From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from eggs.gnu.org ([2001:4830:134:3::10]:49177)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <paolo.bonzini@gmail.com>) id 1WSoIv-0004Wt-L9
	for qemu-devel@nongnu.org; Wed, 26 Mar 2014 09:55:47 -0400
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
	(envelope-from <paolo.bonzini@gmail.com>) id 1WSoIq-0007YZ-1p
	for qemu-devel@nongnu.org; Wed, 26 Mar 2014 09:55:41 -0400
Received: from mail-ee0-x230.google.com ([2a00:1450:4013:c00::230]:37869)
	by eggs.gnu.org with esmtp (Exim 4.71)
	(envelope-from <paolo.bonzini@gmail.com>) id 1WSoIp-0007XZ-Qt
	for qemu-devel@nongnu.org; Wed, 26 Mar 2014 09:55:35 -0400
Received: by mail-ee0-f48.google.com with SMTP id b57so1666887eek.35
	for <qemu-devel@nongnu.org>; Wed, 26 Mar 2014 06:55:34 -0700 (PDT)
Sender: Paolo Bonzini <paolo.bonzini@gmail.com>
Message-ID: <5332DC53.5050508@redhat.com>
Date: Wed, 26 Mar 2014 14:55:31 +0100
From: Paolo Bonzini <pbonzini@redhat.com>
MIME-Version: 1.0
References: <1395841365-24319-1-git-send-email-pbonzini@redhat.com>
In-Reply-To: <1395841365-24319-1-git-send-email-pbonzini@redhat.com>
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
Subject: Re: [Qemu-devel] [PATCH for-2.0] cpu: do not use QOM casts in
	ENV_GET_CPU
List-Id: <qemu-devel.nongnu.org>
List-Unsubscribe: <https://lists.nongnu.org/mailman/options/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <http://lists.nongnu.org/archive/html/qemu-devel>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <https://lists.nongnu.org/mailman/listinfo/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=subscribe>
To: qemu-devel@nongnu.org
Cc: laurent.desnogues@gmail.com, Andreas Faerber <afaerber@suse.de>

Il 26/03/2014 14:42, Paolo Bonzini ha scritto:
> QOM casts are only typesafe inasmuch as we know that the argument is
> a QOM object.  If it is not, the accesses to fields in Object can
> access invalid memory and thus cause a segfault.
>
> Using a QOM cast in ENV_GET_CPU is useless and harmful.  Useless,
> because the cast is applied to the result of container_of, which is
> type safe.  So the QOM cast is nothing but typesafety theater.
> Harmful, because ENV_GET_CPU *is* used in hot paths especially
> now that, in 2.0, the movement of fields from CPU_COMMON to
> CPUState was completed.
>
> Reported-by: Laurent Desnogues <laurent.desnogues@gmail.com>
> Cc: Andreas Faerber <afaerber@suse.de>
> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>

Andreas pointed out on IRC that this is just the tip of the iceberg, due 
to code like this:

static void vmsa_ttbcr_write(CPUARMState *env, const ARMCPRegInfo *ri,
                              uint64_t value)
{
     ARMCPU *cpu = arm_env_get_cpu(env);

     if (arm_feature(env, ARM_FEATURE_LPAE)) {
         /* With LPAE the TTBCR could result in a change of ASID
          * via the TTBCR.A1 bit, so do a TLB flush.
          */
         tlb_flush(CPU(cpu), 1);
     }
     vmsa_ttbcr_raw_write(env, ri, value);
}

(from target-arm/helper.c).  Given this, and the limited time to fix the 
problem in 2.0 where it got magnified, I think we should reconsider 
whether releases should ahve QOM cast debugging enabled.

Paolo