1 //===-- WebAssemblyCFGStackify.cpp - CFG Stackification -------------------===// 2 // 3 // Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions. 4 // See https://llvm.org/LICENSE.txt for license information. 5 // SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception 6 // 7 //===----------------------------------------------------------------------===// 8 /// 9 /// \file 10 /// This file implements a CFG stacking pass. 11 /// 12 /// This pass inserts BLOCK, LOOP, and TRY markers to mark the start of scopes, 13 /// since scope boundaries serve as the labels for WebAssembly's control 14 /// transfers. 15 /// 16 /// This is sufficient to convert arbitrary CFGs into a form that works on 17 /// WebAssembly, provided that all loops are single-entry. 18 /// 19 /// In case we use exceptions, this pass also fixes mismatches in unwind 20 /// destinations created during transforming CFG into wasm structured format. 21 /// 22 //===----------------------------------------------------------------------===// 23 24 #include "WebAssembly.h" 25 #include "WebAssemblyExceptionInfo.h" 26 #include "WebAssemblyMachineFunctionInfo.h" 27 #include "WebAssemblySortRegion.h" 28 #include "WebAssemblySubtarget.h" 29 #include "WebAssemblyUtilities.h" 30 #include "llvm/ADT/Statistic.h" 31 #include "llvm/CodeGen/MachineDominators.h" 32 #include "llvm/CodeGen/MachineInstrBuilder.h" 33 #include "llvm/CodeGen/MachineLoopInfo.h" 34 #include "llvm/MC/MCAsmInfo.h" 35 #include "llvm/Target/TargetMachine.h" 36 using namespace llvm; 37 using WebAssembly::SortRegionInfo; 38 39 #define DEBUG_TYPE "wasm-cfg-stackify" 40 41 STATISTIC(NumUnwindMismatches, "Number of EH pad unwind mismatches found"); 42 43 namespace { 44 class WebAssemblyCFGStackify final : public MachineFunctionPass { 45 StringRef getPassName() const override { return "WebAssembly CFG Stackify"; } 46 47 void getAnalysisUsage(AnalysisUsage &AU) const override { 48 AU.addRequired<MachineDominatorTree>(); 49 AU.addRequired<MachineLoopInfo>(); 50 AU.addRequired<WebAssemblyExceptionInfo>(); 51 MachineFunctionPass::getAnalysisUsage(AU); 52 } 53 54 bool runOnMachineFunction(MachineFunction &MF) override; 55 56 // For each block whose label represents the end of a scope, record the block 57 // which holds the beginning of the scope. This will allow us to quickly skip 58 // over scoped regions when walking blocks. 59 SmallVector<MachineBasicBlock *, 8> ScopeTops; 60 61 // Placing markers. 62 void placeMarkers(MachineFunction &MF); 63 void placeBlockMarker(MachineBasicBlock &MBB); 64 void placeLoopMarker(MachineBasicBlock &MBB); 65 void placeTryMarker(MachineBasicBlock &MBB); 66 void removeUnnecessaryInstrs(MachineFunction &MF); 67 bool fixUnwindMismatches(MachineFunction &MF); 68 void rewriteDepthImmediates(MachineFunction &MF); 69 void fixEndsAtEndOfFunction(MachineFunction &MF); 70 71 // For each BLOCK|LOOP|TRY, the corresponding END_(BLOCK|LOOP|TRY). 72 DenseMap<const MachineInstr *, MachineInstr *> BeginToEnd; 73 // For each END_(BLOCK|LOOP|TRY), the corresponding BLOCK|LOOP|TRY. 74 DenseMap<const MachineInstr *, MachineInstr *> EndToBegin; 75 // <TRY marker, EH pad> map 76 DenseMap<const MachineInstr *, MachineBasicBlock *> TryToEHPad; 77 // <EH pad, TRY marker> map 78 DenseMap<const MachineBasicBlock *, MachineInstr *> EHPadToTry; 79 80 // There can be an appendix block at the end of each function, shared for: 81 // - creating a correct signature for fallthrough returns 82 // - target for rethrows that need to unwind to the caller, but are trapped 83 // inside another try/catch 84 MachineBasicBlock *AppendixBB = nullptr; 85 MachineBasicBlock *getAppendixBlock(MachineFunction &MF) { 86 if (!AppendixBB) { 87 AppendixBB = MF.CreateMachineBasicBlock(); 88 // Give it a fake predecessor so that AsmPrinter prints its label. 89 AppendixBB->addSuccessor(AppendixBB); 90 MF.push_back(AppendixBB); 91 } 92 return AppendixBB; 93 } 94 95 // Helper functions to register / unregister scope information created by 96 // marker instructions. 97 void registerScope(MachineInstr *Begin, MachineInstr *End); 98 void registerTryScope(MachineInstr *Begin, MachineInstr *End, 99 MachineBasicBlock *EHPad); 100 void unregisterScope(MachineInstr *Begin); 101 102 public: 103 static char ID; // Pass identification, replacement for typeid 104 WebAssemblyCFGStackify() : MachineFunctionPass(ID) {} 105 ~WebAssemblyCFGStackify() override { releaseMemory(); } 106 void releaseMemory() override; 107 }; 108 } // end anonymous namespace 109 110 char WebAssemblyCFGStackify::ID = 0; 111 INITIALIZE_PASS(WebAssemblyCFGStackify, DEBUG_TYPE, 112 "Insert BLOCK/LOOP/TRY markers for WebAssembly scopes", false, 113 false) 114 115 FunctionPass *llvm::createWebAssemblyCFGStackify() { 116 return new WebAssemblyCFGStackify(); 117 } 118 119 /// Test whether Pred has any terminators explicitly branching to MBB, as 120 /// opposed to falling through. Note that it's possible (eg. in unoptimized 121 /// code) for a branch instruction to both branch to a block and fallthrough 122 /// to it, so we check the actual branch operands to see if there are any 123 /// explicit mentions. 124 static bool explicitlyBranchesTo(MachineBasicBlock *Pred, 125 MachineBasicBlock *MBB) { 126 for (MachineInstr &MI : Pred->terminators()) 127 for (MachineOperand &MO : MI.explicit_operands()) 128 if (MO.isMBB() && MO.getMBB() == MBB) 129 return true; 130 return false; 131 } 132 133 // Returns an iterator to the earliest position possible within the MBB, 134 // satisfying the restrictions given by BeforeSet and AfterSet. BeforeSet 135 // contains instructions that should go before the marker, and AfterSet contains 136 // ones that should go after the marker. In this function, AfterSet is only 137 // used for sanity checking. 138 static MachineBasicBlock::iterator 139 getEarliestInsertPos(MachineBasicBlock *MBB, 140 const SmallPtrSet<const MachineInstr *, 4> &BeforeSet, 141 const SmallPtrSet<const MachineInstr *, 4> &AfterSet) { 142 auto InsertPos = MBB->end(); 143 while (InsertPos != MBB->begin()) { 144 if (BeforeSet.count(&*std::prev(InsertPos))) { 145 #ifndef NDEBUG 146 // Sanity check 147 for (auto Pos = InsertPos, E = MBB->begin(); Pos != E; --Pos) 148 assert(!AfterSet.count(&*std::prev(Pos))); 149 #endif 150 break; 151 } 152 --InsertPos; 153 } 154 return InsertPos; 155 } 156 157 // Returns an iterator to the latest position possible within the MBB, 158 // satisfying the restrictions given by BeforeSet and AfterSet. BeforeSet 159 // contains instructions that should go before the marker, and AfterSet contains 160 // ones that should go after the marker. In this function, BeforeSet is only 161 // used for sanity checking. 162 static MachineBasicBlock::iterator 163 getLatestInsertPos(MachineBasicBlock *MBB, 164 const SmallPtrSet<const MachineInstr *, 4> &BeforeSet, 165 const SmallPtrSet<const MachineInstr *, 4> &AfterSet) { 166 auto InsertPos = MBB->begin(); 167 while (InsertPos != MBB->end()) { 168 if (AfterSet.count(&*InsertPos)) { 169 #ifndef NDEBUG 170 // Sanity check 171 for (auto Pos = InsertPos, E = MBB->end(); Pos != E; ++Pos) 172 assert(!BeforeSet.count(&*Pos)); 173 #endif 174 break; 175 } 176 ++InsertPos; 177 } 178 return InsertPos; 179 } 180 181 // Find a catch instruction and its destination register within an EH pad. 182 static MachineInstr *findCatch(MachineBasicBlock *EHPad, Register &ExnReg) { 183 assert(EHPad->isEHPad()); 184 MachineInstr *Catch = nullptr; 185 for (auto &MI : *EHPad) { 186 switch (MI.getOpcode()) { 187 case WebAssembly::CATCH: 188 Catch = &MI; 189 ExnReg = Catch->getOperand(0).getReg(); 190 break; 191 } 192 } 193 assert(Catch && "EH pad does not have a catch"); 194 assert(ExnReg != 0 && "Invalid register"); 195 return Catch; 196 } 197 198 static MachineInstr *findCatch(MachineBasicBlock *EHPad) { 199 Register Dummy; 200 return findCatch(EHPad, Dummy); 201 } 202 203 void WebAssemblyCFGStackify::registerScope(MachineInstr *Begin, 204 MachineInstr *End) { 205 BeginToEnd[Begin] = End; 206 EndToBegin[End] = Begin; 207 } 208 209 void WebAssemblyCFGStackify::registerTryScope(MachineInstr *Begin, 210 MachineInstr *End, 211 MachineBasicBlock *EHPad) { 212 registerScope(Begin, End); 213 TryToEHPad[Begin] = EHPad; 214 EHPadToTry[EHPad] = Begin; 215 } 216 217 void WebAssemblyCFGStackify::unregisterScope(MachineInstr *Begin) { 218 assert(BeginToEnd.count(Begin)); 219 MachineInstr *End = BeginToEnd[Begin]; 220 assert(EndToBegin.count(End)); 221 BeginToEnd.erase(Begin); 222 EndToBegin.erase(End); 223 MachineBasicBlock *EHPad = TryToEHPad.lookup(Begin); 224 if (EHPad) { 225 assert(EHPadToTry.count(EHPad)); 226 TryToEHPad.erase(Begin); 227 EHPadToTry.erase(EHPad); 228 } 229 } 230 231 /// Insert a BLOCK marker for branches to MBB (if needed). 232 // TODO Consider a more generalized way of handling block (and also loop and 233 // try) signatures when we implement the multi-value proposal later. 234 void WebAssemblyCFGStackify::placeBlockMarker(MachineBasicBlock &MBB) { 235 assert(!MBB.isEHPad()); 236 MachineFunction &MF = *MBB.getParent(); 237 auto &MDT = getAnalysis<MachineDominatorTree>(); 238 const auto &TII = *MF.getSubtarget<WebAssemblySubtarget>().getInstrInfo(); 239 const auto &MFI = *MF.getInfo<WebAssemblyFunctionInfo>(); 240 241 // First compute the nearest common dominator of all forward non-fallthrough 242 // predecessors so that we minimize the time that the BLOCK is on the stack, 243 // which reduces overall stack height. 244 MachineBasicBlock *Header = nullptr; 245 bool IsBranchedTo = false; 246 bool IsBrOnExn = false; 247 MachineInstr *BrOnExn = nullptr; 248 int MBBNumber = MBB.getNumber(); 249 for (MachineBasicBlock *Pred : MBB.predecessors()) { 250 if (Pred->getNumber() < MBBNumber) { 251 Header = Header ? MDT.findNearestCommonDominator(Header, Pred) : Pred; 252 if (explicitlyBranchesTo(Pred, &MBB)) { 253 IsBranchedTo = true; 254 if (Pred->getFirstTerminator()->getOpcode() == WebAssembly::BR_ON_EXN) { 255 IsBrOnExn = true; 256 assert(!BrOnExn && "There should be only one br_on_exn per block"); 257 BrOnExn = &*Pred->getFirstTerminator(); 258 } 259 } 260 } 261 } 262 if (!Header) 263 return; 264 if (!IsBranchedTo) 265 return; 266 267 assert(&MBB != &MF.front() && "Header blocks shouldn't have predecessors"); 268 MachineBasicBlock *LayoutPred = MBB.getPrevNode(); 269 270 // If the nearest common dominator is inside a more deeply nested context, 271 // walk out to the nearest scope which isn't more deeply nested. 272 for (MachineFunction::iterator I(LayoutPred), E(Header); I != E; --I) { 273 if (MachineBasicBlock *ScopeTop = ScopeTops[I->getNumber()]) { 274 if (ScopeTop->getNumber() > Header->getNumber()) { 275 // Skip over an intervening scope. 276 I = std::next(ScopeTop->getIterator()); 277 } else { 278 // We found a scope level at an appropriate depth. 279 Header = ScopeTop; 280 break; 281 } 282 } 283 } 284 285 // Decide where in Header to put the BLOCK. 286 287 // Instructions that should go before the BLOCK. 288 SmallPtrSet<const MachineInstr *, 4> BeforeSet; 289 // Instructions that should go after the BLOCK. 290 SmallPtrSet<const MachineInstr *, 4> AfterSet; 291 for (const auto &MI : *Header) { 292 // If there is a previously placed LOOP marker and the bottom block of the 293 // loop is above MBB, it should be after the BLOCK, because the loop is 294 // nested in this BLOCK. Otherwise it should be before the BLOCK. 295 if (MI.getOpcode() == WebAssembly::LOOP) { 296 auto *LoopBottom = BeginToEnd[&MI]->getParent()->getPrevNode(); 297 if (MBB.getNumber() > LoopBottom->getNumber()) 298 AfterSet.insert(&MI); 299 #ifndef NDEBUG 300 else 301 BeforeSet.insert(&MI); 302 #endif 303 } 304 305 // If there is a previously placed BLOCK/TRY marker and its corresponding 306 // END marker is before the current BLOCK's END marker, that should be 307 // placed after this BLOCK. Otherwise it should be placed before this BLOCK 308 // marker. 309 if (MI.getOpcode() == WebAssembly::BLOCK || 310 MI.getOpcode() == WebAssembly::TRY) { 311 if (BeginToEnd[&MI]->getParent()->getNumber() <= MBB.getNumber()) 312 AfterSet.insert(&MI); 313 #ifndef NDEBUG 314 else 315 BeforeSet.insert(&MI); 316 #endif 317 } 318 319 #ifndef NDEBUG 320 // All END_(BLOCK|LOOP|TRY) markers should be before the BLOCK. 321 if (MI.getOpcode() == WebAssembly::END_BLOCK || 322 MI.getOpcode() == WebAssembly::END_LOOP || 323 MI.getOpcode() == WebAssembly::END_TRY) 324 BeforeSet.insert(&MI); 325 #endif 326 327 // Terminators should go after the BLOCK. 328 if (MI.isTerminator()) 329 AfterSet.insert(&MI); 330 } 331 332 // Local expression tree should go after the BLOCK. 333 for (auto I = Header->getFirstTerminator(), E = Header->begin(); I != E; 334 --I) { 335 if (std::prev(I)->isDebugInstr() || std::prev(I)->isPosition()) 336 continue; 337 if (WebAssembly::isChild(*std::prev(I), MFI)) 338 AfterSet.insert(&*std::prev(I)); 339 else 340 break; 341 } 342 343 // Add the BLOCK. 344 345 // 'br_on_exn' extracts exnref object and pushes variable number of values 346 // depending on its tag. For C++ exception, its a single i32 value, and the 347 // generated code will be in the form of: 348 // block i32 349 // br_on_exn 0, $__cpp_exception 350 // rethrow 351 // end_block 352 WebAssembly::BlockType ReturnType = WebAssembly::BlockType::Void; 353 if (IsBrOnExn) { 354 const char *TagName = BrOnExn->getOperand(1).getSymbolName(); 355 if (std::strcmp(TagName, "__cpp_exception") != 0) 356 llvm_unreachable("Only C++ exception is supported"); 357 ReturnType = WebAssembly::BlockType::I32; 358 } 359 360 auto InsertPos = getLatestInsertPos(Header, BeforeSet, AfterSet); 361 MachineInstr *Begin = 362 BuildMI(*Header, InsertPos, Header->findDebugLoc(InsertPos), 363 TII.get(WebAssembly::BLOCK)) 364 .addImm(int64_t(ReturnType)); 365 366 // Decide where in Header to put the END_BLOCK. 367 BeforeSet.clear(); 368 AfterSet.clear(); 369 for (auto &MI : MBB) { 370 #ifndef NDEBUG 371 // END_BLOCK should precede existing LOOP and TRY markers. 372 if (MI.getOpcode() == WebAssembly::LOOP || 373 MI.getOpcode() == WebAssembly::TRY) 374 AfterSet.insert(&MI); 375 #endif 376 377 // If there is a previously placed END_LOOP marker and the header of the 378 // loop is above this block's header, the END_LOOP should be placed after 379 // the BLOCK, because the loop contains this block. Otherwise the END_LOOP 380 // should be placed before the BLOCK. The same for END_TRY. 381 if (MI.getOpcode() == WebAssembly::END_LOOP || 382 MI.getOpcode() == WebAssembly::END_TRY) { 383 if (EndToBegin[&MI]->getParent()->getNumber() >= Header->getNumber()) 384 BeforeSet.insert(&MI); 385 #ifndef NDEBUG 386 else 387 AfterSet.insert(&MI); 388 #endif 389 } 390 } 391 392 // Mark the end of the block. 393 InsertPos = getEarliestInsertPos(&MBB, BeforeSet, AfterSet); 394 MachineInstr *End = BuildMI(MBB, InsertPos, MBB.findPrevDebugLoc(InsertPos), 395 TII.get(WebAssembly::END_BLOCK)); 396 registerScope(Begin, End); 397 398 // Track the farthest-spanning scope that ends at this point. 399 int Number = MBB.getNumber(); 400 if (!ScopeTops[Number] || 401 ScopeTops[Number]->getNumber() > Header->getNumber()) 402 ScopeTops[Number] = Header; 403 } 404 405 /// Insert a LOOP marker for a loop starting at MBB (if it's a loop header). 406 void WebAssemblyCFGStackify::placeLoopMarker(MachineBasicBlock &MBB) { 407 MachineFunction &MF = *MBB.getParent(); 408 const auto &MLI = getAnalysis<MachineLoopInfo>(); 409 const auto &WEI = getAnalysis<WebAssemblyExceptionInfo>(); 410 SortRegionInfo SRI(MLI, WEI); 411 const auto &TII = *MF.getSubtarget<WebAssemblySubtarget>().getInstrInfo(); 412 413 MachineLoop *Loop = MLI.getLoopFor(&MBB); 414 if (!Loop || Loop->getHeader() != &MBB) 415 return; 416 417 // The operand of a LOOP is the first block after the loop. If the loop is the 418 // bottom of the function, insert a dummy block at the end. 419 MachineBasicBlock *Bottom = SRI.getBottom(Loop); 420 auto Iter = std::next(Bottom->getIterator()); 421 if (Iter == MF.end()) { 422 getAppendixBlock(MF); 423 Iter = std::next(Bottom->getIterator()); 424 } 425 MachineBasicBlock *AfterLoop = &*Iter; 426 427 // Decide where in Header to put the LOOP. 428 SmallPtrSet<const MachineInstr *, 4> BeforeSet; 429 SmallPtrSet<const MachineInstr *, 4> AfterSet; 430 for (const auto &MI : MBB) { 431 // LOOP marker should be after any existing loop that ends here. Otherwise 432 // we assume the instruction belongs to the loop. 433 if (MI.getOpcode() == WebAssembly::END_LOOP) 434 BeforeSet.insert(&MI); 435 #ifndef NDEBUG 436 else 437 AfterSet.insert(&MI); 438 #endif 439 } 440 441 // Mark the beginning of the loop. 442 auto InsertPos = getEarliestInsertPos(&MBB, BeforeSet, AfterSet); 443 MachineInstr *Begin = BuildMI(MBB, InsertPos, MBB.findDebugLoc(InsertPos), 444 TII.get(WebAssembly::LOOP)) 445 .addImm(int64_t(WebAssembly::BlockType::Void)); 446 447 // Decide where in Header to put the END_LOOP. 448 BeforeSet.clear(); 449 AfterSet.clear(); 450 #ifndef NDEBUG 451 for (const auto &MI : MBB) 452 // Existing END_LOOP markers belong to parent loops of this loop 453 if (MI.getOpcode() == WebAssembly::END_LOOP) 454 AfterSet.insert(&MI); 455 #endif 456 457 // Mark the end of the loop (using arbitrary debug location that branched to 458 // the loop end as its location). 459 InsertPos = getEarliestInsertPos(AfterLoop, BeforeSet, AfterSet); 460 DebugLoc EndDL = AfterLoop->pred_empty() 461 ? DebugLoc() 462 : (*AfterLoop->pred_rbegin())->findBranchDebugLoc(); 463 MachineInstr *End = 464 BuildMI(*AfterLoop, InsertPos, EndDL, TII.get(WebAssembly::END_LOOP)); 465 registerScope(Begin, End); 466 467 assert((!ScopeTops[AfterLoop->getNumber()] || 468 ScopeTops[AfterLoop->getNumber()]->getNumber() < MBB.getNumber()) && 469 "With block sorting the outermost loop for a block should be first."); 470 if (!ScopeTops[AfterLoop->getNumber()]) 471 ScopeTops[AfterLoop->getNumber()] = &MBB; 472 } 473 474 void WebAssemblyCFGStackify::placeTryMarker(MachineBasicBlock &MBB) { 475 assert(MBB.isEHPad()); 476 MachineFunction &MF = *MBB.getParent(); 477 auto &MDT = getAnalysis<MachineDominatorTree>(); 478 const auto &TII = *MF.getSubtarget<WebAssemblySubtarget>().getInstrInfo(); 479 const auto &MLI = getAnalysis<MachineLoopInfo>(); 480 const auto &WEI = getAnalysis<WebAssemblyExceptionInfo>(); 481 SortRegionInfo SRI(MLI, WEI); 482 const auto &MFI = *MF.getInfo<WebAssemblyFunctionInfo>(); 483 484 // Compute the nearest common dominator of all unwind predecessors 485 MachineBasicBlock *Header = nullptr; 486 int MBBNumber = MBB.getNumber(); 487 for (auto *Pred : MBB.predecessors()) { 488 if (Pred->getNumber() < MBBNumber) { 489 Header = Header ? MDT.findNearestCommonDominator(Header, Pred) : Pred; 490 assert(!explicitlyBranchesTo(Pred, &MBB) && 491 "Explicit branch to an EH pad!"); 492 } 493 } 494 if (!Header) 495 return; 496 497 // If this try is at the bottom of the function, insert a dummy block at the 498 // end. 499 WebAssemblyException *WE = WEI.getExceptionFor(&MBB); 500 assert(WE); 501 MachineBasicBlock *Bottom = SRI.getBottom(WE); 502 503 auto Iter = std::next(Bottom->getIterator()); 504 if (Iter == MF.end()) { 505 getAppendixBlock(MF); 506 Iter = std::next(Bottom->getIterator()); 507 } 508 MachineBasicBlock *Cont = &*Iter; 509 510 assert(Cont != &MF.front()); 511 MachineBasicBlock *LayoutPred = Cont->getPrevNode(); 512 513 // If the nearest common dominator is inside a more deeply nested context, 514 // walk out to the nearest scope which isn't more deeply nested. 515 for (MachineFunction::iterator I(LayoutPred), E(Header); I != E; --I) { 516 if (MachineBasicBlock *ScopeTop = ScopeTops[I->getNumber()]) { 517 if (ScopeTop->getNumber() > Header->getNumber()) { 518 // Skip over an intervening scope. 519 I = std::next(ScopeTop->getIterator()); 520 } else { 521 // We found a scope level at an appropriate depth. 522 Header = ScopeTop; 523 break; 524 } 525 } 526 } 527 528 // Decide where in Header to put the TRY. 529 530 // Instructions that should go before the TRY. 531 SmallPtrSet<const MachineInstr *, 4> BeforeSet; 532 // Instructions that should go after the TRY. 533 SmallPtrSet<const MachineInstr *, 4> AfterSet; 534 for (const auto &MI : *Header) { 535 // If there is a previously placed LOOP marker and the bottom block of the 536 // loop is above MBB, it should be after the TRY, because the loop is nested 537 // in this TRY. Otherwise it should be before the TRY. 538 if (MI.getOpcode() == WebAssembly::LOOP) { 539 auto *LoopBottom = BeginToEnd[&MI]->getParent()->getPrevNode(); 540 if (MBB.getNumber() > LoopBottom->getNumber()) 541 AfterSet.insert(&MI); 542 #ifndef NDEBUG 543 else 544 BeforeSet.insert(&MI); 545 #endif 546 } 547 548 // All previously inserted BLOCK/TRY markers should be after the TRY because 549 // they are all nested trys. 550 if (MI.getOpcode() == WebAssembly::BLOCK || 551 MI.getOpcode() == WebAssembly::TRY) 552 AfterSet.insert(&MI); 553 554 #ifndef NDEBUG 555 // All END_(BLOCK/LOOP/TRY) markers should be before the TRY. 556 if (MI.getOpcode() == WebAssembly::END_BLOCK || 557 MI.getOpcode() == WebAssembly::END_LOOP || 558 MI.getOpcode() == WebAssembly::END_TRY) 559 BeforeSet.insert(&MI); 560 #endif 561 562 // Terminators should go after the TRY. 563 if (MI.isTerminator()) 564 AfterSet.insert(&MI); 565 } 566 567 // If Header unwinds to MBB (= Header contains 'invoke'), the try block should 568 // contain the call within it. So the call should go after the TRY. The 569 // exception is when the header's terminator is a rethrow instruction, in 570 // which case that instruction, not a call instruction before it, is gonna 571 // throw. 572 MachineInstr *ThrowingCall = nullptr; 573 if (MBB.isPredecessor(Header)) { 574 auto TermPos = Header->getFirstTerminator(); 575 if (TermPos == Header->end() || 576 TermPos->getOpcode() != WebAssembly::RETHROW) { 577 for (auto &MI : reverse(*Header)) { 578 if (MI.isCall()) { 579 AfterSet.insert(&MI); 580 ThrowingCall = &MI; 581 // Possibly throwing calls are usually wrapped by EH_LABEL 582 // instructions. We don't want to split them and the call. 583 if (MI.getIterator() != Header->begin() && 584 std::prev(MI.getIterator())->isEHLabel()) { 585 AfterSet.insert(&*std::prev(MI.getIterator())); 586 ThrowingCall = &*std::prev(MI.getIterator()); 587 } 588 break; 589 } 590 } 591 } 592 } 593 594 // Local expression tree should go after the TRY. 595 // For BLOCK placement, we start the search from the previous instruction of a 596 // BB's terminator, but in TRY's case, we should start from the previous 597 // instruction of a call that can throw, or a EH_LABEL that precedes the call, 598 // because the return values of the call's previous instructions can be 599 // stackified and consumed by the throwing call. 600 auto SearchStartPt = ThrowingCall ? MachineBasicBlock::iterator(ThrowingCall) 601 : Header->getFirstTerminator(); 602 for (auto I = SearchStartPt, E = Header->begin(); I != E; --I) { 603 if (std::prev(I)->isDebugInstr() || std::prev(I)->isPosition()) 604 continue; 605 if (WebAssembly::isChild(*std::prev(I), MFI)) 606 AfterSet.insert(&*std::prev(I)); 607 else 608 break; 609 } 610 611 // Add the TRY. 612 auto InsertPos = getLatestInsertPos(Header, BeforeSet, AfterSet); 613 MachineInstr *Begin = 614 BuildMI(*Header, InsertPos, Header->findDebugLoc(InsertPos), 615 TII.get(WebAssembly::TRY)) 616 .addImm(int64_t(WebAssembly::BlockType::Void)); 617 618 // Decide where in Header to put the END_TRY. 619 BeforeSet.clear(); 620 AfterSet.clear(); 621 for (const auto &MI : *Cont) { 622 #ifndef NDEBUG 623 // END_TRY should precede existing LOOP and BLOCK markers. 624 if (MI.getOpcode() == WebAssembly::LOOP || 625 MI.getOpcode() == WebAssembly::BLOCK) 626 AfterSet.insert(&MI); 627 628 // All END_TRY markers placed earlier belong to exceptions that contains 629 // this one. 630 if (MI.getOpcode() == WebAssembly::END_TRY) 631 AfterSet.insert(&MI); 632 #endif 633 634 // If there is a previously placed END_LOOP marker and its header is after 635 // where TRY marker is, this loop is contained within the 'catch' part, so 636 // the END_TRY marker should go after that. Otherwise, the whole try-catch 637 // is contained within this loop, so the END_TRY should go before that. 638 if (MI.getOpcode() == WebAssembly::END_LOOP) { 639 // For a LOOP to be after TRY, LOOP's BB should be after TRY's BB; if they 640 // are in the same BB, LOOP is always before TRY. 641 if (EndToBegin[&MI]->getParent()->getNumber() > Header->getNumber()) 642 BeforeSet.insert(&MI); 643 #ifndef NDEBUG 644 else 645 AfterSet.insert(&MI); 646 #endif 647 } 648 649 // It is not possible for an END_BLOCK to be already in this block. 650 } 651 652 // Mark the end of the TRY. 653 InsertPos = getEarliestInsertPos(Cont, BeforeSet, AfterSet); 654 MachineInstr *End = 655 BuildMI(*Cont, InsertPos, Bottom->findBranchDebugLoc(), 656 TII.get(WebAssembly::END_TRY)); 657 registerTryScope(Begin, End, &MBB); 658 659 // Track the farthest-spanning scope that ends at this point. We create two 660 // mappings: (BB with 'end_try' -> BB with 'try') and (BB with 'catch' -> BB 661 // with 'try'). We need to create 'catch' -> 'try' mapping here too because 662 // markers should not span across 'catch'. For example, this should not 663 // happen: 664 // 665 // try 666 // block --| (X) 667 // catch | 668 // end_block --| 669 // end_try 670 for (int Number : {Cont->getNumber(), MBB.getNumber()}) { 671 if (!ScopeTops[Number] || 672 ScopeTops[Number]->getNumber() > Header->getNumber()) 673 ScopeTops[Number] = Header; 674 } 675 } 676 677 void WebAssemblyCFGStackify::removeUnnecessaryInstrs(MachineFunction &MF) { 678 const auto &TII = *MF.getSubtarget<WebAssemblySubtarget>().getInstrInfo(); 679 680 // When there is an unconditional branch right before a catch instruction and 681 // it branches to the end of end_try marker, we don't need the branch, because 682 // it there is no exception, the control flow transfers to that point anyway. 683 // bb0: 684 // try 685 // ... 686 // br bb2 <- Not necessary 687 // bb1: 688 // catch 689 // ... 690 // bb2: 691 // end 692 for (auto &MBB : MF) { 693 if (!MBB.isEHPad()) 694 continue; 695 696 MachineBasicBlock *TBB = nullptr, *FBB = nullptr; 697 SmallVector<MachineOperand, 4> Cond; 698 MachineBasicBlock *EHPadLayoutPred = MBB.getPrevNode(); 699 MachineBasicBlock *Cont = BeginToEnd[EHPadToTry[&MBB]]->getParent(); 700 bool Analyzable = !TII.analyzeBranch(*EHPadLayoutPred, TBB, FBB, Cond); 701 // This condition means either 702 // 1. This BB ends with a single unconditional branch whose destinaion is 703 // Cont. 704 // 2. This BB ends with a conditional branch followed by an unconditional 705 // branch, and the unconditional branch's destination is Cont. 706 // In both cases, we want to remove the last (= unconditional) branch. 707 if (Analyzable && ((Cond.empty() && TBB && TBB == Cont) || 708 (!Cond.empty() && FBB && FBB == Cont))) { 709 bool ErasedUncondBr = false; 710 (void)ErasedUncondBr; 711 for (auto I = EHPadLayoutPred->end(), E = EHPadLayoutPred->begin(); 712 I != E; --I) { 713 auto PrevI = std::prev(I); 714 if (PrevI->isTerminator()) { 715 assert(PrevI->getOpcode() == WebAssembly::BR); 716 PrevI->eraseFromParent(); 717 ErasedUncondBr = true; 718 break; 719 } 720 } 721 assert(ErasedUncondBr && "Unconditional branch not erased!"); 722 } 723 } 724 725 // When there are block / end_block markers that overlap with try / end_try 726 // markers, and the block and try markers' return types are the same, the 727 // block /end_block markers are not necessary, because try / end_try markers 728 // also can serve as boundaries for branches. 729 // block <- Not necessary 730 // try 731 // ... 732 // catch 733 // ... 734 // end 735 // end <- Not necessary 736 SmallVector<MachineInstr *, 32> ToDelete; 737 for (auto &MBB : MF) { 738 for (auto &MI : MBB) { 739 if (MI.getOpcode() != WebAssembly::TRY) 740 continue; 741 742 MachineInstr *Try = &MI, *EndTry = BeginToEnd[Try]; 743 MachineBasicBlock *TryBB = Try->getParent(); 744 MachineBasicBlock *Cont = EndTry->getParent(); 745 int64_t RetType = Try->getOperand(0).getImm(); 746 for (auto B = Try->getIterator(), E = std::next(EndTry->getIterator()); 747 B != TryBB->begin() && E != Cont->end() && 748 std::prev(B)->getOpcode() == WebAssembly::BLOCK && 749 E->getOpcode() == WebAssembly::END_BLOCK && 750 std::prev(B)->getOperand(0).getImm() == RetType; 751 --B, ++E) { 752 ToDelete.push_back(&*std::prev(B)); 753 ToDelete.push_back(&*E); 754 } 755 } 756 } 757 for (auto *MI : ToDelete) { 758 if (MI->getOpcode() == WebAssembly::BLOCK) 759 unregisterScope(MI); 760 MI->eraseFromParent(); 761 } 762 } 763 764 // Get the appropriate copy opcode for the given register class. 765 static unsigned getCopyOpcode(const TargetRegisterClass *RC) { 766 if (RC == &WebAssembly::I32RegClass) 767 return WebAssembly::COPY_I32; 768 if (RC == &WebAssembly::I64RegClass) 769 return WebAssembly::COPY_I64; 770 if (RC == &WebAssembly::F32RegClass) 771 return WebAssembly::COPY_F32; 772 if (RC == &WebAssembly::F64RegClass) 773 return WebAssembly::COPY_F64; 774 if (RC == &WebAssembly::V128RegClass) 775 return WebAssembly::COPY_V128; 776 if (RC == &WebAssembly::FUNCREFRegClass) 777 return WebAssembly::COPY_FUNCREF; 778 if (RC == &WebAssembly::EXTERNREFRegClass) 779 return WebAssembly::COPY_EXTERNREF; 780 if (RC == &WebAssembly::EXNREFRegClass) 781 return WebAssembly::COPY_EXNREF; 782 llvm_unreachable("Unexpected register class"); 783 } 784 785 // When MBB is split into MBB and Split, we should unstackify defs in MBB that 786 // have their uses in Split. 787 static void unstackifyVRegsUsedInSplitBB(MachineBasicBlock &MBB, 788 MachineBasicBlock &Split, 789 WebAssemblyFunctionInfo &MFI, 790 MachineRegisterInfo &MRI, 791 const WebAssemblyInstrInfo &TII) { 792 for (auto &MI : Split) { 793 for (auto &MO : MI.explicit_uses()) { 794 if (!MO.isReg() || Register::isPhysicalRegister(MO.getReg())) 795 continue; 796 if (MachineInstr *Def = MRI.getUniqueVRegDef(MO.getReg())) 797 if (Def->getParent() == &MBB) 798 MFI.unstackifyVReg(MO.getReg()); 799 } 800 } 801 802 // In RegStackify, when a register definition is used multiple times, 803 // Reg = INST ... 804 // INST ..., Reg, ... 805 // INST ..., Reg, ... 806 // INST ..., Reg, ... 807 // 808 // we introduce a TEE, which has the following form: 809 // DefReg = INST ... 810 // TeeReg, Reg = TEE_... DefReg 811 // INST ..., TeeReg, ... 812 // INST ..., Reg, ... 813 // INST ..., Reg, ... 814 // with DefReg and TeeReg stackified but Reg not stackified. 815 // 816 // But the invariant that TeeReg should be stackified can be violated while we 817 // unstackify registers in the split BB above. In this case, we convert TEEs 818 // into two COPYs. This COPY will be eventually eliminated in ExplicitLocals. 819 // DefReg = INST ... 820 // TeeReg = COPY DefReg 821 // Reg = COPY DefReg 822 // INST ..., TeeReg, ... 823 // INST ..., Reg, ... 824 // INST ..., Reg, ... 825 for (auto I = MBB.begin(), E = MBB.end(); I != E;) { 826 MachineInstr &MI = *I++; 827 if (!WebAssembly::isTee(MI.getOpcode())) 828 continue; 829 Register TeeReg = MI.getOperand(0).getReg(); 830 Register Reg = MI.getOperand(1).getReg(); 831 Register DefReg = MI.getOperand(2).getReg(); 832 if (!MFI.isVRegStackified(TeeReg)) { 833 // Now we are not using TEE anymore, so unstackify DefReg too 834 MFI.unstackifyVReg(DefReg); 835 unsigned CopyOpc = getCopyOpcode(MRI.getRegClass(DefReg)); 836 BuildMI(MBB, &MI, MI.getDebugLoc(), TII.get(CopyOpc), TeeReg) 837 .addReg(DefReg); 838 BuildMI(MBB, &MI, MI.getDebugLoc(), TII.get(CopyOpc), Reg).addReg(DefReg); 839 MI.eraseFromParent(); 840 } 841 } 842 } 843 844 bool WebAssemblyCFGStackify::fixUnwindMismatches(MachineFunction &MF) { 845 const auto &TII = *MF.getSubtarget<WebAssemblySubtarget>().getInstrInfo(); 846 auto &MFI = *MF.getInfo<WebAssemblyFunctionInfo>(); 847 MachineRegisterInfo &MRI = MF.getRegInfo(); 848 849 // Linearizing the control flow by placing TRY / END_TRY markers can create 850 // mismatches in unwind destinations. There are two kinds of mismatches we 851 // try to solve here. 852 853 // 1. When an instruction may throw, but the EH pad it will unwind to can be 854 // different from the original CFG. 855 // 856 // Example: we have the following CFG: 857 // bb0: 858 // call @foo (if it throws, unwind to bb2) 859 // bb1: 860 // call @bar (if it throws, unwind to bb3) 861 // bb2 (ehpad): 862 // catch 863 // ... 864 // bb3 (ehpad) 865 // catch 866 // handler body 867 // 868 // And the CFG is sorted in this order. Then after placing TRY markers, it 869 // will look like: (BB markers are omitted) 870 // try $label1 871 // try 872 // call @foo 873 // call @bar (if it throws, unwind to bb3) 874 // catch <- ehpad (bb2) 875 // ... 876 // end_try 877 // catch <- ehpad (bb3) 878 // handler body 879 // end_try 880 // 881 // Now if bar() throws, it is going to end up ip in bb2, not bb3, where it 882 // is supposed to end up. We solve this problem by 883 // a. Split the target unwind EH pad (here bb3) so that the handler body is 884 // right after 'end_try', which means we extract the handler body out of 885 // the catch block. We do this because this handler body should be 886 // somewhere branch-eable from the inner scope. 887 // b. Wrap the call that has an incorrect unwind destination ('call @bar' 888 // here) with a nested try/catch/end_try scope, and within the new catch 889 // block, branches to the handler body. 890 // c. Place a branch after the newly inserted nested end_try so it can bypass 891 // the handler body, which is now outside of a catch block. 892 // 893 // The result will like as follows. (new: a) means this instruction is newly 894 // created in the process of doing 'a' above. 895 // 896 // block $label0 (new: placeBlockMarker) 897 // try $label1 898 // try 899 // call @foo 900 // try (new: b) 901 // call @bar 902 // catch (new: b) 903 // local.set n / drop (new: b) 904 // br $label1 (new: b) 905 // end_try (new: b) 906 // catch <- ehpad (bb2) 907 // end_try 908 // br $label0 (new: c) 909 // catch <- ehpad (bb3) 910 // end_try (hoisted: a) 911 // handler body 912 // end_block (new: placeBlockMarker) 913 // 914 // Note that the new wrapping block/end_block will be generated later in 915 // placeBlockMarker. 916 // 917 // TODO Currently local.set and local.gets are generated to move exnref value 918 // created by catches. That's because we don't support yielding values from a 919 // block in LLVM machine IR yet, even though it is supported by wasm. Delete 920 // unnecessary local.get/local.sets once yielding values from a block is 921 // supported. The full EH spec requires multi-value support to do this, but 922 // for C++ we don't yet need it because we only throw a single i32. 923 // 924 // --- 925 // 2. The same as 1, but in this case an instruction unwinds to a caller 926 // function and not another EH pad. 927 // 928 // Example: we have the following CFG: 929 // bb0: 930 // call @foo (if it throws, unwind to bb2) 931 // bb1: 932 // call @bar (if it throws, unwind to caller) 933 // bb2 (ehpad): 934 // catch 935 // ... 936 // 937 // And the CFG is sorted in this order. Then after placing TRY markers, it 938 // will look like: 939 // try 940 // call @foo 941 // call @bar (if it throws, unwind to caller) 942 // catch <- ehpad (bb2) 943 // ... 944 // end_try 945 // 946 // Now if bar() throws, it is going to end up ip in bb2, when it is supposed 947 // throw up to the caller. 948 // We solve this problem by 949 // a. Create a new 'appendix' BB at the end of the function and put a single 950 // 'rethrow' instruction (+ local.get) in there. 951 // b. Wrap the call that has an incorrect unwind destination ('call @bar' 952 // here) with a nested try/catch/end_try scope, and within the new catch 953 // block, branches to the new appendix block. 954 // 955 // block $label0 (new: placeBlockMarker) 956 // try 957 // call @foo 958 // try (new: b) 959 // call @bar 960 // catch (new: b) 961 // local.set n (new: b) 962 // br $label0 (new: b) 963 // end_try (new: b) 964 // catch <- ehpad (bb2) 965 // ... 966 // end_try 967 // ... 968 // end_block (new: placeBlockMarker) 969 // local.get n (new: a) <- appendix block 970 // rethrow (new: a) 971 // 972 // In case there are multiple calls in a BB that may throw to the caller, they 973 // can be wrapped together in one nested try scope. (In 1, this couldn't 974 // happen, because may-throwing instruction there had an unwind destination, 975 // i.e., it was an invoke before, and there could be only one invoke within a 976 // BB.) 977 978 SmallVector<const MachineBasicBlock *, 8> EHPadStack; 979 // Range of intructions to be wrapped in a new nested try/catch 980 using TryRange = std::pair<MachineInstr *, MachineInstr *>; 981 // In original CFG, <unwind destination BB, a vector of try ranges> 982 DenseMap<MachineBasicBlock *, SmallVector<TryRange, 4>> UnwindDestToTryRanges; 983 // In new CFG, <destination to branch to, a vector of try ranges> 984 DenseMap<MachineBasicBlock *, SmallVector<TryRange, 4>> BrDestToTryRanges; 985 // In new CFG, <destination to branch to, register containing exnref> 986 DenseMap<MachineBasicBlock *, unsigned> BrDestToExnReg; 987 988 // Destinations for branches that will be newly added, for which a new 989 // BLOCK/END_BLOCK markers are necessary. 990 SmallVector<MachineBasicBlock *, 8> BrDests; 991 992 // Gather possibly throwing calls (i.e., previously invokes) whose current 993 // unwind destination is not the same as the original CFG. 994 for (auto &MBB : reverse(MF)) { 995 bool SeenThrowableInstInBB = false; 996 for (auto &MI : reverse(MBB)) { 997 if (MI.getOpcode() == WebAssembly::TRY) 998 EHPadStack.pop_back(); 999 else if (MI.getOpcode() == WebAssembly::CATCH) 1000 EHPadStack.push_back(MI.getParent()); 1001 1002 // In this loop we only gather calls that have an EH pad to unwind. So 1003 // there will be at most 1 such call (= invoke) in a BB, so after we've 1004 // seen one, we can skip the rest of BB. Also if MBB has no EH pad 1005 // successor or MI does not throw, this is not an invoke. 1006 if (SeenThrowableInstInBB || !MBB.hasEHPadSuccessor() || 1007 !WebAssembly::mayThrow(MI)) 1008 continue; 1009 SeenThrowableInstInBB = true; 1010 1011 // If the EH pad on the stack top is where this instruction should unwind 1012 // next, we're good. 1013 MachineBasicBlock *UnwindDest = nullptr; 1014 for (auto *Succ : MBB.successors()) { 1015 if (Succ->isEHPad()) { 1016 UnwindDest = Succ; 1017 break; 1018 } 1019 } 1020 if (EHPadStack.back() == UnwindDest) 1021 continue; 1022 1023 // If not, record the range. 1024 UnwindDestToTryRanges[UnwindDest].push_back(TryRange(&MI, &MI)); 1025 } 1026 } 1027 1028 assert(EHPadStack.empty()); 1029 1030 // Gather possibly throwing calls that are supposed to unwind up to the caller 1031 // if they throw, but currently unwind to an incorrect destination. Unlike the 1032 // loop above, there can be multiple calls within a BB that unwind to the 1033 // caller, which we should group together in a range. 1034 bool NeedAppendixBlock = false; 1035 for (auto &MBB : reverse(MF)) { 1036 MachineInstr *RangeBegin = nullptr, *RangeEnd = nullptr; // inclusive 1037 for (auto &MI : reverse(MBB)) { 1038 if (MI.getOpcode() == WebAssembly::TRY) 1039 EHPadStack.pop_back(); 1040 else if (MI.getOpcode() == WebAssembly::CATCH) 1041 EHPadStack.push_back(MI.getParent()); 1042 1043 // If MBB has an EH pad successor, this inst does not unwind to caller. 1044 if (MBB.hasEHPadSuccessor()) 1045 continue; 1046 1047 // We wrap up the current range when we see a marker even if we haven't 1048 // finished a BB. 1049 if (RangeEnd && WebAssembly::isMarker(MI.getOpcode())) { 1050 NeedAppendixBlock = true; 1051 // Record the range. nullptr here means the unwind destination is the 1052 // caller. 1053 UnwindDestToTryRanges[nullptr].push_back( 1054 TryRange(RangeBegin, RangeEnd)); 1055 RangeBegin = RangeEnd = nullptr; // Reset range pointers 1056 } 1057 1058 // If EHPadStack is empty, that means it is correctly unwind to caller if 1059 // it throws, so we're good. If MI does not throw, we're good too. 1060 if (EHPadStack.empty() || !WebAssembly::mayThrow(MI)) 1061 continue; 1062 1063 // We found an instruction that unwinds to the caller but currently has an 1064 // incorrect unwind destination. Create a new range or increment the 1065 // currently existing range. 1066 if (!RangeEnd) 1067 RangeBegin = RangeEnd = &MI; 1068 else 1069 RangeBegin = &MI; 1070 } 1071 1072 if (RangeEnd) { 1073 NeedAppendixBlock = true; 1074 // Record the range. nullptr here means the unwind destination is the 1075 // caller. 1076 UnwindDestToTryRanges[nullptr].push_back(TryRange(RangeBegin, RangeEnd)); 1077 RangeBegin = RangeEnd = nullptr; // Reset range pointers 1078 } 1079 } 1080 1081 assert(EHPadStack.empty()); 1082 // We don't have any unwind destination mismatches to resolve. 1083 if (UnwindDestToTryRanges.empty()) 1084 return false; 1085 1086 // If we found instructions that should unwind to the caller but currently 1087 // have incorrect unwind destination, we create an appendix block at the end 1088 // of the function with a local.get and a rethrow instruction. 1089 if (NeedAppendixBlock) { 1090 auto *AppendixBB = getAppendixBlock(MF); 1091 Register ExnReg = MRI.createVirtualRegister(&WebAssembly::EXNREFRegClass); 1092 BuildMI(AppendixBB, DebugLoc(), TII.get(WebAssembly::RETHROW)) 1093 .addReg(ExnReg); 1094 // These instruction ranges should branch to this appendix BB. 1095 for (auto Range : UnwindDestToTryRanges[nullptr]) 1096 BrDestToTryRanges[AppendixBB].push_back(Range); 1097 BrDestToExnReg[AppendixBB] = ExnReg; 1098 } 1099 1100 // We loop through unwind destination EH pads that are targeted from some 1101 // inner scopes. Because these EH pads are destination of more than one scope 1102 // now, we split them so that the handler body is after 'end_try'. 1103 // - Before 1104 // ehpad: 1105 // catch 1106 // local.set n / drop 1107 // handler body 1108 // ... 1109 // cont: 1110 // end_try 1111 // 1112 // - After 1113 // ehpad: 1114 // catch 1115 // local.set n / drop 1116 // brdest: (new) 1117 // end_try (hoisted from 'cont' BB) 1118 // handler body (taken from 'ehpad') 1119 // ... 1120 // cont: 1121 for (auto &P : UnwindDestToTryRanges) { 1122 NumUnwindMismatches += P.second.size(); 1123 1124 // This means the destination is the appendix BB, which was separately 1125 // handled above. 1126 if (!P.first) 1127 continue; 1128 1129 MachineBasicBlock *EHPad = P.first; 1130 Register ExnReg = 0; 1131 MachineInstr *Catch = findCatch(EHPad, ExnReg); 1132 auto SplitPos = std::next(Catch->getIterator()); 1133 1134 // Create a new BB that's gonna be the destination for branches from the 1135 // inner mismatched scope. 1136 MachineInstr *BeginTry = EHPadToTry[EHPad]; 1137 MachineInstr *EndTry = BeginToEnd[BeginTry]; 1138 MachineBasicBlock *Cont = EndTry->getParent(); 1139 auto *BrDest = MF.CreateMachineBasicBlock(); 1140 MF.insert(std::next(EHPad->getIterator()), BrDest); 1141 // Hoist up the existing 'end_try'. 1142 BrDest->insert(BrDest->end(), EndTry->removeFromParent()); 1143 // Take out the handler body from EH pad to the new branch destination BB. 1144 BrDest->splice(BrDest->end(), EHPad, SplitPos, EHPad->end()); 1145 unstackifyVRegsUsedInSplitBB(*EHPad, *BrDest, MFI, MRI, TII); 1146 // Fix predecessor-successor relationship. 1147 BrDest->transferSuccessors(EHPad); 1148 EHPad->addSuccessor(BrDest); 1149 1150 // All try ranges that were supposed to unwind to this EH pad now have to 1151 // branch to this new branch dest BB. 1152 for (auto Range : UnwindDestToTryRanges[EHPad]) 1153 BrDestToTryRanges[BrDest].push_back(Range); 1154 BrDestToExnReg[BrDest] = ExnReg; 1155 1156 // In case we fall through to the continuation BB after the catch block, we 1157 // now have to add a branch to it. 1158 // - Before 1159 // try 1160 // ... 1161 // (falls through to 'cont') 1162 // catch 1163 // handler body 1164 // end 1165 // <-- cont 1166 // 1167 // - After 1168 // try 1169 // ... 1170 // br %cont (new) 1171 // catch 1172 // end 1173 // handler body 1174 // <-- cont 1175 MachineBasicBlock *EHPadLayoutPred = &*std::prev(EHPad->getIterator()); 1176 MachineBasicBlock *TBB = nullptr, *FBB = nullptr; 1177 SmallVector<MachineOperand, 4> Cond; 1178 bool Analyzable = !TII.analyzeBranch(*EHPadLayoutPred, TBB, FBB, Cond); 1179 if (Analyzable && !TBB && !FBB) { 1180 DebugLoc DL = EHPadLayoutPred->empty() 1181 ? DebugLoc() 1182 : EHPadLayoutPred->rbegin()->getDebugLoc(); 1183 BuildMI(EHPadLayoutPred, DL, TII.get(WebAssembly::BR)).addMBB(Cont); 1184 BrDests.push_back(Cont); 1185 } 1186 } 1187 1188 // For possibly throwing calls whose unwind destinations are currently 1189 // incorrect because of CFG linearization, we wrap them with a nested 1190 // try/catch/end_try, and within the new catch block, we branch to the correct 1191 // handler. 1192 // - Before 1193 // mbb: 1194 // call @foo <- Unwind destination mismatch! 1195 // ehpad: 1196 // ... 1197 // 1198 // - After 1199 // mbb: 1200 // try (new) 1201 // call @foo 1202 // nested-ehpad: (new) 1203 // catch (new) 1204 // local.set n / drop (new) 1205 // br %brdest (new) 1206 // nested-end: (new) 1207 // end_try (new) 1208 // ehpad: 1209 // ... 1210 for (auto &P : BrDestToTryRanges) { 1211 MachineBasicBlock *BrDest = P.first; 1212 auto &TryRanges = P.second; 1213 unsigned ExnReg = BrDestToExnReg[BrDest]; 1214 1215 for (auto Range : TryRanges) { 1216 MachineInstr *RangeBegin = nullptr, *RangeEnd = nullptr; 1217 std::tie(RangeBegin, RangeEnd) = Range; 1218 auto *MBB = RangeBegin->getParent(); 1219 // Store the first function call from this range, because RangeBegin can 1220 // be moved to point EH_LABEL before the call 1221 MachineInstr *RangeBeginCall = RangeBegin; 1222 1223 // Include possible EH_LABELs in the range 1224 if (RangeBegin->getIterator() != MBB->begin() && 1225 std::prev(RangeBegin->getIterator())->isEHLabel()) 1226 RangeBegin = &*std::prev(RangeBegin->getIterator()); 1227 if (std::next(RangeEnd->getIterator()) != MBB->end() && 1228 std::next(RangeEnd->getIterator())->isEHLabel()) 1229 RangeEnd = &*std::next(RangeEnd->getIterator()); 1230 1231 MachineBasicBlock *EHPad = nullptr; 1232 for (auto *Succ : MBB->successors()) { 1233 if (Succ->isEHPad()) { 1234 EHPad = Succ; 1235 break; 1236 } 1237 } 1238 1239 // Local expression tree before the first call of this range should go 1240 // after the nested TRY. 1241 SmallPtrSet<const MachineInstr *, 4> AfterSet; 1242 AfterSet.insert(RangeBegin); 1243 AfterSet.insert(RangeBeginCall); 1244 for (auto I = MachineBasicBlock::iterator(RangeBeginCall), 1245 E = MBB->begin(); 1246 I != E; --I) { 1247 if (std::prev(I)->isDebugInstr() || std::prev(I)->isPosition()) 1248 continue; 1249 if (WebAssembly::isChild(*std::prev(I), MFI)) 1250 AfterSet.insert(&*std::prev(I)); 1251 else 1252 break; 1253 } 1254 1255 // Create the nested try instruction. 1256 auto InsertPos = getLatestInsertPos( 1257 MBB, SmallPtrSet<const MachineInstr *, 4>(), AfterSet); 1258 MachineInstr *NestedTry = 1259 BuildMI(*MBB, InsertPos, RangeBegin->getDebugLoc(), 1260 TII.get(WebAssembly::TRY)) 1261 .addImm(int64_t(WebAssembly::BlockType::Void)); 1262 1263 // Create the nested EH pad and fill instructions in. 1264 MachineBasicBlock *NestedEHPad = MF.CreateMachineBasicBlock(); 1265 MF.insert(std::next(MBB->getIterator()), NestedEHPad); 1266 NestedEHPad->setIsEHPad(); 1267 NestedEHPad->setIsEHScopeEntry(); 1268 BuildMI(NestedEHPad, RangeEnd->getDebugLoc(), TII.get(WebAssembly::CATCH), 1269 ExnReg); 1270 BuildMI(NestedEHPad, RangeEnd->getDebugLoc(), TII.get(WebAssembly::BR)) 1271 .addMBB(BrDest); 1272 1273 // Create the nested continuation BB and end_try instruction. 1274 MachineBasicBlock *NestedCont = MF.CreateMachineBasicBlock(); 1275 MF.insert(std::next(NestedEHPad->getIterator()), NestedCont); 1276 MachineInstr *NestedEndTry = 1277 BuildMI(*NestedCont, NestedCont->begin(), RangeEnd->getDebugLoc(), 1278 TII.get(WebAssembly::END_TRY)); 1279 // In case MBB has more instructions after the try range, move them to the 1280 // new nested continuation BB. 1281 NestedCont->splice(NestedCont->end(), MBB, 1282 std::next(RangeEnd->getIterator()), MBB->end()); 1283 unstackifyVRegsUsedInSplitBB(*MBB, *NestedCont, MFI, MRI, TII); 1284 registerTryScope(NestedTry, NestedEndTry, NestedEHPad); 1285 1286 // Fix predecessor-successor relationship. 1287 NestedCont->transferSuccessors(MBB); 1288 if (EHPad) { 1289 NestedCont->removeSuccessor(EHPad); 1290 // If EHPad does not have any predecessors left after removing 1291 // NextedCont predecessor, remove its successor too, because this EHPad 1292 // is not reachable from the entry BB anyway. We can't remove EHPad BB 1293 // itself because it can contain 'catch' or 'end', which are necessary 1294 // for keeping try-catch-end structure. 1295 if (EHPad->pred_empty()) 1296 EHPad->removeSuccessor(BrDest); 1297 } 1298 MBB->addSuccessor(NestedEHPad); 1299 MBB->addSuccessor(NestedCont); 1300 NestedEHPad->addSuccessor(BrDest); 1301 } 1302 } 1303 1304 // Renumber BBs and recalculate ScopeTop info because new BBs might have been 1305 // created and inserted above. 1306 MF.RenumberBlocks(); 1307 ScopeTops.clear(); 1308 ScopeTops.resize(MF.getNumBlockIDs()); 1309 for (auto &MBB : reverse(MF)) { 1310 for (auto &MI : reverse(MBB)) { 1311 if (ScopeTops[MBB.getNumber()]) 1312 break; 1313 switch (MI.getOpcode()) { 1314 case WebAssembly::END_BLOCK: 1315 case WebAssembly::END_LOOP: 1316 case WebAssembly::END_TRY: 1317 ScopeTops[MBB.getNumber()] = EndToBegin[&MI]->getParent(); 1318 break; 1319 case WebAssembly::CATCH: 1320 ScopeTops[MBB.getNumber()] = EHPadToTry[&MBB]->getParent(); 1321 break; 1322 } 1323 } 1324 } 1325 1326 // Recompute the dominator tree. 1327 getAnalysis<MachineDominatorTree>().runOnMachineFunction(MF); 1328 1329 // Place block markers for newly added branches, if necessary. 1330 1331 // If we've created an appendix BB and a branch to it, place a block/end_block 1332 // marker for that. For some new branches, those branch destination BBs start 1333 // with a hoisted end_try marker, so we don't need a new marker there. 1334 if (AppendixBB) 1335 BrDests.push_back(AppendixBB); 1336 1337 llvm::sort(BrDests, 1338 [&](const MachineBasicBlock *A, const MachineBasicBlock *B) { 1339 auto ANum = A->getNumber(); 1340 auto BNum = B->getNumber(); 1341 return ANum < BNum; 1342 }); 1343 for (auto *Dest : BrDests) 1344 placeBlockMarker(*Dest); 1345 1346 return true; 1347 } 1348 1349 static unsigned 1350 getDepth(const SmallVectorImpl<const MachineBasicBlock *> &Stack, 1351 const MachineBasicBlock *MBB) { 1352 unsigned Depth = 0; 1353 for (auto X : reverse(Stack)) { 1354 if (X == MBB) 1355 break; 1356 ++Depth; 1357 } 1358 assert(Depth < Stack.size() && "Branch destination should be in scope"); 1359 return Depth; 1360 } 1361 1362 /// In normal assembly languages, when the end of a function is unreachable, 1363 /// because the function ends in an infinite loop or a noreturn call or similar, 1364 /// it isn't necessary to worry about the function return type at the end of 1365 /// the function, because it's never reached. However, in WebAssembly, blocks 1366 /// that end at the function end need to have a return type signature that 1367 /// matches the function signature, even though it's unreachable. This function 1368 /// checks for such cases and fixes up the signatures. 1369 void WebAssemblyCFGStackify::fixEndsAtEndOfFunction(MachineFunction &MF) { 1370 const auto &MFI = *MF.getInfo<WebAssemblyFunctionInfo>(); 1371 1372 if (MFI.getResults().empty()) 1373 return; 1374 1375 // MCInstLower will add the proper types to multivalue signatures based on the 1376 // function return type 1377 WebAssembly::BlockType RetType = 1378 MFI.getResults().size() > 1 1379 ? WebAssembly::BlockType::Multivalue 1380 : WebAssembly::BlockType( 1381 WebAssembly::toValType(MFI.getResults().front())); 1382 1383 SmallVector<MachineBasicBlock::reverse_iterator, 4> Worklist; 1384 Worklist.push_back(MF.rbegin()->rbegin()); 1385 1386 auto Process = [&](MachineBasicBlock::reverse_iterator It) { 1387 auto *MBB = It->getParent(); 1388 while (It != MBB->rend()) { 1389 MachineInstr &MI = *It++; 1390 if (MI.isPosition() || MI.isDebugInstr()) 1391 continue; 1392 switch (MI.getOpcode()) { 1393 case WebAssembly::END_TRY: { 1394 // If a 'try''s return type is fixed, both its try body and catch body 1395 // should satisfy the return type, so we need to search 'end' 1396 // instructions before its corresponding 'catch' too. 1397 auto *EHPad = TryToEHPad.lookup(EndToBegin[&MI]); 1398 assert(EHPad); 1399 Worklist.push_back(std::next(findCatch(EHPad)->getReverseIterator())); 1400 LLVM_FALLTHROUGH; 1401 } 1402 case WebAssembly::END_BLOCK: 1403 case WebAssembly::END_LOOP: 1404 EndToBegin[&MI]->getOperand(0).setImm(int32_t(RetType)); 1405 continue; 1406 default: 1407 // Something other than an `end`. We're done for this BB. 1408 return; 1409 } 1410 } 1411 // We've reached the beginning of a BB. Continue the search in the previous 1412 // BB. 1413 Worklist.push_back(MBB->getPrevNode()->rbegin()); 1414 }; 1415 1416 while (!Worklist.empty()) 1417 Process(Worklist.pop_back_val()); 1418 } 1419 1420 // WebAssembly functions end with an end instruction, as if the function body 1421 // were a block. 1422 static void appendEndToFunction(MachineFunction &MF, 1423 const WebAssemblyInstrInfo &TII) { 1424 BuildMI(MF.back(), MF.back().end(), 1425 MF.back().findPrevDebugLoc(MF.back().end()), 1426 TII.get(WebAssembly::END_FUNCTION)); 1427 } 1428 1429 /// Insert LOOP/TRY/BLOCK markers at appropriate places. 1430 void WebAssemblyCFGStackify::placeMarkers(MachineFunction &MF) { 1431 // We allocate one more than the number of blocks in the function to 1432 // accommodate for the possible fake block we may insert at the end. 1433 ScopeTops.resize(MF.getNumBlockIDs() + 1); 1434 // Place the LOOP for MBB if MBB is the header of a loop. 1435 for (auto &MBB : MF) 1436 placeLoopMarker(MBB); 1437 1438 const MCAsmInfo *MCAI = MF.getTarget().getMCAsmInfo(); 1439 for (auto &MBB : MF) { 1440 if (MBB.isEHPad()) { 1441 // Place the TRY for MBB if MBB is the EH pad of an exception. 1442 if (MCAI->getExceptionHandlingType() == ExceptionHandling::Wasm && 1443 MF.getFunction().hasPersonalityFn()) 1444 placeTryMarker(MBB); 1445 } else { 1446 // Place the BLOCK for MBB if MBB is branched to from above. 1447 placeBlockMarker(MBB); 1448 } 1449 } 1450 // Fix mismatches in unwind destinations induced by linearizing the code. 1451 if (MCAI->getExceptionHandlingType() == ExceptionHandling::Wasm && 1452 MF.getFunction().hasPersonalityFn()) 1453 fixUnwindMismatches(MF); 1454 } 1455 1456 void WebAssemblyCFGStackify::rewriteDepthImmediates(MachineFunction &MF) { 1457 // Now rewrite references to basic blocks to be depth immediates. 1458 SmallVector<const MachineBasicBlock *, 8> Stack; 1459 for (auto &MBB : reverse(MF)) { 1460 for (auto I = MBB.rbegin(), E = MBB.rend(); I != E; ++I) { 1461 MachineInstr &MI = *I; 1462 switch (MI.getOpcode()) { 1463 case WebAssembly::BLOCK: 1464 case WebAssembly::TRY: 1465 assert(ScopeTops[Stack.back()->getNumber()]->getNumber() <= 1466 MBB.getNumber() && 1467 "Block/try marker should be balanced"); 1468 Stack.pop_back(); 1469 break; 1470 1471 case WebAssembly::LOOP: 1472 assert(Stack.back() == &MBB && "Loop top should be balanced"); 1473 Stack.pop_back(); 1474 break; 1475 1476 case WebAssembly::END_BLOCK: 1477 case WebAssembly::END_TRY: 1478 Stack.push_back(&MBB); 1479 break; 1480 1481 case WebAssembly::END_LOOP: 1482 Stack.push_back(EndToBegin[&MI]->getParent()); 1483 break; 1484 1485 default: 1486 if (MI.isTerminator()) { 1487 // Rewrite MBB operands to be depth immediates. 1488 SmallVector<MachineOperand, 4> Ops(MI.operands()); 1489 while (MI.getNumOperands() > 0) 1490 MI.RemoveOperand(MI.getNumOperands() - 1); 1491 for (auto MO : Ops) { 1492 if (MO.isMBB()) 1493 MO = MachineOperand::CreateImm(getDepth(Stack, MO.getMBB())); 1494 MI.addOperand(MF, MO); 1495 } 1496 } 1497 break; 1498 } 1499 } 1500 } 1501 assert(Stack.empty() && "Control flow should be balanced"); 1502 } 1503 1504 void WebAssemblyCFGStackify::releaseMemory() { 1505 ScopeTops.clear(); 1506 BeginToEnd.clear(); 1507 EndToBegin.clear(); 1508 TryToEHPad.clear(); 1509 EHPadToTry.clear(); 1510 AppendixBB = nullptr; 1511 } 1512 1513 bool WebAssemblyCFGStackify::runOnMachineFunction(MachineFunction &MF) { 1514 LLVM_DEBUG(dbgs() << "********** CFG Stackifying **********\n" 1515 "********** Function: " 1516 << MF.getName() << '\n'); 1517 const MCAsmInfo *MCAI = MF.getTarget().getMCAsmInfo(); 1518 1519 releaseMemory(); 1520 1521 // Liveness is not tracked for VALUE_STACK physreg. 1522 MF.getRegInfo().invalidateLiveness(); 1523 1524 // Place the BLOCK/LOOP/TRY markers to indicate the beginnings of scopes. 1525 placeMarkers(MF); 1526 1527 // Remove unnecessary instructions possibly introduced by try/end_trys. 1528 if (MCAI->getExceptionHandlingType() == ExceptionHandling::Wasm && 1529 MF.getFunction().hasPersonalityFn()) 1530 removeUnnecessaryInstrs(MF); 1531 1532 // Convert MBB operands in terminators to relative depth immediates. 1533 rewriteDepthImmediates(MF); 1534 1535 // Fix up block/loop/try signatures at the end of the function to conform to 1536 // WebAssembly's rules. 1537 fixEndsAtEndOfFunction(MF); 1538 1539 // Add an end instruction at the end of the function body. 1540 const auto &TII = *MF.getSubtarget<WebAssemblySubtarget>().getInstrInfo(); 1541 if (!MF.getSubtarget<WebAssemblySubtarget>() 1542 .getTargetTriple() 1543 .isOSBinFormatELF()) 1544 appendEndToFunction(MF, TII); 1545 1546 MF.getInfo<WebAssemblyFunctionInfo>()->setCFGStackified(); 1547 return true; 1548 } 1549