| From: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
|---|---|
| To: | Craig Ringer <craig(at)2ndquadrant(dot)com> |
| Cc: | PostgreSQL Hackers <pgsql-hackers(at)postgresql(dot)org>, Álvaro Herrera <alvherre(at)2ndquadrant(dot)com> |
| Subject: | Re: [PATCH] Detect escape of ErrorContextCallback stack pointers (and from PG_TRY() ) |
| Date: | 2020-09-08 02:56:03 |
| Message-ID: | 1728297.1599533763@sss.pgh.pa.us |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
Craig Ringer <craig(at)2ndquadrant(dot)com> writes:
> Example here:
> https://github.com/ringerc/scrapcode/tree/master/c/clang_return_stack_checks
> So I find that actually, the __attribute__((callback(fn)) approach is
> unnecessary for the purpose proposed.
I tested this by injecting some faults of the described sort.
diff --git a/src/backend/commands/copy.c b/src/backend/commands/copy.c
index db7d24a511..eaf7716816 100644
--- a/src/backend/commands/copy.c
+++ b/src/backend/commands/copy.c
@@ -3025,6 +3025,8 @@ CopyFrom(CopyState cstate)
myslot = CopyMultiInsertInfoNextFreeSlot(&multiInsertInfo,
resultRelInfo);
+ if (!myslot)
+ return 0;
}
/*
leads to
/home/tgl/pgsql/src/backend/commands/copy.c:3029:6: warning: Address of stack memory associated with local variable 'errcallback' is still referred to by the global variable 'error_context_stack' upon returning to the caller. This will be a dangling reference
return 0;
^~~~~~~~
So that's good. However, a similar experiment with returning from inside
a PG_TRY does *not* produce a warning. I suspect maybe the compiler
throws up its hands when it sees sigsetjmp?
(These results from clang 10.0.0 on Fedora 32.)
regards, tom lane
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Kyotaro Horiguchi | 2020-09-08 02:56:29 | Re: Remove page-read callback from XLogReaderState. |
| Previous Message | Fujii Masao | 2020-09-08 02:49:36 | Re: Global snapshots |