[#MDEV-17657] cte + geometry crash

Version: '10.3.10-MariaDB'  socket: ''  port: 3306  mariadb.org binary distribution

[ERROR] mysqld got exception 0xc0000005 ;

terribly wrong...

mysqld.exe!Gcalc_scan_iterator::event_point::simple_event()[gcalc_slicescan.h:424]

mysqld.exe!Item_func_distance::val_real()[item_geofunc.cc:2434]

mysqld.exe!Item_cache_real::cache_value()[item.cc:10065]

mysqld.exe!Item_cache_real::val_real()[item.cc:10073]

mysqld.exe!Item_direct_ref::val_real()[item.cc:8434]

mysqld.exe!Arg_comparator::compare_real()[item_cmpfunc.cc:802]

mysqld.exe!Item_func_le::val_int()[item_cmpfunc.cc:1775]

mysqld.exe!evaluate_join_record()[sql_select.cc:19393]

mysqld.exe!sub_select()[sql_select.cc:19295]

mysqld.exe!do_select()[sql_select.cc:18835]

mysqld.exe!JOIN::exec_inner()[sql_select.cc:4037]

mysqld.exe!JOIN::exec()[sql_select.cc:3830]

mysqld.exe!mysql_select()[sql_select.cc:4236]

mysqld.exe!mysql_derived_fill()[sql_derived.cc:1168]

mysqld.exe!mysql_handle_single_derived()[sql_derived.cc:197]

mysqld.exe!st_join_table::preread_init()[sql_select.cc:12472]

mysqld.exe!sub_select()[sql_select.cc:19263]

mysqld.exe!do_select()[sql_select.cc:18835]

mysqld.exe!JOIN::exec_inner()[sql_select.cc:4037]

mysqld.exe!JOIN::exec()[sql_select.cc:3830]

mysqld.exe!mysql_select()[sql_select.cc:4236]

mysqld.exe!handle_select()[sql_select.cc:370]

mysqld.exe!execute_sqlcom_select()[sql_parse.cc:6547]

mysqld.exe!mysql_execute_command()[sql_parse.cc:3769]

mysqld.exe!mysql_parse()[sql_parse.cc:8096]

mysqld.exe!dispatch_command()[sql_parse.cc:1852]

mysqld.exe!do_command()[sql_parse.cc:1394]

mysqld.exe!threadpool_process_request()[threadpool_common.cc:358]

mysqld.exe!tp_callback()[threadpool_common.cc:186]

drop table if exists t;

create table t(a int)engine=innodb;

insert into t values(1);

with  recursive   cte1

as( select(st_distance(point(21510,694)  ,

st_geomcollfromwkb(geometrycollection( linestring( point(25379,17862), point(6681,30275),

point(-26660,1.657696e+308), point(-19034, 9236.9238), point(3476,-10459), point(11969,27300),

point(-14087,-9794), point(1.494934e+308,-13287)),linestring( point(12321,4518),

point(8032,21492), point(-8325,-25260), point(-28709,-3642), point(29325,-25119),

point(21317,8796093022210), point(-20917,-28292), point(19939,-22107),

point(-8084,-6337)))  )  ) )as a1  from  t  )

select cte1 .a1   from cte1

where cte1 .a1  <= 'B! .$ ,*f* #} *-<}*#!c /e{A ^a$$ :*0^*}*=5c > $';

select a1 from

(select st_distance(point(1,1), st_geomcollfromwkb(geometrycollection( linestring(point(2,2))))) as a1 from dual) tmp

where tmp.a1  < 'aaa';

10.2 a12b8ac8e963

#4  0x0000562e35c06538 in Gcalc_scan_iterator::event_point::simple_event (this=0x0) at /git/10.2/sql/gcalc_slicescan.h:425

#5  0x0000562e35c05361 in Item_func_distance::val_real (this=0x7f75b0015c20) at /git/10.2/sql/item_geofunc.cc:2443

#6  0x0000562e35ba3ad9 in Arg_comparator::compare_real (this=0x7f75b0015a00) at /git/10.2/sql/item_cmpfunc.cc:844

#7  0x0000562e35bb77aa in Arg_comparator::compare (this=0x7f75b0015a00) at /git/10.2/sql/item_cmpfunc.h:87

#8  0x0000562e35ba6a8d in Item_func_lt::val_int (this=0x7f75b0015940) at /git/10.2/sql/item_cmpfunc.cc:1831

#9  0x0000562e35bdbad4 in eval_const_cond (cond=0x7f75b0015940) at /git/10.2/sql/item_func.cc:80

#10 0x0000562e3595706e in Item_bool_func2::remove_eq_conds (this=0x7f75b0015940, thd=0x7f75b0000b00, cond_value=0x7f75b00151a8, top_level_arg=true) at /git/10.2/sql/sql_select.cc:15848

#11 0x0000562e35955f72 in optimize_cond (join=0x7f75b0014e98, conds=0x7f75b0015940, join_list=0x7f75b00129f0, ignore_on_conds=false, cond_value=0x7f75b00151a8, cond_equal=0x7f75b00152d0, flags=1) at /git/10.2/sql/sql_select.cc:15390

#12 0x0000562e35930af6 in JOIN::optimize_inner (this=0x7f75b0014e98) at /git/10.2/sql/sql_select.cc:1368

#13 0x0000562e3592fbc7 in JOIN::optimize (this=0x7f75b0014e98) at /git/10.2/sql/sql_select.cc:1115

#14 0x0000562e358bf4bd in mysql_derived_optimize (thd=0x7f75b0000b00, lex=0x7f75b0004618, derived=0x7f75b0013e80) at /git/10.2/sql/sql_derived.cc:926

#15 0x0000562e358bdb3c in mysql_handle_single_derived (lex=0x7f75b0004618, derived=0x7f75b0013e80, phases=4) at /git/10.2/sql/sql_derived.cc:197

#16 0x0000562e35930c79 in JOIN::optimize_inner (this=0x7f75b0014870) at /git/10.2/sql/sql_select.cc:1399

#17 0x0000562e3592fbc7 in JOIN::optimize (this=0x7f75b0014870) at /git/10.2/sql/sql_select.cc:1115

#18 0x0000562e3593903a in mysql_select (thd=0x7f75b0000b00, tables=0x7f75b0013e80, wild_num=0, fields=..., conds=0x7f75b0014648, og_num=0, order=0x0, group=0x0, having=0x0, proc_param=0x0, select_options=2147748608, result=0x7f75b0014850, unit=0x7f75b00046e0, select_lex=0x7f75b0004e18) at /git/10.2/sql/sql_select.cc:3802

#19 0x0000562e3592d388 in handle_select (thd=0x7f75b0000b00, lex=0x7f75b0004618, result=0x7f75b0014850, setup_tables_done_option=0) at /git/10.2/sql/sql_select.cc:376

#20 0x0000562e358f89dd in execute_sqlcom_select (thd=0x7f75b0000b00, all_tables=0x7f75b0013e80) at /git/10.2/sql/sql_parse.cc:6478

#21 0x0000562e358ee659 in mysql_execute_command (thd=0x7f75b0000b00) at /git/10.2/sql/sql_parse.cc:3484

#22 0x0000562e358fc869 in mysql_parse (thd=0x7f75b0000b00, rawbuf=0x7f75b0012590 "select a1 from\n(select st_distance(point(1,1), st_geomcollfromwkb(geometrycollection( linestring(point(2,2))))) as a1 from dual) tmp\nwhere tmp.a1  < 'aaa'", length=154, parser_state=0x7f75fc4f7080, is_com_multi=false, is_next_command=false) at /git/10.2/sql/sql_parse.cc:8012

#23 0x0000562e358e9eca in dispatch_command (command=COM_QUERY, thd=0x7f75b0000b00, packet=0x7f75b0096051 "select a1 from\n(select st_distance(point(1,1), st_geomcollfromwkb(geometrycollection( linestring(point(2,2))))) as a1 from dual) tmp\nwhere tmp.a1  < 'aaa'", packet_length=154, is_com_multi=false, is_next_command=false) at /git/10.2/sql/sql_parse.cc:1824

#24 0x0000562e358e8826 in do_command (thd=0x7f75b0000b00) at /git/10.2/sql/sql_parse.cc:1378

#25 0x0000562e35a3a8d6 in do_handle_one_connection (connect=0x562e39cafce0) at /git/10.2/sql/sql_connect.cc:1335

#26 0x0000562e35a3a656 in handle_one_connection (arg=0x562e39cafce0) at /git/10.2/sql/sql_connect.cc:1241

#27 0x0000562e3626956a in pfs_spawn_thread (arg=0x562e39bfb380) at /git/10.2/storage/perfschema/pfs.cc:1862

#28 0x00007f760bb3a6ba in start_thread (arg=0x7f75fc4f8700) at pthread_create.c:333

#29 0x00007f760afcf41d in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:109

SELECT x FROM ( SELECT 0 x UNION SELECT ST_ISSIMPLE ( ST_GEOMFROMTEXT ( 'MULTILINESTRING((0 5))' ) ) ) is_streaming WHERE x ;

Version: '10.4.32-MariaDB-debug-log'

231004  9:10:24 [ERROR] mysqld got signal 11 ;

Server version: 10.4.32-MariaDB-debug-log source revision: 50a2e8b1892b6b8a276d4bd75a1a02148f9e6ff2

sigaction.c:0(__restore_rt)[0x7f472b588420]

sql/gcalc_slicescan.h:425(Gcalc_scan_iterator::event_point::simple_event() const)[0x55b825c4c531]

sql/item_geofunc.cc:2129(Item_func_issimple::val_int())[0x55b825c4352a]

sql/item_cmpfunc.cc:950(Arg_comparator::compare_int_signed())[0x55b825b440d1]

sql/item_cmpfunc.h:104(Arg_comparator::compare())[0x55b825b85e9a]

sql/item_cmpfunc.cc:1813(Item_func_ne::val_int())[0x55b825b4df41]

sql/sql_type.cc:4607(Type_handler_int_result::Item_val_bool(Item*) const)[0x55b8258338b6]

sql/item.h:1474(Item::val_bool())[0x55b824ff3d52]

sql/item.h:1482(Item::eval_const_cond())[0x55b82544816c]

sql/sql_select.cc:17867(Item_bool_func2::remove_eq_conds(THD*, Item::cond_result*, bool))[0x55b8253e5b3e]

sql/sql_select.cc:17403(optimize_cond(JOIN*, Item*, List<TABLE_LIST>*, bool, Item::cond_result*, COND_EQUAL**, int))[0x55b8253e2e32]

sql/sql_select.cc:2113(JOIN::optimize_inner())[0x55b82536f293]

sql/sql_select.cc:1711(JOIN::optimize())[0x55b82536ac2b]

sql/sql_union.cc:1490(st_select_lex_unit::optimize())[0x55b82557eb5b]

sql/sql_derived.cc:998(mysql_derived_optimize(THD*, LEX*, TABLE_LIST*))[0x55b8251deb86]

sql/sql_derived.cc:200(mysql_handle_single_derived(LEX*, TABLE_LIST*, unsigned int))[0x55b8251d96ea]

sql/sql_select.cc:2201(JOIN::optimize_inner())[0x55b825370190]

sql/sql_select.cc:1711(JOIN::optimize())[0x55b82536ac2b]

sql/sql_select.cc:4812(mysql_select(THD*, TABLE_LIST*, unsigned int, List<Item>&, Item*, unsigned int, st_order*, st_order*, Item*, st_order*, unsigned long long, select_result*, st_select_lex_unit*, st_select_lex*))[0x55b82538bc1d]

sql/sql_select.cc:442(handle_select(THD*, LEX*, select_result*, unsigned long))[0x55b82535c922]

sql/sql_parse.cc:6475(execute_sqlcom_select(THD*, TABLE_LIST*))[0x55b8252c872c]

sql/sql_parse.cc:3978(mysql_execute_command(THD*))[0x55b8252b5ea3]

sql/sql_parse.cc:8012(mysql_parse(THD*, char*, unsigned int, Parser_state*, bool, bool))[0x55b8252d1c07]

sql/sql_parse.cc:1860(dispatch_command(enum_server_command, THD*, char*, unsigned int, bool, bool))[0x55b8252a802d]

sql/sql_parse.cc:1378(do_command(THD*))[0x55b8252a4b58]

sql/sql_connect.cc:1420(do_handle_one_connection(CONNECT*))[0x55b8256b27fd]

sql/sql_connect.cc:1325(handle_one_connection)[0x55b8256b20a1]

perfschema/pfs.cc:1871(pfs_spawn_thread)[0x55b82635c99a]

nptl/pthread_create.c:478(start_thread)[0x7f472b57c609]

Query (0x62b0000a1420): SELECT x FROM ( SELECT 0 x UNION SELECT ST_ISSIMPLE ( ST_GEOMFROMTEXT ( 'MULTILINESTRING((0 5))' ) ) ) is_streaming WHERE x

231003 10:37:31 [ERROR] mysqld got signal 11 ;

Server version: 10.4.32-MariaDB-debug-log source revision: 50a2e8b1892b6b8a276d4bd75a1a02148f9e6ff2

sigaction.c:0(__restore_rt)[0x7f031baab420]

sql/gcalc_slicescan.h:425(Gcalc_scan_iterator::event_point::simple_event() const)[0x55750518b531]

sql/item_geofunc.cc:2437(Item_func_distance::val_real())[0x5575051870d2]

sql/sql_type.cc:4602(Type_handler_real_result::Item_val_bool(Item*) const)[0x557504d7282a]

sql/item.h:1474(Item::val_bool())[0x557504532d52]

sql/item_cmpfunc.cc:3014(Item_func_case_searched::find_item())[0x55750509ab3b]

sql/item_cmpfunc.cc:3047(Item_func_case::str_op(String*))[0x55750509b1d1]

sql/item_func.h:736(Item_func_hybrid_field_type::str_op_with_null_check(String*))[0x557504da0b99]

sql/item_func.cc:962(Item_func_hybrid_field_type::val_decimal_from_str_op(my_decimal*))[0x557505113e2f]

sql/sql_type.cc:5153(Type_handler_string_result::Item_func_hybrid_field_type_val_decimal(Item_func_hybrid_field_type*, my_decimal*) const)[0x557504d762c7]

sql/item_func.h:812(Item_func_hybrid_field_type::val_decimal(my_decimal*))[0x5575047b7a42]

sql/item.h:1560(Item::val_decimal_result(my_decimal*))[0x5575045331ad]

sql/item.cc:10310(Item_cache_decimal::cache_value())[0x55750505b5f7]

sql/item.h:6951(Item_cache::has_value())[0x557504da7e26]

sql/item.cc:10335(Item_cache_decimal::val_decimal(my_decimal*))[0x55750505b8b4]

sql/sql_type.cc:195(VDec::VDec(Item*))[0x557504d5846e]

sql/item_cmpfunc.cc:872(Arg_comparator::compare_decimal())[0x557505081739]

sql/item_cmpfunc.h:104(Arg_comparator::compare())[0x5575050c4e9a]

sql/item_cmpfunc.cc:1813(Item_func_ne::val_int())[0x55750508cf41]

sql/sql_type.cc:4607(Type_handler_int_result::Item_val_bool(Item*) const)[0x557504d728b6]

sql/item.h:1474(Item::val_bool())[0x557504532d52]

sql/item.h:1482(Item::eval_const_cond())[0x55750498716c]

sql/sql_select.cc:17867(Item_bool_func2::remove_eq_conds(THD*, Item::cond_result*, bool))[0x557504924b3e]

sql/sql_select.cc:17403(optimize_cond(JOIN*, Item*, List<TABLE_LIST>*, bool, Item::cond_result*, COND_EQUAL**, int))[0x557504921e32]

sql/sql_select.cc:2113(JOIN::optimize_inner())[0x5575048ae293]

sql/sql_select.cc:1711(JOIN::optimize())[0x5575048a9c2b]

sql/sql_derived.cc:1029(mysql_derived_optimize(THD*, LEX*, TABLE_LIST*))[0x55750471df3f]

sql/sql_derived.cc:200(mysql_handle_single_derived(LEX*, TABLE_LIST*, unsigned int))[0x5575047186ea]

sql/sql_select.cc:2201(JOIN::optimize_inner())[0x5575048af190]

sql/sql_select.cc:1711(JOIN::optimize())[0x5575048a9c2b]

sql/sql_derived.cc:1029(mysql_derived_optimize(THD*, LEX*, TABLE_LIST*))[0x55750471df3f]

sql/sql_derived.cc:200(mysql_handle_single_derived(LEX*, TABLE_LIST*, unsigned int))[0x5575047186ea]

sql/sql_select.cc:2201(JOIN::optimize_inner())[0x5575048af190]

sql/sql_select.cc:1711(JOIN::optimize())[0x5575048a9c2b]

sql/sql_lex.cc:4236(st_select_lex::optimize_unflattened_subqueries(bool))[0x5575047825f2]

sql/opt_subselect.cc:5636(JOIN::optimize_constant_subqueries())[0x557504cf408e]

sql/sql_select.cc:2048(JOIN::optimize_inner())[0x5575048acfa1]

sql/sql_select.cc:1711(JOIN::optimize())[0x5575048a9c2b]

sql/sql_select.cc:4812(mysql_select(THD*, TABLE_LIST*, unsigned int, List<Item>&, Item*, unsigned int, st_order*, st_order*, Item*, st_order*, unsigned long long, select_result*, st_select_lex_unit*, st_select_lex*))[0x5575048cac1d]

sql/sql_select.cc:442(handle_select(THD*, LEX*, select_result*, unsigned long))[0x55750489b922]

sql/sql_parse.cc:6475(execute_sqlcom_select(THD*, TABLE_LIST*))[0x55750480772c]

sql/sql_parse.cc:3978(mysql_execute_command(THD*))[0x5575047f4ea3]

sql/sql_parse.cc:8012(mysql_parse(THD*, char*, unsigned int, Parser_state*, bool, bool))[0x557504810c07]

sql/sql_parse.cc:1860(dispatch_command(enum_server_command, THD*, char*, unsigned int, bool, bool))[0x5575047e702d]

sql/sql_parse.cc:1378(do_command(THD*))[0x5575047e3b58]

sql/sql_connect.cc:1420(do_handle_one_connection(CONNECT*))[0x557504bf17fd]

sql/sql_connect.cc:1325(handle_one_connection)[0x557504bf10a1]

perfschema/pfs.cc:1871(pfs_spawn_thread)[0x55750589b99a]

nptl/pthread_create.c:478(start_thread)[0x7f031ba9f609]

Query (0x62b0000a1420): SELECT ( WITH x ( x ) AS ( WITH x ( x ) AS ( SELECT ST_DISTANCE ( ST_GEOMFROMTEXT ( 'MULTILINESTRING((1 5))' ) , ST_GEOMFROMTEXT ( 'MULTIPOINT(151 -68)' ) ) ) SELECT CASE WHEN x THEN 'x' END FROM x ) SELECT 1 FROM x WHERE x )

[MDEV-17657] cte + geometry crash Created: 2018-11-09 Updated: 2023-11-28
Status:	Confirmed
Project:	MariaDB Server
Component/s:	GIS
Affects Version/s:	10.3.10, 10.2, 10.3, 10.4, 10.5, 10.6, 10.9, 10.10, 10.11, 11.0, 11.1, 11.2
Fix Version/s:	10.4, 10.5, 10.6, 10.11, 11.0

[MDEV-17657] cte + geometry crash Created: 2018-11-09 Updated: 2023-11-28