From 2abcb6061fb951d5df1abf8565854c5cd6e7b790 Mon Sep 17 00:00:00 2001 From: Andres Freund Date: Wed, 29 Mar 2023 18:07:17 -0700 Subject: [PATCH v6 01/17] bufmgr: Fix undefined behaviour with, unrealistically, large temp_buffers Quoting Melanie: > Since if buffer is INT_MAX, then the -(buffer + 1) version invokes > undefined behavior while the -buffer - 1 version doesn't. All other places were already using the correct version. I (Andres), copied the code into more places in a patch. Melanie caught it in review, but to prevent more people from copying the bad code, fix it. Even if it is a theoretical issue. We really ought to wrap these accesses in a helper function... Reported-by: Melanie Plageman Discussion: https://postgr.es/m/CAAKRu_aW2SX_LWtwHgfnqYpBrunMLfE9PD6-ioPpkh92XH0qpg@mail.gmail.com --- src/backend/storage/buffer/localbuf.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/backend/storage/buffer/localbuf.c b/src/backend/storage/buffer/localbuf.c index 5325ddb663d..68b4817c67b 100644 --- a/src/backend/storage/buffer/localbuf.c +++ b/src/backend/storage/buffer/localbuf.c @@ -305,7 +305,7 @@ MarkLocalBufferDirty(Buffer buffer) fprintf(stderr, "LB DIRTY %d\n", buffer); #endif - bufid = -(buffer + 1); + bufid = -buffer - 1; Assert(LocalRefCount[bufid] > 0); -- 2.38.0