use hash func that generates deterministic result for protobuf #5814
Conversation
quanjielin
force-pushed
the
quanlinhash0201
branch
2 times, most recently
from
5eddb10 to
2d018ec
Compare
source/common/router/rds_impl.cc
Outdated
| @@ -196,7 +196,7 @@ Router::RouteConfigProviderPtr RouteConfigProviderManagerImpl::createRdsRouteCon | |||
| // RdsRouteConfigSubscriptions are unique based on their serialized RDS config. | |||
| // TODO(htuch): Full serialization here gives large IDs, could get away with a | |||
| // strong hash instead. | |||
| const std::string manager_identifier = rds.SerializeAsString(); | |||
| const std::string manager_identifier = std::to_string(MessageUtil::hash(rds)); | |||
There was a problem hiding this comment.
I think it's probably OK to use an 8-byte hash for this (we do similar things elsewhere for collision detection). Assuming people agree, can you remove the TODO above? (The alternative would be to use deterministic serialization to string much like MessageUtil::hash does.)
| @@ -50,7 +50,8 @@ class SecretManagerImpl : public SecretManager { | |||
| findOrCreate(const envoy::api::v2::core::ConfigSource& sds_config_source, | |||
| const std::string& config_name, | |||
| Server::Configuration::TransportSocketFactoryContext& secret_provider_context) { | |||
| const std::string map_key = sds_config_source.SerializeAsString() + config_name; | |||
| const std::string map_key = | |||
There was a problem hiding this comment.
You can just use uint64_t for map_key type and change type elsewhere, no need convert to string.
There was a problem hiding this comment.
since resourcename is also needed to construct mapkey, are you suggesting using something like MessageUtil::hash(sds_config_source+config_name) ?
|
/cc @PiotrSikora |
Signed-off-by: Quanjie Lin <quanlin@google.com>
quanjielin
force-pushed
the
quanlinhash0201
branch
from
2d018ec to
8bf5b0d
Compare
Signed-off-by: Quanjie Lin <quanlin@google.com>
quanjielin
force-pushed
the
quanlinhash0201
branch
from
8bf5b0d to
cffd4e9
Compare
source/common/router/rds_impl.cc
Outdated
| @@ -56,7 +56,7 @@ StaticRouteConfigProviderImpl::~StaticRouteConfigProviderImpl() { | |||
| // initialization needs to be fixed. | |||
| RdsRouteConfigSubscription::RdsRouteConfigSubscription( | |||
| const envoy::config::filter::network::http_connection_manager::v2::Rds& rds, | |||
| const std::string& manager_identifier, Server::Configuration::FactoryContext& factory_context, | |||
| const uint64_t& manager_identifier, Server::Configuration::FactoryContext& factory_context, | |||
There was a problem hiding this comment.
I think you need to drop & here (and in the header file).
Signed-off-by: Quanjie Lin <quanlin@google.com>
|
how about tests? |
|
@lizan what test(s) would you like to see here? Showing that |
|
To clarify, good without tests because I imagine we're talking about protobuf internal implementation details. If you happen to have a repeatable test case that can easily show this then we should add it, but I'm suspecting not. |
|
@quanjielin could you also fix |
|
Why are we ok without tests here? It seems like it shouldn't be very difficult to craft a case that reproduces this? Or am I missing the problem? |
|
@mattklein123 you're asking to come up with two situations in which |
|
Ok fair enough. Please open up a tech debt issue to remove all use of serializeasstring as well as a format check to block it's use at the very least? (A stronger version of @htuch previous comment). Thank you. |
| @@ -372,12 +373,12 @@ class ConfigProviderManagerImplBase : public ConfigProviderManager, public Singl | |||
| std::shared_ptr<T> getSubscription( | |||
| const Protobuf::Message& config_source_proto, Init::Manager& init_manager, | |||
| const std::function<ConfigSubscriptionInstanceBaseSharedPtr( | |||
| const std::string&, ConfigProviderManagerImplBase&)>& subscription_factory_fn) { | |||
| const uint64_t, ConfigProviderManagerImplBase&)>& subscription_factory_fn) { | |||
There was a problem hiding this comment.
Nit: fix format (extra spaces).
Signed-off-by: Quanjie Lin<quanlin@google.com> Signed-off-by: Quanjie Lin <quanlin@google.com>
quanjielin
force-pushed
the
quanlinhash0201
branch
from
0535bba to
1d79741
Compare
|
(I've asked @quanjielin to force-push, due to missed DCO in previous commit) |
| @@ -345,8 +345,9 @@ class ConfigProviderManagerImplBase : public ConfigProviderManager, public Singl | |||
| using ConfigProviderSet = std::unordered_set<ConfigProvider*>; | |||
| using ConfigProviderMap = std::unordered_map<ConfigProviderInstanceType, | |||
| std::unique_ptr<ConfigProviderSet>, EnumClassHash>; | |||
|
|
|||
| @@ -50,7 +50,8 @@ class SecretManagerImpl : public SecretManager { | |||
| findOrCreate(const envoy::api::v2::core::ConfigSource& sds_config_source, | |||
| const std::string& config_name, | |||
| Server::Configuration::TransportSocketFactoryContext& secret_provider_context) { | |||
| const std::string map_key = sds_config_source.SerializeAsString() + config_name; | |||
| const std::string map_key = | |||
| std::to_string(MessageUtil::hash(sds_config_source)) + config_name; | |||
There was a problem hiding this comment.
Will a number started config_name potentially conflicts with other hashes? i.e. a config hash 123 with config name 0-abc conflicts with a config hash 12 with config name 30-abc, this happens much easier than hash conflict.
There was a problem hiding this comment.
Potentially, yes, though I'm not sure how well do we guard against that in rest of the codebase.
@quanjielin could you add a separator? e.g.
const std::string map_key =
absl::StrCat(MessageUtil::hash(sds_config_source), ".", config_name);
Thanks!
There was a problem hiding this comment.
LGTM, but please add a check like https://github.com/envoyproxy/envoy/blob/master/tools/check_format.py#L393 for SerializeAsString and some test like https://github.com/envoyproxy/envoy/blob/master/tools/check_format_test_helper.py#L194.
Signed-off-by: Quanjie Lin <quanlin@google.com>
quanjielin
force-pushed
the
quanlinhash0201
branch
from
a32f0f6 to
7ce7966
Compare
|
@quanjielin also, can you avoid force pushing from now on? Please DCO as appropriate to avoid this. It makes it hard to understand the diff between reviews. |
Not sure if we really need that, some use cases doesn't need deterministic serialization (e.g. gRPC codec, TAP writing to file.) |
|
@lizan these an be whitelisted at a file-level. I rather play it safe with this one as we have been burned. |
Signed-off-by: Quanjie Lin <quanlin@google.com>
Signed-off-by: Quanjie Lin <quanlin@google.com>
…proxy#5814) This PR uses hash func that generates deterministic result for proto. Background - When integrate envoy SDS with Istio, we found envoy sends out multiple requests for same sdsconfig(details in envoyproxy#5744); After some debugging, we found the issue describes in [protocolbuffers/protobuf#5668](protocolbuffers/protobuf#5668). Signed-off-by: Quanjie Lin <quanlin@google.com> Signed-off-by: Fred Douglas <fredlas@google.com>
This PR uses hash func that generates deterministic result for proto.
Background -
When integrate envoy SDS with Istio, we found envoy sends out multiple requests for same sdsconfig(details in #5744);
After some debugging, we found the issue describes in protocolbuffers/protobuf#5668.