[MDEV-11464] Server crashes in mark_object upon JSON_VALID Created: 2016-12-02  Updated: 2016-12-03  Resolved: 2016-12-03

Status: Closed
Project: MariaDB Server
Component/s: JSON
Affects Version/s: 10.2
Fix Version/s: 10.2.3

Type: Bug Priority: Major
Reporter: Elena Stepanova Assignee: Alexey Botchkov
Resolution: Fixed Votes: 0
Labels: json-10.2

Issue Links:
Relates
relates to MDEV-9143 JSON_xxx functions Closed

 Description    

SELECT JSON_VALID(REPEAT('{"a":', 100000));

10.2 6a10681266

 
#3  <signal handler called>
 
#4  0x00007fef818c9eac in mark_object (j=0x7fef81f7d5b0) at /data/src/10.2/strings/json_lib.c:129
 
#5  0x00007fef818cafbe in skip_key (j=0x7fef81f7d5b0) at /data/src/10.2/strings/json_lib.c:795
 
#6  0x00007fef818cb411 in json_scan_next (j=0x7fef81f7d5b0) at /data/src/10.2/strings/json_lib.c:914
 
#7  0x00007fef812b9cab in Item_func_json_valid::val_int (this=0x7fef38c603b8) at /data/src/10.2/sql/item_jsonfunc.cc:127
 
#8  0x00007fef8110a68d in Item::send (this=0x7fef38c603b8, protocol=0x7fef38c16600, buffer=0x7fef81f7d7a0) at /data/src/10.2/sql/item.cc:6775
 
#9  0x00007fef80db9178 in Protocol::send_result_set_row (this=0x7fef38c16600, row_items=0x7fef38c1a3a8) at /data/src/10.2/sql/protocol.cc:979
 
#10 0x00007fef80e37e50 in select_send::send_data (this=0x7fef38c60560, items=...) at /data/src/10.2/sql/sql_class.cc:2915
 
#11 0x00007fef80ec4e4f in JOIN::exec_inner (this=0x7fef38c60580) at /data/src/10.2/sql/sql_select.cc:3278
 
#12 0x00007fef80ec48ea in JOIN::exec (this=0x7fef38c60580) at /data/src/10.2/sql/sql_select.cc:3198
 
#13 0x00007fef80ec5a41 in mysql_select (thd=0x7fef38c16070, tables=0x0, wild_num=0, fields=..., conds=0x0, og_num=0, order=0x0, group=0x0, having=0x0, proc_param=0x0, select_options=2147748608, result=0x7fef38c60560, unit=0x7fef38c19b48, select_lex=0x7fef38c1a280) at /data/src/10.2/sql/sql_select.cc:3583
 
#14 0x00007fef80ebab25 in handle_select (thd=0x7fef38c16070, lex=0x7fef38c19a80, result=0x7fef38c60560, setup_tables_done_option=0) at /data/src/10.2/sql/sql_select.cc:373
 
#15 0x00007fef80e8746f in execute_sqlcom_select (thd=0x7fef38c16070, all_tables=0x0) at /data/src/10.2/sql/sql_parse.cc:6356
 
#16 0x00007fef80e7cf2a in mysql_execute_command (thd=0x7fef38c16070) at /data/src/10.2/sql/sql_parse.cc:3379
 
#17 0x00007fef80e8ae2e in mysql_parse (thd=0x7fef38c16070, rawbuf=0x7fef38c60088 "SELECT JSON_VALID(REPEAT('{\"a\":', 100000))", length=42, parser_state=0x7fef81f7ee20, is_com_multi=false, is_next_command=false) at /data/src/10.2/sql/sql_parse.cc:7799
 
#18 0x00007fef80e78b7e in dispatch_command (command=COM_QUERY, thd=0x7fef38c16070, packet=0x7fef38c54071 "", packet_length=42, is_com_multi=false, is_next_command=false) at /data/src/10.2/sql/sql_parse.cc:1808
 
#19 0x00007fef80e77558 in do_command (thd=0x7fef38c16070) at /data/src/10.2/sql/sql_parse.cc:1368
 
#20 0x00007fef80fbea26 in do_handle_one_connection (connect=0x7fef7d85ff70) at /data/src/10.2/sql/sql_connect.cc:1354
 
#21 0x00007fef80fbe7b3 in handle_one_connection (arg=0x7fef7d85ff70) at /data/src/10.2/sql/sql_connect.cc:1260
 
#22 0x00007fef804b60a4 in start_thread (arg=0x7fef81f80300) at pthread_create.c:309
 
#23 0x00007fef7e46387d in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:111



 Comments   
Comment by Alexey Botchkov [ 2016-12-03 ]

http://lists.askmonty.org/pipermail/commits/2016-December/010174.html

Generated at Thu Feb 08 07:50:09 UTC 2024 using Jira 8.20.16#820016-sha1:9d11dbea5f4be3d4cc21f03a88dd11d8c8687422.