Hi,
On 2020-06-03 00:36:34 -0400, Tom Lane wrote:
> Should we think about adding automated detection of this type of
> mistake? I don't like the attached as-is because of the #include
> footprint expansion, but maybe we can find a better way.
I experimented with making the compiler warn about about some of these
kinds of mistakes without needing full test coverage:
I was able to get clang to warn about things like using palloc in signal
handlers, or using palloc while holding a spinlock. Which would be
great, except that it doesn't warn when there's an un-annotated
intermediary function. Even when that function is in the same TU.
Here's my attempt: https://godbolt.org/z/xfa6Es
It does detect things like
spinlock_lock();
example_alloc(17);
spinlock_unlock();
<source>:49:2: warning: cannot call function 'example_alloc' while mutex 'holding_spinlock' is held
[-Wthread-safety-analysis]
example_alloc(17);
^
which isn't too bad.
Does anybody think this would be useful even if it doesn't detect the
more complicated cases?
Greetings,
Andres Freund