SIGSEGV in trx_undo_build_roll_ptr on INSERT with binary logging enabled and using XA

# mysqld options required for replay: --log-bin 

CREATE TABLE t (i INT KEY,a GEOMETRY NOT NULL,b GEOMETRY NOT NULL,c INT,SPATIAL INDEX (a),KEY(a),KEY(b)) ENGINE=InnoDB;

SET unique_checks=0, foreign_key_checks=0;

CREATE TABLE t2 (d INT UNSIGNED NOT NULL,e CHAR NOT NULL DEFAULT'',PRIMARY KEY(d)) ENGINE=InnoDB;

XA START 'a';

INSERT INTO t2 VALUES (1,2),(1,3);

SELECT * FROM t;

INSERT INTO t2 VALUES (1,''),(3,''),(5,'');

Core was generated by `/test/MD260222-mariadb-10.9.0-linux-x86_64-dbg/bin/mysqld --no-defaults --core-'.

Program terminated with signal SIGSEGV, Segmentation fault.

#0  0x0000560bd6de8bdd in trx_undo_build_roll_ptr (offset=<optimized out>, 

    page_no=<optimized out>, rseg_id=<optimized out>, 

    is_insert=<optimized out>)

    at /test/10.9_dbg/storage/innobase/include/trx0undo.inl:45

[Current thread is 1 (Thread 0x154f3e117700 (LWP 877051))]

(gdb) bt

#0  0x0000560bd6de8bdd in trx_undo_build_roll_ptr (offset=<optimized out>, page_no=<optimized out>, rseg_id=<optimized out>, is_insert=<optimized out>) at /test/10.9_dbg/storage/innobase/include/trx0undo.inl:45

#1  trx_undo_report_row_operation (thr=thr@entry=0x154edc0480b0, index=index@entry=0x154edc01ff48, clust_entry=clust_entry@entry=0x154edc0238a8, update=update@entry=0x0, cmpl_info=cmpl_info@entry=0, rec=rec@entry=0x0, offsets=0x0, roll_ptr=0x0) at /test/10.9_dbg/storage/innobase/trx/trx0rec.cc:2191

#2  0x0000560bd6d2968c in row_ins_clust_index_entry_low (flags=flags@entry=0, mode=<optimized out>, mode@entry=2, index=index@entry=0x154edc01ff48, n_uniq=n_uniq@entry=1, entry=entry@entry=0x154edc0238a8, n_ext=n_ext@entry=0, thr=<optimized out>) at /test/10.9_dbg/storage/innobase/row/row0ins.cc:2679

#3  0x0000560bd6d2b790 in row_ins_clust_index_entry (index=index@entry=0x154edc01ff48, entry=entry@entry=0x154edc0238a8, thr=thr@entry=0x154edc0480b0, n_ext=n_ext@entry=0) at /test/10.9_dbg/storage/innobase/row/row0ins.cc:3251

#4  0x0000560bd6d3055a in row_ins_index_entry (thr=0x154edc0480b0, entry=0x154edc0238a8, index=0x154edc01ff48) at /test/10.9_dbg/storage/innobase/row/row0ins.cc:3388

#5  row_ins_index_entry_step (thr=0x154edc0480b0, node=0x154edc047e80) at /test/10.9_dbg/storage/innobase/row/row0ins.cc:3556

#6  row_ins (thr=0x154edc0480b0, node=0x154edc047e80) at /test/10.9_dbg/storage/innobase/row/row0ins.cc:3702

#7  row_ins_step (thr=thr@entry=0x154edc0480b0) at /test/10.9_dbg/storage/innobase/row/row0ins.cc:3848

#8  0x0000560bd6d5485c in row_insert_for_mysql (mysql_rec=mysql_rec@entry=0x154edc046c68 "\377\001", prebuilt=0x154edc047958, ins_mode=ROW_INS_NORMAL) at /test/10.9_dbg/storage/innobase/row/row0mysql.cc:1318

#9  0x0000560bd6bcfedb in ha_innobase::write_row (this=0x154edc0470f0, record=0x154edc046c68 "\377\001") at /test/10.9_dbg/storage/innobase/handler/ha_innodb.cc:7846

#10 0x0000560bd68293e7 in handler::ha_write_row (this=0x154edc0470f0, buf=0x154edc046c68 "\377\001") at /test/10.9_dbg/sql/handler.cc:7522

#11 0x0000560bd64bf3a0 in write_record (thd=thd@entry=0x154edc000db8, table=table@entry=0x154edc01e6b8, info=info@entry=0x154f3e115cd0, sink=sink@entry=0x0) at /test/10.9_dbg/sql/sql_insert.cc:2156

#12 0x0000560bd64cb0f6 in mysql_insert (thd=thd@entry=0x154edc000db8, table_list=0x154edc014000, fields=@0x154edc006080: {<base_list> = {<Sql_alloc> = {<No data fields>}, first = 0x560bd7b5f9a0 <end_of_list>, last = 0x154edc006080, elements = 0}, <No data fields>}, values_list=@0x154edc0060c8: {<base_list> = {<Sql_alloc> = {<No data fields>}, first = 0x154edc014c90, last = 0x154edc014f10, elements = 3}, <No data fields>}, update_fields=@0x154edc0060b0: {<base_list> = {<Sql_alloc> = {<No data fields>}, first = 0x560bd7b5f9a0 <end_of_list>, last = 0x154edc0060b0, elements = 0}, <No data fields>}, update_values=@0x154edc006098: {<base_list> = {<Sql_alloc> = {<No data fields>}, first = 0x560bd7b5f9a0 <end_of_list>, last = 0x154edc006098, elements = 0}, <No data fields>}, duplic=DUP_ERROR, ignore=false, result=0x0) at /test/10.9_dbg/sql/sql_insert.cc:1127

#13 0x0000560bd6511958 in mysql_execute_command (thd=thd@entry=0x154edc000db8, is_called_from_prepared_stmt=is_called_from_prepared_stmt@entry=false) at /test/10.9_dbg/sql/sql_parse.cc:4562

#14 0x0000560bd64fc343 in mysql_parse (thd=thd@entry=0x154edc000db8, rawbuf=<optimized out>, length=<optimized out>, parser_state=parser_state@entry=0x154f3e116400) at /test/10.9_dbg/sql/sql_parse.cc:8027

#15 0x0000560bd650afdf in dispatch_command (command=command@entry=COM_QUERY, thd=thd@entry=0x154edc000db8, packet=packet@entry=0x154edc00b9a9 "INSERT INTO t2 VALUES (1,''),(3,''),(5,'')", packet_length=packet_length@entry=42, blocking=blocking@entry=true) at /test/10.9_dbg/sql/sql_class.h:1362

#16 0x0000560bd650e426 in do_command (thd=0x154edc000db8, blocking=blocking@entry=true) at /test/10.9_dbg/sql/sql_parse.cc:1402

#17 0x0000560bd6689036 in do_handle_one_connection (connect=<optimized out>, connect@entry=0x560bd9d560d8, put_in_cache=put_in_cache@entry=true) at /test/10.9_dbg/sql/sql_connect.cc:1418

#18 0x0000560bd668963b in handle_one_connection (arg=arg@entry=0x560bd9d560d8) at /test/10.9_dbg/sql/sql_connect.cc:1312

#19 0x0000560bd6b0fd23 in pfs_spawn_thread (arg=0x560bd9c68d88) at /test/10.9_dbg/storage/perfschema/pfs.cc:2201

#20 0x0000154f5e0ed609 in start_thread (arg=<optimized out>) at pthread_create.c:477

#21 0x0000154f5dcdb293 in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:95