From: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
---|---|
To: | rotten(at)windfish(dot)net |
Cc: | pgsql-bugs(at)postgresql(dot)org |
Subject: | Re: BUG #9202: C Functions crash database too easily |
Date: | 2014-02-13 16:04:37 |
Message-ID: | 4289.1392307477@sss.pgh.pa.us |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-bugs |
rotten(at)windfish(dot)net writes:
> While setting up a third party (commerical) provided C library functions
> I've observed PostgreSQL 9.3.2 to be very sensitive to simple typos.
Coding in C in general is very sensitive to simple typos. Perhaps you
should use some higher-level PL if you find C too uncooperative.
> 2) The same thing happens if you try to create the same function twice:
Hm, that seems odd, since merely creating the function doesn't call it.
But then again, stuff like this suggests that you're abusing something
rather badly:
> 2014-02-12 15:20:45.626 EST mydb [local] postgresWARNING: using index
> "pg_event_trigger_evtname_index" despite IgnoreSystemIndexes
How did IgnoreSystemIndexes come to be set?
> 2014-02-12 15:20:45.627 EST mydb [local] postgresPANIC: function
> "myfunction" already exists with same argument types
Interesting; that should only be an ERROR not a PANIC. I'm guessing
that something in your loadable module left the system thinking it
was in a critical section, which would cause errors to be promoted
to panics like that.
In general it looks like these issues arise from your C code having
tromped on some global variables it shouldn't have. Wild store through
a wrong pointer, perhaps?
> For case (1) I think you shouldn't be able to create a C function without
> the right number of arguments.
I know of no way that we could (portably) infer the number of arguments
a C function expects from looking at the loadable library. Even if we
could, that alone wouldn't be much of a safety improvement. There are
too many other ways to crash things with an incorrect C function.
IME wrong data types and failure to handle null arguments properly
(neither checking for them explicitly, nor marking the function STRICT)
are bigger hazards than wrong-number-of-arguments.
regards, tom lane
From | Date | Subject | |
---|---|---|---|
Next Message | David Johnston | 2014-02-13 16:12:37 | Re: BUG #9198: psql -c 'SET; ...' not working |
Previous Message | David Johnston | 2014-02-13 15:59:20 | Re: BUG #9198: psql -c 'SET; ...' not working |