Bug #86249 handle_fatal_signal (sig=6) in Item_func_sp::val_json | No assertion message
Submitted: 10 May 2017 1:24 Modified: 24 May 2017 10:02
Reporter: Roel Van de Paar Email Updates:
Status: Closed Impact on me:
None 
Category:MySQL Server: JSON Severity:S6 (Debug Builds)
Version:5.7.17, 5.7.18 OS:Any
Assigned to: CPU Architecture:Any

[10 May 2017 1:24] Roel Van de Paar 
Description:
2017-05-10T00:54:21.294758Z 0 [Note] /sda/MS010217-mysql-5.7.17-linux-x86_64-debug/bin/mysqld: ready for connections.
Version: '5.7.17-debug'  socket: '/sda/MS010217-mysql-5.7.17-linux-x86_64-debug/socket.sock'  port: 18388  MySQL Community Server (GPL)
00:54:28 UTC - mysqld got signal 6 ;
This could be because you hit a bug. It is also possible that this binary

How to repeat:
DROP DATABASE test;CREATE DATABASE test;USE test;
CREATE FUNCTION f0() RETURNS INT DETERMINISTIC RETURN 0;
create table t0 (d decimal);
ALTER TABLE t0 ADD COLUMN j JSON;
INSERT INTO t0 VALUES (null,test.f0()),(null,test.f0()),(null,test.f0());

Core was generated by `/sda/MS010217-mysql-5.7.17-linux-x86_64-debug/bin/mysqld --no-defaults --core-f'.
Program terminated with signal 6, Aborted.
#0  0x00007f1fc1cae741 in __pthread_kill (threadid=<optimized out>, signo=6) at ../nptl/sysdeps/unix/sysv/linux/pthread_kill.c:61
61	  val = INTERNAL_SYSCALL (tgkill, err, 3, THREAD_GETMEM (THREAD_SELF, pid),
(gdb) bt
#0  0x00007f1fc1cae741 in __pthread_kill (threadid=<optimized out>, signo=6) at ../nptl/sysdeps/unix/sysv/linux/pthread_kill.c:61
#1  0x0000000001826d71 in my_write_core (sig=6) at /git/mysql-server_dbg/mysys/stacktrace.c:249
#2  0x0000000000e75574 in handle_fatal_signal (sig=6) at /git/mysql-server_dbg/sql/signal_handler.cc:220
#3  <signal handler called>
#4  0x00007f1fc00421d7 in __GI_raise (sig=sig@entry=6) at ../nptl/sysdeps/unix/sysv/linux/raise.c:56
#5  0x00007f1fc00438c8 in __GI_abort () at abort.c:90
#6  0x0000000000f96262 in Item_func_sp::val_json (this=0x7f1f8442c5c0, result=0x7f1fc229edc0)
    at /git/mysql-server_dbg/sql/item_func.cc:8491
#7  0x0000000000f7d0ca in Item_func::save_possibly_as_json (this=0x7f1f8442c5c0, field=0x7f1f844ab4d0, no_conversions=false)
    at /git/mysql-server_dbg/sql/item_func.cc:607
#8  0x0000000000f9629a in Item_func_sp::save_in_field_inner (this=0x7f1f8442c5c0, field=0x7f1f844ab4d0, no_conversions=false)
    at /git/mysql-server_dbg/sql/item_func.cc:8501
#9  0x0000000000f1963c in Item::save_in_field (this=0x7f1f8442c5c0, field=0x7f1f844ab4d0, no_conversions=false)
    at /git/mysql-server_dbg/sql/item.cc:6738
#10 0x000000000147bc92 in fill_record (thd=0x7f1f84419000, table=0x7f1f8445b020, ptr=0x7f1f844abb60, values=..., bitmap=0x0, 
    insert_into_fields_bitmap=0x0) at /git/mysql-server_dbg/sql/sql_base.cc:9549
#11 0x000000000147bf67 in fill_record_n_invoke_before_triggers (thd=0x7f1f84419000, ptr=0x7f1f844abb50, values=..., 
    table=0x7f1f8445b020, event=TRG_EVENT_INSERT, num_fields=2) at /git/mysql-server_dbg/sql/sql_base.cc:9631
#12 0x0000000001714d43 in Sql_cmd_insert::mysql_insert (this=0x7f1f8442cc10, thd=0x7f1f84419000, table_list=0x7f1f8442c030)
    at /git/mysql-server_dbg/sql/sql_insert.cc:751
#13 0x000000000171b652 in Sql_cmd_insert::execute (this=0x7f1f8442cc10, thd=0x7f1f84419000)
    at /git/mysql-server_dbg/sql/sql_insert.cc:3103
#14 0x00000000014f5d69 in mysql_execute_command (thd=0x7f1f84419000, first_level=true) at /git/mysql-server_dbg/sql/sql_parse.cc:3606
#15 0x00000000014fb5f5 in mysql_parse (thd=0x7f1f84419000, parser_state=0x7f1fc22a0550) at /git/mysql-server_dbg/sql/sql_parse.cc:5611
#16 0x00000000014f0c1d in dispatch_command (thd=0x7f1f84419000, com_data=0x7f1fc22a0cb0, command=COM_QUERY)
    at /git/mysql-server_dbg/sql/sql_parse.cc:1461
#17 0x00000000014efa44 in do_command (thd=0x7f1f84419000) at /git/mysql-server_dbg/sql/sql_parse.cc:999
#18 0x000000000161f9d0 in handle_connection (arg=0x7f1f973ec860)
    at /git/mysql-server_dbg/sql/conn_handler/connection_handler_per_thread.cc:300
#19 0x00000000018534f9 in pfs_spawn_thread (arg=0x7f1fa5a76220) at /git/mysql-server_dbg/storage/perfschema/pfs.cc:2188
#20 0x00007f1fc1ca9dc5 in start_thread (arg=0x7f1fc22a1700) at pthread_create.c:308
#21 0x00007f1fc010473d in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:113

Suggested fix:
* Add a proper assertion message (note; there is no assertion!)
* Assertion itself may be bug
[10 May 2017 1:26] Roel Van de Paar 
Please fix this assertion message, and please fix this in 5.7 also. Ref bug 79801
[10 May 2017 5:39] MySQL Verification Team 
Hello Roel,

Thank you for the report and test case.
Observed that 5.7.18 debug build is affected.

Thanks,
Umesh
[24 May 2017 10:02] Erlend Dahl 
Fixed in 8.0.2 under the heading of

Bug#25818544 PLEASE REMOVE DBUG_ABORT() FROM THE JSON CODE ...