2022-05-18 20:24:23 0 [Note] InnoDB: Using Linux native AIO
2022-05-18 20:24:23 0 [Note] InnoDB: !!!!!!!! UNIV_DEBUG switched on !!!!!!!!!
2022-05-18 20:24:23 0 [Note] InnoDB: Mutexes and rw_locks use GCC atomic builtins
2022-05-18 20:24:23 0 [Note] InnoDB: Uses event mutexes
2022-05-18 20:24:23 0 [Note] InnoDB: Compressed tables use zlib 1.2.11
2022-05-18 20:24:23 0 [Note] InnoDB: Number of pools: 1
2022-05-18 20:24:23 0 [Note] InnoDB: Using SSE2 crc32 instructions
2022-05-18 20:24:23 0 [Note] InnoDB: Initializing buffer pool, total size = 128M, instances = 1, chunk size = 128M
2022-05-18 20:24:23 0 [Note] InnoDB: Completed initialization of buffer pool
2022-05-18 20:24:23 0 [Note] InnoDB: If the mysqld execution user is authorized, page cleaner thread priority can be changed. See the man page of setpriority().
2022-05-18 20:24:23 0 [Note] InnoDB: Starting crash recovery from checkpoint LSN=2473865
2022-05-18 20:24:23 0 [Note] InnoDB: Starting final batch to recover 19 pages from redo log.
2022-05-18 20:24:24 0 [Note] InnoDB: 128 out of 128 rollback segments are active.
2022-05-18 20:24:24 0 [Note] InnoDB: Removed temporary tablespace data file: "ibtmp1"
2022-05-18 20:24:24 0 [Note] InnoDB: Creating shared tablespace for temporary tables
2022-05-18 20:24:24 0 [Note] InnoDB: Setting file './ibtmp1' size to 12 MB. Physically writing the file full; Please wait ...
2022-05-18 20:24:24 0 [Note] InnoDB: File './ibtmp1' size is now 12 MB.
2022-05-18 20:24:24 0 [Note] InnoDB: 10.3.35 started; log sequence number 2485201; transaction id 2231
2022-05-18 20:24:24 0 [Note] InnoDB: Loading buffer pool(s) from /usr/local/mysql/data/ib_buffer_pool
2022-05-18 20:24:24 0 [Note] InnoDB: Buffer pool(s) load completed at 220518 20:24:24
2022-05-18 20:24:24 0 [Note] Plugin 'FEEDBACK' is disabled.
2022-05-18 20:24:24 0 [Note] Recovering after a crash using tc.log
2022-05-18 20:24:24 0 [Note] Starting crash recovery...
2022-05-18 20:24:24 0 [Note] Crash recovery finished.
2022-05-18 20:24:24 0 [Note] Server socket created on IP: '::'.
2022-05-18 20:24:24 0 [Note] Reading of all Master_info entries succeeded
2022-05-18 20:24:24 0 [Note] Added new Master_info '' to hash table
2022-05-18 20:24:24 0 [Note] /usr/local/mysql/bin/mysqld: ready for connections.
Version: '10.3.35-MariaDB-debug'  socket: '/tmp/mysql.sock'  port: 3306  Source distribution
ASAN:DEADLYSIGNAL
=================================================================
==17765==ERROR: AddressSanitizer: SEGV on unknown address 0x0000000000ac (pc 0x563e38e37a59 bp 0x7ffe4f7e3960 sp 0x7ffe4f7e38f0 T0)
==17765==The signal is caused by a READ memory access.
==17765==Hint: address points to the zero page.
    #0 0x563e38e37a58 in Item_ref::fix_fields(THD*, Item**) /home/wsh/test/database_fuzz/test_MariaDB/server_10.3/sql/item.cc:8083
    #1 0x563e383734de in Item::fix_fields_if_needed(THD*, Item**) /home/wsh/test/database_fuzz/test_MariaDB/server_10.3/sql/item.h:829
    #2 0x563e38ef76e4 in Item_func::fix_fields(THD*, Item**) /home/wsh/test/database_fuzz/test_MariaDB/server_10.3/sql/item_func.cc:352
    #3 0x563e383734de in Item::fix_fields_if_needed(THD*, Item**) /home/wsh/test/database_fuzz/test_MariaDB/server_10.3/sql/item.h:829
    #4 0x563e3837350c in Item::fix_fields_if_needed_for_scalar(THD*, Item**) /home/wsh/test/database_fuzz/test_MariaDB/server_10.3/sql/item.h:833
    #5 0x563e384a8400 in Item::fix_fields_if_needed_for_bool(THD*, Item**) /home/wsh/test/database_fuzz/test_MariaDB/server_10.3/sql/item.h:837
    #6 0x563e38e98258 in Item_cond::fix_fields(THD*, Item**) /home/wsh/test/database_fuzz/test_MariaDB/server_10.3/sql/item_cmpfunc.cc:4628
    #7 0x563e383734de in Item::fix_fields_if_needed(THD*, Item**) /home/wsh/test/database_fuzz/test_MariaDB/server_10.3/sql/item.h:829
    #8 0x563e38ef76e4 in Item_func::fix_fields(THD*, Item**) /home/wsh/test/database_fuzz/test_MariaDB/server_10.3/sql/item_func.cc:352
    #9 0x563e383734de in Item::fix_fields_if_needed(THD*, Item**) /home/wsh/test/database_fuzz/test_MariaDB/server_10.3/sql/item.h:829
    #10 0x563e38ef76e4 in Item_func::fix_fields(THD*, Item**) /home/wsh/test/database_fuzz/test_MariaDB/server_10.3/sql/item_func.cc:352
    #11 0x563e383734de in Item::fix_fields_if_needed(THD*, Item**) /home/wsh/test/database_fuzz/test_MariaDB/server_10.3/sql/item.h:829
    #12 0x563e38ef76e4 in Item_func::fix_fields(THD*, Item**) /home/wsh/test/database_fuzz/test_MariaDB/server_10.3/sql/item_func.cc:352
    #13 0x563e383734de in Item::fix_fields_if_needed(THD*, Item**) /home/wsh/test/database_fuzz/test_MariaDB/server_10.3/sql/item.h:829
    #14 0x563e3837350c in Item::fix_fields_if_needed_for_scalar(THD*, Item**) /home/wsh/test/database_fuzz/test_MariaDB/server_10.3/sql/item.h:833
    #15 0x563e384a8400 in Item::fix_fields_if_needed_for_bool(THD*, Item**) /home/wsh/test/database_fuzz/test_MariaDB/server_10.3/sql/item.h:837
    #16 0x563e386b0382 in JOIN::prepare(TABLE_LIST*, unsigned int, Item*, unsigned int, st_order*, bool, st_order*, Item*, st_order*, st_select_lex*, st_select_lex_unit*) /home/wsh/test/database_fuzz/test_MariaDB/server_10.3/sql/sql_select.cc:1215
    #17 0x563e38ffa72e in subselect_single_select_engine::prepare(THD*) /home/wsh/test/database_fuzz/test_MariaDB/server_10.3/sql/item_subselect.cc:3808
    #18 0x563e38fd3fa4 in Item_subselect::fix_fields(THD*, Item**) /home/wsh/test/database_fuzz/test_MariaDB/server_10.3/sql/item_subselect.cc:282
    #19 0x563e38ff758e in Item_in_subselect::fix_fields(THD*, Item**) /home/wsh/test/database_fuzz/test_MariaDB/server_10.3/sql/item_subselect.cc:3471
    #20 0x563e383734de in Item::fix_fields_if_needed(THD*, Item**) /home/wsh/test/database_fuzz/test_MariaDB/server_10.3/sql/item.h:829
    #21 0x563e38ef76e4 in Item_func::fix_fields(THD*, Item**) /home/wsh/test/database_fuzz/test_MariaDB/server_10.3/sql/item_func.cc:352
    #22 0x563e38ea656a in Item_func_not::fix_fields(THD*, Item**) /home/wsh/test/database_fuzz/test_MariaDB/server_10.3/sql/item_cmpfunc.cc:6149
    #23 0x563e383734de in Item::fix_fields_if_needed(THD*, Item**) /home/wsh/test/database_fuzz/test_MariaDB/server_10.3/sql/item.h:829
    #24 0x563e3837350c in Item::fix_fields_if_needed_for_scalar(THD*, Item**) /home/wsh/test/database_fuzz/test_MariaDB/server_10.3/sql/item.h:833
    #25 0x563e384a8400 in Item::fix_fields_if_needed_for_bool(THD*, Item**) /home/wsh/test/database_fuzz/test_MariaDB/server_10.3/sql/item.h:837
    #26 0x563e3849fb99 in setup_conds(THD*, TABLE_LIST*, List<TABLE_LIST>&, Item**) /home/wsh/test/database_fuzz/test_MariaDB/server_10.3/sql/sql_base.cc:8274
    #27 0x563e386a9528 in setup_without_group /home/wsh/test/database_fuzz/test_MariaDB/server_10.3/sql/sql_select.cc:660
    #28 0x563e386af752 in JOIN::prepare(TABLE_LIST*, unsigned int, Item*, unsigned int, st_order*, bool, st_order*, Item*, st_order*, st_select_lex*, st_select_lex_unit*) /home/wsh/test/database_fuzz/test_MariaDB/server_10.3/sql/sql_select.cc:1157
    #29 0x563e38ffa72e in subselect_single_select_engine::prepare(THD*) /home/wsh/test/database_fuzz/test_MariaDB/server_10.3/sql/item_subselect.cc:3808
    #30 0x563e38fd3fa4 in Item_subselect::fix_fields(THD*, Item**) /home/wsh/test/database_fuzz/test_MariaDB/server_10.3/sql/item_subselect.cc:282
    #31 0x563e383734de in Item::fix_fields_if_needed(THD*, Item**) /home/wsh/test/database_fuzz/test_MariaDB/server_10.3/sql/item.h:829
    #32 0x563e38ef76e4 in Item_func::fix_fields(THD*, Item**) /home/wsh/test/database_fuzz/test_MariaDB/server_10.3/sql/item_func.cc:352
    #33 0x563e383734de in Item::fix_fields_if_needed(THD*, Item**) /home/wsh/test/database_fuzz/test_MariaDB/server_10.3/sql/item.h:829
    #34 0x563e38ef76e4 in Item_func::fix_fields(THD*, Item**) /home/wsh/test/database_fuzz/test_MariaDB/server_10.3/sql/item_func.cc:352
    #35 0x563e38e9feee in Item_func_like::fix_fields(THD*, Item**) /home/wsh/test/database_fuzz/test_MariaDB/server_10.3/sql/item_cmpfunc.cc:5420
    #36 0x563e383734de in Item::fix_fields_if_needed(THD*, Item**) /home/wsh/test/database_fuzz/test_MariaDB/server_10.3/sql/item.h:829
    #37 0x563e3837350c in Item::fix_fields_if_needed_for_scalar(THD*, Item**) /home/wsh/test/database_fuzz/test_MariaDB/server_10.3/sql/item.h:833
    #38 0x563e38789924 in Item::fix_fields_if_needed_for_order_by(THD*, Item**) /home/wsh/test/database_fuzz/test_MariaDB/server_10.3/sql/item.h:841
    #39 0x563e387623c8 in find_order_in_list /home/wsh/test/database_fuzz/test_MariaDB/server_10.3/sql/sql_select.cc:23710
    #40 0x563e387628b7 in setup_order(THD*, Bounds_checked_array<Item*>, TABLE_LIST*, List<Item>&, List<Item>&, st_order*, bool) /home/wsh/test/database_fuzz/test_MariaDB/server_10.3/sql/sql_select.cc:23757
    #41 0x563e386a99eb in setup_without_group /home/wsh/test/database_fuzz/test_MariaDB/server_10.3/sql/sql_select.cc:676
    #42 0x563e386af752 in JOIN::prepare(TABLE_LIST*, unsigned int, Item*, unsigned int, st_order*, bool, st_order*, Item*, st_order*, st_select_lex*, st_select_lex_unit*) /home/wsh/test/database_fuzz/test_MariaDB/server_10.3/sql/sql_select.cc:1157
    #43 0x563e386d11d9 in mysql_select(THD*, TABLE_LIST*, unsigned int, List<Item>&, Item*, unsigned int, st_order*, st_order*, Item*, st_order*, unsigned long long, select_result*, st_select_lex_unit*, st_select_lex*) /home/wsh/test/database_fuzz/test_MariaDB/server_10.3/sql/sql_select.cc:4307
    #44 0x563e388bd329 in st_select_lex_unit::exec() /home/wsh/test/database_fuzz/test_MariaDB/server_10.3/sql/sql_union.cc:1673
    #45 0x563e38539e78 in mysql_derived_fill(THD*, LEX*, TABLE_LIST*) /home/wsh/test/database_fuzz/test_MariaDB/server_10.3/sql/sql_derived.cc:1169
    #46 0x563e385332b3 in mysql_handle_single_derived(LEX*, TABLE_LIST*, unsigned int) /home/wsh/test/database_fuzz/test_MariaDB/server_10.3/sql/sql_derived.cc:193
    #47 0x563e387123ab in st_join_table::preread_init() /home/wsh/test/database_fuzz/test_MariaDB/server_10.3/sql/sql_select.cc:12913
    #48 0x563e387434c5 in sub_select(JOIN*, st_join_table*, bool) /home/wsh/test/database_fuzz/test_MariaDB/server_10.3/sql/sql_select.cc:19852
    #49 0x563e3874155e in do_select /home/wsh/test/database_fuzz/test_MariaDB/server_10.3/sql/sql_select.cc:19422
    #50 0x563e386d0241 in JOIN::exec_inner() /home/wsh/test/database_fuzz/test_MariaDB/server_10.3/sql/sql_select.cc:4151
    #51 0x563e386cdbcb in JOIN::exec() /home/wsh/test/database_fuzz/test_MariaDB/server_10.3/sql/sql_select.cc:3945
    #52 0x563e386d1683 in mysql_select(THD*, TABLE_LIST*, unsigned int, List<Item>&, Item*, unsigned int, st_order*, st_order*, Item*, st_order*, unsigned long long, select_result*, st_select_lex_unit*, st_select_lex*) /home/wsh/test/database_fuzz/test_MariaDB/server_10.3/sql/sql_select.cc:4354
    #53 0x563e386a7585 in handle_select(THD*, LEX*, select_result*, unsigned long) /home/wsh/test/database_fuzz/test_MariaDB/server_10.3/sql/sql_select.cc:372
    #54 0x563e386121a3 in execute_sqlcom_select /home/wsh/test/database_fuzz/test_MariaDB/server_10.3/sql/sql_parse.cc:6339
    #55 0x563e3860017e in mysql_execute_command(THD*) /home/wsh/test/database_fuzz/test_MariaDB/server_10.3/sql/sql_parse.cc:3870
    #56 0x563e3861c414 in mysql_parse(THD*, char*, unsigned int, Parser_state*, bool, bool) /home/wsh/test/database_fuzz/test_MariaDB/server_10.3/sql/sql_parse.cc:7870
    #57 0x563e385f3319 in dispatch_command(enum_server_command, THD*, char*, unsigned int, bool, bool) /home/wsh/test/database_fuzz/test_MariaDB/server_10.3/sql/sql_parse.cc:1941
    #58 0x563e385ef168 in do_command(THD*) /home/wsh/test/database_fuzz/test_MariaDB/server_10.3/sql/sql_parse.cc:1398
    #59 0x563e389ec56a in do_handle_one_connection(CONNECT*) /home/wsh/test/database_fuzz/test_MariaDB/server_10.3/sql/sql_connect.cc:1403
    #60 0x563e3831771e in handle_connection_in_main_thread(CONNECT*) /home/wsh/test/database_fuzz/test_MariaDB/server_10.3/sql/mysqld.cc:6631
    #61 0x563e383181de in create_new_thread /home/wsh/test/database_fuzz/test_MariaDB/server_10.3/sql/mysqld.cc:6738
    #62 0x563e383193a1 in handle_connections_sockets() /home/wsh/test/database_fuzz/test_MariaDB/server_10.3/sql/mysqld.cc:6996
    #63 0x563e38316d45 in mysqld_main(int, char**) /home/wsh/test/database_fuzz/test_MariaDB/server_10.3/sql/mysqld.cc:6290
    #64 0x563e382fca79 in main /home/wsh/test/database_fuzz/test_MariaDB/server_10.3/sql/main.cc:25
    #65 0x7f03874e9c86 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x21c86)
    #66 0x563e382fc979 in _start (/usr/local/mysql/bin/mysqld+0xdf8979)

AddressSanitizer can not provide additional info.
SUMMARY: AddressSanitizer: SEGV /home/wsh/test/database_fuzz/test_MariaDB/server_10.3/sql/item.cc:8083 in Item_ref::fix_fields(THD*, Item**)
==17765==ABORTING