Stack smashing/looping, ASAN use-after-poison in xid_t::eq/event_xid_t::serialize, SIGSEGV in serialize_xid and Assertion `is_async_xac || thd->lex->xid->eq(thd->transaction->xid_state.get_xid())' failed in binlog_rollback_flush_trx_cache upon LOAD INDEX

--source include/have_binlog_format_row.inc

CREATE TABLE t (c INT KEY);

XA START 'a';

INSERT INTO t VALUES (1);

XA END 'a';

XA PREPARE 'a';

LOAD INDEX INTO CACHE c KEY(PRIMARY);

mariadbd: /test/bb-10.6-MDEV-31949_PATCH3_dbg/sql/log.cc:1908: int binlog_rollback_flush_trx_cache(THD*, bool, binlog_cache_mngr*): Assertion `is_async_xac || thd->lex->xid->eq(thd->transaction->xid_state.get_xid())' failed.

Core was generated by `/test/PATCH3_MD031023-mariadb-10.6.16-linux-x86_64-dbg/bin/mariadbd --defaults-'.

Program terminated with signal SIGABRT, Aborted.

#0  __pthread_kill_implementation (no_tid=0, signo=6, threadid=23118334043712)

    at ./nptl/pthread_kill.c:44

[Current thread is 1 (Thread 0x1506a816a640 (LWP 2099466))]

(gdb) bt

#0  __pthread_kill_implementation (no_tid=0, signo=6, threadid=23118334043712) at ./nptl/pthread_kill.c:44

#1  __pthread_kill_internal (signo=6, threadid=23118334043712) at ./nptl/pthread_kill.c:78

#2  __GI___pthread_kill (threadid=23118334043712, signo=signo@entry=6) at ./nptl/pthread_kill.c:89

#3  0x00001506ad842476 in __GI_raise (sig=sig@entry=6) at ../sysdeps/posix/raise.c:26

#4  0x00001506ad8287f3 in __GI_abort () at ./stdlib/abort.c:79

#5  0x00001506ad82871b in __assert_fail_base (fmt=0x1506ad9dd150 "%s%s%s:%u: %s%sAssertion `%s' failed.\n%n", assertion=0x561808af9ef8 "is_async_xac || thd->lex->xid->eq(thd->transaction->xid_state.get_xid())", file=0x561808af57d0 "/test/bb-10.6-MDEV-31949_PATCH3_dbg/sql/log.cc", line=1908, function=<optimized out>) at ./assert/assert.c:92

#6  0x00001506ad839e96 in __GI___assert_fail (assertion=0x561808af9ef8 "is_async_xac || thd->lex->xid->eq(thd->transaction->xid_state.get_xid())", file=0x561808af57d0 "/test/bb-10.6-MDEV-31949_PATCH3_dbg/sql/log.cc", line=1908, function=0x561808af9f48 "int binlog_rollback_flush_trx_cache(THD*, bool, binlog_cache_mngr*)") at ./assert/assert.c:101

#7  0x000056180817ccc9 in binlog_rollback_flush_trx_cache (thd=thd@entry=0x15068c000d58, all=all@entry=true, cache_mngr=cache_mngr@entry=0x15068c053cb8) at /test/bb-10.6-MDEV-31949_PATCH3_dbg/sql/log.cc:1908

#8  0x000056180817d2c9 in binlog_rollback (hton=<optimized out>, thd=0x15068c000d58, all=<optimized out>) at /test/bb-10.6-MDEV-31949_PATCH3_dbg/sql/log.cc:2402

#9  0x000056180802e72c in ha_rollback_trans (thd=thd@entry=0x15068c000d58, all=all@entry=true) at /test/bb-10.6-MDEV-31949_PATCH3_dbg/sql/handler.cc:2224

#10 0x0000561807ed4841 in trans_rollback_implicit (thd=thd@entry=0x15068c000d58) at /test/bb-10.6-MDEV-31949_PATCH3_dbg/sql/transaction.cc:421

#11 0x0000561807ed288b in mysql_admin_table (thd=thd@entry=0x15068c000d58, tables=tables@entry=0x15068c0147c0, check_opt=check_opt@entry=0x0, operator_name=operator_name@entry=0x5618091e5160 <msg_preload_keys>, lock_type=lock_type@entry=TL_READ_NO_INSERT, org_open_for_modify=org_open_for_modify@entry=false, repair_table_use_frm=false, extra_open_options=0, prepare_func=0x0, operator_func=<optimized out>, view_operator_func=0x0, is_cmd_replicated=false) at /test/bb-10.6-MDEV-31949_PATCH3_dbg/sql/sql_admin.cc:1326

#12 0x0000561807ed32a5 in mysql_preload_keys (thd=thd@entry=0x15068c000d58, tables=tables@entry=0x15068c0147c0) at /test/bb-10.6-MDEV-31949_PATCH3_dbg/sql/sql_admin.cc:1470

#13 0x0000561807d756c8 in mysql_execute_command (thd=thd@entry=0x15068c000d58, is_called_from_prepared_stmt=is_called_from_prepared_stmt@entry=false) at /test/bb-10.6-MDEV-31949_PATCH3_dbg/sql/sql_parse.cc:4103

#14 0x0000561807d7c492 in mysql_parse (thd=thd@entry=0x15068c000d58, rawbuf=<optimized out>, length=<optimized out>, parser_state=parser_state@entry=0x1506a81691f0) at /test/bb-10.6-MDEV-31949_PATCH3_dbg/sql/sql_parse.cc:8050

#15 0x0000561807d7e808 in dispatch_command (command=command@entry=COM_QUERY, thd=thd@entry=0x15068c000d58, packet=packet@entry=0x15068c00b0a9 "", packet_length=packet_length@entry=36, blocking=blocking@entry=true) at /test/bb-10.6-MDEV-31949_PATCH3_dbg/sql/sql_class.h:241

#16 0x0000561807d80925 in do_command (thd=0x15068c000d58, blocking=blocking@entry=true) at /test/bb-10.6-MDEV-31949_PATCH3_dbg/sql/sql_parse.cc:1409

#17 0x0000561807ebf76d in do_handle_one_connection (connect=<optimized out>, connect@entry=0x56180ad28e78, put_in_cache=put_in_cache@entry=true) at /test/bb-10.6-MDEV-31949_PATCH3_dbg/sql/sql_connect.cc:1416

#18 0x0000561807ebfa62 in handle_one_connection (arg=arg@entry=0x56180ad28e78) at /test/bb-10.6-MDEV-31949_PATCH3_dbg/sql/sql_connect.cc:1318

#19 0x000056180830d4f6 in pfs_spawn_thread (arg=0x56180acbbb78) at /test/bb-10.6-MDEV-31949_PATCH3_dbg/storage/perfschema/pfs.cc:2201

#20 0x00001506ad894b43 in start_thread (arg=<optimized out>) at ./nptl/pthread_create.c:442

#21 0x00001506ad926a00 in clone3 () at ../sysdeps/unix/sysv/linux/x86_64/clone3.S:81

Core was generated by `/test/PATCH3_MD031023-mariadb-10.6.16-linux-x86_64-opt/bin/mariadbd --defaults-'.

Program terminated with signal SIGSEGV, Segmentation fault.

#0  0x000055fa07f38c2c in serialize_xid (dat=0x1490c4010b98 "c", 

    bln=22611996202680, gln=94532378857040, fmt=693719617, 

    buf=0x1490e08aea7c "X'630001c49014", '0' <repeats 36 times>, "980b01c49014000001", '0' <repeats 30 times>, "f80b01c490140000f80b01c49014000001", '0' <repeats 15 times>, "100000007140000146a5508fa55000007", '0' <repeats 14 times>, "508edc"...) at /test/bb-10.6-MDEV-31949_PATCH3_opt/sql/log_event.h:3166

[Current thread is 1 (LWP 2106500)]

(gdb) bt

#0  0x000055fa07f38c2c in serialize_xid (dat=0x1490c4010b98 "c", bln=22611996202680, gln=94532378857040, fmt=693719617, buf=0x1490e08aea7c "X'630001c49014", '0' <repeats 36 times>, "980b01c49014000001", '0' <repeats 30 times>, "f80b01c490140000f80b01c49014000001", '0' <repeats 15 times>, "100000007140000146a5508fa55000007", '0' <repeats 14 times>, "508edc"...) at /test/bb-10.6-MDEV-31949_PATCH3_opt/sql/log_event.h:3166

#1  event_xid_t::serialize (buf_arg=0x1490e08aea7c "X'630001c49014", '0' <repeats 36 times>, "980b01c49014000001", '0' <repeats 30 times>, "f80b01c490140000f80b01c49014000001", '0' <repeats 15 times>, "100000007140000146a5508fa55000007", '0' <repeats 14 times>, "508edc"..., this=0x1490c4010b80) at /test/bb-10.6-MDEV-31949_PATCH3_opt/sql/log_event.h:3215

#2  serialize_with_xid (q_len=12, query=0x1490e08aea63 "XA ROLLBACK ", buf=0x1490e08aea70 "XA ROLLBACK X'630001c49014", '0' <repeats 36 times>, "980b01c49014000001", '0' <repeats 30 times>, "f80b01c490140000f80b01c49014000001", '0' <repeats 15 times>, "100000007140000146a5508fa5500000700000000"..., xid=0x1490c4010b80) at /test/bb-10.6-MDEV-31949_PATCH3_opt/sql/log.cc:1838

#3  binlog_rollback_flush_trx_cache (thd=0x1490c4000c68, all=<optimized out>, cache_mngr=0x1490c403ea28) at /test/bb-10.6-MDEV-31949_PATCH3_opt/sql/log.cc:1910

#4  0x3030303030303030 in ?? ()

#5  0x3030303030303030 in ?? ()

#6  0x3030303030303030 in ?? ()

#7  0x3030303030303030 in ?? ()

#8  0x3030303030303030 in ?? ()

#9  0x3030303030303030 in ?? ()

...

#989 0x3030303030303030 in ?? ()

#990 0x3030303030303030 in ?? ()

#991 0x3030303030303030 in ?? ()

#992 0x3030303030303030 in ?? ()