aarch64: Fix AuthenticatedRet when stack bytes are popped (bytecode…

…alliance#6634)

* aarch64: Fix `AuthenticatedRet` when stack bytes are popped

This commit fixes an accidental issue with bytecodealliance#6478 where when pointer
authentication was enabled and stack bytes are being popped during a
return this didn't work. In this situation an authenticated return
instruction was used, such as `retab`, and no extra stack bytes were
popped. The fix here is to use the non-`retab` path which handles stack
bytes being popped if there are stack bytes to pop.

Closes bytecodealliance#6567

* Still use `retab` for `is_hint: false`

cranelift/codegen/src/isa/aarch64/inst/emit.rs

@@ -3153,6 +3153,21 @@ impl MachInstEmit for Inst {
  }
  .emit(&[], sink, emit_info, state);
  } else {
+ if stack_bytes_to_pop != 0 {
+ // The requirement that `stack_bytes_to_pop` fit in an
+ // `Imm12` isn't fundamental, but lifting it is left for
+ // future PRs.
+ let imm12 = Imm12::maybe_from_u64(u64::from(stack_bytes_to_pop))
+ .expect("stack bytes to pop must fit in Imm12");
+ Inst::AluRRImm12 {
+ alu_op: ALUOp::Add,
+ size: OperandSize::Size64,
+ rd: writable_stack_reg(),
+ rn: stack_reg(),
+ imm12,
+ }
+ .emit(&[], sink, emit_info, state);
+ }
  sink.put4(0xd65f0bff | key << 10); // retaa / retab
  }
  }

cranelift/codegen/src/isa/aarch64/inst/emit_tests.rs

@@ -80,7 +80,7 @@ fn test_aarch64_binemit() {
  rets: vec![],
  stack_bytes_to_pop: 16,
  },
- "FF0B5FD6",
+ "FF430091FF0B5FD6",
  "add sp, sp, #16 ; retaa",
  ));
  insns.push((Inst::Pacisp { key: APIKey::B }, "7F2303D5", "pacibsp"));