Tuesday, July 24, 2018

Safe programming in PL/pgSQL

PL/pgSQL is verbose practical language based on Oracle's PL/SQL, that is based on years ago very popular programming language ADA. ADA language is pretty strong nice language used now mostly in critical software. Still ADA is widely used, but only few people who uses PL/SQL knows, so they use ADA (with only few modifications).

Unfortunately not all on PL/pgSQL is great. Some language features can hides some begginer's issues. These features are active by default, and cannot be disabled due possible compatibility break. There was a ideas about new PL/pgSQL2 language design. I agree with some these ideas, but I was strongly against forking main language for stored procedures in Postgres. It was based on not good common experience with Perl6 and Python3. Although I believe so the switch can be more gently in PostgreSQL, due different technology, fork of language raise some fears about support custom code in future, and there should be really strong arguments for this change.

More - almost all issues in PL/pgSQL code can detect plpgsql_check - . It is really strong tool, and a usage is very simple. Now, some checks has PL/pgSQL self. Tomáš Vondra committed my patch with extra checks for common issues in PL/pgSQL. These checks can raise warning or error (it is configurable).

New checks are related to assign query result to variables. Sometimes, the query can returns more rows (only first rows is used,but it can be unexpected row). Sometimes query returns too less columns and some variables are setted to NULL, or in different case, when query returns more columns, then some values can be ignored. Usually this is bug, but in default settings - no warning is raised. PL/pgSQL is too tolerant.

With new extra checks these issues can be simply detected:
set plpgsql.extra_warnings to 'too_many_rows';
do $$
declare x int;
begin
  select v from generate_series(1,2) g(v) into x;
end;
$$;
WARNING:  query returned more than one row
HINT:  Make sure the query returns a single row, or use LIMIT 1
 
set plpgsql.extra_warnings to 'strict_multi_assignment';
do $$
declare
  x int;
  y int;
begin
  select 1 into x, y;
  select 1,2 into x, y;
  select 1,2,3 into x, y;
end
$$;
WARNING:  number of source and target fields in assignment do not match
DETAIL:  strict_multi_assignment check of extra_warnings is active.
HINT:  Make sure the query returns the exact list of columns.
WARNING:  number of source and target fields in assignment do not match
DETAIL:  strict_multi_assignment check of extra_warnings is active.
HINT:  Make sure the query returns the exact list of columns.

Attention: too_many_rows detect when result has more than one row. It doesn't detect situation, when result is empty. Don't forget check auto variable NOT_FOUND after any SELECT INTO.

Use these extra check or use plpgsql_check.

3 Comments:

At July 25, 2018 at 1:39 AM , Anonymous Luca Ferrari said...

Great!
Are these extra checks to be backported to PG 11 or will be available only on 12?

 
At July 26, 2018 at 11:11 AM , Blogger Unknown said...

Niceee, thanks for tour work

 
At July 31, 2018 at 12:41 AM , Blogger Pavel Stěhule said...

@Luca Ferrari - these checks are only in 12 and higher. PostgreSQL never backport features. Only bugfixes are backported.

 

Post a Comment

Subscribe to Post Comments [Atom]

<< Home