mariadbd: /home/mariadb/sql/item.cc:10127: int stored_field_cmp_to_item(THD *, Field *, Item *): Assertion `0' failed.
260313 14:59:49 [ERROR] mysqld got signal 6 ;
Sorry, we probably made a mistake, and this is a bug.

Your assistance in bug reporting will enable us to fix this for the next release.
To report this bug, see https://mariadb.com/kb/en/reporting-bugs

We will try our best to scrape up some info that will hopefully help
diagnose the problem, but since we have already crashed, 
something is definitely wrong and this may fail.

Server version: 11.4.0-MariaDB-debug source revision: a82ab43fcb5404e1b2ab8744eb34ab717d71b6d9
key_buffer_size=134217728
read_buffer_size=131072
max_used_connections=1
max_threads=153
thread_count=1
It is possible that mysqld could use up to 
key_buffer_size + (read_buffer_size + sort_buffer_size)*max_threads = 468189 K  bytes of memory
Hope that's ok; if not, decrease some variables in the equation.

Thread pointer: 0x62c0001e0288
Attempting backtrace. You can use the following information to find out
where mysqld died. If you see no messages after this, something went
terribly wrong...
stack_bottom = 0x7fffd4209bf8 thread_stack 0x49000
addr2line: DWARF error: invalid or unhandled FORM value: 0x25
/usr/local/mysql/bin/mariadbd(__interceptor_backtrace+0x5b)[0x555555ee728b]
/usr/local/mysql/bin/mariadbd(my_print_stacktrace+0x127)[0x555557740ae7]
/usr/local/mysql/bin/mariadbd(handle_fatal_signal+0x472)[0x555556788c22]
sigaction.c:0(__restore_rt)[0x7ffff7c26420]
addr2line: DWARF error: section .debug_info is larger than its filesize! (0x93f189 vs 0x531050)
/lib/x86_64-linux-gnu/libc.so.6(gsignal+0xcb)[0x7ffff767500b]
/lib/x86_64-linux-gnu/libc.so.6(abort+0x12b)[0x7ffff7654859]
/lib/x86_64-linux-gnu/libc.so.6(+0x22729)[0x7ffff7654729]
/lib/x86_64-linux-gnu/libc.so.6(+0x33fd6)[0x7ffff7665fd6]
addr2line: DWARF error: invalid or unhandled FORM value: 0x25
/usr/local/mysql/bin/mariadbd(+0x12a1858)[0x5555567f5858]
item_cmpfunc.cc:0(convert_const_to_int(THD*, Item_field*, Item**))[0x55555680e12b]
/usr/local/mysql/bin/mariadbd(_ZN24Item_bool_rowready_func218fix_length_and_decEP3THD+0x7a)[0x55555680e90a]
/usr/local/mysql/bin/mariadbd(_ZN9Item_func10fix_fieldsEP3THDPP4Item+0x24d)[0x55555686d5bd]
/usr/local/mysql/bin/mariadbd(_ZN9Item_cond10fix_fieldsEP3THDPP4Item+0x4ec)[0x55555682ab5c]
/usr/local/mysql/bin/mariadbd(_Z13setup_on_exprP3THDP10TABLE_LISTb+0xbf)[0x5555560e2baf]
/usr/local/mysql/bin/mariadbd(_Z11setup_condsP3THDP10TABLE_LISTR4ListIS1_EPP4Item+0x44f)[0x5555560e34af]
sql_select.cc:0(setup_without_group(THD*, Bounds_checked_array<Item*>, TABLE_LIST*, List<TABLE_LIST>&, List<Item>&, List<Item>&, Item**, st_order*, st_order*, List<Window_spec>&, List<Item_window_func>&, bool*))[0x55555627dbbb]
/usr/local/mysql/bin/mariadbd(_ZN4JOIN7prepareEP10TABLE_LISTP4ItemjP8st_orderbS5_S3_S5_P13st_select_lexP18st_select_lex_unit+0xe79)[0x55555627bcf9]
/usr/local/mysql/bin/mariadbd(_Z12mysql_selectP3THDP10TABLE_LISTR4ListI4ItemEPS4_jP8st_orderS9_S7_S9_yP13select_resultP18st_select_lex_unitP13st_select_lex+0x3ea)[0x555556274faa]
/usr/local/mysql/bin/mariadbd(_Z13handle_selectP3THDP3LEXP13select_resulty+0x2d8)[0x555556274a38]
sql_parse.cc:0(execute_sqlcom_select(THD*, TABLE_LIST*))[0x5555561eb7a4]
/usr/local/mysql/bin/mariadbd(_Z21mysql_execute_commandP3THDb+0x4f83)[0x5555561e0ba3]
/usr/local/mysql/bin/mariadbd(_Z11mysql_parseP3THDPcjP12Parser_state+0x528)[0x5555561d19e8]
/usr/local/mysql/bin/mariadbd(_Z16dispatch_command19enum_server_commandP3THDPcjb+0x1ed4)[0x5555561cd644]
/usr/local/mysql/bin/mariadbd(_Z10do_commandP3THDb+0x7a2)[0x5555561d2812]
/usr/local/mysql/bin/mariadbd(_Z24do_handle_one_connectionP7CONNECTb+0x346)[0x5555564ad3f6]
/usr/local/mysql/bin/mariadbd(handle_one_connection+0x18c)[0x5555564acfbc]
/usr/local/mysql/bin/mariadbd(pfs_spawn_thread+0x11f)[0x555556e345ff]
nptl/pthread_create.c:478(start_thread)[0x7ffff7c1a609]
addr2line: DWARF error: section .debug_info is larger than its filesize! (0x93f189 vs 0x531050)
/lib/x86_64-linux-gnu/libc.so.6(clone+0x43)[0x7ffff7751353]

Trying to get some variables.
Some pointers may be invalid and cause the dump to abort.
Query (0x6290000fa2a8): SELECT t0.v1, t0.v2, t1.v1, t2.v3, t0.v6 FROM t0 INNER JOIN t1 ON t0.v1 = ST_GeomFromText('POINT(1 1)') AND t0.v2 = t1.v2 INNER JOIN t2 ON t0.v1 = t2.v1 WHERE t0.v5 IS TRUE AND t2.v1 BETWEEN 0.000000000000000001 AND 0.999999999999999999 ORDER BY t0.v6 DESC LIMIT 10 OFFSET 0 LOCK IN SHARE MODE

Connection ID (thread ID): 3
Status: NOT_KILLED

Optimizer switch: index_merge=on,index_merge_union=on,index_merge_sort_union=on,index_merge_intersection=on,index_merge_sort_intersection=off,index_condition_pushdown=on,derived_merge=on,derived_with_keys=on,firstmatch=on,loosescan=on,materialization=on,in_to_exists=on,semijoin=on,partial_match_rowid_merge=on,partial_match_table_scan=on,subquery_cache=on,mrr=off,mrr_cost_based=off,mrr_sort_keys=off,outer_join_with_cache=on,semijoin_with_cache=on,join_cache_incremental=on,join_cache_hashed=on,join_cache_bka=on,optimize_join_buffer_size=on,table_elimination=on,extended_keys=on,exists_to_in=on,orderby_uses_equalities=on,condition_pushdown_for_derived=on,split_materialized=on,condition_pushdown_for_subquery=on,rowid_filter=on,condition_pushdown_from_having=on,not_null_range_scan=off,hash_join_cardinality=on,cset_narrowing=off,sargable_casefold=on

The manual page at https://mariadb.com/kb/en/how-to-produce-a-full-stack-trace-for-mariadbd/ contains
information that should help you find out what is causing the crash.
Writing a core file...
Working directory at /home/fuzzysql/llmsql/fuzz/bugreplay/mariadbdata
Resource Limits:
Limit                     Soft Limit           Hard Limit           Units     
Max cpu time              unlimited            unlimited            seconds   
Max file size             unlimited            unlimited            bytes     
Max data size             unlimited            unlimited            bytes     
Max stack size            8388608              unlimited            bytes     
Max core file size        0                    unlimited            bytes     
Max resident set          unlimited            unlimited            bytes     
Max processes             unlimited            unlimited            processes 
Max open files            1048576              1048576              files     
Max locked memory         65536                65536                bytes     
Max address space         unlimited            unlimited            bytes     
Max file locks            unlimited            unlimited            locks     
Max pending signals       1029288              1029288              signals   
Max msgqueue size         819200               819200               bytes     
Max nice priority         0                    0                    
Max realtime priority     0                    0                    
Max realtime timeout      unlimited            unlimited            us        
Core pattern: core

Kernel version: Linux version 5.15.0-119-generic (buildd@lcy02-amd64-068) (gcc (Ubuntu 9.4.0-1ubuntu1~20.04.2) 9.4.0, GNU ld (GNU Binutils for Ubuntu) 2.34) #129~20.04.1-Ubuntu SMP Wed Aug 7 13:07:13 UTC 2024

2026-03-13 14:59:49 0 [Note] Starting MariaDB 11.4.0-MariaDB-debug source revision a82ab43fcb5404e1b2ab8744eb34ab717d71b6d9 as process 576016
2026-03-13 14:59:49 0 [Note] InnoDB: !!!!!!!! UNIV_DEBUG switched on !!!!!!!!!
2026-03-13 14:59:49 0 [Note] InnoDB: Compressed tables use zlib 1.2.11
2026-03-13 14:59:49 0 [Note] InnoDB: Number of transaction pools: 1
2026-03-13 14:59:49 0 [Note] InnoDB: Using crc32 + pclmulqdq instructions
2026-03-13 14:59:49 0 [Note] mariadbd: O_TMPFILE is not supported on /tmp (disabling future attempts)
2026-03-13 14:59:49 0 [Note] InnoDB: Initializing buffer pool, total size = 128.000MiB, chunk size = 2.000MiB
2026-03-13 14:59:49 0 [Note] InnoDB: Completed initialization of buffer pool
2026-03-13 14:59:49 0 [Note] InnoDB: Buffered log writes (block size=512 bytes)
2026-03-13 14:59:49 0 [Note] InnoDB: Starting crash recovery from checkpoint LSN=55108
2026-03-13 14:59:50 0 [Note] InnoDB: End of log at LSN=1125977
2026-03-13 14:59:50 0 [Note] InnoDB: To recover: 181 pages
2026-03-13 14:59:50 0 [Note] InnoDB: Opened 3 undo tablespaces
2026-03-13 14:59:50 0 [Note] InnoDB: 128 rollback segments in 3 undo tablespaces are active.
2026-03-13 14:59:50 0 [Note] InnoDB: Removed temporary tablespace data file: "./ibtmp1"
2026-03-13 14:59:50 0 [Note] InnoDB: Setting file './ibtmp1' size to 12.000MiB. Physically writing the file full; Please wait ...
2026-03-13 14:59:50 0 [Note] InnoDB: File './ibtmp1' size is now 12.000MiB.
2026-03-13 14:59:50 0 [Note] InnoDB: log sequence number 1125977; transaction id 2308
2026-03-13 14:59:50 0 [Note] InnoDB: Loading buffer pool(s) from /home/fuzzysql/llmsql/fuzz/bugreplay/mariadbdata/ib_buffer_pool
2026-03-13 14:59:50 0 [Note] Plugin 'FEEDBACK' is disabled.
2026-03-13 14:59:50 0 [Note] InnoDB: Buffer pool(s) load completed at 260313 14:59:50
2026-03-13 14:59:50 0 [Note] Plugin 'wsrep-provider' is disabled.
2026-03-13 14:59:50 0 [Note] Recovering after a crash using tc.log
2026-03-13 14:59:50 0 [Note] Starting table crash recovery...
2026-03-13 14:59:50 0 [Note] Crash table recovery finished.
2026-03-13 14:59:50 0 [Note] Server socket created on IP: '0.0.0.0'.
2026-03-13 14:59:50 0 [Note] Server socket created on IP: '::'.
2026-03-13 14:59:50 0 [Note] mariadbd: Event Scheduler: Loaded 0 events
2026-03-13 14:59:50 0 [Note] /usr/local/mysql/bin/mariadbd: ready for connections.
Version: '11.4.0-MariaDB-debug'  socket: '/tmp/mysql.sock'  port: 3306  Source distribution