Re: shm_toc_lookup API

On Mon, Jun 5, 2017 at 12:19 PM, Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> wrote:
> While I'm looking at this ... seems like there's a pretty basic coding-
> rule violation here, namely that shm_toc_lookup() thinks it can read
> toc->toc_nentry without any sort of locking. Since that field is declared
> Size, this amounts to an assumption that 64-bit reads are atomic, which
> is not per project practice.
>
> In practice it probably can't fail even if 64-bit reads aren't atomic,
> simply because we'll never have enough entries in a shm_toc to make the
> high-order half ever change. But that just begs the question why the
> field is declared Size rather than int. I think we should make it the
> latter.

Yeah. I think a shm_toc with more than 2^10 entries would probably
perform badly enough that somebody would rewrite this entire module,
so we don't really need to worry about having more than 2^31.
Changing to int (or uint32) seems fine.

> I am also thinking that most of the shm_toc functions need to have the
> toc pointers declared as "volatile *", but particularly shm_toc_lookup.
> That read_barrier call might prevent the hardware from reordering
> accesses, but I don't think it stops the compiler from doing so.

If it doesn't prevent both the hardware and the compiler from
reordering, it's broken. See the comments for pg_read_barrier() in
atomics.h.

--
Robert Haas
EnterpriseDB: http://www.enterprisedb.com
The Enterprise PostgreSQL Company