[AArch64][PAC][GISel] Add missing clobbering info to LOADgotAUTH

atrosinenko · atrosinenko · commit 245a456e0a24 · 2025-09-09T12:19:13.000+03:00
When LOADgotAUTH is selected by GlobalISel, the existing MachineInstr is
updated in-place instead of constructing a fresh instance by calling
MIB.buildInstr(). This way, implicit-def operands have to be added
manually for register allocator to take them into account.

This patch fixes miscompilation possibility observed when compiling
with GlobalISel enabled or at -O0 optimization level.
diff --git a/llvm/lib/Target/AArch64/GISel/AArch64InstructionSelector.cpp b/llvm/lib/Target/AArch64/GISel/AArch64InstructionSelector.cpp
@@ -2914,10 +2914,15 @@ bool AArch64InstructionSelector::select(MachineInstr &I) {
     }
 
     if (OpFlags & AArch64II::MO_GOT) {
-      I.setDesc(TII.get(MF.getInfo<AArch64FunctionInfo>()->hasELFSignedGOT()
-                            ? AArch64::LOADgotAUTH
-                            : AArch64::LOADgot));
+      bool GOTIsSigned = MF.getInfo<AArch64FunctionInfo>()->hasELFSignedGOT();
+      I.setDesc(TII.get(GOTIsSigned ? AArch64::LOADgotAUTH : AArch64::LOADgot));
       I.getOperand(1).setTargetFlags(OpFlags);
+      if (GOTIsSigned) {
+        MachineInstrBuilder MIB(MF, I);
+        MIB.addDef(AArch64::X16, RegState::Implicit);
+        MIB.addDef(AArch64::X17, RegState::Implicit);
+        MIB.addDef(AArch64::NZCV, RegState::Implicit);
+      }
     } else if (TM.getCodeModel() == CodeModel::Large &&
                !TM.isPositionIndependent()) {
       // Materialize the global using movz/movk instructions.
diff --git a/llvm/test/CodeGen/AArch64/GlobalISel/ptrauth-elf-got.mir b/llvm/test/CodeGen/AArch64/GlobalISel/ptrauth-elf-got.mir
@@ -0,0 +1,23 @@
+# NOTE: Assertions have been autogenerated by utils/update_mir_test_checks.py UTC_ARGS: --version 4
+# RUN: llc -O0 -mtriple=aarch64-linux-gnu -relocation-model=pic -run-pass=instruction-select -global-isel-abort=1 -verify-machineinstrs %s -o - | FileCheck %s
+
+--- |
+  @var_got = external global i8
+  define ptr @loadgotauth_implicit_defs() { ret ptr null }
+
+  !llvm.module.flags = !{!0}
+  !0 = !{i32 8, !"ptrauth-elf-got", i32 1}
+...
+
+---
+name:            loadgotauth_implicit_defs
+legalized:       true
+regBankSelected: true
+body:             |
+  bb.0:
+    ; CHECK-LABEL: name: loadgotauth_implicit_defs
+    ; CHECK: [[LOADgotAUTH:%[0-9]+]]:gpr64common = LOADgotAUTH target-flags(aarch64-got) @var_got, implicit-def $x16, implicit-def $x17, implicit-def $nzcv
+    ; CHECK-NEXT: $x0 = COPY [[LOADgotAUTH]]
+    %0:gpr(p0) = G_GLOBAL_VALUE @var_got
+    $x0 = COPY %0(p0)
+...
