From bd15c3267fa246dbf2da4876eb4b4f385d96795d Mon Sep 17 00:00:00 2001 From: Nicolai Haehnle Date: Fri, 14 Oct 2016 09:03:04 +0000 Subject: [PATCH] AMDGPU: Fix use-after-frees Reviewers: arsenm, tstellarAMD Subscribers: kzhuravl, wdng, yaxunl, tony-tye, llvm-commits Differential Revision: https://reviews.llvm.org/D25312 llvm-svn: 284215 --- llvm/lib/Target/AMDGPU/SIISelLowering.cpp | 29 ++++++++++++----------- llvm/lib/Target/AMDGPU/SIRegisterInfo.cpp | 2 +- 2 files changed, 16 insertions(+), 15 deletions(-) diff --git a/llvm/lib/Target/AMDGPU/SIISelLowering.cpp b/llvm/lib/Target/AMDGPU/SIISelLowering.cpp index 0df5ea075a6e..be669c112b74 100644 --- a/llvm/lib/Target/AMDGPU/SIISelLowering.cpp +++ b/llvm/lib/Target/AMDGPU/SIISelLowering.cpp @@ -1274,8 +1274,6 @@ static MachineBasicBlock::iterator loadM0FromVGPR(const SIInstrInfo *TII, BuildMI(*RemainderBB, First, DL, TII->get(AMDGPU::S_MOV_B64), AMDGPU::EXEC) .addReg(SaveExec); - MI.eraseFromParent(); - return InsPt; } @@ -1362,14 +1360,14 @@ static MachineBasicBlock *emitIndirectSrc(MachineInstr &MI, MachineRegisterInfo &MRI = MF->getRegInfo(); unsigned Dst = MI.getOperand(0).getReg(); - const MachineOperand *SrcVec = TII->getNamedOperand(MI, AMDGPU::OpName::src); + unsigned SrcReg = TII->getNamedOperand(MI, AMDGPU::OpName::src)->getReg(); int Offset = TII->getNamedOperand(MI, AMDGPU::OpName::offset)->getImm(); - const TargetRegisterClass *VecRC = MRI.getRegClass(SrcVec->getReg()); + const TargetRegisterClass *VecRC = MRI.getRegClass(SrcReg); unsigned SubReg; std::tie(SubReg, Offset) - = computeIndirectRegAndOffset(TRI, VecRC, SrcVec->getReg(), Offset); + = computeIndirectRegAndOffset(TRI, VecRC, SrcReg, Offset); bool UseGPRIdxMode = ST.hasVGPRIndexMode() && EnableVGPRIndexMode; @@ -1382,14 +1380,14 @@ static MachineBasicBlock *emitIndirectSrc(MachineInstr &MI, // to avoid interfering with other uses, so probably requires a new // optimization pass. BuildMI(MBB, I, DL, TII->get(AMDGPU::V_MOV_B32_e32), Dst) - .addReg(SrcVec->getReg(), RegState::Undef, SubReg) - .addReg(SrcVec->getReg(), RegState::Implicit) + .addReg(SrcReg, RegState::Undef, SubReg) + .addReg(SrcReg, RegState::Implicit) .addReg(AMDGPU::M0, RegState::Implicit); BuildMI(MBB, I, DL, TII->get(AMDGPU::S_SET_GPR_IDX_OFF)); } else { BuildMI(MBB, I, DL, TII->get(AMDGPU::V_MOVRELS_B32_e32), Dst) - .addReg(SrcVec->getReg(), RegState::Undef, SubReg) - .addReg(SrcVec->getReg(), RegState::Implicit); + .addReg(SrcReg, RegState::Undef, SubReg) + .addReg(SrcReg, RegState::Implicit); } MI.eraseFromParent(); @@ -1412,7 +1410,6 @@ static MachineBasicBlock *emitIndirectSrc(MachineInstr &MI, .addImm(VGPRIndexMode::SRC0_ENABLE); SetOn->getOperand(3).setIsUndef(); - // Disable again after the loop. BuildMI(MBB, std::next(I), DL, TII->get(AMDGPU::S_SET_GPR_IDX_OFF)); } @@ -1422,15 +1419,17 @@ static MachineBasicBlock *emitIndirectSrc(MachineInstr &MI, if (UseGPRIdxMode) { BuildMI(*LoopBB, InsPt, DL, TII->get(AMDGPU::V_MOV_B32_e32), Dst) - .addReg(SrcVec->getReg(), RegState::Undef, SubReg) - .addReg(SrcVec->getReg(), RegState::Implicit) + .addReg(SrcReg, RegState::Undef, SubReg) + .addReg(SrcReg, RegState::Implicit) .addReg(AMDGPU::M0, RegState::Implicit); } else { BuildMI(*LoopBB, InsPt, DL, TII->get(AMDGPU::V_MOVRELS_B32_e32), Dst) - .addReg(SrcVec->getReg(), RegState::Undef, SubReg) - .addReg(SrcVec->getReg(), RegState::Implicit); + .addReg(SrcReg, RegState::Undef, SubReg) + .addReg(SrcReg, RegState::Implicit); } + MI.eraseFromParent(); + return LoopBB; } @@ -1554,6 +1553,8 @@ static MachineBasicBlock *emitIndirectDst(MachineInstr &MI, MovRel->tieOperands(ImpDefIdx, ImpUseIdx); } + MI.eraseFromParent(); + return LoopBB; } diff --git a/llvm/lib/Target/AMDGPU/SIRegisterInfo.cpp b/llvm/lib/Target/AMDGPU/SIRegisterInfo.cpp index 20cdaec07c30..837477685459 100644 --- a/llvm/lib/Target/AMDGPU/SIRegisterInfo.cpp +++ b/llvm/lib/Target/AMDGPU/SIRegisterInfo.cpp @@ -611,8 +611,8 @@ void SIRegisterInfo::eliminateFrameIndex(MachineBasicBlock::iterator MI, TII->getNamedOperand(*MI, AMDGPU::OpName::soffset)->getReg(), FrameInfo.getObjectOffset(Index) + TII->getNamedOperand(*MI, AMDGPU::OpName::offset)->getImm(), RS); - MI->eraseFromParent(); MFI->addToSpilledVGPRs(getNumSubRegsForSpillOp(MI->getOpcode())); + MI->eraseFromParent(); break; case AMDGPU::SI_SPILL_V32_RESTORE: case AMDGPU::SI_SPILL_V64_RESTORE: