Segmentation fault at /mariadb-11.3.0/sql/sql_lex.cc:4227

Run these queries in release build:

CREATE TABLE t0 ( c43 DECIMAL ( 31 ) DEFAULT ( 45 ) ) ;
INSERT INTO t0 VALUES ( 13 ) , ( 29 ) ;
ALTER TABLE t0 ADD COLUMN c24 INT AFTER c43 ;
INSERT INTO t0 VALUES ( DEFAULT , DEFAULT ) , ( DEFAULT , DEFAULT ) ;
SELECT t1 . c22 AS c9 FROM ( SELECT ( SELECT + EXISTS ( SELECT -128 AS c29 ) << LOCATE ( t0 . c43 , t0 . c24 <= t0 . c24 NOT BETWEEN 4642475734208631537 AND -108 , NULLIF ( 57 , -8 ) SOUNDS LIKE TRIM( TRAILING FROM 6107036197732405580 ) ) - t0 . c43 AS c57 FROM t0 LIMIT 1 ) AS c22 FROM t0 ) AS t1 HAVING TRIM( CASE t1 . c22 WHEN -16 THEN RAND ( ) % HEX ( t1 . c22 ) - SUBSTRING_INDEX ( t1 . c22 , ':A9SEZxtjN,fKN*zR' , 'V*vhJb}&c%Op,[T[S,j`F9NDsK;\'8 4;m"
P,ce}1r"3ID1DN' ) >> NULLIF ( t1 . c22 , -95 ) ELSE -2 END IS TRUE FROM t1 . c22 >= EXISTS ( SELECT t2 . c57 AS c59 FROM ( SELECT CASE c24 WHEN -103 THEN 85 ELSE 22 END IS TRUE AS c57 FROM t0 ) AS t2 WHERE MOD ( 64 , 46 ) = CONVERT ( 73 , BINARY ) % RAND ( ) IS NOT NULL = -65 GROUP BY c57 , c22 , c22 WINDOW w0 AS ( PARTITION BY t2 . c57 ) ) & PI ( ) ) ;

Will trigger Segmentation fault.
GDB info:
Thread 17 "mariadbd" received signal SIGSEGV, Segmentation fault.
[Switching to Thread 0x7fffe011a700 (LWP 45342)]
0x0000555555d4af6a in st_select_lex_unit::set_limit (this=0x7fff980719d0, sl=0x0)
at /home/wx/mariadb-11.3.0/sql/sql_lex.cc:4227
4227 lim.set_limit(sl->get_limit(), sl->get_offset(), sl->limit_params.with_ties);
(gdb) p sl
$1 = (st_select_lex *) 0x0

#0 0x0000555555d4af6a in st_select_lex_unit::set_limit (this=0x7fff980719d0, sl=0x0)
at /home/wx/mariadb-11.3.0/sql/sql_lex.cc:4227
#1 0x00005555560b133e in subselect_single_select_engine::exec (this=0x7fff98016bb0)
at /home/wx/mariadb-11.3.0/sql/item_subselect.cc:4074
#2 0x00005555560b040c in Item_subselect::exec (this=0x7fff98016a20)
at /home/wx/mariadb-11.3.0/sql/item_subselect.cc:812
#3 0x00005555560afd03 in Item_singlerow_subselect::val_int (this=0x7fff98016a20)
at /home/wx/mariadb-11.3.0/sql/item_subselect.cc:1462
#4 0x0000555555fef893 in Item_direct_view_ref::val_int_result (this=0x7fff9807c578)
at /home/wx/mariadb-11.3.0/sql/item.cc:9518
#5 0x0000555555fef2e3 in Item_ref::val_int (this=0x7fff98074cd0)
at /home/wx/mariadb-11.3.0/sql/item.cc:8522
#6 0x00005555560106cd in Arg_comparator::compare_int_unsigned (this=0x7fff980793b8)
at /home/wx/mariadb-11.3.0/sql/item_cmpfunc.cc:963
#7 0x0000555556010d2f in Arg_comparator::compare (this=<optimized out>)
at /home/wx/mariadb-11.3.0/sql/item_cmpfunc.h:104
#8 Item_func_ge::val_int (this=<optimized out>)
at /home/wx/mariadb-11.3.0/sql/item_cmpfunc.cc:1812
#9 0x0000555556044dba in Item_int_func::val_str (this=0x7fff98079300, str=0x7fffe01182e0)
at /home/wx/mariadb-11.3.0/sql/item_func.cc:760
#10 0x00005555560835ed in Item_func_trim::val_str (this=0x7fff98079528, str=<optimized out>)
at /home/wx/mariadb-11.3.0/sql/item_strfunc.cc:2477
#11 0x000055555607f344 in Item_str_func::val_int (this=<optimized out>)
at /home/wx/mariadb-11.3.0/sql/item_strfunc.cc:165
#12 0x0000555555dd9c5d in end_send (join=0x7fff98079ef8, join_tab=0x7fff98085168,
end_of_records=<optimized out>) at /home/wx/mariadb-11.3.0/sql/sql_select.cc:24685
#13 0x0000555555dad6d4 in evaluate_join_record (join=join@entry=0x7fff98079ef8,
join_tab=join_tab@entry=0x7fff98084cf0, error=<optimized out>)
at /home/wx/mariadb-11.3.0/sql/sql_select.cc:23677
#14 0x0000555555dbf7fb in sub_select (join=0x7fff98079ef8, join_tab=0x7fff98084cf0,
end_of_records=false) at /home/wx/mariadb-11.3.0/sql/sql_select.cc:23444
#15 0x0000555555df19b2 in do_select (procedure=<optimized out>, join=0x7fff98079ef8)
at /home/wx/mariadb-11.3.0/sql/sql_select.cc:22961
#16 JOIN::exec_inner (this=this@entry=0x7fff98079ef8)
at /home/wx/mariadb-11.3.0/sql/sql_select.cc:4941
#17 0x0000555555df1d78 in JOIN::exec (this=this@entry=0x7fff98079ef8)
at /home/wx/mariadb-11.3.0/sql/sql_select.cc:4718
#18 0x0000555555defe1c in mysql_select (thd=thd@entry=0x7fff98000c58, tables=0x7fff98073200,
fields=..., conds=0x0, og_num=0, order=0x0, group=0x0, having=0x7fff98079528,
proc_param=0x0, select_options=<optimized out>, result=0x7fff98079ed0,
unit=0x7fff98004ee8, select_lex=0x7fff980132f8)
at /home/wx/mariadb-11.3.0/sql/sql_select.cc:5249
#19 0x0000555555df0607 in handle_select (thd=thd@entry=0x7fff98000c58,
lex=lex@entry=0x7fff98004e08, result=result@entry=0x7fff98079ed0,
setup_tables_done_option=setup_tables_done_option@entry=0)
at /home/wx/mariadb-11.3.0/sql/sql_select.cc:628
#20 0x0000555555d6de41 in execute_sqlcom_select (thd=thd@entry=0x7fff98000c58,
all_tables=0x7fff98073200) at /home/wx/mariadb-11.3.0/sql/sql_parse.cc:6013
#21 0x0000555555d7c2aa in mysql_execute_command (thd=thd@entry=0x7fff98000c58,
is_called_from_prepared_stmt=is_called_from_prepared_stmt@entry=false)
at /home/wx/mariadb-11.3.0/sql/sql_parse.cc:3912
#22 0x0000555555d68c27 in mysql_parse (thd=0x7fff98000c58, rawbuf=<optimized out>,
length=<optimized out>, parser_state=<optimized out>)
at /home/wx/mariadb-11.3.0/sql/sql_parse.cc:7734
#23 0x0000555555d74fdd in dispatch_command (command=command@entry=COM_QUERY,
thd=thd@entry=0x7fff98000c58, packet=packet@entry=0x7fff98008509 "",
packet_length=packet_length@entry=811, blocking=blocking@entry=true)
at /home/wx/mariadb-11.3.0/sql/sql_class.h:251
#24 0x0000555555d7721e in do_command (thd=0x7fff98000c58, blocking=blocking@entry=true)
at /home/wx/mariadb-11.3.0/sql/sql_parse.cc:1406
#25 0x0000555555e9a617 in do_handle_one_connection (connect=<optimized out>,
connect@entry=0x555557e0ae58, put_in_cache=put_in_cache@entry=true)
at /home/wx/mariadb-11.3.0/sql/sql_connect.cc:1445
#26 0x0000555555e9a94d in handle_one_connection (arg=arg@entry=0x555557e0ae58)
at /home/wx/mariadb-11.3.0/sql/sql_connect.cc:1347
#27 0x00005555561e658d in pfs_spawn_thread (arg=0x555557db46e8)
at /home/wx/mariadb-11.3.0/storage/perfschema/pfs.cc:2201
#28 0x00007ffff7b48609 in start_thread () from /lib/x86_64-linux-gnu/libpthread.so.0
#29 0x00007ffff7719133 in clone () from /lib/x86_64-linux-gnu/libc.so.6