NotificationsYou must be signed in to change notification settings
Fork6
Star31

Commitef29bb1

committed

Do stack-depth checking in all postmaster children.

We used to only initialize the stack base pointer when starting up a regularbackend, not in other processes. In particular, autovacuum workers can runarbitrary user code, and without stack-depth checking, infinite recursionin e.g an index expression will bring down the whole cluster.The comment about PL/Java using set_stack_base() is not yet true. As thecode stands, PL/java still modifies the stack_base_ptr variable directly.However, it's been discussed in the PL/Java mailing list that it should bechanged to use the function, because PL/Java is currently oblivious to theregister stack used on Itanium. There's another issues with PL/Java, namelythat the stack base pointer it sets is not really the base of the stack, itcould be something close to the bottom of the stack. That's a separate issuethat might need some further changes to this code, but that's a differentstory.Backpatch to all supported releases.

1 parent63d8636 commitef29bb1Copy full SHA for ef29bb1

File tree

3 files changed

+76

-8

lines changed

src
- backend
  - postmaster
    - postmaster.c
  - tcop
    - postgres.c
- include
  - miscadmin.h

3 files changed

+76

-8

lines changed

`‎src/backend/postmaster/postmaster.c`

Lines changed: 10 additions & 0 deletions

Original file line number	Diff line number	Diff line change
`@@ -970,6 +970,11 @@ PostmasterMain(int argc, char *argv[])`
`970`	`970`	`*/`
`971`	`971`	`set_max_safe_fds();`
`972`	`972`
	`973`	`+/*`
	`974`	`+ * Set reference point for stack-depth checking.`
	`975`	`+ */`
	`976`	`+set_stack_base();`
	`977`	`+`
`973`	`978`	`/*`
`974`	`979`	`* Initialize the list of active backends.`
`975`	`980`	`*/`
`@@ -3990,6 +3995,11 @@ SubPostmasterMain(int argc, char *argv[])`
`3990`	`3995`	`memset(&port,0,sizeof(Port));`
`3991`	`3996`	`read_backend_variables(argv[2],&port);`
`3992`	`3997`
	`3998`	`+/*`
	`3999`	`+ * Set reference point for stack-depth checking`
	`4000`	`+ */`
	`4001`	`+set_stack_base();`
	`4002`	`+`
`3993`	`4003`	`/*`
`3994`	`4004`	`* Set up memory area for GSS information. Mirrors the code in ConnCreate`
`3995`	`4005`	`* for the non-exec case.`

`‎src/backend/tcop/postgres.c`

Lines changed: 53 additions & 8 deletions

Original file line number	Diff line number	Diff line change
`@@ -114,8 +114,10 @@ intPostAuthDelay = 0;`
`114`	`114`	`staticlongmax_stack_depth_bytes=100*1024L;`
`115`	`115`
`116`	`116`	`/*`
`117`		`- * Stack base pointer -- initialized by PostgresMain. This is not static`
`118`		`- * so that PL/Java can modify it.`
	`117`	`+ * Stack base pointer -- initialized by PostmasterMain and inherited by`
	`118`	`+ * subprocesses. This is not static because old versions of PL/Java modify`
	`119`	`+ * it directly. Newer versions use set_stack_base(), but we want to stay`
	`120`	`+ * binary-compatible for the time being.`
`119`	`121`	`*/`
`120`	`122`	`char*stack_base_ptr=NULL;`
`121`	`123`
`@@ -3002,6 +3004,53 @@ ia64_get_bsp(void)`
`3002`	`3004`	`#endif/* IA64 */`
`3003`	`3005`
`3004`	`3006`
	`3007`	`+/*`
	`3008`	`+ * set_stack_base: set up reference point for stack depth checking`
	`3009`	`+ *`
	`3010`	`+ * Returns the old reference point, if any.`
	`3011`	`+ */`
	`3012`	`+pg_stack_base_t`
	`3013`	`+set_stack_base(void)`
	`3014`	`+{`
	`3015`	`+charstack_base;`
	`3016`	`+pg_stack_base_told;`
	`3017`	`+`
	`3018`	`+#if defined(__ia64__)\|\| defined(__ia64)`
	`3019`	`+old.stack_base_ptr=stack_base_ptr;`
	`3020`	`+old.register_stack_base_ptr=register_stack_base_ptr;`
	`3021`	`+#else`
	`3022`	`+old=stack_base_ptr;`
	`3023`	`+#endif`
	`3024`	`+`
	`3025`	`+/* Set up reference point for stack depth checking */`
	`3026`	`+stack_base_ptr=&stack_base;`
	`3027`	`+#if defined(__ia64__)\|\| defined(__ia64)`
	`3028`	`+register_stack_base_ptr=ia64_get_bsp();`
	`3029`	`+#endif`
	`3030`	`+`
	`3031`	`+returnold;`
	`3032`	`+}`
	`3033`	`+`
	`3034`	`+/*`
	`3035`	`+ * restore_stack_base: restore reference point for stack depth checking`
	`3036`	`+ *`
	`3037`	`+ * This can be used after set_stack_base() to restore the old value. This`
	`3038`	`+ * is currently only used in PL/Java. When PL/Java calls a backend function`
	`3039`	`+ * from different thread, the thread's stack is at a different location than`
	`3040`	`+ * the main thread's stack, so it sets the base pointer before the call, and`
	`3041`	`+ * restores it afterwards.`
	`3042`	`+ */`
	`3043`	`+void`
	`3044`	`+restore_stack_base(pg_stack_base_tbase)`
	`3045`	`+{`
	`3046`	`+#if defined(__ia64__)\|\| defined(__ia64)`
	`3047`	`+stack_base_ptr=base.stack_base_ptr;`
	`3048`	`+register_stack_base_ptr=base.register_stack_base_ptr;`
	`3049`	`+#else`
	`3050`	`+stack_base_ptr=base;`
	`3051`	`+#endif`
	`3052`	`+}`
	`3053`	`+`
`3005`	`3054`	`/*`
`3006`	`3055`	`* check_stack_depth: check for excessively deep recursion`
`3007`	`3056`	`*`
`@@ -3017,7 +3066,7 @@ check_stack_depth(void)`
`3017`	`3066`	`longstack_depth;`
`3018`	`3067`
`3019`	`3068`	`/*`
`3020`		`- * Compute distance fromPostgresMain's local variables to myown`
	`3069`	`+ * Compute distance fromreference point to to mylocal variables`
`3021`	`3070`	`*/`
`3022`	`3071`	`stack_depth= (long) (stack_base_ptr-&stack_top_loc);`
`3023`	`3072`
`@@ -3459,7 +3508,6 @@ PostgresMain(int argc, char argv[], const char username)`
`3459`	`3508`	`{`
`3460`	`3509`	`constchar*dbname;`
`3461`	`3510`	`intfirstchar;`
`3462`		`-charstack_base;`
`3463`	`3511`	`StringInfoDatainput_message;`
`3464`	`3512`	`sigjmp_buflocal_sigjmp_buf;`
`3465`	`3513`	`volatileboolsend_ready_for_query= true;`
`@@ -3486,10 +3534,7 @@ PostgresMain(int argc, char argv[], const char username)`
`3486`	`3534`	`SetProcessingMode(InitProcessing);`
`3487`	`3535`
`3488`	`3536`	`/* Set up reference point for stack depth checking */`
`3489`		`-stack_base_ptr=&stack_base;`
`3490`		`-#if defined(__ia64__)\|\| defined(__ia64)`
`3491`		`-register_stack_base_ptr=ia64_get_bsp();`
`3492`		`-#endif`
	`3537`	`+set_stack_base();`
`3493`	`3538`
`3494`	`3539`	`/* Compute paths, if we didn't inherit them from postmaster */`
`3495`	`3540`	`if (my_exec_path[0]=='\0')`

`‎src/include/miscadmin.h`

Lines changed: 13 additions & 0 deletions

Original file line number	Diff line number	Diff line change
`@@ -235,6 +235,19 @@ extern bool VacuumCostActive;`
`235`	`235`
`236`	`236`
`237`	`237`	`/* in tcop/postgres.c */`
	`238`	`+`
	`239`	`+#if defined(__ia64__)\|\| defined(__ia64)`
	`240`	`+typedefstruct`
	`241`	`+{`
	`242`	`+char*stack_base_ptr;`
	`243`	`+char*register_stack_base_ptr;`
	`244`	`+}pg_stack_base_t;`
	`245`	`+#else`
	`246`	`+typedefchar*pg_stack_base_t;`
	`247`	`+#endif`
	`248`	`+`
	`249`	`+externpg_stack_base_tset_stack_base(void);`
	`250`	`+externvoidrestore_stack_base(pg_stack_base_tbase);`
`238`	`251`	`externvoidcheck_stack_depth(void);`
`239`	`252`
`240`	`253`	`/* in tcop/utility.c */`

0 commit comments

Comments

(0)

Movatterモバイル変換

Navigation Menu

Search code, repositories, users, issues, pull requests...

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Commitef29bb1

File tree

3 files changed

3 files changed

`‎src/backend/postmaster/postmaster.c`

`‎src/backend/tcop/postgres.c`

`‎src/include/miscadmin.h`

0 commit comments