2022-07-28 15:32:57 0 [Note] InnoDB: !!!!!!!! UNIV_DEBUG switched on !!!!!!!!!
2022-07-28 15:32:57 0 [Note] InnoDB: Compressed tables use zlib 1.2.11
2022-07-28 15:32:57 0 [Note] InnoDB: Number of transaction pools: 1
2022-07-28 15:32:57 0 [Note] InnoDB: Using crc32 + pclmulqdq instructions
2022-07-28 15:32:57 0 [Note] InnoDB: Initializing buffer pool, total size = 128.000MiB, chunk size = 2.000MiB
2022-07-28 15:32:57 0 [Note] InnoDB: Completed initialization of buffer pool
2022-07-28 15:32:57 0 [Note] InnoDB: File system buffers for log disabled (block size=512 bytes)
2022-07-28 15:32:57 0 [Note] InnoDB: Starting crash recovery from checkpoint LSN=21049945400
2022-07-28 15:32:58 0 [Note] InnoDB: Starting final batch to recover 244 pages from redo log.
2022-07-28 15:32:58 0 [Note] InnoDB: 128 rollback segments are active.
2022-07-28 15:32:58 0 [Note] InnoDB: Removed temporary tablespace data file: "./ibtmp1"
2022-07-28 15:32:58 0 [Note] InnoDB: Setting file './ibtmp1' size to 12.000MiB. Physically writing the file full; Please wait ...
2022-07-28 15:32:58 0 [Note] InnoDB: File './ibtmp1' size is now 12.000MiB.
2022-07-28 15:32:58 0 [Note] InnoDB: log sequence number 21054942717; transaction id 32653666
2022-07-28 15:32:58 0 [Note] InnoDB: Loading buffer pool(s) from /usr/local/mysql/data/ib_buffer_pool
2022-07-28 15:32:58 0 [Note] Plugin 'FEEDBACK' is disabled.
2022-07-28 15:32:58 0 [Note] InnoDB: Buffer pool(s) load completed at 220728 15:32:58
2022-07-28 15:32:58 0 [Note] Server socket created on IP: '0.0.0.0'.
2022-07-28 15:32:58 0 [Note] Server socket created on IP: '::'.
2022-07-28 15:32:58 0 [Note] /usr/local/mysql/bin/mysqld: ready for connections.
Version: '10.10.0-MariaDB-debug'  socket: '/tmp/mysql.sock'  port: 3306  Source distribution
mysqld: /home/wsh/database_fuzz/mysql_fuzz/Mariadb_10.3/sql/item_subselect.cc:1497: virtual longlong Item_singlerow_subselect::val_int(): Assertion `fixed()' failed.
220728 15:33:00 [ERROR] mysqld got signal 6 ;
This could be because you hit a bug. It is also possible that this binary
or one of the libraries it was linked against is corrupt, improperly built,
or misconfigured. This error can also be caused by malfunctioning hardware.

To report this bug, see https://mariadb.com/kb/en/reporting-bugs

We will try our best to scrape up some info that will hopefully help
diagnose the problem, but since we have already crashed, 
something is definitely wrong and this may fail.

Server version: 10.10.0-MariaDB-debug
key_buffer_size=134217728
read_buffer_size=131072
max_used_connections=1
max_threads=2
thread_count=1
It is possible that mysqld could use up to 
key_buffer_size + (read_buffer_size + sort_buffer_size)*max_threads = 139555 K  bytes of memory
Hope that's ok; if not, decrease some variables in the equation.

Thread pointer: 0x62b00017a288
Attempting backtrace. You can use the following information to find out
where mysqld died. If you see no messages after this, something went
terribly wrong...
stack_bottom = 0x7fffffffd5a0 thread_stack 0x100000
??:0(__interceptor_sched_getaffinity)[0x7ffff6e6d8c0]
mysys/stacktrace.c:212(my_print_stacktrace)[0x555558efeaf7]
sql/signal_handler.cc:236(handle_fatal_signal)[0x555557aa3b16]
??:0(__restore_rt)[0x7ffff605e980]
linux/raise.c:51(__GI_raise)[0x7ffff5156e87]
stdlib/abort.c:81(__GI_abort)[0x7ffff51587f1]
assert/assert.c:89(__assert_fail_base)[0x7ffff51483fa]
??:0(__assert_fail)[0x7ffff5148472]
sql/item_subselect.cc:1498(Item_singlerow_subselect::val_int())[0x555557d28875]
sql/item.h:1779(Item::val_int_result())[0x555556e56192]
sql/item.cc:10125(Item_cache_int::cache_value())[0x555557b4ea88]
sql/item_cmpfunc.cc:1551(Item_in_optimizer::val_int())[0x555557b7ad26]
sql/item_func.cc:750(Item_int_func::val_real())[0x555557bf55b0]
sql/item.h:1778(Item::val_result())[0x555556e5611c]
sql/item.cc:10352(Item_cache_real::cache_value())[0x555557b51038]
sql/item.h:7099(Item_cache::has_value())[0x555557888374]
sql/item.cc:10360(Item_cache_real::val_real())[0x555557b5117c]
sql/item_cmpfunc.cc:831(Arg_comparator::compare_real())[0x555557b726d4]
sql/item_cmpfunc.h:103(Arg_comparator::compare())[0x555557bb3e30]
sql/item_cmpfunc.cc:1817(Item_func_lt::val_int())[0x555557b7da31]
sql/sql_type.cc:8707(Type_handler_int_result::Item_eq_value(THD*, Type_cmp_attributes const*, Item*, Item*) const)[0x555557869abc]
sql/item_cmpfunc.cc:6742(Item_equal::add_const(THD*, Item*))[0x555557ba97a2]
sql/item_cmpfunc.cc:6868(Item_equal::merge_with_check(THD*, Item_equal*, bool))[0x555557ba9e14]
sql/sql_select.cc:17766(propagate_new_equalities(THD*, Item*, List<Item_equal>*, COND_EQUAL*, bool*))[0x555557361498]
sql/sql_select.cc:17750(propagate_new_equalities(THD*, Item*, List<Item_equal>*, COND_EQUAL*, bool*))[0x5555573612f4]
sql/opt_subselect.cc:6128(and_new_conditions_to_optimized_cond(THD*, Item*, COND_EQUAL**, List<Item>&, Item::cond_result*))[0x55555779f4ae]
sql/sql_select.cc:2264(JOIN::optimize_inner())[0x5555572ee15d]
sql/sql_select.cc:1846(JOIN::optimize())[0x5555572e947e]
sql/sql_select.cc:5031(mysql_select(THD*, TABLE_LIST*, List<Item>&, Item*, unsigned int, st_order*, st_order*, Item*, st_order*, unsigned long long, select_result*, st_select_lex_unit*, st_select_lex*))[0x55555730ab40]
sql/sql_select.cc:579(handle_select(THD*, LEX*, select_result*, unsigned long))[0x5555572db135]
sql/sql_parse.cc:6260(execute_sqlcom_select(THD*, TABLE_LIST*))[0x555557202064]
sql/sql_parse.cc:3944(mysql_execute_command(THD*, bool))[0x5555571f09e1]
sql/sql_parse.cc:8036(mysql_parse(THD*, char*, unsigned int, Parser_state*))[0x55555720d0b2]
sql/sql_parse.cc:1896(dispatch_command(enum_server_command, THD*, char*, unsigned int, bool))[0x5555571e3d11]
sql/sql_parse.cc:1407(do_command(THD*, bool))[0x5555571dffdc]
sql/sql_connect.cc:1418(do_handle_one_connection(CONNECT*, bool))[0x555557687a70]
sql/mysqld.cc:5995(handle_connection_in_main_thread(CONNECT*))[0x555556e44cd9]
sql/mysqld.cc:6076(create_new_thread(CONNECT*))[0x555556e45569]
sql/mysqld.cc:6144(handle_accepted_socket(st_mysql_socket, st_mysql_socket))[0x555556e4589c]
sql/mysqld.cc:6260(handle_connections_sockets())[0x555556e46179]
sql/mysqld.cc:5912(mysqld_main(int, char**))[0x555556e44764]
sql/main.cc:36(main)[0x555556e2c8ca]
csu/libc-start.c:344(__libc_start_main)[0x7ffff5139c87]
??:0(_start)[0x555556e2c7ca]

Trying to get some variables.
Some pointers may be invalid and cause the dump to abort.
Query (0x62900015e3b9): SELECT v769 FROM v768 WHERE v769 IN ( v769 , 'x' NOT LIKE -1 ) GROUP BY v769 HAVING ( v769 IN ( ( ( SELECT ( SELECT v769 FROM v768 WHERE ( FALSE <= 127 BETWEEN 0 AND -2147483648 , v769 ) NOT IN ( SELECT ( v769 NOT IN ( v769 ) AND v769 NOT IN ( 63309275.000000 ^ v769 ) ) , v769 + v769 FROM v768 GROUP BY v769 HAVING ( v769 != 127 AND v769 = v769 AND ( NOT ( 'x' = 'x' AND FALSE = 90 ) ) AND v769 LIKE 'x' ) ) ) * -1 AS v770 FROM v768 WHERE NULL = v769 ) IN ( SELECT v769 FROM v768 ) ) < 'x' ) )

Connection ID (thread ID): 7
Status: NOT_KILLED

Optimizer switch: index_merge=on,index_merge_union=on,index_merge_sort_union=on,index_merge_intersection=on,index_merge_sort_intersection=off,engine_condition_pushdown=off,index_condition_pushdown=on,derived_merge=on,derived_with_keys=on,firstmatch=on,loosescan=on,materialization=on,in_to_exists=on,semijoin=on,partial_match_rowid_merge=on,partial_match_table_scan=on,subquery_cache=on,mrr=off,mrr_cost_based=off,mrr_sort_keys=off,outer_join_with_cache=on,semijoin_with_cache=on,join_cache_incremental=on,join_cache_hashed=on,join_cache_bka=on,optimize_join_buffer_size=on,table_elimination=on,extended_keys=on,exists_to_in=on,orderby_uses_equalities=on,condition_pushdown_for_derived=on,split_materialized=on,condition_pushdown_for_subquery=on,rowid_filter=on,condition_pushdown_from_having=on,not_null_range_scan=off

The manual page at https://mariadb.com/kb/en/how-to-produce-a-full-stack-trace-for-mysqld/ contains
information that should help you find out what is causing the crash.
Writing a core file...
Working directory at /usr/local/mysql/data
Resource Limits:
Limit                     Soft Limit           Hard Limit           Units     
Max cpu time              unlimited            unlimited            seconds   
Max file size             unlimited            unlimited            bytes     
Max data size             unlimited            unlimited            bytes     
Max stack size            8388608              unlimited            bytes     
Max core file size        0                    0                    bytes     
Max resident set          unlimited            unlimited            bytes     
Max processes             127990               127990               processes 
Max open files            32190                32190                files     
Max locked memory         67108864             67108864             bytes     
Max address space         unlimited            unlimited            bytes     
Max file locks            unlimited            unlimited            locks     
Max pending signals       127990               127990               signals   
Max msgqueue size         819200               819200               bytes     
Max nice priority         0                    0                    
Max realtime priority     0                    0                    
Max realtime timeout      unlimited            unlimited            us        
Core pattern: core

Kernel version: Linux version 5.4.0-122-generic (buildd@lcy02-amd64-035) (gcc version 7.5.0 (Ubuntu 7.5.0-3ubuntu1~18.04)) #138~18.04.1-Ubuntu SMP Fri Jun 24 14:14:03 UTC 2022