Received: from malur.postgresql.org ([217.196.149.56])
	by arkaria.postgresql.org with esmtps  (TLS1.3) tls
 TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
	(Exim 4.96)
	(envelope-from <pgsql-hackers-owner+archive@lists.postgresql.org>)
	id 1w8QPS-000WFr-0r
	for pgsql-hackers@arkaria.postgresql.org;
	Thu, 02 Apr 2026 22:21:06 +0000
Received: from localhost ([127.0.0.1] helo=malur.postgresql.org)
	by malur.postgresql.org with esmtp (Exim 4.96)
	(envelope-from <pgsql-hackers-owner+archive@lists.postgresql.org>)
	id 1w8QPR-008T0y-0H
	for pgsql-hackers@arkaria.postgresql.org;
	Thu, 02 Apr 2026 22:21:05 +0000
Received: from magus.postgresql.org ([2a02:c0:301:0:ffff::29])
	by malur.postgresql.org with esmtps  (TLS1.3) tls
 TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
	(Exim 4.96)
	(envelope-from <dgrowleyml@gmail.com>)
	id 1w8QPQ-008T0q-2d
	for pgsql-hackers@lists.postgresql.org;
	Thu, 02 Apr 2026 22:21:05 +0000
Received: from mail-wr1-x431.google.com ([2a00:1450:4864:20::431])
	by magus.postgresql.org with esmtps  (TLS1.3) tls
 TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
	(Exim 4.98.2)
	(envelope-from <dgrowleyml@gmail.com>)
	id 1w8QPO-00000000H1x-3sst
	for pgsql-hackers@lists.postgresql.org;
	Thu, 02 Apr 2026 22:21:04 +0000
Received: by mail-wr1-x431.google.com with SMTP id
 ffacd0b85a97d-43ccda008cdso963757f8f.0
        for <pgsql-hackers@lists.postgresql.org>;
 Thu, 02 Apr 2026 15:21:03 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1775168462; cv=none;
        d=google.com; s=arc-20240605;
        b=Rx1smNtPXKjxicm/GHRyj2T5uck1vwRr4bqzwIY1UzsXIo15LcEO/Tpum1a3OslRr8
         1uGRpLwyo4ZemMLZx9dT6moIrVjAxe5b9alSN7HGhVfQSRrb8frSZKC7heYt/kBEue2N
         3gmIrPoYO20yZrnFcZtF6oE00V1mCdam9CAEGeIM1cCSin4KprX/q5PnfiHk8iLFzNhc
         PezvaXT1UmKqLXlHLVW0ZLsiQRrj/zYEEnG2h1aBQ36TZYAG1W40Rp8UsATNN4T6zlnS
         7rDmhqEL81kIdU55S/hFTzqm5k6N9ajVEkuaIbdhrLu38RUQlhUDN0lNXxzwTQmLal3A
         hC4w==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com;
 s=arc-20240605;
        h=content-transfer-encoding:cc:to:subject:message-id:date:from
         :in-reply-to:references:mime-version:dkim-signature;
        bh=NJaoqBaIRg6KyfAqAEaanxVWLMy16bHVEUvFaGI55xw=;
        fh=LA2qZ/6HKYFgZLyjr3PAPoC/mq1PVnhF0UcOyu06kOQ=;
        b=kYAy7nSYJnJ6i+/YUkzt16JElFpX0sPNJNLBFuWMU2aXVFB811sA5fqKYhvstrcTpL
         KyvY9KnYPFSDZb3uZ5zVAvuxkfC7Bck65n5JJsmAd1tcwUzv3vZv2njTUbDGncl+eDE2
         8KVhsVVKaMDDidCqmkuHVgPafesk8wOWVxVePlFmv9WbfrLm/oQOiAAPGqJEhrEwqkST
         zdnzfMokoyltHuxkiPN4dKRNb6bw4dAeA4IPVl8Wwo7u2hZpbv0kjtXKdbS3q29vtFQ0
         IE/ruY2Jmu7JGeifYTv99792G2JT5+BtBT4ezYeJ3jc6zwVONOb9RKN5qsjQdcKplulL
         5pvQ==;
        darn=lists.postgresql.org
ARC-Authentication-Results: i=1; mx.google.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=20251104; t=1775168462; x=1775773262;
 darn=lists.postgresql.org;
        h=content-transfer-encoding:cc:to:subject:message-id:date:from
         :in-reply-to:references:mime-version:from:to:cc:subject:date
         :message-id:reply-to;
        bh=NJaoqBaIRg6KyfAqAEaanxVWLMy16bHVEUvFaGI55xw=;
        b=CyLDdPP/cJX9FrmdYY3tvHD0hdNHpSJ8iCz80FhQWcGtCzrUbRkwgQh6bSCVBLpuMb
         fJZUbfUoTE6Co9E1TXyqENJRmajx8guDma0kGz6DDpHEC60Iq0BvPn3SEfJ5F56C6+cr
         q9tupacoqoju1rNCNzcJhlR9X2iFZVadkvhN/JQ3pkQ5QpO5sllRvxE3y13tjr4fIj/B
         ZeTBbplp6nNM3oOuabLEfyBGRy5n+ENHoT0ISJYTatk7mjPPiaWtBeEMPLWKVbisdUUP
         KX1rK3whu9XCGSLmRakSOk+ZGdxjLvUn7iWzhuAmwTCurDbbA6W9kkgo/9fAimDgvzqw
         EIeg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20251104; t=1775168462; x=1775773262;
        h=content-transfer-encoding:cc:to:subject:message-id:date:from
         :in-reply-to:references:mime-version:x-gm-gg:x-gm-message-state:from
         :to:cc:subject:date:message-id:reply-to;
        bh=NJaoqBaIRg6KyfAqAEaanxVWLMy16bHVEUvFaGI55xw=;
        b=d45EbiXMke9AOYWkWhBBYxSm/q5UixP50Eyoou1iWhE9kKsPcLUFpyJbPTIlqRGhRJ
         NuT7I7reaxOFDg7mr1Yx9cwTHlvi048FQo8AdS5HaJx8WYAiqaN2ddC3ZjH3p9i53hYC
         ZC/ssM6wAVqhZGGdL3p79fenk06Owf8LBbGbPjF+TprE2Td9oRWvH1aWXvQUQ9CqC7sr
         G2QGNJa5T0Ywze5YOO643fRZTqY8Q58sPf9dlAjH/iOMxadaphezFLVFYZ3GbN7Zbgj/
         KYZXTocEwAOzwMJpG/vKRjH8AesiKt1QaTqkKefsCTBuyhUej/y7Or/8wmjbVA0Tk2JH
         3cDw==
X-Gm-Message-State: AOJu0Yyd63pq/Oo/peM0zQx0UD0a0ZvWa9FeySildU2COGJGS2uM9Wn4
	A7bZ5C+1n8VON3a3DKwxpnY6RelioPFANCMlh+4qxH0sgpkY16L2w9WMKmzGiJGc+fk90Xrao9S
	7hFekyVIh3WA0Dsg1j/v2D4K9VmytLK8rMV4L
X-Gm-Gg: AeBDiesBma9y9Y1SC4vsZqreBu060WOPAYm2I1rRk6yBzD6LywF8IbNZxfVHtct9veG
	gvfWgTN0C3gQRwfEaoPsUJ9V5Nii3CegBGVDd+7viwQLpqrQSxmzM3QupZWVATdoIFiiAbXtSIz
	qvU6S7dAn6PdDK9LgQX3HJxtUzO/kJsjqH5N708OAZTIUvPjkeVr3t2v4R6B6nmWQ87jci5NRbO
	fxkBHjcU53Clr0oAbqmoZoAAUm78BqYgydMz3DOhT+gyal9aBWzzuPObq6r7XjbTR2GmvOSV37p
	GN/Ob0B4UJgs8sAYfKS6d0V2gnG48q3la/o2Ha1q6uKryGn85A6L/NNL4eq8xRx6pMr1ulbjJQ=
	=
X-Received: by 2002:a05:6000:186f:b0:43c:f1da:487d with SMTP id
 ffacd0b85a97d-43d28f8cd5fmr1306207f8f.2.1775168462426; Thu, 02 Apr 2026
 15:21:02 -0700 (PDT)
MIME-Version: 1.0
References: 
 <CAApHDvq0T=iJ0Sf5TNE9yyWwfOeVjmrBt0wSywDnGD9Y4YJQBA@mail.gmail.com>
 <0BF8BC4F-ED7D-445F-8BB3-2336F1E17CB4@gmail.com>
In-Reply-To: <0BF8BC4F-ED7D-445F-8BB3-2336F1E17CB4@gmail.com>
From: David Rowley <dgrowleyml@gmail.com>
Date: Fri, 3 Apr 2026 11:20:50 +1300
X-Gm-Features: AQROBzAD9LLPcSXhNdwUaE-fqEjVnkeaN5uGNa2qqFJAgmThuMOzy9Xukgisavs
Message-ID: 
 <CAApHDvpFAjbiNQpCWanuJb4o4=ZbLYtsxLnzYWhCbjYZuK2kfQ@mail.gmail.com>
Subject: Re: Small and unlikely overflow hazard in bms_next_member()
To: Chao Li <li.evan.chao@gmail.com>
Cc: PostgreSQL Developers <pgsql-hackers@lists.postgresql.org>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
List-Id: <pgsql-hackers.lists.postgresql.org>
List-Help: <https://lists.postgresql.org/manage/>
List-Subscribe: <https://lists.postgresql.org/manage/>
List-Post: <mailto:pgsql-hackers@lists.postgresql.org>
List-Owner: <mailto:pgsql-hackers-owner@lists.postgresql.org>
List-Archive: <https://www.postgresql.org/list/pgsql-hackers>
Archived-At: 
 <https://www.postgresql.org/message-id/CAApHDvpFAjbiNQpCWanuJb4o4%3DZbLYtsxLnzYWhCbjYZuK2kfQ%40mail.gmail.com>
Precedence: bulk

On Thu, 2 Apr 2026 at 19:39, Chao Li <li.evan.chao@gmail.com> wrote:
> Both the return value of bms_next_member() and the parameter =E2=80=9Cpre=
vbit" are defined as int, which seems to imply that a bitmap can hold at mo=
st INT32_MAX elements. So I wonder if a cleaner fix would be to just add a =
range guard, like this:
>
> ```
> diff --git a/src/backend/nodes/bitmapset.c b/src/backend/nodes/bitmapset.=
c
> index 786f343b3c9..7f79f81f278 100644
> --- a/src/backend/nodes/bitmapset.c
> +++ b/src/backend/nodes/bitmapset.c
> @@ -1294,7 +1294,7 @@ bms_next_member(const Bitmapset *a, int prevbit)
>
>         Assert(bms_is_valid_set(a));
>
> -       if (a =3D=3D NULL)
> +       if (a =3D=3D NULL || prevbit =3D=3D INT32_MAX)

I don't think that's a nice way at all. Adding a special case plus
extra instructions, including a new jump instruction for the boolean
short-circuiting. More instruction decoding, more L1i space needed,
more branches to predict and more space in the branch predictor tables
to overwrite other useful branches. Adds run-time overhead.

I was aiming for low overhead and no special cases. 2a600a93c means we
don't care about the performance on 32-bit hardware anymore, so that
can't be used as a counterargument.

David