Skip to content

Commit 0789b82

Browse files
tglsfdctglsfdc
committed
Fix order of operations in ExecEvalFieldStoreDeForm().
If the given composite datum is toasted out-of-line, DatumGetHeapTupleHeader will perform database accesses to detoast it. That can invalidate the result of get_cached_rowtype, as documented (perhaps not plainly enough) in that function's API spec; which leads to strange errors or crashes when we try to use the TupleDesc to read the tuple. In short then, trying to update a field of a composite column could fail intermittently if the overall column value is wide enough to require toasting. We can fix the bug at no cost by just changing the order of operations, since we don't need the TupleDesc until after detoasting. (Other callers of get_cached_rowtype appear to get this right already, so there's only one bug.) Note that the added regression test case reveals this bug reliably only with debug_discard_caches/CLOBBER_CACHE_ALWAYS. Per bug #17994 from Alexander Lakhin. Sadly, this patch does not fix the missing-values issue revealed in the bug discussion; we'll need some more work to cover that. Discussion: https://postgr.es/m/17994-5c7100b51b4790e9@postgresql.org
1 parent 6bc7873 commit 0789b82

File tree

3 files changed

+31
-12
lines changed

3 files changed

+31
-12
lines changed

src/backend/executor/execExprInterp.c

Lines changed: 17 additions & 12 deletions
Original file line numberDiff line numberDiff line change
@@ -1969,7 +1969,8 @@ CheckOpSlotCompatibility(ExprEvalStep *op, TupleTableSlot *slot)
19691969
* changed: if not NULL, *changed is set to true on any update
19701970
*
19711971
* The returned TupleDesc is not guaranteed pinned; caller must pin it
1972-
* to use it across any operation that might incur cache invalidation.
1972+
* to use it across any operation that might incur cache invalidation,
1973+
* including for example detoasting of input tuples.
19731974
* (The TupleDesc is always refcounted, so just use IncrTupleDescRefCount.)
19741975
*
19751976
* NOTE: because composite types can change contents, we must be prepared
@@ -3128,17 +3129,6 @@ ExecEvalFieldSelect(ExprState *state, ExprEvalStep *op, ExprContext *econtext)
31283129
void
31293130
ExecEvalFieldStoreDeForm(ExprState *state, ExprEvalStep *op, ExprContext *econtext)
31303131
{
3131-
TupleDesc tupDesc;
3132-
3133-
/* Lookup tupdesc if first time through or if type changes */
3134-
tupDesc = get_cached_rowtype(op->d.fieldstore.fstore->resulttype, -1,
3135-
op->d.fieldstore.rowcache, NULL);
3136-
3137-
/* Check that current tupdesc doesn't have more fields than we allocated */
3138-
if (unlikely(tupDesc->natts > op->d.fieldstore.ncolumns))
3139-
elog(ERROR, "too many columns in composite type %u",
3140-
op->d.fieldstore.fstore->resulttype);
3141-
31423132
if (*op->resnull)
31433133
{
31443134
/* Convert null input tuple into an all-nulls row */
@@ -3154,13 +3144,28 @@ ExecEvalFieldStoreDeForm(ExprState *state, ExprEvalStep *op, ExprContext *econte
31543144
Datum tupDatum = *op->resvalue;
31553145
HeapTupleHeader tuphdr;
31563146
HeapTupleData tmptup;
3147+
TupleDesc tupDesc;
31573148

31583149
tuphdr = DatumGetHeapTupleHeader(tupDatum);
31593150
tmptup.t_len = HeapTupleHeaderGetDatumLength(tuphdr);
31603151
ItemPointerSetInvalid(&(tmptup.t_self));
31613152
tmptup.t_tableOid = InvalidOid;
31623153
tmptup.t_data = tuphdr;
31633154

3155+
/*
3156+
* Lookup tupdesc if first time through or if type changes. Because
3157+
* we don't pin the tupdesc, we must not do this lookup until after
3158+
* doing DatumGetHeapTupleHeader: that could do database access while
3159+
* detoasting the datum.
3160+
*/
3161+
tupDesc = get_cached_rowtype(op->d.fieldstore.fstore->resulttype, -1,
3162+
op->d.fieldstore.rowcache, NULL);
3163+
3164+
/* Check that current tupdesc doesn't have more fields than allocated */
3165+
if (unlikely(tupDesc->natts > op->d.fieldstore.ncolumns))
3166+
elog(ERROR, "too many columns in composite type %u",
3167+
op->d.fieldstore.fstore->resulttype);
3168+
31643169
heap_deform_tuple(&tmptup, tupDesc,
31653170
op->d.fieldstore.values,
31663171
op->d.fieldstore.nulls);

src/test/regress/expected/rowtypes.out

Lines changed: 9 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -145,6 +145,15 @@ select (fn).first, substr((fn).last, 1, 20), length((fn).last) from people;
145145
Jim | abcdefghijklabcdefgh | 1200000
146146
(2 rows)
147147

148+
-- try an update on a toasted composite value, too
149+
update people set fn.first = 'Jack';
150+
select (fn).first, substr((fn).last, 1, 20), length((fn).last) from people;
151+
first | substr | length
152+
-------+----------------------+---------
153+
Jack | Blow | 4
154+
Jack | abcdefghijklabcdefgh | 1200000
155+
(2 rows)
156+
148157
-- Test row comparison semantics. Prior to PG 8.2 we did this in a totally
149158
-- non-spec-compliant way.
150159
select ROW(1,2) < ROW(1,3) as true;

src/test/regress/sql/rowtypes.sql

Lines changed: 5 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -80,6 +80,11 @@ insert into people select ('Jim', f1, null)::fullname, current_date from pp;
8080

8181
select (fn).first, substr((fn).last, 1, 20), length((fn).last) from people;
8282

83+
-- try an update on a toasted composite value, too
84+
update people set fn.first = 'Jack';
85+
86+
select (fn).first, substr((fn).last, 1, 20), length((fn).last) from people;
87+
8388
-- Test row comparison semantics. Prior to PG 8.2 we did this in a totally
8489
-- non-spec-compliant way.
8590

0 commit comments

Comments
 (0)