2022-05-12 10:51:49 0 [Note] InnoDB: Using Linux native AIO 2022-05-12 10:51:49 0 [Note] InnoDB: !!!!!!!! UNIV_DEBUG switched on !!!!!!!!! 2022-05-12 10:51:49 0 [Note] InnoDB: Mutexes and rw_locks use GCC atomic builtins 2022-05-12 10:51:49 0 [Note] InnoDB: Uses event mutexes 2022-05-12 10:51:49 0 [Note] InnoDB: Compressed tables use zlib 1.2.11 2022-05-12 10:51:49 0 [Note] InnoDB: Number of pools: 1 2022-05-12 10:51:49 0 [Note] InnoDB: Using SSE2 crc32 instructions 2022-05-12 10:51:49 0 [Note] InnoDB: Initializing buffer pool, total size = 128M, instances = 1, chunk size = 128M 2022-05-12 10:51:49 0 [Note] InnoDB: Completed initialization of buffer pool 2022-05-12 10:51:49 0 [Note] InnoDB: If the mysqld execution user is authorized, page cleaner thread priority can be changed. See the man page of setpriority(). 2022-05-12 10:51:49 0 [Note] InnoDB: Starting crash recovery from checkpoint LSN=3020714 2022-05-12 10:51:49 0 [Note] InnoDB: Starting final batch to recover 14 pages from redo log. 2022-05-12 10:51:50 0 [Note] InnoDB: 128 out of 128 rollback segments are active. 2022-05-12 10:51:50 0 [Note] InnoDB: Removed temporary tablespace data file: "ibtmp1" 2022-05-12 10:51:50 0 [Note] InnoDB: Creating shared tablespace for temporary tables 2022-05-12 10:51:50 0 [Note] InnoDB: Setting file './ibtmp1' size to 12 MB. Physically writing the file full; Please wait ... 2022-05-12 10:51:50 0 [Note] InnoDB: File './ibtmp1' size is now 12 MB. 2022-05-12 10:51:50 0 [Note] InnoDB: 10.3.35 started; log sequence number 3028739; transaction id 4285 2022-05-12 10:51:50 0 [Note] InnoDB: Loading buffer pool(s) from /usr/local/mysql/data/ib_buffer_pool 2022-05-12 10:51:50 0 [Note] InnoDB: Buffer pool(s) load completed at 220512 10:51:50 2022-05-12 10:51:50 0 [Note] Plugin 'FEEDBACK' is disabled. 2022-05-12 10:51:50 0 [Note] Recovering after a crash using tc.log 2022-05-12 10:51:50 0 [Note] Starting crash recovery... 2022-05-12 10:51:50 0 [Note] Crash recovery finished. 2022-05-12 10:51:50 0 [Note] Server socket created on IP: '::'. 2022-05-12 10:51:50 0 [Note] Reading of all Master_info entries succeeded 2022-05-12 10:51:50 0 [Note] Added new Master_info '' to hash table 2022-05-12 10:51:50 0 [Note] /usr/local/mysql/bin/mysqld: ready for connections. Version: '10.3.35-MariaDB-debug' socket: '/tmp/mysql.sock' port: 3306 Source distribution mysqld: /home/wsh/test/database_fuzz/test_MariaDB/server_10.3/sql/item.cc:5721: Item** resolve_ref_in_select_and_group(THD*, Item_ident*, SELECT_LEX*): Assertion `(*select_ref)->fixed' failed. 220512 10:51:52 [ERROR] mysqld got signal 6 ; This could be because you hit a bug. It is also possible that this binary or one of the libraries it was linked against is corrupt, improperly built, or misconfigured. This error can also be caused by malfunctioning hardware. To report this bug, see https://mariadb.com/kb/en/reporting-bugs We will try our best to scrape up some info that will hopefully help diagnose the problem, but since we have already crashed, something is definitely wrong and this may fail. Server version: 10.3.35-MariaDB-debug key_buffer_size=134217728 read_buffer_size=131072 max_used_connections=1 max_threads=2 thread_count=6 It is possible that mysqld could use up to key_buffer_size + (read_buffer_size + sort_buffer_size)*max_threads = 138937 K bytes of memory Hope that's ok; if not, decrease some variables in the equation. Thread pointer: 0x62a0000a8270 Attempting backtrace. You can use the following information to find out where mysqld died. If you see no messages after this, something went terribly wrong... stack_bottom = 0x7fff01ff0690 thread_stack 0x5fc00 /usr/lib/x86_64-linux-gnu/libasan.so.4(+0x558c0)[0x7f1ee13a78c0] mysys/stacktrace.c:174(my_print_stacktrace)[0x557aad7e7ab2] sql/signal_handler.cc:221(handle_fatal_signal)[0x557aac32b5dc] /lib/x86_64-linux-gnu/libpthread.so.0(+0x12980)[0x7f1ede651980] linux/raise.c:51(__GI_raise)[0x7f1ede28ce87] stdlib/abort.c:81(__GI_abort)[0x7f1ede28e7f1] assert/assert.c:89(__assert_fail_base)[0x7f1ede27e3fa] /lib/x86_64-linux-gnu/libc.so.6(+0x30472)[0x7f1ede27e472] sql/item.cc:5722(resolve_ref_in_select_and_group(THD*, Item_ident*, st_select_lex*))[0x557aac3a5c4b] sql/item.cc:8027(Item_ref::fix_fields(THD*, Item**))[0x557aac3b73d1] sql/item.h:830(Item::fix_fields_if_needed(THD*, Item**))[0x557aab8f34df] sql/item_func.cc:352(Item_func::fix_fields(THD*, Item**))[0x557aac4776e5] sql/item_cmpfunc.cc:4148(Item_func_in::fix_fields(THD*, Item**))[0x557aac413d07] sql/item.h:830(Item::fix_fields_if_needed(THD*, Item**))[0x557aab8f34df] sql/item.h:833(Item::fix_fields_if_needed_for_scalar(THD*, Item**))[0x557aab8f350d] sql/item.h:838(Item::fix_fields_if_needed_for_bool(THD*, Item**))[0x557aaba28401] sql/sql_select.cc:1215(JOIN::prepare(TABLE_LIST*, unsigned int, Item*, unsigned int, st_order*, bool, st_order*, Item*, st_order*, st_select_lex*, st_select_lex_unit*))[0x557aabc30383] sql/item_subselect.cc:3808(subselect_single_select_engine::prepare(THD*))[0x557aac57a72f] sql/item_subselect.cc:282(Item_subselect::fix_fields(THD*, Item**))[0x557aac553fa5] sql/item.h:830(Item::fix_fields_if_needed(THD*, Item**))[0x557aab8f34df] sql/item.h:833(Item::fix_fields_if_needed_for_scalar(THD*, Item**))[0x557aab8f350d] sql/sql_base.cc:7542(setup_fields(THD*, Bounds_checked_array, List&, enum_column_usage, List*, List*, bool))[0x557aaba1a24c] sql/sql_select.cc:1152(JOIN::prepare(TABLE_LIST*, unsigned int, Item*, unsigned int, st_order*, bool, st_order*, Item*, st_order*, st_select_lex*, st_select_lex_unit*))[0x557aabc2f406] sql/sql_select.cc:4334(mysql_select(THD*, TABLE_LIST*, unsigned int, List&, Item*, unsigned int, st_order*, st_order*, Item*, st_order*, unsigned long long, select_result*, st_select_lex_unit*, st_select_lex*))[0x557aabc5146f] sql/sql_select.cc:372(handle_select(THD*, LEX*, select_result*, unsigned long))[0x557aabc27586] sql/sql_parse.cc:6339(execute_sqlcom_select(THD*, TABLE_LIST*))[0x557aabb921a4] sql/sql_parse.cc:3870(mysql_execute_command(THD*))[0x557aabb8017f] sql/sql_parse.cc:7870(mysql_parse(THD*, char*, unsigned int, Parser_state*, bool, bool))[0x557aabb9c415] sql/sql_parse.cc:1855(dispatch_command(enum_server_command, THD*, char*, unsigned int, bool, bool))[0x557aabb7331a] sql/sql_parse.cc:1398(do_command(THD*))[0x557aabb6f169] sql/sql_connect.cc:1403(do_handle_one_connection(CONNECT*))[0x557aabf6c56b] sql/mysqld.cc:6632(handle_connection_in_main_thread(CONNECT*))[0x557aab89771f] sql/mysqld.cc:6740(create_new_thread(CONNECT*))[0x557aab8981df] sql/mysqld.cc:6997(handle_connections_sockets())[0x557aab8993a2] sql/mysqld.cc:6295(mysqld_main(int, char**))[0x557aab896d46] sql/main.cc:26(main)[0x557aab87ca7a] csu/libc-start.c:344(__libc_start_main)[0x7f1ede26fc87] /usr/local/mysql/bin/mysqld(_start+0x2a)[0x557aab87c97a] Trying to get some variables. Some pointers may be invalid and cause the dump to abort. Query (0x62b00002332b): SELECT 'x' , ( WITH RECURSIVE v1388 ( v1389 ) AS ( SELECT v1387 FROM v1386 ) SELECT v1387 FROM ( SELECT DISTINCT ( ( NOT ( 82215853.000000 AND v1387 = 255 ) ) = 0 AND v1387 = 70 ) % -1 , ( v1387 = 83 OR v1387 > 'x' ) FROM v1386 WHERE v1387 = 73 AND ( v1387 = 32 OR v1387 = 70 OR v1387 = 30 ) ) AS v1390 NATURAL JOIN v1388 WHERE ( v1387 = 93 OR v1387 = -1 ) NOT LIKE 'x' AND CASE v1387 * 73 = 97 WHEN 80 THEN 'x' WHEN 65 THEN 'x' ELSE 21 END != 59 GROUP BY v1389 , v1389 HAVING ( v1387 IN ( - -128 = ( v1387 = 40 OR v1387 = 83 OR v1387 = - ( 46 + 84 <= -1 ) >= v1387 + v1387 ) , -1 ) ) ORDER BY v1387 DESC LIMIT 1 OFFSET 1 ) , 35 , 83601245.000000 FROM v1386 WINDOW v1402 AS ( PARTITION BY v1387 ORDER BY TRUE BETWEEN v1387 * ( SELECT -128 FROM ( SELECT DISTINCT v1387 , ( NOT ( 30631815.000000 AND v1387 = 0 ) ) = TRUE FROM v1386 ) AS v1391 NATURAL JOIN v1386 AS v1392 NATURAL JOIN ( SELECT DISTINCT v1387 , ( v1387 = 0 OR v1387 > 'x' ) FROM v1386 ) AS v1393 NATURAL JOIN v1386 AS v1394 WHERE v1387 BETWEEN 99403445.000000 AND 7 GROUP BY v1387 , v1387 WINDOW v1403 AS ( PARTITION BY v1387 ORDER BY ( SELECT DISTINCT 8 FROM v1386 AS v1399 , v1386 AS v1400 , v1386 AS v1401 JOIN v1386 ) DESC RANGE BETWEEN 88050883.000000 FOLLOWING AND 76595699.000000 FOLLOWING ) ) ^ v1387 AND ( CASE v1387 WHEN ( v1387 IN ( 68 , -1 , 34 , 43 , 'x' / v1387 = v1387 + CASE v1387 WHEN TRUE THEN 66 ELSE 37 END OR v1387 = v1387 OR v1387 = v1387 ) ) THEN 29 ELSE 16 END != 0 ) ) Connection ID (thread ID): 13 Status: NOT_KILLED Optimizer switch: index_merge=on,index_merge_union=on,index_merge_sort_union=on,index_merge_intersection=on,index_merge_sort_intersection=off,engine_condition_pushdown=off,index_condition_pushdown=on,derived_merge=on,derived_with_keys=on,firstmatch=on,loosescan=on,materialization=on,in_to_exists=on,semijoin=on,partial_match_rowid_merge=on,partial_match_table_scan=on,subquery_cache=on,mrr=off,mrr_cost_based=off,mrr_sort_keys=off,outer_join_with_cache=on,semijoin_with_cache=on,join_cache_incremental=on,join_cache_hashed=on,join_cache_bka=on,optimize_join_buffer_size=off,table_elimination=on,extended_keys=on,exists_to_in=on,orderby_uses_equalities=on,condition_pushdown_for_derived=on,split_materialized=on The manual page at https://mariadb.com/kb/en/how-to-produce-a-full-stack-trace-for-mysqld/ contains information that should help you find out what is causing the crash. Writing a core file... Working directory at /usr/local/mysql/data Resource Limits: Limit Soft Limit Hard Limit Units Max cpu time unlimited unlimited seconds Max file size unlimited unlimited bytes Max data size unlimited unlimited bytes Max stack size 8388608 unlimited bytes Max core file size 0 0 bytes Max resident set unlimited unlimited bytes Max processes 127991 127991 processes Max open files 32190 32190 files Max locked memory 67108864 67108864 bytes Max address space unlimited unlimited bytes Max file locks unlimited unlimited locks Max pending signals 127991 127991 signals Max msgqueue size 819200 819200 bytes Max nice priority 0 0 Max realtime priority 0 0 Max realtime timeout unlimited unlimited us Core pattern: |/usr/share/apport/apport %p %s %c %d %P %E