This is an archive of the discontinued LLVM Phabricator instance.

Differential D53524

[ThinLTO] Enable LTOUnit only when it is needed
AbandonedPublic

Authored by tejohnson on Oct 22 2018, 1:09 PM.

Details

Reviewers
pcc
Summary

Currently, -flto-unit is specified whenever LTO options are used
(unless using the old LTO API). This causes vtable defs to be processed
using regular LTO, which is needed for CFI and whole program vtable
optimizations, since they need to modify the vtables in a whole program
manner.

However, this causes non-negligible overhead due to the regular
LTO processing. Since this isn't needed when not using CFI or
-fwhole-program-vtables, only enable -flto-unit in those cases.
Otherwise all ThinLTO compiles pay the overhead, even when not needed.

Diff Detail

Event Timeline

tejohnson created this revision.Oct 22 2018, 1:09 PM
Harbormaster completed remote builds in B24021: Diff 170481.Oct 22 2018, 1:09 PM
Herald added subscribers: dexonsmith, steven_wu, inglorion, mehdi_amini. · View Herald TranscriptOct 22 2018, 1:09 PM
pcc requested changes to this revision.Oct 22 2018, 1:42 PM

The reason why LTO unit is always enabled is so that you can link translation units compiled with -fsanitize=cfi and/or -fwhole-program-vtables against translation units compiled without CFI/WPD. With this change we will see miscompiles in the translation units compiled with CFI/WPD if they use vtables in the translation units compiled without CFI/WPD. If we really need this option I think it should be an opt out.

This revision now requires changes to proceed.Oct 22 2018, 1:42 PM
tejohnson added a comment.Oct 22 2018, 1:55 PM
In D53524#1271357, @pcc wrote:

The reason why LTO unit is always enabled is so that you can link translation units compiled with -fsanitize=cfi and/or -fwhole-program-vtables against translation units compiled without CFI/WPD. With this change we will see miscompiles in the translation units compiled with CFI/WPD if they use vtables in the translation units compiled without CFI/WPD. If we really need this option I think it should be an opt out.

Is there an important use case for support thing mixing and matching? The issue is that it comes at a cost to all ThinLTO compiles for codes with vtables by requiring them all to process IR during the thin link. Can we detect that TUs compiled with -flto-unit are being mixed with those not built without -flto-unit at the thin link time and issue an error?

tejohnson added a comment.Oct 24 2018, 9:56 AM
In D53524#1271387, @tejohnson wrote:
In D53524#1271357, @pcc wrote:

The reason why LTO unit is always enabled is so that you can link translation units compiled with -fsanitize=cfi and/or -fwhole-program-vtables against translation units compiled without CFI/WPD. With this change we will see miscompiles in the translation units compiled with CFI/WPD if they use vtables in the translation units compiled without CFI/WPD. If we really need this option I think it should be an opt out.

Is there an important use case for support thing mixing and matching? The issue is that it comes at a cost to all ThinLTO compiles for codes with vtables by requiring them all to process IR during the thin link.

Ping on the question of why this mode needs to be default. If it was a matter of a few percent overhead that would be one thing, but we're talking a *huge* overhead (as noted off-patch for my app I'm seeing >20x thin link time currently, and with improvements to the hashing to always get successful splitting we could potentially get down to closer to 2x - still a big overhead). This kind of overhead should be opt-in. The average ThinLTO user is not going to realize they are paying a big overhead because CFI is always pre-enabled.

Can we detect that TUs compiled with -flto-unit are being mixed with those not built without -flto-unit at the thin link time and issue an error?

This would be doable pretty easily. E.g. add a flag at the index level that the module would have been split but wasn't. Users who get the error and want to support always-enabled CFI could opt in via -flto-unit.

pcc added a comment.Oct 25 2018, 10:16 AM
In D53524#1274505, @tejohnson wrote:
In D53524#1271387, @tejohnson wrote:
In D53524#1271357, @pcc wrote:

The reason why LTO unit is always enabled is so that you can link translation units compiled with -fsanitize=cfi and/or -fwhole-program-vtables against translation units compiled without CFI/WPD. With this change we will see miscompiles in the translation units compiled with CFI/WPD if they use vtables in the translation units compiled without CFI/WPD. If we really need this option I think it should be an opt out.

Is there an important use case for support thing mixing and matching? The issue is that it comes at a cost to all ThinLTO compiles for codes with vtables by requiring them all to process IR during the thin link.

Ping on the question of why this mode needs to be default. If it was a matter of a few percent overhead that would be one thing, but we're talking a *huge* overhead (as noted off-patch for my app I'm seeing >20x thin link time currently, and with improvements to the hashing to always get successful splitting we could potentially get down to closer to 2x - still a big overhead). This kind of overhead should be opt-in. The average ThinLTO user is not going to realize they are paying a big overhead because CFI is always pre-enabled.

Well, the intent was always that the overhead would be minimal, which is why things are set up the way that they are. But it doesn't sound like anyone is going to have the time to fully address the performance problems that you've seen any time soon, so maybe it would be fine to introduce the -flto-unit flag. I guess we can always change the flag so that it has no effect if/when the performance problem is addressed.

Can we detect that TUs compiled with -flto-unit are being mixed with those not built without -flto-unit at the thin link time and issue an error?

This would be doable pretty easily. E.g. add a flag at the index level that the module would have been split but wasn't. Users who get the error and want to support always-enabled CFI could opt in via -flto-unit.

Yes. I don't think we should make a change like this unless there is something like that in place, though. The documentation (LTOVisibility.rst) needs to be updated too.

tejohnson added a comment.Oct 29 2018, 1:13 PM
In D53524#1276038, @pcc wrote:
In D53524#1274505, @tejohnson wrote:
In D53524#1271387, @tejohnson wrote:
In D53524#1271357, @pcc wrote:

The reason why LTO unit is always enabled is so that you can link translation units compiled with -fsanitize=cfi and/or -fwhole-program-vtables against translation units compiled without CFI/WPD. With this change we will see miscompiles in the translation units compiled with CFI/WPD if they use vtables in the translation units compiled without CFI/WPD. If we really need this option I think it should be an opt out.

Is there an important use case for support thing mixing and matching? The issue is that it comes at a cost to all ThinLTO compiles for codes with vtables by requiring them all to process IR during the thin link.

Ping on the question of why this mode needs to be default. If it was a matter of a few percent overhead that would be one thing, but we're talking a *huge* overhead (as noted off-patch for my app I'm seeing >20x thin link time currently, and with improvements to the hashing to always get successful splitting we could potentially get down to closer to 2x - still a big overhead). This kind of overhead should be opt-in. The average ThinLTO user is not going to realize they are paying a big overhead because CFI is always pre-enabled.

Well, the intent was always that the overhead would be minimal, which is why things are set up the way that they are. But it doesn't sound like anyone is going to have the time to fully address the performance problems that you've seen any time soon, so maybe it would be fine to introduce the -flto-unit flag. I guess we can always change the flag so that it has no effect if/when the performance problem is addressed.

Just to clarify, since there is already a -flto-unit flag: it is currently a cc1 flag, did you want it made into a driver option as well?

Can we detect that TUs compiled with -flto-unit are being mixed with those not built without -flto-unit at the thin link time and issue an error?

This would be doable pretty easily. E.g. add a flag at the index level that the module would have been split but wasn't. Users who get the error and want to support always-enabled CFI could opt in via -flto-unit.

Yes. I don't think we should make a change like this unless there is something like that in place, though. The documentation (LTOVisibility.rst) needs to be updated too.

Ok, let me work on that now and we can get that in before this one.

pcc added a comment.Oct 29 2018, 1:16 PM
In D53524#1279288, @tejohnson wrote:
In D53524#1276038, @pcc wrote:
In D53524#1274505, @tejohnson wrote:
In D53524#1271387, @tejohnson wrote:
In D53524#1271357, @pcc wrote:

The reason why LTO unit is always enabled is so that you can link translation units compiled with -fsanitize=cfi and/or -fwhole-program-vtables against translation units compiled without CFI/WPD. With this change we will see miscompiles in the translation units compiled with CFI/WPD if they use vtables in the translation units compiled without CFI/WPD. If we really need this option I think it should be an opt out.

Is there an important use case for support thing mixing and matching? The issue is that it comes at a cost to all ThinLTO compiles for codes with vtables by requiring them all to process IR during the thin link.

Ping on the question of why this mode needs to be default. If it was a matter of a few percent overhead that would be one thing, but we're talking a *huge* overhead (as noted off-patch for my app I'm seeing >20x thin link time currently, and with improvements to the hashing to always get successful splitting we could potentially get down to closer to 2x - still a big overhead). This kind of overhead should be opt-in. The average ThinLTO user is not going to realize they are paying a big overhead because CFI is always pre-enabled.

Well, the intent was always that the overhead would be minimal, which is why things are set up the way that they are. But it doesn't sound like anyone is going to have the time to fully address the performance problems that you've seen any time soon, so maybe it would be fine to introduce the -flto-unit flag. I guess we can always change the flag so that it has no effect if/when the performance problem is addressed.

Just to clarify, since there is already a -flto-unit flag: it is currently a cc1 flag, did you want it made into a driver option as well?

Yes, that's what I had in mind.

Can we detect that TUs compiled with -flto-unit are being mixed with those not built without -flto-unit at the thin link time and issue an error?

This would be doable pretty easily. E.g. add a flag at the index level that the module would have been split but wasn't. Users who get the error and want to support always-enabled CFI could opt in via -flto-unit.

Yes. I don't think we should make a change like this unless there is something like that in place, though. The documentation (LTOVisibility.rst) needs to be updated too.

Ok, let me work on that now and we can get that in before this one.

tejohnson added a comment.Oct 30 2018, 1:35 PM
In D53524#1279288, @tejohnson wrote:
In D53524#1276038, @pcc wrote:
In D53524#1274505, @tejohnson wrote:
In D53524#1271387, @tejohnson wrote:

Can we detect that TUs compiled with -flto-unit are being mixed with those not built without -flto-unit at the thin link time and issue an error?

This would be doable pretty easily. E.g. add a flag at the index level that the module would have been split but wasn't. Users who get the error and want to support always-enabled CFI could opt in via -flto-unit.

Yes. I don't think we should make a change like this unless there is something like that in place, though. The documentation (LTOVisibility.rst) needs to be updated too.

Ok, let me work on that now and we can get that in before this one.

Mailed D53890 for this part.

tejohnson updated this revision to Diff 172181.Nov 1 2018, 11:06 AM

Address comments:
Promote -flto-unit to clang driver option (and test it)
Adjust LTOVisibility.rst to reflect change of default and new option.

Harbormaster completed remote builds in B24468: Diff 172181.Nov 1 2018, 11:06 AM
tejohnson added parent revisions: D53891: [LTO] Add option to enable LTOUnit splitting, and disable unless needed, D53890: [LTO] Record whether LTOUnit splitting is enabled in index.Nov 1 2018, 11:09 AM
pcc added inline comments.Nov 9 2018, 3:59 PM
docs/LTOVisibility.rst
9 ↗(On Diff #172181)

It's a little confusing to talk about "LTO units" as a property of a translation unit when there is only one LTO unit per linkage unit. I think this should say that an LTO unit is the subset of the linkage unit compiled with certain flags. Then in the rest of the document you can talk about translation units that are either part of or not part of the LTO unit.

tejohnson abandoned this revision.Nov 20 2018, 2:05 PM

Abandoned in favor of new approach in D53890/D53891.

Revision Contents

PathSize
include/
clang/
Driver/
1 line
lib/
Driver/
4 lines
ToolChains/
34 lines
test/
Driver/
12 lines

Diff 170481

include/clang/Driver/SanitizerArgs.h

Show First 20 LinesShow All 72 Lines▼ Show 20 Lines public:
bool needsStatsRt() const { return Stats; } bool needsStatsRt() const { return Stats; }
bool needsEsanRt() const { bool needsEsanRt() const {
return Sanitizers.hasOneOf(SanitizerKind::Efficiency); return Sanitizers.hasOneOf(SanitizerKind::Efficiency);
} }
bool needsScudoRt() const { return Sanitizers.has(SanitizerKind::Scudo); } bool needsScudoRt() const { return Sanitizers.has(SanitizerKind::Scudo); }
bool requiresPIE() const; bool requiresPIE() const;
bool needsUnwindTables() const; bool needsUnwindTables() const;
bool needsLTO() const;
bool linkCXXRuntimes() const { return LinkCXXRuntimes; } bool linkCXXRuntimes() const { return LinkCXXRuntimes; }
bool hasCrossDsoCfi() const { return CfiCrossDso; } bool hasCrossDsoCfi() const { return CfiCrossDso; }
void addArgs(const ToolChain &TC, const llvm::opt::ArgList &Args, void addArgs(const ToolChain &TC, const llvm::opt::ArgList &Args,
llvm::opt::ArgStringList &CmdArgs, types::ID InputType) const; llvm::opt::ArgStringList &CmdArgs, types::ID InputType) const;
}; };
} // namespace driver } // namespace driver
} // namespace clang } // namespace clang
#endif #endif

lib/Driver/SanitizerArgs.cpp

Show First 20 LinesShow All 201 Lines▼ Show 20 Lines
bool SanitizerArgs::requiresPIE() const { bool SanitizerArgs::requiresPIE() const {
return NeedPIE || (Sanitizers.Mask & RequiresPIE); return NeedPIE || (Sanitizers.Mask & RequiresPIE);
} }
bool SanitizerArgs::needsUnwindTables() const { bool SanitizerArgs::needsUnwindTables() const {
return Sanitizers.Mask & NeedsUnwindTables; return Sanitizers.Mask & NeedsUnwindTables;
} }
bool SanitizerArgs::needsLTO() const {
return Sanitizers.Mask & NeedsLTO;
}
SanitizerArgs::SanitizerArgs(const ToolChain &TC, SanitizerArgs::SanitizerArgs(const ToolChain &TC,
const llvm::opt::ArgList &Args) { const llvm::opt::ArgList &Args) {
SanitizerMask AllRemove = 0; // During the loop below, the accumulated set of SanitizerMask AllRemove = 0; // During the loop below, the accumulated set of
// sanitizers disabled by the current sanitizer // sanitizers disabled by the current sanitizer
// argument or any argument after it. // argument or any argument after it.
SanitizerMask AllAddedKinds = 0; // Mask of all sanitizers ever enabled by SanitizerMask AllAddedKinds = 0; // Mask of all sanitizers ever enabled by
// -fsanitize= flags (directly or via group // -fsanitize= flags (directly or via group
// expansion), some of which may be disabled // expansion), some of which may be disabled
▲ Show 20 LinesShow All 806 LinesShow Last 20 Lines

lib/Driver/ToolChains/Clang.cpp

Show First 20 LinesShow All 3,358 Lines▼ Show 20 Lines if (isa<AnalyzeJobAction>(JA)) {
} }
// Preserve use-list order by default when emitting bitcode, so that // Preserve use-list order by default when emitting bitcode, so that
// loading the bitcode up in 'opt' or 'llc' and running passes gives the // loading the bitcode up in 'opt' or 'llc' and running passes gives the
// same result as running passes here. For LTO, we don't need to preserve // same result as running passes here. For LTO, we don't need to preserve
// the use-list order, since serialization to bitcode is part of the flow. // the use-list order, since serialization to bitcode is part of the flow.
if (JA.getType() == types::TY_LLVM_BC) if (JA.getType() == types::TY_LLVM_BC)
CmdArgs.push_back("-emit-llvm-uselists"); CmdArgs.push_back("-emit-llvm-uselists");
// Device-side jobs do not support LTO.
bool isDeviceOffloadAction = !(JA.isDeviceOffloading(Action::OFK_None) ||
JA.isDeviceOffloading(Action::OFK_Host));
if (D.isUsingLTO() && !isDeviceOffloadAction) {
Args.AddLastArg(CmdArgs, options::OPT_flto, options::OPT_flto_EQ);
// The Darwin and PS4 linkers currently use the legacy LTO API, which
// does not support LTO unit features (CFI, whole program vtable opt)
// under ThinLTO.
if (!(RawTriple.isOSDarwin() || RawTriple.isPS4()) ||
D.getLTOMode() == LTOK_Full)
CmdArgs.push_back("-flto-unit");
}
} }
if (const Arg *A = Args.getLastArg(options::OPT_fthinlto_index_EQ)) { if (const Arg *A = Args.getLastArg(options::OPT_fthinlto_index_EQ)) {
if (!types::isLLVMIR(Input.getType())) if (!types::isLLVMIR(Input.getType()))
D.Diag(diag::err_drv_argument_only_allowed_with) << A->getAsString(Args) D.Diag(diag::err_drv_argument_only_allowed_with) << A->getAsString(Args)
<< "-x ir"; << "-x ir";
Args.AddLastArg(CmdArgs, options::OPT_fthinlto_index_EQ); Args.AddLastArg(CmdArgs, options::OPT_fthinlto_index_EQ);
} }
▲ Show 20 LinesShow All 1,585 Lines▼ Show 20 Lines
if (WholeProgramVTables) { if (WholeProgramVTables) {
if (!D.isUsingLTO()) if (!D.isUsingLTO())
D.Diag(diag::err_drv_argument_only_allowed_with) D.Diag(diag::err_drv_argument_only_allowed_with)
<< "-fwhole-program-vtables" << "-fwhole-program-vtables"
<< "-flto"; << "-flto";
CmdArgs.push_back("-fwhole-program-vtables"); CmdArgs.push_back("-fwhole-program-vtables");
} }
// Device-side jobs do not support LTO.
bool isDeviceOffloadAction = !(JA.isDeviceOffloading(Action::OFK_None) ||
JA.isDeviceOffloading(Action::OFK_Host));
if (D.isUsingLTO() &&
(isa<CompileJobAction>(JA) || isa<BackendJobAction>(JA)) &&
!isDeviceOffloadAction) {
Args.AddLastArg(CmdArgs, options::OPT_flto, options::OPT_flto_EQ);
// Enable LTO unit if need for CFI or whole program vtable optimization.
// The Darwin and PS4 linkers currently use the legacy LTO API, which
// does not support LTO unit features (CFI, whole program vtable opt)
// under ThinLTO.
bool SupportsLTOUnit = !(RawTriple.isOSDarwin() || RawTriple.isPS4()) ||
D.getLTOMode() == LTOK_Full;
if ((WholeProgramVTables || Sanitize.needsLTO()) && SupportsLTOUnit)
CmdArgs.push_back("-flto-unit");
}
if (Arg *A = Args.getLastArg(options::OPT_fexperimental_isel, if (Arg *A = Args.getLastArg(options::OPT_fexperimental_isel,
options::OPT_fno_experimental_isel)) { options::OPT_fno_experimental_isel)) {
CmdArgs.push_back("-mllvm"); CmdArgs.push_back("-mllvm");
if (A->getOption().matches(options::OPT_fexperimental_isel)) { if (A->getOption().matches(options::OPT_fexperimental_isel)) {
CmdArgs.push_back("-global-isel=1"); CmdArgs.push_back("-global-isel=1");
// GISel is on by default on AArch64 -O0, so don't bother adding // GISel is on by default on AArch64 -O0, so don't bother adding
// the fallback remarks for it. Other combinations will add a warning of // the fallback remarks for it. Other combinations will add a warning of
▲ Show 20 LinesShow All 937 LinesShow Last 20 Lines

test/Driver/lto-unit.c

// RUN: %clang -target x86_64-unknown-linux -### %s -flto=full 2>&1 | FileCheck --check-prefix=UNIT %s // RUN: %clang -target x86_64-unknown-linux -### %s -flto=full -fwhole-program-vtables 2>&1 | FileCheck --check-prefix=UNIT %s
// RUN: %clang -target x86_64-unknown-linux -### %s -flto=thin 2>&1 | FileCheck --check-prefix=UNIT %s // RUN: %clang -target x86_64-unknown-linux -### %s -flto=thin -fwhole-program-vtables 2>&1 | FileCheck --check-prefix=UNIT %s
// RUN: %clang -target x86_64-apple-darwin13.3.0 -### %s -flto=full 2>&1 | FileCheck --check-prefix=UNIT %s // RUN: %clang -target x86_64-apple-darwin13.3.0 -### %s -flto=full -fwhole-program-vtables 2>&1 | FileCheck --check-prefix=UNIT %s
// RUN: %clang -target x86_64-apple-darwin13.3.0 -### %s -flto=thin 2>&1 | FileCheck --check-prefix=NOUNIT %s // RUN: %clang -target x86_64-apple-darwin13.3.0 -### %s -flto=thin -fwhole-program-vtables 2>&1 | FileCheck --check-prefix=NOUNIT %s
// RUN: %clang -target x86_64-scei-ps4 -### %s -flto=full 2>&1 | FileCheck --check-prefix=UNIT %s // RUN: %clang -target x86_64-scei-ps4 -### %s -flto=full -fwhole-program-vtables 2>&1 | FileCheck --check-prefix=UNIT %s
// RUN: %clang -target x86_64-scei-ps4 -### %s -flto=thin 2>&1 | FileCheck --check-prefix=NOUNIT %s // RUN: %clang -target x86_64-scei-ps4 -### %s -flto=thin -fwhole-program-vtables 2>&1 | FileCheck --check-prefix=NOUNIT %s
// UNIT: "-flto-unit" // UNIT: "-flto-unit"
// NOUNIT-NOT: "-flto-unit" // NOUNIT-NOT: "-flto-unit"