Prevent immediate modifier substitution

Author: atrosinenko

llvm/lib/Target/AArch64/AArch64ISelLowering.cpp

@@ -3069,62 +3069,80 @@ AArch64TargetLowering::tryRewritingPAC(MachineInstr &MI,
   MachineRegisterInfo &MRI = MI.getMF()->getRegInfo();
   const DebugLoc &DL = MI.getDebugLoc();
 
-  MachineInstr *AddrInstr = nullptr;
-  int64_t Offset = 0;
-  // Try to find the address-setting instruction, accumulating the offset
-  // along the way. If any unknown pattern is found, keep everything as-is.
-  MachineOperand *CurOp = &MI.getOperand(1);
-  while (CurOp) {
-    MachineOperand *Def = MRI.getOneDef(CurOp->getReg());
-    if (!Def)
-      return BB;
-    MachineInstr *DefMI = Def->getParent();
-    assert(DefMI != nullptr);
-
-    switch (DefMI->getOpcode()) {
-    case AArch64::COPY:
-      CurOp = &DefMI->getOperand(1);
-      break;
-    case AArch64::ADDXri:
-      if (DefMI->getOperand(3).getImm() != 0) // shifts are not handled
-        return BB;
-      CurOp = &DefMI->getOperand(1);
-      Offset += DefMI->getOperand(2).getImm();
-      break;
-    case AArch64::MOVaddr:
-    case AArch64::LOADgotAUTH:
-      AddrInstr = DefMI;
-      CurOp = nullptr;
-      break;
-    default:
-      return BB;
+  // Find the unique register definition, skipping copies.
+  auto GetUniqueDef = [&MRI](Register Reg) {
+    for (;;) {
+      MachineInstr *Def = MRI.getUniqueVRegDef(Reg);
+      if (!Def || Def->getOpcode() != AArch64::COPY)
+        return Def;
+
+      Reg = Def->getOperand(1).getReg();
     }
-  }
+  };
+  // Find the unique register definition, skipping copies and increments.
+  auto GetUniqueDefPlusOffset =
+      [GetUniqueDef](Register Reg, int64_t &Offset) -> MachineInstr * {
+    for (;;) {
+      MachineInstr *Def = GetUniqueDef(Reg);
+      if (!Def || Def->getOpcode() != AArch64::ADDXri)
+        return Def;
+
+      if (Def->getOperand(3).getImm() != 0)
+        return nullptr; // shifted immediates are not handled
+      Reg = Def->getOperand(1).getReg();
+      Offset += Def->getOperand(2).getImm();
+    }
+  };
+
+  // Try to find a known address-setting instruction, accumulating the offset
+  // along the way. If no known pattern is found, keep everything as-is.
+
+  int64_t AddrOffset = 0;
+  MachineInstr *AddrDefInstr =
+      GetUniqueDefPlusOffset(MI.getOperand(1).getReg(), AddrOffset);
+  if (!AddrDefInstr)
+    return BB;
 
-  unsigned NewOpcode = AddrInstr->getOpcode() == AArch64::LOADgotAUTH
-                           ? AArch64::LOADgotPAC
-                           : AArch64::MOVaddrPAC;
-  MachineOperand &AddrOp = AddrInstr->getOperand(1);
+  unsigned NewOpcode;
+  if (AddrDefInstr->getOpcode() == AArch64::LOADgotAUTH)
+    NewOpcode = AArch64::LOADgotPAC;
+  else if (AddrDefInstr->getOpcode() == AArch64::MOVaddr)
+    NewOpcode = AArch64::MOVaddrPAC;
+  else
+    return BB; // Unknown opcode.
+
+  MachineOperand &AddrOp = AddrDefInstr->getOperand(1);
   unsigned TargetFlags = AddrOp.getTargetFlags() & ~AArch64II::MO_PAGE;
-  Offset += AddrOp.getOffset();
+  const GlobalValue *GV = AddrOp.getGlobal();
+  AddrOffset += AddrOp.getOffset();
+
+  // Detect discriminator blend computation, if any.
+  Register RegDisc = isPACWithZeroDisc(MI.getOpcode())
+                         ? AArch64::XZR
+                         : MI.getOperand(2).getReg();
+  unsigned IntDisc = 0;
+  MachineInstr *MaybeBlendDef =
+      RegDisc == AArch64::XZR ? nullptr : GetUniqueDef(RegDisc);
+  if (MaybeBlendDef && MaybeBlendDef->getOpcode() == AArch64::MOVKXi &&
+      MaybeBlendDef->getOperand(3).getImm() == 48) {
+    RegDisc = MaybeBlendDef->getOperand(1).getReg();
+    IntDisc = MaybeBlendDef->getOperand(2).getImm();
+  }
 
   // MOVaddrPAC and LOADgotPAC pseudos are expanded so that they use X16/X17
   // internally, thus their restrictions on the register class of $AddrDisc
   // operand are stricter than those of real PAC* instructions.
-  // If the original instruction accepts a discriminator operand, make sure
-  // it is moved out of X16/X17.
-  Register DiscReg = AArch64::XZR;
-  if (!isPACWithZeroDisc(MI.getOpcode())) {
-    DiscReg = MRI.createVirtualRegister(&AArch64::GPR64noipRegClass);
-    BuildMI(*BB, MI, DL, TII->get(AArch64::COPY), DiscReg)
-        .addReg(MI.getOperand(2).getReg());
+  if (RegDisc != AArch64::XZR) {
+    Register TmpReg = MRI.createVirtualRegister(&AArch64::GPR64noipRegClass);
+    BuildMI(*BB, MI, DL, TII->get(AArch64::COPY), TmpReg).addReg(RegDisc);
+    RegDisc = TmpReg;
   }
 
   BuildMI(*BB, MI, DL, TII->get(NewOpcode))
-      .addGlobalAddress(AddrOp.getGlobal(), Offset, TargetFlags)
+      .addGlobalAddress(GV, AddrOffset, TargetFlags)
       .addImm(getKeyForPACOpcode(MI.getOpcode()))
-      .addReg(DiscReg)
-      .addImm(0);
+      .addReg(RegDisc)
+      .addImm(IntDisc);
 
   BuildMI(*BB, MI, DL, TII->get(AArch64::COPY), MI.getOperand(0).getReg())
       .addReg(AArch64::X16);

llvm/test/CodeGen/AArch64/GlobalISel/ptrauth-constant-in-code.ll

@@ -96,29 +96,34 @@ define ptr @foo() {
 @const_table_local = dso_local constant [3 x ptr] [ptr null, ptr null, ptr null]
 @const_table_got = constant [3 x ptr] [ptr null, ptr null, ptr null]
 
+; Test that after post-processing in finalize-isel, MOVaddrPAC (or LOADgotPAC,
+; respectively) has both $AddrDisc and $Disc operands set. MOVaddr (or LOADgotAUTH,
+; respectively) and MOVKXi are not used anymore and are dead-code-eliminated
+; by the later passes.
+
 define void @store_signed_const_local(ptr %dest) {
 ; ISEL-MIR-LABEL: name: store_signed_const_local
 ; ISEL-MIR:       body:
 ; ISEL-MIR:         %0:gpr64common = COPY $x0
 ; ISEL-MIR-NEXT:    %10:gpr64common = MOVaddr target-flags(aarch64-page) @const_table_local + 8, target-flags(aarch64-pageoff, aarch64-nc) @const_table_local + 8
 ; ISEL-MIR-NEXT:    %2:gpr64common = MOVKXi %0, 1234, 48
-; ISEL-MIR-NEXT:    %15:gpr64noip = COPY %2
-; ISEL-MIR-NEXT:    MOVaddrPAC @const_table_local + 8, 2, %15, 0, implicit-def $x16, implicit-def $x17
+; ISEL-MIR-NEXT:    %15:gpr64noip = COPY %0
+; ISEL-MIR-NEXT:    MOVaddrPAC @const_table_local + 8, 2, %15, 1234, implicit-def $x16, implicit-def $x17
 ; ISEL-MIR-NEXT:    %4:gpr64 = COPY $x16
 ; ISEL-MIR-NEXT:    %14:gpr64 = COPY %4
 ; ISEL-MIR-NEXT:    STRXui %14, %0, 0 :: (store (p0) into %ir.dest)
 ; ISEL-MIR-NEXT:    RET_ReallyLR
 ;
 ; ISEL-ASM-LABEL: store_signed_const_local:
 ; ISEL-ASM-NEXT:    .cfi_startproc
-; ISEL-ASM-NEXT:    mov     x8, x0
-; ISEL-ASM-NEXT:    movk    x8, #1234, lsl #48
 ; ISEL-ASM-ELF-NEXT:    adrp    x16, const_table_local
 ; ISEL-ASM-ELF-NEXT:    add     x16, x16, :lo12:const_table_local
 ; ISEL-ASM-MACHO-NEXT:  adrp    x16, _const_table_local@PAGE
 ; ISEL-ASM-MACHO-NEXT:  add     x16, x16, _const_table_local@PAGEOFF
 ; ISEL-ASM-NEXT:    add     x16, x16, #8
-; ISEL-ASM-NEXT:    pacda   x16, x8
+; ISEL-ASM-NEXT:    mov     x17, x0
+; ISEL-ASM-NEXT:    movk    x17, #1234, lsl #48
+; ISEL-ASM-NEXT:    pacda   x16, x17
 ; ISEL-ASM-NEXT:    str     x16, [x0]
 ; ISEL-ASM-NEXT:    ret
   %dest.i = ptrtoint ptr %dest to i64
@@ -136,17 +141,15 @@ define void @store_signed_const_got(ptr %dest) {
 ; ISEL-MIR-ELF-NEXT:    %7:gpr64common = LOADgotAUTH target-flags(aarch64-got) @const_table_got
 ; ISEL-MIR-ELF-NEXT:    %6:gpr64common = ADDXri %7, 8, 0
 ; ISEL-MIR-ELF-NEXT:    %2:gpr64common = MOVKXi %0, 1234, 48
-; ISEL-MIR-ELF-NEXT:    %12:gpr64noip = COPY %2
-; ISEL-MIR-ELF-NEXT:    LOADgotPAC target-flags(aarch64-got) @const_table_got + 8, 2, %12, 0, implicit-def $x16, implicit-def $x17, implicit-def $nzcv
+; ISEL-MIR-ELF-NEXT:    %12:gpr64noip = COPY %0
+; ISEL-MIR-ELF-NEXT:    LOADgotPAC target-flags(aarch64-got) @const_table_got + 8, 2, %12, 1234, implicit-def $x16, implicit-def $x17, implicit-def $nzcv
 ; ISEL-MIR-ELF-NEXT:    %4:gpr64 = COPY $x16
 ; ISEL-MIR-ELF-NEXT:    %10:gpr64 = COPY %4
 ; ISEL-MIR-ELF-NEXT:    STRXui %10, %0, 0 :: (store (p0) into %ir.dest)
 ; ISEL-MIR-ELF-NEXT:    RET_ReallyLR
 ;
 ; ISEL-ASM-ELF-LABEL: store_signed_const_got:
 ; ISEL-ASM-ELF-NEXT:    .cfi_startproc
-; ISEL-ASM-ELF-NEXT:    mov     x8, x0
-; ISEL-ASM-ELF-NEXT:    movk    x8, #1234, lsl #48
 ; ISEL-ASM-ELF-NEXT:    adrp    x17, :got_auth:const_table_got
 ; ISEL-ASM-ELF-NEXT:    add     x17, x17, :got_auth_lo12:const_table_got
 ; ISEL-ASM-ELF-NEXT:    ldr     x16, [x17]
@@ -158,7 +161,9 @@ define void @store_signed_const_got(ptr %dest) {
 ; ISEL-ASM-ELF-NEXT:    brk     #0xc472
 ; ISEL-ASM-ELF-NEXT:  .Lauth_success_0:
 ; ISEL-ASM-ELF-NEXT:    add     x16, x16, #8
-; ISEL-ASM-ELF-NEXT:    pacda   x16, x8
+; ISEL-ASM-ELF-NEXT:    mov     x17, x0
+; ISEL-ASM-ELF-NEXT:    movk    x17, #1234, lsl #48
+; ISEL-ASM-ELF-NEXT:    pacda   x16, x17
 ; ISEL-ASM-ELF-NEXT:    str     x16, [x0]
 ; ISEL-ASM-ELF-NEXT:    ret
   %dest.i = ptrtoint ptr %dest to i64

llvm/test/CodeGen/AArch64/ptrauth-constant-in-code.ll

@@ -83,28 +83,33 @@ define ptr @foo() {
 @const_table_local = dso_local constant [3 x ptr] [ptr null, ptr null, ptr null]
 @const_table_got = constant [3 x ptr] [ptr null, ptr null, ptr null]
 
+; Test that after post-processing in finalize-isel, MOVaddrPAC (or LOADgotPAC,
+; respectively) has both $AddrDisc and $Disc operands set. MOVaddr (or LOADgotAUTH,
+; respectively) and MOVKXi are not used anymore and are dead-code-eliminated
+; by the later passes.
+
 define void @store_signed_const_local(ptr %dest) {
 ; ISEL-MIR-LABEL: name: store_signed_const_local
 ; ISEL-MIR:       body:
 ; ISEL-MIR:         %0:gpr64common = COPY $x0
 ; ISEL-MIR-NEXT:    %1:gpr64common = MOVKXi %0, 1234, 48
 ; ISEL-MIR-NEXT:    %2:gpr64common = MOVaddr target-flags(aarch64-page) @const_table_local + 8, target-flags(aarch64-pageoff, aarch64-nc) @const_table_local + 8
-; ISEL-MIR-NEXT:    %4:gpr64noip = COPY %1
-; ISEL-MIR-NEXT:    MOVaddrPAC @const_table_local + 8, 2, %4, 0, implicit-def $x16, implicit-def $x17
+; ISEL-MIR-NEXT:    %4:gpr64noip = COPY %0
+; ISEL-MIR-NEXT:    MOVaddrPAC @const_table_local + 8, 2, %4, 1234, implicit-def $x16, implicit-def $x17
 ; ISEL-MIR-NEXT:    %3:gpr64 = COPY $x16
 ; ISEL-MIR-NEXT:    STRXui killed %3, %0, 0 :: (store (s64) into %ir.dest)
 ; ISEL-MIR-NEXT:    RET_ReallyLR
 ;
 ; ISEL-ASM-LABEL: store_signed_const_local:
 ; ISEL-ASM-NEXT:    .cfi_startproc
-; ISEL-ASM-NEXT:    mov     x8, x0
-; ISEL-ASM-NEXT:    movk    x8, #1234, lsl #48
 ; ISEL-ASM-ELF-NEXT:   adrp    x16, const_table_local
 ; ISEL-ASM-ELF-NEXT:   add     x16, x16, :lo12:const_table_local
 ; ISEL-ASM-MACHO-NEXT: adrp    x16, _const_table_local@PAGE
 ; ISEL-ASM-MACHO-NEXT: add     x16, x16, _const_table_local@PAGEOFF
 ; ISEL-ASM-NEXT:    add     x16, x16, #8
-; ISEL-ASM-NEXT:    pacda   x16, x8
+; ISEL-ASM-NEXT:    mov     x17, x0
+; ISEL-ASM-NEXT:    movk    x17, #1234, lsl #48
+; ISEL-ASM-NEXT:    pacda   x16, x17
 ; ISEL-ASM-NEXT:    str     x16, [x0]
 ; ISEL-ASM-NEXT:    ret
   %dest.i = ptrtoint ptr %dest to i64
@@ -122,16 +127,14 @@ define void @store_signed_const_got(ptr %dest) {
 ; ISEL-MIR-ELF-NEXT:    %1:gpr64common = MOVKXi %0, 1234, 48
 ; ISEL-MIR-ELF-NEXT:    %2:gpr64common = LOADgotAUTH target-flags(aarch64-got) @const_table_got, implicit-def dead $x16, implicit-def dead $x17, implicit-def dead $nzcv
 ; ISEL-MIR-ELF-NEXT:    %3:gpr64common = ADDXri killed %2, 8, 0
-; ISEL-MIR-ELF-NEXT:    %5:gpr64noip = COPY %1
-; ISEL-MIR-ELF-NEXT:    LOADgotPAC target-flags(aarch64-got) @const_table_got + 8, 2, %5, 0, implicit-def $x16, implicit-def $x17, implicit-def $nzcv
+; ISEL-MIR-ELF-NEXT:    %5:gpr64noip = COPY %0
+; ISEL-MIR-ELF-NEXT:    LOADgotPAC target-flags(aarch64-got) @const_table_got + 8, 2, %5, 1234, implicit-def $x16, implicit-def $x17, implicit-def $nzcv
 ; ISEL-MIR-ELF-NEXT:    %4:gpr64 = COPY $x16
 ; ISEL-MIR-ELF-NEXT:    STRXui killed %4, %0, 0 :: (store (s64) into %ir.dest)
 ; ISEL-MIR-ELF-NEXT:    RET_ReallyLR
 ;
 ; ISEL-ASM-ELF-LABEL: store_signed_const_got:
 ; ISEL-ASM-ELF-NEXT:    .cfi_startproc
-; ISEL-ASM-ELF-NEXT:    mov     x8, x0
-; ISEL-ASM-ELF-NEXT:    movk    x8, #1234, lsl #48
 ; ISEL-ASM-ELF-NEXT:    adrp    x17, :got_auth:const_table_got
 ; ISEL-ASM-ELF-NEXT:    add     x17, x17, :got_auth_lo12:const_table_got
 ; ISEL-ASM-ELF-NEXT:    ldr     x16, [x17]
@@ -143,7 +146,9 @@ define void @store_signed_const_got(ptr %dest) {
 ; ISEL-ASM-ELF-NEXT:    brk     #0xc472
 ; ISEL-ASM-ELF-NEXT: .Lauth_success_0:
 ; ISEL-ASM-ELF-NEXT:    add     x16, x16, #8
-; ISEL-ASM-ELF-NEXT:    pacda   x16, x8
+; ISEL-ASM-ELF-NEXT:    mov     x17, x0
+; ISEL-ASM-ELF-NEXT:    movk    x17, #1234, lsl #48
+; ISEL-ASM-ELF-NEXT:    pacda   x16, x17
 ; ISEL-ASM-ELF-NEXT:    str     x16, [x0]
 ; ISEL-ASM-ELF-NEXT:    ret
   %dest.i = ptrtoint ptr %dest to i64