This is an archive of the discontinued LLVM Phabricator instance.

Differential D23151

CFI: add XFAIL test for a future optimization of two vcalls.
ClosedPublic

Authored by krasin on Aug 4 2016, 12:07 AM.

Details

Reviewers
kcc
Commits
rGa425623dd990: CFI: add XFAIL test for a future optimization of two vcalls.
rCRT277795: CFI: add XFAIL test for a future optimization of two vcalls.
rL277795: CFI: add XFAIL test for a future optimization of two vcalls.
Summary

Often, a code will call multiple virtual methods of a given object.
If they go in a linear block, it should be possible to check vtable
before the first call, then store vtable pointer and reuse it for
the second vcall without any additional checks.

This is expected to have a positive performance impact on a hot
path in Blink, see https://crbug.com/634139.

Diff Detail

Event Timeline

krasin updated this revision to Diff 66763.Aug 4 2016, 12:07 AM
krasin retitled this revision from to CFI: add XFAIL test for a future optimization of two vcalls..
krasin updated this object.
krasin added a reviewer: kcc.
krasin updated this revision to Diff 66764.Aug 4 2016, 12:10 AM

Unwrap a comment to fit one line.

kcc accepted this revision.Aug 4 2016, 9:58 AM
kcc edited edge metadata.

LGTM for this test, however maybe it's better to have CHECKs for the current state instead of XFAIL
The optimization is a bit more risky since it may have unexpected effect of weakening security.
Besides, such optimization is not specific to CFI, it should (or should not) happen regardless of hardening

This revision is now accepted and ready to land.Aug 4 2016, 9:58 AM
krasin added a comment.Aug 4 2016, 10:04 AM
In D23151#505945, @kcc wrote:

LGTM for this test, however maybe it's better to have CHECKs for the current state instead of XFAIL
The optimization is a bit more risky since it may have unexpected effect of weakening security.
Besides, such optimization is not specific to CFI, it should (or should not) happen regardless of hardening

There're two kinds of optimizations possible here: first is non-CFI specific, but it would require the compiler to make some dangerous assumptions like memory (the vtable pointer) remain unchanged during a virtual call, so unlikely to happen.

The second one is CFI-specific, where we know that vtable pointer is unlikely to change (and we can also enforce it by checking this property before the second call). We can also do more high-level optimizations. For instance, if these two calls have two different bitsets we need to check, the optimization might compute the intersection of these bitsets and check against it.

krasin closed this revision.Aug 4 2016, 6:53 PM

Revision Contents

PathSize
test/
cfi/
60 lines

Diff 66764

test/cfi/two-vcalls.cpp

  • This file was added.
// RUN: %clangxx_cfi_diag -o %t %s
// RUN: %t 2>&1 | FileCheck %s
// This test checks that we don't generate two type checks,
// if two virtual calls are in the same function.
// UNSUPPORTED: win32
// REQUIRES: cxxabi
// TODO(krasin): implement the optimization to not emit two type checks.
// XFAIL: *
#include <stdio.h>
class Base {
public:
virtual void Foo() {
fprintf(stderr, "Base::Foo\n");
}
virtual void Bar() {
fprintf(stderr, "Base::Bar\n");
}
};
class Derived : public Base {
public:
void Foo() override {
fprintf(stderr, "Derived::Foo\n");
}
void Bar() override {
printf("Derived::Bar\n");
}
};
__attribute__((noinline)) void print(Base* ptr) {
ptr->Foo();
// Corrupt the vtable pointer. We expect that the optimization will
// check vtable before the first vcall then store it in a local
// variable, and reuse it for the second vcall. With no optimization,
// CFI will complain about the virtual table being corrupted.
*reinterpret_cast<void**>(ptr) = 0;
ptr->Bar();
}
int main() {
Base b;
Derived d;
// CHECK: Base::Foo
// CHECK: Base::Bar
print(&b);
// CHECK: Derived::Foo
// CHECK-NOT: runtime error
// CHECK: Derived::Bar
print(&d);
return 0;
}