Skip to content

Commit 53b93e8

Browse files
tglsfdctglsfdc
committed
Fix order of operations in ExecEvalFieldStoreDeForm().
If the given composite datum is toasted out-of-line, DatumGetHeapTupleHeader will perform database accesses to detoast it. That can invalidate the result of get_cached_rowtype, as documented (perhaps not plainly enough) in that function's API spec; which leads to strange errors or crashes when we try to use the TupleDesc to read the tuple. In short then, trying to update a field of a composite column could fail intermittently if the overall column value is wide enough to require toasting. We can fix the bug at no cost by just changing the order of operations, since we don't need the TupleDesc until after detoasting. (Other callers of get_cached_rowtype appear to get this right already, so there's only one bug.) Note that the added regression test case reveals this bug reliably only with debug_discard_caches/CLOBBER_CACHE_ALWAYS. Per bug #17994 from Alexander Lakhin. Sadly, this patch does not fix the missing-values issue revealed in the bug discussion; we'll need some more work to cover that. Discussion: https://postgr.es/m/17994-5c7100b51b4790e9@postgresql.org
1 parent 63b292e commit 53b93e8

File tree

3 files changed

+31
-12
lines changed

3 files changed

+31
-12
lines changed

src/backend/executor/execExprInterp.c

Lines changed: 17 additions & 12 deletions
Original file line numberDiff line numberDiff line change
@@ -1929,7 +1929,8 @@ CheckOpSlotCompatibility(ExprEvalStep *op, TupleTableSlot *slot)
19291929
* changed: if not NULL, *changed is set to true on any update
19301930
*
19311931
* The returned TupleDesc is not guaranteed pinned; caller must pin it
1932-
* to use it across any operation that might incur cache invalidation.
1932+
* to use it across any operation that might incur cache invalidation,
1933+
* including for example detoasting of input tuples.
19331934
* (The TupleDesc is always refcounted, so just use IncrTupleDescRefCount.)
19341935
*
19351936
* NOTE: because composite types can change contents, we must be prepared
@@ -3033,17 +3034,6 @@ ExecEvalFieldSelect(ExprState *state, ExprEvalStep *op, ExprContext *econtext)
30333034
void
30343035
ExecEvalFieldStoreDeForm(ExprState *state, ExprEvalStep *op, ExprContext *econtext)
30353036
{
3036-
TupleDesc tupDesc;
3037-
3038-
/* Lookup tupdesc if first time through or if type changes */
3039-
tupDesc = get_cached_rowtype(op->d.fieldstore.fstore->resulttype, -1,
3040-
op->d.fieldstore.rowcache, NULL);
3041-
3042-
/* Check that current tupdesc doesn't have more fields than we allocated */
3043-
if (unlikely(tupDesc->natts > op->d.fieldstore.ncolumns))
3044-
elog(ERROR, "too many columns in composite type %u",
3045-
op->d.fieldstore.fstore->resulttype);
3046-
30473037
if (*op->resnull)
30483038
{
30493039
/* Convert null input tuple into an all-nulls row */
@@ -3059,13 +3049,28 @@ ExecEvalFieldStoreDeForm(ExprState *state, ExprEvalStep *op, ExprContext *econte
30593049
Datum tupDatum = *op->resvalue;
30603050
HeapTupleHeader tuphdr;
30613051
HeapTupleData tmptup;
3052+
TupleDesc tupDesc;
30623053

30633054
tuphdr = DatumGetHeapTupleHeader(tupDatum);
30643055
tmptup.t_len = HeapTupleHeaderGetDatumLength(tuphdr);
30653056
ItemPointerSetInvalid(&(tmptup.t_self));
30663057
tmptup.t_tableOid = InvalidOid;
30673058
tmptup.t_data = tuphdr;
30683059

3060+
/*
3061+
* Lookup tupdesc if first time through or if type changes. Because
3062+
* we don't pin the tupdesc, we must not do this lookup until after
3063+
* doing DatumGetHeapTupleHeader: that could do database access while
3064+
* detoasting the datum.
3065+
*/
3066+
tupDesc = get_cached_rowtype(op->d.fieldstore.fstore->resulttype, -1,
3067+
op->d.fieldstore.rowcache, NULL);
3068+
3069+
/* Check that current tupdesc doesn't have more fields than allocated */
3070+
if (unlikely(tupDesc->natts > op->d.fieldstore.ncolumns))
3071+
elog(ERROR, "too many columns in composite type %u",
3072+
op->d.fieldstore.fstore->resulttype);
3073+
30693074
heap_deform_tuple(&tmptup, tupDesc,
30703075
op->d.fieldstore.values,
30713076
op->d.fieldstore.nulls);

src/test/regress/expected/rowtypes.out

Lines changed: 9 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -139,6 +139,15 @@ select (fn).first, substr((fn).last, 1, 20), length((fn).last) from people;
139139
Jim | abcdefghijklabcdefgh | 1200000
140140
(2 rows)
141141

142+
-- try an update on a toasted composite value, too
143+
update people set fn.first = 'Jack';
144+
select (fn).first, substr((fn).last, 1, 20), length((fn).last) from people;
145+
first | substr | length
146+
-------+----------------------+---------
147+
Jack | Blow | 4
148+
Jack | abcdefghijklabcdefgh | 1200000
149+
(2 rows)
150+
142151
-- Test row comparison semantics. Prior to PG 8.2 we did this in a totally
143152
-- non-spec-compliant way.
144153
select ROW(1,2) < ROW(1,3) as true;

src/test/regress/sql/rowtypes.sql

Lines changed: 5 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -76,6 +76,11 @@ insert into people select ('Jim', f1, null)::fullname, current_date from pp;
7676

7777
select (fn).first, substr((fn).last, 1, 20), length((fn).last) from people;
7878

79+
-- try an update on a toasted composite value, too
80+
update people set fn.first = 'Jack';
81+
82+
select (fn).first, substr((fn).last, 1, 20), length((fn).last) from people;
83+
7984
-- Test row comparison semantics. Prior to PG 8.2 we did this in a totally
8085
-- non-spec-compliant way.
8186

0 commit comments

Comments
 (0)