| From: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
|---|---|
| To: | pgsql-hackers(at)lists(dot)postgresql(dot)org |
| Cc: | Fabien COELHO <coelho(at)cri(dot)ensmp(dot)fr> |
| Subject: | Overflow hazard in pgbench |
| Date: | 2021-06-27 17:39:03 |
| Message-ID: | 73927.1624815543@sss.pgh.pa.us |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
moonjelly just reported an interesting failure [1]. It seems that
with the latest bleeding-edge gcc, this code is misoptimized:
/* check random range */
if (imin > imax)
{
pg_log_error("empty range given to random");
return false;
}
else if (imax - imin < 0 || (imax - imin) + 1 < 0)
{
/* prevent int overflows in random functions */
pg_log_error("random range is too large");
return false;
}
such that the second if-test doesn't fire. Now, according to the C99
spec this code is broken, because the compiler is allowed to assume
that signed integer overflow doesn't happen, whereupon the second
if-block is provably unreachable. The failure still represents a gcc
bug, because we're using -fwrapv which should disable that assumption.
However, not all compilers have that switch, so it'd be better to code
this in a spec-compliant way. I suggest applying the attached in
branches that have the required functions.
[1] https://buildfarm.postgresql.org/cgi-bin/show_log.pl?nm=moonjelly&dt=2021-06-26%2007%3A03%3A17
regards, tom lane
| Attachment | Content-Type | Size |
|---|---|---|
| avoid-pgbench-overflow-hazard-1.patch | text/x-diff | 745 bytes |
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Tomas Vondra | 2021-06-27 17:55:24 | PoC: using sampling to estimate joins / complex conditions |
| Previous Message | Peter Geoghegan | 2021-06-27 16:51:28 | Re: Farewell greeting |