Обсуждение: BUG #19095: Test if function exit() is used fail when linked static

Поиск
Список
Период
Сортировка

BUG #19095: Test if function exit() is used fail when linked static

От
PG Bug reporting form
Дата:
The following bug has been logged on the website:

Bug reference:      19095
Logged by:          Torsten Rupp
Email address:      torsten.rupp@gmx.net
PostgreSQL version: 15.14
Operating system:   Linux
Description:

Note: occur from version 15.14 or newer.

In src/interfaces/libpq/Makefile is a test if the function "exit()" (or in
general: a function exists with the name part "exit") is used:

libpq-refs-stamp: $(shlib)
ifneq ($(enable_coverage), yes)
ifeq (,$(filter aix solaris,$(PORTNAME)))
        @if nm -A -u $< 2>/dev/null | grep -v __cxa_atexit | grep exit; then
\
                echo 'libpq must not be calling any function which invokes
exit'; exit 1; \
        fi
endif
endif

This test fail if libpq is linked static to an application when e. g.
libcrypto is also linked static into libpq which add indirectly a call to
"pthread_exit()".

Possible fix: exclude pthread_exit(), too (like __cxa_atexit), e.g.:

libpq-refs-stamp: $(shlib)
ifneq ($(enable_coverage), yes)
ifeq (,$(filter aix solaris,$(PORTNAME)))
        @if nm -A -u $< 2>/dev/null | grep -v __cxa_atexit | grep -v
pthread_exit | grep exit; then \
                echo 'libpq must not be calling any function which invokes
exit'; exit 1; \
        fi
endif
endif

Re: BUG #19095: Test if function exit() is used fail when linked static

От
Michael Paquier
Дата:
On Mon, Oct 27, 2025 at 07:56:38AM +0000, PG Bug reporting form wrote:
> This test fail if libpq is linked static to an application when e. g.
> libcrypto is also linked static into libpq which add indirectly a call to
> "pthread_exit()".
>
> Possible fix: exclude pthread_exit(), too (like __cxa_atexit), e.g.:

Previous discussions around this check:
- 936f56988741, with:
https://www.postgresql.org/message-id/CAEhC_BmNGKgj2wKArH2EAU11BsaHYgLnrRFJGRm5Vs8WJzyiQA@mail.gmail.com
- dc227eb82ea8, with:
https://www.postgresql.org/message-id/3128896.1624742969@sss.pgh.pa.us

We have usually used the buildfarm to decide how much restriction we
should put into this one, for good historical reasons because we
should never exit() directly from libpq, like this one:
https://www.postgresql.org/message-id/20210703001639.GB2374652@rfd.leadboat.com

Treating pthread_exit() as an exception sounds like it may be a good
thing anyway: we don't rely on it in the code core.

Now I am not completely sure how much we should care about considering
that any of that as something we need to tweak in the core code.  The
use of static libraries are usually discouraged, because it makes the
handling of package dependencies more complicated if some
sub-libraries need to be upgraded following a CVE-class issue, and
here you are pointing at what looks like a custom static library build
of libcrypto on Linux.

Opinions from others are welcome, mine counts like -0.5.
--
Michael
Вложения