[Django] #35836: ORM can produce invalid SQL when subclassing Query

Sun, 13 Oct 2024 16:22:41 -0700 

#35836: ORM can produce invalid SQL when subclassing Query
-------------------------------------+-------------------------------------
     Reporter:  Ben Pearman          |                     Type:  Bug
       Status:  new                  |                Component:  Database
                                     |  layer (models, ORM)
      Version:  5.0                  |                 Severity:  Normal
     Keywords:                       |             Triage Stage:
                                     |  Unreviewed
    Has patch:  0                    |      Needs documentation:  0
  Needs tests:  0                    |  Patch needs improvement:  0
Easy pickings:  0                    |                    UI/UX:  0
-------------------------------------+-------------------------------------
 We have observed a bug in the ORM where invalid SQL can be produced.

 A reproduction can be seen here:
 https://github.com/benpearman/django-orm-bug
 And specifically:
 https://github.com/benpearman/django-orm-bug/blob/master/demo/models.py

 It is caused with the following steps:
 1. Subclassing {{{django.db.models.sql.Query}}} and using it in a Queryset
 mixin
 2. Creating a queryset with an {{{exclude()}}} expression which includes a
 subquery. EG {{{Classroom.objects.exclude(student_set__id=student_A.id)}}}
 3. Then before calling {{{super().get_compiler}}} from our subclassed
 Query:
  -  Clone the query
  -  Adding a simple expression via {{{cloned_query.add_q}}} eg
 {{{cloned_query.add_q(Q(school_id=1))}}}
  -  Passing the cloned query into {{{super().get_compiler}}}
 4. Then evaluate the queryset, which produces invalid SQL and raises
 {{{django.db.utils.OperationalError}}}

 Note the issue happens when get_compiler is invoked for the subquery, not
 on the main query itself.

 This was working for us in Django 3.2, but not for Django 4.1

 git bisect shows the breakage was introduced by this commit:
 
https://github.com/django/django/commit/14c8504a37afad96ab93cf82f47b13bcc4d00621
-- 
Ticket URL: <https://code.djangoproject.com/ticket/35836>
Django <https://code.djangoproject.com/>
The Web framework for perfectionists with deadlines.

-- 
You received this message because you are subscribed to the Google Groups 
"Django updates" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to [email protected].
To view this discussion on the web visit 
https://groups.google.com/d/msgid/django-updates/010701928830caea-8533521c-6529-4141-85ea-578298338bbb-000000%40eu-central-1.amazonses.com.

Reply via email to