FastIsel: take care to update iterators when removing instructions.
We keep a few iterators into the basic block we're selecting while
performing FastISel. Usually this is fine, but occasionally code wants
to remove already-emitted instructions. When this happens we have to be
careful to update those iterators so they're not pointint at dangling
memory.
git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@349365 91177308-0d34-0410-b5e6-96231b3b80d8
diff --git a/lib/CodeGen/SelectionDAG/FastISel.cpp b/lib/CodeGen/SelectionDAG/FastISel.cpp
index d5f066c..a9a3c44 100644
--- a/lib/CodeGen/SelectionDAG/FastISel.cpp
+++ b/lib/CodeGen/SelectionDAG/FastISel.cpp
@@ -547,6 +547,15 @@
assert(I.isValid() && E.isValid() && std::distance(I, E) > 0 &&
"Invalid iterator!");
while (I != E) {
+ if (LastFlushPoint == I)
+ LastFlushPoint = E;
+ if (SavedInsertPt == I)
+ SavedInsertPt = E;
+ if (EmitStartPt == I)
+ EmitStartPt = E.isValid() ? &*E : nullptr;
+ if (LastLocalValue == I)
+ LastLocalValue = E.isValid() ? &*E : nullptr;
+
MachineInstr *Dead = &*I;
++I;
Dead->eraseFromParent();
diff --git a/lib/Target/AArch64/AArch64FastISel.cpp b/lib/Target/AArch64/AArch64FastISel.cpp
index dfc08a1..7a7b0dd 100644
--- a/lib/Target/AArch64/AArch64FastISel.cpp
+++ b/lib/Target/AArch64/AArch64FastISel.cpp
@@ -2016,8 +2016,9 @@
if (RetVT == MVT::i64 && VT <= MVT::i32) {
if (WantZExt) {
// Delete the last emitted instruction from emitLoad (SUBREG_TO_REG).
- std::prev(FuncInfo.InsertPt)->eraseFromParent();
- ResultReg = std::prev(FuncInfo.InsertPt)->getOperand(0).getReg();
+ MachineBasicBlock::iterator I(std::prev(FuncInfo.InsertPt));
+ ResultReg = std::prev(I)->getOperand(0).getReg();
+ removeDeadCode(I, std::next(I));
} else
ResultReg = fastEmitInst_extractsubreg(MVT::i32, ResultReg,
/*IsKill=*/true,
@@ -2038,7 +2039,8 @@
break;
}
}
- MI->eraseFromParent();
+ MachineBasicBlock::iterator I(MI);
+ removeDeadCode(I, std::next(I));
MI = nullptr;
if (Reg)
MI = MRI.getUniqueVRegDef(Reg);
@@ -4508,7 +4510,8 @@
MI->getOperand(1).getSubReg() == AArch64::sub_32) &&
"Expected copy instruction");
Reg = MI->getOperand(1).getReg();
- MI->eraseFromParent();
+ MachineBasicBlock::iterator I(MI);
+ removeDeadCode(I, std::next(I));
}
updateValueMap(I, Reg);
return true;
diff --git a/lib/Target/ARM/ARMFastISel.cpp b/lib/Target/ARM/ARMFastISel.cpp
index fd3d10a..a50abfd 100644
--- a/lib/Target/ARM/ARMFastISel.cpp
+++ b/lib/Target/ARM/ARMFastISel.cpp
@@ -2951,7 +2951,8 @@
unsigned ResultReg = MI->getOperand(0).getReg();
if (!ARMEmitLoad(VT, ResultReg, Addr, LI->getAlignment(), isZExt, false))
return false;
- MI->eraseFromParent();
+ MachineBasicBlock::iterator I(MI);
+ removeDeadCode(I, std::next(I));
return true;
}
diff --git a/lib/Target/PowerPC/PPCFastISel.cpp b/lib/Target/PowerPC/PPCFastISel.cpp
index 6681698..aa55ac1 100644
--- a/lib/Target/PowerPC/PPCFastISel.cpp
+++ b/lib/Target/PowerPC/PPCFastISel.cpp
@@ -2354,7 +2354,8 @@
PPCSubTarget->hasSPE() ? PPC::EVLDD : PPC::LFD))
return false;
- MI->eraseFromParent();
+ MachineBasicBlock::iterator I(MI);
+ removeDeadCode(I, std::next(I));
return true;
}
diff --git a/lib/Target/X86/X86FastISel.cpp b/lib/Target/X86/X86FastISel.cpp
index a49ad8b..cbfdc4b 100644
--- a/lib/Target/X86/X86FastISel.cpp
+++ b/lib/Target/X86/X86FastISel.cpp
@@ -3998,7 +3998,8 @@
}
Result->addMemOperand(*FuncInfo.MF, createMachineMemOperandFor(LI));
- MI->eraseFromParent();
+ MachineBasicBlock::iterator I(MI);
+ removeDeadCode(I, std::next(I));
return true;
}
diff --git a/test/CodeGen/AArch64/fast-isel-erase.ll b/test/CodeGen/AArch64/fast-isel-erase.ll
new file mode 100644
index 0000000..e8265bc
--- /dev/null
+++ b/test/CodeGen/AArch64/fast-isel-erase.ll
@@ -0,0 +1,25 @@
+; RUN: llc -mtriple=arm64-apple-ios -o - %s -fast-isel=1 -O0 | FileCheck %s
+
+; The zext can be folded into the load and removed, but doing so can invalidate
+; pointers internal to FastISel and cause a crash so it must be done carefully.
+define i32 @test() {
+; CHECK-LABEL: test:
+; CHECK: ldrh
+; CHECK: bl _callee
+; CHECK-NOT: uxth
+
+entry:
+ store i32 undef, i32* undef, align 4
+ %t81 = load i16, i16* undef, align 2
+ call void @callee()
+ %t82 = zext i16 %t81 to i32
+ %t83 = shl i32 %t82, 16
+ %t84 = or i32 undef, %t83
+ br label %end
+
+end:
+ %val = phi i32 [%t84, %entry]
+ ret i32 %val
+}
+
+declare void @callee()
