Server crashes when a value returned from a stored function is inserted directly into JSON field
Affects | Status | Importance | Assigned to | Milestone | ||
---|---|---|---|---|---|---|
MySQL Server |
Unknown
|
Unknown
|
||||
Percona Server moved to https://jira.percona.com/projects/PS | Status tracked in 5.7 | |||||
5.5 |
New
|
Undecided
|
Unassigned | |||
5.6 |
New
|
Undecided
|
Unassigned | |||
5.7 |
Triaged
|
High
|
Unassigned |
Bug Description
The following code fragment results in a server crash
CREATE FUNCTION simple_udf() RETURNS VARCHAR(32) DETERMINISTIC NO SQL
RETURN '""';
CREATE TABLE t1(
id BIGINT UNSIGNED NOT NULL AUTO_INCREMENT PRIMARY KEY,
value JSON NOT NULL
) ENGINE=InnoDB;
INSERT INTO t1 VALUES(DEFAULT, simple_udf());
*******
#0 0x00007f653d300741 in pthread_kill () from /lib64/
#1 0x0000000001822840 in my_write_core (sig=6) at /home/yura/
#2 0x0000000000e747dc in handle_fatal_signal (sig=6) at /home/yura/
#3 <signal handler called>
#4 0x00007f653b8ad5f7 in raise () from /lib64/libc.so.6
#5 0x00007f653b8aece8 in abort () from /lib64/libc.so.6
#6 0x0000000000f94c96 in Item_func_
#7 0x0000000000f7bafe in Item_func:
#8 0x0000000000f94cce in Item_func_
#9 0x0000000000f18166 in Item::save_in_field (this=0x7f64ec0
#10 0x000000000147a432 in fill_record (thd=0x7f64ec12
#11 0x000000000147a707 in fill_record_
#12 0x0000000001711d50 in Sql_cmd_
#13 0x0000000001718567 in Sql_cmd_
#14 0x00000000014f3c26 in mysql_execute_
#15 0x00000000014f9418 in mysql_parse (thd=0x7f64ec12
#16 0x00000000014eed2a in dispatch_command (thd=0x7f64ec12
#17 0x00000000014edcbf in do_command (thd=0x7f64ec12
#18 0x000000000161ce7c in handle_connection (arg=0x3f6fba0) at /home/yura/
#19 0x0000000001c88984 in pfs_spawn_thread (arg=0x3edb6a0) at /home/yura/
#20 0x00007f653d2fbdc5 in start_thread () from /lib64/
#21 0x00007f653b96eced in clone () from /lib64/libc.so.6
*******
Tested on Percona Server 5.7.16
tags: | added: upstream |
summary: |
- Server crashes when a value returned from a user-defined function is - inserted directly into JSON field + Server crashes when a value returned from a stored function is inserted + directly into JSON field |
Percona now uses JIRA for bug reports so this bug report is migrated to: https:/ /jira.percona. com/browse/ PS-1033