[InstCombine] Combine ptrauth constants into ptrauth intrinsics. #94705
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
When we encounter two consecutive ptrauth intrinsics, we can already combine the inner matching sign + auth pair, e.g.: resign(sign(p,ks,ds),ks,ds,kr,dr) -> sign(p,kr,dr) We can generalize that to ptrauth constants, which are effectively constant equivalents to ptrauth.sign, i.e.: resign(ptrauth(p,ks,ds),ks,ds,kr,dr) -> ptrauth(p,kr,dr) auth(ptrauth(p,k,d),k,d) -> p While there cleanup a redundant return after eraseInstFromFunction in the shared (intrinsic|constant)->intrinsic folding code.
ahmedbougacha
force-pushed
the
users/ahmedbougacha/ptrauth-instcombine-constant-intrin
branch
from
02a5496 to
9dfe010
Compare
Member
|
@llvm/pr-subscribers-backend-aarch64 @llvm/pr-subscribers-llvm-transforms Author: Ahmed Bougacha (ahmedbougacha) ChangesWhen we encounter two consecutive ptrauth intrinsics, we can already combine the inner matching sign + auth pair, e.g.: We can generalize that to ptrauth constants, which are effectively constant equivalents to ptrauth.sign, i.e.: While there, cleanup a redundant return after eraseInstFromFunction in the shared (intrinsic|constant)->intrinsic folding code. Full diff: https://github.com/llvm/llvm-project/pull/94705.diff 2 Files Affected:
diff --git a/llvm/lib/Transforms/InstCombine/InstCombineCalls.cpp b/llvm/lib/Transforms/InstCombine/InstCombineCalls.cpp
index 436cdbff75669..310514bea3ec1 100644
--- a/llvm/lib/Transforms/InstCombine/InstCombineCalls.cpp
+++ b/llvm/lib/Transforms/InstCombine/InstCombineCalls.cpp
@@ -2643,13 +2643,14 @@ Instruction *InstCombinerImpl::visitCallInst(CallInst &CI) {
// (sign|resign) + (auth|resign) can be folded by omitting the middle
// sign+auth component if the key and discriminator match.
bool NeedSign = II->getIntrinsicID() == Intrinsic::ptrauth_resign;
+ Value *Ptr = II->getArgOperand(0);
Value *Key = II->getArgOperand(1);
Value *Disc = II->getArgOperand(2);
// AuthKey will be the key we need to end up authenticating against in
// whatever we replace this sequence with.
Value *AuthKey = nullptr, *AuthDisc = nullptr, *BasePtr;
- if (auto CI = dyn_cast<CallBase>(II->getArgOperand(0))) {
+ if (auto *CI = dyn_cast<CallBase>(Ptr)) {
BasePtr = CI->getArgOperand(0);
if (CI->getIntrinsicID() == Intrinsic::ptrauth_sign) {
if (CI->getArgOperand(1) != Key || CI->getArgOperand(2) != Disc)
@@ -2661,6 +2662,27 @@ Instruction *InstCombinerImpl::visitCallInst(CallInst &CI) {
AuthDisc = CI->getArgOperand(2);
} else
break;
+ } else if (auto *PtrToInt = dyn_cast<PtrToIntOperator>(Ptr)) {
+ // ptrauth constants are equivalent to a call to @llvm.ptrauth.sign for
+ // our purposes, so check for that too.
+ auto *CPA = dyn_cast<ConstantPtrAuth>(PtrToInt->getOperand(0));
+ if (!CPA || !CPA->isKnownCompatibleWith(Key, Disc, DL))
+ break;
+
+ // resign(ptrauth(p,ks,ds),ks,ds,kr,dr) -> ptrauth(p,kr,dr)
+ if (NeedSign && isa<ConstantInt>(II->getArgOperand(4))) {
+ auto *SignKey = cast<ConstantInt>(II->getArgOperand(3));
+ auto *SignDisc = cast<ConstantInt>(II->getArgOperand(4));
+ auto *SignAddrDisc = ConstantPointerNull::get(Builder.getPtrTy());
+ auto *NewCPA = ConstantPtrAuth::get(CPA->getPointer(), SignKey,
+ SignDisc, SignAddrDisc);
+ replaceInstUsesWith(
+ *II, ConstantExpr::getPointerCast(NewCPA, II->getType()));
+ return eraseInstFromFunction(*II);
+ }
+
+ // auth(ptrauth(p,k,d),k,d) -> p
+ BasePtr = Builder.CreatePtrToInt(CPA->getPointer(), II->getType());
} else
break;
@@ -2677,8 +2699,7 @@ Instruction *InstCombinerImpl::visitCallInst(CallInst &CI) {
} else {
// sign(0) + auth(0) = nop
replaceInstUsesWith(*II, BasePtr);
- eraseInstFromFunction(*II);
- return nullptr;
+ return eraseInstFromFunction(*II);
}
SmallVector<Value *, 4> CallArgs;
diff --git a/llvm/test/Transforms/InstCombine/ptrauth-intrinsics.ll b/llvm/test/Transforms/InstCombine/ptrauth-intrinsics.ll
index da0f724abfde4..3e894739f4e34 100644
--- a/llvm/test/Transforms/InstCombine/ptrauth-intrinsics.ll
+++ b/llvm/test/Transforms/InstCombine/ptrauth-intrinsics.ll
@@ -12,6 +12,26 @@ define i64 @test_ptrauth_nop(ptr %p) {
ret i64 %authed
}
+declare void @foo()
+
+define i64 @test_ptrauth_nop_constant() {
+; CHECK-LABEL: @test_ptrauth_nop_constant(
+; CHECK-NEXT: ret i64 ptrtoint (ptr @foo to i64)
+;
+ %authed = call i64 @llvm.ptrauth.auth(i64 ptrtoint(ptr ptrauth(ptr @foo, i32 1, i64 1234) to i64), i32 1, i64 1234)
+ ret i64 %authed
+}
+
+define i64 @test_ptrauth_nop_constant_addrdisc() {
+; CHECK-LABEL: @test_ptrauth_nop_constant_addrdisc(
+; CHECK-NEXT: ret i64 ptrtoint (ptr @foo to i64)
+;
+ %addr = ptrtoint void()* @foo to i64
+ %blended = call i64 @llvm.ptrauth.blend(i64 %addr, i64 1234)
+ %authed = call i64 @llvm.ptrauth.auth(i64 ptrtoint(ptr ptrauth(ptr @foo, i32 1, i64 1234, ptr @foo) to i64), i32 1, i64 %blended)
+ ret i64 %authed
+}
+
define i64 @test_ptrauth_nop_mismatch(ptr %p) {
; CHECK-LABEL: @test_ptrauth_nop_mismatch(
; CHECK-NEXT: [[TMP0:%.*]] = ptrtoint ptr [[P:%.*]] to i64
@@ -87,6 +107,59 @@ define i64 @test_ptrauth_resign_auth_mismatch(ptr %p) {
ret i64 %authed
}
+define i64 @test_ptrauth_nop_constant_mismatch() {
+; CHECK-LABEL: @test_ptrauth_nop_constant_mismatch(
+; CHECK-NEXT: [[AUTHED:%.*]] = call i64 @llvm.ptrauth.auth(i64 ptrtoint (ptr ptrauth (ptr @foo, i32 1, i64 1234) to i64), i32 1, i64 12)
+; CHECK-NEXT: ret i64 [[AUTHED]]
+;
+ %authed = call i64 @llvm.ptrauth.auth(i64 ptrtoint(ptr ptrauth(ptr @foo, i32 1, i64 1234) to i64), i32 1, i64 12)
+ ret i64 %authed
+}
+
+define i64 @test_ptrauth_nop_constant_mismatch_key() {
+; CHECK-LABEL: @test_ptrauth_nop_constant_mismatch_key(
+; CHECK-NEXT: [[AUTHED:%.*]] = call i64 @llvm.ptrauth.auth(i64 ptrtoint (ptr ptrauth (ptr @foo, i32 1, i64 1234) to i64), i32 0, i64 1234)
+; CHECK-NEXT: ret i64 [[AUTHED]]
+;
+ %authed = call i64 @llvm.ptrauth.auth(i64 ptrtoint(ptr ptrauth(ptr @foo, i32 1, i64 1234) to i64), i32 0, i64 1234)
+ ret i64 %authed
+}
+
+define i64 @test_ptrauth_nop_constant_addrdisc_mismatch() {
+; CHECK-LABEL: @test_ptrauth_nop_constant_addrdisc_mismatch(
+; CHECK-NEXT: [[BLENDED:%.*]] = call i64 @llvm.ptrauth.blend(i64 ptrtoint (ptr @foo to i64), i64 12)
+; CHECK-NEXT: [[AUTHED:%.*]] = call i64 @llvm.ptrauth.auth(i64 ptrtoint (ptr ptrauth (ptr @foo, i32 1, i64 1234, ptr @foo) to i64), i32 1, i64 [[BLENDED]])
+; CHECK-NEXT: ret i64 [[AUTHED]]
+;
+ %addr = ptrtoint ptr @foo to i64
+ %blended = call i64 @llvm.ptrauth.blend(i64 %addr, i64 12)
+ %authed = call i64 @llvm.ptrauth.auth(i64 ptrtoint(ptr ptrauth(ptr @foo, i32 1, i64 1234, ptr @foo) to i64), i32 1, i64 %blended)
+ ret i64 %authed
+}
+
+define i64 @test_ptrauth_nop_constant_addrdisc_mismatch2() {
+; CHECK-LABEL: @test_ptrauth_nop_constant_addrdisc_mismatch2(
+; CHECK-NEXT: [[BLENDED:%.*]] = call i64 @llvm.ptrauth.blend(i64 ptrtoint (ptr @test_ptrauth_nop to i64), i64 1234)
+; CHECK-NEXT: [[AUTHED:%.*]] = call i64 @llvm.ptrauth.auth(i64 ptrtoint (ptr ptrauth (ptr @foo, i32 1, i64 1234, ptr @foo) to i64), i32 1, i64 [[BLENDED]])
+; CHECK-NEXT: ret i64 [[AUTHED]]
+;
+ %addr = ptrtoint ptr @test_ptrauth_nop to i64
+ %blended = call i64 @llvm.ptrauth.blend(i64 %addr, i64 1234)
+ %authed = call i64 @llvm.ptrauth.auth(i64 ptrtoint(ptr ptrauth(ptr @foo, i32 1, i64 1234, ptr @foo) to i64), i32 1, i64 %blended)
+ ret i64 %authed
+}
+
+define i64 @test_ptrauth_resign_ptrauth_constant(ptr %p) {
+; CHECK-LABEL: @test_ptrauth_resign_ptrauth_constant(
+; CHECK-NEXT: ret i64 ptrtoint (ptr ptrauth (ptr @foo, i32 0, i64 42) to i64)
+;
+
+ %tmp0 = ptrtoint ptr %p to i64
+ %authed = call i64 @llvm.ptrauth.resign(i64 ptrtoint(ptr ptrauth(ptr @foo, i32 1, i64 1234) to i64), i32 1, i64 1234, i32 0, i64 42)
+ ret i64 %authed
+}
+
declare i64 @llvm.ptrauth.auth(i64, i32, i64)
declare i64 @llvm.ptrauth.sign(i64, i32, i64)
declare i64 @llvm.ptrauth.resign(i64, i32, i64, i32, i64)
+declare i64 @llvm.ptrauth.blend(i64, i64)
|
nikic
reviewed
Jun 12, 2024
| auto *NewCPA = ConstantPtrAuth::get(CPA->getPointer(), SignKey, | ||
| SignDisc, SignAddrDisc); | ||
| replaceInstUsesWith( | ||
| *II, ConstantExpr::getPointerCast(NewCPA, II->getType())); |
Contributor
There was a problem hiding this comment.
Is this getPointerCast() needed? If so, I think it's missing test coverage.
Member
Author
There was a problem hiding this comment.
Heh I thought this was another remnant of typed pointers, but this one is indeed needed, to reconcile the i64-centric ptrauth intrinsics with ptrs in ptr contexts elsewhere, i.e. the ptrtoint in:
; CHECK-NEXT: ret i64 ptrtoint (ptr ptrauth (ptr @foo, i32 0, i64 42) to i64)
%tmp0 = ptrtoint ptr %p to i64
%authed = call i64 @llvm.ptrauth.resign(i64 ptrtoint(ptr ptrauth(ptr @foo, i32 1, i64 1234) to i64), i32 1, i64 1234, i32 0, i64 42)
ret i64 %authed
kovdan01
reviewed
Jun 17, 2024
kovdan01
approved these changes
Jun 17, 2024
- don't reuse fn in test - const
ahmedbougacha
deleted the
users/ahmedbougacha/ptrauth-instcombine-constant-intrin
branch
Collaborator
|
LLVM Buildbot has detected a new failure on builder Full details are available at: https://lab.llvm.org/buildbot/#/builders/66/builds/644 Here is the relevant piece of the build log for the reference: |
cpiaseque
pushed a commit
to cpiaseque/llvm-project
that referenced
this pull request
Jul 3, 2024
…m#94705) When we encounter two consecutive ptrauth intrinsics, we can already combine the inner matching sign + auth pair, e.g.: resign(sign(p,ks,ds),ks,ds,kr,dr) -> sign(p,kr,dr) We can generalize that to ptrauth constants, which are effectively constant equivalents to ptrauth.sign, i.e.: resign(ptrauth(p,ks,ds),ks,ds,kr,dr) -> ptrauth(p,kr,dr) auth(ptrauth(p,k,d),k,d) -> p While there, cleanup a redundant return after eraseInstFromFunction in the shared (intrinsic|constant)->intrinsic folding code.
AlexisPerry
pushed a commit
to llvm-project-tlp/llvm-project
that referenced
this pull request
Jul 9, 2024
…m#94705) When we encounter two consecutive ptrauth intrinsics, we can already combine the inner matching sign + auth pair, e.g.: resign(sign(p,ks,ds),ks,ds,kr,dr) -> sign(p,kr,dr) We can generalize that to ptrauth constants, which are effectively constant equivalents to ptrauth.sign, i.e.: resign(ptrauth(p,ks,ds),ks,ds,kr,dr) -> ptrauth(p,kr,dr) auth(ptrauth(p,k,d),k,d) -> p While there, cleanup a redundant return after eraseInstFromFunction in the shared (intrinsic|constant)->intrinsic folding code.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
5 participants
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
When we encounter two consecutive ptrauth intrinsics, we can already combine the inner matching sign + auth pair, e.g.:
We can generalize that to ptrauth constants, which are effectively constant equivalents to ptrauth.sign, i.e.:
While there, cleanup a redundant return after eraseInstFromFunction in the shared (intrinsic|constant)->intrinsic folding code.