2022-07-28 15:41:30 0 [Note] InnoDB: !!!!!!!! UNIV_DEBUG switched on !!!!!!!!!
2022-07-28 15:41:30 0 [Note] InnoDB: Compressed tables use zlib 1.2.11
2022-07-28 15:41:30 0 [Note] InnoDB: Number of transaction pools: 1
2022-07-28 15:41:30 0 [Note] InnoDB: Using crc32 + pclmulqdq instructions
2022-07-28 15:41:30 0 [Note] InnoDB: Initializing buffer pool, total size = 128.000MiB, chunk size = 2.000MiB
2022-07-28 15:41:30 0 [Note] InnoDB: Completed initialization of buffer pool
2022-07-28 15:41:30 0 [Note] InnoDB: File system buffers for log disabled (block size=512 bytes)
2022-07-28 15:41:30 0 [Note] InnoDB: Starting crash recovery from checkpoint LSN=21049945400
2022-07-28 15:41:31 0 [Note] InnoDB: Starting final batch to recover 272 pages from redo log.
2022-07-28 15:41:31 0 [Note] InnoDB: 128 rollback segments are active.
2022-07-28 15:41:31 0 [Note] InnoDB: Removed temporary tablespace data file: "./ibtmp1"
2022-07-28 15:41:31 0 [Note] InnoDB: Setting file './ibtmp1' size to 12.000MiB. Physically writing the file full; Please wait ...
2022-07-28 15:41:31 0 [Note] InnoDB: File './ibtmp1' size is now 12.000MiB.
2022-07-28 15:41:31 0 [Note] InnoDB: log sequence number 21055606690; transaction id 32655746
2022-07-28 15:41:31 0 [Note] InnoDB: Loading buffer pool(s) from /usr/local/mysql/data/ib_buffer_pool
2022-07-28 15:41:31 0 [Note] Plugin 'FEEDBACK' is disabled.
2022-07-28 15:41:31 0 [Note] InnoDB: Buffer pool(s) load completed at 220728 15:41:31
2022-07-28 15:41:31 0 [Note] Server socket created on IP: '0.0.0.0'.
2022-07-28 15:41:31 0 [Note] Server socket created on IP: '::'.
2022-07-28 15:41:31 0 [Note] /usr/local/mysql/bin/mysqld: ready for connections.
Version: '10.10.0-MariaDB-debug'  socket: '/tmp/mysql.sock'  port: 3306  Source distribution
ASAN:DEADLYSIGNAL
=================================================================
==8670==ERROR: AddressSanitizer: SEGV on unknown address 0x000000000008 (pc 0x555557b39d0b bp 0x7fffffffa230 sp 0x7fffffffa180 T0)
==8670==The signal is caused by a READ memory access.
==8670==Hint: address points to the zero page.
    #0 0x555557b39d0a in Item_direct_view_ref::grouping_field_transformer_for_where(THD*, unsigned char*) /home/wsh/database_fuzz/mysql_fuzz/Mariadb_10.3/sql/item.cc:7846
    #1 0x555557b3d3ec in Item_ref::transform(THD*, Item* (Item::*)(THD*, unsigned char*), unsigned char*) /home/wsh/database_fuzz/mysql_fuzz/Mariadb_10.3/sql/item.cc:8303
    #2 0x555557bf2ba6 in Item_args::transform_args(THD*, Item* (Item::*)(THD*, unsigned char*), unsigned char*) /home/wsh/database_fuzz/mysql_fuzz/Mariadb_10.3/sql/item_func.cc:470
    #3 0x555557bf2d60 in Item_func::transform(THD*, Item* (Item::*)(THD*, unsigned char*), unsigned char*) /home/wsh/database_fuzz/mysql_fuzz/Mariadb_10.3/sql/item_func.cc:506
    #4 0x555557b9bcfa in Item_cond::transform(THD*, Item* (Item::*)(THD*, unsigned char*), unsigned char*) /home/wsh/database_fuzz/mysql_fuzz/Mariadb_10.3/sql/item_cmpfunc.cc:5134
    #5 0x555557bf2ba6 in Item_args::transform_args(THD*, Item* (Item::*)(THD*, unsigned char*), unsigned char*) /home/wsh/database_fuzz/mysql_fuzz/Mariadb_10.3/sql/item_func.cc:470
    #6 0x555557bf2d60 in Item_func::transform(THD*, Item* (Item::*)(THD*, unsigned char*), unsigned char*) /home/wsh/database_fuzz/mysql_fuzz/Mariadb_10.3/sql/item_func.cc:506
    #7 0x555557bf2ba6 in Item_args::transform_args(THD*, Item* (Item::*)(THD*, unsigned char*), unsigned char*) /home/wsh/database_fuzz/mysql_fuzz/Mariadb_10.3/sql/item_func.cc:470
    #8 0x555557bf2d60 in Item_func::transform(THD*, Item* (Item::*)(THD*, unsigned char*), unsigned char*) /home/wsh/database_fuzz/mysql_fuzz/Mariadb_10.3/sql/item_func.cc:506
    #9 0x5555571107bd in transform_condition_or_part(THD*, Item*, Item* (Item::*)(THD*, unsigned char*), unsigned char*) /home/wsh/database_fuzz/mysql_fuzz/Mariadb_10.3/sql/sql_derived.cc:1404
    #10 0x5555571a6191 in st_select_lex::pushdown_cond_into_where_clause(THD*, Item*, Item**, Item* (Item::*)(THD*, unsigned char*), unsigned char*) /home/wsh/database_fuzz/mysql_fuzz/Mariadb_10.3/sql/sql_lex.cc:10704
    #11 0x5555571115ba in pushdown_cond_for_derived(THD*, Item*, TABLE_LIST*) /home/wsh/database_fuzz/mysql_fuzz/Mariadb_10.3/sql/sql_derived.cc:1597
    #12 0x5555572ee913 in JOIN::optimize_inner() /home/wsh/database_fuzz/mysql_fuzz/Mariadb_10.3/sql/sql_select.cc:2319
    #13 0x5555572e947d in JOIN::optimize() /home/wsh/database_fuzz/mysql_fuzz/Mariadb_10.3/sql/sql_select.cc:1846
    #14 0x55555730ab3f in mysql_select(THD*, TABLE_LIST*, List<Item>&, Item*, unsigned int, st_order*, st_order*, Item*, st_order*, unsigned long long, select_result*, st_select_lex_unit*, st_select_lex*) /home/wsh/database_fuzz/mysql_fuzz/Mariadb_10.3/sql/sql_select.cc:5031
    #15 0x5555572db134 in handle_select(THD*, LEX*, select_result*, unsigned long) /home/wsh/database_fuzz/mysql_fuzz/Mariadb_10.3/sql/sql_select.cc:579
    #16 0x555557202063 in execute_sqlcom_select /home/wsh/database_fuzz/mysql_fuzz/Mariadb_10.3/sql/sql_parse.cc:6260
    #17 0x5555571f09e0 in mysql_execute_command(THD*, bool) /home/wsh/database_fuzz/mysql_fuzz/Mariadb_10.3/sql/sql_parse.cc:3944
    #18 0x55555720d0b1 in mysql_parse(THD*, char*, unsigned int, Parser_state*) /home/wsh/database_fuzz/mysql_fuzz/Mariadb_10.3/sql/sql_parse.cc:8036
    #19 0x5555571e3d10 in dispatch_command(enum_server_command, THD*, char*, unsigned int, bool) /home/wsh/database_fuzz/mysql_fuzz/Mariadb_10.3/sql/sql_parse.cc:1991
    #20 0x5555571dffdb in do_command(THD*, bool) /home/wsh/database_fuzz/mysql_fuzz/Mariadb_10.3/sql/sql_parse.cc:1407
    #21 0x555557687a6f in do_handle_one_connection(CONNECT*, bool) /home/wsh/database_fuzz/mysql_fuzz/Mariadb_10.3/sql/sql_connect.cc:1418
    #22 0x555556e44cd8 in handle_connection_in_main_thread(CONNECT*) /home/wsh/database_fuzz/mysql_fuzz/Mariadb_10.3/sql/mysqld.cc:5994
    #23 0x555556e45568 in create_new_thread(CONNECT*) /home/wsh/database_fuzz/mysql_fuzz/Mariadb_10.3/sql/mysqld.cc:6074
    #24 0x555556e4589b in handle_accepted_socket(st_mysql_socket, st_mysql_socket) /home/wsh/database_fuzz/mysql_fuzz/Mariadb_10.3/sql/mysqld.cc:6136
    #25 0x555556e46178 in handle_connections_sockets() /home/wsh/database_fuzz/mysql_fuzz/Mariadb_10.3/sql/mysqld.cc:6260
    #26 0x555556e44763 in mysqld_main(int, char**) /home/wsh/database_fuzz/mysql_fuzz/Mariadb_10.3/sql/mysqld.cc:5910
    #27 0x555556e2c8c9 in main /home/wsh/database_fuzz/mysql_fuzz/Mariadb_10.3/sql/main.cc:34
    #28 0x7ffff5139c86 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x21c86)
    #29 0x555556e2c7c9 in _start (/usr/local/mysql/bin/mariadbd+0x18d87c9)

AddressSanitizer can not provide additional info.
SUMMARY: AddressSanitizer: SEGV /home/wsh/database_fuzz/mysql_fuzz/Mariadb_10.3/sql/item.cc:7846 in Item_direct_view_ref::grouping_field_transformer_for_where(THD*, unsigned char*)
==8670==ABORTING