NotificationsYou must be signed in to change notification settings
Fork6
Star31

Commita2a8acd

committed

Produce compiler errors if errno is referenced inside elog/ereport calls.

It's often unsafe to reference errno within an elog/ereport call, becausethere are a lot of sub-functions involved and they might not all preserveerrno. (This is why we support the %m format spec: it works off a valueof errno captured before we execute any potentially-unsafe functions inthe arguments.) Therefore, we have a project policy not to use errnothere.This patch adds a hack to cause an (admittedly obscure) compiler errorfor such unsafe usages. With the current code, the error will only be seenon Linux, macOS, and FreeBSD, but that should certainly be enough to catchmistakes in the buildfarm if they somehow get missed earlier.In addition, fix some places in src/common/exec.c that trip the error.I think these places are actually all safe, but it's simple enough toavoid the error by capturing errno manually, and doing so is goodfuture-proofing in case these call sites get any more complicated.Thomas Munro (exec.c fixes by me)Discussion:https://postgr.es/m/2975.1526862605@sss.pgh.pa.us

1 parent3a60c8f commita2a8acdCopy full SHA for a2a8acd

File tree

2 files changed

+42

-6

lines changed

src
- common
  - exec.c
- include/utils
  - elog.h

2 files changed

+42

-6

lines changed

`‎src/common/exec.c`

Lines changed: 21 additions & 6 deletions

Original file line number	Diff line number	Diff line change
`@@ -124,8 +124,10 @@ find_my_exec(const char argv0, char retpath)`
`124`	`124`
`125`	`125`	`if (!getcwd(cwd,MAXPGPATH))`
`126`	`126`	`{`
	`127`	`+intsave_errno=errno;`
	`128`	`+`
`127`	`129`	`log_error(_("could not identify current directory: %s"),`
`128`		`-strerror(errno));`
	`130`	`+strerror(save_errno));`
`129`	`131`	`return-1;`
`130`	`132`	`}`
`131`	`133`
`@@ -238,8 +240,10 @@ resolve_symlinks(char *path)`
`238`	`240`	`*/`
`239`	`241`	`if (!getcwd(orig_wd,MAXPGPATH))`
`240`	`242`	`{`
	`243`	`+intsave_errno=errno;`
	`244`	`+`
`241`	`245`	`log_error(_("could not identify current directory: %s"),`
`242`		`-strerror(errno));`
	`246`	`+strerror(save_errno));`
`243`	`247`	`return-1;`
`244`	`248`	`}`
`245`	`249`
`@@ -254,7 +258,10 @@ resolve_symlinks(char *path)`
`254`	`258`	`*lsep='\0';`
`255`	`259`	`if (chdir(path)==-1)`
`256`	`260`	`{`
`257`		`-log_error4(_("could not change directory to \"%s\": %s"),path,strerror(errno));`
	`261`	`+intsave_errno=errno;`
	`262`	`+`
	`263`	`+log_error4(_("could not change directory to \"%s\": %s"),`
	`264`	`+path,strerror(save_errno));`
`258`	`265`	`return-1;`
`259`	`266`	`}`
`260`	`267`	`fname=lsep+1;`
`@@ -281,16 +288,21 @@ resolve_symlinks(char *path)`
`281`	`288`
`282`	`289`	`if (!getcwd(path,MAXPGPATH))`
`283`	`290`	`{`
	`291`	`+intsave_errno=errno;`
	`292`	`+`
`284`	`293`	`log_error(_("could not identify current directory: %s"),`
`285`		`-strerror(errno));`
	`294`	`+strerror(save_errno));`
`286`	`295`	`return-1;`
`287`	`296`	`}`
`288`	`297`	`join_path_components(path,path,link_buf);`
`289`	`298`	`canonicalize_path(path);`
`290`	`299`
`291`	`300`	`if (chdir(orig_wd)==-1)`
`292`	`301`	`{`
`293`		`-log_error4(_("could not change directory to \"%s\": %s"),orig_wd,strerror(errno));`
	`302`	`+intsave_errno=errno;`
	`303`	`+`
	`304`	`+log_error4(_("could not change directory to \"%s\": %s"),`
	`305`	`+orig_wd,strerror(save_errno));`
`294`	`306`	`return-1;`
`295`	`307`	`}`
`296`	`308`	`#endif/* HAVE_READLINK */`
`@@ -520,7 +532,10 @@ pclose_check(FILE *stream)`
`520`	`532`	`if (exitstatus==-1)`
`521`	`533`	`{`
`522`	`534`	`/* pclose() itself failed, and hopefully set errno */`
`523`		`-log_error(_("pclose failed: %s"),strerror(errno));`
	`535`	`+intsave_errno=errno;`
	`536`	`+`
	`537`	`+log_error(_("pclose failed: %s"),`
	`538`	`+strerror(save_errno));`
`524`	`539`	`}`
`525`	`540`	`else`
`526`	`541`	`{`

`‎src/include/utils/elog.h`

Lines changed: 21 additions & 0 deletions

Original file line number	Diff line number	Diff line change
`@@ -70,6 +70,23 @@`
`70`	`70`	`/* SQLSTATE codes for errors are defined in a separate file */`
`71`	`71`	`#include"utils/errcodes.h"`
`72`	`72`
	`73`	`+/*`
	`74`	`+ * Provide a way to prevent "errno" from being accidentally used inside an`
	`75`	`+ * elog() or ereport() invocation. Since we know that some operating systems`
	`76`	`+ * define errno as something involving a function call, we'll put a local`
	`77`	`+ * variable of the same name as that function in the local scope to force a`
	`78`	`+ * compile error. On platforms that don't define errno in that way, nothing`
	`79`	`+ * happens, so we get no warning ... but we can live with that as long as it`
	`80`	`+ * happens on some popular platforms.`
	`81`	`+ */`
	`82`	`+#if defined(errno)&& defined(__linux__)`
	`83`	`+#definepg_prevent_errno_in_scope() int __errno_location pg_attribute_unused()`
	`84`	`+#elif defined(errno)&& (defined(__darwin__)\|\| defined(__freebsd__))`
	`85`	`+#definepg_prevent_errno_in_scope() int __error pg_attribute_unused()`
	`86`	`+#else`
	`87`	`+#definepg_prevent_errno_in_scope()`
	`88`	`+#endif`
	`89`	`+`
`73`	`90`
`74`	`91`	`/*----------`
`75`	`92`	`* New-style error reporting API: to be used in this way:`
`@@ -103,6 +120,7 @@`
`103`	`120`	`#ifdefHAVE__BUILTIN_CONSTANT_P`
`104`	`121`	`#defineereport_domain(elevel,domain,rest)\`
`105`	`122`	`do { \`
	`123`	`+pg_prevent_errno_in_scope(); \`
`106`	`124`	`if (errstart(elevel, __FILE__, __LINE__, PG_FUNCNAME_MACRO, domain)) \`
`107`	`125`	`errfinish rest; \`
`108`	`126`	`if (__builtin_constant_p(elevel) && (elevel) >= ERROR) \`
`@@ -112,6 +130,7 @@`
`112`	`130`	`#defineereport_domain(elevel,domain,rest)\`
`113`	`131`	`do { \`
`114`	`132`	`const int elevel_ = (elevel); \`
	`133`	`+pg_prevent_errno_in_scope(); \`
`115`	`134`	`if (errstart(elevel_, __FILE__, __LINE__, PG_FUNCNAME_MACRO, domain)) \`
`116`	`135`	`errfinish rest; \`
`117`	`136`	`if (elevel_ >= ERROR) \`
`@@ -198,6 +217,7 @@ extern intgetinternalerrposition(void);`
`198`	`217`	`#ifdefHAVE__BUILTIN_CONSTANT_P`
`199`	`218`	`#defineelog(elevel, ...) \`
`200`	`219`	`do { \`
	`220`	`+pg_prevent_errno_in_scope(); \`
`201`	`221`	`elog_start(__FILE__, __LINE__, PG_FUNCNAME_MACRO); \`
`202`	`222`	`elog_finish(elevel, __VA_ARGS__); \`
`203`	`223`	`if (__builtin_constant_p(elevel) && (elevel) >= ERROR) \`
`@@ -206,6 +226,7 @@ extern intgetinternalerrposition(void);`
`206`	`226`	`#else/* !HAVE__BUILTIN_CONSTANT_P */`
`207`	`227`	`#defineelog(elevel, ...) \`
`208`	`228`	`do { \`
	`229`	`+pg_prevent_errno_in_scope(); \`
`209`	`230`	`elog_start(__FILE__, __LINE__, PG_FUNCNAME_MACRO); \`
`210`	`231`	`{ \`
`211`	`232`	`const int elevel_ = (elevel); \`

0 commit comments

Comments

(0)

Movatterモバイル変換

Navigation Menu

Search code, repositories, users, issues, pull requests...

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Commita2a8acd

File tree

2 files changed

2 files changed

`‎src/common/exec.c`

`‎src/include/utils/elog.h`

0 commit comments