From: Peter Xu <peterx@redhat.com>
To: Paolo Bonzini <pbonzini@redhat.com>
Cc: qemu-devel <qemu-devel@nongnu.org>,
"Daniel P . Berrangé" <berrange@redhat.com>,
"Philippe Mathieu-Daudé" <philmd@linaro.org>,
"Fabiano Rosas" <farosas@suse.de>,
"Juraj Marcin" <jmarcin@redhat.com>,
"Markus Armbruster" <armbru@redhat.com>,
"Eduardo Habkost" <eduardo@habkost.net>,
"Peter Maydell" <peter.maydell@linaro.org>,
"Cédric Le Goater" <clg@redhat.com>
Subject: Re: [PATCH 5/5] qom: Make container_get() strict to always walk or return container
Date: Tue, 19 Nov 2024 15:06:55 -0500 [thread overview]
Message-ID: <Zzzv32xlLAH4O5Ig@x1n> (raw)
In-Reply-To: <CABgObfamYxtgX7SubOd8OvA5w70xQ5uesJ1TuPoTK9onVO+58w@mail.gmail.com>
On Tue, Nov 19, 2024 at 09:09:16AM +0100, Paolo Bonzini wrote:
> Il mar 19 nov 2024, 00:06 Peter Xu <peterx@redhat.com> ha scritto:
>
> > On Mon, Nov 18, 2024 at 05:13:30PM -0500, Peter Xu wrote:
> > > When used incorrectly, container_get() can silently create containers
> > even
> > > if the caller may not intend to do so. Add a rich document describing
> > the
> > > helper, as container_get() should only be used in path lookups.
> > >
> > > Add one object_dynamic_cast() check to make sure whatever objects the
> > > helper walks will be a container object (including the one to be
> > returned).
> > > It is a programming error otherwise, hence assert that.
> > >
> > > It may make container_get() tiny slower than before, but the hope is the
> > > change is neglictable, as object_class_dynamic_cast() has a fast path
> > just
> > > for similar leaf use case.
> >
> > Just a heads up: out of curiosity, I tried to see whether the fast path hit
> > that I mentioned here (mostly, commit 793c96b54032 of Paolo's), and it
> > didn't..
> >
> > It's fundamentally because all TypeImpl was allocated dynamically from
> > heap, including its type->name.
>
>
> Ah, that was supposed to be the difference between type_register() and
> type_register_static().
Ah... looks like they're the same now? As type_register_static() looks like
a wrapper of type_register().
I gave it a shot on booting a Linux guest with some pretty generic devices,
and see how much the pointer check hit. Until I got the root login prompt,
I got 8 hits out of 35488. So it's indeed hard to yet hit.. at least with
the current code base. :(
>
> Perhaps type->name could be allocated with g_intern_string()? And then if
> object_dynamic_cast() is changed into a macro, with something like
>
> #define qemu_cache_interned_string(s) \
> (__builtin_constant_p(s) \
> ? ({ static const char *interned; \
> interned = interned ?: g_intern_static_string(s); }) \
> : g_intern_string(s))
>
> as the third parameter. This allows object_dynamic_cast() to use a simple
> pointer equality for type name comparison, and the same can be applied to
> object_class_dynamic_cast().
Interesting to know this facility! Though, IIUC this may:
- For builtin-consts, it grows 8 bytes for each call sites on the binary
generated, even if (I think...) most of the sites are slow paths, and
there're plenty of such calls..
- For non-builtin strings, g_intern_string() will add one more hash
operation for the whole string (and per discussed previously, looks
like the string can be not always short..).
So I'm not 100% sure yet if this is what we want.
Do we have known places that we care a lot on object[_class]_dynamic_cast()
performance? I can give it some measurement if there is, otherwise I'm
guessing whatever changes could fall into the noise.. then we can also
leave that for later, knowing that the fast path will hardly hit for now,
but that shouldn't be a major issue either, I assume.
>
> Whatever we do, we should do it before Rust code starts using
> object_dynamic_cast!
Thanks!
--
Peter Xu
next prev parent reply other threads:[~2024-11-19 20:08 UTC|newest]
Thread overview: 19+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-11-18 22:13 [PATCH 0/5] QOM: Enforce container_get() to operate on containers only Peter Xu
2024-11-18 22:13 ` [PATCH 1/5] qom: Add TYPE_CONTAINER macro Peter Xu
2024-11-19 9:42 ` Daniel P. Berrangé
2024-11-19 19:52 ` Peter Xu
2024-11-18 22:13 ` [PATCH 2/5] ppc/e500: Avoid abuse of container_get() Peter Xu
2024-11-18 22:13 ` [PATCH 3/5] qdev: Make device_set_realized() always safe in tests Peter Xu
2024-11-19 9:46 ` Daniel P. Berrangé
2024-11-19 20:14 ` Peter Xu
2024-11-18 22:13 ` [PATCH 4/5] qdev: Make qdev_get_machine() not use container_get() Peter Xu
2024-11-18 22:13 ` [PATCH 5/5] qom: Make container_get() strict to always walk or return container Peter Xu
2024-11-18 23:06 ` Peter Xu
2024-11-19 8:09 ` Paolo Bonzini
2024-11-19 20:06 ` Peter Xu [this message]
2024-11-19 20:30 ` Paolo Bonzini
2024-11-19 21:43 ` Peter Xu
2024-11-20 11:45 ` Paolo Bonzini
2024-11-20 16:24 ` Peter Xu
2024-11-19 10:03 ` Daniel P. Berrangé
2024-11-19 20:25 ` Peter Xu
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=Zzzv32xlLAH4O5Ig@x1n \
--to=peterx@redhat.com \
--cc=armbru@redhat.com \
--cc=berrange@redhat.com \
--cc=clg@redhat.com \
--cc=eduardo@habkost.net \
--cc=farosas@suse.de \
--cc=jmarcin@redhat.com \
--cc=pbonzini@redhat.com \
--cc=peter.maydell@linaro.org \
--cc=philmd@linaro.org \
--cc=qemu-devel@nongnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).