exponential code explosion during inlining


I filed a bug (PR50485 [1]) a couple weeks ago for some pathological behavior we’ve hit in the inliner, but there hasn’t been any reply on the bug so I figured I’d broaden the audience and ask about the issue here.

The problem is partially a phase-ordering issue – we run cleanup optimizations after inlining an SCC that reduce the size of functions in the SCC, so a given call foo → bar that looks unprofitable due to bar’s size while processing the SCC containing foo and bar may suddenly look profitable due to bar’s reduced size when later considering a copy of that same callsite that gets created by inlining foo into some function in a later SCC.

This interacts badly with the approach that the inliner relies on local heuristics to eventually converge (rather than limiting itself with some global budget). I’ll copy the comment explaining that approach here:

// We use a single common worklist for calls across the entire SCC. We

// process these in-order and append new calls introduced during inlining to

// the end.


// Note that this particular order of processing is actually critical to

// avoid very bad behaviors. Consider highly connected call graphs where

// each function contains a small amount of code and a couple of calls to

// other functions. Because the LLVM inliner is fundamentally a bottom-up

// inliner, it can handle gracefully the fact that these all appear to be

// reasonable inlining candidates as it will flatten things until they become

// too big to inline, and then move on and flatten another batch.


// However, when processing call edges within an SCC we cannot rely on this

// bottom-up behavior. As a consequence, with heavily connected SCCs of

// functions we can end up incrementally inlining N calls into each of

// N functions because each incremental inlining decision looks good and we

// don’t have a topological ordering to prevent explosions.


// To compensate for this, we don’t process transitive edges made immediate

// by inlining until we’ve done one pass of inlining across the entire SCC.

// Large, highly connected SCCs still lead to some amount of code bloat in

// this model, but it is uniformly spread across all the functions in the SCC

// and eventually they all become too large to inline, rather than

// incrementally maknig a single function grow in a super linear fashion.

The problem in a nutshell is that “eventually they all become too large to inline” is true while inlining is happening in their SCC, but then the cleanup makes them small again and so the inliner goes nuts chasing all the now-profitable paths through the highly connected SCC when considering them as transitive inlines into a subsequent SCC.

I’d love some thoughts on how we might best go about addressing this. I could imagine trying to address it as a phase ordering issue by running cleanup at the start of inlining an SCC – in the cases where we’ve hit this the cleanup hasn’t actually depended on inlining to expose the opportunities, it just happened to first get cleaned up immediately post inlining. I could also imagine trying to address it by limiting transitive inlines at callsites created by inlining functions from already-converged SCCs, which we could either do wholesale (if we’re expecting them to be too big to inline at this point, that shouldn’t be a big loss, right?) or just by capping their depth, say, to cut off exponential explosion.



[1] - 50485 – Exponential code explosion during inlining (llvm.org)

I may be misunderstanding, but when you say “cleanup”, do you mean the function simplification pipeline (since the change that caused this was a change to the function simplification pipeline)? But that happens after inlining, and we won’t revisit the SCC, unless there are some weird SCC splitting/merging things going on.

May be related to https://reviews.llvm.org/D98481


Yes, I believe it’s from the function simplification pipeline. It happens after inlining within an SCC, but since it’s added to the same CFSCCPassManager as the inliner pass, it runs before the inliner pass runs on the next SCC, which effectively revisits the first SCC by transitive inlines.

To be concrete:

Suppose F calls A, A calls B, B calls A.

Then A and B together belong to SCC 1.

And F is alone in SCC 2.

The order of events is:

Sorry, I messed up the description of the problem case there. It’s not a long sequence of SCCs, but rather a single SCC with a long sequence of splits and joins. Here’s a corrected version:

Suppose that

  • F calls A1
  • A1 calls A2 and B1
  • A2 calls A1 and B2
  • B1 calls B2 and C1
  • B2 calls B1 and C2
  • C1 calls C2 and D1
  • C2 calls C1 and D2
  • Z1 calls Z2 and A1
  • Z2 calls Z1 and A2

Then A1,A2,B1,B2,…,Z1,Z2 all together belong to SCC 1.

And F is alone in SCC 2.

The order of events is:

Related, yes. I see the conversation there leading toward having a cap on inlinee size (because, at leach level, there is a single huge function, which will be inlined twice into the single function in the next level). I was mistakenly under the impression that our existing threshold effectively imposed a size cap (and therefore effectively imposed a fan-out cap), so one avenue I was considering was limiting the depth of transitive inlines through calls copied from inlinees in already-converged SCCs. But adding the depth cap could make cases such as I’m hitting look a lot like the case that https://reviews.llvm.org/D98481 describes. So I think that neither the size cap nor the depth cap alone would be sufficient…

The existing implementation has a per-callsite a size cap. For a callsite, if the inlining could cause a potential size growth to exceed the given cap (3000 for hot callsites, 45 for cold callsites, 375 for warm callsites, IIRC), the inlining will not be done. In https://reviews.llvm.org/D98481, we were thinking about enforcing a global size cap per each inliner. Give the current callsite considered to be inlined, if the size growth makes the inliner size over a given cap, the current inlining and all subsequent inlining will be skipped. Could this approach solve your problem?



Yes, a global cap would certainly be a big enough hammer to prevent the code explosion I’m seeing. I didn’t follow the review closely enough to get a sense, is that likely to land?

There were some offline discussions about implementing the global cap based on an interprocedural loop-graph (ILG) based working set analysis. David, I’m wondering if you could share the progress of the ILG work. Thanks.

There were some offline discussions about implementing the global cap based on an interprocedural loop-graph (ILG) based working set analysis. David, I’m wondering if you could share the progress of the ILG work. Thanks.

ILG based cap will be used for performance tuning and it won’t be global but per code-reuse region. To handle pathological code growth, a different/simpler capping mechanism is probably better.

I see, thanks for the information. I will work on a separate per-function capping mechanism.