Re: [PATCHES] BUG #2704: pg_class.relchecks overflow problem

Toru SHIMOGAKI <shimogaki(dot)toru(at)oss(dot)ntt(dot)co(dot)jp> writes:
> + if (numchecks == 0x7FFF)
> + ereport(ERROR,
> + (errcode(ERRCODE_PROGRAM_LIMIT_EXCEEDED),
> + errmsg("cannot have more than 2^15-1 checks in a table")));

While there's not anything wrong with this proposed patch in itself,
I have to admit that I don't see the point. There are probably
thousands of places in the backend where we increment an integer
value without checking for overflow. Is this one particularly more
likely to occur than other ones, or does it have worse consequences
than other ones? I don't see a security issue here (since the backend
doesn't crash) and I also don't see that this limit is close enough to
real practice to be important to guard against.

It's not that the check imposes any significant addition in code space
or runtime, but what it *would* impose is a nontrivial extra burden on
our message translators. Scale this up by a few hundred or thousand
equally unlikely conditions with their own error messages, and we'd
have a revolt ...

regards, tom lane