[InstCombine] Combine ptrauth constant callee into bundle. (llvm#94706)

ahmedbougacha · ahmedbougacha · commit 92247711f5d1 · 2025-07-17T09:19:24.000-07:00
Try to optimize a call to a ptrauth constant, into its ptrauth bundle: call(ptrauth(f)), ["ptrauth"()] -> call f as long as the key/discriminator are the same in constant and bundle. Reapplies 42d2ae1 after it was dropped wholesale in d85524f. Also renames the old (unrelated) test to match the upstream rename. rdar://156047963
diff --git a/llvm/lib/Transforms/InstCombine/InstCombineCalls.cpp b/llvm/lib/Transforms/InstCombine/InstCombineCalls.cpp
@@ -4125,6 +4125,34 @@ Instruction *InstCombinerImpl::tryCombinePtrAuthCall(CallBase &Call) {
   return NewCall;
 }
 
+Instruction *InstCombinerImpl::foldPtrAuthConstantCallee(CallBase &Call) {
+  auto *CPA = dyn_cast<ConstantPtrAuth>(Call.getCalledOperand());
+  if (!CPA)
+    return nullptr;
+
+  auto *CalleeF = dyn_cast<Function>(CPA->getPointer());
+  // If the ptrauth constant isn't based on a function pointer, bail out.
+  if (!CalleeF)
+    return nullptr;
+
+  // Inspect the call ptrauth bundle to check it matches the ptrauth constant.
+  auto PAB = Call.getOperandBundle(LLVMContext::OB_ptrauth);
+  if (!PAB)
+    return nullptr;
+
+  auto *Key = cast<ConstantInt>(PAB->Inputs[0]);
+  Value *Discriminator = PAB->Inputs[1];
+
+  // If the bundle doesn't match, this is probably going to fail to auth.
+  if (!CPA->isKnownCompatibleWith(Key, Discriminator, DL))
+    return nullptr;
+
+  // If the bundle matches the constant, proceed in making this a direct call.
+  auto *NewCall = CallBase::removeOperandBundle(&Call, LLVMContext::OB_ptrauth);
+  NewCall->setCalledOperand(CalleeF);
+  return NewCall;
+}
+
 bool InstCombinerImpl::annotateAnyAllocSite(CallBase &Call,
                                             const TargetLibraryInfo *TLI) {
   // Note: We only handle cases which can't be driven from generic attributes
@@ -4289,6 +4317,10 @@ Instruction *InstCombinerImpl::visitCallBase(CallBase &Call) {
   if (Instruction *NewCall = tryCombinePtrAuthCall(Call))
     return NewCall;
 
+  // Combine calls to ptrauth constants.
+  if (Instruction *NewCall = foldPtrAuthConstantCallee(Call))
+    return NewCall;
+
   if (isa<InlineAsm>(Callee) && !Call.doesNotThrow()) {
     InlineAsm *IA = cast<InlineAsm>(Callee);
     if (!IA->canThrow()) {
diff --git a/llvm/lib/Transforms/InstCombine/InstCombineInternal.h b/llvm/lib/Transforms/InstCombine/InstCombineInternal.h
@@ -284,6 +284,11 @@ class LLVM_LIBRARY_VISIBILITY InstCombinerImpl final
                                               IntrinsicInst &Tramp);
   Instruction *tryCombinePtrAuthCall(CallBase &Call);
 
+  /// Try to optimize a call to a ptrauth constant, into its ptrauth bundle:
+  ///   call(ptrauth(f)), ["ptrauth"()] ->  call f
+  /// as long as the key/discriminator are the same in constant and bundle.
+  Instruction *foldPtrAuthConstantCallee(CallBase &Call);
+
   // Return (a, b) if (LHS, RHS) is known to be (a, b) or (b, a).
   // Otherwise, return std::nullopt
   // Currently it matches:
diff --git a/llvm/test/Transforms/InstCombine/ptrauth-call.ll b/llvm/test/Transforms/InstCombine/ptrauth-call.ll
@@ -1,77 +1,97 @@
 ; NOTE: Assertions have been autogenerated by utils/update_test_checks.py
 ; RUN: opt < %s -passes=instcombine -S | FileCheck %s
 
-define i32 @test_ptrauth_call_resign(ptr %p) {
-; CHECK-LABEL: @test_ptrauth_call_resign(
-; CHECK-NEXT:    [[TMP3:%.*]] = call i32 [[P:%.*]]() [ "ptrauth"(i32 0, i64 1234) ]
-; CHECK-NEXT:    ret i32 [[TMP3]]
+declare i64 @f(i32)
+declare ptr @f2(i32)
+
+define i32 @test_ptrauth_call(i32 %a0) {
+; CHECK-LABEL: @test_ptrauth_call(
+; CHECK-NEXT:    [[V0:%.*]] = call i32 @f(i32 [[A0:%.*]])
+; CHECK-NEXT:    ret i32 [[V0]]
+;
+  %v0 = call i32 ptrauth(ptr @f, i32 0)(i32 %a0) [ "ptrauth"(i32 0, i64 0) ]
+  ret i32 %v0
+}
+
+define i32 @test_ptrauth_call_disc(i32 %a0) {
+; CHECK-LABEL: @test_ptrauth_call_disc(
+; CHECK-NEXT:    [[V0:%.*]] = call i32 @f(i32 [[A0:%.*]])
+; CHECK-NEXT:    ret i32 [[V0]]
+;
+  %v0 = call i32 ptrauth(ptr @f, i32 1, i64 5678)(i32 %a0) [ "ptrauth"(i32 1, i64 5678) ]
+  ret i32 %v0
+}
+
+@f_addr_disc.ref = constant ptr ptrauth(ptr @f, i32 1, i64 0, ptr @f_addr_disc.ref)
+
+define i32 @test_ptrauth_call_addr_disc(i32 %a0) {
+; CHECK-LABEL: @test_ptrauth_call_addr_disc(
+; CHECK-NEXT:    [[V0:%.*]] = call i32 @f(i32 [[A0:%.*]])
+; CHECK-NEXT:    ret i32 [[V0]]
+;
+  %v0 = call i32 ptrauth(ptr @f, i32 1, i64 0, ptr @f_addr_disc.ref)(i32 %a0) [ "ptrauth"(i32 1, i64 ptrtoint (ptr @f_addr_disc.ref to i64)) ]
+  ret i32 %v0
+}
+
+@f_both_disc.ref = constant ptr ptrauth(ptr @f, i32 1, i64 1234, ptr @f_both_disc.ref)
+
+define i32 @test_ptrauth_call_blend(i32 %a0) {
+; CHECK-LABEL: @test_ptrauth_call_blend(
+; CHECK-NEXT:    [[V0:%.*]] = call i32 @f(i32 [[A0:%.*]])
+; CHECK-NEXT:    ret i32 [[V0]]
+;
+  %v = call i64 @llvm.ptrauth.blend(i64 ptrtoint (ptr @f_both_disc.ref to i64), i64 1234)
+  %v0 = call i32 ptrauth(ptr @f, i32 1, i64 1234, ptr @f_both_disc.ref)(i32 %a0) [ "ptrauth"(i32 1, i64 %v) ]
+  ret i32 %v0
+}
+
+define i64 @test_ptrauth_call_cast(i32 %a0) {
+; CHECK-LABEL: @test_ptrauth_call_cast(
+; CHECK-NEXT:    [[V0:%.*]] = call i64 @f2(i32 [[A0:%.*]])
+; CHECK-NEXT:    ret i64 [[V0]]
 ;
-  %tmp0 = ptrtoint ptr %p to i64
-  %tmp1 = call i64 @llvm.ptrauth.resign(i64 %tmp0, i32 0, i64 1234, i32 2, i64 5678)
-  %tmp2 = inttoptr i64 %tmp1 to ptr
-  %tmp3 = call i32 %tmp2() [ "ptrauth"(i32 2, i64 5678) ]
-  ret i32 %tmp3
+  %v0 = call i64 ptrauth(ptr @f2, i32 0)(i32 %a0) [ "ptrauth"(i32 0, i64 0) ]
+  ret i64 %v0
 }
 
-define i32 @test_ptrauth_call_resign_blend(ptr %pp) {
-; CHECK-LABEL: @test_ptrauth_call_resign_blend(
-; CHECK-NEXT:    [[TMP01:%.*]] = load ptr, ptr [[PP:%.*]], align 8
-; CHECK-NEXT:    [[TMP6:%.*]] = call i32 [[TMP01]]() [ "ptrauth"(i32 0, i64 1234) ]
-; CHECK-NEXT:    ret i32 [[TMP6]]
+define i32 @test_ptrauth_call_mismatch_key(i32 %a0) {
+; CHECK-LABEL: @test_ptrauth_call_mismatch_key(
+; CHECK-NEXT:    [[V0:%.*]] = call i32 ptrauth (ptr @f, i32 1, i64 5678)(i32 [[A0:%.*]]) [ "ptrauth"(i32 0, i64 5678) ]
+; CHECK-NEXT:    ret i32 [[V0]]
 ;
-  %tmp0 = load ptr, ptr %pp, align 8
-  %tmp1 = ptrtoint ptr %pp to i64
-  %tmp2 = ptrtoint ptr %tmp0 to i64
-  %tmp3 = call i64 @llvm.ptrauth.blend(i64 %tmp1, i64 5678)
-  %tmp4 = call i64 @llvm.ptrauth.resign(i64 %tmp2, i32 0, i64 1234, i32 1, i64 %tmp3)
-  %tmp5 = inttoptr i64 %tmp4 to ptr
-  %tmp6 = call i32 %tmp5() [ "ptrauth"(i32 1, i64 %tmp3) ]
-  ret i32 %tmp6
+  %v0 = call i32 ptrauth(ptr @f, i32 1, i64 5678)(i32 %a0) [ "ptrauth"(i32 0, i64 5678) ]
+  ret i32 %v0
 }
 
-define i32 @test_ptrauth_call_resign_blend_2(ptr %pp) {
-; CHECK-LABEL: @test_ptrauth_call_resign_blend_2(
-; CHECK-NEXT:    [[TMP01:%.*]] = load ptr, ptr [[PP:%.*]], align 8
-; CHECK-NEXT:    [[TMP1:%.*]] = ptrtoint ptr [[PP]] to i64
-; CHECK-NEXT:    [[TMP3:%.*]] = call i64 @llvm.ptrauth.blend(i64 [[TMP1]], i64 5678)
-; CHECK-NEXT:    [[TMP6:%.*]] = call i32 [[TMP01]]() [ "ptrauth"(i32 1, i64 [[TMP3]]) ]
-; CHECK-NEXT:    ret i32 [[TMP6]]
+define i32 @test_ptrauth_call_mismatch_disc(i32 %a0) {
+; CHECK-LABEL: @test_ptrauth_call_mismatch_disc(
+; CHECK-NEXT:    [[V0:%.*]] = call i32 ptrauth (ptr @f, i32 1, i64 5678)(i32 [[A0:%.*]]) [ "ptrauth"(i32 1, i64 0) ]
+; CHECK-NEXT:    ret i32 [[V0]]
 ;
-  %tmp0 = load ptr, ptr %pp, align 8
-  %tmp1 = ptrtoint ptr %pp to i64
-  %tmp2 = ptrtoint ptr %tmp0 to i64
-  %tmp3 = call i64 @llvm.ptrauth.blend(i64 %tmp1, i64 5678)
-  %tmp4 = call i64 @llvm.ptrauth.resign(i64 %tmp2, i32 1, i64 %tmp3, i32 0, i64 1234)
-  %tmp5 = inttoptr i64 %tmp4 to ptr
-  %tmp6 = call i32 %tmp5() [ "ptrauth"(i32 0, i64 1234) ]
-  ret i32 %tmp6
+  %v0 = call i32 ptrauth(ptr @f, i32 1, i64 5678)(i32 %a0) [ "ptrauth"(i32 1, i64 0) ]
+  ret i32 %v0
 }
 
-define i32 @test_ptrauth_call_auth(ptr %p) {
-; CHECK-LABEL: @test_ptrauth_call_auth(
-; CHECK-NEXT:    [[TMP3:%.*]] = call i32 [[P:%.*]]() [ "ptrauth"(i32 2, i64 5678) ]
-; CHECK-NEXT:    ret i32 [[TMP3]]
+define i32 @test_ptrauth_call_mismatch_blend(i32 %a0) {
+; CHECK-LABEL: @test_ptrauth_call_mismatch_blend(
+; CHECK-NEXT:    [[V:%.*]] = call i64 @llvm.ptrauth.blend(i64 ptrtoint (ptr @f_both_disc.ref to i64), i64 0)
+; CHECK-NEXT:    [[V0:%.*]] = call i32 ptrauth (ptr @f, i32 1, i64 1234, ptr @f_both_disc.ref)(i32 [[A0:%.*]]) [ "ptrauth"(i32 1, i64 [[V]]) ]
+; CHECK-NEXT:    ret i32 [[V0]]
 ;
-  %tmp0 = ptrtoint ptr %p to i64
-  %tmp1 = call i64 @llvm.ptrauth.auth(i64 %tmp0, i32 2, i64 5678)
-  %tmp2 = inttoptr i64 %tmp1 to ptr
-  %tmp3 = call i32 %tmp2()
-  ret i32 %tmp3
+  %v = call i64 @llvm.ptrauth.blend(i64 ptrtoint (ptr @f_both_disc.ref to i64), i64 0)
+  %v0 = call i32 ptrauth(ptr @f, i32 1, i64 1234, ptr @f_both_disc.ref)(i32 %a0) [ "ptrauth"(i32 1, i64 %v) ]
+  ret i32 %v0
 }
 
-define i32 @test_ptrauth_call_sign(ptr %p) {
-; CHECK-LABEL: @test_ptrauth_call_sign(
-; CHECK-NEXT:    [[TMP3:%.*]] = call i32 [[P:%.*]]()
-; CHECK-NEXT:    ret i32 [[TMP3]]
+define i32 @test_ptrauth_call_mismatch_blend_addr(i32 %a0) {
+; CHECK-LABEL: @test_ptrauth_call_mismatch_blend_addr(
+; CHECK-NEXT:    [[V:%.*]] = call i64 @llvm.ptrauth.blend(i64 ptrtoint (ptr @f_addr_disc.ref to i64), i64 1234)
+; CHECK-NEXT:    [[V0:%.*]] = call i32 ptrauth (ptr @f, i32 1, i64 1234, ptr @f_both_disc.ref)(i32 [[A0:%.*]]) [ "ptrauth"(i32 1, i64 [[V]]) ]
+; CHECK-NEXT:    ret i32 [[V0]]
 ;
-  %tmp0 = ptrtoint ptr %p to i64
-  %tmp1 = call i64 @llvm.ptrauth.sign(i64 %tmp0, i32 2, i64 5678)
-  %tmp2 = inttoptr i64 %tmp1 to ptr
-  %tmp3 = call i32 %tmp2() [ "ptrauth"(i32 2, i64 5678) ]
-  ret i32 %tmp3
+  %v = call i64 @llvm.ptrauth.blend(i64 ptrtoint (ptr @f_addr_disc.ref to i64), i64 1234)
+  %v0 = call i32 ptrauth(ptr @f, i32 1, i64 1234, ptr @f_both_disc.ref)(i32 %a0) [ "ptrauth"(i32 1, i64 %v) ]
+  ret i32 %v0
 }
 
-declare i64 @llvm.ptrauth.auth(i64, i32, i64)
-declare i64 @llvm.ptrauth.sign(i64, i32, i64)
-declare i64 @llvm.ptrauth.resign(i64, i32, i64, i32, i64)
 declare i64 @llvm.ptrauth.blend(i64, i64)
diff --git a/llvm/test/Transforms/InstCombine/ptrauth-intrinsics-call.ll b/llvm/test/Transforms/InstCombine/ptrauth-intrinsics-call.ll
@@ -0,0 +1,77 @@
+; NOTE: Assertions have been autogenerated by utils/update_test_checks.py
+; RUN: opt < %s -passes=instcombine -S | FileCheck %s
+
+define i32 @test_ptrauth_call_resign(ptr %p) {
+; CHECK-LABEL: @test_ptrauth_call_resign(
+; CHECK-NEXT:    [[TMP3:%.*]] = call i32 [[P:%.*]]() [ "ptrauth"(i32 0, i64 1234) ]
+; CHECK-NEXT:    ret i32 [[TMP3]]
+;
+  %tmp0 = ptrtoint ptr %p to i64
+  %tmp1 = call i64 @llvm.ptrauth.resign(i64 %tmp0, i32 0, i64 1234, i32 2, i64 5678)
+  %tmp2 = inttoptr i64 %tmp1 to ptr
+  %tmp3 = call i32 %tmp2() [ "ptrauth"(i32 2, i64 5678) ]
+  ret i32 %tmp3
+}
+
+define i32 @test_ptrauth_call_resign_blend(ptr %pp) {
+; CHECK-LABEL: @test_ptrauth_call_resign_blend(
+; CHECK-NEXT:    [[TMP01:%.*]] = load ptr, ptr [[PP:%.*]], align 8
+; CHECK-NEXT:    [[TMP6:%.*]] = call i32 [[TMP01]]() [ "ptrauth"(i32 0, i64 1234) ]
+; CHECK-NEXT:    ret i32 [[TMP6]]
+;
+  %tmp0 = load ptr, ptr %pp, align 8
+  %tmp1 = ptrtoint ptr %pp to i64
+  %tmp2 = ptrtoint ptr %tmp0 to i64
+  %tmp3 = call i64 @llvm.ptrauth.blend(i64 %tmp1, i64 5678)
+  %tmp4 = call i64 @llvm.ptrauth.resign(i64 %tmp2, i32 0, i64 1234, i32 1, i64 %tmp3)
+  %tmp5 = inttoptr i64 %tmp4 to ptr
+  %tmp6 = call i32 %tmp5() [ "ptrauth"(i32 1, i64 %tmp3) ]
+  ret i32 %tmp6
+}
+
+define i32 @test_ptrauth_call_resign_blend_2(ptr %pp) {
+; CHECK-LABEL: @test_ptrauth_call_resign_blend_2(
+; CHECK-NEXT:    [[TMP01:%.*]] = load ptr, ptr [[PP:%.*]], align 8
+; CHECK-NEXT:    [[TMP1:%.*]] = ptrtoint ptr [[PP]] to i64
+; CHECK-NEXT:    [[TMP3:%.*]] = call i64 @llvm.ptrauth.blend(i64 [[TMP1]], i64 5678)
+; CHECK-NEXT:    [[TMP6:%.*]] = call i32 [[TMP01]]() [ "ptrauth"(i32 1, i64 [[TMP3]]) ]
+; CHECK-NEXT:    ret i32 [[TMP6]]
+;
+  %tmp0 = load ptr, ptr %pp, align 8
+  %tmp1 = ptrtoint ptr %pp to i64
+  %tmp2 = ptrtoint ptr %tmp0 to i64
+  %tmp3 = call i64 @llvm.ptrauth.blend(i64 %tmp1, i64 5678)
+  %tmp4 = call i64 @llvm.ptrauth.resign(i64 %tmp2, i32 1, i64 %tmp3, i32 0, i64 1234)
+  %tmp5 = inttoptr i64 %tmp4 to ptr
+  %tmp6 = call i32 %tmp5() [ "ptrauth"(i32 0, i64 1234) ]
+  ret i32 %tmp6
+}
+
+define i32 @test_ptrauth_call_auth(ptr %p) {
+; CHECK-LABEL: @test_ptrauth_call_auth(
+; CHECK-NEXT:    [[TMP3:%.*]] = call i32 [[P:%.*]]() [ "ptrauth"(i32 2, i64 5678) ]
+; CHECK-NEXT:    ret i32 [[TMP3]]
+;
+  %tmp0 = ptrtoint ptr %p to i64
+  %tmp1 = call i64 @llvm.ptrauth.auth(i64 %tmp0, i32 2, i64 5678)
+  %tmp2 = inttoptr i64 %tmp1 to ptr
+  %tmp3 = call i32 %tmp2()
+  ret i32 %tmp3
+}
+
+define i32 @test_ptrauth_call_sign(ptr %p) {
+; CHECK-LABEL: @test_ptrauth_call_sign(
+; CHECK-NEXT:    [[TMP3:%.*]] = call i32 [[P:%.*]]()
+; CHECK-NEXT:    ret i32 [[TMP3]]
+;
+  %tmp0 = ptrtoint ptr %p to i64
+  %tmp1 = call i64 @llvm.ptrauth.sign(i64 %tmp0, i32 2, i64 5678)
+  %tmp2 = inttoptr i64 %tmp1 to ptr
+  %tmp3 = call i32 %tmp2() [ "ptrauth"(i32 2, i64 5678) ]
+  ret i32 %tmp3
+}
+
+declare i64 @llvm.ptrauth.auth(i64, i32, i64)
+declare i64 @llvm.ptrauth.sign(i64, i32, i64)
+declare i64 @llvm.ptrauth.resign(i64, i32, i64, i32, i64)
+declare i64 @llvm.ptrauth.blend(i64, i64)
