[llvm-exegesis][AArch64] Disable pauth and ldgm as unsupported instructions #132346
Conversation
1) Checking opcodes specifically for LDGM and AUT opcode instruction variants. 2) Gracefully exiting with "<opcode-name> : Unsupported opcode: isPointerAuth/isUncheckedAccess" 3) Added corresponding test cases to check exit message.
|
@llvm/pr-subscribers-tools-llvm-exegesis Author: None (lakshayk-nv) ChangesSkipping AUT and LDGM opcode variants which currently throws "illegal instruction".
Full diff: https://github.com/llvm/llvm-project/pull/132346.diff 2 Files Affected:
diff --git a/llvm/test/tools/llvm-exegesis/AArch64/err_skip_illegal_Instruction.s b/llvm/test/tools/llvm-exegesis/AArch64/err_skip_illegal_Instruction.s
new file mode 100644
index 0000000000000..74fe5a7c3a60a
--- /dev/null
+++ b/llvm/test/tools/llvm-exegesis/AArch64/err_skip_illegal_Instruction.s
@@ -0,0 +1,8 @@
+REQUIRES: aarch64-registered-target
+
+## Check for skipping of illegal instruction errors (AUT and LDGM)
+RUN: llvm-exegesis -mcpu=neoverse-v2 -mode=latency --dump-object-to-disk=%d --min-instructions=1 --opcode-name=AUTIA --benchmark-phase=assemble-measured-code 2>&1
+CHECK: AUTIA: Unsupported opcode: isPointerAuth/isUncheckedAccess
+
+RUN: llvm-exegesis -mcpu=neoverse-v2 -mode=latency --dump-object-to-disk=%d --min-instructions=1 --opcode-name=LDGM --benchmark-phase=assemble-measured-code 2>&1
+CHECK: LDGM: Unsupported opcode: isPointerAuth/isUncheckedAccess
\ No newline at end of file
diff --git a/llvm/tools/llvm-exegesis/lib/Target.cpp b/llvm/tools/llvm-exegesis/lib/Target.cpp
index 68d19514bedb2..245d1db5d21e8 100644
--- a/llvm/tools/llvm-exegesis/lib/Target.cpp
+++ b/llvm/tools/llvm-exegesis/lib/Target.cpp
@@ -35,6 +35,14 @@ const ExegesisTarget *ExegesisTarget::lookup(Triple TT) {
return nullptr;
}
+static bool isPointerAuthOpcode(unsigned Opcode) {
+ return (Opcode >= 1648 && Opcode <= 1667); // AUT instruction class range
+}
+
+static bool isUncheckedAccessOpcode(unsigned Opcode) {
+ return Opcode == 4694; // LDGM instruction
+}
+
const char *
ExegesisTarget::getIgnoredOpcodeReasonOrNull(const LLVMState &State,
unsigned Opcode) const {
@@ -45,6 +53,8 @@ ExegesisTarget::getIgnoredOpcodeReasonOrNull(const LLVMState &State,
return "Unsupported opcode: isBranch/isIndirectBranch";
if (InstrDesc.isCall() || InstrDesc.isReturn())
return "Unsupported opcode: isCall/isReturn";
+ if (isPointerAuthOpcode(Opcode) || isUncheckedAccessOpcode(Opcode))
+ return "Unsupported opcode: isPointerAuth/isUncheckedAccess";
return nullptr;
}
|
| @@ -35,6 +35,14 @@ const ExegesisTarget *ExegesisTarget::lookup(Triple TT) { | |||
| return nullptr; | |||
| } | |||
|
|
|||
| static bool isPointerAuthOpcode(unsigned Opcode) { | |||
| return (Opcode >= 1648 && Opcode <= 1667); // AUT instruction class range | |||
There was a problem hiding this comment.
These numbers are not stable and could change as new instructions are added - you will need to check the opcodes directly (AArch64::AUT etc).
I would expect they were useful instructions to check the throughput of though, if there was a way to do that.
There was a problem hiding this comment.
These numbers are not stable and could change as new instructions are added - you will need to check the opcodes directly (AArch64::AUT etc).
I would expect they were useful instructions to check the throughput of though, if there was a way to do that.
Agree on the usefulness, but was thinking to leave this for another day and mark them as unsupported for now. The problem is that the snippet might need to look a bit different, as some of these need to come in pairs. If used in isolation, you might run into a useless "Illegal instruction" kernel/linux error. This confused me as that made it look like the pauth extension wasn't enabled in the kernel, but turned out be a user error, e.g. checking a pointer before it was signed, that kind of stuff. So the idea is to worry about this later, avoid crashing snippets, and figure out what to do with this later.
There was a problem hiding this comment.
And fully agreed on checking the opcodes by the way, this needs to be a switch statement on all the pauth opcodes.
There was a problem hiding this comment.
More generally, I am now wondering how this is supposed to work for optional extensions that may not need to be implemented on the platform where llvm-exegesis is run. I guess it needs to query the host for the supported extension, is anything like that already in place?
There was a problem hiding this comment.
Which ones fail for you? I tried AUTDA and it seemed to do OK when I tried it. My understanding was that they corrupted bits in the return address, which only faults when they are used. FEAT_FPAC might enable more faulting of the instructions directly.
(In general, this being a developer tool, I wasn't sure of the benefit or downside of marking an instruction as unsupported as opposed to just trying it and seeing if it worked. Disabling it has the downside that no-one can use it even if it could work. But I can see how that might make analyzing many instructions more.. messy).
There was a problem hiding this comment.
Hey @davemgreen , this is on Grace, which has the all the required extensions (and kernel modules).
I am able to successfully run the code example from the pointer auth learning path. I see pauth instructions and everything runs fine.
Here's is a small reproducer that runs fine:
extern "C" void kernel();
asm(R"(
.global kernel
kernel:
paciasp
autiasp
ret
)");
int main(void) {
kernel();
return 0;
}
If you modify this, removes the signing and only authenticate this:
asm(R"(
.global kernel
kernel:
autiasp
ret
)");
Then you'll get an illegal instruction exception. At least, on Grace this is the observed behaviour. That's why I wrote these instructions need to come in pairs, but you're saying that the behaviour can be different on different platforms. Hmmmm, not ideal. But I think we do have a problem reliably testing these things, and on top of all of this, I don't think this is the right snippet to test it latency/throughput:
0000000000000000 <foo>:
0: f81f0ff6 str x22, [sp, #-0x10]!
4: d280000a mov x10, #0x0 // =0
8: d2800016 mov x22, #0x0 // =0.
c: dac11aca autda x10, x22
10: f84107f6 ldr x22, [sp], #0x10
14: d65f03c0 ret
So, what do you think about disabling for now?
Or would you like to see a Grace specific workaround to disable this for now?
There was a problem hiding this comment.
Sorry forgot to add this: I don't know what that FEAT_FPAC things is.
I don't think it is advertised in the linux kernel features, maybe it is a bit of a different name, but don't think I see something that looks like it. Maybe I am missing something because I didn't research it too long. But if this is extension for raising the exception, then it looks like Grace has that like you wrote.
There was a problem hiding this comment.
My understanding of it is that when the AUT instructions were originally added they purely modified the values of registers, corrupting the top bits which then cause the return to fault when the register is used. So on a machine like Grace I which does not have FEAT_FPAC they work OK. It seems to produce a file that looks like this, and produces a sensible looking latency result similar to the optimization guide:
0: f81f0ff4 str x20, [sp, #-16]!
4: d280000d mov x13, #0x0 // #0
8: d2800014 mov x20, #0x0 // #0
c: dac11a8d autda x13, x20
10: dac11a8d autda x13, x20
...
9c44: dac11a8d autda x13, x20
9c48: dac11a8d autda x13, x20
9c4c: f84107f4 ldr x20, [sp], #16
9c50: d65f03c0 ret
AUTIASP also works fine for me, as x30 (LR) is spilled and reloaded around the snippet.
FEAT_FPAC changes the instructions so that they fault immediately when the check fails. So a cpu with that feature (#132368 ;)) might then hit the segfault you are seeing.
So maybe we can check that the current CPU has FEAT_FPAC, and disable them only then?
There was a problem hiding this comment.
Or - perhaps Grace does have FEAT_FPAC (but we don't mark it as such in LLVM) and the system I am running on doesn't fault due to some way it is setup? I would imagine there was some way to disable the faulting at at least the OS level.
There was a problem hiding this comment.
So maybe we can check that the current CPU has FEAT_FPAC, and disable them only then?
Okidoki, thanks, that indeed seems the best thing to do.
Don't know if it's easy to query a CPU for features in llvm exegesis, but I guess that's the first thing to investigate now for @lakshayk-nv.
| @@ -0,0 +1,8 @@ | |||
| REQUIRES: aarch64-registered-target | |||
There was a problem hiding this comment.
REQUIRES/RUN/CHECK lines should still be in comments even if this file isn't loaded anywhere (or at least I prefer it that way to be consistent with other tests).
| REQUIRES: aarch64-registered-target | ||
|
|
||
| ## Check for skipping of illegal instruction errors (AUT and LDGM) | ||
| RUN: llvm-exegesis -mcpu=neoverse-v2 -mode=latency --dump-object-to-disk=%d --min-instructions=1 --opcode-name=AUTIA --benchmark-phase=assemble-measured-code 2>&1 |
There was a problem hiding this comment.
This never actually pipes anything into FileCheck, so you're not actually checking anything?
Also, --dump-object-to-disk here seems unnecessary.
There was a problem hiding this comment.
Done, Removed unnecessary flags.
Thanks!
| CHECK: AUTIA: Unsupported opcode: isPointerAuth/isUncheckedAccess | ||
|
|
||
| RUN: llvm-exegesis -mcpu=neoverse-v2 -mode=latency --dump-object-to-disk=%d --min-instructions=1 --opcode-name=LDGM --benchmark-phase=assemble-measured-code 2>&1 | ||
| CHECK: LDGM: Unsupported opcode: isPointerAuth/isUncheckedAccess |
There was a problem hiding this comment.
Nit: newline at end of file.
| } | ||
|
|
||
| static bool isUncheckedAccessOpcode(unsigned Opcode) { | ||
| return Opcode == 4694; // LDGM instruction |
There was a problem hiding this comment.
Same here regarding the opcode number.
- Replace hardcoded opcode ranges with AArch64::* enum values for pointer auth and unchecked access instructions. - Add required AArch64 headers and update tests. - Style changes for corresponding testcases.
|
✅ With the latest revision this PR passed the C/C++ code formatter. |
There was a problem hiding this comment.
Does this compile if LLVM_TARGETS_TO_BUILD does not include AArch64? Not sure if the two headers included here have any tablegen transitive deps...
I think I would probably prefer if these functions were implemented in AArch64/Target.cpp. I don't think there's a hook that exists currently for that, but it shouldn't be hard to add and invoke inside getIgnoredOpcodeReasonOrNull.
| @@ -0,0 +1,8 @@ | |||
| # REQUIRES: aarch64-registered-target | |||
There was a problem hiding this comment.
Nitpick about the filename err_skip_illegal_Instruction.s: they are not illegal instructions per se, it's more that they are unsupported (at the moment), and also one word is capitalised and the other aren't so is a bit inconsistent. My suggestion would be skip_unsupported_instructions.s or something like that.
There was a problem hiding this comment.
I originally named it err_skip_illegal_Instruction.s to indicate it's a test case for error skipping behavior, but you're right that skip_unsupported_instructions.s would be more accurate since these instructions are unsupported rather than illegal. I will push required changes.
Btw, Can you weigh in for checking other skipped errors (isPseudo, isReturn etc.).
Does it make sense to check them also in this testfile, (just for completeness) ?
| @@ -35,6 +37,37 @@ const ExegesisTarget *ExegesisTarget::lookup(Triple TT) { | |||
| return nullptr; | |||
| } | |||
|
|
|||
| static bool isPointerAuthOpcode(unsigned Opcode) { | |||
There was a problem hiding this comment.
Another nitpick, I wanted to suggest that we create one isUnsupportedOpcode() function that could use these new helper functions, but then realised that is function getIgnoredOpcodeReasonOrNull(). We might as well use that function then, here would be my suggestion and as you see I also split up the first couple of if-statements as I don't like error messages that say "it can be this or that":
const char *
ExegesisTarget::getIgnoredOpcodeReasonOrNull(const LLVMState &State,
unsigned Opcode) const {
const MCInstrDesc &InstrDesc = State.getIC().getInstr(Opcode).Description;
if (InstrDesc.isPseudo())
return "Unsupported opcode: isPseudo";
if ( InstrDesc.usesCustomInsertionHook())
return "Unsupported opcode: usesCustomInserter";
if (InstrDesc.isBranch())
return "Unsupported opcode: isBranch";
if (InstrDesc.isIndirectBranch())
return "Unsupported opcode: isIndirectBranch";
if (InstrDesc.isCall())
return "Unsupported opcode: isCall";
if (InstrDesc.isReturn())
return "Unsupported opcode: isReturn";
switch (Opcode) {
default:
return nullptr;
// FIXME: Pointer Authentication instructions.
// We would like to measure these instructions, but they can behave differently on
// different platforms, and maybe the snippets need to look different for these instructions,
// so let's disable this for now.
case AArch64::AUTDA:
case AArch64::AUTDB:
case AArch64::AUTDZA:
case AArch64::AUTDZB:
case AArch64::AUTIA:
case AArch64::AUTIA1716:
case AArch64::AUTIASP:
case AArch64::AUTIAZ:
case AArch64::AUTIB:
case AArch64::AUTIB1716:
case AArch64::AUTIBSP:
case AArch64::AUTIBZ:
case AArch64::AUTIZA:
case AArch64::AUTIZB:
return ""Unsupported opcode: isPointerAuth";
// Load tag multiple instruction
case AArch64::LDGM:
return "Unsupported opcode: load tag multiple";
}
return nullptr;
}
|
And similar suggestion for the subject of the merge request and the commit message (as they are not illegal instructions): => Or something along those lines. |
lakshayk-nv
changed the title
…ctions. 1) Change location of isPointerAuth and isLoadTagMultiple function across file for correct implementation 2) Style nits changes in test cases.
|
According to https://docs.kernel.org/arch/arm64/pointer-authentication.html, the authentication can be disable with something like On the systems I tried it on (a couple of neoverse-v2 machines), it allowed the instructions to execute and give sensible latency/throughputs. There is a chance it would make them run at a different speed, but that doesn't appear to be the case on the system I tried. That might be a better alternative than preventing any timing of the instructions. |
…-exegesis-illegal-instr
- Included necessary headers for PR_PAC_* constants and modified the getIgnoredOpcodeReasonOrNull function to disabling pointer authentication. - Adjusted formatting.
| @@ -335,6 +335,9 @@ class ExegesisTarget { | |||
| const OpcodeAvailabilityChecker IsOpcodeAvailable; | |||
| }; | |||
|
|
|||
| bool isPointerAuth(unsigned Opcode); | |||
There was a problem hiding this comment.
These do not make sense to have in the normal target given they are specific to AArch64. It would be better (in my opinion) to add a method similar to getIgnoredOpcodeReasonOrNull that can be overrided by targets and then gets invoked in getIgnoredOpcodeReasonsOrNull.
There was a problem hiding this comment.
Yes, That implementation was bad.
Updated implementation, Now overriding getIgnoredOpcodeReasonOrNull() , which checks isPointerAuth() and isLoadTagMultiple() additionally for AArch64.
Thanks :)
…ication and load tag multiple - Moved isPointerAuth and isLoadTagMultiple functions to AArch64/Target.cpp for better organization. - Updated getIgnoredOpcodeReasonOrNull to handle pointer authentication and load tag multiple opcodes correctly. - Removed redundant definitions from Target.cpp and Target.h.
Thanks, disabled authentication using prctl :) |
…Linux - Added platform-specific handling for pointer authentication instructions, enabling the disabling of PAC keys on Linux. - Ensured that unsupported opcodes return an appropriate message on non-Linux platforms.
| return "Unsupported opcode: isBranch/isIndirectBranch"; | ||
| if (InstrDesc.isCall() || InstrDesc.isReturn()) | ||
| return "Unsupported opcode: isCall/isReturn"; | ||
| if (InstrDesc.isPseudo()) |
There was a problem hiding this comment.
All the changes in this file seem to be formatting changes that are now irrelevant to the PR? They should probably be reverted.
There was a problem hiding this comment.
split up the first couple of if-statements as I don't like error messages that say "it can be this or that":
Sjoerd suggested 'unclubbing' the unsupported error message to specify the exact reason. Thus, keeping this and formatter's changes for this file only.
There was a problem hiding this comment.
I would prefer these changes go in a separate patch.
| @@ -268,8 +268,7 @@ class ExegesisTarget { | |||
|
|
|||
| // Creates a snippet generator for the given mode. | |||
| std::unique_ptr<SnippetGenerator> | |||
| createSnippetGenerator(Benchmark::ModeE Mode, | |||
| const LLVMState &State, | |||
| createSnippetGenerator(Benchmark::ModeE Mode, const LLVMState &State, | |||
There was a problem hiding this comment.
Same here regarding formatting.
There was a problem hiding this comment.
Reverted back formatting changes, Thanks!
| @@ -281,7 +281,7 @@ static cl::opt<std::string> MAttr( | |||
| static ExitOnError ExitOnErr("llvm-exegesis error: "); | |||
|
|
|||
| // Helper function that logs the error(s) and exits. | |||
| template <typename... ArgTs> static void ExitWithError(ArgTs &&... Args) { | |||
| template <typename... ArgTs> static void ExitWithError(ArgTs &&...Args) { | |||
There was a problem hiding this comment.
Same for this file for formatting.
| // differently on different platforms, and maybe the snippets need to look | ||
| // different for these instructions, | ||
| // Platform-specific handling: On Linux, we disable authentication, may | ||
| // interfere with measurements. On non-Linux platforms, disable opcodes for |
There was a problem hiding this comment.
Just a note: Exegesis doesn't really support benchmarking on non-Linux platforms.
This reverts commit dade502.
…ormatting changes.
|
Merged on behalf of @lakshayk-nv |
|
LLVM Buildbot has detected a new failure on builder Full details are available at: https://lab.llvm.org/buildbot/#/builders/174/builds/15884 Here is the relevant piece of the build log for the reference |
…d instructions (llvm#132346)" This reverts commit 559540d as it has cause build failures in llvm-clang-x86_64-gcc-ubuntu
|
LLVM Buildbot has detected a new failure on builder Full details are available at: https://lab.llvm.org/buildbot/#/builders/16/builds/17044 Here is the relevant piece of the build log for the reference |
|
LLVM Buildbot has detected a new failure on builder Full details are available at: https://lab.llvm.org/buildbot/#/builders/56/builds/22975 Here is the relevant piece of the build log for the reference |
|
LLVM Buildbot has detected a new failure on builder Full details are available at: https://lab.llvm.org/buildbot/#/builders/60/builds/24236 Here is the relevant piece of the build log for the reference |
…ctions (llvm#132346) [llvm-exegesis][AArch64] Disable pauth and ldgm as unsupported instructions. Skipping AUT and LDGM opcode variants which currently throws "illegal instruction". - Checking opcodes specifically for LDGM and AUT opcode instruction variants. - Gracefully exiting with " : Unsupported opcode: isPointerAuth/isUncheckedAccess" - Added corresponding test cases to check exit message.
llvm#134971) …d instructions (llvm#132346)" This reverts commit 559540d as it has cause build failures in llvm-clang-x86_64-gcc-ubuntu
…ctions fixed (#136868) [llvm-exegesis][AArch64] Recommit: Disable pauth and ldgm as unsupported instructions. Skipping AUT and LDGM opcode variants which currently throws "illegal instruction". Last pull request [#132346](#132346) got reviewed and merged but builder bot got failed. This was due to undefined `PR_PAC_SET_ENABLED_KEYS` utilized were not defined in x86 arch, resulting in build failure. This is followup to merge the changes with following changes to fixup the build failure. Changes: - Fixed up the problem with arch specific check for `prctl` library import - Defining `PR_PAC_SET_ENABLED_KEYS` if undefined.
…ctions fixed (llvm#136868) [llvm-exegesis][AArch64] Recommit: Disable pauth and ldgm as unsupported instructions. Skipping AUT and LDGM opcode variants which currently throws "illegal instruction". Last pull request [llvm#132346](llvm#132346) got reviewed and merged but builder bot got failed. This was due to undefined `PR_PAC_SET_ENABLED_KEYS` utilized were not defined in x86 arch, resulting in build failure. This is followup to merge the changes with following changes to fixup the build failure. Changes: - Fixed up the problem with arch specific check for `prctl` library import - Defining `PR_PAC_SET_ENABLED_KEYS` if undefined.
…ctions fixed (llvm#136868) [llvm-exegesis][AArch64] Recommit: Disable pauth and ldgm as unsupported instructions. Skipping AUT and LDGM opcode variants which currently throws "illegal instruction". Last pull request [llvm#132346](llvm#132346) got reviewed and merged but builder bot got failed. This was due to undefined `PR_PAC_SET_ENABLED_KEYS` utilized were not defined in x86 arch, resulting in build failure. This is followup to merge the changes with following changes to fixup the build failure. Changes: - Fixed up the problem with arch specific check for `prctl` library import - Defining `PR_PAC_SET_ENABLED_KEYS` if undefined.
…ctions fixed (llvm#136868) [llvm-exegesis][AArch64] Recommit: Disable pauth and ldgm as unsupported instructions. Skipping AUT and LDGM opcode variants which currently throws "illegal instruction". Last pull request [llvm#132346](llvm#132346) got reviewed and merged but builder bot got failed. This was due to undefined `PR_PAC_SET_ENABLED_KEYS` utilized were not defined in x86 arch, resulting in build failure. This is followup to merge the changes with following changes to fixup the build failure. Changes: - Fixed up the problem with arch specific check for `prctl` library import - Defining `PR_PAC_SET_ENABLED_KEYS` if undefined.
…rted instructions fixed (#136868) [llvm-exegesis][AArch64] Recommit: Disable pauth and ldgm as unsupported instructions. Skipping AUT and LDGM opcode variants which currently throws "illegal instruction". Last pull request [#132346](llvm/llvm-project#132346) got reviewed and merged but builder bot got failed. This was due to undefined `PR_PAC_SET_ENABLED_KEYS` utilized were not defined in x86 arch, resulting in build failure. This is followup to merge the changes with following changes to fixup the build failure. Changes: - Fixed up the problem with arch specific check for `prctl` library import - Defining `PR_PAC_SET_ENABLED_KEYS` if undefined.
…ctions fixed (llvm#136868) [llvm-exegesis][AArch64] Recommit: Disable pauth and ldgm as unsupported instructions. Skipping AUT and LDGM opcode variants which currently throws "illegal instruction". Last pull request [llvm#132346](llvm#132346) got reviewed and merged but builder bot got failed. This was due to undefined `PR_PAC_SET_ENABLED_KEYS` utilized were not defined in x86 arch, resulting in build failure. This is followup to merge the changes with following changes to fixup the build failure. Changes: - Fixed up the problem with arch specific check for `prctl` library import - Defining `PR_PAC_SET_ENABLED_KEYS` if undefined.
[llvm-exegesis][AArch64] Disable pauth and ldgm as unsupported instructions.
Skipping AUT and LDGM opcode variants which currently throws "illegal instruction".