From: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
---|---|
To: | Andres Freund <andres(at)2ndquadrant(dot)com> |
Cc: | pgsql-hackers(at)postgresql(dot)org |
Subject: | Re: longjmp clobber warnings are utterly broken in modern gcc |
Date: | 2015-01-26 14:58:07 |
Message-ID: | 3062.1422284287@sss.pgh.pa.us |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-hackers |
Andres Freund <andres(at)2ndquadrant(dot)com> writes:
> On 2015-01-25 14:02:47 -0500, Tom Lane wrote:
>> I've been looking for other instances of the problem Mark Wilding
>> pointed out, about missing "volatile" markers on variables that
>> are modified in PG_TRY blocks and then used in the PG_CATCH stanzas.
>> There definitely are some. Current gcc versions do not warn about that.
> I think it's actually not a recent regression - in the past a lot of
> spurious instances of these warnings have been fixed by simply tacking
> on volatile on variables that didn't actually need it.
Yeah, it's not. For years and years I just automatically stuck a "volatile"
on anything gcc 2.95.3 complained about, so that's why there's so many
volatiles there now. But I've not done that lately, and comparing what
2.95.3 warns about now with what a modern version says with -Wclobbered,
it's clear that it's pretty much the same broken (and perhaps slightly
machine-dependent) algorithm :-(
>> This is scary as hell. I intend to go around and manually audit
>> every single PG_TRY in the current source code, but that is obviously
>> not a long-term solution. Anybody have an idea about how we might
>> get trustworthy mechanical detection of this type of situation?
> Not really, except convincing gcc to fix the inaccurate detection. Given
> that there've been bugs open about this (IIRC one from you even) for
> years I'm not holding my breath.
I've completed the audit, and there were a total of only five places
that need fixes (including the two I already patched over the weekend).
It's mostly pretty new code too, which probably explains why we don't
already have field reports of problems.
Interestingly, plpython seems heavily *over* volatilized. Not sure
whether to take some out there for consistency, or just leave it alone.
regards, tom lane
From | Date | Subject | |
---|---|---|---|
Next Message | Tom Lane | 2015-01-26 15:14:11 | Re: PL/pgSQL, RAISE and error context |
Previous Message | Tom Lane | 2015-01-26 14:48:38 | Re: Unsafe coding in ReorderBufferCommit() |