On Sat, Jul 27, 2024 at 6:28 PM David Rowley <dgrowle...@gmail.com> wrote: > > On Sun, 28 Jul 2024 at 07:18, Joseph Koshakow <kosh...@gmail.com> wrote: >> Attached is a patch that resolves an overflow in pg_size_pretty() that >> resulted in unexpected behavior when PG_INT64_MIN was passed in as an >> argument. > > Could we just fix this more simply by assigning the absolute value of > the signed variable into an unsigned type?
I might be misunderstanding, but my previous patch does assign the absolute value of the signed variable into an unsigned type. > It's a bit less code and > gets rid of the explicit test for PG_INT64_MIN. > + uint64 usize = size < 0 ? (uint64) (-size) : (uint64) size; I think that the explicit test for PG_INT64_MIN is still required. If `size` is equal to PG_INT64_MIN then `-size` will overflow. You end up with the correct behavior if `size` wraps around, but that's only guaranteed on platforms that support the `-fwrapv` flag. Thanks, Joseph Koshakow
