From b238527664ec6f6c9d00dba4cc2f3dab1c8b8b04 Mon Sep 17 00:00:00 2001 From: Andres Freund Date: Tue, 27 Nov 2018 10:07:03 -0800 Subject: Fix jit compilation bug on wide tables. The function generated to perform JIT compiled tuple deforming failed when HeapTupleHeader's t_hoff was bigger than a signed int8. I'd failed to realize that LLVM's getelementptr would treat an int8 index argument as signed, rather than unsigned. That means that a hoff larger than 127 would result in a negative offset being applied. Fix that by widening the index to 32bit. Add a testcase with a wide table. Don't drop it, as it seems useful to verify other tools deal properly with wide tables. Thanks to Justin Pryzby for both reporting a bug and then reducing it to a reproducible testcase! Reported-By: Justin Pryzby Author: Andres Freund Discussion: https://postgr.es/m/20181115223959.GB10913@telsasoft.com Backpatch: 11, just as jit compilation was --- src/backend/jit/llvm/llvmjit_deform.c | 12 +++++++++--- 1 file changed, 9 insertions(+), 3 deletions(-) (limited to 'src/backend/jit/llvm/llvmjit_deform.c') diff --git a/src/backend/jit/llvm/llvmjit_deform.c b/src/backend/jit/llvm/llvmjit_deform.c index 4111bf0a54b..d168eae0873 100644 --- a/src/backend/jit/llvm/llvmjit_deform.c +++ b/src/backend/jit/llvm/llvmjit_deform.c @@ -248,10 +248,16 @@ slot_compile_deform(LLVMJitContext *context, TupleDesc desc, v_infomask2, "maxatt"); + /* + * Need to zext, as getelementptr otherwise treats hoff as a signed 8bit + * integer, which'd yield a negative offset for t_hoff > 127. + */ v_hoff = - l_load_struct_gep(b, v_tuplep, - FIELDNO_HEAPTUPLEHEADERDATA_HOFF, - "t_hoff"); + LLVMBuildZExt(b, + l_load_struct_gep(b, v_tuplep, + FIELDNO_HEAPTUPLEHEADERDATA_HOFF, + ""), + LLVMInt32Type(), "t_hoff"); v_tupdata_base = LLVMBuildGEP(b, -- cgit v1.2.3