Re: BUG #16122: segfault pg_detoast_datum (datum=0x0) at fmgr.c:1833 numrange query

> 4 янв. 2020 г., в 0:05, Andrey Borodin <x4mmm(at)yandex-team(dot)ru> написал(а):
>
> I believe line should be not like
> + for (i = upper_index - 1; i >= 0; i--)
> but rather
> + for (i = min(upper_index, hist_nvalues - 2); i >= 0; i--)
>
> I will dig into this during this CF. Currently, that's my 2 cents.
I think I have a little more correct fix.

As far as I understand, we have an array of bin lower bounds hist_lower with size hist_nvalues.
There is a function get_position(..,value, lower, upper), which calculates relative position of value between lower and upper bound.
We call get_position(typcache, lower, &hist_lower[i], &hist_lower[i + 1]); when i is last bin, i.e. i + 1 == hist_nvalues, thus passing bogus upper to get_position().
PFA possible fix for this.

Upper in the code same situation when upper is undefined is treated as if get_position returned 0.
Also, while get_position() is not prepared to bogus upper, but it is well aware of infinite bounds. We could just add last infinite value to hist_lower and remove upper_index < hist_nvalues - 1 and i + 1 != hist_nvalues checks entirely.

Best regards, Andrey Borodin.