Refine patch a bit.

- signed_ptr/SP -> ptrauth/CPA
- Verifier.cpp: check CPA type == base ptr type
- C API: exclude ConstantPtrAuth until needed
- BitcodeAnalyzer.cpp: print CST_CODE_PTRAUTH
- IR: refine test a bit, add addrspace for base/disc
- docs: refine a bit, remove stale overload
- docs: add to PointerAuth.md

Author: ahmedbougacha

llvm/docs/LangRef.rst

@@ -4750,29 +4750,35 @@ reference to the CFI jump table in the ``LowerTypeTests`` pass. These constants
 may be useful in low-level programs, such as operating system kernels, which
 need to refer to the actual function body.
 
-.. _ptrauth:
+.. _ptrauth_constant:
 
-Authenticated Pointers
-----------------------
+Pointer Authentication Constants
+--------------------------------
 
-``ptrauth (ptr CST, i32 KEY, ptr ADDRDISC, i16 DISC)
+``ptrauth (ptr CST, i32 KEY, ptr ADDRDISC, i64 DISC)``
 
 A '``ptrauth``' constant represents a pointer with a cryptographic
-authentication signature embedded into some bits. Its type is the same as the
-first argument.
+authentication signature embedded into some bits, as described in the
+`Pointer Authentication <PointerAuth.html>`__ document.
+
+A '``ptrauth``' constant is simply a constant equivalent to the
+``llvm.ptrauth.sign`` intrinsic, potentially fed by a discriminator
+``llvm.ptrauth.blend`` if needed.
 
 
 If the address disciminator is ``null`` then the expression is equivalent to
 
-.. code-block:llvm
-    %tmp = call i64 @llvm.ptrauth.sign.i64(i64 ptrtoint (ptr CST to i64), i32 KEY, i64 DISC)
+.. code-block:: llvm
+
+    %tmp = call i64 @llvm.ptrauth.sign(i64 ptrtoint (ptr CST to i64), i32 KEY, i64 DISC)
     %val = inttoptr i64 %tmp to ptr
 
-If the address discriminator is present, then it is
+Otherwise, the expression is equivalent to:
+
+.. code-block:: llvm
 
-.. code-block:llvm
-    %tmp1 = call i64 @llvm.ptrauth.blend.i64(i64 ptrtoint (ptr ADDRDISC to i64), i64 DISC)
-    %tmp2 = call i64 @llvm.ptrauth.sign.i64(i64 ptrtoint (ptr CST to i64), i64  %tmp1)
+    %tmp1 = call i64 @llvm.ptrauth.blend(i64 ptrtoint (ptr ADDRDISC to i64), i64 DISC)
+    %tmp2 = call i64 @llvm.ptrauth.sign(i64 ptrtoint (ptr CST to i64), i32 KEY, i64 %tmp1)
     %val = inttoptr i64 %tmp2 to ptr
 
 .. _constantexprs:

llvm/docs/PointerAuth.md

@@ -16,6 +16,7 @@ For more details, see the clang documentation page for
 At the IR level, it is represented using:
 
 * a [set of intrinsics](#intrinsics) (to sign/authenticate pointers)
+* a [signed pointer constant](#constant) (to sign globals)
 * a [call operand bundle](#operand-bundle) (to authenticate called pointers)
 
 The current implementation leverages the
@@ -225,6 +226,27 @@ with a pointer address discriminator, in a way that is specified by the target
 implementation.
 
 
+### Constant
+
+[Intrinsics](#intrinsics) can be used to produce signed pointers dynamically,
+in code, but not for signed pointers referenced by constants, in, e.g., global
+initializers.
+
+The latter are represented using a
+[``ptrauth`` constant](https://llvm.org/docs/LangRef.html#ptrauth-constant),
+which describes an authenticated relocation producing a signed pointer.
+
+```llvm
+  ptrauth (ptr CST, i32 KEY, ptr ADDRDISC, i64 DISC)
+```
+
+is equivalent to:
+
+```llvm
+  %disc = call i64 @llvm.ptrauth.blend(i64 ptrtoint(ptr ADDRDISC to i64), i64 DISC)
+  %signedval = call i64 @llvm.ptrauth.sign(ptr CST, i32 KEY, i64 %disc)
+```
+
 ### Operand Bundle
 
 Function pointers used as indirect call targets can be signed when materialized,

llvm/include/llvm-c/Core.h

@@ -286,7 +286,6 @@ typedef enum {
   LLVMInstructionValueKind,
   LLVMPoisonValueValueKind,
   LLVMConstantTargetNoneValueKind,
-  LLVMConstantPtrAuthValueKind,
 } LLVMValueKind;
 
 typedef enum {

llvm/include/llvm/Bitcode/LLVMBitCodes.h

@@ -412,7 +412,7 @@ enum ConstantsCodes {
                                       //                 asmdialect|unwind,
                                       //                 asmstr,conststr]
   CST_CODE_CE_GEP_WITH_INRANGE = 31,  // [opty, flags, range, n x operands]
-  CST_CODE_SIGNED_PTR = 32,           // [ptr, key, addrdisc, disc]
+  CST_CODE_PTRAUTH = 32,              // [ptr, key, addrdisc, disc]
 };
 
 /// CastOpcodes - These are values used in the bitcode files to encode which

llvm/include/llvm/IR/Value.def

@@ -78,10 +78,10 @@ HANDLE_GLOBAL_VALUE(GlobalAlias)
 HANDLE_GLOBAL_VALUE(GlobalIFunc)
 HANDLE_GLOBAL_VALUE(GlobalVariable)
 HANDLE_CONSTANT(BlockAddress)
-HANDLE_CONSTANT(ConstantPtrAuth)
 HANDLE_CONSTANT(ConstantExpr)
 HANDLE_CONSTANT_EXCLUDE_LLVM_C_API(DSOLocalEquivalent)
 HANDLE_CONSTANT_EXCLUDE_LLVM_C_API(NoCFIValue)
+HANDLE_CONSTANT_EXCLUDE_LLVM_C_API(ConstantPtrAuth)
 
 // ConstantAggregate.
 HANDLE_CONSTANT(ConstantArray)

llvm/lib/Bitcode/Reader/BitcodeAnalyzer.cpp

@@ -222,6 +222,7 @@ GetCodeName(unsigned CodeID, unsigned BlockID,
       STRINGIFY_CODE(CST_CODE, CE_UNOP)
       STRINGIFY_CODE(CST_CODE, DSO_LOCAL_EQUIVALENT)
       STRINGIFY_CODE(CST_CODE, NO_CFI_VALUE)
+      STRINGIFY_CODE(CST_CODE, PTRAUTH)
     case bitc::CST_CODE_BLOCKADDRESS:
       return "CST_CODE_BLOCKADDRESS";
       STRINGIFY_CODE(CST_CODE, DATA)

llvm/lib/Bitcode/Reader/BitcodeReader.cpp

@@ -3642,7 +3642,7 @@ Error BitcodeReader::parseConstants() {
                                   Record[1]);
       break;
     }
-    case bitc::CST_CODE_SIGNED_PTR: {
+    case bitc::CST_CODE_PTRAUTH: {
       if (Record.size() < 4)
         return error("Invalid ptrauth record");
       // Ptr, Key, AddrDisc, Disc

llvm/lib/Bitcode/Writer/BitcodeWriter.cpp

@@ -2831,7 +2831,7 @@ void ModuleBitcodeWriter::writeConstants(unsigned FirstVal, unsigned LastVal,
       Record.push_back(VE.getTypeID(NC->getGlobalValue()->getType()));
       Record.push_back(VE.getValueID(NC->getGlobalValue()));
     } else if (const auto *CPA = dyn_cast<ConstantPtrAuth>(C)) {
-      Code = bitc::CST_CODE_SIGNED_PTR;
+      Code = bitc::CST_CODE_PTRAUTH;
       Record.push_back(VE.getValueID(CPA->getPointer()));
       Record.push_back(VE.getValueID(CPA->getKey()));
       Record.push_back(VE.getValueID(CPA->getAddrDiscriminator()));

llvm/lib/IR/AsmWriter.cpp

@@ -1590,14 +1590,14 @@ static void WriteConstantInternal(raw_ostream &Out, const Constant *CV,
     return;
   }
 
-  if (const ConstantPtrAuth *SP = dyn_cast<ConstantPtrAuth>(CV)) {
+  if (const ConstantPtrAuth *CPA = dyn_cast<ConstantPtrAuth>(CV)) {
     Out << "ptrauth (";
     ListSeparator LS;
-    for (unsigned i = 0; i < SP->getNumOperands(); ++i) {
+    for (auto *Op : CPA->operand_values()) {
       Out << LS;
-      WriterCtx.TypePrinter->print(SP->getOperand(i)->getType(), Out);
+      WriterCtx.TypePrinter->print(Op->getType(), Out);
       Out << ' ';
-      WriteAsOperandInternal(Out, SP->getOperand(i), WriterCtx);
+      WriteAsOperandInternal(Out, Op, WriterCtx);
     }
     Out << ')';
     return;

llvm/lib/IR/Verifier.cpp

@@ -629,7 +629,7 @@ class Verifier : public InstVisitor<Verifier>, VerifierSupport {
 
   void visitConstantExprsRecursively(const Constant *EntryC);
   void visitConstantExpr(const ConstantExpr *CE);
-  void visitConstantPtrAuth(const ConstantPtrAuth *SP);
+  void visitConstantPtrAuth(const ConstantPtrAuth *CPA);
   void verifyInlineAsmCall(const CallBase &Call);
   void verifyStatepoint(const CallBase &Call);
   void verifyFrameRecoverIndices();
@@ -2423,8 +2423,8 @@ void Verifier::visitConstantExprsRecursively(const Constant *EntryC) {
     if (const auto *CE = dyn_cast<ConstantExpr>(C))
       visitConstantExpr(CE);
 
-    if (const auto *SP = dyn_cast<ConstantPtrAuth>(C))
-      visitConstantPtrAuth(SP);
+    if (const auto *CPA = dyn_cast<ConstantPtrAuth>(C))
+      visitConstantPtrAuth(CPA);
 
     if (const auto *GV = dyn_cast<GlobalValue>(C)) {
       // Global Values get visited separately, but we do need to make sure
@@ -2453,18 +2453,21 @@ void Verifier::visitConstantExpr(const ConstantExpr *CE) {
           "Invalid bitcast", CE);
 }
 
-void Verifier::visitConstantPtrAuth(const ConstantPtrAuth *SP) {
-  Check(SP->getPointer()->getType()->isPointerTy(),
-        "signed pointer must be a pointer");
+void Verifier::visitConstantPtrAuth(const ConstantPtrAuth *CPA) {
+  Check(CPA->getPointer()->getType()->isPointerTy(),
+        "signed ptrauth constant base pointer must have pointer type");
 
-  Check(SP->getKey()->getBitWidth() == 32,
-        "signed pointer key must be i32 constant integer");
+  Check(CPA->getType() == CPA->getPointer()->getType(),
+        "signed ptrauth constant must have same type as its base pointer");
 
-  Check(SP->getAddrDiscriminator()->getType()->isPointerTy(),
-        "signed pointer address discriminator must be a pointer");
+  Check(CPA->getKey()->getBitWidth() == 32,
+        "signed ptrauth constant key must be i32 constant integer");
 
-  Check(SP->getDiscriminator()->getBitWidth() == 64,
-        "signed pointer discriminator must be i64 constant integer");
+  Check(CPA->getAddrDiscriminator()->getType()->isPointerTy(),
+        "signed ptrauth constant address discriminator must be a pointer");
+
+  Check(CPA->getDiscriminator()->getBitWidth() == 64,
+        "signed ptrauth constant discriminator must be i64 constant integer");
 }
 
 bool Verifier::verifyAttributeCount(AttributeList Attrs, unsigned Params) {
@@ -5108,8 +5111,8 @@ void Verifier::visitInstruction(Instruction &I) {
     } else if (isa<InlineAsm>(I.getOperand(i))) {
       Check(CBI && &CBI->getCalledOperandUse() == &I.getOperandUse(i),
             "Cannot take the address of an inline asm!", &I);
-    } else if (auto SP = dyn_cast<ConstantPtrAuth>(I.getOperand(i))) {
-      visitConstantExprsRecursively(SP);
+    } else if (auto *CPA = dyn_cast<ConstantPtrAuth>(I.getOperand(i))) {
+      visitConstantExprsRecursively(CPA);
     } else if (ConstantExpr *CE = dyn_cast<ConstantExpr>(I.getOperand(i))) {
       if (CE->getType()->isPtrOrPtrVectorTy()) {
         // If we have a ConstantExpr pointer, we need to see if it came from an

llvm/test/Assembler/ptrauth-const.ll

@@ -2,12 +2,25 @@
 
 @var = global i32 0
 
-; CHECK: @auth_var = global ptr ptrauth (ptr @var, i32 0, ptr null, i64 -1)
-@auth_var = global ptr ptrauth (ptr @var, i32 0, ptr null, i64 -1)
+; CHECK: @basic = global ptr ptrauth (ptr @var, i32 0, ptr null, i64 0)
+@basic = global ptr ptrauth (ptr @var, i32 0, ptr null, i64 0)
 
+; CHECK: @keyed = global ptr ptrauth (ptr @var, i32 3, ptr null, i64 0)
+@keyed = global ptr ptrauth (ptr @var, i32 3, ptr null, i64 0)
 
-; CHECK: @addrdisc_var = global ptr ptrauth (ptr @var, i32 0, ptr @addrdisc_var, i64 1234)
-@addrdisc_var = global ptr ptrauth (ptr @var, i32 0, ptr @addrdisc_var, i64 1234)
+; CHECK: @intdisc = global ptr ptrauth (ptr @var, i32 0, ptr null, i64 -1)
+@intdisc = global ptr ptrauth (ptr @var, i32 0, ptr null, i64 -1)
 
-; CHECK: @keyed_var = global ptr ptrauth (ptr @var, i32 3, ptr null, i64 0)
-@keyed_var = global ptr ptrauth (ptr @var, i32 3, ptr null, i64 0)
+@addrdisc_storage = global ptr null
+; CHECK: @addrdisc = global ptr ptrauth (ptr @var, i32 2, ptr @addrdisc_storage, i64 1234)
+@addrdisc = global ptr ptrauth (ptr @var, i32 2, ptr @addrdisc_storage, i64 1234)
+
+
+@var1 = addrspace(1) global i32 0
+
+; CHECK: @addrspace = global ptr addrspace(1) ptrauth (ptr addrspace(1) @var1, i32 0, ptr null, i64 0)
+@addrspace = global ptr addrspace(1) ptrauth (ptr addrspace(1) @var1, i32 0, ptr null, i64 0)
+
+@addrspace_addrdisc_storage = addrspace(2) global ptr addrspace(1) null
+; CHECK: @addrspace_addrdisc = global ptr addrspace(1) ptrauth (ptr addrspace(1) @var1, i32 2, ptr addrspace(2) @addrspace_addrdisc_storage, i64 1234)
+@addrspace_addrdisc = global ptr addrspace(1) ptrauth (ptr addrspace(1) @var1, i32 2, ptr addrspace(2) @addrspace_addrdisc_storage, i64 1234)