| blob | 6dc5d19862a94c5ec2e8f9dcdb99b3d2db4016af |
1 //===- AArch64FrameLowering.cpp - AArch64 Frame Lowering -------*- C++ -*-====//
2 //
3 // The LLVM Compiler Infrastructure
4 //
5 // This file is distributed under the University of Illinois Open Source
6 // License. See LICENSE.TXT for details.
7 //
8 //===----------------------------------------------------------------------===//
9 //
10 // This file contains the AArch64 implementation of TargetFrameLowering class.
11 //
12 // On AArch64, stack frames are structured as follows:
13 //
14 // The stack grows downward.
15 //
16 // All of the individual frame areas on the frame below are optional, i.e. it's
17 // possible to create a function so that the particular area isn't present
18 // in the frame.
19 //
20 // At function entry, the "frame" looks as follows:
21 //
22 // | | Higher address
23 // |-----------------------------------|
24 // | |
25 // | arguments passed on the stack |
26 // | |
27 // |-----------------------------------| <- sp
28 // | | Lower address
29 //
30 //
31 // After the prologue has run, the frame has the following general structure.
32 // Note that this doesn't depict the case where a red-zone is used. Also,
33 // technically the last frame area (VLAs) doesn't get created until in the
34 // main function body, after the prologue is run. However, it's depicted here
35 // for completeness.
36 //
37 // | | Higher address
38 // |-----------------------------------|
39 // | |
40 // | arguments passed on the stack |
41 // | |
42 // |-----------------------------------|
43 // | |
44 // | (Win64 only) varargs from reg |
45 // | |
46 // |-----------------------------------|
47 // | |
48 // | prev_fp, prev_lr |
49 // | (a.k.a. "frame record") |
50 // |-----------------------------------| <- fp(=x29)
51 // | |
52 // | other callee-saved registers |
53 // | |
54 // |-----------------------------------|
55 // |.empty.space.to.make.part.below....|
56 // |.aligned.in.case.it.needs.more.than| (size of this area is unknown at
57 // |.the.standard.16-byte.alignment....| compile time; if present)
58 // |-----------------------------------|
59 // | |
60 // | local variables of fixed size |
61 // | including spill slots |
62 // |-----------------------------------| <- bp(not defined by ABI,
63 // |.variable-sized.local.variables....| LLVM chooses X19)
64 // |.(VLAs)............................| (size of this area is unknown at
65 // |...................................| compile time)
66 // |-----------------------------------| <- sp
67 // | | Lower address
68 //
69 //
70 // To access the data in a frame, at-compile time, a constant offset must be
71 // computable from one of the pointers (fp, bp, sp) to access it. The size
72 // of the areas with a dotted background cannot be computed at compile-time
73 // if they are present, making it required to have all three of fp, bp and
74 // sp to be set up to be able to access all contents in the frame areas,
75 // assuming all of the frame areas are non-empty.
76 //
77 // For most functions, some of the frame areas are empty. For those functions,
78 // it may not be necessary to set up fp or bp:
79 // * A base pointer is definitely needed when there are both VLAs and local
80 // variables with more-than-default alignment requirements.
81 // * A frame pointer is definitely needed when there are local variables with
82 // more-than-default alignment requirements.
83 //
84 // In some cases when a base pointer is not strictly needed, it is generated
85 // anyway when offsets from the frame pointer to access local variables become
86 // so large that the offset can't be encoded in the immediate fields of loads
87 // or stores.
88 //
89 // FIXME: also explain the redzone concept.
90 // FIXME: also explain the concept of reserved call frames.
91 //
92 //===----------------------------------------------------------------------===//
130 #include <cassert>
131 #include <cstdint>
132 #include <iterator>
133 #include <vector>
150 /// This is the biggest offset to the stack pointer we can encode in aarch64
151 /// instructions (without using a separate calculation and a temp register).
152 /// Note that the exception here are vector stores/loads which cannot encode any
153 /// displacements (see estimateRSStackSizeLimit(), isAArch64FrameOffsetLegal()).
156 /// Look at each instruction that references stack frames and return the stack
157 /// size limit beyond which some of these instructions will require a scratch
158 /// register during their expansion later.
160 // FIXME: For now, just conservatively guestimate based on unscaled indexing
161 // range. We'll end up allocating an unnecessary spill slot a lot, but
162 // realistically that's not a big deal at this stage of the game.
176 AArch64FrameOffsetCannotUpdate)
178 }
179 }
180 }
182 }
187 // Don't use the red zone if the function explicitly asks us not to.
188 // This is typically used for kernel code.
197 }
199 /// hasFP - Return true if the specified function should have a dedicated frame
200 /// pointer register.
204 // Retain behavior of always omitting the FP for leaf functions when possible.
211 // With large callframes around we may need to use FP to access the scavenging
212 // emergency spillslot.
213 //
214 // Unfortunately some calls to hasFP() like machine verifier ->
215 // getReservedReg() -> hasFP in the middle of global isel are too early
216 // to know the max call frame size. Hopefully conservatively returning "true"
217 // in those cases is fine.
218 // DefaultSafeSPDisplacement is fine as we only emergency spill GP regs.
224 }
226 /// hasReservedCallFrame - Under normal circumstances, when a frame pointer is
227 /// not required, we reserve argument space for call sites in the function
228 /// immediately on entry to the current function. This eliminates the need for
229 /// add/sub sp brackets around call sites. Returns true if the call frame is
230 /// included as part of the stack frame.
231 bool
234 }
255 // N.b. if CalleePopAmount is valid but zero (i.e. callee would pop, but it
256 // doesn't have to pop anything), then the first operand will be zero too so
257 // this adjustment is a no-op.
259 // FIXME: in-function stack adjustment for calls is limited to 24-bits
260 // because there's no guaranteed temporary register available.
261 //
262 // ADD/SUB (immediate) has only LSL #0 and LSL #12 available.
263 // 1) For offset <= 12-bit, we use LSL #0
264 // 2) For 12-bit <= offset <= 24-bit, we use two instructions. One uses
265 // LSL #0, and the other uses LSL #12.
266 //
267 // Most call frames will be allocated at the start of a function so
268 // this is OK, but it is a limitation that needs dealing with.
271 }
273 // If the calling convention demands that the callee pops arguments from the
274 // stack, we want to add it back if we have a reserved call frame.
277 TII);
278 }
280 }
291 // Add callee saved registers to move list.
306 }
307 }
309 // Find a scratch register that we can use at the start of the prologue to
310 // re-align the stack pointer. We avoid using callee-save registers since they
311 // may appear to be free when this is called from canUseAsPrologue (during
312 // shrink wrapping), but then no longer be free when this is called from
313 // emitPrologue.
314 //
315 // FIXME: This is a bit conservative, since in the above case we could use one
316 // of the callee-save registers as a scratch temp to re-align the stack pointer,
317 // but we would then have to make sure that we were in fact saving at least one
318 // callee-save register in the prologue, which is additional complexity that
319 // doesn't seem worth the benefit.
323 // If MBB is an entry block, use X9 as the scratch register
332 // Mark callee saved registers as used so we will not choose them.
337 // Prefer X9 since it was historically used for the prologue scratch reg.
345 }
347 }
356 // Don't need a scratch register if we're not going to re-align the stack.
359 // Otherwise, we can use any block as long as it has a scratch register
360 // available.
362 }
370 // TODO: When implementing stack protectors, take that into account
371 // for the probe threshold.
379 }
391 // 512 is the maximum immediate for stp/ldp that will be used for
392 // callee-save save/restores
402 // This isn't strictly necessary, but it simplifies things a bit since the
403 // current RedZone handling code assumes the SP is adjusted by the
404 // callee-save save/restore code.
409 }
411 // Convert callee-save register save/restore instruction to do stack pointer
412 // decrement/increment to allocate/deallocate the callee-save stack area by
413 // converting store/load to use pre/post increment version.
417 // Ignore instructions that do not operate on SP, i.e. shadow call stack
418 // instructions.
423 }
458 }
463 // Copy all operands other than the immediate offset.
470 "Unexpected immediate offset in first/last callee-save save/restore "
474 // Last operand is immediate offset that needs fixing.
485 }
487 // Fixup callee-save register save/restore instructions to take into account
488 // combined SP bump by adding the local stack size to the stack offsets.
493 // Ignore instructions that do not operate on SP, i.e. shadow call stack
494 // instructions.
498 }
510 // Last operand is immediate offset that needs fixing.
512 // All generated opcodes have scaled offsets.
515 }
520 // Sometimes (when we restore in the same order as we save), we can end up
521 // with code like this:
522 //
523 // ldp x26, x25, [sp]
524 // ldp x24, x23, [sp, #16]
525 // ldp x22, x21, [sp, #32]
526 // ldp x20, x19, [sp, #48]
527 // add sp, sp, #64
528 //
529 // In this case, it is always better to put the first ldp at the end, so
530 // that the load-store optimizer can run and merge the ldp and the add into
531 // a post-index ldp.
532 // If we managed to grab the first pop instruction, move it to the end.
535 // We should end up with something like this now:
536 //
537 // ldp x24, x23, [sp, #16]
538 // ldp x22, x21, [sp, #32]
539 // ldp x20, x19, [sp, #48]
540 // ldp x26, x25, [sp]
541 // add sp, sp, #64
542 //
543 // and the load-store optimizer can merge the last two instructions into:
544 //
545 // ldp x26, x25, [sp], #64
546 //
547 }
562 // At this point, we're going to decide whether or not the function uses a
563 // redzone. In most cases, the function doesn't have a redzone so let's
564 // assume that's false and set it to true in the case that there's a redzone.
567 // Debug location must be unknown since the first debug location is used
568 // to determine the end of the prologue.
569 DebugLoc DL;
571 // All calls are tail calls in GHC calling conv, and functions have no
572 // prologue/epilogue.
580 // All of the stack allocation is for locals.
585 // REDZONE: If the stack size is less than 128 bytes, we don't need
586 // to actually allocate.
594 // Label used to tie together the PROLOG_LABEL and the MachineMoves.
596 // Encode the stack size of the leaf function.
602 }
604 }
611 // All of the remaining stack allocations are for locals.
623 }
626 // Move past the saves of the callee-saved registers, fixing up the offsets
627 // and pre-inc if we decided to combine the callee-save and local stack
628 // pointer bump above.
634 }
636 // Only set up FP if we actually need to. Frame pointer is fp =
637 // sp - fixedobject - 16.
642 // Issue sub fp, sp, FPOffset or
643 // mov fp,sp when FPOffset is zero.
644 // Note: All stores of callee-saved registers are marked as "FrameSetup".
645 // This code marks the instruction(s) that set the FP also.
648 }
678 }
686 }
688 // Allocate space for the rest of the frame.
696 }
698 // If we're a leaf function, try using the red zone.
700 // FIXME: in the case of dynamic re-alignment, NumBytes doesn't have
701 // the correct value here, as NumBytes also includes padding bytes,
702 // which shouldn't be counted here.
712 // SUB X9, SP, NumBytes
713 // -- X9 is temporary register, so shouldn't contain any live data here,
714 // -- free to use. This is already produced by emitFrameOffset above.
715 // AND SP, X9, 0b11111...0000
716 // The logical immediates have a non-trivial encoding. The following
717 // formula computes the encoded immediate with all ones but
718 // NrBitsToZero zero bits as least significant bits.
727 }
728 }
730 // If we need a base pointer, set it up here. It's whatever the value of the
731 // stack pointer is at this point. Any variable size objects will be allocated
732 // after this, so we can still use the base pointer to reference locals.
733 //
734 // FIXME: Clarify FrameSetup flags here.
735 // Note: Use emitFrameOffset() like above for FP if the FrameSetup flag is
736 // needed.
740 }
746 // An example of the prologue:
747 //
748 // .globl __foo
749 // .align 2
750 // __foo:
751 // Ltmp0:
752 // .cfi_startproc
753 // .cfi_personality 155, ___gxx_personality_v0
754 // Leh_func_begin:
755 // .cfi_lsda 16, Lexception33
756 //
757 // stp xa,bx, [sp, -#offset]!
758 // ...
759 // stp x28, x27, [sp, #offset-32]
760 // stp fp, lr, [sp, #offset-16]
761 // add fp, sp, #offset - 16
762 // sub sp, sp, #1360
763 //
764 // The Stack:
765 // +-------------------------------------------+
766 // 10000 | ........ | ........ | ........ | ........ |
767 // 10004 | ........ | ........ | ........ | ........ |
768 // +-------------------------------------------+
769 // 10008 | ........ | ........ | ........ | ........ |
770 // 1000c | ........ | ........ | ........ | ........ |
771 // +===========================================+
772 // 10010 | X28 Register |
773 // 10014 | X28 Register |
774 // +-------------------------------------------+
775 // 10018 | X27 Register |
776 // 1001c | X27 Register |
777 // +===========================================+
778 // 10020 | Frame Pointer |
779 // 10024 | Frame Pointer |
780 // +-------------------------------------------+
781 // 10028 | Link Register |
782 // 1002c | Link Register |
783 // +===========================================+
784 // 10030 | ........ | ........ | ........ | ........ |
785 // 10034 | ........ | ........ | ........ | ........ |
786 // +-------------------------------------------+
787 // 10038 | ........ | ........ | ........ | ........ |
788 // 1003c | ........ | ........ | ........ | ........ |
789 // +-------------------------------------------+
790 //
791 // [sp] = 10030 :: >>initial value<<
792 // sp = 10020 :: stp fp, lr, [sp, #-16]!
793 // fp = sp == 10020 :: mov fp, sp
794 // [sp] == 10020 :: stp x28, x27, [sp, #-16]!
795 // sp == 10010 :: >>final value<<
796 //
797 // The frame pointer (w29) points to address 10020. If we use an offset of
798 // '16' from 'w29', we get the CFI offsets of -8 for w30, -16 for w29, -24
799 // for w27, and -32 for w28:
800 //
801 // Ltmp1:
802 // .cfi_def_cfa w29, 16
803 // Ltmp2:
804 // .cfi_offset w30, -8
805 // Ltmp3:
806 // .cfi_offset w29, -16
807 // Ltmp4:
808 // .cfi_offset w27, -24
809 // Ltmp5:
810 // .cfi_offset w28, -32
813 // Define the current CFA rule to use the provided FP.
821 // Encode the stack size of the leaf function.
827 }
829 // Now emit the moves for whatever callee saved regs we have (including FP,
830 // LR if those are saved).
832 }
833 }
841 DebugLoc DL;
848 }
852 // All calls are tail calls in GHC calling conv, and functions have no
853 // prologue/epilogue.
857 // Initial and residual are named for consistency with the prologue. Note that
858 // in the epilogue, the residual adjustment is executed first.
863 // For a tail-call in a callee-pops-arguments environment, some or all of
864 // the stack may actually be in use for the call's arguments, this is
865 // calculated during LowerCall and consumed here...
868 // ... otherwise the amount to pop is *all* of the argument space,
869 // conveniently stored in the MachineFunctionInfo by
870 // LowerFormalArguments. This will, of course, be zero for the C calling
871 // convention.
873 }
875 // The stack frame should be like below,
876 //
877 // ---------------------- ---
878 // | | |
879 // | BytesInStackArgArea| CalleeArgStackSize
880 // | (NumReusableBytes) | (of tail call)
881 // | | ---
882 // | | |
883 // ---------------------| --- |
884 // | | | |
885 // | CalleeSavedReg | | |
886 // | (CalleeSavedStackSize)| | |
887 // | | | |
888 // ---------------------| | NumBytes
889 // | | StackSize (StackAdjustUp)
890 // | LocalStackSize | | |
891 // | (covering callee | | |
892 // | args) | | |
893 // | | | |
894 // ---------------------- --- ---
895 //
896 // So NumBytes = StackSize + BytesInStackArgArea - CalleeArgStackSize
897 // = StackSize + ArgumentPopSize
898 //
899 // AArch64TargetLowering::LowerCall figures out ArgumentPopSize and keeps
900 // it as the 2nd argument of AArch64ISD::TC_RETURN.
909 // Assume we can't combine the last pop with the sp restore.
913 // Converting the last ldp to a post-index ldp is valid only if the last
914 // ldp's offset is 0.
916 // If the offset is 0, convert it to a post-index ldp.
919 PrologueSaveSize);
921 // If not, make sure to emit an add after the last ldp.
922 // We're doing this by transfering the size to be restored from the
923 // adjustment *before* the CSR pops to the adjustment *after* the CSR
924 // pops.
926 }
927 }
929 // Move past the restores of the callee-saved registers.
930 // If we plan on combining the sp bump of the local stack size and the callee
931 // save stack size, we might need to adjust the CSR save and restore offsets.
941 }
943 // If there is a single SP update, insert it before the ret and we're done.
949 }
956 // If this was a redzone leaf function, we don't need to restore the
957 // stack pointer (but we may need to pop stack args for fastcc).
966 // If we were able to combine the local stack pop with the argument pop,
967 // then we're done.
970 // If we're done after this, make sure to help the load store optimizer.
980 }
982 // Restore the original stack pointer.
983 // FIXME: Rather than doing the math here, we should instead just use
984 // non-post-indexed loads for the restores if we aren't actually going to
985 // be able to save any instructions.
994 // This must be placed after the callee-save restore code because that code
995 // assumes the SP is at the same location as it was after the callee-save save
996 // code in the prologue.
998 // Find an insertion point for the first ldp so that it goes before the
999 // shadow call stack epilog instruction. This ensures that the restore of
1000 // lr from x18 is placed after the restore from sp.
1008 }
1014 }
1015 }
1017 /// getFrameIndexReference - Provide a base+offset reference to an FI slot for
1018 /// debug info. It's the same as what we use for resolving the code-gen
1019 /// references for now. FIXME: This can go wrong when references are
1020 /// SP-relative and simple call frames aren't used.
1025 }
1044 // Use frame pointer to reference fixed objects. Use it for locals if
1045 // there are VLAs or a dynamically realigned SP (and thus the SP isn't
1046 // reliable as a base). Make sure useFPForScavengingIndex() does the
1047 // right thing for the emergency spill slot.
1050 // Note: Keeping the following as multiple 'if' statements rather than
1051 // merging to a single expression for readability.
1052 //
1053 // Argument access should always use the FP.
1057 // References to the CSR area must use FP if we're re-aligning the stack
1058 // since the dynamically-sized alignment padding is between the SP/BP and
1059 // the CSR area.
1063 // If the FPOffset is negative, we have to keep in mind that the
1064 // available offset range for negative offsets is smaller than for
1065 // positive ones. If an offset is
1066 // available via the FP and the SP, use whichever is closest.
1071 // If we have variable sized objects, we can use either FP or BP, as the
1072 // SP offset is unknown. We can use the base pointer if we have one and
1073 // FP is not preferred. If not, we're stuck with using FP.
1079 // else we can use BP and FP, but the offset from FP won't fit.
1080 // That will make us scavenge registers which we can probably avoid by
1081 // using BP. If it won't fit for BP either, we'll scavenge anyway.
1083 // Use SP or FP, whichever gives us the best chance of the offset
1084 // being in range for direct access. If the FPOffset is positive,
1085 // that'll always be best, as the SP will be even further away.
1088 // We have the choice between FP and (SP or BP).
1091 }
1092 }
1093 }
1096 "In the presence of dynamic stack pointer realignment, "
1102 }
1104 // Use the base pointer if we have one.
1111 // If we're using the red zone for this function, the SP won't actually
1112 // be adjusted, so the offsets will be negative. They're also all
1113 // within range of the signed 9-bit immediate instructions.
1116 }
1119 }
1122 // Do not set a kill flag on values that are also marked as live-in. This
1123 // happens with the @llvm-returnaddress intrinsic and with arguments passed in
1124 // callee saved registers.
1125 // Omitting the kill flags is conservatively correct even if the live-in
1126 // is not used after all.
1129 }
1137 }
1151 };
1168 // MachO's compact unwind format relies on all registers being stored in
1169 // pairs.
1177 RegPairInfo RPI;
1184 // Add the next reg to the pair if it is in the same register class.
1190 }
1192 // If either of the registers to be saved is the lr register, it means that
1193 // we also need to save lr in the shadow call stack.
1199 }
1201 // GPRs and FPRs are saved in pairs of 64-bit regs. We expect the CSI
1202 // list to come in sorted by frame index so that we can issue the store
1203 // pair instructions directly. Assert if we see anything otherwise.
1204 //
1205 // The order of the registers in the list is controlled by
1206 // getCalleeSavedRegs(), so they will always be in-order, as well.
1211 // MachO's compact unwind format relies on all registers being stored in
1212 // adjacent register pairs.
1223 // Round up size of non-pair to pair size if we need to pad the
1224 // callee-save area to ensure 16-byte alignment.
1239 }
1240 }
1248 DebugLoc DL;
1253 NeedShadowCallStackProlog);
1257 // Shadow call stack prolog: str x30, [x18], #8
1265 // This instruction also makes x18 live-in to the entry block.
1267 }
1276 // Issue sequence of spills for cs regs. The first spill may be converted
1277 // to a pre-decrement store later by emitPrologue if the callee-save stack
1278 // area allocation can't be combined with the local stack area allocation.
1279 // For example:
1280 // stp x22, x21, [sp, #0] // addImm(+0)
1281 // stp x20, x19, [sp, #16] // addImm(+2)
1282 // stp fp, lr, [sp, #32] // addImm(+4)
1283 // Rationale: This sequence saves uop updates compared to a sequence of
1284 // pre-increment spills like stp xi,xj,[sp,#-16]!
1285 // Note: Similar rationale and sequence for restores in epilog.
1288 else
1306 }
1314 }
1316 }
1324 DebugLoc DL;
1332 NeedShadowCallStackProlog);
1338 // Issue sequence of restores for cs regs. The last restore may be converted
1339 // to a post-increment load later by emitEpilogue if the callee-save stack
1340 // area allocation can't be combined with the local stack area allocation.
1341 // For example:
1342 // ldp fp, lr, [sp, #32] // addImm(+4)
1343 // ldp x20, x19, [sp, #16] // addImm(+2)
1344 // ldp x22, x21, [sp, #0] // addImm(+0)
1345 // Note: see comment in spillCalleeSavedRegisters()
1349 else
1363 }
1371 };
1376 else
1381 // Shadow call stack epilog: ldr x30, [x18, #-8]!
1388 }
1391 }
1396 // All calls are tail calls in GHC calling conv, and functions have no
1397 // prologue/epilogue.
1420 SpillEstimate++;
1422 SpillEstimate++;
1423 }
1427 // The frame record needs to be created by saving the appropriate registers
1431 }
1434 // Figure out which callee-saved registers to save/restore.
1438 // Add the base pointer register to SavedRegs if it is callee-save.
1449 }
1451 }
1453 // MachO's compact unwind format relies on all registers being stored in
1454 // pairs.
1455 // FIXME: the usual format is actually better if unwinding isn't needed.
1461 }
1462 }
1470 // If any callee-saved registers are used, the frame cannot be eliminated.
1474 // The CSR spill slots have not been allocated yet, so estimateStackSize
1475 // won't include them.
1483 // Estimate if we might need to scavenge a register at some point in order
1484 // to materialize a stack offset. If so, either spill one additional
1485 // callee-saved register or reserve a special spill slot to facilitate
1486 // register scavenging. If we already spilled an extra callee-saved register
1487 // above to keep the number of spills even, we don't need to do anything else
1488 // here.
1494 // MachO's compact unwind format relies on all registers being stored in
1495 // pairs, so if we need to spill one extra for BigStack, then we need to
1496 // store the pair.
1501 }
1503 // If we didn't find an extra callee-saved register to spill, create
1504 // an emergency spill slot.
1514 }
1515 }
1517 // Round up to register pair alignment to avoid additional SP adjustment
1518 // instructions.
1520 }
1526 }