[postmodern-devel] [patch] Erratic behavior when NIL password is given

J.P. Larocque jpl at thoughtcrime.us
Tue Apr 6 14:40:34 UTC 2010 

Hi,

I usually use host-based authentication with ident to connect to
PostgreSQL from trusted machines, so I've been specifying a password
of NIL for a long time.  However, when passwordless authentication
fails and NIL is given as a password, POSTMODERN:CONNECT will behave
erratically.

In my case, the symptoms are:

  * SBCL (Debian 1:1.0.18.0-2) RAM usage balloons to hundreds of
    megabytes.

  * I get this condition printed, along with a tag-along (obscure and
    what I assume to be) object, for the heck of it:

---8<---8<---
* (postmodern:connect "piranha" "piranha" nil "localhost")
debugger invoked on a TYPE-ERROR in thread #<THREAD "initial thread" RUNNING {1002669C31}>:
  The value NIL is not of type (MOD 1152921504606846975).

Type HELP for debugger help, or (SB-EXT:QUIT) to exit from SBCL.

restarts (invokable by number or by possibly-abbreviated name):
  0: [ABORT] Exit debugger, returning to top level.

(SB-KERNEL:UB32-BASH-COPY
 "piranha"
 0
 ""
 NIL
 7)[:EXTERNAL]
--->8--->8---

That's invoking SBCL on the command-line.  When I use SLIME:

  * SBCL, like a gas, expands to fill all available space
    (e.g. ~1.8GiB before I ran out of RAM+swap and rebooted the
    virtual machine).
  
  * During this time, nothing ever comes back to emacs.
  
  * If I do a SLIME interrupt before the system completely dies, emacs
    takes a while to do anything, then enters the emacs (not SLIME!)
    debugger, and informs me that the "variable binding depth exceeds
    max-specpdl-size" at every available opportunity until I restart
    emacs.

It turns out bad things happen when you optimize for safety 0.  Making
this change:

diff -x'*~' -urN postmodern-1.16/cl-postgres/package.lisp postmodern-1.16-no_opt/cl-postgres/package.lisp
--- postmodern-1.16/cl-postgres/package.lisp    2010-04-02 04:23:24.000000000 -0700
+++ postmodern-1.16-no_opt/cl-postgres/package.lisp     2010-04-06 06:00:47.000000000 -0700
@@ -83,5 +83,5 @@
 (eval-when (:compile-toplevel :load-toplevel :execute)
   ;; Optimization settings (only used by functions that need it).
   (defparameter *optimize*
-    '(optimize (speed 3) (safety 0) (space 1) (debug 1)
+    '(optimize (speed 3) (space 1) (debug 1)
       (compilation-speed 0))))

yields a much more sensible, instantaneous, and non-ballooning:

  The value NIL is not of type STRING.
     [Condition of type TYPE-ERROR]

Of course, bad things also happen when you pass objects of the wrong
type to a function.  (It just never sat well with me to pass a string
password when no password was needed; NIL seemed to make much more
sense, and it worked...)

I've attached a patch to:

  * Check the types of arguments given to CL-POSTGRES:OPEN-DATABASE.
  
  * Update the HTML documentation to describe the expected types of
    arguments to CL-POSTGRES:OPEN-DATABASE and POSTMODERN:CONNECT.
  
  * Update the documentation strings for the above two functions to
    contain the same content as their descriptions in the HTML
    documentation.

I also humbly suggest not optimizing for safety 0.  One of the big
reasons I use CL, and not something like C, is because I value safety:
when one thing breaks, that breakage is self-contained and can be
tracked down due to conditions.  I don't want my Lisp process to go
down like the Hindenburg when one little thing goes wrong.

Thanks for your time,

-- 
J.P. Larocque <jpl at thoughtcrime.us>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: postmodern-1.16-stricter.diff
Type: text/x-diff
Size: 6150 bytes
Desc: not available
URL: <https://mailman.common-lisp.net/pipermail/postmodern-devel/attachments/20100406/ac7bcbbb/attachment.diff>

More information about the postmodern-devel mailing list