[AMDGPU] -fcf-protection=full should not be applied to GPU targets in heterogenous code #86450
Comments
|
CC @jhuber6 as an author of stack-protector PR. |
AngryLoki
changed the title
|
@llvm/issue-subscribers-backend-amdgpu Author: None (AngryLoki)
In Gentoo 23.0 (upcoming) and hardened profile `-fcf-protection=full` is added automatically via `/etc/clang/x86_64-pc-linux-gnu-clang++.cfg` (as well as [other flags](https://wiki.gentoo.org/wiki/Hardened/Toolchain#Changes)). However this flag does not work well with heterogeneous hip code:
Although it is possible to use In #70799 you added code to "not emit the stack protector metadata on unsupported architectures". Can you do the same for |
|
Huh, actually, after submitting this bug, I remembered flag However I still think the best solution is to solve this in Clang. As far as I know, there are already many flags that are not passed to GPU codegen (even turning (edit: fix copy&paste mistake) |
I'm assuming you mean
Currently we kind of just treat this on a case-by-case basis. There's a lot of pain that come from these single source languages where we try to mash two separate targets into a single compiler invocation. Same problem with all of our numerous hacks around the glibc headers when included from the GPU. |
Yes, copy&paste mistake. |
oidn needs llvm/llvm-project#86450 (comment) to be applied
…ags to fix GPU compilation Add -Xarch_host to CPU-specific flags, so that it does not affects heterogenous code (e. g. HIP). For stack-protector flags: fixes compiler crashes like llvm/llvm-project#83777 Clang 18.1.0 does not try to apply these flags to GPU code, but current ROCm libraries use Clang 17, so add "-Xarch_host" there too. This will allow to drop "-fno-stack-protector" patches from rocm-comgr, hip and hipcc eventually. For -fcf-protection: fixes error: option 'cf-protection=return' cannot be specified on this target. For -fPIE: do not touch, as at least since Clang 15 it only affects host relocation model. See also: https://github.com/llvm/llvm-project/blob/llvmorg-15.0.7/clang/test/Driver/hip-fpie-option.hip Related upstream bug: llvm/llvm-project#86450 Closes: https://bugs.gentoo.org/927752 Signed-off-by: Sv. Lockal <lockalsash@gmail.com>
Add -Xarch_host to CPU-specific flags, so that it does not affects heterogenous code (e. g. HIP). For stack-protector flags: fixes compiler crashes like llvm/llvm-project#83777. Clang 18.1.0 does not try to apply these flags to GPU code, but current ROCm libraries use Clang 17, so add "-Xarch_host" there too. This will allow to drop "-fno-stack-protector" patches from rocm-comgr, hip and hipcc eventually. For -fcf-protection: fixes error: option 'cf-protection=return' cannot be specified on this target. For -fPIE: do not touch, as at least since Clang 15 it only affects host relocation model. See also: https://github.com/llvm/llvm-project/blob/llvmorg-15.0.7/clang/test/Driver/hip-fpie-option.hip Bug: llvm/llvm-project#86450 Closes: https://bugs.gentoo.org/927752 Signed-off-by: Sv. Lockal <lockalsash@gmail.com> Closes: #35926 Signed-off-by: Michał Górny <mgorny@gentoo.org>
|
The same issue with |
|
These things are permanent issues caused by pretending that two separate compilations for two separate architectures is a single compiler invocation. The easiest solution would be the following that simply prevents the option from being forwarded to the offloading device, essentially making it behave like diff --git a/clang/lib/Driver/ToolChains/Clang.cpp b/clang/lib/Driver/ToolChains/Clang.cpp
index 766a9b91e3c0..0d19c67778e0 100644
--- a/clang/lib/Driver/ToolChains/Clang.cpp
+++ b/clang/lib/Driver/ToolChains/Clang.cpp
@@ -6866,9 +6866,11 @@ void Clang::ConstructJob(Compilation &C, const JobAction &JA,
if (Args.hasArg(options::OPT_nogpulib))
CmdArgs.push_back("-nogpulib");
- if (Arg *A = Args.getLastArg(options::OPT_fcf_protection_EQ)) {
- CmdArgs.push_back(
- Args.MakeArgString(Twine("-fcf-protection=") + A->getValue()));
+ if (JA.getOffloadingDeviceKind() == Action::OFK_None) {
+ if (Arg *A = Args.getLastArg(options::OPT_fcf_protection_EQ)) {
+ CmdArgs.push_back(
+ Args.MakeArgString(Twine("-fcf-protection=") + A->getValue()));
+ }
}
if (Arg *A = Args.getLastArg(options::OPT_mfunction_return_EQ))However, this would prevent users from enabling it intentionally or overriding that behavior. |
It seems currently we do not have a better way to handle this. If a target starts to support these options we could re-enable them for that target. |
Summary: This patch prevents the `-fcf-protection=` flag from being passed to the device compilation during offloading. This is not supported on CUDA and AMD devices, but if the user is compiling with fcf protection for the host it will fail to compile. We have a lot of these cases with various hacked together solutions, it would be nice to have a single solution to detect from the driver if a feature like this can be used for offloading, but for now this should resolve the issue. Fixe: llvm#86450
Summary: This patch prevents the `-fcf-protection=` flag from being passed to the device compilation during offloading. This is not supported on CUDA and AMD devices, but if the user is compiling with fcf protection for the host it will fail to compile. We have a lot of these cases with various hacked together solutions, it would be nice to have a single solution to detect from the driver if a feature like this can be used for offloading, but for now this should resolve the issue. Fixe: llvm#86450
We could just implement this, but it's probably not what anyone wants by default. I think we should interpret the flag as host-only, but I think it would be good to allow enabling it specifically for the device |
In Gentoo 23.0 (upcoming) and hardened profile
-fcf-protection=fullis added automatically via/etc/clang/x86_64-pc-linux-gnu-clang++.cfg(as well as other flags). However this flag does not work well with heterogeneous hip code:Although it is possible to use
-fcf-protection=full -Xarch_device -fcf-protection=noneto override this, it is irritating, as it can not be added to all files, as it produceswarning: argument unused during compilation: '-Xarch_device -fcf-protection=none'for non-hip files.In #70799 you added code to "not emit the stack protector metadata on unsupported architectures". Can you do the same for
-fcf-protection=..., to apply CET only for host code? Thanks!The text was updated successfully, but these errors were encountered: