server: the util/pretty code is incorrectly exposed through user-facing features #91197
Comments
knz
added
C-bug
|
Additionally, this code in server/combined_statement_stats.go: query = fmt.Sprintf(
`SELECT prettify_statement($1, %d, %d, %d)`,
tree.ConsoleLineWidth, tree.PrettyNoAlign, tree.UpperCase)
row, ⊙ = ie.QueryRowEx(⋄, "combined-stmts-details-format-query", ∅,
sessiondata.InternalExecutorOverride{
User: username.NodeUserName(),
}, query, args…)can be simplified to just a call to the Go function |
|
@knz the example above can't use the I'll leave the improvements of the function to the queries team |
Previously, we were using `PrettyAlignAndDeindent` parameter option for the usage of `prettify_statement` on statement details endpoint and insights details endpoints, which was subjected to a quadratic explosion. This commit updates those uses to parameter `PrettyAlignOnly` (1). Part Of cockroachdb#91197 Release note: None
You ought to be able to use |
|
Oh, I don't know what I'm talking about, cockroach/pkg/sql/sem/builtins/builtins.go Lines 10026 to 10040 in 08b815b |
|
if you know there's just 1 stmt, |
|
Options:
Since I do want different parameters than the default (I want different value for the line width and I do want some alignment. and not the |
You do not need the SQL function for that. You can do this: cfg := tree.DefaultPrettyCfg()
cfg.XX = YY
cfg.ZZ = WW
cfg.Pretty(<yourstmt>)let's avoid the layers of indirections through SQL executor which are not needed here. |
Previously, we were using `PrettyAlignAndDeindent` parameter option for the usage of `prettify_statement` on statement details endpoint and insights details endpoints, which was subjected to a quadratic explosion. This commit updates those uses to parameter `PrettyAlignOnly` (1) on sql api and changes the statement details endpoint to use the Go function of Pretty instead, so it doesn't required a SQL connection/execution. Part Of cockroachdb#91197 Release note: None
Previously, we were using `PrettyAlignAndDeindent` parameter option for the usage of `prettify_statement` on statement details endpoint and insights details endpoints, which was subjected to a quadratic explosion. This commit updates those uses to parameter `PrettyAlignOnly` (1) on sql api and changes the statement details endpoint to use the Go function of Pretty instead, so it doesn't required a SQL connection/execution. Part Of cockroachdb#91197 Release note: None
91214: server, ui: update prettify parameter r=maryliag a=maryliag Previously, we were using `PrettyAlignAndDeindent` parameter option for the usage of `prettify_statement` on statement details endpoint and insights details endpoints, which was subjected to a quadratic explosion. This commit updates those uses to parameter `PrettyAlignOnly` (1) on sql api and changes the statement details endpoint to use the Go function of Pretty instead, so it doesn't required a SQL connection/execution. Part Of #91197 Release note: None 91438: server, sql: version gate idx recs in persisted stats iterator, status server r=ericharmeling a=ericharmeling Fixes #91346. This PR version gates the persisted stats iterator and status server statement details queries. Release note: None Co-authored-by: maryliag <[email protected]> Co-authored-by: Eric Harmeling <[email protected]>
Previously, we were using `PrettyAlignAndDeindent` parameter option for the usage of `prettify_statement` on statement details endpoint and insights details endpoints, which was subjected to a quadratic explosion. This commit updates those uses to parameter `PrettyAlignOnly` (1) on sql api and changes the statement details endpoint to use the Go function of Pretty instead, so it doesn't required a SQL connection/execution. Part Of #91197 Release note: None
|
Is there any urgent action needed from SQL Queries for this issue? Drew mentions that we may want to limit the number of rows returned |
Even without the exponential blowup, it looks like this usage can cause stack overflows when collecting statement diagnostics bundles on queries with very large CREATE TABLE foo (id INT PRIMARY KEY, v STRING);
SELECT crdb_internal.request_statement_bundle('SELECT * FROM foo WHERE id IN (_, _, __more1000_plus__)', 0.0, '0', '0');
SELECT * FROM foo WHERE id IN (0, 1, 2, 3, ..., 999998, 999999);Here's a demonstration using python: |
Unfortunately this came up in practice (see link above) so at least somewhat realistic. |
|
Making this better will be a non-trivial programming exercise. The power of the current framework comes directly from the conciseness of the rendering functions. Making this better by adding an extra mandatory argument (to count the call depth), or even worse by attempting to "flatten" the control flow by moving the recursion to a loop, would make the code unmaintainable and unextensible. My recommendation here would be to use code generation. Implement the rules in some kind of DSL then auto-generate the recursive code with the extra counting data structure passed explicitly by the code generator. |
This commit reduces the chance of a stack overflow from recursive calls of `*beExec.be`. The `Pretty` function will now return an internal error if the recursive depth of `be` surpasses 100,000. While still an internal error, this is preferable to a stack overflow which will crash the process. Informs cockroachdb#91197 Release note: None
|
I've also created #110375 because I don't believe we strictly need to pretty-print statements in statement bundles. |
This commit reduces the chance of a stack overflow from recursive calls of `*beExec.be`. The `Pretty` function will now return an internal error if the recursive depth of `be` surpasses 100,000. While still an internal error, this is preferable to a stack overflow which will crash the process. Informs cockroachdb#91197 Release note: None
This commit reduces the chance of a stack overflow from recursive calls of `*beExec.be`. The `Pretty` function will now return an internal error if the recursive depth of `be` surpasses 10,000. Informs cockroachdb#91197 Release note: None
This commit reduces the chance of a stack overflow from recursive calls of `*beExec.be`. The `Pretty` function will now return an internal error if the recursive depth of `be` surpasses 10,000. Informs cockroachdb#91197 Release note: None
This commit reduces the chance of a stack overflow from recursive calls of `*beExec.be`. The `Pretty` function will now return an internal error if the recursive depth of `be` surpasses 10,000. Informs cockroachdb#91197 Release note: None
This commit reduces the chance of a stack overflow from recursive calls of `*beExec.be`. The `Pretty` function will now return an internal error if the recursive depth of `be` surpasses 10,000. Informs cockroachdb#91197 Release note: None
This commit reduces the chance of a stack overflow from recursive calls of `*beExec.be`. The `Pretty` function will now return an internal error if the recursive depth of `be` surpasses 10,000. Informs cockroachdb#91197 Release note: None
This commit reduces the chance of a stack overflow from recursive calls of `*beExec.be`. The `Pretty` function will now return an internal error if the recursive depth of `be` surpasses 10,000. Informs cockroachdb#91197 Release note: None
This commit reduces the chance of a stack overflow from recursive calls of `*beExec.be`. The `Pretty` function will now return an internal error if the recursive depth of `be` surpasses 10,000. Informs cockroachdb#91197 Release note: None
110374: util/pretty: mitigate stack overflows of Pretty r=mgartner a=mgartner #### errorutil: moved kv-specific errors out of errorutil Errors for missing store and node descriptors have been moved from the errorutil package to the kvpb package, because the errorutil package is a low-level package to aid in working with errors in general. It should not contain facilities for creating specific errors as this muddles the package and can lead to import cycles. Release note: None #### errorutil: move SendReport to new sentryutil package The `SendReport` function has been moved out of the errorutil package and into a new sentryutil package. This avoids muddling the errorutil package with a Sentry-specific function, and it breaks errorutil's dependence on `pkg/settings` and `pkg/util/log/logcrash`. Release note: None #### util/pretty: mitigate stack overflows of Pretty This commit reduces the chance of a stack overflow from recursive calls of `*beExec.be`. The `Pretty` function will now return an internal error if the recursive depth of `be` surpasses 10,000. Informs #91197 Release note: None Co-authored-by: Marcus Gartner <[email protected]>
Description
The
util/prettycode was designed for use in one-off commands (like a command line program), not to be served over the network.In particular:
This makes this code profoundly inadequate for inclusion in CRDB in a way that can be triggered by users through an API.
I've already identified the following places where this code is used:
prettify_statement()SQL built-in function, the user can choose the options.prettify_statement(uses PrettyAlignAndDeIndent, subject to quadratic explosion)Expected behavior
prettify_statement()where the user is in control.Jira issue: CRDB-21145
The text was updated successfully, but these errors were encountered: