From 3a60c8ff892a8242b907f44702bfd9f1ff877d45 Mon Sep 17 00:00:00 2001 From: Tom Lane Date: Sat, 11 Aug 2018 11:11:05 -0400 Subject: [PATCH] Distinguish printf-like functions that support %m from those that don't. The elog/ereport family of functions certainly support the %m format spec, because they implement it "by hand". But elsewhere we have printf wrappers that might or might not allow it depending on whether the platform's printf does. (Most non-glibc versions don't, and notably, src/port/snprintf.c doesn't.) Hence, rather than using the gnu_printf format archetype interchangeably for all these functions, use it only for elog/ereport. This will allow us to get compiler warnings for mistakes like the ones fixed in commit a13b47a59, at least on platforms where printf doesn't take %m and gcc is correctly configured to know it. (Unfortunately, that won't happen on Linux, nor on macOS according to my testing. It remains to be seen what the buildfarm's gcc-on-Windows animals will think of this, but we may well have to rely on less-popular platforms to warn us about unportable code of this kind.) Discussion: https://postgr.es/m/2975.1526862605@sss.pgh.pa.us --- config/c-compiler.m4 | 14 +++++++------- configure | 6 +++--- src/include/c.h | 6 +++++- src/include/pg_config.h.in | 4 ++-- src/include/utils/elog.h | 30 +++++++++++++++--------------- 5 files changed, 32 insertions(+), 28 deletions(-) diff --git a/config/c-compiler.m4 b/config/c-compiler.m4 index 9731a517de..dfcc1c6600 100644 --- a/config/c-compiler.m4 +++ b/config/c-compiler.m4 @@ -19,12 +19,12 @@ fi])# PGAC_C_SIGNED # PGAC_C_PRINTF_ARCHETYPE # ----------------------- -# Set the format archetype used by gcc to check printf type functions. We -# prefer "gnu_printf", which includes what glibc uses, such as %m for error -# strings and %lld for 64 bit long longs. GCC 4.4 introduced it. It makes a -# dramatic difference on Windows. +# Set the format archetype used by gcc to check elog/ereport functions. +# This should accept %m, whether or not the platform's printf does. +# We use "gnu_printf" if possible, which does that, although in some cases +# it might do more than we could wish. AC_DEFUN([PGAC_PRINTF_ARCHETYPE], -[AC_CACHE_CHECK([for printf format archetype], pgac_cv_printf_archetype, +[AC_CACHE_CHECK([for printf format archetype for %m], pgac_cv_printf_archetype, [ac_save_c_werror_flag=$ac_c_werror_flag ac_c_werror_flag=yes AC_COMPILE_IFELSE([AC_LANG_PROGRAM( @@ -34,8 +34,8 @@ __attribute__((format(gnu_printf, 2, 3)));], [])], [pgac_cv_printf_archetype=gnu_printf], [pgac_cv_printf_archetype=printf]) ac_c_werror_flag=$ac_save_c_werror_flag]) -AC_DEFINE_UNQUOTED([PG_PRINTF_ATTRIBUTE], [$pgac_cv_printf_archetype], - [Define to gnu_printf if compiler supports it, else printf.]) +AC_DEFINE_UNQUOTED([PG_PRINTF_ATTRIBUTE_M], [$pgac_cv_printf_archetype], + [Define as a format archetype that accepts %m, if available, else printf.]) ])# PGAC_PRINTF_ARCHETYPE diff --git a/configure b/configure index 26652133d5..5f8ec55837 100755 --- a/configure +++ b/configure @@ -13362,8 +13362,8 @@ _ACEOF ;; esac -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for printf format archetype" >&5 -$as_echo_n "checking for printf format archetype... " >&6; } +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for printf format archetype for %m" >&5 +$as_echo_n "checking for printf format archetype for %m... " >&6; } if ${pgac_cv_printf_archetype+:} false; then : $as_echo_n "(cached) " >&6 else @@ -13394,7 +13394,7 @@ fi $as_echo "$pgac_cv_printf_archetype" >&6; } cat >>confdefs.h <<_ACEOF -#define PG_PRINTF_ATTRIBUTE $pgac_cv_printf_archetype +#define PG_PRINTF_ATTRIBUTE_M $pgac_cv_printf_archetype _ACEOF diff --git a/src/include/c.h b/src/include/c.h index 1e50103095..0a4757e29f 100644 --- a/src/include/c.h +++ b/src/include/c.h @@ -126,10 +126,14 @@ /* GCC and XLC support format attributes */ #if defined(__GNUC__) || defined(__IBMC__) #define pg_attribute_format_arg(a) __attribute__((format_arg(a))) -#define pg_attribute_printf(f,a) __attribute__((format(PG_PRINTF_ATTRIBUTE, f, a))) +/* Use for functions wrapping stdio's printf, which often doesn't take %m: */ +#define pg_attribute_printf(f,a) __attribute__((format(printf, f, a))) +/* Use for elog/ereport, which implement %m for themselves: */ +#define pg_attribute_printf_m(f,a) __attribute__((format(PG_PRINTF_ATTRIBUTE_M, f, a))) #else #define pg_attribute_format_arg(a) #define pg_attribute_printf(f,a) +#define pg_attribute_printf_m(f,a) #endif /* GCC, Sunpro and XLC support aligned, packed and noreturn */ diff --git a/src/include/pg_config.h.in b/src/include/pg_config.h.in index b7e469670f..05775a3405 100644 --- a/src/include/pg_config.h.in +++ b/src/include/pg_config.h.in @@ -809,8 +809,8 @@ /* PostgreSQL major version as a string */ #undef PG_MAJORVERSION -/* Define to gnu_printf if compiler supports it, else printf. */ -#undef PG_PRINTF_ATTRIBUTE +/* Define as a format archetype that accepts %m, if available, else printf. */ +#undef PG_PRINTF_ATTRIBUTE_M /* PostgreSQL version as a string */ #undef PG_VERSION diff --git a/src/include/utils/elog.h b/src/include/utils/elog.h index 7a9ba7f2ff..4f4091d8cc 100644 --- a/src/include/utils/elog.h +++ b/src/include/utils/elog.h @@ -133,25 +133,25 @@ extern int errcode(int sqlerrcode); extern int errcode_for_file_access(void); extern int errcode_for_socket_access(void); -extern int errmsg(const char *fmt,...) pg_attribute_printf(1, 2); -extern int errmsg_internal(const char *fmt,...) pg_attribute_printf(1, 2); +extern int errmsg(const char *fmt,...) pg_attribute_printf_m(1, 2); +extern int errmsg_internal(const char *fmt,...) pg_attribute_printf_m(1, 2); extern int errmsg_plural(const char *fmt_singular, const char *fmt_plural, - unsigned long n,...) pg_attribute_printf(1, 4) pg_attribute_printf(2, 4); + unsigned long n,...) pg_attribute_printf_m(1, 4) pg_attribute_printf_m(2, 4); -extern int errdetail(const char *fmt,...) pg_attribute_printf(1, 2); -extern int errdetail_internal(const char *fmt,...) pg_attribute_printf(1, 2); +extern int errdetail(const char *fmt,...) pg_attribute_printf_m(1, 2); +extern int errdetail_internal(const char *fmt,...) pg_attribute_printf_m(1, 2); -extern int errdetail_log(const char *fmt,...) pg_attribute_printf(1, 2); +extern int errdetail_log(const char *fmt,...) pg_attribute_printf_m(1, 2); extern int errdetail_log_plural(const char *fmt_singular, const char *fmt_plural, - unsigned long n,...) pg_attribute_printf(1, 4) pg_attribute_printf(2, 4); + unsigned long n,...) pg_attribute_printf_m(1, 4) pg_attribute_printf_m(2, 4); extern int errdetail_plural(const char *fmt_singular, const char *fmt_plural, - unsigned long n,...) pg_attribute_printf(1, 4) pg_attribute_printf(2, 4); + unsigned long n,...) pg_attribute_printf_m(1, 4) pg_attribute_printf_m(2, 4); -extern int errhint(const char *fmt,...) pg_attribute_printf(1, 2); +extern int errhint(const char *fmt,...) pg_attribute_printf_m(1, 2); /* * errcontext() is typically called in error context callback functions, not @@ -165,7 +165,7 @@ extern int errhint(const char *fmt,...) pg_attribute_printf(1, 2); extern int set_errcontext_domain(const char *domain); -extern int errcontext_msg(const char *fmt,...) pg_attribute_printf(1, 2); +extern int errcontext_msg(const char *fmt,...) pg_attribute_printf_m(1, 2); extern int errhidestmt(bool hide_stmt); extern int errhidecontext(bool hide_ctx); @@ -222,13 +222,13 @@ extern int getinternalerrposition(void); #endif /* HAVE__VA_ARGS */ extern void elog_start(const char *filename, int lineno, const char *funcname); -extern void elog_finish(int elevel, const char *fmt,...) pg_attribute_printf(2, 3); +extern void elog_finish(int elevel, const char *fmt,...) pg_attribute_printf_m(2, 3); /* Support for constructing error strings separately from ereport() calls */ extern void pre_format_elog_string(int errnumber, const char *domain); -extern char *format_elog_string(const char *fmt,...) pg_attribute_printf(1, 2); +extern char *format_elog_string(const char *fmt,...) pg_attribute_printf_m(1, 2); /* Support for attaching context information to error reports */ @@ -407,9 +407,9 @@ extern void set_syslog_parameters(const char *ident, int facility); #endif /* - * Write errors to stderr (or by equal means when stderr is - * not available). Used before ereport/elog can be used - * safely (memory context, GUC load etc) + * Write errors to stderr (or by comparable means when stderr is not + * available). Used before ereport/elog can be used safely (memory context, + * GUC load etc). Note that this does *not* accept "%m". */ extern void write_stderr(const char *fmt,...) pg_attribute_printf(1, 2); -- 2.40.0