Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Fixed serialization for records with an attribute named format. #15240

Merged
merged 2 commits into from May 23, 2014
Merged

Fixed serialization for records with an attribute named format. #15240

merged 2 commits into from May 23, 2014

Conversation

chancancode
Copy link
Member 

>> book.method(:format)
=> #<Method: BookFormat(Kernel)#format>
>> skip_backtrace { book.send(:format) }
=> "#<ArgumentError: too few arguments>"
>> book.format
=> "paperback"
>> book.method(:format)
=> #<Method: BookFormat(#<Module:0x007fe16d195a90>)#__temp__66f627d61647>
>> skip_backtrace { book.send(:format) }
=> "paperback"

This bug can be triggered when serializing record R (the instance) of type C (the class), provided that the following conditions are met:

  1. The name of one or more columns/attributes on C/R matches an existing private method on C (e.g. those defined by Kernel, such as format).
  2. The attribute methods have not yet been generated on C.

In this case, the matching private methods will be called by the serialization code (with no arguments) and their return values will be serialized instead. If the method requires one or more arguments, it will result in an ArgumentError.

This regression is introduced in d1316bb.

Attribute methods (e.g. #name and #format, assuming the class has columns named name and format in its database table) are lazily defined. Instead of defining them when a the class is defined (e.g. in the inherited hook on ActiveRecord::Base), this operation is deferred until they are first accessed.

The reason behind this is that is defining those methods requires knowing what columns are defined on the database table, which usually requires a round-trip to the database. Deferring their definition until the last-possible moment helps reducing unnecessary work, especially in development mode where classes are redefined and throw away between requests.

Typically, when an attribute is first accessed (e.g. a_book.format), it will fire the method_missing hook on the class, which triggers the definition of the attribute methods. This even works for methods like format, because calling a private method with an explicit receiver will also trigger that hook.

Unfortunately, read_attribute_for_serialization is simply an alias to send, which does not respect method visibility. As a result, when serializing a record with those conflicting attributes, the method_missing is not fired, and as a result the attribute methods are not defined one would expect.

Before d1316bb, this is negated by the fact that calling the run_callbacks method will also trigger a call to respond_to?, which is another trigger point for the class to define its attribute methods. Therefore, when Active Record tries to run the after_find callbacks, it will also define all the attribute methods thus masking the problem.

The proper fix for this problem is probably to restrict read_attribute_for_serialization to call public methods only (i.e. alias read_attribute_for_serialization to public_send instead of send). This however would be quite risky to change in a patch release and would probably require a full deprecation cycle.

Another approach would be to override read_attribute_for_serialization inside Active Record to force the definition of attribute methods:

   def read_attribute_for_serialization(attribute)
     self.class.define_attribute_methods
     send(attribute)
   end

Unfortunately, this is quite likely going to cause a performance degradation.

This patch therefore restores the behaviour from the 4-0-stable branch by explicitly forcing the class to define its attribute methods in a similar spot (when records are initialized). This should not cause any extra roundtrips to the database because the @columns should already be cached on the class.

Fixes #15188.

For the record, I hate this patch, so if you have better ideas I'd love to hear them.

@chancancode
Copy link
Member Author

cc @josevalim @jeremy @tenderlove @rafaelfranca

@chancancode
Fixed serialization for records with an attribute named format.
2d73f5a 
* * *

This bug can be triggered when serializing record R (the instance) of type C
(the class), provided that the following conditions are met:

1. The name of one or more columns/attributes on C/R matches an existing private
   method on C (e.g. those defined by `Kernel`, such as `format`).

2. The attribute methods have not yet been generated on C.

In this case, the matching private methods will be called by the serialization
code (with no arguments) and their return values will be serialized instead. If
the method requires one or more arguments, it will result in an `ArgumentError`.

This regression is introduced in d1316bb.

* * *

Attribute methods (e.g. `#name` and `#format`, assuming the class has columns
named `name` and `format` in its database table) are lazily defined. Instead of
defining them when a the class is defined (e.g. in the `inherited` hook on
`ActiveRecord::Base`), this operation is deferred until they are first accessed.

The reason behind this is that is defining those methods requires knowing what
columns are defined on the database table, which usually requires a round-trip
to the database. Deferring their definition until the last-possible moment helps
reducing unnessary work, especially in development mode where classes are
redefined and throw away between requests.

Typically, when an attribute is first accessed (e.g. `a_book.format`), it will
fire the `method_missing` hook on the class, which triggers the definition of
the attribute methods. This even works for methods like `format`, because
calling a private method with an explicit receiver will also trigger that hook.

Unfortunately, `read_attribute_for_serialization` is simply an alias to `send`,
which does not respect method visibility. As a result, when serializing a record
with those conflicting attributes, the `method_missing` is not fired, and as a
result the attribute methods are not defined one would expected.

Before d1316bb, this is negated by the fact that calling the `run_callbacks`
method will also trigger a call to `respond_to?`, which is another trigger point
for the class to define its attribute methods. Therefore, when Active Record
tries to run the `after_find` callbacks, it will also define all the attribute
methods thus masking the problem.

* * *

The proper fix for this problem is probably to restrict `read_attribute_for_serialization`
to call public methods only (i.e. alias `read_attribute_for_serialization` to
`public_send` instead of `send`). This however would be quite risky to change
in a patch release and would probably require a full deprecation cycle.

Another approach would be to override `read_attribute_for_serialization` inside
Active Record to force the definition of attribute methods:

   def read_attribute_for_serialization(attribute)
     self.class.define_attribute_methods
     send(attribute)
   end

Unfortunately, this is quite likely going to cause a performance degradation.

This patch therefore restores the behaviour from the 4-0-stable branch by
explicitly forcing the class to define its attribute methods in a similar spot
(when records are initialized). This should not cause any extra roundtrips to
the database because the `@columns` should already be cached on the class.

Fixes rails#15188.
@chancancode
Avoid slowing down AR object initialization
28d52c5 
2d73f5a forces AR to enter the `define_attribute_methods` method whenever it
instantiate a record from the `init_with` entry point. This is a potential
performance hotspot, because `init_with` is called from all `find*` family
methods, and `define_attribute_methods` is slow because it tries to acquire
a lock on the mutex everytime it is entered.

By using [DCL](http://en.wikipedia.org/wiki/Double-checked_locking), we can
avoid grabbing the lock most of the time when the attribute methods are already
defined (the common case). This is made possible by the fact that reading an
instance variable is an atomic operation in Ruby.

Credit goes to Aaron Patterson for pointing me to DCL and filling me in on the
atomicity guarantees in Ruby.

[*Godfrey Chan*, *Aaron Patterson*]
@chancancode
Copy link
Member Author

@tenderlove so travis finally ran my build (I rebased it against your commit in case it changes anything, but it's all green!)

Should be good to go! 💚

@chancancode chancancode added this to the 4.1.2 milestone May 23, 2014
@chancancode chancancode self-assigned this May 23, 2014
tenderlove added a commit that referenced this pull request May 23, 2014
@tenderlove
Merge pull request #15240 from chancancode/fix_attribute_methods
8b36471 
Fixed serialization for records with an attribute named `format`.
@tenderlove tenderlove merged commit 8b36471 into rails:master May 23, 2014
tenderlove added a commit that referenced this pull request May 23, 2014
@tenderlove @chancancode
Merge pull request #15240 from chancancode/fix_attribute_methods
0f86846 
Fixed serialization for records with an attribute named `format`.
Conflicts:
	activerecord/CHANGELOG.md
@eileencodes eileencodes mentioned this pull request Jul 27, 2014
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees

@chancancode chancancode

Labels
activerecord regression
Projects
None yet
Milestone
4.1.2
Development

Successfully merging this pull request may close these issues.

as_json produces too few arguments error when used in a view
2 participants
@chancancode @tenderlove