>	mysqld.exe!select_union::send_data(List<Item> & values={...})  Line 60 + 0x14 bytes	C++
 	mysqld.exe!JOIN::exec()  Line 1605 + 0x109 bytes	C++
 	mysqld.exe!mysql_select(THD * thd=0x0000000003c63248, Item * * * rref_pointer_array=0x000000000cfe8950, TABLE_LIST * tables=0x0000000000000000, unsigned int wild_num=0, List<Item> & fields={...}, Item * conds=0x0000000000000000, unsigned int og_num=0, st_order * order=0x0000000000000000, st_order * group=0x0000000000000000, Item * having=0x0000000000000000, st_order * proc_param=0x0000000000000000, unsigned __int64 select_options=2424588800, select_result * result=0x0000000003c787e8, st_select_lex_unit * unit=0x000000000cfe8388, st_select_lex * select_lex=0x000000000cfe8728)  Line 2276	C++
 	mysqld.exe!handle_select(THD * thd=0x0000000003c63248, st_lex * lex=0x000000000cfe82f8, select_result * result=0x0000000003c787e8, unsigned long setup_tables_done_option=0)  Line 257 + 0x139 bytes	C++
 	mysqld.exe!mysql_execute_command(THD * thd=0x0000000003c63248)  Line 2721 + 0x20 bytes	C++
 	mysqld.exe!mysql_open_cursor(THD * thd=0x0000000003c63248, unsigned int flags=2, select_result * result=0x000000000cfe8060, Server_side_cursor * * pcursor=0x000000000cfe8050)  Line 170 + 0xd bytes	C++
 	mysqld.exe!Prepared_statement::execute(String * expanded_query=0x000000000be8f068, bool open_cursor=true)  Line 3053 + 0x40 bytes	C++
 	mysqld.exe!mysql_stmt_execute(THD * thd=0x0000000003c63248, char * packet_arg=0x0000000003c702b9, unsigned int packet_length=141)  Line 2321 + 0x3e bytes	C++
 	mysqld.exe!dispatch_command(enum_server_command command=COM_STMT_EXECUTE, THD * thd=0x0000000003c63248, char * packet=0x0000000003c702b9, unsigned int packet_length=141)  Line 1833	C++
 	mysqld.exe!do_command(THD * thd=0x0000000003c63248)  Line 1581 + 0x41 bytes	C++
 	mysqld.exe!handle_one_connection(void * arg=0x0000000003c63248)  Line 1187 + 0xa bytes	C++
 	mysqld.exe!pthread_start(void * param=0x0000000003c1b6b0)  Line 85 + 0x9 bytes	C
 	mysqld.exe!_callthreadstart()  Line 295	C
 	mysqld.exe!_threadstart(void * ptd=0x0000000003c74330)  Line 277	C
 	kernel32.dll!BaseThreadStart()  + 0x3a bytes	


bool select_union::send_data(List<Item> &values)
{
  int error= 0;
  if (unit->offset_limit_cnt)
  {						// using limit offset,count
    unit->offset_limit_cnt--;
    return 0;
  }
  fill_record(thd, table->field, values, 1);  <------------ crash !!!
  if (thd->net.report_error)
    return 1;
    
    
table is null so referring to table->field crashes:
    
    
-		this	0x0000000003c787e8 {result=0x000000000cfe8060 materialized_cursor=0x8f8f8f8f8f8f8f8f }	select_union * const
-		[Select_materialize]	{result=0x000000000cfe8060 materialized_cursor=0x8f8f8f8f8f8f8f8f }	Select_materialize
+		select_union	{tmp_table_param={...} table=0x0000000000000000 }	select_union
+		result	0x000000000cfe8060 {protocol={...} }	select_result *
+		materialized_cursor	0x8f8f8f8f8f8f8f8f {main_mem_root={...} fake_unit={...} table=??? ...}	Materialized_cursor *
-		select_result_interceptor	{...}	select_result_interceptor
+		select_result	{thd=0x0000000003c63248 unit=0x000000000cfe8388 nest_level=4294967295 }	select_result
-		tmp_table_param	{copy_funcs={...} save_copy_funcs={...} copy_field=0x0000000003c79e78 ...}	TMP_TABLE_PARAM
		Sql_alloc	{...}	Sql_alloc
+		copy_funcs	{...}	List<Item>
+		save_copy_funcs	{...}	List<Item>
+		copy_field	0x0000000003c79e78 {from_ptr=0x8f8f8f8f8f8f8f8f <Bad Ptr> to_ptr=0x8f8f8f8f8f8f8f8f <Bad Ptr> from_null_ptr=0x8f8f8f8f8f8f8f8f <Bad Ptr> ...}	Copy_field *
+		copy_field_end	0x0000000003c79e78 {from_ptr=0x8f8f8f8f8f8f8f8f <Bad Ptr> to_ptr=0x8f8f8f8f8f8f8f8f <Bad Ptr> from_null_ptr=0x8f8f8f8f8f8f8f8f <Bad Ptr> ...}	Copy_field *
+		save_copy_field	0x8f8f8f8f8f8f8f8f {from_ptr=??? to_ptr=??? from_null_ptr=??? ...}	Copy_field *
+		save_copy_field_end	0x8f8f8f8f8f8f8f8f {from_ptr=??? to_ptr=??? from_null_ptr=??? ...}	Copy_field *
+		group_buff	0x8f8f8f8f8f8f8f8f <Bad Ptr>	unsigned char *
+		items_to_copy	0x000000000dfd6a10	Item * *
+		recinfo	0x000000000dfd6ad8 {type=-274 length=65262 offset=4277075694 ...}	st_columndef *
+		start_recinfo	0x000000000dfd6a78 {type=-274 length=65262 offset=4277075694 ...}	st_columndef *
+		keyinfo	0x000000000dfd6a18 {key_length=4277075694 flags=4277075694 key_parts=4277075694 ...}	st_key *
		end_write_records	18446744073709551615	unsigned __int64
		field_count	1	unsigned int
		sum_func_count	0	unsigned int
		func_count	1	unsigned int
		hidden_field_count	0	unsigned int
		group_parts	0	unsigned int
		group_length	0	unsigned int
		group_null_parts	0	unsigned int
		quick_group	1	unsigned int
		using_indirect_summary_function	false	bool
		convert_blob_length	0	unsigned int
+		table_charset	0x0000000000000000 {number=??? primary_number=??? binary_number=??? ...}	charset_info_st *
		schema_table	false	bool
		precomputed_group_by	false	bool
		force_copy_fields	false	bool
+		table	0x0000000000000000 {s=??? file=??? next=??? ...}	st_table *
+		values	{...}	List<Item> &
		error	0	int