Re: gcc -Wclobbered in PostgresMain

2023-07-10 Thread Tom Lane 
Sergey Shinderuk  writes:
> On 08.07.2023 18:11, Tom Lane wrote:
>> Having done that, it wouldn't really be necessary to mark these
>> as volatile.  I kept that marking anyway for consistency with
>> send_ready_for_query, but perhaps we shouldn't?

> I don't know. Maybe marking them volatile is more future proof. Not sure.

Yeah, after sleeping on it, it seems best to have a policy that all
variables declared in that place are volatile.  Even if there's no bug
now, not having volatile creates a risk of surprising behavior after
future changes.  Pushed that way.

regards, tom lane

Re: gcc -Wclobbered in PostgresMain

2023-07-10 Thread Sergey Shinderuk 

Hello, Tom,


On 08.07.2023 18:11, Tom Lane wrote:

What we ought to be doing is resetting these two flags
after the disable_all_timeouts call.



Oops, I missed that.



Having done that, it wouldn't really be necessary to mark these
as volatile.  I kept that marking anyway for consistency with
send_ready_for_query, but perhaps we shouldn't?



I don't know. Maybe marking them volatile is more future proof. Not sure.



I also moved firstchar's declaration inside the loop where it's used, to
make it clear that this variable needn't be volatile and is not
preserved after longjmp().


Good idea, but then why not the same for input_message?  It's fully
reinitialized each time through the loop, too.



Yeah, that's better.



In short, something like the attached, except I'm not totally sold
on changing the volatility of the timeout flags.


Looks good to me.


Thank you.

--
Sergey Shinderukhttps://postgrespro.com/

Re: gcc -Wclobbered in PostgresMain

2023-07-08 Thread Tom Lane 
Sergey Shinderuk  writes:
> While analyzing -Wclobbered warnings from gcc we found a true one in 
> PostgresMain():
> ...
> These variables must be declared volatile, because they are read after 
> longjmp(). send_ready_for_query declared there is volatile.

Yeah, you're on to something there.

> Without volatile, these variables are kept in registers and restored by 
> longjump(). I think, this is harmless because the error handling code 
> calls disable_all_timeouts() anyway.

Hmm.  So what could happen (if these *aren't* in registers) is that we
might later uselessly call disable_timeout to get rid of timeouts that
are long gone anyway.  While that's not terribly expensive, it's not
great either.  What we ought to be doing is resetting these two flags
after the disable_all_timeouts call.

Having done that, it wouldn't really be necessary to mark these
as volatile.  I kept that marking anyway for consistency with 
send_ready_for_query, but perhaps we shouldn't?

> I also moved firstchar's declaration inside the loop where it's used, to 
> make it clear that this variable needn't be volatile and is not 
> preserved after longjmp().

Good idea, but then why not the same for input_message?  It's fully
reinitialized each time through the loop, too.

In short, something like the attached, except I'm not totally sold
on changing the volatility of the timeout flags.

regards, tom lane

diff --git a/src/backend/tcop/postgres.c b/src/backend/tcop/postgres.c
index 01b6cc1f7d..d18018671d 100644
--- a/src/backend/tcop/postgres.c
+++ b/src/backend/tcop/postgres.c
@@ -4111,12 +4111,12 @@ PostgresSingleUserMain(int argc, char *argv[],
 void
 PostgresMain(const char *dbname, const char *username)
 {
-	int			firstchar;
-	StringInfoData input_message;
 	sigjmp_buf	local_sigjmp_buf;
+
+	/* these must be volatile to ensure state is preserved across longjmp: */
 	volatile bool send_ready_for_query = true;
-	bool		idle_in_transaction_timeout_enabled = false;
-	bool		idle_session_timeout_enabled = false;
+	volatile bool idle_in_transaction_timeout_enabled = false;
+	volatile bool idle_session_timeout_enabled = false;
 
 	Assert(dbname != NULL);
 	Assert(username != NULL);
@@ -4324,6 +4324,8 @@ PostgresMain(const char *dbname, const char *username)
 		 */
 		disable_all_timeouts(false);
 		QueryCancelPending = false; /* second to avoid race condition */
+		idle_in_transaction_timeout_enabled = false;
+		idle_session_timeout_enabled = false;
 
 		/* Not reading from the client anymore. */
 		DoingCommandRead = false;
@@ -4418,6 +4420,9 @@ PostgresMain(const char *dbname, const char *username)
 
 	for (;;)
 	{
+		int			firstchar;
+		StringInfoData input_message;
+
 		/*
 		 * At top of loop, reset extended-query-message flag, so that any
 		 * errors encountered in "idle" state don't provoke skip.

gcc -Wclobbered in PostgresMain

2023-07-07 Thread Sergey Shinderuk 

Hi, hackers!

While analyzing -Wclobbered warnings from gcc we found a true one in 
PostgresMain():


postgres.c: In function ‘PostgresMain’:
postgres.c:4118:25: warning: variable 
‘idle_in_transaction_timeout_enabled’ might be clobbered by ‘longjmp’ or 
‘vfork’ [-Wclobbered]
 4118 | boolidle_in_transaction_timeout_enabled = 
false;

  | ^~~
postgres.c:4119:25: warning: variable ‘idle_session_timeout_enabled’ 
might be clobbered by ‘longjmp’ or ‘vfork’ [-Wclobbered]

 4119 | boolidle_session_timeout_enabled = false;
  | ^~~~

These variables must be declared volatile, because they are read after 
longjmp(). send_ready_for_query declared there is volatile.


Without volatile, these variables are kept in registers and restored by 
longjump(). I think, this is harmless because the error handling code 
calls disable_all_timeouts() anyway. But strictly speaking the code is 
invoking undefined behavior by reading those variables after longjmp(), 
so it's worth fixing. And for consistency with send_ready_for_query too. 
I believe, making them volatile doesn't affect performance in any way.


I also moved firstchar's declaration inside the loop where it's used, to 
make it clear that this variable needn't be volatile and is not 
preserved after longjmp().


Best regards,

--
Sergey Shinderukhttps://postgrespro.com/diff --git a/src/backend/tcop/postgres.c b/src/backend/tcop/postgres.c
index 01b6cc1f7d3..56d8b0814b5 100644
--- a/src/backend/tcop/postgres.c
+++ b/src/backend/tcop/postgres.c
@@ -4111,12 +4111,11 @@ PostgresSingleUserMain(int argc, char *argv[],
 void
 PostgresMain(const char *dbname, const char *username)
 {
-	int			firstchar;
 	StringInfoData input_message;
 	sigjmp_buf	local_sigjmp_buf;
 	volatile bool send_ready_for_query = true;
-	bool		idle_in_transaction_timeout_enabled = false;
-	bool		idle_session_timeout_enabled = false;
+	volatile bool idle_in_transaction_timeout_enabled = false;
+	volatile bool idle_session_timeout_enabled = false;
 
 	Assert(dbname != NULL);
 	Assert(username != NULL);
@@ -4418,6 +4417,8 @@ PostgresMain(const char *dbname, const char *username)
 
 	for (;;)
 	{
+		int			firstchar;
+
 		/*
 		 * At top of loop, reset extended-query-message flag, so that any
 		 * errors encountered in "idle" state don't provoke skip.