Postgres Pro
Downloads
Home   >   mailing lists

Re: casting operand to proper type in BlockIdGetBlockNumber - Mailing list pgsql-hackers

From Tom Lane
Subject Re: casting operand to proper type in BlockIdGetBlockNumber
Date
Msg-id 3342048.1646334014@sss.pgh.pa.us
Whole thread Raw
In response to Re: casting operand to proper type in BlockIdGetBlockNumber  (Tom Lane <tgl@sss.pgh.pa.us>)
Responses Re: casting operand to proper type in BlockIdGetBlockNumber
List pgsql-hackers
Tree view 
I wrote:
> Andres Freund <andres@anarazel.de> writes:
>> We should fix these passing-null-pointer cases...

> Yeah, working on that now.

The attached is enough to get through check-world with
"-fsanitize=undefined" using RHEL8's clang 12.0.1.
Most of it is the same old null-pointer-with-zero-count
business, but the change in numeric.c is a different
issue: "ln(-1.0)" ends up computing log10(0), which
produces -Inf, and then tries to assign that to an integer.
We don't actually care about the garbage result in that case,
so it's only a sanitizer complaint not a live bug.

I'm not sure whether to back-patch --- looking through the
git logs, it seems we've back-patched some fixes like these
and not others.  Thoughts?

In any case, if we're going to take this seriously it seems
like we need a buildfarm machine or two testing this option.

            regards, tom lane

diff --git a/src/backend/access/heap/heapam.c b/src/backend/access/heap/heapam.c
index 59d43e2ba9..4e6aeba315 100644
--- a/src/backend/access/heap/heapam.c
+++ b/src/backend/access/heap/heapam.c
@@ -328,7 +328,7 @@ initscan(HeapScanDesc scan, ScanKey key, bool keep_startblock)
     /*
      * copy the scan key, if appropriate
      */
-    if (key != NULL)
+    if (key != NULL && scan->rs_base.rs_nkeys > 0)
         memcpy(scan->rs_base.rs_key, key, scan->rs_base.rs_nkeys * sizeof(ScanKeyData));

     /*
diff --git a/src/backend/access/heap/heapam_visibility.c b/src/backend/access/heap/heapam_visibility.c
index ceadac70d5..ff0b8a688d 100644
--- a/src/backend/access/heap/heapam_visibility.c
+++ b/src/backend/access/heap/heapam_visibility.c
@@ -1564,8 +1564,8 @@ HeapTupleHeaderIsOnlyLocked(HeapTupleHeader tuple)
 static bool
 TransactionIdInArray(TransactionId xid, TransactionId *xip, Size num)
 {
-    return bsearch(&xid, xip, num,
-                   sizeof(TransactionId), xidComparator) != NULL;
+    return num > 0 &&
+        bsearch(&xid, xip, num, sizeof(TransactionId), xidComparator) != NULL;
 }

 /*
diff --git a/src/backend/access/transam/clog.c b/src/backend/access/transam/clog.c
index de787c3d37..3d9088a704 100644
--- a/src/backend/access/transam/clog.c
+++ b/src/backend/access/transam/clog.c
@@ -297,8 +297,9 @@ TransactionIdSetPageStatus(TransactionId xid, int nsubxids,
     if (all_xact_same_page && xid == MyProc->xid &&
         nsubxids <= THRESHOLD_SUBTRANS_CLOG_OPT &&
         nsubxids == MyProc->subxidStatus.count &&
-        memcmp(subxids, MyProc->subxids.xids,
-               nsubxids * sizeof(TransactionId)) == 0)
+        (nsubxids == 0 ||
+         memcmp(subxids, MyProc->subxids.xids,
+                nsubxids * sizeof(TransactionId)) == 0))
     {
         /*
          * If we can immediately acquire XactSLRULock, we update the status of
diff --git a/src/backend/access/transam/xact.c b/src/backend/access/transam/xact.c
index adf763a8ea..8964ddf3eb 100644
--- a/src/backend/access/transam/xact.c
+++ b/src/backend/access/transam/xact.c
@@ -5353,8 +5353,9 @@ SerializeTransactionState(Size maxsize, char *start_address)
     {
         if (FullTransactionIdIsValid(s->fullTransactionId))
             workspace[i++] = XidFromFullTransactionId(s->fullTransactionId);
-        memcpy(&workspace[i], s->childXids,
-               s->nChildXids * sizeof(TransactionId));
+        if (s->nChildXids > 0)
+            memcpy(&workspace[i], s->childXids,
+                   s->nChildXids * sizeof(TransactionId));
         i += s->nChildXids;
     }
     Assert(i == nxids);
diff --git a/src/backend/storage/ipc/shm_mq.c b/src/backend/storage/ipc/shm_mq.c
index 45b0dfc062..603cf9b0fa 100644
--- a/src/backend/storage/ipc/shm_mq.c
+++ b/src/backend/storage/ipc/shm_mq.c
@@ -773,8 +773,11 @@ shm_mq_receive(shm_mq_handle *mqh, Size *nbytesp, void **datap, bool nowait)

         /* Copy as much as we can. */
         Assert(mqh->mqh_partial_bytes + rb <= nbytes);
-        memcpy(&mqh->mqh_buffer[mqh->mqh_partial_bytes], rawdata, rb);
-        mqh->mqh_partial_bytes += rb;
+        if (rb > 0)
+        {
+            memcpy(&mqh->mqh_buffer[mqh->mqh_partial_bytes], rawdata, rb);
+            mqh->mqh_partial_bytes += rb;
+        }

         /*
          * Update count of bytes that can be consumed, accounting for
diff --git a/src/backend/utils/adt/numeric.c b/src/backend/utils/adt/numeric.c
index 975d7dcf47..45547f6ae7 100644
--- a/src/backend/utils/adt/numeric.c
+++ b/src/backend/utils/adt/numeric.c
@@ -10048,12 +10048,20 @@ exp_var(const NumericVar *arg, NumericVar *result, int rscale)
  *
  * Essentially, we're approximating log10(abs(ln(var))).  This is used to
  * determine the appropriate rscale when computing natural logarithms.
+ *
+ * Note: many callers call this before range-checking the input.  Therefore,
+ * we must be robust against values that are invalid to apply ln() to.
+ * We don't wish to throw an error here, so just return zero in such cases.
  */
 static int
 estimate_ln_dweight(const NumericVar *var)
 {
     int            ln_dweight;

+    /* Caller should fail on ln(negative), but for the moment return zero */
+    if (var->sign != NUMERIC_POS)
+        return 0;
+
     if (cmp_var(var, &const_zero_point_nine) >= 0 &&
         cmp_var(var, &const_one_point_one) <= 0)
     {
diff --git a/src/backend/utils/time/snapmgr.c b/src/backend/utils/time/snapmgr.c
index a0b81bf154..a0be0c411a 100644
--- a/src/backend/utils/time/snapmgr.c
+++ b/src/backend/utils/time/snapmgr.c
@@ -536,12 +536,14 @@ SetTransactionSnapshot(Snapshot sourcesnap, VirtualTransactionId *sourcevxid,
     CurrentSnapshot->xmax = sourcesnap->xmax;
     CurrentSnapshot->xcnt = sourcesnap->xcnt;
     Assert(sourcesnap->xcnt <= GetMaxSnapshotXidCount());
-    memcpy(CurrentSnapshot->xip, sourcesnap->xip,
-           sourcesnap->xcnt * sizeof(TransactionId));
+    if (sourcesnap->xcnt > 0)
+        memcpy(CurrentSnapshot->xip, sourcesnap->xip,
+               sourcesnap->xcnt * sizeof(TransactionId));
     CurrentSnapshot->subxcnt = sourcesnap->subxcnt;
     Assert(sourcesnap->subxcnt <= GetMaxSnapshotSubxidCount());
-    memcpy(CurrentSnapshot->subxip, sourcesnap->subxip,
-           sourcesnap->subxcnt * sizeof(TransactionId));
+    if (sourcesnap->subxcnt > 0)
+        memcpy(CurrentSnapshot->subxip, sourcesnap->subxip,
+               sourcesnap->subxcnt * sizeof(TransactionId));
     CurrentSnapshot->suboverflowed = sourcesnap->suboverflowed;
     CurrentSnapshot->takenDuringRecovery = sourcesnap->takenDuringRecovery;
     /* NB: curcid should NOT be copied, it's a local matter */
diff --git a/src/fe_utils/print.c b/src/fe_utils/print.c
index 2c8e58ebf5..dcdb2e0d0c 100644
--- a/src/fe_utils/print.c
+++ b/src/fe_utils/print.c
@@ -966,7 +966,8 @@ print_aligned_text(const printTableContent *cont, FILE *fout, bool is_pager)

             more_col_wrapping = col_count;
             curr_nl_line = 0;
-            memset(header_done, false, col_count * sizeof(bool));
+            if (col_count > 0)
+                memset(header_done, false, col_count * sizeof(bool));
             while (more_col_wrapping)
             {
                 if (opt_border == 2)

pgsql-hackers by date:

Previous
From: Robert Haas
Date:
Subject: Re: wrong fds used for refilenodes after pg_upgrade relfilenode changes Reply-To:
Next
From: Greg Stark
Date:
Subject: Re: Commitfest 2022-03 Patch Triage Part 1b