2022-05-12 11:00:37 0 [Note] InnoDB: Using Linux native AIO 2022-05-12 11:00:37 0 [Note] InnoDB: !!!!!!!! UNIV_DEBUG switched on !!!!!!!!! 2022-05-12 11:00:37 0 [Note] InnoDB: Mutexes and rw_locks use GCC atomic builtins 2022-05-12 11:00:37 0 [Note] InnoDB: Uses event mutexes 2022-05-12 11:00:37 0 [Note] InnoDB: Compressed tables use zlib 1.2.11 2022-05-12 11:00:37 0 [Note] InnoDB: Number of pools: 1 2022-05-12 11:00:37 0 [Note] InnoDB: Using SSE2 crc32 instructions 2022-05-12 11:00:37 0 [Note] InnoDB: Initializing buffer pool, total size = 128M, instances = 1, chunk size = 128M 2022-05-12 11:00:37 0 [Note] InnoDB: Completed initialization of buffer pool 2022-05-12 11:00:37 0 [Note] InnoDB: If the mysqld execution user is authorized, page cleaner thread priority can be changed. See the man page of setpriority(). 2022-05-12 11:00:37 0 [Note] InnoDB: Starting crash recovery from checkpoint LSN=3988737 2022-05-12 11:00:37 0 [Note] InnoDB: Starting final batch to recover 11 pages from redo log. 2022-05-12 11:00:38 0 [Note] InnoDB: 128 out of 128 rollback segments are active. 2022-05-12 11:00:38 0 [Note] InnoDB: Removed temporary tablespace data file: "ibtmp1" 2022-05-12 11:00:38 0 [Note] InnoDB: Creating shared tablespace for temporary tables 2022-05-12 11:00:38 0 [Note] InnoDB: Setting file './ibtmp1' size to 12 MB. Physically writing the file full; Please wait ... 2022-05-12 11:00:38 0 [Note] InnoDB: File './ibtmp1' size is now 12 MB. 2022-05-12 11:00:38 0 [Note] InnoDB: 10.3.35 started; log sequence number 3992420; transaction id 7141 2022-05-12 11:00:38 0 [Note] InnoDB: Loading buffer pool(s) from /usr/local/mysql/data/ib_buffer_pool 2022-05-12 11:00:38 0 [Note] Plugin 'FEEDBACK' is disabled. 2022-05-12 11:00:38 0 [Note] Recovering after a crash using tc.log 2022-05-12 11:00:38 0 [Note] Starting crash recovery... 2022-05-12 11:00:38 0 [Note] InnoDB: Buffer pool(s) load completed at 220512 11:00:38 2022-05-12 11:00:38 0 [Note] Crash recovery finished. 2022-05-12 11:00:38 0 [Note] Server socket created on IP: '::'. 2022-05-12 11:00:38 0 [Note] Reading of all Master_info entries succeeded 2022-05-12 11:00:38 0 [Note] Added new Master_info '' to hash table 2022-05-12 11:00:38 0 [Note] /usr/local/mysql/bin/mysqld: ready for connections. Version: '10.3.35-MariaDB-debug' socket: '/tmp/mysql.sock' port: 3306 Source distribution ASAN:DEADLYSIGNAL ================================================================= ==3322==ERROR: AddressSanitizer: SEGV on unknown address 0x000000000018 (pc 0x5625c5f8682c bp 0x7ffe60a59490 sp 0x7ffe60a593b0 T0) ==3322==The signal is caused by a READ memory access. ==3322==Hint: address points to the zero page. #0 0x5625c5f8682b in Window_funcs_sort::setup(THD*, SQL_SELECT*, List_iterator&, st_join_table*) /home/wsh/test/database_fuzz/test_MariaDB/server_10.3/sql/sql_window.cc:3033 #1 0x5625c5f87369 in Window_funcs_computation::setup(THD*, List*, st_join_table*) /home/wsh/test/database_fuzz/test_MariaDB/server_10.3/sql/sql_window.cc:3114 #2 0x5625c5ae7fb4 in JOIN::make_aggr_tables_info() /home/wsh/test/database_fuzz/test_MariaDB/server_10.3/sql/sql_select.cc:3410 #3 0x5625c5adff12 in JOIN::optimize_stage2() /home/wsh/test/database_fuzz/test_MariaDB/server_10.3/sql/sql_select.cc:2697 #4 0x5625c5ad8cca in JOIN::optimize_inner() /home/wsh/test/database_fuzz/test_MariaDB/server_10.3/sql/sql_select.cc:2003 #5 0x5625c5ad3e02 in JOIN::optimize() /home/wsh/test/database_fuzz/test_MariaDB/server_10.3/sql/sql_select.cc:1519 #6 0x5625c5af1499 in mysql_select(THD*, TABLE_LIST*, unsigned int, List&, Item*, unsigned int, st_order*, st_order*, Item*, st_order*, unsigned long long, select_result*, st_select_lex_unit*, st_select_lex*) /home/wsh/test/database_fuzz/test_MariaDB/server_10.3/sql/sql_select.cc:4340 #7 0x5625c5cdd329 in st_select_lex_unit::exec() /home/wsh/test/database_fuzz/test_MariaDB/server_10.3/sql/sql_union.cc:1673 #8 0x5625c641d31c in subselect_union_engine::exec() /home/wsh/test/database_fuzz/test_MariaDB/server_10.3/sql/item_subselect.cc:4049 #9 0x5625c63f78e7 in Item_subselect::exec() /home/wsh/test/database_fuzz/test_MariaDB/server_10.3/sql/item_subselect.cc:791 #10 0x5625c63f8fd3 in Item_in_subselect::exec() /home/wsh/test/database_fuzz/test_MariaDB/server_10.3/sql/item_subselect.cc:971 #11 0x5625c6403fa8 in Item_in_subselect::val_bool() /home/wsh/test/database_fuzz/test_MariaDB/server_10.3/sql/item_subselect.cc:1880 #12 0x5625c57766dd in Item::val_bool_result() /home/wsh/test/database_fuzz/test_MariaDB/server_10.3/sql/item.h:1320 #13 0x5625c629ada0 in Item_in_optimizer::val_int() /home/wsh/test/database_fuzz/test_MariaDB/server_10.3/sql/item_cmpfunc.cc:1623 #14 0x5625c577658d in Item::val_int_result() /home/wsh/test/database_fuzz/test_MariaDB/server_10.3/sql/item.h:1316 #15 0x5625c626bf7c in Item_cache_int::cache_value() /home/wsh/test/database_fuzz/test_MariaDB/server_10.3/sql/item.cc:10070 #16 0x5625c62801d8 in Item_cache_wrapper::cache() /home/wsh/test/database_fuzz/test_MariaDB/server_10.3/sql/item.cc:8878 #17 0x5625c6262201 in Item_cache_wrapper::val_real() /home/wsh/test/database_fuzz/test_MariaDB/server_10.3/sql/item.cc:8959 #18 0x5625c6290d15 in Arg_comparator::compare_real() /home/wsh/test/database_fuzz/test_MariaDB/server_10.3/sql/item_cmpfunc.cc:816 #19 0x5625c62cfdc5 in Arg_comparator::compare() /home/wsh/test/database_fuzz/test_MariaDB/server_10.3/sql/item_cmpfunc.h:102 #20 0x5625c629cbd2 in Item_func_eq::val_int() /home/wsh/test/database_fuzz/test_MariaDB/server_10.3/sql/item_cmpfunc.cc:1749 #21 0x5625c631b530 in Item_int_func::val_real() /home/wsh/test/database_fuzz/test_MariaDB/server_10.3/sql/item_func.cc:744 #22 0x5625c625e5a6 in Item_direct_ref::val_real() /home/wsh/test/database_fuzz/test_MariaDB/server_10.3/sql/item.cc:8638 #23 0x5625c6290d15 in Arg_comparator::compare_real() /home/wsh/test/database_fuzz/test_MariaDB/server_10.3/sql/item_cmpfunc.cc:816 #24 0x5625c62cfdc5 in Arg_comparator::compare() /home/wsh/test/database_fuzz/test_MariaDB/server_10.3/sql/item_cmpfunc.h:102 #25 0x5625c629cbd2 in Item_func_eq::val_int() /home/wsh/test/database_fuzz/test_MariaDB/server_10.3/sql/item_cmpfunc.cc:1749 #26 0x5625c5f60fe7 in Type_handler_int_result::Item_val_bool(Item*) const /home/wsh/test/database_fuzz/test_MariaDB/server_10.3/sql/sql_type.cc:3287 #27 0x5625c5776241 in Item::val_bool() /home/wsh/test/database_fuzz/test_MariaDB/server_10.3/sql/item.h:1219 #28 0x5625c62bbee5 in Item_cond_or::val_int() /home/wsh/test/database_fuzz/test_MariaDB/server_10.3/sql/item_cmpfunc.cc:5096 #29 0x5625c5b64a3b in evaluate_join_record /home/wsh/test/database_fuzz/test_MariaDB/server_10.3/sql/sql_select.cc:19979 #30 0x5625c5b63b84 in sub_select(JOIN*, st_join_table*, bool) /home/wsh/test/database_fuzz/test_MariaDB/server_10.3/sql/sql_select.cc:19884 #31 0x5625c5b6155e in do_select /home/wsh/test/database_fuzz/test_MariaDB/server_10.3/sql/sql_select.cc:19422 #32 0x5625c5af0241 in JOIN::exec_inner() /home/wsh/test/database_fuzz/test_MariaDB/server_10.3/sql/sql_select.cc:4151 #33 0x5625c5aedbcb in JOIN::exec() /home/wsh/test/database_fuzz/test_MariaDB/server_10.3/sql/sql_select.cc:3945 #34 0x5625c641cb10 in subselect_single_select_engine::exec() /home/wsh/test/database_fuzz/test_MariaDB/server_10.3/sql/item_subselect.cc:4023 #35 0x5625c63f78e7 in Item_subselect::exec() /home/wsh/test/database_fuzz/test_MariaDB/server_10.3/sql/item_subselect.cc:791 #36 0x5625c63f8fd3 in Item_in_subselect::exec() /home/wsh/test/database_fuzz/test_MariaDB/server_10.3/sql/item_subselect.cc:971 #37 0x5625c6403fa8 in Item_in_subselect::val_bool() /home/wsh/test/database_fuzz/test_MariaDB/server_10.3/sql/item_subselect.cc:1880 #38 0x5625c57766dd in Item::val_bool_result() /home/wsh/test/database_fuzz/test_MariaDB/server_10.3/sql/item.h:1320 #39 0x5625c629ada0 in Item_in_optimizer::val_int() /home/wsh/test/database_fuzz/test_MariaDB/server_10.3/sql/item_cmpfunc.cc:1623 #40 0x5625c577658d in Item::val_int_result() /home/wsh/test/database_fuzz/test_MariaDB/server_10.3/sql/item.h:1316 #41 0x5625c626bf7c in Item_cache_int::cache_value() /home/wsh/test/database_fuzz/test_MariaDB/server_10.3/sql/item.cc:10070 #42 0x5625c62801d8 in Item_cache_wrapper::cache() /home/wsh/test/database_fuzz/test_MariaDB/server_10.3/sql/item.cc:8878 #43 0x5625c626393b in Item_cache_wrapper::val_bool() /home/wsh/test/database_fuzz/test_MariaDB/server_10.3/sql/item.cc:9042 #44 0x5625c62893bb in Item_func_not::val_int() /home/wsh/test/database_fuzz/test_MariaDB/server_10.3/sql/item_cmpfunc.cc:224 #45 0x5625c631b530 in Item_int_func::val_real() /home/wsh/test/database_fuzz/test_MariaDB/server_10.3/sql/item_func.cc:744 #46 0x5625c6290b77 in Arg_comparator::compare_real() /home/wsh/test/database_fuzz/test_MariaDB/server_10.3/sql/item_cmpfunc.cc:813 #47 0x5625c62cfdc5 in Arg_comparator::compare() /home/wsh/test/database_fuzz/test_MariaDB/server_10.3/sql/item_cmpfunc.h:102 #48 0x5625c629cbd2 in Item_func_eq::val_int() /home/wsh/test/database_fuzz/test_MariaDB/server_10.3/sql/item_cmpfunc.cc:1749 #49 0x5625c624f3f6 in Item::save_int_in_field(Field*, bool) /home/wsh/test/database_fuzz/test_MariaDB/server_10.3/sql/item.cc:7002 #50 0x5625c5f5e9b3 in Type_handler_int_result::Item_save_in_field(Item*, Field*, bool) const /home/wsh/test/database_fuzz/test_MariaDB/server_10.3/sql/sql_type.cc:2591 #51 0x5625c624f5d2 in Item::save_in_field(Field*, bool) /home/wsh/test/database_fuzz/test_MariaDB/server_10.3/sql/item.cc:7012 #52 0x5625c57759e2 in Item::save_org_in_field(Field*, int (*)(Field*, Field*)) /home/wsh/test/database_fuzz/test_MariaDB/server_10.3/sql/item.h:877 #53 0x5625c57762c8 in Item::save_val(Field*) /home/wsh/test/database_fuzz/test_MariaDB/server_10.3/sql/item.h:1234 #54 0x5625c5bb4916 in store_key_item::copy_inner() /home/wsh/test/database_fuzz/test_MariaDB/server_10.3/sql/sql_select.h:1990 #55 0x5625c5bb3f17 in store_key::copy() /home/wsh/test/database_fuzz/test_MariaDB/server_10.3/sql/sql_select.h:1886 #56 0x5625c5b81233 in cp_buffer_from_ref(THD*, TABLE*, st_table_ref*) /home/wsh/test/database_fuzz/test_MariaDB/server_10.3/sql/sql_select.cc:23522 #57 0x5625c5b80fba in cmp_buffer_with_ref /home/wsh/test/database_fuzz/test_MariaDB/server_10.3/sql/sql_select.cc:23505 #58 0x5625c5b6923e in join_read_key2(THD*, st_join_table*, TABLE*, st_table_ref*) /home/wsh/test/database_fuzz/test_MariaDB/server_10.3/sql/sql_select.cc:20545 #59 0x5625c5f0fa18 in Expression_cache_tmptable::check_value(Item**) /home/wsh/test/database_fuzz/test_MariaDB/server_10.3/sql/sql_expression_cache.cc:223 #60 0x5625c6260e1e in Item_cache_wrapper::check_cache() /home/wsh/test/database_fuzz/test_MariaDB/server_10.3/sql/item.cc:8863 #61 0x5625c6262057 in Item_cache_wrapper::val_real() /home/wsh/test/database_fuzz/test_MariaDB/server_10.3/sql/item.cc:8953 #62 0x5625c6290d15 in Arg_comparator::compare_real() /home/wsh/test/database_fuzz/test_MariaDB/server_10.3/sql/item_cmpfunc.cc:816 #63 0x5625c62cfdc5 in Arg_comparator::compare() /home/wsh/test/database_fuzz/test_MariaDB/server_10.3/sql/item_cmpfunc.h:102 #64 0x5625c629cbd2 in Item_func_eq::val_int() /home/wsh/test/database_fuzz/test_MariaDB/server_10.3/sql/item_cmpfunc.cc:1749 #65 0x5625c631b530 in Item_int_func::val_real() /home/wsh/test/database_fuzz/test_MariaDB/server_10.3/sql/item_func.cc:744 #66 0x5625c6290b77 in Arg_comparator::compare_real() /home/wsh/test/database_fuzz/test_MariaDB/server_10.3/sql/item_cmpfunc.cc:813 #67 0x5625c62cfdc5 in Arg_comparator::compare() /home/wsh/test/database_fuzz/test_MariaDB/server_10.3/sql/item_cmpfunc.h:102 #68 0x5625c629d372 in Item_func_lt::val_int() /home/wsh/test/database_fuzz/test_MariaDB/server_10.3/sql/item_cmpfunc.cc:1803 #69 0x5625c631a2a7 in Item_func::val_decimal(my_decimal*) /home/wsh/test/database_fuzz/test_MariaDB/server_10.3/sql/item_func.cc:662 #70 0x5625c62a2752 in Item_func_between::val_int_cmp_decimal() /home/wsh/test/database_fuzz/test_MariaDB/server_10.3/sql/item_cmpfunc.cc:2218 #71 0x5625c5f620f7 in Type_handler_decimal_result::Item_func_between_val_int(Item_func_between*) const /home/wsh/test/database_fuzz/test_MariaDB/server_10.3/sql/sql_type.cc:3820 #72 0x5625c65f5596 in Item_func_between::val_int() /home/wsh/test/database_fuzz/test_MariaDB/server_10.3/sql/item_cmpfunc.h:904 #73 0x5625c631b530 in Item_int_func::val_real() /home/wsh/test/database_fuzz/test_MariaDB/server_10.3/sql/item_func.cc:744 #74 0x5625c62a32ec in Item_func_between::val_int_cmp_real() /home/wsh/test/database_fuzz/test_MariaDB/server_10.3/sql/item_cmpfunc.cc:2239 #75 0x5625c5f620d9 in Type_handler_real_result::Item_func_between_val_int(Item_func_between*) const /home/wsh/test/database_fuzz/test_MariaDB/server_10.3/sql/sql_type.cc:3814 #76 0x5625c65f5596 in Item_func_between::val_int() /home/wsh/test/database_fuzz/test_MariaDB/server_10.3/sql/item_cmpfunc.h:904 #77 0x5625c5b64a3b in evaluate_join_record /home/wsh/test/database_fuzz/test_MariaDB/server_10.3/sql/sql_select.cc:19979 #78 0x5625c5b63b84 in sub_select(JOIN*, st_join_table*, bool) /home/wsh/test/database_fuzz/test_MariaDB/server_10.3/sql/sql_select.cc:19884 #79 0x5625c5b6155e in do_select /home/wsh/test/database_fuzz/test_MariaDB/server_10.3/sql/sql_select.cc:19422 #80 0x5625c5af0241 in JOIN::exec_inner() /home/wsh/test/database_fuzz/test_MariaDB/server_10.3/sql/sql_select.cc:4151 #81 0x5625c5aedbcb in JOIN::exec() /home/wsh/test/database_fuzz/test_MariaDB/server_10.3/sql/sql_select.cc:3945 #82 0x5625c5af1683 in mysql_select(THD*, TABLE_LIST*, unsigned int, List&, Item*, unsigned int, st_order*, st_order*, Item*, st_order*, unsigned long long, select_result*, st_select_lex_unit*, st_select_lex*) /home/wsh/test/database_fuzz/test_MariaDB/server_10.3/sql/sql_select.cc:4354 #83 0x5625c5ac7585 in handle_select(THD*, LEX*, select_result*, unsigned long) /home/wsh/test/database_fuzz/test_MariaDB/server_10.3/sql/sql_select.cc:372 #84 0x5625c5a321a3 in execute_sqlcom_select /home/wsh/test/database_fuzz/test_MariaDB/server_10.3/sql/sql_parse.cc:6339 #85 0x5625c5a2017e in mysql_execute_command(THD*) /home/wsh/test/database_fuzz/test_MariaDB/server_10.3/sql/sql_parse.cc:3870 #86 0x5625c5a3c414 in mysql_parse(THD*, char*, unsigned int, Parser_state*, bool, bool) /home/wsh/test/database_fuzz/test_MariaDB/server_10.3/sql/sql_parse.cc:7870 #87 0x5625c5a13319 in dispatch_command(enum_server_command, THD*, char*, unsigned int, bool, bool) /home/wsh/test/database_fuzz/test_MariaDB/server_10.3/sql/sql_parse.cc:1941 #88 0x5625c5a0f168 in do_command(THD*) /home/wsh/test/database_fuzz/test_MariaDB/server_10.3/sql/sql_parse.cc:1398 #89 0x5625c5e0c56a in do_handle_one_connection(CONNECT*) /home/wsh/test/database_fuzz/test_MariaDB/server_10.3/sql/sql_connect.cc:1403 #90 0x5625c573771e in handle_connection_in_main_thread(CONNECT*) /home/wsh/test/database_fuzz/test_MariaDB/server_10.3/sql/mysqld.cc:6631 #91 0x5625c57381de in create_new_thread /home/wsh/test/database_fuzz/test_MariaDB/server_10.3/sql/mysqld.cc:6738 #92 0x5625c57393a1 in handle_connections_sockets() /home/wsh/test/database_fuzz/test_MariaDB/server_10.3/sql/mysqld.cc:6996 #93 0x5625c5736d45 in mysqld_main(int, char**) /home/wsh/test/database_fuzz/test_MariaDB/server_10.3/sql/mysqld.cc:6290 #94 0x5625c571ca79 in main /home/wsh/test/database_fuzz/test_MariaDB/server_10.3/sql/main.cc:25 #95 0x7f42f4936c86 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x21c86) #96 0x5625c571c979 in _start (/usr/local/mysql/bin/mysqld+0xdf8979) AddressSanitizer can not provide additional info. SUMMARY: AddressSanitizer: SEGV /home/wsh/test/database_fuzz/test_MariaDB/server_10.3/sql/sql_window.cc:3033 in Window_funcs_sort::setup(THD*, SQL_SELECT*, List_iterator&, st_join_table*) ==3322==ABORTING