[#MDEV-11938] json.json_no_table crashes or fails with valgrind warnings in json_find_path / Item_func_json_length::val

10.2 3d12587ca
$ perl ./mtr json.json_no_table --valgrind
...
json.json_no_table [ fail ] Found warnings/errors in server log file!
Test ended at 2017-01-30 01:39:38
line
==11518== Thread 6:
==11518== Conditional jump or move depends on uninitialised value(s)
==11518== at 0x10F5C05: json_find_path (json_lib.c:1309)
==11518== by 0xAF0ACD: Item_func_json_length::val_int() (item_jsonfunc.cc:1746)
==11518== by 0x935F42: Item::send(Protocol, String) (item.cc:6888)
==11518== by 0x5E06F9: Protocol::send_result_set_row(List<Item>*) (protocol.cc:979)
==11518== by 0x660A2F: select_send::send_data(List<Item>&) (sql_class.cc:2761)
==11518== by 0x6EE4EC: JOIN::exec_inner() (sql_select.cc:3279)
==11518== by 0x6EDF87: JOIN::exec() (sql_select.cc:3199)
==11518== by 0x6EF0F0: mysql_select(THD, TABLE_LIST, unsigned int, List<Item>&, Item, unsigned int, st_order, st_order, Item, st_order, unsigned long long, select_result, st_select_lex_unit, st_select_lex) (sql_select.cc:3584)
==11518== by 0x6E40D0: handle_select(THD, LEX, select_result*, unsigned long) (sql_select.cc:373)
==11518== by 0x6B05CA: execute_sqlcom_select(THD, TABLE_LIST) (sql_parse.cc:6399)
==11518== by 0x6A65E4: mysql_execute_command(THD*) (sql_parse.cc:3429)
==11518== by 0x6B3F9B: mysql_parse(THD, char, unsigned int, Parser_state*, bool, bool) (sql_parse.cc:7842)
==11518== by 0x6A20A6: dispatch_command(enum_server_command, THD, char, unsigned int, bool, bool) (sql_parse.cc:1800)
==11518== by 0x6A0A9E: do_command(THD*) (sql_parse.cc:1360)
==11518== by 0x7E93DF: do_handle_one_connection(CONNECT*) (sql_connect.cc:1354)
==11518== by 0x7E916C: handle_one_connection (sql_connect.cc:1260)
...

Attempting backtrace. You can use the following information to find out

where mysqld died. If you see no messages after this, something went

terribly wrong...

stack_bottom = 0x11746ae60 thread_stack 0x48c00

0   mysqld                              0x000000011021cbce my_print_stacktrace + 46

0   mysqld                              0x000000010fb1e160 handle_fatal_signal + 720

0   libsystem_c.dylib                   0x00007fff8a671cfa _sigtramp + 26

0   mysqld                              0x000000010fc3afcd my_malloc_size_cb_func + 45

0   mysqld                              0x000000010fe60670 _ZN22Item_func_json_extract7val_strEP6String + 220

0   mysqld                              0x000000010fb2bb10 _ZN4Item4sendEP8ProtocolP6String + 76

0   mysqld                              0x000000010fc66a7c _ZN8Protocol19send_result_set_rowEP4ListI4ItemE + 142

0   mysqld                              0x000000010fccf5a1 _ZN11select_send9send_dataER4ListI4ItemE + 99

0   mysqld                              0x000000010fd77008 _ZN4JOIN10exec_innerEv + 700

0   mysqld                              0x000000010fd768e3 _Z12mysql_selectP3THDP10TABLE_LISTjR4ListI4ItemEPS4_jP8st_orderS9_S7_S9_yP13select_resultP18st_select_lex_unitP13st_select_lex + 707

0   mysqld                              0x000000010fd778fb _Z13handle_selectP3THDP3LEXP13select_resultm + 299

0   mysqld                              0x000000010fd10e43 _ZL21execute_sqlcom_selectP3THDP10TABLE_LIST + 1123

0   mysqld                              0x000000010fd129c4 _Z21mysql_execute_commandP3THD + 5780

0   mysqld                              0x000000010fd1aaea _Z11mysql_parseP3THDPcjP12Parser_statebb + 410

0   mysqld                              0x000000010fd1ce19 _Z16dispatch_command19enum_server_commandP3THDPcjbb + 2937

0   mysqld                              0x000000010fd1edfa _Z10do_commandP3THD + 1354

0   mysqld                              0x000000010fe000be _Z24do_handle_one_connectionP7CONNECT + 638

0   mysqld                              0x000000010fe001cb handle_one_connection + 59

0   mysqld                              0x00000001101c41e8 pfs_spawn_thread + 296

0   libsystem_c.dylib                   0x00007fff8a61d8bf _pthread_start + 335

0   libsystem_c.dylib                   0x00007fff8a620b75 thread_start + 13

Trying to get some variables.

Some pointers may be invalid and cause the dump to abort.

Query (0x7fb0d2195a20): is an invalid pointer

Connection ID (thread ID): 619

Status: NOT_KILLED

[MDEV-11938] json.json_no_table crashes or fails with valgrind warnings in json_find_path / Item_func_json_length::val_int Created: 2017-01-29 Updated: 2017-02-02 Resolved: 2017-02-02
Status:	Closed
Project:	MariaDB Server
Component/s:	JSON
Affects Version/s:	10.2
Fix Version/s:	10.2.4

[MDEV-11938] json.json_no_table crashes or fails with valgrind warnings in json_find_path / Item_func_json_length::val_int Created: 2017-01-29 Updated: 2017-02-02 Resolved: 2017-02-02