Skip to content
This repository was archived by the owner on Feb 5, 2019. It is now read-only.

Commit fd8a627

Browse files
neykovalexcrichton
neykov
authored and
alexcrichton
committed
Add stack overflow check for ARM Thumb instruction set.
Besides the mechanincal changes between the ARM and Thumb functions, because of the different instruction sets, there is difference in how the stack limit is located. The ARM version uses hardware which isn't available on the lower-end Thumb processors (namely system co-processor and MMU) therefore the stack limit is placed at a predefined location in memory - STACK_LIMIT. It is the responsibility of the wrapping runtime to manage this location with the correct value. It can vary from a simple constant defined by the linker to actively managed variable by a RTOS implementation.
1 parent ed0d140 commit fd8a627

File tree

4 files changed

+365
-1
lines changed

4 files changed

+365
-1
lines changed

lib/Target/ARM/ARMFrameLowering.cpp

+177-1
Original file line numberDiff line numberDiff line change
@@ -14,6 +14,7 @@
1414
#include "ARMFrameLowering.h"
1515
#include "ARMBaseInstrInfo.h"
1616
#include "ARMBaseRegisterInfo.h"
17+
#include "ARMConstantPoolValue.h"
1718
#include "ARMInstrInfo.h"
1819
#include "ARMMachineFunctionInfo.h"
1920
#include "ARMTargetMachine.h"
@@ -1639,10 +1640,20 @@ static uint32_t AlignToARMConstant(uint32_t Value) {
16391640
// stack limit.
16401641
static const uint64_t kSplitStackAvailable = 256;
16411642

1643+
void
1644+
ARMFrameLowering::adjustForSegmentedStacks(MachineFunction &MF) const {
1645+
const ARMSubtarget *ST = &MF.getTarget().getSubtarget<ARMSubtarget>();
1646+
if(ST->isThumb()) {
1647+
adjustForSegmentedStacksThumb(MF);
1648+
} else {
1649+
adjustForSegmentedStacksARM(MF);
1650+
}
1651+
}
1652+
16421653
// Adjust function prologue to enable split stack.
16431654
// Only support android and linux.
16441655
void
1645-
ARMFrameLowering::adjustForSegmentedStacks(MachineFunction &MF) const {
1656+
ARMFrameLowering::adjustForSegmentedStacksARM(MachineFunction &MF) const {
16461657
const ARMSubtarget *ST = &MF.getTarget().getSubtarget<ARMSubtarget>();
16471658

16481659
// Doesn't support vararg function.
@@ -1855,3 +1866,168 @@ ARMFrameLowering::adjustForSegmentedStacks(MachineFunction &MF) const {
18551866
MF.verify();
18561867
#endif
18571868
}
1869+
1870+
void
1871+
ARMFrameLowering::adjustForSegmentedStacksThumb(MachineFunction &MF) const {
1872+
// const ARMSubtarget *ST = &MF.getTarget().getSubtarget<ARMSubtarget>();
1873+
1874+
// Doesn't support vararg function.
1875+
if (MF.getFunction()->isVarArg())
1876+
report_fatal_error("Segmented stacks do not support vararg functions.");
1877+
1878+
MachineBasicBlock &prologueMBB = MF.front();
1879+
MachineFrameInfo* MFI = MF.getFrameInfo();
1880+
const ARMBaseInstrInfo &TII = *TM.getInstrInfo();
1881+
ARMFunctionInfo* ARMFI = MF.getInfo<ARMFunctionInfo>();
1882+
DebugLoc DL;
1883+
1884+
// Use R4 and R5 as scratch register.
1885+
// We should save R4 and R5 before use it and restore before
1886+
// leave the function.
1887+
unsigned ScratchReg0 = ARM::R4;
1888+
unsigned ScratchReg1 = ARM::R5;
1889+
uint64_t AlignedStackSize;
1890+
1891+
MachineBasicBlock* prevStackMBB = MF.CreateMachineBasicBlock();
1892+
MachineBasicBlock* postStackMBB = MF.CreateMachineBasicBlock();
1893+
MachineBasicBlock* allocMBB = MF.CreateMachineBasicBlock();
1894+
MachineBasicBlock* getMBB = MF.CreateMachineBasicBlock();
1895+
MachineBasicBlock* mcrMBB = MF.CreateMachineBasicBlock();
1896+
1897+
for (MachineBasicBlock::livein_iterator i = prologueMBB.livein_begin(),
1898+
e = prologueMBB.livein_end(); i != e; ++i) {
1899+
allocMBB->addLiveIn(*i);
1900+
getMBB->addLiveIn(*i);
1901+
mcrMBB->addLiveIn(*i);
1902+
prevStackMBB->addLiveIn(*i);
1903+
postStackMBB->addLiveIn(*i);
1904+
}
1905+
1906+
MF.push_front(postStackMBB);
1907+
MF.push_front(allocMBB);
1908+
MF.push_front(getMBB);
1909+
MF.push_front(mcrMBB);
1910+
MF.push_front(prevStackMBB);
1911+
1912+
// The required stack size that is aligend to ARM constant critarion.
1913+
uint64_t StackSize = MFI->getStackSize();
1914+
1915+
AlignedStackSize = AlignToARMConstant(StackSize);
1916+
1917+
// When the frame size is less than 256 we just compare the stack
1918+
// boundary directly to the value of the stack pointer, per gcc.
1919+
bool CompareStackPointer = AlignedStackSize < kSplitStackAvailable;
1920+
1921+
// We will use two of callee save registers as scratch register so we
1922+
// need to save those registers into stack frame before use it.
1923+
// We will use SR0 to hold stack limit and SR1 to stack size requested.
1924+
// and arguments for __morestack().
1925+
// SR0: Scratch Register #0
1926+
// SR1: Scratch Register #1
1927+
// push {SR0, SR1}
1928+
AddDefaultPred(BuildMI(prevStackMBB, DL, TII.get(ARM::tPUSH)))
1929+
.addReg(ScratchReg0)
1930+
.addReg(ScratchReg1);
1931+
1932+
// mov SR1, sp
1933+
AddDefaultPred(BuildMI(mcrMBB, DL, TII.get(ARM::tMOVr), ScratchReg1)
1934+
.addReg(ARM::SP));
1935+
1936+
if (!CompareStackPointer) {
1937+
// sub SR1, #StackSize
1938+
AddDefaultPred(AddDefaultCC(BuildMI(mcrMBB, DL, TII.get(ARM::tSUBi8), ScratchReg1))
1939+
.addReg(ScratchReg1).addImm(AlignedStackSize));
1940+
}
1941+
1942+
unsigned PCLabelId = ARMFI->createPICLabelUId();
1943+
ARMConstantPoolValue *NewCPV = ARMConstantPoolSymbol::
1944+
Create(MF.getFunction()->getContext(), "STACK_LIMIT", PCLabelId, 0);
1945+
MachineConstantPool *MCP = MF.getConstantPool();
1946+
unsigned CPI = MCP->getConstantPoolIndex(NewCPV, MF.getAlignment());
1947+
1948+
//ldr SR0, [pc, offset(STACK_LIMIT)]
1949+
AddDefaultPred(BuildMI(getMBB, DL, TII.get(ARM::tLDRpci), ScratchReg0)
1950+
.addConstantPoolIndex(CPI));
1951+
1952+
//ldr SR0, [SR0]
1953+
AddDefaultPred(BuildMI(getMBB, DL, TII.get(ARM::tLDRi), ScratchReg0)
1954+
.addReg(ScratchReg0)
1955+
.addImm(0));
1956+
1957+
// Compare stack limit with stack size requested.
1958+
// cmp SR0, SR1
1959+
AddDefaultPred(BuildMI(getMBB, DL, TII.get(ARM::tCMPr))
1960+
.addReg(ScratchReg0)
1961+
.addReg(ScratchReg1));
1962+
1963+
// This jump is taken if StackLimit < SP - stack required.
1964+
BuildMI(getMBB, DL, TII.get(ARM::tBcc))
1965+
.addMBB(postStackMBB)
1966+
.addImm(ARMCC::LO)
1967+
.addReg(ARM::CPSR);
1968+
1969+
1970+
// Calling __morestack(StackSize, Size of stack arguments).
1971+
// __morestack knows that the stack size requested is in SR0(r4)
1972+
// and amount size of stack arguments is in SR1(r5).
1973+
1974+
// Pass first argument for the __morestack by Scratch Register #0.
1975+
// The amount size of stack required
1976+
AddDefaultPred(AddDefaultCC(BuildMI(allocMBB, DL, TII.get(ARM::tMOVi8), ScratchReg0))
1977+
.addImm(AlignedStackSize));
1978+
// Pass second argument for the __morestack by Scratch Register #1.
1979+
// The amount size of stack consumed to save function arguments.
1980+
AddDefaultPred(AddDefaultCC(BuildMI(allocMBB, DL, TII.get(ARM::tMOVi8), ScratchReg1))
1981+
.addImm(AlignToARMConstant(ARMFI->getArgumentStackSize())));
1982+
1983+
// push {lr} - Save return address of this function.
1984+
AddDefaultPred(BuildMI(allocMBB, DL, TII.get(ARM::tPUSH)))
1985+
.addReg(ARM::LR);
1986+
1987+
// Call __morestack().
1988+
AddDefaultPred(BuildMI(allocMBB, DL, TII.get(ARM::tBL)))
1989+
.addExternalSymbol("__morestack");
1990+
1991+
// Restore return address of this original function.
1992+
// pop {SR0}
1993+
AddDefaultPred(BuildMI(allocMBB, DL, TII.get(ARM::tPOP)))
1994+
.addReg(ScratchReg0);
1995+
1996+
// mov lr, SR0
1997+
AddDefaultPred(BuildMI(allocMBB, DL, TII.get(ARM::tMOVr), ARM::LR)
1998+
.addReg(ScratchReg0));
1999+
2000+
// Restore SR0 and SR1 in case of __morestack() was called.
2001+
// __morestack() will skip postStackMBB block so we need to restore
2002+
// scratch registers from here.
2003+
// pop {SR0, SR1}
2004+
AddDefaultPred(BuildMI(allocMBB, DL, TII.get(ARM::tPOP)))
2005+
.addReg(ScratchReg0)
2006+
.addReg(ScratchReg1);
2007+
2008+
// Return from this function.
2009+
AddDefaultPred(BuildMI(allocMBB, DL, TII.get(ARM::tMOVr), ARM::PC)
2010+
.addReg(ARM::LR));
2011+
2012+
// Restore SR0 and SR1 in case of __morestack() was not called.
2013+
// pop {SR0, SR1}
2014+
AddDefaultPred(BuildMI(postStackMBB, DL, TII.get(ARM::tPOP)))
2015+
.addReg(ScratchReg0)
2016+
.addReg(ScratchReg1);
2017+
2018+
// Organizing MBB lists
2019+
postStackMBB->addSuccessor(&prologueMBB);
2020+
2021+
allocMBB->addSuccessor(postStackMBB);
2022+
2023+
getMBB->addSuccessor(postStackMBB);
2024+
getMBB->addSuccessor(allocMBB);
2025+
2026+
mcrMBB->addSuccessor(getMBB);
2027+
2028+
prevStackMBB->addSuccessor(mcrMBB);
2029+
2030+
#ifdef XDEBUG
2031+
MF.verify();
2032+
#endif
2033+
}

lib/Target/ARM/ARMFrameLowering.h

+2
Original file line numberDiff line numberDiff line change
@@ -62,6 +62,8 @@ class ARMFrameLowering : public TargetFrameLowering {
6262
RegScavenger *RS) const;
6363

6464
void adjustForSegmentedStacks(MachineFunction &MF) const;
65+
void adjustForSegmentedStacksThumb(MachineFunction &MF) const;
66+
void adjustForSegmentedStacksARM(MachineFunction &MF) const;
6567

6668
private:
6769
void emitPushInst(MachineBasicBlock &MBB, MachineBasicBlock::iterator MI,

test/CodeGen/Thumb/segmented-stacks-dynamic.ll

+41
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,41 @@
1+
; RUN: llc < %s -mcpu=generic -mtriple=thumb-linux-android -segmented-stacks -verify-machineinstrs | FileCheck %s -check-prefix=Thumb-Linux-Android
2+
; RUN: llc < %s -mcpu=generic -mtriple=thumb-linux-android -segmented-stacks -filetype=obj
3+
4+
; Just to prevent the alloca from being optimized away
5+
declare void @dummy_use(i32*, i32)
6+
7+
define i32 @test_basic(i32 %l) {
8+
%mem = alloca i32, i32 %l
9+
call void @dummy_use (i32* %mem, i32 %l)
10+
%terminate = icmp eq i32 %l, 0
11+
br i1 %terminate, label %true, label %false
12+
13+
true:
14+
ret i32 0
15+
16+
false:
17+
%newlen = sub i32 %l, 1
18+
%retvalue = call i32 @test_basic(i32 %newlen)
19+
ret i32 %retvalue
20+
21+
; Thumb-Linux-Android: test_basic:
22+
23+
; Thumb-Linux-Android: push {r4, r5}
24+
; Thumb-Linux-Android-NEXT: mov r5, sp
25+
; Thumb-Linux-Android-NEXT: ldr r4, .LCPI0_0
26+
; Thumb-Linux-Android-NEXT: ldr r4, [r4]
27+
; Thumb-Linux-Android-NEXT: cmp r4, r5
28+
; Thumb-Linux-Android-NEXT: blo .LBB0_2
29+
30+
; Thumb-Linux-Android: mov r4, #16
31+
; Thumb-Linux-Android-NEXT: mov r5, #0
32+
; Thumb-Linux-Android-NEXT: push {lr}
33+
; Thumb-Linux-Android-NEXT: bl __morestack
34+
; Thumb-Linux-Android-NEXT: pop {r4}
35+
; Thumb-Linux-Android-NEXT: mov lr, r4
36+
; Thumb-Linux-Android-NEXT: pop {r4, r5}
37+
; Thumb-Linux-Android-NEXT: mov pc, lr
38+
39+
; Thumb-Linux-Android: pop {r4, r5}
40+
41+
}

test/CodeGen/Thumb/segmented-stacks.ll

+145
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,145 @@
1+
; RUN: llc < %s -mcpu=generic -mtriple=thumb-linux-android -segmented-stacks -verify-machineinstrs | FileCheck %s -check-prefix=Thumb-Linux-Android
2+
3+
; We used to crash with filetype=obj
4+
; RUN: llc < %s -mcpu=generic -mtriple=thumb-linux-android -segmented-stacks -filetype=obj
5+
6+
7+
; Just to prevent the alloca from being optimized away
8+
declare void @dummy_use(i32*, i32)
9+
10+
define void @test_basic() {
11+
%mem = alloca i32, i32 10
12+
call void @dummy_use (i32* %mem, i32 10)
13+
ret void
14+
15+
; Thumb-Linux-Android: test_basic:
16+
17+
; Thumb-Linux-Android: push {r4, r5}
18+
; Thumb-Linux-Android-NEXT: mov r5, sp
19+
; Thumb-Linux-Android-NEXT: ldr r4, .LCPI0_0
20+
; Thumb-Linux-Android-NEXT: ldr r4, [r4]
21+
; Thumb-Linux-Android-NEXT: cmp r4, r5
22+
; Thumb-Linux-Android-NEXT: blo .LBB0_2
23+
24+
; Thumb-Linux-Android: mov r4, #48
25+
; Thumb-Linux-Android-NEXT: mov r5, #0
26+
; Thumb-Linux-Android-NEXT: push {lr}
27+
; Thumb-Linux-Android-NEXT: bl __morestack
28+
; Thumb-Linux-Android-NEXT: pop {r4}
29+
; Thumb-Linux-Android-NEXT: mov lr, r4
30+
; Thumb-Linux-Android-NEXT: pop {r4, r5}
31+
; Thumb-Linux-Android-NEXT: mov pc, lr
32+
33+
; Thumb-Linux-Android: pop {r4, r5}
34+
35+
}
36+
37+
define i32 @test_nested(i32 * nest %closure, i32 %other) {
38+
%addend = load i32 * %closure
39+
%result = add i32 %other, %addend
40+
ret i32 %result
41+
42+
; Thumb-Linux-Android: test_nested:
43+
44+
; Thumb-Linux-Android: push {r4, r5}
45+
; Thumb-Linux-Android-NEXT: mov r5, sp
46+
; Thumb-Linux-Android-NEXT: ldr r4, .LCPI1_0
47+
; Thumb-Linux-Android-NEXT: ldr r4, [r4]
48+
; Thumb-Linux-Android-NEXT: cmp r4, r5
49+
; Thumb-Linux-Android-NEXT: blo .LBB1_2
50+
51+
; Thumb-Linux-Android: mov r4, #0
52+
; Thumb-Linux-Android-NEXT: mov r5, #0
53+
; Thumb-Linux-Android-NEXT: push {lr}
54+
; Thumb-Linux-Android-NEXT: bl __morestack
55+
; Thumb-Linux-Android-NEXT: pop {r4}
56+
; Thumb-Linux-Android-NEXT: mov lr, r4
57+
; Thumb-Linux-Android-NEXT: pop {r4, r5}
58+
; Thumb-Linux-Android-NEXT: mov pc, lr
59+
60+
; Thumb-Linux-Android: pop {r4, r5}
61+
62+
}
63+
64+
define void @test_large() {
65+
%mem = alloca i32, i32 10000
66+
call void @dummy_use (i32* %mem, i32 0)
67+
ret void
68+
69+
; Thumb-Linux-Android: test_large:
70+
71+
; Thumb-Linux-Android: push {r4, r5}
72+
; Thumb-Linux-Android-NEXT: mov r5, sp
73+
; Thumb-Linux-Android-NEXT: sub r5, #40192
74+
; Thumb-Linux-Android-NEXT: ldr r4, .LCPI2_2
75+
; Thumb-Linux-Android-NEXT: ldr r4, [r4]
76+
; Thumb-Linux-Android-NEXT: cmp r4, r5
77+
; Thumb-Linux-Android-NEXT: blo .LBB2_2
78+
79+
; Thumb-Linux-Android: mov r4, #40192
80+
; Thumb-Linux-Android-NEXT: mov r5, #0
81+
; Thumb-Linux-Android-NEXT: push {lr}
82+
; Thumb-Linux-Android-NEXT: bl __morestack
83+
; Thumb-Linux-Android-NEXT: pop {r4}
84+
; Thumb-Linux-Android-NEXT: mov lr, r4
85+
; Thumb-Linux-Android-NEXT: pop {r4, r5}
86+
; Thumb-Linux-Android-NEXT: mov pc, lr
87+
88+
; Thumb-Linux-Android: pop {r4, r5}
89+
90+
}
91+
92+
define fastcc void @test_fastcc() {
93+
%mem = alloca i32, i32 10
94+
call void @dummy_use (i32* %mem, i32 10)
95+
ret void
96+
97+
; Thumb-Linux-Android: test_fastcc:
98+
99+
; Thumb-Linux-Android: push {r4, r5}
100+
; Thumb-Linux-Android-NEXT: mov r5, sp
101+
; Thumb-Linux-Android-NEXT: ldr r4, .LCPI3_0
102+
; Thumb-Linux-Android-NEXT: ldr r4, [r4]
103+
; Thumb-Linux-Android-NEXT: cmp r4, r5
104+
; Thumb-Linux-Android-NEXT: blo .LBB3_2
105+
106+
; Thumb-Linux-Android: mov r4, #48
107+
; Thumb-Linux-Android-NEXT: mov r5, #0
108+
; Thumb-Linux-Android-NEXT: push {lr}
109+
; Thumb-Linux-Android-NEXT: bl __morestack
110+
; Thumb-Linux-Android-NEXT: pop {r4}
111+
; Thumb-Linux-Android-NEXT: mov lr, r4
112+
; Thumb-Linux-Android-NEXT: pop {r4, r5}
113+
; Thumb-Linux-Android-NEXT: mov pc, lr
114+
115+
; Thumb-Linux-Android: pop {r4, r5}
116+
117+
}
118+
119+
define fastcc void @test_fastcc_large() {
120+
%mem = alloca i32, i32 10000
121+
call void @dummy_use (i32* %mem, i32 0)
122+
ret void
123+
124+
; Thumb-Linux-Android: test_fastcc_large:
125+
126+
; Thumb-Linux-Android: push {r4, r5}
127+
; Thumb-Linux-Android-NEXT: mov r5, sp
128+
; Thumb-Linux-Android-NEXT: sub r5, #40192
129+
; Thumb-Linux-Android-NEXT: ldr r4, .LCPI4_2
130+
; Thumb-Linux-Android-NEXT: ldr r4, [r4]
131+
; Thumb-Linux-Android-NEXT: cmp r4, r5
132+
; Thumb-Linux-Android-NEXT: blo .LBB4_2
133+
134+
; Thumb-Linux-Android: mov r4, #40192
135+
; Thumb-Linux-Android-NEXT: mov r5, #0
136+
; Thumb-Linux-Android-NEXT: push {lr}
137+
; Thumb-Linux-Android-NEXT: bl __morestack
138+
; Thumb-Linux-Android-NEXT: pop {r4}
139+
; Thumb-Linux-Android-NEXT: mov lr, r4
140+
; Thumb-Linux-Android-NEXT: pop {r4, r5}
141+
; Thumb-Linux-Android-NEXT: mov pc, lr
142+
143+
; Thumb-Linux-Android: pop {r4, r5}
144+
145+
}

0 commit comments

Comments
 (0)