[llvm-bugs] [Bug 37876] New: Shrink-wrap generates bad code in presence of stack save/restore
via llvm-bugs
llvm-bugs at lists.llvm.org
Wed Jun 20 04:08:05 PDT 2018
https://bugs.llvm.org/show_bug.cgi?id=37876
Bug ID: 37876
Summary: Shrink-wrap generates bad code in presence of stack
save/restore
Product: libraries
Version: 6.0
Hardware: PC
OS: Linux
Status: NEW
Severity: normal
Priority: P
Component: Common Code Generator Code
Assignee: unassignedbugs at nondot.org
Reporter: kenner at adacore.com
CC: llvm-bugs at lists.llvm.org
Created attachment 20447
--> https://bugs.llvm.org/attachment.cgi?id=20447&action=edit
Input LLVM IR file.
See attached file bug.ll and look at the function whose name ends with
"decompose". Run "llc bug.ll" and look at the same function in bug.s. The
shrink wrapper is setting up a prologue at %false4. That pushes %rbp. Then it
compiles the "%3 = call i8* @llvm.stacksave()" into "movq %rsp, %r8". It
puts the epilogue at the end of block %end7, which is just "movq %rbp, %rsp;
popq %rbp".
But then it (eventually) branches to %if-next, which, at the end, has "call
void @llvm.stackrestore(i8* %3)", which restores the save above. Then it
returns. These two things are "movq %r8, %rsp; retq". Unfortunately, %rsp was
saved *before* the push of %rbp, but restored after. So %rsp is restore
incorrectly, no longer points to the return address,and the return goes to a
bogus place (the saved value of %rbp) and we get a SIGSEGV. Running with
-enable-shrink-wrap=0 works around this.
--
You are receiving this mail because:
You are on the CC list for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.llvm.org/pipermail/llvm-bugs/attachments/20180620/03c7c3be/attachment.html>
More information about the llvm-bugs
mailing list