folder:lk/lk date:yesterday..
Hi,
Coverity flagged a couple of issues that seem to worth addressing by
changing the code instead of ignoring them:
01) heap_xlog_update() looks to coverity as if it could trigger a NULL
pointer dereference. That's because it thinks that oldtup.t_data is
NULL if XLR_BKP_BLOCK(0) while reconstructing incremental
tuples. That fortunately can't happen as incremental updates are
only performed if the tuples are on the same page.
Add an Assert().
02) Be a bit more consistent in what type to use for a size
variable. Inconsequential, but more consistent.
03) Don't leak memory after connection aborts in pg_recvlogical.
04) Use a sensible parameter for memset() when randomizing memory in
reorderbuffer. Inconsequential.
Could somebody please pick these up?
I have to say, I am not particularly happy with the complexity of the
control flow in heap_xlog_update() :(.
Greetings,
Andres Freund
--
Andres Freund http://www.2ndQuadrant.com/
PostgreSQL Development, 24x7 Support, Training & Services
--
Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org)
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-hackers
On 2014-04-30 17:39:27 +0200, Andres Freund wrote:
Hi,
Coverity flagged a couple of issues that seem to worth addressing by
changing the code instead of ignoring them:01) heap_xlog_update() looks to coverity as if it could trigger a NULL
pointer dereference. That's because it thinks that oldtup.t_data is
NULL if XLR_BKP_BLOCK(0) while reconstructing incremental
tuples. That fortunately can't happen as incremental updates are
only performed if the tuples are on the same page.
Add an Assert().
02) Be a bit more consistent in what type to use for a size
variable. Inconsequential, but more consistent.
03) Don't leak memory after connection aborts in pg_recvlogical.
04) Use a sensible parameter for memset() when randomizing memory in
reorderbuffer. Inconsequential.Could somebody please pick these up?
That might be easier with actual patches...
Greetings,
Andres Freund
--
Andres Freund http://www.2ndQuadrant.com/
PostgreSQL Development, 24x7 Support, Training & Services
Attachments:
0001-Assert-that-pre-post-fix-updated-tuples-are-on-the-s.patchtext/x-patch; charset=us-asciiDownload
>From 67a566a57b66e1e47430f9b74fc82228e1c9130f Mon Sep 17 00:00:00 2001
From: Andres Freund <andres@anarazel.de>
Date: Wed, 30 Apr 2014 17:18:55 +0200
Subject: [PATCH 1/4] Assert that pre/post-fix updated tuples are on the same
page during replay.
If they were not 'oldtup.t_data' would be dereferenced while set to
NULL in case of a full page image for block 0.
Do so primarily to silenence coverity; but also to make sure this
prerequisite isn't changed without adapting the replay routine as that
would appear to work in many cases.
---
src/backend/access/heap/heapam.c | 2 ++
1 file changed, 2 insertions(+)
diff --git a/src/backend/access/heap/heapam.c b/src/backend/access/heap/heapam.c
index a047632..336fbb0 100644
--- a/src/backend/access/heap/heapam.c
+++ b/src/backend/access/heap/heapam.c
@@ -8115,11 +8115,13 @@ newsame:;
if (xlrec->flags & XLOG_HEAP_PREFIX_FROM_OLD)
{
+ Assert(samepage);
memcpy(&prefixlen, recdata, sizeof(uint16));
recdata += sizeof(uint16);
}
if (xlrec->flags & XLOG_HEAP_SUFFIX_FROM_OLD)
{
+ Assert(samepage);
memcpy(&suffixlen, recdata, sizeof(uint16));
recdata += sizeof(uint16);
}
--
1.8.3.251.g1462b67
0002-Use-Size-instead-of-uint32-to-measure-.-size-in-snap.patchtext/x-patch; charset=us-asciiDownload
>From 43c3c46cf5b35296df2f1121940997cdd419eb4e Mon Sep 17 00:00:00 2001
From: Andres Freund <andres@anarazel.de>
Date: Wed, 30 Apr 2014 17:27:06 +0200
Subject: [PATCH 2/4] Use Size instead of uint32 to measure ... size in
snapbuild.c.
Silences coverity and is more consistent with other functions in the
same file.
---
src/backend/replication/logical/snapbuild.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/backend/replication/logical/snapbuild.c b/src/backend/replication/logical/snapbuild.c
index c462e90..36034db 100644
--- a/src/backend/replication/logical/snapbuild.c
+++ b/src/backend/replication/logical/snapbuild.c
@@ -1431,7 +1431,7 @@ SnapBuildSerialize(SnapBuild *builder, XLogRecPtr lsn)
char path[MAXPGPATH];
int ret;
struct stat stat_buf;
- uint32 sz;
+ Size sz;
Assert(lsn != InvalidXLogRecPtr);
Assert(builder->last_serialized_snapshot == InvalidXLogRecPtr ||
--
1.8.3.251.g1462b67
0003-Don-t-leak-memory-after-connection-aborts-in-pg_recv.patchtext/x-patch; charset=us-asciiDownload
>From c41faf9047e0d133b0cc233e6d7ca0be4e54e589 Mon Sep 17 00:00:00 2001
From: Andres Freund <andres@anarazel.de>
Date: Wed, 30 Apr 2014 17:29:04 +0200
Subject: [PATCH 3/4] Don't leak memory after connection aborts in
pg_recvlogical.
Noticed by coverity.
---
src/bin/pg_basebackup/pg_recvlogical.c | 8 +++++---
1 file changed, 5 insertions(+), 3 deletions(-)
diff --git a/src/bin/pg_basebackup/pg_recvlogical.c b/src/bin/pg_basebackup/pg_recvlogical.c
index 8141ba3..fe902cf 100644
--- a/src/bin/pg_basebackup/pg_recvlogical.c
+++ b/src/bin/pg_basebackup/pg_recvlogical.c
@@ -547,9 +547,6 @@ StreamLog(void)
}
PQclear(res);
- if (copybuf != NULL)
- PQfreemem(copybuf);
-
if (outfd != -1 && strcmp(outfile, "-") != 0)
{
int64 t = feGetCurrentTimestamp();
@@ -563,6 +560,11 @@ StreamLog(void)
}
outfd = -1;
error:
+ if (copybuf != NULL)
+ {
+ PQfreemem(copybuf);
+ copybuf = NULL;
+ }
destroyPQExpBuffer(query);
PQfinish(conn);
conn = NULL;
--
1.8.3.251.g1462b67
0004-Pass-sensible-value-to-memset-when-randomizing-reord.patchtext/x-patch; charset=us-asciiDownload
>From 84c8333f02abd3f973b3009d02dcbecc880ce909 Mon Sep 17 00:00:00 2001
From: Andres Freund <andres@anarazel.de>
Date: Wed, 30 Apr 2014 17:35:15 +0200
Subject: [PATCH 4/4] Pass sensible value to memset() when randomizing
reorderbuffer's tuple slab.
This is entirely harmless, but still wrong. Noticed by coverity.
---
src/backend/replication/logical/reorderbuffer.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/backend/replication/logical/reorderbuffer.c b/src/backend/replication/logical/reorderbuffer.c
index 4493930..0b21be9 100644
--- a/src/backend/replication/logical/reorderbuffer.c
+++ b/src/backend/replication/logical/reorderbuffer.c
@@ -463,7 +463,7 @@ ReorderBufferGetTupleBuf(ReorderBuffer *rb)
tuple = slist_container(ReorderBufferTupleBuf, node,
slist_pop_head_node(&rb->cached_tuplebufs));
#ifdef USE_ASSERT_CHECKING
- memset(tuple, 0xdeadbeef, sizeof(ReorderBufferTupleBuf));
+ memset(tuple, 0xa9, sizeof(ReorderBufferTupleBuf));
#endif
}
else
--
1.8.3.251.g1462b67
On 04/30/2014 06:39 PM, Andres Freund wrote:
Hi,
Coverity flagged a couple of issues that seem to worth addressing by
changing the code instead of ignoring them:01) heap_xlog_update() looks to coverity as if it could trigger a NULL
pointer dereference. That's because it thinks that oldtup.t_data is
NULL if XLR_BKP_BLOCK(0) while reconstructing incremental
tuples. That fortunately can't happen as incremental updates are
only performed if the tuples are on the same page.
Add an Assert().
02) Be a bit more consistent in what type to use for a size
variable. Inconsequential, but more consistent.
03) Don't leak memory after connection aborts in pg_recvlogical.
04) Use a sensible parameter for memset() when randomizing memory in
reorderbuffer. Inconsequential.Could somebody please pick these up?
Committed, thanks.
I have to say, I am not particularly happy with the complexity of the
control flow in heap_xlog_update() :(.
Agreed :-(. It might be good to split it into two functions, one for
same-page updates and another for others. And have two different WAL
record structs for the cases, too.
- Heikki
--
Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org)
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-hackers