| From: | Greg Stark <gsstark(at)mit(dot)edu> |
|---|---|
| To: | Alvaro Herrera <alvherre(at)commandprompt(dot)com> |
| Cc: | Neil Conway <neilc(at)samurai(dot)com>, Andreas Pflug <pgadmin(at)pse-consulting(dot)de>, ben(at)coverity(dot)com, pgsql-hackers(at)postgresql(dot)org |
| Subject: | Re: Coverity Open Source Defect Scan of PostgreSQL |
| Date: | 2006-03-07 22:10:44 |
| Message-ID: | 87ek1doqhn.fsf@stark.xeocode.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
Alvaro Herrera <alvherre(at)commandprompt(dot)com> writes:
> but they do make the mistake of not noticing that ereport(ERROR)
> does not continue execution.
There is a way in gcc to indicate that a function never returns. But in
Postgres it's a bit weird since elog()/ereport() sometimes return and
sometimes don't. Perhaps it would be better to make the forms that don't
return separate functions. Then hopefully they can be marked to not trigger
these kinds of warnings.
> We all know that this is not a bug. There are lots of these, as you can
> imagine.
>
> There are lots of other "not a bugs". For example in initdb, there is a
> lot of noise about how we don't free the resources.
Presumably the reason they don't immediately release the reports is for fear
of security holes revealed. Once somebody has checked the errors and checked
for any exploitable holes would it be possible to just open access to anyone
so mere mortals can clean up the mundane bugs?
--
greg
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Martijn van Oosterhout | 2006-03-07 22:22:32 | Re: Coverity Open Source Defect Scan of PostgreSQL |
| Previous Message | Tom Lane | 2006-03-07 19:08:37 | Re: problem with large maintenance_work_mem settings and |