Considerations for sanitizing bounds of C-style arrays

[Kalvin Lee]

Hi folks,

We're working on enabling this for Chromium, and notice that Skia is hardest hit by the binary size increase. Loosely we interpret that to mean that Skia is most burdened with the added instrumentation, which could have perf impacts (perhaps ones that don't show up on top-level benchmarks).

Is there anything perf-y I should do or investigate before we move to land this CL?

Cheers,

Kalvin

[bungeman]

If I understand correctly, the idea here is to use `-fsanitize=array-bounds` in Chromium's `default_compiler_configs`, to add a check for indexing into arrays of known compile time size? The most interesting thing to know is exactly where in Skia this is actually being applied. If I had to guess, this would be hitting SkAlignedStorage.h (and its many direct and indirect users, as well as several other structures like it) quite hard as Skia extensively avoids small heap allocations by having a lot of abstractions over "this code needs to handle arbitrary values but the value is usually 4 or less, so allow that much to go on the stack and only make a heap allocation if more are needed" and then there are still a lot of indexing loops over those (I assume using a range-based for loop would probably avoid this?). In any even this is speculation on my part, but Skia was written around the idea that direct access into small fixed size arrays is fast so it is unsurprising that this should be an issue, but without knowing what the biggest issues are (which transformations are the most expensive) it isn't clear what might be done.

[Kalvin Lee]

Your understanding is correct - we have a SuperSize dashboard here that shows where the new instrumentation is being applied. I also assume a range-based for would avoid this (more generally the compiler should understand when it's impossible to index out-of-bounds and elide the check) but I would need to double-check to be sure.

If you have particular benchmarks you can point me at, I can try running them to make sure nothing is slower than you require.

--
You received this message because you are subscribed to a topic in the Google Groups "skia-discuss" group.
To unsubscribe from this topic, visit https://groups.google.com/d/topic/skia-discuss/dxQCftRNGCY/unsubscribe.
To unsubscribe from this group and all its topics, send an email to skia-discuss...@googlegroups.com.
To view this discussion visit https://groups.google.com/d/msgid/skia-discuss/34c52f73-ecad-41c5-81f6-af9c304d68bfn%40googlegroups.com.

[Kalvin Lee]

This feature is now enabled.