CREATE TABLE t1 (a VARCHAR(8) NULL, b BIGINT);

INSERT INTO t1 (a,b) VALUES (NULL,NULL),('foo',NULL);

SELECT DISTINCT STRCMP((b > COLLATION(STDDEV_SAMP(15750))), a) AS f FROM t1;

# Cleanup

DROP TABLE t1;

==1859240==ERROR: AddressSanitizer: use-after-poison on address 0x62b000003100 at pc 0x7fab59559f2d bp 0x7fab4e0e6cb0 sp 0x7fab4e0e6458

WRITE of size 944 at 0x62b000003100 thread T5

    #0 0x7fab59559f2c  (/lib/x86_64-linux-gnu/libasan.so.5+0x67f2c)

    #1 0x55985aca169d in JOIN::make_aggr_tables_info() /data/src/10.2/sql/sql_select.cc:2693

    #2 0x55985ac9c3e1 in JOIN::optimize_inner() /data/src/10.2/sql/sql_select.cc:2259

    #3 0x55985ac90c21 in JOIN::optimize() /data/src/10.2/sql/sql_select.cc:1127

    #4 0x55985acac328 in mysql_select(THD*, TABLE_LIST*, unsigned int, List<Item>&, Item*, unsigned int, st_order*, st_order*, Item*, st_order*, unsigned long long, select_result*, st_select_lex_unit*, st_select_lex*) /data/src/10.2/sql/sql_select.cc:3835

    #5 0x55985ac88eef in handle_select(THD*, LEX*, select_result*, unsigned long) /data/src/10.2/sql/sql_select.cc:361

    #6 0x55985abffd5c in execute_sqlcom_select /data/src/10.2/sql/sql_parse.cc:6271

    #7 0x55985abed0e5 in mysql_execute_command(THD*) /data/src/10.2/sql/sql_parse.cc:3582

    #8 0x55985ac09271 in mysql_parse(THD*, char*, unsigned int, Parser_state*, bool, bool) /data/src/10.2/sql/sql_parse.cc:7793

    #9 0x55985abe2476 in dispatch_command(enum_server_command, THD*, char*, unsigned int, bool, bool) /data/src/10.2/sql/sql_parse.cc:1827

    #10 0x55985abdf241 in do_command(THD*) /data/src/10.2/sql/sql_parse.cc:1381

    #11 0x55985af68faf in do_handle_one_connection(CONNECT*) /data/src/10.2/sql/sql_connect.cc:1336

    #12 0x55985af68872 in handle_one_connection /data/src/10.2/sql/sql_connect.cc:1241

    #13 0x55985c30ea01 in pfs_spawn_thread /data/src/10.2/storage/perfschema/pfs.cc:1869

    #14 0x7fab58f85608 in start_thread /build/glibc-eX1tMB/glibc-2.31/nptl/pthread_create.c:477

    #15 0x7fab58b61292 in __clone (/lib/x86_64-linux-gnu/libc.so.6+0x122292)

0x62b000003100 is located 12032 bytes inside of 24716-byte region [0x62b000000200,0x62b00000628c)

allocated by thread T5 here:

    #0 0x7fab595ffbc8 in malloc (/lib/x86_64-linux-gnu/libasan.so.5+0x10dbc8)

    #1 0x55985c42b4ee in sf_malloc /data/src/10.2/mysys/safemalloc.c:118

    #2 0x55985c3f7477 in my_malloc /data/src/10.2/mysys/my_malloc.c:101

    #3 0x55985c3d425b in reset_root_defaults /data/src/10.2/mysys/my_alloc.c:147

    #4 0x55985ab27fe7 in THD::init_for_queries() /data/src/10.2/sql/sql_class.cc:1316

    #5 0x55985af681e5 in prepare_new_connection_state(THD*) /data/src/10.2/sql/sql_connect.cc:1172

    #6 0x55985af688bc in thd_prepare_connection(THD*) /data/src/10.2/sql/sql_connect.cc:1256

    #7 0x55985af68eda in do_handle_one_connection(CONNECT*) /data/src/10.2/sql/sql_connect.cc:1326

    #8 0x55985af68872 in handle_one_connection /data/src/10.2/sql/sql_connect.cc:1241

    #9 0x55985c30ea01 in pfs_spawn_thread /data/src/10.2/storage/perfschema/pfs.cc:1869

    #10 0x7fab58f85608 in start_thread /build/glibc-eX1tMB/glibc-2.31/nptl/pthread_create.c:477

Thread T5 created by T0 here:

    #0 0x7fab5952c805 in pthread_create (/lib/x86_64-linux-gnu/libasan.so.5+0x3a805)

    #1 0x55985c30edf2 in spawn_thread_v1 /data/src/10.2/storage/perfschema/pfs.cc:1919

    #2 0x55985a983243 in inline_mysql_thread_create /data/src/10.2/include/mysql/psi/mysql_thread.h:1246

    #3 0x55985a99b19a in create_thread_to_handle_connection(CONNECT*) /data/src/10.2/sql/mysqld.cc:6573

    #4 0x55985a99b935 in create_new_thread /data/src/10.2/sql/mysqld.cc:6643

    #5 0x55985a99cad8 in handle_connections_sockets() /data/src/10.2/sql/mysqld.cc:6901

    #6 0x55985a99a4eb in mysqld_main(int, char**) /data/src/10.2/sql/mysqld.cc:6192

    #7 0x55985a981afc in main /data/src/10.2/sql/main.cc:25

    #8 0x7fab58a660b2 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x270b2)

SUMMARY: AddressSanitizer: use-after-poison (/lib/x86_64-linux-gnu/libasan.so.5+0x67f2c) 

Shadow bytes around the buggy address:

  0x0c567fff85d0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00

  0x0c567fff85e0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00

  0x0c567fff85f0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00

  0x0c567fff8600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00

  0x0c567fff8610: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00

=>0x0c567fff8620:[f7]00 00 f7 00 00 f7 00 00 00 00 00 00 00 00 00

  0x0c567fff8630: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00

  0x0c567fff8640: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00

  0x0c567fff8650: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00

  0x0c567fff8660: 00 f7 00 00 00 00 00 00 00 00 00 00 00 00 00 00

  0x0c567fff8670: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00

Shadow byte legend (one shadow byte represents 8 application bytes):

  Addressable:           00

  Partially addressable: 01 02 03 04 05 06 07 

  Heap left redzone:       fa

  Freed heap region:       fd

  Stack left redzone:      f1

  Stack mid redzone:       f2

  Stack right redzone:     f3

  Stack after return:      f5

  Stack use after scope:   f8

  Global redzone:          f9

  Global init order:       f6

  Poisoned by user:        f7

  Container overflow:      fc

  Array cookie:            ac

  Intra object redzone:    bb

  ASan internal:           fe

  Left alloca redzone:     ca

  Right alloca redzone:    cb

  Shadow gap:              cc

==1859240==ABORTING

#3  <signal handler called>

#4  0x00005645b1d43a28 in JOIN_CACHE::free (this=0x8f8f8f8f8f8f8f8f) at /data/src/10.2/sql/sql_join_cache.h:682

#5  0x00005645b1d17e0e in st_join_table::cleanup (this=0x7fc9d8015400) at /data/src/10.2/sql/sql_select.cc:11955

#6  0x00005645b1d18eae in JOIN::cleanup (this=0x7fc9d8013758, full=true) at /data/src/10.2/sql/sql_select.cc:12381

#7  0x00005645b1d18b45 in JOIN::join_free (this=0x7fc9d8013758) at /data/src/10.2/sql/sql_select.cc:12284

#8  0x00005645b1d28233 in do_select (join=0x7fc9d8013758, procedure=0x0) at /data/src/10.2/sql/sql_select.cc:18464

#9  0x00005645b1d01c0d in JOIN::exec_inner (this=0x7fc9d8013758) at /data/src/10.2/sql/sql_select.cc:3651

#10 0x00005645b1d010b4 in JOIN::exec (this=0x7fc9d8013758) at /data/src/10.2/sql/sql_select.cc:3446

#11 0x00005645b1d0228e in mysql_select (thd=0x7fc9d8000d90, tables=0x7fc9d8013038, wild_num=0, fields=..., conds=0x0, og_num=0, order=0x0, group=0x0, having=0x0, proc_param=0x0, select_options=2147748609, result=0x7fc9d8013738, unit=0x7fc9d8004988, select_lex=0x7fc9d80050d8) at /data/src/10.2/sql/sql_select.cc:3849

#12 0x00005645b1cf63e2 in handle_select (thd=0x7fc9d8000d90, lex=0x7fc9d80048c8, result=0x7fc9d8013738, setup_tables_done_option=0) at /data/src/10.2/sql/sql_select.cc:361

#13 0x00005645b1cc0ad6 in execute_sqlcom_select (thd=0x7fc9d8000d90, all_tables=0x7fc9d8013038) at /data/src/10.2/sql/sql_parse.cc:6271

#14 0x00005645b1cb764a in mysql_execute_command (thd=0x7fc9d8000d90) at /data/src/10.2/sql/sql_parse.cc:3582

#15 0x00005645b1cc4892 in mysql_parse (thd=0x7fc9d8000d90, rawbuf=0x7fc9d8012708 "SELECT DISTINCT STRCMP((b > COLLATION(STDDEV_SAMP(15750))), a) AS f FROM t1", length=75, parser_state=0x7fc9e87f5560, is_com_multi=false, is_next_command=false) at /data/src/10.2/sql/sql_parse.cc:7793

#16 0x00005645b1cb2aed in dispatch_command (command=COM_QUERY, thd=0x7fc9d8000d90, packet=0x7fc9d8008b61 "", packet_length=75, is_com_multi=false, is_next_command=false) at /data/src/10.2/sql/sql_parse.cc:1827

#17 0x00005645b1cb15e8 in do_command (thd=0x7fc9d8000d90) at /data/src/10.2/sql/sql_parse.cc:1381

#18 0x00005645b1e0ca81 in do_handle_one_connection (connect=0x5645b499b0d0) at /data/src/10.2/sql/sql_connect.cc:1336

#19 0x00005645b1e0c7e6 in handle_one_connection (arg=0x5645b499b0d0) at /data/src/10.2/sql/sql_connect.cc:1241

#20 0x00005645b2638bf2 in pfs_spawn_thread (arg=0x5645b497e4d0) at /data/src/10.2/storage/perfschema/pfs.cc:1869

#21 0x00007fc9eecf8609 in start_thread (arg=<optimized out>) at pthread_create.c:477

#22 0x00007fc9ee8d4293 in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:95

mariadbd: /data/src/10.6/mysys/mf_iocache.c:428: reinit_io_cache: Assertion `info->type == READ_CACHE || info->type == WRITE_CACHE' failed.

210611  1:55:55 [ERROR] mysqld got signal 6 ;

#7  0x00007f49678fcf36 in __GI___assert_fail (assertion=0x55845b8fb1d0 "info->type == READ_CACHE || info->type == WRITE_CACHE", file=0x55845b8faff0 "/data/src/10.6/mysys/mf_iocache.c", line=428, function=0x55845b8fb790 <__PRETTY_FUNCTION__.15116> "reinit_io_cache") at assert.c:101

#8  0x000055845b366175 in reinit_io_cache (info=0x7f49500193a0, type=READ_CACHE, seek_offset=0, use_async_io=0 '\000', clear_cache=0 '\000') at /data/src/10.6/mysys/mf_iocache.c:428

#9  0x000055845ac2ca52 in init_read_record (info=0x7f4950018af8, thd=0x7f4950000db8, table=0x7f49500faee8, select=0x7f4950019380, filesort=0x0, use_record_cache=1, print_error=true, disable_rr_cache=false) at /data/src/10.6/sql/records.cc:242

#10 0x000055845a7602e3 in join_init_read_record (tab=0x7f4950018a30) at /data/src/10.6/sql/sql_select.cc:21957

#11 0x000055845a75ddbe in sub_select (join=0x7f49500173d0, join_tab=0x7f4950018a30, end_of_records=false) at /data/src/10.6/sql/sql_select.cc:20993

#12 0x000055845a75d32c in do_select (join=0x7f49500173d0, procedure=0x0) at /data/src/10.6/sql/sql_select.cc:20543

#13 0x000055845a730b51 in JOIN::exec_inner (this=0x7f49500173d0) at /data/src/10.6/sql/sql_select.cc:4726

#14 0x000055845a72fbc7 in JOIN::exec (this=0x7f49500173d0) at /data/src/10.6/sql/sql_select.cc:4504

#15 0x000055845a731501 in mysql_select (thd=0x7f4950000db8, tables=0x7f49500163e0, fields=..., conds=0x0, og_num=0, order=0x0, group=0x0, having=0x0, proc_param=0x0, select_options=2147748609, result=0x7f49500173a8, unit=0x7f4950005130, select_lex=0x7f49500156b8) at /data/src/10.6/sql/sql_select.cc:4982

#16 0x000055845a7207ad in handle_select (thd=0x7f4950000db8, lex=0x7f4950005068, result=0x7f49500173a8, setup_tables_done_option=0) at /data/src/10.6/sql/sql_select.cc:544

#17 0x000055845a6e182c in execute_sqlcom_select (thd=0x7f4950000db8, all_tables=0x7f49500163e0) at /data/src/10.6/sql/sql_parse.cc:6242

#18 0x000055845a6d8ad5 in mysql_execute_command (thd=0x7f4950000db8) at /data/src/10.6/sql/sql_parse.cc:3937

#19 0x000055845a6e6676 in mysql_parse (thd=0x7f4950000db8, rawbuf=0x7f49500155c0 "SELECT DISTINCT STRCMP((b > COLLATION(STDDEV_SAMP(15750))), a) AS f FROM t1", length=75, parser_state=0x7f4962157480) at /data/src/10.6/sql/sql_parse.cc:8016

#20 0x000055845a6d2b00 in dispatch_command (command=COM_QUERY, thd=0x7f4950000db8, packet=0x7f495000b879 "", packet_length=75, blocking=true) at /data/src/10.6/sql/sql_parse.cc:1897

#21 0x000055845a6d14a5 in do_command (thd=0x7f4950000db8, blocking=true) at /data/src/10.6/sql/sql_parse.cc:1406

#22 0x000055845a88dcff in do_handle_one_connection (connect=0x55845eb93cb8, put_in_cache=true) at /data/src/10.6/sql/sql_connect.cc:1410

#23 0x000055845a88da5b in handle_one_connection (arg=0x55845eb91018) at /data/src/10.6/sql/sql_connect.cc:1312

#24 0x000055845adf97bd in pfs_spawn_thread (arg=0x55845eb93808) at /data/src/10.6/storage/perfschema/pfs.cc:2201

#25 0x00007f4967e14609 in start_thread (arg=<optimized out>) at pthread_create.c:477

#26 0x00007f49679e8293 in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:95

#5  <signal handler called>

#6  0x0000000000000002 in ?? ()

#7  0x000055f291a4e11e in copy_fields (param=0x7f13f8012318) at /data/src/10.2/sql/sql_select.cc:23520

#8  0x000055f291a4e6a2 in end_write (join=0x7f13f80103b0, join_tab=0x7f13f8011ca8, end_of_records=<optimized out>) at /data/src/10.2/sql/sql_select.cc:20277

#9  0x000055f291a5c7fa in AGGR_OP::put_record (this=<optimized out>) at /data/src/10.2/sql/sql_select.h:973

#10 sub_select_postjoin_aggr (join=0x7f13f80103b0, join_tab=<optimized out>, end_of_records=<optimized out>) at /data/src/10.2/sql/sql_select.cc:18595

#11 0x000055f291a2efcf in evaluate_join_record (join=join@entry=0x7f13f80103b0, join_tab=join_tab@entry=0x7f13f80118f8, error=<optimized out>) at /data/src/10.2/sql/sql_select.cc:19094

#12 0x000055f291a38d43 in sub_select (end_of_records=false, join_tab=0x7f13f80118f8, join=0x7f13f80103b0) at /data/src/10.2/sql/sql_select.cc:18874

#13 sub_select (join=0x7f13f80103b0, join_tab=0x7f13f80118f8, end_of_records=<optimized out>) at /data/src/10.2/sql/sql_select.cc:18809

#14 0x000055f291a619c7 in do_select (procedure=<optimized out>, join=0x7f13f80103b0) at /data/src/10.2/sql/sql_select.cc:18418

#15 JOIN::exec_inner (this=this@entry=0x7f13f80103b0) at /data/src/10.2/sql/sql_select.cc:3651

#16 0x000055f291a61c67 in JOIN::exec (this=this@entry=0x7f13f80103b0) at /data/src/10.2/sql/sql_select.cc:3446

#17 0x000055f291a61daa in mysql_select (thd=0x7f13f8000c48, tables=0x7f13f800fc90, wild_num=0, fields=..., conds=0x0, og_num=0, order=0x0, group=0x0, having=0x0, proc_param=0x0, select_options=<optimized out>, result=0x7f13f8010390, unit=0x7f13f8004680, select_lex=0x7f13f8004dd0) at /data/src/10.2/sql/sql_select.cc:3849

#18 0x000055f291a62747 in handle_select (thd=thd@entry=0x7f13f8000c48, lex=lex@entry=0x7f13f80045c0, result=result@entry=0x7f13f8010390, setup_tables_done_option=setup_tables_done_option@entry=0) at /data/src/10.2/sql/sql_select.cc:361

#19 0x000055f2919f7d01 in execute_sqlcom_select (thd=0x7f13f8000c48, all_tables=0x7f13f800fc90) at /data/src/10.2/sql/sql_parse.cc:6271

#20 0x000055f291a0550a in mysql_execute_command (thd=<optimized out>) at /data/src/10.2/sql/sql_parse.cc:3582

#21 0x000055f291a0820b in mysql_parse (thd=thd@entry=0x7f13f8000c48, rawbuf=<optimized out>, length=<optimized out>, parser_state=parser_state@entry=0x7f1409e56520, is_com_multi=is_com_multi@entry=false, is_next_command=is_next_command@entry=false) at /data/src/10.2/sql/sql_parse.cc:7793

#22 0x000055f291a0b41d in dispatch_command (command=COM_QUERY, thd=0x7f13f8000c48, packet=<optimized out>, packet_length=<optimized out>, is_com_multi=<optimized out>, is_next_command=<optimized out>) at /data/src/10.2/sql/sql_class.h:1109

#23 0x000055f291a0c63d in do_command (thd=0x7f13f8000c48) at /data/src/10.2/sql/sql_parse.cc:1381

#24 0x000055f291ae59d6 in do_handle_one_connection (connect=connect@entry=0x55f2942fd2c8) at /data/src/10.2/sql/sql_connect.cc:1336

#25 0x000055f291ae5b4f in handle_one_connection (arg=arg@entry=0x55f2942fd2c8) at /data/src/10.2/sql/sql_connect.cc:1241

#26 0x000055f2920827b6 in pfs_spawn_thread (arg=0x55f29430e1b8) at /data/src/10.2/storage/perfschema/pfs.cc:1869

#27 0x00007f141035b609 in start_thread (arg=<optimized out>) at pthread_create.c:477

#28 0x00007f140ff52293 in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:95

#3  <signal handler called>

#4  base_list_iterator::next_fast (this=<synthetic pointer>) at /data/src/10.3/sql/sql_list.h:442

#5  List_iterator_fast<Item>::operator++ (this=<synthetic pointer>) at /data/src/10.3/sql/sql_list.h:562

#6  copy_fields (param=0x7f124c012750) at /data/src/10.3/sql/sql_select.cc:24494

#7  0x00005608366f99e2 in end_write (join=0x7f124c0107f8, join_tab=0x7f124c012100, end_of_records=<optimized out>) at /data/src/10.3/sql/sql_select.cc:21231

#8  0x000056083670827a in AGGR_OP::put_record (this=<optimized out>) at /data/src/10.3/sql/sql_select.h:1030

#9  sub_select_postjoin_aggr (join=0x7f124c0107f8, join_tab=<optimized out>, end_of_records=<optimized out>) at /data/src/10.3/sql/sql_select.cc:19542

#10 0x00005608366d5489 in evaluate_join_record (join=join@entry=0x7f124c0107f8, join_tab=join_tab@entry=0x7f124c011d70, error=<optimized out>) at /data/src/10.3/sql/sql_select.cc:20040

#11 0x00005608366e3443 in sub_select (end_of_records=false, join_tab=0x7f124c011d70, join=0x7f124c0107f8) at /data/src/10.3/sql/sql_select.cc:19820

#12 sub_select (join=0x7f124c0107f8, join_tab=0x7f124c011d70, end_of_records=false) at /data/src/10.3/sql/sql_select.cc:19755

#13 0x000056083670d7ce in do_select (procedure=<optimized out>, join=0x7f124c0107f8) at /data/src/10.3/sql/sql_select.cc:19360

#14 JOIN::exec_inner (this=this@entry=0x7f124c0107f8) at /data/src/10.3/sql/sql_select.cc:4138

#15 0x000056083670db37 in JOIN::exec (this=this@entry=0x7f124c0107f8) at /data/src/10.3/sql/sql_select.cc:3932

#16 0x000056083670dc82 in mysql_select (thd=0x7f124c000c48, tables=0x7f124c010088, wild_num=0, fields=..., conds=0x0, og_num=0, order=0x0, group=0x0, having=0x0, proc_param=0x0, select_options=<optimized out>, result=0x7f124c0107d0, unit=0x7f124c004950, select_lex=0x7f124c0050e8) at /data/src/10.3/sql/sql_select.cc:4340

#17 0x000056083670e5cb in handle_select (thd=thd@entry=0x7f124c000c48, lex=lex@entry=0x7f124c004890, result=result@entry=0x7f124c0107d0, setup_tables_done_option=setup_tables_done_option@entry=0) at /data/src/10.3/sql/sql_select.cc:372

#18 0x000056083669e621 in execute_sqlcom_select (thd=0x7f124c000c48, all_tables=0x7f124c010088) at /data/src/10.3/sql/sql_parse.cc:6339

#19 0x00005608366ac2f4 in mysql_execute_command (thd=<optimized out>) at /data/src/10.3/sql/sql_parse.cc:3870

#20 0x00005608366aee63 in mysql_parse (thd=0x7f124c000c48, rawbuf=<optimized out>, length=<optimized out>, parser_state=<optimized out>, is_com_multi=<optimized out>, is_next_command=<optimized out>) at /data/src/10.3/sql/sql_parse.cc:7870

#21 0x00005608366b123d in dispatch_command (command=COM_QUERY, thd=0x7f124c000c48, packet=<optimized out>, packet_length=<optimized out>, is_com_multi=<optimized out>, is_next_command=<optimized out>) at /data/src/10.3/sql/sql_class.h:1152

#22 0x00005608366b31ed in do_command (thd=0x7f124c000c48) at /data/src/10.3/sql/sql_parse.cc:1398

#23 0x000056083679b6e6 in do_handle_one_connection (connect=connect@entry=0x560838a6c288) at /data/src/10.3/sql/sql_connect.cc:1403

#24 0x000056083679b8bf in handle_one_connection (arg=arg@entry=0x560838a6c288) at /data/src/10.3/sql/sql_connect.cc:1308

#25 0x0000560836d7a796 in pfs_spawn_thread (arg=0x560838b50048) at /data/src/10.3/storage/perfschema/pfs.cc:1869

#26 0x00007f126ddb4609 in start_thread (arg=<optimized out>) at pthread_create.c:477

#27 0x00007f126dcdb293 in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:95

#3  <signal handler called>

#4  0x0000557a9df8dca0 in vtable for Duplicate_weedout_picker ()

#5  0x0000557a9d0a0621 in copy_fields (param=0x7f7c500147d0) at /data/src/10.6/sql/sql_select.cc:25767

#6  0x0000557a9d0a0b62 in end_write (join=0x7f7c50012750, join_tab=0x7f7c50014160, end_of_records=<optimized out>) at /data/src/10.6/sql/sql_select.cc:22461

#7  0x0000557a9d078567 in evaluate_join_record (join=0x7f7c50012750, join_tab=0x7f7c50013db0, error=<optimized out>) at /data/src/10.6/sql/sql_select.cc:21219

#8  0x0000557a9d08a1e3 in sub_select (end_of_records=false, join_tab=0x7f7c50013db0, join=0x7f7c50012750) at /data/src/10.6/sql/sql_select.cc:20996

#9  sub_select (join=0x7f7c50012750, join_tab=0x7f7c50013db0, end_of_records=<optimized out>) at /data/src/10.6/sql/sql_select.cc:20925

#10 0x0000557a9d0b774c in do_select (procedure=<optimized out>, join=0x7f7c50012750) at /data/src/10.6/sql/sql_select.cc:20543

#11 JOIN::exec_inner (this=0x7f7c50012750) at /data/src/10.6/sql/sql_select.cc:4726

#12 0x0000557a9d0b7b29 in JOIN::exec (this=this@entry=0x7f7c50012750) at /data/src/10.6/sql/sql_select.cc:4504

#13 0x0000557a9d0b5b9a in mysql_select (thd=0x7f7c50000c58, tables=0x7f7c50011760, fields=..., conds=0x0, og_num=0, order=0x0, group=0x0, having=0x0, proc_param=0x0, select_options=<optimized out>, result=0x7f7c50012728, unit=0x7f7c50004e10, select_lex=0x7f7c50010a38) at /data/src/10.6/sql/sql_select.cc:4982

#14 0x0000557a9d0b6367 in handle_select (thd=thd@entry=0x7f7c50000c58, lex=lex@entry=0x7f7c50004d48, result=result@entry=0x7f7c50012728, setup_tables_done_option=setup_tables_done_option@entry=0) at /data/src/10.6/sql/sql_select.cc:544

#15 0x0000557a9d046b71 in execute_sqlcom_select (thd=0x7f7c50000c58, all_tables=0x7f7c50011760) at /data/src/10.6/sql/sql_parse.cc:6242

#16 0x0000557a9d054835 in mysql_execute_command (thd=0x7f7c50000c58) at /data/src/10.6/sql/sql_parse.cc:3937

#17 0x0000557a9d041ac5 in mysql_parse (thd=0x7f7c50000c58, rawbuf=<optimized out>, length=<optimized out>, parser_state=<optimized out>) at /data/src/10.6/sql/sql_parse.cc:8016

#18 0x0000557a9d04d9ed in dispatch_command (command=COM_QUERY, thd=0x7f7c50000c58, packet=<optimized out>, packet_length=<optimized out>, blocking=<optimized out>) at /data/src/10.6/sql/sql_class.h:1340

#19 0x0000557a9d04f928 in do_command (thd=0x7f7c50000c58, blocking=blocking@entry=true) at /data/src/10.6/sql/sql_parse.cc:1406

#20 0x0000557a9d15e2d7 in do_handle_one_connection (connect=<optimized out>, put_in_cache=true) at /data/src/10.6/sql/sql_connect.cc:1410

#21 0x0000557a9d15e63d in handle_one_connection (arg=arg@entry=0x557aa0db2428) at /data/src/10.6/sql/sql_connect.cc:1312

#22 0x0000557a9d4e3e3d in pfs_spawn_thread (arg=0x557aa0d40e28) at /data/src/10.6/storage/perfschema/pfs.cc:2201

#23 0x00007f7c70eeb609 in start_thread (arg=<optimized out>) at pthread_create.c:477

#24 0x00007f7c70ada293 in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:95

CREATE TABLE t1 (a BIGINT) AS SELECT 1 AS v3 UNION SELECT FALSE ;

 SELECT DISTINCT a IN ( COLLATION (AVG ('x'))) FROM t1 ;

210827 16:13:35 [ERROR] mysqld got signal 11 ;

Server version: 10.2.41-MariaDB-debug-log

sigaction.c:0(__restore_rt)[0x7f2c794c63c0]

sql/sql_join_cache.h:682(JOIN_CACHE::free())[0x55ab0db76ee2]

sql/sql_select.cc:11977(st_join_table::cleanup())[0x55ab0db4b21c]

sql/sql_select.cc:12403(JOIN::cleanup(bool))[0x55ab0db4c2bc]

sql/sql_select.cc:12307(JOIN::join_free())[0x55ab0db4bf53]

sql/sql_select.cc:18487(do_select(JOIN*, Procedure*))[0x55ab0db5b641]

sql/sql_select.cc:3651(JOIN::exec_inner())[0x55ab0db34f4b]

sql/sql_select.cc:3447(JOIN::exec())[0x55ab0db343f2]

sql/sql_select.cc:3851(mysql_select(THD*, TABLE_LIST*, unsigned int, List<Item>&, Item*, unsigned int, st_order*, st_order*, Item*, st_order*, unsigned long long, select_result*, st_select_lex_unit*, st_select_lex*))[0x55ab0db355cc]

sql/sql_select.cc:361(handle_select(THD*, LEX*, select_result*, unsigned long))[0x55ab0db29720]

sql/sql_parse.cc:6271(execute_sqlcom_select(THD*, TABLE_LIST*))[0x55ab0daf3d86]

sql/sql_parse.cc:3582(mysql_execute_command(THD*))[0x55ab0daea8fa]

sql/sql_parse.cc:7793(mysql_parse(THD*, char*, unsigned int, Parser_state*, bool, bool))[0x55ab0daf7b42]

sql/sql_parse.cc:1830(dispatch_command(enum_server_command, THD*, char*, unsigned int, bool, bool))[0x55ab0dae5d9d]

sql/sql_parse.cc:1381(do_command(THD*))[0x55ab0dae4898]

sql/sql_connect.cc:1336(do_handle_one_connection(CONNECT*))[0x55ab0dc40661]

sql/sql_connect.cc:1242(handle_one_connection)[0x55ab0dc403c6]

perfschema/pfs.cc:1871(pfs_spawn_thread)[0x55ab0e469ec4]

nptl/pthread_create.c:478(start_thread)[0x7f2c794ba609]

x86_64/clone.S:97(__GI___clone)[0x7f2c79095293]

Query (0x7f2c1c012708): SELECT DISTINCT a IN ( COLLATION (AVG ('x'))) FROM t1

    if ((group_list &&

         (!test_if_subpart(group_list, order) || select_distinct)) ||

        (select_distinct && tmp_table_param.using_outer_summary_function))

    {					/* Must copy to another table */

      DBUG_PRINT("info",("Creating group table"));

      calc_group_buffer(this, group_list);

      count_field_types(select_lex, &tmp_table_param, tmp_all_fields1,

                        select_distinct && !group_list);

      tmp_table_param.hidden_field_count=

        tmp_all_fields1.elements - tmp_fields_list1.elements;

      curr_tab++;

commit 2cfc450bf78c2d951729d1a0e8f731c0d987b1d5

Author: Igor Babaev <igor@askmonty.org>

Date:   Tue Feb 9 12:35:59 2016 -0800

    This is the consolidated patch for mdev-8646:

    "Re-factor the code for post-join operations".

    The patch mainly contains the code ported from mysql-5.6 and

    created for two essential architectural changes:

    1. WL#5558: Resolve ORDER BY execution method at the optimization stage

    2. WL#6071: Inline tmp tables into the nested loops algorithm

...

commit ce2260586dc18bf2b46e5ede488db085da33edf9

Author: monty@donna.mysql.com <>

Date:   Sun Jan 28 21:35:50 2001 +0200

    Fixed ALTER TABLE on MERGE tables

    Fixed bug in DISTINCT

SELECT DISTINCT a IN ( COLLATION (AVG ('x'))) FROM t1 

  $159 = 0x555557aff3c0 <dbug_item_print_buf> "t1.a = 0"

(gdb) p item->args[0]

  $160 = (Item_aggregate_ref *) 0x7fff9c018d38

(gdb) p item->args[1]->with_sum_func()

  $161 = false

(gdb) p item->args[1]

  $162 = (Item_int_with_ref *) 0x7fff9c018cb8

(gdb) p item->args[1]->with_sum_func()

  $163 = false

(gdb) p item->args[0]->ref[0]

  $165 = (Item_field *) 0x7fff9c016dd8

create table t1 (a int, b int);

insert into t1 select seq, seq from seq_1_to_10;

explain select distinct a, avg(1)+1 from t10;

+------+-------------+-------+------+---------------+------+---------+------+------+-------+

| id   | select_type | table | type | possible_keys | key  | key_len | ref  | rows | Extra |

+------+-------------+-------+------+---------------+------+---------+------+------+-------+

|    1 | SIMPLE      | t10   | ALL  | NULL          | NULL | NULL    | NULL | 6    |       |

+------+-------------+-------+------+---------------+------+---------+------+------+-------+

  if (group || tmp_table_param.sum_func_count)

  {

    if (! hidden_group_fields && rollup.state == ROLLUP::STATE_NONE

        && !select_lex->have_window_funcs())

      select_distinct=0;

  }

  need_tmp= test_if_need_tmp_table();

  if (tmp_table_param.sum_func_count && !group_list)

  {

    implicit_grouping= TRUE;

    // Result will contain zero or one row - ordering is meaningless

    order= NULL;

  }

+-------------------------------+

| a IN ( COLLATION (AVG ('x'))) |

+-------------------------------+

|                          NULL |

|                          NULL |

+-------------------------------+

SELECT DISTINCT a IN ( COLLATION (AVG ('x'))) FROM t1 ;

(gdb) wher

  #0  convert_const_to_int (thd=0x7fff7c000d50, field_item=0x7fff7c013978, item=0x7fff7c013eb8) at /home/psergey/dev-git/10.3-r3/sql/item_cmpfunc.cc:345

  #1  0x0000555555fbcea3 in Item_func::convert_const_compared_to_int_field (this=0x7fff7c013e20, thd=0x7fff7c000d50) at /home/psergey/dev-git/10.3-r3/sql/item_cmpfunc.cc:421

  #2  0x0000555555fbd073 in Item_func::setup_args_and_comparator (this=0x7fff7c013e20, thd=0x7fff7c000d50, cmp=0x7fff7c013ee0) at /home/psergey/dev-git/10.3-r3/sql/item_cmpfunc.cc:441

  #3  0x0000555555fbd239 in Item_bool_rowready_func2::fix_length_and_dec (this=0x7fff7c013e20) at /home/psergey/dev-git/10.3-r3/sql/item_cmpfunc.cc:474

  #4  0x0000555555ffcaff in Item_func::fix_fields (this=0x7fff7c013e20, thd=0x7fff7c000d50, ref=0x7fff7c013f90) at /home/psergey/dev-git/10.3-r3/sql/item_func.cc:370

  #5  0x0000555555b4a46c in Item::fix_fields_if_needed (this=0x7fff7c013e20, thd=0x7fff7c000d50, ref=0x7fff7c013f90) at /home/psergey/dev-git/10.3-r3/sql/item.h:829

  #6  0x0000555555b4a499 in Item::fix_fields_if_needed_for_scalar (this=0x7fff7c013e20, thd=0x7fff7c000d50, ref=0x7fff7c013f90) at /home/psergey/dev-git/10.3-r3/sql/item.h:833

  #7  0x0000555555bc473e in setup_fields (thd=0x7fff7c000d50, ref_pointer_array=..., fields=..., column_usage=MARK_COLUMNS_READ, sum_func_list=0x7fff7c014aa0, pre_fix=0x7fff7c0054d8, allow_sum_func=true) at /home/psergey/dev-git/10.3-r3/sql/sql_base.cc:7542

  #8  0x0000555555c9768f in JOIN::prepare (this=0x7fff7c014788, tables_init=0x7fff7c014028, wild_num=0, conds_init=0x0, og_num=0, order_init=0x0, skip_order_by=false, group_init=0x0, having_init=0x0, proc_param_init=0x0, select_lex_arg=0x7fff7c005398, unit_arg=0x7fff7c004c00) at /home/psergey/dev-git/10.3-r3/sql/sql_select.cc:1167

  #9  0x0000555555ca2fa9 in mysql_select (thd=0x7fff7c000d50, tables=0x7fff7c014028, wild_num=0, fields=..., conds=0x0, og_num=0, order=0x0, group=0x0, having=0x0, proc_param=0x0, select_options=2147748609, result=0x7fff7c014760, unit=0x7fff7c004c00, select_lex=0x7fff7c005398) at /home/psergey/dev-git/10.3-r3/sql/sql_select.cc:4346

  if (tmp_table_param.sum_func_count && !group_list)

  {

    implicit_grouping= TRUE;

    // Result will contain zero or one row - ordering is meaningless

    order= NULL;

  }

  if (group || tmp_table_param.sum_func_count)

  {

    if (! hidden_group_fields && rollup.state == ROLLUP::STATE_NONE

        && !select_lex->have_window_funcs())

      select_distinct=0;

  }

  need_tmp= test_if_need_tmp_table();

	  /*

	    Mark that the we have ignored an item that refers to a summary

	    function. We need to know this if someone is going to use

	    DISTINCT on the result.

	  */

	  param->using_outer_summary_function=1;

    /*

      If we have different sort & group then we must sort the data by group

      and copy it to another tmp table

      This code is also used if we are using distinct something

      we haven't been able to store in the temporary table yet

      like SEC_TO_TIME(SUM(...)).

    */

    if ((group_list &&

         (!test_if_subpart(group_list, order) || select_distinct)) ||

        (select_distinct && tmp_table_param.using_outer_summary_function))

    {					/* Must copy to another table */

      DBUG_PRINT("info",("Creating group table"));