Re: BUG #17792: MERGE uses uninitialized pointer and crashes when target tuple is updated concurrently

On Tue, 14 Feb 2023 at 12:05, Dean Rasheed <dean(dot)a(dot)rasheed(at)gmail(dot)com> wrote:
>
> On Tue, 14 Feb 2023 at 11:29, Alvaro Herrera <alvherre(at)alvh(dot)no-ip(dot)org> wrote:
> >
> > I'm not sure that the location of the initialization is best. My first
> > impulse was to add it in line 3618, with the "Set global context" lines;
> > but then I think it's possible for one tuple of a partition to be routed
> > correctly and a later one that is concurrently updated suffer from an
> > improper value in cpUpdateRetrySlot.
> >
>
> Hmm, shouldn't it be initialised in ExecMergeMatched(), before line
> 2896, making the CMD_DELETE case match the CMD_UPDATE case? Otherwise
> maybe an update action could be matched initially, try a
> cross-partition update, setting cpUpdateRetrySlot due to a concurrent
> update, and then upon retrying, a delete action might match.
>

After trying to induce that, I realised that it doesn't appear to be
possible, because a delete after a failed update will always succeed,
because it has the target row locked by that point. So I think that it
will never need to retry more than once.

That said, it seems wrong to be checking cpUpdateRetrySlot after an
attempted delete anyway. Perhaps a better fix would be to just change
the check in ExecMergeMatched() to

if (commandType == CMD_UPDATE && !TupIsNull(context->cpUpdateRetrySlot))
goto lmerge_matched;

and update the preceding comment, since only an update should set
cpUpdateRetrySlot.

Regards,
Dean