-
Notifications
You must be signed in to change notification settings - Fork 21.3k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Fixed serialization for records with an attribute named format
.
#15240
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
* * * This bug can be triggered when serializing record R (the instance) of type C (the class), provided that the following conditions are met: 1. The name of one or more columns/attributes on C/R matches an existing private method on C (e.g. those defined by `Kernel`, such as `format`). 2. The attribute methods have not yet been generated on C. In this case, the matching private methods will be called by the serialization code (with no arguments) and their return values will be serialized instead. If the method requires one or more arguments, it will result in an `ArgumentError`. This regression is introduced in d1316bb. * * * Attribute methods (e.g. `#name` and `#format`, assuming the class has columns named `name` and `format` in its database table) are lazily defined. Instead of defining them when a the class is defined (e.g. in the `inherited` hook on `ActiveRecord::Base`), this operation is deferred until they are first accessed. The reason behind this is that is defining those methods requires knowing what columns are defined on the database table, which usually requires a round-trip to the database. Deferring their definition until the last-possible moment helps reducing unnessary work, especially in development mode where classes are redefined and throw away between requests. Typically, when an attribute is first accessed (e.g. `a_book.format`), it will fire the `method_missing` hook on the class, which triggers the definition of the attribute methods. This even works for methods like `format`, because calling a private method with an explicit receiver will also trigger that hook. Unfortunately, `read_attribute_for_serialization` is simply an alias to `send`, which does not respect method visibility. As a result, when serializing a record with those conflicting attributes, the `method_missing` is not fired, and as a result the attribute methods are not defined one would expected. Before d1316bb, this is negated by the fact that calling the `run_callbacks` method will also trigger a call to `respond_to?`, which is another trigger point for the class to define its attribute methods. Therefore, when Active Record tries to run the `after_find` callbacks, it will also define all the attribute methods thus masking the problem. * * * The proper fix for this problem is probably to restrict `read_attribute_for_serialization` to call public methods only (i.e. alias `read_attribute_for_serialization` to `public_send` instead of `send`). This however would be quite risky to change in a patch release and would probably require a full deprecation cycle. Another approach would be to override `read_attribute_for_serialization` inside Active Record to force the definition of attribute methods: def read_attribute_for_serialization(attribute) self.class.define_attribute_methods send(attribute) end Unfortunately, this is quite likely going to cause a performance degradation. This patch therefore restores the behaviour from the 4-0-stable branch by explicitly forcing the class to define its attribute methods in a similar spot (when records are initialized). This should not cause any extra roundtrips to the database because the `@columns` should already be cached on the class. Fixes rails#15188.
2d73f5a forces AR to enter the `define_attribute_methods` method whenever it instantiate a record from the `init_with` entry point. This is a potential performance hotspot, because `init_with` is called from all `find*` family methods, and `define_attribute_methods` is slow because it tries to acquire a lock on the mutex everytime it is entered. By using [DCL](http://en.wikipedia.org/wiki/Double-checked_locking), we can avoid grabbing the lock most of the time when the attribute methods are already defined (the common case). This is made possible by the fact that reading an instance variable is an atomic operation in Ruby. Credit goes to Aaron Patterson for pointing me to DCL and filling me in on the atomicity guarantees in Ruby. [*Godfrey Chan*, *Aaron Patterson*]
@tenderlove so travis finally ran my build (I rebased it against your commit in case it changes anything, but it's all green!) Should be good to go! 💚 |
tenderlove
added a commit
that referenced
this pull request
May 23, 2014
Fixed serialization for records with an attribute named `format`.
tenderlove
added a commit
that referenced
this pull request
May 23, 2014
Fixed serialization for records with an attribute named `format`. Conflicts: activerecord/CHANGELOG.md
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This bug can be triggered when serializing record
R
(the instance) of typeC
(the class), provided that the following conditions are met:C
/R
matches an existing private method on C (e.g. those defined byKernel
, such asformat
).C
.In this case, the matching private methods will be called by the serialization code (with no arguments) and their return values will be serialized instead. If the method requires one or more arguments, it will result in an
ArgumentError
.This regression is introduced in d1316bb.
Attribute methods (e.g.
#name
and#format
, assuming the class has columns namedname
andformat
in its database table) are lazily defined. Instead of defining them when a the class is defined (e.g. in theinherited
hook onActiveRecord::Base
), this operation is deferred until they are first accessed.The reason behind this is that is defining those methods requires knowing what columns are defined on the database table, which usually requires a round-trip to the database. Deferring their definition until the last-possible moment helps reducing unnecessary work, especially in development mode where classes are redefined and throw away between requests.
Typically, when an attribute is first accessed (e.g.
a_book.format
), it will fire themethod_missing
hook on the class, which triggers the definition of the attribute methods. This even works for methods likeformat
, because calling a private method with an explicit receiver will also trigger that hook.Unfortunately,
read_attribute_for_serialization
is simply an alias tosend
, which does not respect method visibility. As a result, when serializing a record with those conflicting attributes, themethod_missing
is not fired, and as a result the attribute methods are not defined one would expect.Before d1316bb, this is negated by the fact that calling the
run_callbacks
method will also trigger a call torespond_to?
, which is another trigger point for the class to define its attribute methods. Therefore, when Active Record tries to run theafter_find
callbacks, it will also define all the attribute methods thus masking the problem.The proper fix for this problem is probably to restrict
read_attribute_for_serialization
to call public methods only (i.e. aliasread_attribute_for_serialization
topublic_send
instead ofsend
). This however would be quite risky to change in a patch release and would probably require a full deprecation cycle.Another approach would be to override
read_attribute_for_serialization
inside Active Record to force the definition of attribute methods:Unfortunately, this is quite likely going to cause a performance degradation.
This patch therefore restores the behaviour from the 4-0-stable branch by explicitly forcing the class to define its attribute methods in a similar spot (when records are initialized). This should not cause any extra roundtrips to the database because the
@columns
should already be cached on the class.Fixes #15188.
For the record, I hate this patch, so if you have better ideas I'd love to hear them.