpcodes.h +++ b/include/llvm/CodeGen/ISDOpcodes.h @@ -738,9 +738,6 @@ namespace ISD { /// past it. ANNOTATION_LABEL, - /// CATCHPAD - Represents a catchpad instruction. - CATCHPAD, - /// CATCHRET - Represents a return from a catch block funclet. Used for /// MSVC compatible exception handling. Takes a chain operand and a /// destination basic block operand. diff --git a/include/llvm/Target/TargetSelectionDAG.td b/include/llvm/Target/TargetSelectionDAG.td index 1f3ea152f23..7d8b97069de 100644 --- a/include/llvm/Target/TargetSelectionDAG.td +++ b/include/llvm/Target/TargetSelectionDAG.td @@ -564,8 +564,6 @@ def br : SDNode<"ISD::BR" , SDTBr, [SDNPHasChain]>; def catchret : SDNode<"ISD::CATCHRET" , SDTCatchret, [SDNPHasChain, SDNPSideEffect]>; def cleanupret : SDNode<"ISD::CLEANUPRET" , SDTNone, [SDNPHasChain]>; -def catchpad : SDNode<"ISD::CATCHPAD" , SDTNone, - [SDNPHasChain, SDNPSideEffect]>; def trap : SDNode<"ISD::TRAP" , SDTNone, [SDNPHasChain, SDNPSideEffect]>; diff --git a/lib/CodeGen/SelectionDAG/SelectionDAGBuilder.cpp b/lib/CodeGen/SelectionDAG/SelectionDAGBuilder.cpp index 84c8a8fa4f9..fc88e5f4c2a 100644 --- a/lib/CodeGen/SelectionDAG/SelectionDAGBuilder.cpp +++ b/lib/CodeGen/SelectionDAG/SelectionDAGBuilder.cpp @@ -1615,17 +1615,12 @@ void SelectionDAGBuilder::visitCatchPad(const CatchPadInst &I) { bool IsMSVCCXX = Pers == EHPersonality::MSVC_CXX; bool IsCoreCLR = Pers == EHPersonality::CoreCLR; bool IsSEH = isAsynchronousEHPersonality(Pers); - bool IsWasmCXX = Pers == EHPersonality::Wasm_CXX; MachineBasicBlock *CatchPadMBB = FuncInfo.MBB; if (!IsSEH) CatchPadMBB->setIsEHScopeEntry(); // In MSVC C++ and CoreCLR, catchblocks are funclets and need prologues. if (IsMSVCCXX || IsCoreCLR) CatchPadMBB->setIsEHFuncletEntry(); - // Wasm does not need catchpads anymore - if (!IsWasmCXX) - DAG.setRoot(DAG.getNode(ISD::CATCHPAD, getCurSDLoc(), MVT::Other, - getControlRoot())); } void SelectionDAGBuilder::visitCatchRet(const CatchReturnInst &I) { diff --git a/lib/Target/AArch64/AArch64ISelLowering.cpp b/lib/Target/AArch64/AArch64ISelLowering.cpp index 37ff61cf27a..004314ae853 100644 --- a/lib/Target/AArch64/AArch64ISelLowering.cpp +++ b/lib/Target/AArch64/AArch64ISelLowering.cpp @@ -1497,12 +1497,6 @@ MachineBasicBlock *AArch64TargetLowering::EmitLoweredCatchRet( return BB; } -MachineBasicBlock *AArch64TargetLowering::EmitLoweredCatchPad( - MachineInstr &MI, MachineBasicBlock *BB) const { - MI.eraseFromParent(); - return BB; -} - MachineBasicBlock *AArch64TargetLowering::EmitInstrWithCustomInserter( MachineInstr &MI, MachineBasicBlock *BB) const { switch (MI.getOpcode()) { @@ -1521,8 +1515,6 @@ MachineBasicBlock *AArch64TargetLowering::EmitInstrWithCustomInserter( case AArch64::CATCHRET: return EmitLoweredCatchRet(MI, BB); - case AArch64::CATCHPAD: - return EmitLoweredCatchPad(MI, BB); } } diff --git a/lib/Target/AArch64/AArch64ISelLowering.h b/lib/Target/AArch64/AArch64ISelLowering.h index 5b95971e61c..363302c359f 100644 --- a/lib/Target/AArch64/AArch64ISelLowering.h +++ b/lib/Target/AArch64/AArch64ISelLowering.h @@ -386,9 +386,6 @@ public: MachineBasicBlock *EmitLoweredCatchRet(MachineInstr &MI, MachineBasicBlock *BB) const; - MachineBasicBlock *EmitLoweredCatchPad(MachineInstr &MI, - MachineBasicBlock *BB) const; - MachineBasicBlock * EmitInstrWithCustomInserter(MachineInstr &MI, MachineBasicBlock *MBB) const override; diff --git a/lib/Target/AArch64/AArch64InstrInfo.td b/lib/Target/AArch64/AArch64InstrInfo.td index 1938c6fbb91..67c7039e467 100644 --- a/lib/Target/AArch64/AArch64InstrInfo.td +++ b/lib/Target/AArch64/AArch64InstrInfo.td @@ -3628,10 +3628,6 @@ let isTerminator = 1, hasSideEffects = 1, isBarrier = 1, hasCtrlDep = 1, Sched<[]>; } -let hasSideEffects = 1, hasCtrlDep = 1, isCodeGenOnly = 1, - usesCustomInserter = 1 in -def CATCHPAD : Pseudo<(outs), (ins), [(catchpad)]>, Sched<[]>; - //===----------------------------------------------------------------------===// // Floating point immediate move. //===----------------------------------------------------------------------===// diff --git a/lib/Target/X86/X86ExpandPseudo.cpp b/lib/Target/X86/X86ExpandPseudo.cpp index d35d65914b3..3e50de49d88 100644 --- a/lib/Target/X86/X86ExpandPseudo.cpp +++ b/lib/Target/X86/X86ExpandPseudo.cpp @@ -331,14 +331,6 @@ bool X86ExpandPseudo::ExpandMI(MachineBasicBlock &MBB, MBB.erase(MBBI); return true; } - case X86::EH_RESTORE: { - // Restore ESP and EBP, and optionally ESI if required. - bool IsSEH = isAsynchronousEHPersonality(classifyEHPersonality( - MBB.getParent()->getFunction().getPersonalityFn())); - X86FL->restoreWin32EHStackPointers(MBB, MBBI, DL, /*RestoreSP=*/IsSEH); - MBBI->eraseFromParent(); - return true; - } case X86::LCMPXCHG8B_SAVE_EBX: case X86::LCMPXCHG16B_SAVE_RBX: { // Perform the following transformation. diff --git a/lib/Target/X86/X86FrameLowering.cpp b/lib/Target/X86/X86FrameLowering.cpp index 799c1f5d128..d89a1d59399 100644 --- a/lib/Target/X86/X86FrameLowering.cpp +++ b/lib/Target/X86/X86FrameLowering.cpp @@ -3219,3 +3219,24 @@ void X86FrameLowering::processFunctionBeforeFrameFinalized( UnwindHelpFI) .addImm(-2); } + +void X86FrameLowering::processFunctionBeforeFrameIndicesReplaced( + MachineFunction &MF, RegScavenger *RS) const { + if (STI.is32Bit() && MF.hasEHFunclets()) + restoreWinEHStackPointersInParent(MF); +} + +void X86FrameLowering::restoreWinEHStackPointersInParent( + MachineFunction &MF) const { + // 32-bit functions have to restore stack pointers when control is transferred + // back to the parent function. These blocks are identified as eh pads that + // are not funclet entries. + bool IsSEH = isAsynchronousEHPersonality( + classifyEHPersonality(MF.getFunction().getPersonalityFn())); + for (MachineBasicBlock &MBB : MF) { + bool NeedsRestore = MBB.isEHPad() && !MBB.isEHFuncletEntry(); + if (NeedsRestore) + restoreWin32EHStackPointers(MBB, MBB.begin(), DebugLoc(), + /*RestoreSP=*/IsSEH); + } +} diff --git a/lib/Target/X86/X86FrameLowering.h b/lib/Target/X86/X86FrameLowering.h index 2103d6471ea..24f4a0346d7 100644 --- a/lib/Target/X86/X86FrameLowering.h +++ b/lib/Target/X86/X86FrameLowering.h @@ -116,6 +116,10 @@ public: void processFunctionBeforeFrameFinalized(MachineFunction &MF, RegScavenger *RS) const override; + void + processFunctionBeforeFrameIndicesReplaced(MachineFunction &MF, + RegScavenger *RS) const override; + /// Check the instruction before/after the passed instruction. If /// it is an ADD/SUB/LEA instruction it is deleted argument and the /// stack adjustment is returned as a positive value for ADD/LEA and @@ -169,6 +173,8 @@ public: MachineBasicBlock::iterator MBBI, const DebugLoc &DL, bool RestoreSP = false) const; + void restoreWinEHStackPointersInParent(MachineFunction &MF) const; + int getInitialCFAOffset(const MachineFunction &MF) const override; unsigned getInitialCFARegister(const MachineFunction &MF) const override; diff --git a/lib/Target/X86/X86ISelLowering.cpp b/lib/Target/X86/X86ISelLowering.cpp index 58d797c9555..81b4b483313 100644 --- a/lib/Target/X86/X86ISelLowering.cpp +++ b/lib/Target/X86/X86ISelLowering.cpp @@ -31273,25 +31273,12 @@ X86TargetLowering::EmitLoweredCatchRet(MachineInstr &MI, BB->addSuccessor(RestoreMBB); MI.getOperand(0).setMBB(RestoreMBB); - auto RestoreMBBI = RestoreMBB->begin(); - BuildMI(*RestoreMBB, RestoreMBBI, DL, TII.get(X86::EH_RESTORE)); - BuildMI(*RestoreMBB, RestoreMBBI, DL, TII.get(X86::JMP_4)).addMBB(TargetMBB); - return BB; -} + // Marking this as an EH pad but not a funclet entry block causes PEI to + // restore stack pointers in the block. + RestoreMBB->setIsEHPad(true); -MachineBasicBlock * -X86TargetLowering::EmitLoweredCatchPad(MachineInstr &MI, - MachineBasicBlock *BB) const { - MachineFunction *MF = BB->getParent(); - const Constant *PerFn = MF->getFunction().getPersonalityFn(); - bool IsSEH = isAsynchronousEHPersonality(classifyEHPersonality(PerFn)); - // Only 32-bit SEH requires special handling for catchpad. - if (IsSEH && Subtarget.is32Bit()) { - const TargetInstrInfo &TII = *Subtarget.getInstrInfo(); - DebugLoc DL = MI.getDebugLoc(); - BuildMI(*BB, MI, DL, TII.get(X86::EH_RESTORE)); - } - MI.eraseFromParent(); + auto RestoreMBBI = RestoreMBB->begin(); + BuildMI(*RestoreMBB, RestoreMBBI, DL, TII.get(X86::JMP_4)).addMBB(TargetMBB); return BB; } @@ -32283,8 +32270,6 @@ X86TargetLowering::EmitInstrWithCustomInserter(MachineInstr &MI, return EmitLoweredRetpoline(MI, BB); case X86::CATCHRET: return EmitLoweredCatchRet(MI, BB); - case X86::CATCHPAD: - return EmitLoweredCatchPad(MI, BB); case X86::SEG_ALLOCA_32: case X86::SEG_ALLOCA_64: return EmitLoweredSegAlloca(MI, BB); diff --git a/lib/Target/X86/X86ISelLowering.h b/lib/Target/X86/X86ISelLowering.h index c14ccc901ec..6f3aad83e2d 100644 --- a/lib/Target/X86/X86ISelLowering.h +++ b/lib/Target/X86/X86ISelLowering.h @@ -1462,9 +1462,6 @@ namespace llvm { MachineBasicBlock *EmitLoweredCatchRet(MachineInstr &MI, MachineBasicBlock *BB) const; - MachineBasicBlock *EmitLoweredCatchPad(MachineInstr &MI, - MachineBasicBlock *BB) const; - MachineBasicBlock *EmitLoweredSegAlloca(MachineInstr &MI, MachineBasicBlock *BB) const; diff --git a/lib/Target/X86/X86InstrCompiler.td b/lib/Target/X86/X86InstrCompiler.td index 841453ef107..539c0737649 100644 --- a/lib/Target/X86/X86InstrCompiler.td +++ b/lib/Target/X86/X86InstrCompiler.td @@ -177,18 +177,6 @@ let isTerminator = 1, hasSideEffects = 1, isBarrier = 1, hasCtrlDep = 1, [(catchret bb:$dst, bb:$from)]>; } -let hasSideEffects = 1, hasCtrlDep = 1, isCodeGenOnly = 1, - usesCustomInserter = 1 in -def CATCHPAD : I<0, Pseudo, (outs), (ins), "# CATCHPAD", [(catchpad)]>; - -// This instruction is responsible for re-establishing stack pointers after an -// exception has been caught and we are rejoining normal control flow in the -// parent function or funclet. It generally sets ESP and EBP, and optionally -// ESI. It is only needed for 32-bit WinEH, as the runtime restores CSRs for us -// elsewhere. -let hasSideEffects = 1, hasCtrlDep = 1, isCodeGenOnly = 1 in -def EH_RESTORE : I<0, Pseudo, (outs), (ins), "# EH_RESTORE", []>; - let hasSideEffects = 1, isBarrier = 1, isCodeGenOnly = 1, usesCustomInserter = 1 in { def EH_SjLj_SetJmp32 : I<0, Pseudo, (outs GR32:$dst), (ins i32mem:$buf), diff --git a/test/CodeGen/X86/seh-except-restore.ll b/test/CodeGen/X86/seh-except-restore.ll new file mode 100644 index 00000000000..4e9d702de29 --- /dev/null +++ b/test/CodeGen/X86/seh-except-restore.ll @@ -0,0 +1,69 @@ +; RUN: llc < %s | FileCheck %s + +; In PR44697, the register allocator inserted loads into the __except block +; before the instructions that restore EBP and ESP back to what they should be. +; Make sure they are the first instructions in the __except block. + +; ModuleID = 't.cpp' +source_filename = "t.cpp" +target datalayout = "e-m:x-p:32:32-p270:32:32-p271:32:32-p272:64:64-i64:64-f80:32-n8:16:32-a:0:32-S32" +target triple = "i386-pc-windows-msvc19.24.28315" + +declare i8* @llvm.frameaddress.p0i8(i32 immarg) +declare i8* @llvm.eh.recoverfp(i8*, i8*) +declare i8* @llvm.localrecover(i8*, i8*, i32 immarg) +declare dso_local i32 @_except_handler3(...) +declare void @llvm.localescape(...) + +define dso_local zeroext i1 @invokewrapper( + void ()* nocapture %Fn, + i1 zeroext %DumpStackAndCleanup, + i32* nocapture dereferenceable(4) %RetCode) + personality i32 (...)* @_except_handler3 { +entry: + %__exception_code = alloca i32, align 4 + call void (...) @llvm.localescape(i32* nonnull %__exception_code) + invoke void %Fn() + to label %return unwind label %catch.dispatch + +catch.dispatch: ; preds = %entry + %0 = catchswitch within none [label %__except.ret] unwind to caller + +__except.ret: ; preds = %catch.dispatch + %1 = catchpad within %0 [i8* bitcast (i32 ()* @filter to i8*)] + catchret from %1 to label %__except + +__except: ; preds = %__except.ret + %2 = load i32, i32* %__exception_code, align 4 + store i32 %2, i32* %RetCode, align 4 + br label %return + +return: ; preds = %entry, %__except + %retval.0 = phi i1 [ false, %__except ], [ true, %entry ] + ret i1 %retval.0 +} + +; CHECK-LABEL: _invokewrapper: # @invokewrapper +; CHECK: calll *8(%ebp) +; CHECK: LBB0_2: # %return + +; CHECK: LBB0_1: # %__except.ret +; CHECK-NEXT: movl -24(%ebp), %esp +; CHECK-NEXT: addl $12, %ebp + +; Function Attrs: nofree nounwind +define internal i32 @filter() { +entry: + %0 = tail call i8* @llvm.frameaddress.p0i8(i32 1) + %1 = tail call i8* @llvm.eh.recoverfp(i8* bitcast (i1 (void ()*, i1, i32*)* @invokewrapper to i8*), i8* %0) + %2 = tail call i8* @llvm.localrecover(i8* bitcast (i1 (void ()*, i1, i32*)* @invokewrapper to i8*), i8* %1, i32 0) + %__exception_code = bitcast i8* %2 to i32* + %3 = getelementptr inbounds i8, i8* %0, i32 -20 + %4 = bitcast i8* %3 to { i32*, i8* }** + %5 = load { i32*, i8* }*, { i32*, i8* }** %4, align 4 + %6 = getelementptr inbounds { i32*, i8* }, { i32*, i8* }* %5, i32 0, i32 0 + %7 = load i32*, i32** %6, align 4 + %8 = load i32, i32* %7, align 4 + store i32 %8, i32* %__exception_code, align 4 + ret i32 1 +}