public inbox for [email protected]  
help / color / mirror / Atom feed
From: Daniel Gustafsson <[email protected]>
To: Jacob Champion <[email protected]>
Cc: Tom Lane <[email protected]>
Cc: PostgreSQL Developers <[email protected]>
Subject: Re: jsonapi: scary new warnings with LTO enabled
Date: Sat, 19 Apr 2025 23:15:24 +0200
Message-ID: <[email protected]> (raw)
In-Reply-To: <CAOYmi+mxjW0GhSGPKoOy3TYrFcdTM=5FcUn=u1i7CFhb2303Zg@mail.gmail.com>
References: <[email protected]>
	<[email protected]>
	<[email protected]>
	<[email protected]>
	<[email protected]>
	<CAOYmi+n+DHpaEV5hymhufutTgc+S=+pDQfXEUi4hMAV1eO8aTw@mail.gmail.com>
	<[email protected]>
	<[email protected]>
	<[email protected]>
	<CAOYmi+mxjW0GhSGPKoOy3TYrFcdTM=5FcUn=u1i7CFhb2303Zg@mail.gmail.com>

> On 17 Apr 2025, at 17:48, Jacob Champion <[email protected]> wrote:
> 
> On Thu, Apr 17, 2025 at 8:20 AM Tom Lane <[email protected]> wrote:
>> I confirm this silences those warnings on my Fedora 41 box.
> 
> Instead of doing
> 
>    lex = calloc(...);
>    /* (error out on NULL return) */
>    makeJsonLexContextCstringLen(lex, ...);
> 
> we need to do
> 
>    lex = makeJsonLexContextCstringLen(NULL, ...);
>    /* (error out on NULL return) */
> 
> so that JSONLEX_FREE_STRUCT is set correctly. Otherwise we'll leak the
> main allocation:

Since there is no way to determine if the allocation succeeded from outside of
the JSON api it might be better to keep the calloc and explicitly free it?

(Could a JsonLexContextBroken() function be useful perhaps?)

--
Daniel Gustafsson



Attachments:

  [application/octet-stream] v2-0001-Allocate-JsonLexContexts-on-the-heap-to-avoid-war.patch (5.5K, ../[email protected]/2-v2-0001-Allocate-JsonLexContexts-on-the-heap-to-avoid-war.patch)
  download | inline diff:
From c3b7d7e78330649fe05c8e5f97626e7eb03d2827 Mon Sep 17 00:00:00 2001
From: Daniel Gustafsson <[email protected]>
Date: Sat, 19 Apr 2025 21:32:40 +0200
Subject: [PATCH v2] Allocate JsonLexContexts on the heap to avoid warnings

The stack allocated JsonLexContexts, in combination with codepaths
using goto, were causing warnings when compiling with LTO enabled
as the optimizer is unable to figure out that is safe.  Rather than
contort the code with workarounds for this simply heap allocate the
structs instead as these are not in any performance critical paths.

Reported-by: Tom Lane <[email protected]>
Reviewed-by: Jacob Champion <[email protected]>
Reviewed-by: Tom Lane <[email protected]>
Discussion: https://postgr.es/m/[email protected]
---
 src/interfaces/libpq/fe-auth-oauth.c          | 24 ++++++++++++++-----
 .../test_json_parser_incremental.c            | 22 ++++++++++-------
 2 files changed, 31 insertions(+), 15 deletions(-)

diff --git a/src/interfaces/libpq/fe-auth-oauth.c b/src/interfaces/libpq/fe-auth-oauth.c
index cf1a25e2ccc..5ebca6a0ef6 100644
--- a/src/interfaces/libpq/fe-auth-oauth.c
+++ b/src/interfaces/libpq/fe-auth-oauth.c
@@ -476,7 +476,7 @@ issuer_from_well_known_uri(PGconn *conn, const char *wkuri)
 static bool
 handle_oauth_sasl_error(PGconn *conn, const char *msg, int msglen)
 {
-	JsonLexContext lex = {0};
+	JsonLexContext *lex;
 	JsonSemAction sem = {0};
 	JsonParseErrorType err;
 	struct json_ctx ctx = {0};
@@ -504,8 +504,19 @@ handle_oauth_sasl_error(PGconn *conn, const char *msg, int msglen)
 		return false;
 	}
 
-	makeJsonLexContextCstringLen(&lex, msg, msglen, PG_UTF8, true);
-	setJsonLexContextOwnsTokens(&lex, true);	/* must not leak on error */
+	/*
+	 * Later error paths need to go via the cleanup label but since ctx hasn't
+	 * been initiated yet we return immediately here.
+	 */
+	lex = calloc(1, sizeof(JsonLexContext));
+	if (!lex)
+	{
+		libpq_append_conn_error(conn, "out of memory");
+		return false;
+	}
+
+	makeJsonLexContextCstringLen(lex, msg, msglen, PG_UTF8, true);
+	setJsonLexContextOwnsTokens(lex, true);	/* must not leak on error */
 
 	initPQExpBuffer(&ctx.errbuf);
 	sem.semstate = &ctx;
@@ -516,7 +527,7 @@ handle_oauth_sasl_error(PGconn *conn, const char *msg, int msglen)
 	sem.array_start = oauth_json_array_start;
 	sem.scalar = oauth_json_scalar;
 
-	err = pg_parse_json(&lex, &sem);
+	err = pg_parse_json(lex, &sem);
 
 	if (err == JSON_SEM_ACTION_FAILED)
 	{
@@ -535,7 +546,7 @@ handle_oauth_sasl_error(PGconn *conn, const char *msg, int msglen)
 		}
 	}
 	else if (err != JSON_SUCCESS)
-		errmsg = json_errdetail(err, &lex);
+		errmsg = json_errdetail(err, lex);
 
 	if (errmsg)
 		libpq_append_conn_error(conn,
@@ -544,7 +555,8 @@ handle_oauth_sasl_error(PGconn *conn, const char *msg, int msglen)
 
 	/* Don't need the error buffer or the JSON lexer anymore. */
 	termPQExpBuffer(&ctx.errbuf);
-	freeJsonLexContext(&lex);
+	freeJsonLexContext(lex);
+	free(lex);
 
 	if (errmsg)
 		goto cleanup;
diff --git a/src/test/modules/test_json_parser/test_json_parser_incremental.c b/src/test/modules/test_json_parser/test_json_parser_incremental.c
index a529ee47e9b..357152e0ae0 100644
--- a/src/test/modules/test_json_parser/test_json_parser_incremental.c
+++ b/src/test/modules/test_json_parser/test_json_parser_incremental.c
@@ -84,7 +84,7 @@ main(int argc, char **argv)
 	char		buff[BUFSIZE];
 	FILE	   *json_file;
 	JsonParseErrorType result;
-	JsonLexContext lex;
+	JsonLexContext *lex;
 	StringInfoData json;
 	int			n_read;
 	size_t		chunk_size = DEFAULT_CHUNK_SIZE;
@@ -98,6 +98,10 @@ main(int argc, char **argv)
 
 	pg_logging_init(argv[0]);
 
+	lex = calloc(1, sizeof(JsonLexContext));
+	if (!lex)
+		pg_fatal("out of memory");
+
 	while ((c = getopt(argc, argv, "c:os")) != -1)
 	{
 		switch (c)
@@ -113,7 +117,7 @@ main(int argc, char **argv)
 			case 's':			/* do semantic processing */
 				testsem = &sem;
 				sem.semstate = palloc(sizeof(struct DoState));
-				((struct DoState *) sem.semstate)->lex = &lex;
+				((struct DoState *) sem.semstate)->lex = lex;
 				((struct DoState *) sem.semstate)->buf = makeStringInfo();
 				need_strings = true;
 				break;
@@ -131,8 +135,8 @@ main(int argc, char **argv)
 		exit(1);
 	}
 
-	makeJsonLexContextIncremental(&lex, PG_UTF8, need_strings);
-	setJsonLexContextOwnsTokens(&lex, lex_owns_tokens);
+	makeJsonLexContextIncremental(lex, PG_UTF8, need_strings);
+	setJsonLexContextOwnsTokens(lex, lex_owns_tokens);
 	initStringInfo(&json);
 
 	if ((json_file = fopen(testfile, PG_BINARY_R)) == NULL)
@@ -165,12 +169,12 @@ main(int argc, char **argv)
 		bytes_left -= n_read;
 		if (bytes_left > 0)
 		{
-			result = pg_parse_json_incremental(&lex, testsem,
+			result = pg_parse_json_incremental(lex, testsem,
 											   json.data, n_read,
 											   false);
 			if (result != JSON_INCOMPLETE)
 			{
-				fprintf(stderr, "%s\n", json_errdetail(result, &lex));
+				fprintf(stderr, "%s\n", json_errdetail(result, lex));
 				ret = 1;
 				goto cleanup;
 			}
@@ -178,12 +182,12 @@ main(int argc, char **argv)
 		}
 		else
 		{
-			result = pg_parse_json_incremental(&lex, testsem,
+			result = pg_parse_json_incremental(lex, testsem,
 											   json.data, n_read,
 											   true);
 			if (result != JSON_SUCCESS)
 			{
-				fprintf(stderr, "%s\n", json_errdetail(result, &lex));
+				fprintf(stderr, "%s\n", json_errdetail(result, lex));
 				ret = 1;
 				goto cleanup;
 			}
@@ -195,7 +199,7 @@ main(int argc, char **argv)
 
 cleanup:
 	fclose(json_file);
-	freeJsonLexContext(&lex);
+	freeJsonLexContext(lex);
 	free(json.data);
 
 	return ret;
-- 
2.39.3 (Apple Git-146)



view thread (9+ messages)  latest in thread

reply

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Reply to all the recipients using the --to and --cc options:
  reply via email

  To: [email protected]
  Cc: [email protected], [email protected], [email protected], [email protected]
  Subject: Re: jsonapi: scary new warnings with LTO enabled
  In-Reply-To: <[email protected]>

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

This inbox is served by agora; see mirroring instructions
for how to clone and mirror all data and code used for this inbox