On 2013-01-11 15:52:19 -0500, Tom Lane wrote:
> Andres Freund <andres@2ndquadrant.com> writes:
> > On 2013-01-11 15:05:54 -0500, Tom Lane wrote:
> >> And another thing: what if the elevel argument isn't safe for multiple
> >> evaluation? No such hazard ever existed before these patches, so I'm
> >> not very comfortable with adding one. (Even if all our own code is
> >> safe, there's third-party code to worry about.)
>
> > Hm. I am not really too scared about those dangers I have to admit.
>
> I agree the scenario doesn't seem all that probable, but what scares me
> here is that if we use "__builtin_constant_p(elevel) && (elevel) >= ERROR"
> in some builds, and just "(elevel) >= ERROR" in others, then if there is
> any code with a multiple-evaluation hazard, it is only buggy in the
> latter builds. That's sufficiently nasty that I'm willing to give up
> an optimization that we never had before 9.3 anyway.
Well, why use it at all then and not just rely on
__builtin_unreachable() in any recent gcc (and llvm fwiw) and abort()
otherwise? Then the code is small for anything recent (gcc 4.4 afair)
and always consistently buggy.
Greetings,
Andres Freund
-- Andres Freund http://www.2ndQuadrant.com/PostgreSQL Development, 24x7 Support, Training &
Services