| From: | Andres Freund <andres(at)anarazel(dot)de> |
|---|---|
| To: | Michael Paquier <michael(dot)paquier(at)gmail(dot)com> |
| Cc: | PostgreSQL mailing lists <pgsql-hackers(at)postgresql(dot)org> |
| Subject: | Re: Move allocation size overflow handling to MemoryContextAllocExtended()? |
| Date: | 2016-10-05 00:45:26 |
| Message-ID: | 20161005004526.mvllon64kjm6q5fb@alap3.anarazel.de |
| Views: | Whole Thread | Raw Message | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
On 2016-10-05 09:38:15 +0900, Michael Paquier wrote:
> On Wed, Oct 5, 2016 at 8:56 AM, Andres Freund <andres(at)anarazel(dot)de> wrote:
> > That made me wonder if it's not actually a mistake for
> > MemoryContextAllocExtended() size parameter to be declared
> > Size/size_t. That prevents it from detecting such overflows, forcing
> > code like the above on callsites.
> >
> > Comments?
>
> The existing interface of MemoryContextAlloc do not care much about
> anything except Size, so I'd just give the responsability to the
> caller to do checks like queue != (Size) queue when queue is a uint64
> for example.
Well, that duplicates the check and error message everywhere.
And queue != (Size) queue will cause errors like
/home/andres/src/postgresql/src/include/lib/simplehash.h:182:44:
warning: self-comparison always evaluates to false [-Wtautological-compare]
> And I can see that your patch is using uint32 for SH_TYPE->size.
But it multiples the size with sizeof(elemement)...
Greetings,
Andres Freund
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Tom Dunstan | 2016-10-05 00:53:43 | Feature suggestion: ON CONFLICT DO NOTHING RETURNING which returns existing row data |
| Previous Message | Michael Paquier | 2016-10-05 00:38:15 | Re: Move allocation size overflow handling to MemoryContextAllocExtended()? |