Re: BUG #17227: segmentation fault with jsonb_to_recordset

I wrote:
> Huh? It's a self-contained example. I'm seeing this back-trace
> on HEAD:

Digging deeper, it seems jsonb_path_query_array_internal is being
called with just two arguments:

Breakpoint 1, jsonb_path_query_array_internal (fcinfo=0x2e6a4e8, tz=false)
at jsonpath_exec.c:460
460 Jsonb *jb = PG_GETARG_JSONB_P(0);
(gdb) p *fcinfo
$1 = {flinfo = 0x2e6a490, context = 0x0, resultinfo = 0x0, fncollation = 0,
isnull = false, nargs = 2, args = 0x2e6a508}

It's expecting four arguments, and naturally goes off the deep end
when the last two aren't there. Evidently the planner has failed
to perform default-argument insertion on this particular function
call.

EXPLAIN VERBOSE shows the query plan as

Nested Loop (cost=0.01..2.52 rows=100 width=64)
Output: jsonb_path_query_array((unnested_modules.module -> 'lectures'::text), '$[*]'::jsonpath, '{}'::jsonb, false), jsonb_to_recordset.id
-> Function Scan on pg_catalog.unnest unnested_modules (cost=0.00..0.01 rows=1 width=32)
Output: unnested_modules.module
Function Call: unnest('{"{\"lectures\": [{\"id\": \"1\"}]}"}'::jsonb[])
-> Function Scan on pg_catalog.jsonb_to_recordset (cost=0.01..1.01 rows=100 width=32)
Output: jsonb_to_recordset.id
Function Call: jsonb_to_recordset(jsonb_path_query_array((unnested_modules.module -> 'lectures'::text), '$[*]'::jsonpath))

so it looks like we have flattened the "as l" sub-select into the parent
query and missed performing expression pre-processing on the expressions
that were pulled up ... but only in the FunctionScan node. The call
appearing in the output tlist has the default arguments in the right
places.

This works OK in v12, so somebody broke it between v12 and v13.
More to follow ...

regards, tom lane