Bug#21487833: DBUG_ABORT() IN JSON_WRAPPER::MAKE_HASH_KEY WITH ORDERED JSON

If a NULL value is inserted into a not nullable JSON column (which is
possible if strict SQL mode is turned off), an empty string is
inserted at that position. Since an empty string is not a valid
representation of a JSON value, code that attempts to parse it, might
raise an error, or possibly hit an assertion in debug builds.

Field_json::val_json() knows about this case and will return a
representation of the JSON null literal if it encounters it. However,
some parts of the code bypass val_json() and access the internal
representation directly, and they fail when they try to parse the
stored value.

This patch fixes the failures by making the failing code access the
JSON values via Field_json::val_json(), which doesn't suffer from this
problem, instead of accessing the internal representation directly.

Author: kahatlen

mysql-test/r/json.result

@@ -13032,3 +13032,28 @@ j1	jv	j2	JSON_ARRAY(j1, jv, j2)
 1	1	1	[1, 1, 1]
 DROP TABLE t1, t2;
 DROP VIEW v;
+#
+# Bug#21487833: DBUG_ABORT() IN JSON_WRAPPER::MAKE_HASH_KEY
+#               WITH ORDERED JSON
+#
+Warnings:
+Warning	3135	'NO_ZERO_DATE', 'NO_ZERO_IN_DATE' and 'ERROR_FOR_DIVISION_BY_ZERO' sql modes should be used with strict mode. They will be merged with strict mode in a future release.
+CREATE TABLE t (a BLOB, b JSON NOT NULL) ENGINE=InnoDB;
+INSERT INTO t VALUES ('', NULL), ('', NULL);
+Warnings:
+Warning	1048	Column 'b' cannot be null
+UPDATE t SET a = 1 ORDER BY b;
+SELECT COUNT(a) FROM t GROUP BY b;
+COUNT(a)
+2
+SELECT DISTINCT B FROM t;
+B
+null
+SELECT b FROM t UNION DISTINCT SELECT b FROM t;
+b
+null
+SELECT * FROM t ORDER BY b;
+a	b
+1	null
+1	null
+DROP TABLE t;

mysql-test/t/json.test

@@ -5903,6 +5903,21 @@ SELECT j1, jv, j2, JSON_ARRAY(j1, jv, j2) FROM t1 LEFT JOIN v ON j1 = jv;
 DROP TABLE t1, t2;
 DROP VIEW v;
 
+--echo #
+--echo # Bug#21487833: DBUG_ABORT() IN JSON_WRAPPER::MAKE_HASH_KEY
+--echo #               WITH ORDERED JSON
+--echo #
+--source include/turn_off_strict_mode.inc
+CREATE TABLE t (a BLOB, b JSON NOT NULL) ENGINE=InnoDB;
+INSERT INTO t VALUES ('', NULL), ('', NULL);
+UPDATE t SET a = 1 ORDER BY b;
+SELECT COUNT(a) FROM t GROUP BY b;
+SELECT DISTINCT B FROM t;
+SELECT b FROM t UNION DISTINCT SELECT b FROM t;
+SELECT * FROM t ORDER BY b;
+DROP TABLE t;
+--source include/restore_strict_mode.inc
+
 # Local Variables:
 # mode: sql
 # sql-product: mysql

sql/field.cc

@@ -9046,19 +9046,23 @@ bool Field_json::get_time(MYSQL_TIME *ltime)
 
 void Field_json::make_sort_key(uchar *to, size_t length)
 {
-  String tmp;
-  String *s= Field_blob::val_str(&tmp, &tmp);
-  Json_wrapper wr(json_binary::parse_binary(s->ptr(), s->length()));
+  Json_wrapper wr;
+  if (val_json(&wr))
+  {
+    /* purecov: begin inspected */
+    memset(to, 0, length);
+    return;
+    /* purecov: end */
+  }
   wr.make_sort_key(to, length);
 }
 
 
 ulonglong Field_json::make_hash_key(ulonglong *hash_val)
 {
-  String tmp;
-  String *s= Field_blob::val_str(&tmp, &tmp);
-  Json_wrapper wr(json_binary::parse_binary(s->ptr(), s->length()));
-
+  Json_wrapper wr;
+  if (val_json(&wr))
+    return *hash_val;                         /* purecov: inspected */
   return wr.make_hash_key(hash_val);
 }
 

sql/sql_executor.cc

@@ -36,7 +36,6 @@
 #include "sql_optimizer.h"    // JOIN
 #include "sql_show.h"         // get_schema_tables_result
 #include "sql_tmp_table.h"    // create_tmp_table
-#include "json_binary.h"    // json_binary::Value
 #include "json_dom.h"    // Json_wrapper
 
 #include <algorithm>
@@ -3098,29 +3097,18 @@ static bool cmp_field_value(Field *field, my_ptrdiff_t diff)
 
     Field_json *json_field= down_cast<Field_json *>(field);
 
-    char *left_data;
-    json_field->get_ptr(pointer_cast<uchar **>(&left_data));
-    json_binary::Value left_value(json_binary::parse_binary(left_data, src_len));
-    if (left_value.type() == json_binary::Value::ERROR)
-    {
-      /* purecov: begin inspected */
-      my_error(ER_INVALID_JSON_BINARY_DATA, MYF(0));
-      return true;
-      /* purecov: end */
-    }
-    Json_wrapper left_wrapper(left_value);
-
-    char *right_data;
-    json_field->get_ptr(pointer_cast<uchar **>(&right_data), diff);
-    json_binary::Value right_value(json_binary::parse_binary(right_data, dst_len));
-    if (right_value.type() == json_binary::Value::ERROR)
-    {
-      /* purecov: begin inspected */
-      my_error(ER_INVALID_JSON_BINARY_DATA, MYF(0));
-      return true;
-      /* purecov: end */
-    }
-    Json_wrapper right_wrapper(right_value);
+    // Fetch the JSON value on the left side of the comparison.
+    Json_wrapper left_wrapper;
+    if (json_field->val_json(&left_wrapper))
+      return true;                            /* purecov: inspected */
+
+    // Fetch the JSON value on the right side of the comparison.
+    Json_wrapper right_wrapper;
+    json_field->ptr+= diff;
+    bool err= json_field->val_json(&right_wrapper);
+    json_field->ptr-= diff;
+    if (err)
+      return true;                            /* purecov: inspected */
 
     return (left_wrapper.compare(right_wrapper) != 0);
   }