On Sun, Feb 5, 2023 at 6:28 AM Andres Freund <and...@anarazel.de> wrote: > On the other hand, it also just seems risky from a code writing perspective. > It's not immediate obvious that it'd be unsafe to create an on-stack Numeric > by assigning *ptr. But it is.
Well, I think that is pretty obvious: we have lots of things that are essentially variable-length types, and you can't put any of them on the stack. But I do also think that the Numeric situation is messier than some others we have got, and that's partly my fault, and it would be nice to make it better. I do not really know exactly how to do that, though. Our usual pattern is to just have a struct and end with a variable-length array, or alternatively add a comment says "other stuff follows!" at the end of the struct definition, without doing anything that C knows about at all. But here it's more complicated: there's a uint16 value for sure, and then maybe an int16 value, and then some number of NumericDigit values. That "maybe an int16 value" part is not something that C has a built-in way of representing, to my knowledge, which is why we end up with this hackish thing. -- Robert Haas EDB: http://www.enterprisedb.com
