Skip site navigation (1) Skip section navigation (2)

Proposal for better PQExpBuffer out-of-memory behavior

From: Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>
To: pgsql-hackers(at)postgreSQL(dot)org
Cc: Sam Mason <sam(at)samason(dot)me(dot)uk>
Subject: Proposal for better PQExpBuffer out-of-memory behavior
Date: 2008-11-25 15:33:05
Message-ID: (view raw, whole thread or download thread mbox)
Lists: pgsql-hackers
I've been chewing on the problem described here:

It's not particularly easy to fix without making annoyingly large
changes to the API for PQExpBuffer.  The best idea I have come up
with so far goes like this:

* Upon failure to malloc or realloc the buffer for a PQExpBuffer,
the pqexpbuffer.c code should release whatever buffer it might have
had and set
	data = pointer to empty, statically allocated string
	len = 0
	maxlen = 0
This is distinguishable from the normal non-error case because maxlen
can never be zero in non-error cases.

* All subsequent operations except resetPQExpBuffer will do nothing
to such a PQExpBuffer.  resetPQExpBuffer will attempt to restore the
string to "normal" empty status by allocating a new default-size buffer.

The result of this would be that in cases such as the one exhibited
by Sam Mason, we'd end up with a guaranteed-empty string rather than
one that had had subsections unexpectedly removed.  Also, we could
add out-of-memory checks to callers where it seems important to do so.

The main advantage of this approach is that it avoids making ABI breaks
(such as would occur if we added an error flag field to
PQExpBufferData).  The main disadvantage is the need to add explicit
error checks to callers anyplace we're not satisfied with just letting
the string become empty.

The only alternative that I can think of that avoids the latter
disadvantage is to allow the pqexpbuffer routines to abort on
out-of-memory (ie, printf(stderr) and exit(1)).  This seems pretty
unpleasant though for functions that are part of libpq's infrastructure.
In particular, although we could allow the calling application to
override such behavior via some sort of callback hook function, it's
far from clear what it could do instead without risking bizarre
misbehavior by libpq.


			regards, tom lane


pgsql-hackers by date

Next:From: Tom LaneDate: 2008-11-25 15:50:09
Subject: Re: Brittleness in regression test setup
Previous:From: Alvaro HerreraDate: 2008-11-25 15:27:15
Subject: Re: Brittleness in regression test setup

Privacy Policy | About PostgreSQL
Copyright © 1996-2017 The PostgreSQL Global Development Group