• Tom Lane's avatar
    Fix crash when logical decoding is invoked from a PL function. · 1518d078
    Tom Lane authored
    The logical decoding functions do BeginInternalSubTransaction and
    RollbackAndReleaseCurrentSubTransaction to clean up after themselves.
    It turns out that AtEOSubXact_SPI has an unrecognized assumption that
    we always need to cancel the active SPI operation in the SPI context
    that surrounds the subtransaction (if there is one).  That's true
    when the RollbackAndReleaseCurrentSubTransaction call is coming from
    the SPI-using function itself, but not when it's happening inside
    some unrelated function invoked by a SPI query.  In practice the
    affected callers are the various PLs.
    
    To fix, record the current subtransaction ID when we begin a SPI
    operation, and clean up only if that ID is the subtransaction being
    canceled.
    
    Also, remove AtEOSubXact_SPI's assertion that it must have cleaned
    up the surrounding SPI context's active tuptable.  That's proven
    wrong by the same test case.
    
    Also clarify (or, if you prefer, reinterpret) the calling conventions
    for _SPI_begin_call and _SPI_end_call.  The memory context cleanup
    in the latter means that these have always had the flavor of a matched
    resource-management pair, but they weren't documented that way before.
    
    Per report from Ben Chobot.
    
    Back-patch to 9.4 where logical decoding came in.  In principle,
    the SPI changes should go all the way back, since the problem dates
    back to commit 7ec1c5a8.  But given the lack of field complaints
    it seems few people are using internal subtransactions in this way.
    So I don't feel a need to take any risks in 9.2/9.3.
    
    Discussion: https://postgr.es/m/73FBA179-C68C-4540-9473-71E865408B15@silentmedia.com
    1518d078
decoding_into_rel.out 6.53 KB