Re: BUG #17950: Incorrect memory access in gtsvector_picksplit()

Hello Tom,

13.08.2023 17:35, Tom Lane wrote:
> Alexander Lakhin <exclusion(at)gmail(dot)com> writes:
>> I can also propose a regression test addition that demonstrates the valgrind
>> complaint and also the output of gtsvectorout() for the case ISALLTRUE and
>> the opposite.
> OK, but ...
>
>> This addition increases the duration of `make check -C contrib/pageinspect`
>> under valgrind by 7-8 seconds for me:
> [ ie, more than triple its previous runtime ]

Yes, unfortunately.

> ... that seems completely unacceptable cost-wise. I'd be inclined
> to commit the fix without a supporting test case, instead of that.

I've tried to make that addition as valuable as possible in the context of
this issue, but as it is too expensive (to be honest, I was bolstered by
the gin test duration (~10 secs too)), then let's leave it aside.

> Given that the misapplication of GETSIGN is causing an incorrect
> pointer to be passed to sizebitvec(), how come the error is not
> leading to outright wrong answers? I guess because it's in
> picksplit, the worst outcome normally is a poor choice of split,
> so maybe exhibiting wrong behavior in a detectable way is hard.

(In fact, I stopped my previous research when I had come to the conclusion
that generating data pattern needed to demonstrate wrong answers or at least
an inefficient split require many more data rows than we can afford in a
regression test.)

>> In absence of any objections or other propositions, I'm inclined to register
>> this bugfix on the commitfest.
> Please do that in any case, so we don't forget about it.

Thank you!
Done:
https://commitfest.postgresql.org/44/4498/

Best regards,
Alexander